Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet Explorer Redirects


  • This topic is locked This topic is locked
19 replies to this topic

#1 UpgradeMe

UpgradeMe

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA USA
  • Local time:10:41 PM

Posted 21 July 2011 - 10:55 AM

I have something causing Internet Explorer to redirect from google search links to various places. Avast recognizes the redirect problem and stops the transfer, but I am having trouble navigating the net. Please help!

I did a scan with MBAM and a "HKEY_CLASSES_ROOT\.fsharproj" infection was found, but after I removed the item the problem was still present.

Thanks in advance...

Edited by UpgradeMe, 21 July 2011 - 06:01 PM.


BC AdBot (Login to Remove)

 


#2 UpgradeMe

UpgradeMe
  • Topic Starter

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA USA
  • Local time:10:41 PM

Posted 21 July 2011 - 05:04 PM

Help me please :(!

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:41 PM

Posted 21 July 2011 - 08:39 PM

Hello,

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.5.9.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.



Reboot into Safe Mode with Networking
How to enter safe mode(XP/Vista)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode with Networking using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.




Next run Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 UpgradeMe

UpgradeMe
  • Topic Starter

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA USA
  • Local time:10:41 PM

Posted 22 July 2011 - 08:17 AM

Thanks for your help so far. TDSS and SAS found some things and removed them. When I ran the MBAM scan at the end the HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) was back again. That's the 3rd time, so I think it will be back again once I reboot. I noticed awhile back that a phantom L DVD drive had been created. Well, it's gone now I am happy to say. There is some weird behavior going on on my desktop. When I drop a new file on the desktop or delete one there, some sort of a weird reading pattern starts to happen, like something is reading what's on the desktop. Then icons get moved...like they switch places. Sometimes they are on top of each other. Here are the logs:

2011/07/22 00:04:27.0344 2200 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/22 00:04:27.0969 2200 ================================================================================
2011/07/22 00:04:27.0969 2200 SystemInfo:
2011/07/22 00:04:27.0969 2200
2011/07/22 00:04:27.0969 2200 OS Version: 5.1.2600 ServicePack: 3.0
2011/07/22 00:04:27.0969 2200 Product type: Workstation
2011/07/22 00:04:27.0969 2200 ComputerName: HP16823713025
2011/07/22 00:04:27.0969 2200 UserName: Administrator
2011/07/22 00:04:27.0969 2200 Windows directory: C:\WINDOWS
2011/07/22 00:04:27.0969 2200 System windows directory: C:\WINDOWS
2011/07/22 00:04:27.0969 2200 Processor architecture: Intel x86
2011/07/22 00:04:27.0969 2200 Number of processors: 2
2011/07/22 00:04:27.0969 2200 Page size: 0x1000
2011/07/22 00:04:27.0969 2200 Boot type: Normal boot
2011/07/22 00:04:27.0969 2200 ================================================================================
2011/07/22 00:04:29.0453 2200 Initialize success
2011/07/22 00:23:02.0922 6196 ================================================================================
2011/07/22 00:23:02.0922 6196 Scan started
2011/07/22 00:23:02.0922 6196 Mode: Manual;
2011/07/22 00:23:02.0922 6196 ================================================================================
2011/07/22 00:23:04.0859 6196 Aavmker4 (dfcdd5936cad0138775d5a105d4c7716) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/07/22 00:23:04.0922 6196 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
2011/07/22 00:23:04.0984 6196 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/07/22 00:23:05.0000 6196 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/07/22 00:23:05.0016 6196 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/07/22 00:23:05.0047 6196 adpu320 (0ea9b1f0c6c90a509c8603775366adb7) C:\WINDOWS\system32\DRIVERS\adpu320.sys
2011/07/22 00:23:05.0063 6196 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/07/22 00:23:05.0125 6196 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/07/22 00:23:05.0172 6196 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/07/22 00:23:05.0188 6196 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/07/22 00:23:05.0266 6196 ARCSOFTVIRTUALCAPTURE (177c2262957a324e3d14009f031538e8) C:\WINDOWS\system32\DRIVERS\ArcSoftVirtualCapture.sys
2011/07/22 00:23:05.0344 6196 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/07/22 00:23:05.0359 6196 aswMon2 (7857e0b4c817f69ff463eea2c63e56f9) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/07/22 00:23:05.0375 6196 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/07/22 00:23:05.0422 6196 aswSnx (17230708a2028cd995656df455f2e303) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/07/22 00:23:05.0453 6196 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\WINDOWS\system32\drivers\aswSP.sys
2011/07/22 00:23:05.0484 6196 aswTdi (984cfce2168286c2511695c2f9621475) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/07/22 00:23:05.0500 6196 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/07/22 00:23:05.0516 6196 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/07/22 00:23:05.0563 6196 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/07/22 00:23:05.0609 6196 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/07/22 00:23:05.0656 6196 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/07/22 00:23:05.0688 6196 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/07/22 00:23:05.0703 6196 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/07/22 00:23:05.0734 6196 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/07/22 00:23:05.0750 6196 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/07/22 00:23:05.0781 6196 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/07/22 00:23:05.0922 6196 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/07/22 00:23:05.0969 6196 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/07/22 00:23:06.0016 6196 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/07/22 00:23:06.0031 6196 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/07/22 00:23:06.0063 6196 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/07/22 00:23:06.0109 6196 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/07/22 00:23:06.0156 6196 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/07/22 00:23:06.0203 6196 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/07/22 00:23:06.0234 6196 e1express (00192f0c612591d585594e9467e6ca8b) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
2011/07/22 00:23:06.0297 6196 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/07/22 00:23:06.0313 6196 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/07/22 00:23:06.0344 6196 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/07/22 00:23:06.0375 6196 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/07/22 00:23:06.0422 6196 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/07/22 00:23:06.0438 6196 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/07/22 00:23:06.0469 6196 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/07/22 00:23:06.0516 6196 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/07/22 00:23:06.0563 6196 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/07/22 00:23:06.0609 6196 HECI (d0fc694df051bc65946db616f20d1168) C:\WINDOWS\system32\DRIVERS\HECI.sys
2011/07/22 00:23:06.0656 6196 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/07/22 00:23:06.0734 6196 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/07/22 00:23:06.0797 6196 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/07/22 00:23:06.0844 6196 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
2011/07/22 00:23:06.0875 6196 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
2011/07/22 00:23:06.0891 6196 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
2011/07/22 00:23:06.0922 6196 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
2011/07/22 00:23:06.0953 6196 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
2011/07/22 00:23:06.0984 6196 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
2011/07/22 00:23:07.0016 6196 iAimFP5 (0308aef61941e4af478fa1a0f83812f5) C:\WINDOWS\system32\DRIVERS\wADV07nt.sys
2011/07/22 00:23:07.0047 6196 iAimFP6 (714038a8aa5de08e12062202cd7eaeb5) C:\WINDOWS\system32\DRIVERS\wADV08nt.sys
2011/07/22 00:23:07.0063 6196 iAimFP7 (7bb3aa595e4507a788de1cdc63f4c8c4) C:\WINDOWS\system32\DRIVERS\wADV09nt.sys
2011/07/22 00:23:07.0094 6196 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
2011/07/22 00:23:07.0125 6196 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
2011/07/22 00:23:07.0172 6196 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
2011/07/22 00:23:07.0297 6196 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
2011/07/22 00:23:07.0328 6196 iAimTV5 (791cc45de6e50445be72e8ad6401ff45) C:\WINDOWS\system32\DRIVERS\wATV10nt.sys
2011/07/22 00:23:07.0359 6196 iAimTV6 (352fa0e98bc461ce1ce5d41f64db558d) C:\WINDOWS\system32\DRIVERS\wATV06nt.sys
2011/07/22 00:23:07.0406 6196 iaStor (019cf5f31c67030841233c545a0e217a) C:\WINDOWS\system32\DRIVERS\iaStor.sys
2011/07/22 00:23:07.0453 6196 IFXTPM (f67554da27d5b55efcb6c7cb4818fbfd) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
2011/07/22 00:23:07.0484 6196 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/07/22 00:23:07.0625 6196 IntcAzAudAddService (418fe3a08346ccca61bc9a04457f46cf) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/07/22 00:23:07.0734 6196 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/07/22 00:23:07.0766 6196 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/07/22 00:23:07.0781 6196 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/07/22 00:23:07.0813 6196 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/07/22 00:23:07.0844 6196 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/07/22 00:23:07.0859 6196 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/07/22 00:23:07.0891 6196 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/07/22 00:23:07.0922 6196 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/07/22 00:23:07.0938 6196 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/07/22 00:23:07.0953 6196 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/07/22 00:23:07.0969 6196 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/07/22 00:23:08.0016 6196 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/07/22 00:23:08.0047 6196 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/07/22 00:23:08.0141 6196 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\WINDOWS\system32\DRIVERS\mcdbus.sys
2011/07/22 00:23:08.0188 6196 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/07/22 00:23:08.0219 6196 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/07/22 00:23:08.0234 6196 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/07/22 00:23:08.0266 6196 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/07/22 00:23:08.0297 6196 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/07/22 00:23:08.0328 6196 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
2011/07/22 00:23:08.0359 6196 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/07/22 00:23:08.0422 6196 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/07/22 00:23:08.0453 6196 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/07/22 00:23:08.0469 6196 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/07/22 00:23:08.0500 6196 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/07/22 00:23:08.0531 6196 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/07/22 00:23:08.0563 6196 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/07/22 00:23:08.0594 6196 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/07/22 00:23:08.0625 6196 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/07/22 00:23:08.0656 6196 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/07/22 00:23:08.0688 6196 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/07/22 00:23:08.0734 6196 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/07/22 00:23:08.0766 6196 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/07/22 00:23:08.0859 6196 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/07/22 00:23:09.0000 6196 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/07/22 00:23:09.0047 6196 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/07/22 00:23:09.0063 6196 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/07/22 00:23:09.0109 6196 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/07/22 00:23:09.0156 6196 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/07/22 00:23:09.0188 6196 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/07/22 00:23:09.0234 6196 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/07/22 00:23:09.0500 6196 nv (ae6fcf506a4bc33b287bcbc75f71f728) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/07/22 00:23:09.0703 6196 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/07/22 00:23:09.0719 6196 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/07/22 00:23:09.0750 6196 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
2011/07/22 00:23:09.0766 6196 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/07/22 00:23:09.0781 6196 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/07/22 00:23:09.0813 6196 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/07/22 00:23:09.0844 6196 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/07/22 00:23:09.0875 6196 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/07/22 00:23:09.0906 6196 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/07/22 00:23:09.0984 6196 pdiddcci (a893b05b457f2e7eca0e5ea867e2249d) C:\WINDOWS\system32\DRIVERS\pdiddcci.sys
2011/07/22 00:23:10.0000 6196 PdiPorts (18ed1d71fef6f71d38c24263500bbd01) C:\WINDOWS\system32\Drivers\PdiPorts.sys
2011/07/22 00:23:10.0109 6196 PersonalSecureDrive (9abf51856b69b6a343988bc7d74840c4) C:\WINDOWS\System32\drivers\psd.sys
2011/07/22 00:23:10.0141 6196 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/07/22 00:23:10.0156 6196 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/07/22 00:23:10.0188 6196 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/07/22 00:23:10.0219 6196 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/07/22 00:23:10.0250 6196 QCDonner (fddd1aeb9f81ef1e6e48ae1edc2a97d6) C:\WINDOWS\system32\DRIVERS\OVCD.sys
2011/07/22 00:23:10.0359 6196 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/07/22 00:23:10.0391 6196 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/07/22 00:23:10.0406 6196 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/07/22 00:23:10.0438 6196 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/07/22 00:23:10.0469 6196 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/07/22 00:23:10.0484 6196 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/07/22 00:23:10.0500 6196 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/07/22 00:23:10.0547 6196 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/07/22 00:23:10.0594 6196 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/07/22 00:23:10.0734 6196 SANDRA (230fd3749904ca045ea5ec0aa14006e9) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\Sandra.sys
2011/07/22 00:23:10.0781 6196 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/07/22 00:23:10.0906 6196 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/07/22 00:23:11.0078 6196 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/07/22 00:23:11.0188 6196 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/07/22 00:23:11.0422 6196 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/07/22 00:23:11.0469 6196 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/07/22 00:23:11.0531 6196 sptd (d390675b8ce45e5fb359338e5e649329) C:\WINDOWS\system32\Drivers\sptd.sys
2011/07/22 00:23:11.0531 6196 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: d390675b8ce45e5fb359338e5e649329
2011/07/22 00:23:11.0531 6196 sptd - detected LockedFile.Multi.Generic (1)
2011/07/22 00:23:11.0547 6196 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/07/22 00:23:11.0594 6196 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/07/22 00:23:11.0641 6196 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys
2011/07/22 00:23:11.0672 6196 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/07/22 00:23:11.0719 6196 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/07/22 00:23:11.0750 6196 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/07/22 00:23:11.0797 6196 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/07/22 00:23:11.0828 6196 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/07/22 00:23:11.0859 6196 Symmpi (f2b7e8416f508368ac6730e2ae1c614f) C:\WINDOWS\system32\DRIVERS\symmpi.sys
2011/07/22 00:23:11.0891 6196 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/07/22 00:23:11.0906 6196 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/07/22 00:23:11.0938 6196 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/07/22 00:23:11.0984 6196 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/07/22 00:23:12.0031 6196 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/07/22 00:23:12.0047 6196 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/07/22 00:23:12.0078 6196 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/07/22 00:23:12.0141 6196 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/07/22 00:23:12.0219 6196 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/07/22 00:23:12.0281 6196 USBAVCap (abcbef8b4b8c0181aff2ae77b41ccfea) C:\WINDOWS\system32\drivers\USBAVCap.sys
2011/07/22 00:23:12.0328 6196 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/07/22 00:23:12.0375 6196 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/07/22 00:23:12.0406 6196 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/07/22 00:23:12.0438 6196 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/07/22 00:23:12.0469 6196 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/07/22 00:23:12.0484 6196 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/07/22 00:23:12.0547 6196 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/07/22 00:23:12.0609 6196 VBoxDrv (3de2e217627bb058bbe5e04b95a59b0c) C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
2011/07/22 00:23:12.0641 6196 VBoxNetAdp (a708bbadde4e4374bf15b0c064b7e7ce) C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
2011/07/22 00:23:12.0656 6196 VBoxNetFlt (5154f5bad19a83463d0359ed3af28b60) C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys
2011/07/22 00:23:12.0719 6196 VBoxUSBMon (c0fa5a87fa5e3ae0079f436ca1449107) C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
2011/07/22 00:23:12.0734 6196 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/07/22 00:23:12.0766 6196 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/07/22 00:23:12.0797 6196 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/07/22 00:23:12.0828 6196 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/07/22 00:23:12.0891 6196 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/07/22 00:23:12.0938 6196 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/07/22 00:23:12.0984 6196 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/07/22 00:23:13.0047 6196 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/07/22 00:23:13.0078 6196 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/07/22 00:23:13.0125 6196 MBR (0x1B8) (edc00a9c9e79634953f952c6d701052f) \Device\Harddisk0\DR0
2011/07/22 00:23:13.0250 6196 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
2011/07/22 00:23:13.0422 6196 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk2\DR4
2011/07/22 00:23:13.0438 6196 Boot (0x1200) (f98a855d3d28eb84f9a8dc26a2aea793) \Device\Harddisk0\DR0\Partition0
2011/07/22 00:23:13.0438 6196 Boot (0x1200) (ff82bb24d55553fc21e7d5535debd131) \Device\Harddisk1\DR1\Partition0
2011/07/22 00:23:13.0453 6196 Boot (0x1200) (555beb0499599f6604826cf3d3a3b436) \Device\Harddisk2\DR4\Partition0
2011/07/22 00:23:13.0453 6196 ================================================================================
2011/07/22 00:23:13.0453 6196 Scan finished
2011/07/22 00:23:13.0453 6196 ================================================================================
2011/07/22 00:23:13.0469 6940 Detected object count: 1
2011/07/22 00:23:13.0484 6940 Actual detected object count: 1
2011/07/22 00:24:17.0641 6940 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/07/22 00:24:28.0781 0800 ================================================================================
2011/07/22 00:24:28.0781 0800 Scan started
2011/07/22 00:24:28.0781 0800 Mode: Manual;
2011/07/22 00:24:28.0781 0800 ================================================================================
2011/07/22 00:24:30.0578 0800 Aavmker4 (dfcdd5936cad0138775d5a105d4c7716) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/07/22 00:24:30.0641 0800 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
2011/07/22 00:24:30.0688 0800 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/07/22 00:24:30.0703 0800 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/07/22 00:24:30.0719 0800 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/07/22 00:24:30.0734 0800 adpu320 (0ea9b1f0c6c90a509c8603775366adb7) C:\WINDOWS\system32\DRIVERS\adpu320.sys
2011/07/22 00:24:30.0766 0800 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/07/22 00:24:30.0813 0800 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/07/22 00:24:30.0844 0800 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/07/22 00:24:30.0859 0800 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/07/22 00:24:30.0938 0800 ARCSOFTVIRTUALCAPTURE (177c2262957a324e3d14009f031538e8) C:\WINDOWS\system32\DRIVERS\ArcSoftVirtualCapture.sys
2011/07/22 00:24:31.0016 0800 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/07/22 00:24:31.0031 0800 aswMon2 (7857e0b4c817f69ff463eea2c63e56f9) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/07/22 00:24:31.0063 0800 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/07/22 00:24:31.0094 0800 aswSnx (17230708a2028cd995656df455f2e303) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/07/22 00:24:31.0125 0800 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\WINDOWS\system32\drivers\aswSP.sys
2011/07/22 00:24:31.0156 0800 aswTdi (984cfce2168286c2511695c2f9621475) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/07/22 00:24:31.0172 0800 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/07/22 00:24:31.0188 0800 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/07/22 00:24:31.0234 0800 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/07/22 00:24:31.0266 0800 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/07/22 00:24:31.0297 0800 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/07/22 00:24:31.0328 0800 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/07/22 00:24:31.0344 0800 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/07/22 00:24:31.0375 0800 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/07/22 00:24:31.0406 0800 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/07/22 00:24:31.0438 0800 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/07/22 00:24:31.0578 0800 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/07/22 00:24:31.0625 0800 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/07/22 00:24:31.0656 0800 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/07/22 00:24:31.0688 0800 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/07/22 00:24:31.0703 0800 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/07/22 00:24:31.0734 0800 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/07/22 00:24:31.0766 0800 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/07/22 00:24:31.0813 0800 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/07/22 00:24:31.0844 0800 e1express (00192f0c612591d585594e9467e6ca8b) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
2011/07/22 00:24:31.0891 0800 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/07/22 00:24:31.0906 0800 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/07/22 00:24:31.0922 0800 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/07/22 00:24:31.0953 0800 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/07/22 00:24:32.0000 0800 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/07/22 00:24:32.0016 0800 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/07/22 00:24:32.0031 0800 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/07/22 00:24:32.0078 0800 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/07/22 00:24:32.0109 0800 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/07/22 00:24:32.0141 0800 HECI (d0fc694df051bc65946db616f20d1168) C:\WINDOWS\system32\DRIVERS\HECI.sys
2011/07/22 00:24:32.0188 0800 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/07/22 00:24:32.0266 0800 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/07/22 00:24:32.0328 0800 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/07/22 00:24:32.0359 0800 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
2011/07/22 00:24:32.0391 0800 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
2011/07/22 00:24:32.0406 0800 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
2011/07/22 00:24:32.0438 0800 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
2011/07/22 00:24:32.0469 0800 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
2011/07/22 00:24:32.0516 0800 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
2011/07/22 00:24:32.0531 0800 iAimFP5 (0308aef61941e4af478fa1a0f83812f5) C:\WINDOWS\system32\DRIVERS\wADV07nt.sys
2011/07/22 00:24:32.0563 0800 iAimFP6 (714038a8aa5de08e12062202cd7eaeb5) C:\WINDOWS\system32\DRIVERS\wADV08nt.sys
2011/07/22 00:24:32.0594 0800 iAimFP7 (7bb3aa595e4507a788de1cdc63f4c8c4) C:\WINDOWS\system32\DRIVERS\wADV09nt.sys
2011/07/22 00:24:32.0609 0800 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
2011/07/22 00:24:32.0641 0800 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
2011/07/22 00:24:32.0672 0800 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
2011/07/22 00:24:32.0703 0800 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
2011/07/22 00:24:32.0734 0800 iAimTV5 (791cc45de6e50445be72e8ad6401ff45) C:\WINDOWS\system32\DRIVERS\wATV10nt.sys
2011/07/22 00:24:32.0766 0800 iAimTV6 (352fa0e98bc461ce1ce5d41f64db558d) C:\WINDOWS\system32\DRIVERS\wATV06nt.sys
2011/07/22 00:24:32.0813 0800 iaStor (019cf5f31c67030841233c545a0e217a) C:\WINDOWS\system32\DRIVERS\iaStor.sys
2011/07/22 00:24:32.0844 0800 IFXTPM (f67554da27d5b55efcb6c7cb4818fbfd) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
2011/07/22 00:24:32.0875 0800 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/07/22 00:24:33.0016 0800 IntcAzAudAddService (418fe3a08346ccca61bc9a04457f46cf) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/07/22 00:24:33.0078 0800 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/07/22 00:24:33.0109 0800 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/07/22 00:24:33.0125 0800 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/07/22 00:24:33.0156 0800 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/07/22 00:24:33.0188 0800 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/07/22 00:24:33.0203 0800 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/07/22 00:24:33.0219 0800 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/07/22 00:24:33.0250 0800 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/07/22 00:24:33.0266 0800 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/07/22 00:24:33.0297 0800 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/07/22 00:24:33.0313 0800 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/07/22 00:24:33.0344 0800 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/07/22 00:24:33.0375 0800 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/07/22 00:24:33.0484 0800 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\WINDOWS\system32\DRIVERS\mcdbus.sys
2011/07/22 00:24:33.0516 0800 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/07/22 00:24:33.0563 0800 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/07/22 00:24:33.0578 0800 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/07/22 00:24:33.0609 0800 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/07/22 00:24:33.0625 0800 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/07/22 00:24:33.0656 0800 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
2011/07/22 00:24:33.0703 0800 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/07/22 00:24:33.0750 0800 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/07/22 00:24:33.0781 0800 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/07/22 00:24:33.0813 0800 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/07/22 00:24:33.0844 0800 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/07/22 00:24:33.0875 0800 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/07/22 00:24:33.0891 0800 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/07/22 00:24:33.0906 0800 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/07/22 00:24:33.0938 0800 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/07/22 00:24:33.0969 0800 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/07/22 00:24:34.0000 0800 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/07/22 00:24:34.0031 0800 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/07/22 00:24:34.0063 0800 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/07/22 00:24:34.0094 0800 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/07/22 00:24:34.0109 0800 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/07/22 00:24:34.0188 0800 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/07/22 00:24:34.0203 0800 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/07/22 00:24:34.0234 0800 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/07/22 00:24:34.0281 0800 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/07/22 00:24:34.0313 0800 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/07/22 00:24:34.0344 0800 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/07/22 00:24:34.0563 0800 nv (ae6fcf506a4bc33b287bcbc75f71f728) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/07/22 00:24:34.0656 0800 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/07/22 00:24:34.0672 0800 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/07/22 00:24:34.0703 0800 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
2011/07/22 00:24:34.0719 0800 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/07/22 00:24:34.0734 0800 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/07/22 00:24:34.0766 0800 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/07/22 00:24:34.0797 0800 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/07/22 00:24:34.0828 0800 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/07/22 00:24:34.0859 0800 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/07/22 00:24:34.0922 0800 pdiddcci (a893b05b457f2e7eca0e5ea867e2249d) C:\WINDOWS\system32\DRIVERS\pdiddcci.sys
2011/07/22 00:24:34.0953 0800 PdiPorts (18ed1d71fef6f71d38c24263500bbd01) C:\WINDOWS\system32\Drivers\PdiPorts.sys
2011/07/22 00:24:35.0047 0800 PersonalSecureDrive (9abf51856b69b6a343988bc7d74840c4) C:\WINDOWS\System32\drivers\psd.sys
2011/07/22 00:24:35.0078 0800 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/07/22 00:24:35.0094 0800 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/07/22 00:24:35.0109 0800 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/07/22 00:24:35.0141 0800 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/07/22 00:24:35.0172 0800 QCDonner (fddd1aeb9f81ef1e6e48ae1edc2a97d6) C:\WINDOWS\system32\DRIVERS\OVCD.sys
2011/07/22 00:24:35.0281 0800 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/07/22 00:24:35.0297 0800 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/07/22 00:24:35.0328 0800 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/07/22 00:24:35.0344 0800 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/07/22 00:24:35.0359 0800 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/07/22 00:24:35.0375 0800 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/07/22 00:24:35.0391 0800 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/07/22 00:24:35.0438 0800 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/07/22 00:24:35.0453 0800 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/07/22 00:24:35.0547 0800 SANDRA (230fd3749904ca045ea5ec0aa14006e9) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\Sandra.sys
2011/07/22 00:24:35.0594 0800 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/07/22 00:24:35.0609 0800 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/07/22 00:24:35.0641 0800 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/07/22 00:24:35.0672 0800 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/07/22 00:24:35.0719 0800 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/07/22 00:24:35.0781 0800 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/07/22 00:24:35.0828 0800 sptd (d390675b8ce45e5fb359338e5e649329) C:\WINDOWS\system32\Drivers\sptd.sys
2011/07/22 00:24:35.0828 0800 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: d390675b8ce45e5fb359338e5e649329
2011/07/22 00:24:35.0828 0800 sptd - detected LockedFile.Multi.Generic (1)
2011/07/22 00:24:35.0844 0800 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/07/22 00:24:35.0906 0800 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/07/22 00:24:35.0953 0800 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys
2011/07/22 00:24:35.0969 0800 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/07/22 00:24:36.0000 0800 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/07/22 00:24:36.0047 0800 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/07/22 00:24:36.0078 0800 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/07/22 00:24:36.0109 0800 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/07/22 00:24:36.0125 0800 Symmpi (f2b7e8416f508368ac6730e2ae1c614f) C:\WINDOWS\system32\DRIVERS\symmpi.sys
2011/07/22 00:24:36.0156 0800 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/07/22 00:24:36.0203 0800 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/07/22 00:24:36.0234 0800 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/07/22 00:24:36.0281 0800 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/07/22 00:24:36.0313 0800 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/07/22 00:24:36.0344 0800 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/07/22 00:24:36.0359 0800 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/07/22 00:24:36.0422 0800 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/07/22 00:24:36.0484 0800 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/07/22 00:24:36.0547 0800 USBAVCap (abcbef8b4b8c0181aff2ae77b41ccfea) C:\WINDOWS\system32\drivers\USBAVCap.sys
2011/07/22 00:24:36.0578 0800 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/07/22 00:24:36.0625 0800 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/07/22 00:24:36.0656 0800 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/07/22 00:24:36.0688 0800 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/07/22 00:24:36.0719 0800 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/07/22 00:24:36.0750 0800 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/07/22 00:24:36.0781 0800 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/07/22 00:24:36.0813 0800 VBoxDrv (3de2e217627bb058bbe5e04b95a59b0c) C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
2011/07/22 00:24:36.0828 0800 VBoxNetAdp (a708bbadde4e4374bf15b0c064b7e7ce) C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
2011/07/22 00:24:36.0859 0800 VBoxNetFlt (5154f5bad19a83463d0359ed3af28b60) C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys
2011/07/22 00:24:36.0922 0800 VBoxUSBMon (c0fa5a87fa5e3ae0079f436ca1449107) C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
2011/07/22 00:24:36.0953 0800 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/07/22 00:24:36.0984 0800 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/07/22 00:24:37.0000 0800 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/07/22 00:24:37.0047 0800 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/07/22 00:24:37.0094 0800 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/07/22 00:24:37.0141 0800 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/07/22 00:24:37.0188 0800 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/07/22 00:24:37.0219 0800 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/07/22 00:24:37.0250 0800 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/07/22 00:24:37.0297 0800 MBR (0x1B8) (edc00a9c9e79634953f952c6d701052f) \Device\Harddisk0\DR0
2011/07/22 00:24:37.0906 0800 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
2011/07/22 00:24:38.0094 0800 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk2\DR4
2011/07/22 00:24:38.0109 0800 Boot (0x1200) (f98a855d3d28eb84f9a8dc26a2aea793) \Device\Harddisk0\DR0\Partition0
2011/07/22 00:24:38.0109 0800 Boot (0x1200) (ff82bb24d55553fc21e7d5535debd131) \Device\Harddisk1\DR1\Partition0
2011/07/22 00:24:38.0125 0800 Boot (0x1200) (555beb0499599f6604826cf3d3a3b436) \Device\Harddisk2\DR4\Partition0
2011/07/22 00:24:38.0125 0800 ================================================================================
2011/07/22 00:24:38.0125 0800 Scan finished
2011/07/22 00:24:38.0125 0800 ================================================================================
2011/07/22 00:24:38.0156 1736 Detected object count: 1
2011/07/22 00:24:38.0156 1736 Actual detected object count: 1
2011/07/22 00:25:50.0031 1736 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/07/22 00:26:14.0250 5964 ================================================================================
2011/07/22 00:26:14.0250 5964 Scan started
2011/07/22 00:26:14.0250 5964 Mode: Manual;
2011/07/22 00:26:14.0250 5964 ================================================================================
2011/07/22 00:26:16.0031 5964 Aavmker4 (dfcdd5936cad0138775d5a105d4c7716) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/07/22 00:26:16.0094 5964 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
2011/07/22 00:26:16.0156 5964 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/07/22 00:26:16.0172 5964 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/07/22 00:26:16.0188 5964 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/07/22 00:26:16.0203 5964 adpu320 (0ea9b1f0c6c90a509c8603775366adb7) C:\WINDOWS\system32\DRIVERS\adpu320.sys
2011/07/22 00:26:16.0219 5964 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/07/22 00:26:16.0281 5964 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/07/22 00:26:16.0344 5964 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/07/22 00:26:16.0359 5964 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/07/22 00:26:16.0422 5964 ARCSOFTVIRTUALCAPTURE (177c2262957a324e3d14009f031538e8) C:\WINDOWS\system32\DRIVERS\ArcSoftVirtualCapture.sys
2011/07/22 00:26:16.0516 5964 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/07/22 00:26:16.0531 5964 aswMon2 (7857e0b4c817f69ff463eea2c63e56f9) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/07/22 00:26:16.0547 5964 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/07/22 00:26:16.0578 5964 aswSnx (17230708a2028cd995656df455f2e303) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/07/22 00:26:16.0609 5964 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\WINDOWS\system32\drivers\aswSP.sys
2011/07/22 00:26:16.0641 5964 aswTdi (984cfce2168286c2511695c2f9621475) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/07/22 00:26:16.0656 5964 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/07/22 00:26:16.0672 5964 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/07/22 00:26:16.0719 5964 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/07/22 00:26:16.0750 5964 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/07/22 00:26:16.0797 5964 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/07/22 00:26:16.0844 5964 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/07/22 00:26:16.0859 5964 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/07/22 00:26:16.0891 5964 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/07/22 00:26:16.0906 5964 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/07/22 00:26:16.0938 5964 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/07/22 00:26:17.0078 5964 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/07/22 00:26:17.0109 5964 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/07/22 00:26:17.0156 5964 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/07/22 00:26:17.0172 5964 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/07/22 00:26:17.0203 5964 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/07/22 00:26:17.0234 5964 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/07/22 00:26:17.0266 5964 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/07/22 00:26:17.0297 5964 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/07/22 00:26:17.0344 5964 e1express (00192f0c612591d585594e9467e6ca8b) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
2011/07/22 00:26:17.0406 5964 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/07/22 00:26:17.0422 5964 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/07/22 00:26:17.0438 5964 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/07/22 00:26:17.0469 5964 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/07/22 00:26:17.0516 5964 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/07/22 00:26:17.0531 5964 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/07/22 00:26:17.0563 5964 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/07/22 00:26:17.0594 5964 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/07/22 00:26:17.0641 5964 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/07/22 00:26:17.0688 5964 HECI (d0fc694df051bc65946db616f20d1168) C:\WINDOWS\system32\DRIVERS\HECI.sys
2011/07/22 00:26:17.0719 5964 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/07/22 00:26:17.0797 5964 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/07/22 00:26:17.0844 5964 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/07/22 00:26:17.0875 5964 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
2011/07/22 00:26:17.0906 5964 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
2011/07/22 00:26:17.0938 5964 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
2011/07/22 00:26:17.0953 5964 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
2011/07/22 00:26:17.0984 5964 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
2011/07/22 00:26:18.0016 5964 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
2011/07/22 00:26:18.0047 5964 iAimFP5 (0308aef61941e4af478fa1a0f83812f5) C:\WINDOWS\system32\DRIVERS\wADV07nt.sys
2011/07/22 00:26:18.0078 5964 iAimFP6 (714038a8aa5de08e12062202cd7eaeb5) C:\WINDOWS\system32\DRIVERS\wADV08nt.sys
2011/07/22 00:26:18.0109 5964 iAimFP7 (7bb3aa595e4507a788de1cdc63f4c8c4) C:\WINDOWS\system32\DRIVERS\wADV09nt.sys
2011/07/22 00:26:18.0125 5964 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
2011/07/22 00:26:18.0156 5964 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
2011/07/22 00:26:18.0188 5964 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
2011/07/22 00:26:18.0203 5964 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
2011/07/22 00:26:18.0234 5964 iAimTV5 (791cc45de6e50445be72e8ad6401ff45) C:\WINDOWS\system32\DRIVERS\wATV10nt.sys
2011/07/22 00:26:18.0266 5964 iAimTV6 (352fa0e98bc461ce1ce5d41f64db558d) C:\WINDOWS\system32\DRIVERS\wATV06nt.sys
2011/07/22 00:26:18.0313 5964 iaStor (019cf5f31c67030841233c545a0e217a) C:\WINDOWS\system32\DRIVERS\iaStor.sys
2011/07/22 00:26:18.0344 5964 IFXTPM (f67554da27d5b55efcb6c7cb4818fbfd) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
2011/07/22 00:26:18.0375 5964 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/07/22 00:26:18.0547 5964 IntcAzAudAddService (418fe3a08346ccca61bc9a04457f46cf) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/07/22 00:26:18.0625 5964 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/07/22 00:26:18.0656 5964 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/07/22 00:26:18.0688 5964 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/07/22 00:26:18.0719 5964 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/07/22 00:26:18.0734 5964 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/07/22 00:26:18.0750 5964 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/07/22 00:26:18.0781 5964 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/07/22 00:26:18.0828 5964 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/07/22 00:26:18.0844 5964 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/07/22 00:26:18.0859 5964 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/07/22 00:26:18.0875 5964 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/07/22 00:26:18.0922 5964 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/07/22 00:26:18.0969 5964 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/07/22 00:26:19.0031 5964 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\WINDOWS\system32\DRIVERS\mcdbus.sys
2011/07/22 00:26:19.0063 5964 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/07/22 00:26:19.0109 5964 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/07/22 00:26:19.0125 5964 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/07/22 00:26:19.0141 5964 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/07/22 00:26:19.0172 5964 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/07/22 00:26:19.0203 5964 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
2011/07/22 00:26:19.0234 5964 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/07/22 00:26:19.0281 5964 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/07/22 00:26:19.0328 5964 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/07/22 00:26:19.0359 5964 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/07/22 00:26:19.0391 5964 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/07/22 00:26:19.0422 5964 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/07/22 00:26:19.0453 5964 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/07/22 00:26:19.0469 5964 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/07/22 00:26:19.0500 5964 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/07/22 00:26:19.0531 5964 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/07/22 00:26:19.0563 5964 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/07/22 00:26:19.0594 5964 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/07/22 00:26:19.0625 5964 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/07/22 00:26:19.0656 5964 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/07/22 00:26:19.0672 5964 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/07/22 00:26:19.0719 5964 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/07/22 00:26:19.0781 5964 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/07/22 00:26:19.0922 5964 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/07/22 00:26:19.0984 5964 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/07/22 00:26:20.0172 5964 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/07/22 00:26:20.0234 5964 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/07/22 00:26:20.0484 5964 nv (ae6fcf506a4bc33b287bcbc75f71f728) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/07/22 00:26:20.0578 5964 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/07/22 00:26:20.0594 5964 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/07/22 00:26:20.0625 5964 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
2011/07/22 00:26:20.0641 5964 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/07/22 00:26:20.0656 5964 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/07/22 00:26:20.0688 5964 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/07/22 00:26:20.0719 5964 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/07/22 00:26:20.0750 5964 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/07/22 00:26:20.0797 5964 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/07/22 00:26:20.0859 5964 pdiddcci (a893b05b457f2e7eca0e5ea867e2249d) C:\WINDOWS\system32\DRIVERS\pdiddcci.sys
2011/07/22 00:26:20.0891 5964 PdiPorts (18ed1d71fef6f71d38c24263500bbd01) C:\WINDOWS\system32\Drivers\PdiPorts.sys
2011/07/22 00:26:21.0000 5964 PersonalSecureDrive (9abf51856b69b6a343988bc7d74840c4) C:\WINDOWS\System32\drivers\psd.sys
2011/07/22 00:26:21.0016 5964 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/07/22 00:26:21.0047 5964 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/07/22 00:26:21.0063 5964 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/07/22 00:26:21.0094 5964 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/07/22 00:26:21.0125 5964 QCDonner (fddd1aeb9f81ef1e6e48ae1edc2a97d6) C:\WINDOWS\system32\DRIVERS\OVCD.sys
2011/07/22 00:26:21.0219 5964 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/07/22 00:26:21.0250 5964 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/07/22 00:26:21.0266 5964 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/07/22 00:26:21.0281 5964 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/07/22 00:26:21.0297 5964 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/07/22 00:26:21.0328 5964 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/07/22 00:26:21.0359 5964 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/07/22 00:26:21.0391 5964 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/07/22 00:26:21.0422 5964 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/07/22 00:26:21.0516 5964 SANDRA (230fd3749904ca045ea5ec0aa14006e9) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\Sandra.sys
2011/07/22 00:26:21.0578 5964 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/07/22 00:26:21.0594 5964 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/07/22 00:26:21.0625 5964 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/07/22 00:26:21.0672 5964 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/07/22 00:26:21.0734 5964 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/07/22 00:26:21.0797 5964 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/07/22 00:26:21.0859 5964 sptd (d390675b8ce45e5fb359338e5e649329) C:\WINDOWS\system32\Drivers\sptd.sys
2011/07/22 00:26:21.0859 5964 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: d390675b8ce45e5fb359338e5e649329
2011/07/22 00:26:21.0859 5964 sptd - detected LockedFile.Multi.Generic (1)
2011/07/22 00:26:21.0891 5964 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/07/22 00:26:21.0938 5964 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/07/22 00:26:21.0984 5964 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys
2011/07/22 00:26:22.0016 5964 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/07/22 00:26:22.0047 5964 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/07/22 00:26:22.0094 5964 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/07/22 00:26:22.0125 5964 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/07/22 00:26:22.0141 5964 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/07/22 00:26:22.0172 5964 Symmpi (f2b7e8416f508368ac6730e2ae1c614f) C:\WINDOWS\system32\DRIVERS\symmpi.sys
2011/07/22 00:26:22.0203 5964 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/07/22 00:26:22.0219 5964 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/07/22 00:26:22.0250 5964 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/07/22 00:26:22.0297 5964 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/07/22 00:26:22.0328 5964 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/07/22 00:26:22.0359 5964 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/07/22 00:26:22.0375 5964 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/07/22 00:26:22.0438 5964 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/07/22 00:26:22.0516 5964 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/07/22 00:26:22.0578 5964 USBAVCap (abcbef8b4b8c0181aff2ae77b41ccfea) C:\WINDOWS\system32\drivers\USBAVCap.sys
2011/07/22 00:26:22.0609 5964 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/07/22 00:26:22.0656 5964 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/07/22 00:26:22.0688 5964 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/07/22 00:26:22.0734 5964 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/07/22 00:26:22.0766 5964 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/07/22 00:26:22.0813 5964 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/07/22 00:26:22.0844 5964 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/07/22 00:26:22.0891 5964 VBoxDrv (3de2e217627bb058bbe5e04b95a59b0c) C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
2011/07/22 00:26:22.0938 5964 VBoxNetAdp (a708bbadde4e4374bf15b0c064b7e7ce) C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
2011/07/22 00:26:22.0984 5964 VBoxNetFlt (5154f5bad19a83463d0359ed3af28b60) C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys
2011/07/22 00:26:23.0031 5964 VBoxUSBMon (c0fa5a87fa5e3ae0079f436ca1449107) C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
2011/07/22 00:26:23.0047 5964 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/07/22 00:26:23.0078 5964 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/07/22 00:26:23.0109 5964 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/07/22 00:26:23.0172 5964 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/07/22 00:26:23.0203 5964 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/07/22 00:26:23.0266 5964 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/07/22 00:26:23.0328 5964 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/07/22 00:26:23.0359 5964 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/07/22 00:26:23.0391 5964 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/07/22 00:26:23.0453 5964 MBR (0x1B8) (edc00a9c9e79634953f952c6d701052f) \Device\Harddisk0\DR0
2011/07/22 00:26:23.0547 5964 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
2011/07/22 00:26:23.0734 5964 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk2\DR4
2011/07/22 00:26:23.0750 5964 Boot (0x1200) (f98a855d3d28eb84f9a8dc26a2aea793) \Device\Harddisk0\DR0\Partition0
2011/07/22 00:26:23.0750 5964 Boot (0x1200) (ff82bb24d55553fc21e7d5535debd131) \Device\Harddisk1\DR1\Partition0
2011/07/22 00:26:23.0766 5964 Boot (0x1200) (555beb0499599f6604826cf3d3a3b436) \Device\Harddisk2\DR4\Partition0
2011/07/22 00:26:23.0766 5964 ================================================================================
2011/07/22 00:26:23.0766 5964 Scan finished
2011/07/22 00:26:23.0766 5964 ================================================================================
2011/07/22 00:26:23.0813 7012 Detected object count: 1
2011/07/22 00:26:23.0813 7012 Actual detected object count: 1
2011/07/22 00:28:22.0672 7012 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted after reboot
2011/07/22 00:28:22.0672 7012 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted after reboot
2011/07/22 00:28:22.0672 7012 C:\WINDOWS\system32\Drivers\sptd.sys - will be deleted after reboot
2011/07/22 00:28:22.0672 7012 LockedFile.Multi.Generic(sptd) - User select action: Delete
2011/07/22 00:29:44.0422 0184 Deinitialize success

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/22/2011 at 01:54 AM

Application Version : 4.55.1000

Core Rules Database Version : 7443
Trace Rules Database Version: 5255

Scan type : Complete Scan
Total Scan Time : 01:04:34

Memory items scanned : 299
Memory threats detected : 0
Registry items scanned : 9742
Registry threats detected : 0
File items scanned : 125603
File threats detected : 168

Adware.Tracking Cookie
C:\Documents and Settings\Administrator\Cookies\administrator@web4.realtracker[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@questionmarket[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@media6degrees[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@tacoda.at.atwola[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@liveperson[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adserver.adtechus[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.tcm[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@xiti[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@clickbooth[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.googleadservices[4].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.pgatour[5].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ru4[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@specificclick[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@revsci[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wjnyegdjeho.stats.esomniture[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@nextag[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@tribalfusion[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.wsod[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.googleadservices[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@at.atwola[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adecn[3].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.beatthetraffic[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@snapfish.112.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.pubmatic[3].txt
C:\Documents and Settings\Administrator\Cookies\administrator@pro-market[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@dmtracker[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adxpose[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@overture[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@lucidmedia[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@content.yieldmanager[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@imrworldwide[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@bs.serving-sys[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.adk2[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adserver.ignitad[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.pubmatic[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@eyewonder[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@atwola[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@beatthetraffic[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@content.yieldmanager[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@richmedia.yahoo[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@nextag[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@interclick[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@kontera[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@tacoda.at.atwola[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@azjmp[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@pointroll[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@questionmarket[4].txt
C:\Documents and Settings\Administrator\Cookies\administrator@serving-sys[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@trafficmp[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@microsoftsto.112.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adlegend[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.pointroll[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.cpxadroit[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ar.atwola[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@collective-media[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@content.yieldmanager[3].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[5].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adinterax[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@yieldmanager[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[3].txt
C:\Documents and Settings\Administrator\Cookies\administrator@sales.liveperson[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@segment-pixel.invitemedia[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@legolas-media[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@server.cpmstar[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@insightexpressai[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.intergi[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@anrtx.tacoda[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@collective-media[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@realmedia[5].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.ad4game[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@server.cpmstar[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adtech[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@admarketplace[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@liveperson[3].txt
C:\Documents and Settings\Administrator\Cookies\administrator@kanoodle[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.googleadservices[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@bravenet[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@2o7[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.adperium[5].txt
C:\Documents and Settings\Administrator\Cookies\administrator@kaspersky.122.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@trafficking.nabbr[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@tribalfusion[3].txt
C:\Documents and Settings\Administrator\Cookies\administrator@mm.chitika[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@dc.tremormedia[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@in.getclicky[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@bizzclick[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.sexbotlive[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@amtk-media[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@msnbc.112.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ox-d.coedmediagroup[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@a1.interclick[3].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adserver.seedpeer[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@mediabrandsww[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.googleadservices[3].txt
C:\Documents and Settings\Administrator\Cookies\administrator@stat.dealtime[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@mediafire[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@247realmedia[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@seeclickfix[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@cdn1.trafficmp[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@bridge1.admarketplace[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.cnn[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@revsci[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@solvemedia[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.gamershell[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@invitemedia[3].txt
C:\Documents and Settings\Administrator\Cookies\administrator@liveperson[4].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[6].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.kickasstorrents[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.bridgetrack[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@uk.at.atwola[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@collective-media[4].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ar.atwola[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[7].txt
C:\Documents and Settings\Administrator\Cookies\administrator@a1.interclick[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adinterax[3].txt
.interclick.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.a1.interclick.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.interclick.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.invitemedia.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.content.yieldmanager.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.serving-sys.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.server.cpmstar.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.adlegend.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.adlegend.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
.bs.serving-sys.com [ C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\cookies.sqlite ]
C:\Documents and Settings\Administrator\Cookies\administrator@a1.interclick[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[4].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.pgatour[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.pgatour[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.pgatour[3].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.pointroll[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.undertone[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@atwola[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@atwola[3].txt
C:\Documents and Settings\Administrator\Cookies\administrator@bs.serving-sys[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@invitemedia[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@legolas-media[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@media6degrees[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@questionmarket[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@rcci.122.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@realmedia[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@realmedia[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@realmedia[3].txt
C:\Documents and Settings\Administrator\Cookies\administrator@realmedia[4].txt
C:\Documents and Settings\Administrator\Cookies\administrator@trafficmp[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.googleadservices[5].txt

Trojan.Agent/Gen-Nullo[Short]
C:\AVENGER\MP3TUBETB.DLL

Trojan.Downloader-Gen/A
C:\PROGRAM FILES\OLDGAMES\FPS FOOTBALL PRO 95\C\SIERRA\FPSPRO95\A.EXE

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7229

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/22/2011 8:43:52 AM
mbam-log-2011-07-22 (08-43-52).txt

Scan type: Quick scan
Objects scanned: 176947
Time elapsed: 3 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#5 UpgradeMe

UpgradeMe
  • Topic Starter

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA USA
  • Local time:10:41 PM

Posted 22 July 2011 - 08:19 AM

By the way BM, Google search is back to normal at least for the time being...

#6 UpgradeMe

UpgradeMe
  • Topic Starter

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA USA
  • Local time:10:41 PM

Posted 22 July 2011 - 12:48 PM

BM...the redirects came back again this afternoon. This time I couldn't get back in to post. I either got that the a connection could not be established or some weird link page that said mybleepingcomputer at the top. That's the one I was getting before, but it hadn't made any special attempt to stop me from accessing MBC until then. Ran MBAM, and the trojan was back, so I deleted it again, but the problem was still happening. Pretty sure it will be back again. I then ran SAS, and the problem went away. The only things it found were tracking cookies. Don't know if the trojan put them there or what, but I think they must be associated with the problem somehow, idk. The weird desktop problem seems to have gone away, but I still have the lingering feeling that there is something still happening with the virus...

Thanks for all your attention. You guys are #1 with me. Would love to hear some of your war stories! Bet you have some doozies. What you guys do reminds me of a priest at an excorcism ha ah...

Hope I'm still laughing tomorrow with the stuff I've been reading on the board :(

#7 UpgradeMe

UpgradeMe
  • Topic Starter

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA USA
  • Local time:10:41 PM

Posted 22 July 2011 - 01:20 PM

BM...Bad news I am afraid. I just read some info from another post, and I think I have the same problem. The redirects seem to have spread to another computer in the house. I have 3 computers on the same network, 2 using the router and one through the router. In the other post the tech mentioned a trojan DNS-hijacker as possibly causing this problem. I have a question here. One of the PCs is a Mac. Will it be affected in the same way? I haven't tried it yet. I know the redirects are happening on two machines...

Edited by UpgradeMe, 22 July 2011 - 04:27 PM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:41 PM

Posted 22 July 2011 - 01:30 PM

Hello, I 've found when that fsharproj comes back we usually have to move you to the MRL forum.
Lets try one more item.

If still redirecting>>>
Change your DNS Servers:
  • Go to Posted Image > Run... and in the open box, type: cmd
  • Press OK or Hit Enter.
  • At the command prompt, type or copy/paste: ipconfig /flushdns
  • Hit Enter.
  • You will get a confirmation that the flush was successful.
  • Close the command box.
If the above commands did not resolve the problem, the next thing to try is to reset your network settings and Configure TCP/IP to use DNS.
  • Go to Posted Image > Control Panel, and choose Network Connections.
  • Right-click on your default connection, usually Local Area Connection or Dial-up Connection if you are using Dial-up, and and choose Properties.
  • Double-click on Internet Protocol (TCP/IP) or highlight it and select Properties.
  • Under the General tab, write down any settings in case you should need to change them back.
  • Select the button that says "Obtain an IP address automatically" or make sure the DNS server IP address is the same as provided by your ISP.
  • Select the button that says "Obtain DNS servers automatically".
  • If unknown Preferred or Alternate DNS servers are listed, uncheck the box that says "Use the following DNS server address".
  • Click OK twice to get out of the properties screen and restart your computer. If not prompted to reboot go ahead and reboot manually.
-- Vista users can refer to How to Change TCP/IP settings

CAUTION: It's possible that your ISP (Internet Service Provider) requires specific DNS settings here. Make sure you know if you need these settings or not BEFORE you make any changes or you may lose your Internet connection. If you're sure you do not need a specific DNS address,
then you may proceed.



If still no joy then we We need a deeper look. Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If Gmer won't run,skip it and move on.
Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 UpgradeMe

UpgradeMe
  • Topic Starter

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA USA
  • Local time:10:41 PM

Posted 22 July 2011 - 04:22 PM

OK...tried to get back in to check for your message but could not, so I ran MBAM on the other Windows PC. It found 3 threats, and I removed them. Then I disconnected the internet connection on it and on the 3rd PC which is a MAC. Since I couldn't use this PC to type here, I reran MBAM and it turned up the fsharproj again, which I again got rid of. Then I ran SAS and again removed all the tracking cookies. Then I was able to get back to read your message and post. The SAS seems to make it possible for me to navigate the web better, so at least I know that I guess. Given that the virus is still coming back, should I still do the above as you posted? You say it's dangerous, but, also, the virus is obviously still lurking someplace. Here is the MBAM scan from the 2nd PC. I guess it's not much help for this one, but:

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7232

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/22/2011 3:41:43 PM
mbam-log-2011-07-22 (15-41-31).txt

Scan type: Full scan (C:\|)
Objects scanned: 197489
Time elapsed: 44 minute(s), 14 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (Adware.Minibug) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{549B5CA7-4A86-11D7-A4DF-000874180BB3} (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{549B5CA7-4A86-11D7-A4DF-000874180BB3} (Trojan.Agent) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#10 UpgradeMe

UpgradeMe
  • Topic Starter

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA USA
  • Local time:10:41 PM

Posted 22 July 2011 - 04:55 PM

OK...went ahead and did as you suggested but no luck. When I SAS quck scan, it gets rid of the tracking cookies, and I am able to get into BC to post. I think the google search bar may be a trigger for the virus to make the cookies, but IDK. So, do I now follow 6-9 and move to the Infected thread?

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:41 PM

Posted 22 July 2011 - 06:41 PM

You can try this to see if it helps Google but We need to do the Prep Guide to kill this when it won't die.

Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 UpgradeMe

UpgradeMe
  • Topic Starter

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA USA
  • Local time:10:41 PM

Posted 22 July 2011 - 08:07 PM

OK, thanks. I just left the PC and came back after awhile and I am able to use the browser. I am being careful not to perform any google searches, and I am pretty sure that's why the cookies didn't come back. Here is the Goored log:

GooredFix by jpshortstuff (03.07.10.1)
Log created at 21:02 on 22/07/2011 (Administrator)
Firefox version 3.5.13 (en-US)

========== GooredScan ==========

Deleting "C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\extensions\{64288039-6ad0-490b-814c-2f38042174db}" -> Success!
Deleting "C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\extensions\{783d74e7-242a-4457-9e26-23747e708603}" -> Success!
Deleting "C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\extensions\{7bff1c6d-3d47-40dd-9a6c-4f3c97cf1809}" -> Success!
Deleting "C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\extensions\{8b7fd290-4691-4b7b-88bc-82a1f08f6450}" -> Success!
Deleting "C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\extensions\{b786d7b5-0af4-4e5d-9a96-fe871dfe619e}" -> Success!
Deleting "C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\extensions\{c75e3886-5ff8-415a-8fd8-159e2f3ee58b}" -> Success!
Deleting "C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\extensions\{ce079755-c7bf-4667-9b9b-13f692079868}" -> Success!

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [06:31 07/07/2010]
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [13:19 07/07/2010]

C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\hbpfqgt7.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b} [20:13 30/01/2011]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\Program Files\Real\RealPlayer\browserrecord" [02:57 07/07/2010]
"{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [20:43 07/07/2010]

-=E.O.F=-

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:41 PM

Posted 22 July 2011 - 08:20 PM

Maybe a break, let;s reset the hosts file. Rerun TDSS and MBAM and see if it stops.


Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the promots in the Fix it wizard.



RERUN TDSS:

Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 UpgradeMe

UpgradeMe
  • Topic Starter

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA USA
  • Local time:10:41 PM

Posted 22 July 2011 - 09:02 PM

OK here are the logs. Ran the fix as you said. I have not performed any Google searches, and I am able to post, but MBAM seems to have found the fsharproj again. When I rebooted I got a script error. I think it was associated with the ads in WeatherBug which runs in the sys tray, because the error message went away when I closed Weather Bug with Task Manager. I always have to shut it at start up, because it won't min to the tray...instead to the taskbar. If/when you are comfortable with me trying a Google search, I think a quick scan with SAS will get me back to this point likkity split. I am just happy to be able to make these posts. OK here are the logs:

2011/07/22 21:38:44.0781 1524 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/22 21:38:45.0015 1524 ================================================================================
2011/07/22 21:38:45.0015 1524 SystemInfo:
2011/07/22 21:38:45.0015 1524
2011/07/22 21:38:45.0015 1524 OS Version: 5.1.2600 ServicePack: 3.0
2011/07/22 21:38:45.0015 1524 Product type: Workstation
2011/07/22 21:38:45.0015 1524 ComputerName: HP16823713025
2011/07/22 21:38:45.0015 1524 UserName: Administrator
2011/07/22 21:38:45.0015 1524 Windows directory: C:\WINDOWS
2011/07/22 21:38:45.0015 1524 System windows directory: C:\WINDOWS
2011/07/22 21:38:45.0015 1524 Processor architecture: Intel x86
2011/07/22 21:38:45.0015 1524 Number of processors: 2
2011/07/22 21:38:45.0015 1524 Page size: 0x1000
2011/07/22 21:38:45.0015 1524 Boot type: Normal boot
2011/07/22 21:38:45.0015 1524 ================================================================================
2011/07/22 21:38:46.0328 1524 Initialize success
2011/07/22 21:38:49.0500 2488 ================================================================================
2011/07/22 21:38:49.0500 2488 Scan started
2011/07/22 21:38:49.0500 2488 Mode: Manual;
2011/07/22 21:38:49.0500 2488 ================================================================================
2011/07/22 21:38:50.0265 2488 Aavmker4 (dfcdd5936cad0138775d5a105d4c7716) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/07/22 21:38:50.0328 2488 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
2011/07/22 21:38:50.0375 2488 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/07/22 21:38:50.0390 2488 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/07/22 21:38:50.0421 2488 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/07/22 21:38:50.0453 2488 adpu320 (0ea9b1f0c6c90a509c8603775366adb7) C:\WINDOWS\system32\DRIVERS\adpu320.sys
2011/07/22 21:38:50.0484 2488 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/07/22 21:38:50.0531 2488 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/07/22 21:38:50.0562 2488 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/07/22 21:38:50.0593 2488 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/07/22 21:38:50.0656 2488 ARCSOFTVIRTUALCAPTURE (177c2262957a324e3d14009f031538e8) C:\WINDOWS\system32\DRIVERS\ArcSoftVirtualCapture.sys
2011/07/22 21:38:50.0734 2488 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/07/22 21:38:50.0765 2488 aswMon2 (7857e0b4c817f69ff463eea2c63e56f9) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/07/22 21:38:50.0781 2488 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/07/22 21:38:50.0812 2488 aswSnx (17230708a2028cd995656df455f2e303) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/07/22 21:38:50.0828 2488 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\WINDOWS\system32\drivers\aswSP.sys
2011/07/22 21:38:50.0859 2488 aswTdi (984cfce2168286c2511695c2f9621475) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/07/22 21:38:50.0875 2488 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/07/22 21:38:50.0890 2488 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/07/22 21:38:50.0937 2488 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/07/22 21:38:50.0984 2488 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/07/22 21:38:51.0015 2488 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/07/22 21:38:51.0046 2488 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/07/22 21:38:51.0078 2488 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/07/22 21:38:51.0109 2488 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/07/22 21:38:51.0125 2488 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/07/22 21:38:51.0156 2488 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/07/22 21:38:51.0281 2488 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/07/22 21:38:51.0328 2488 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/07/22 21:38:51.0359 2488 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/07/22 21:38:51.0390 2488 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/07/22 21:38:51.0406 2488 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/07/22 21:38:51.0453 2488 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/07/22 21:38:51.0484 2488 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/07/22 21:38:51.0515 2488 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/07/22 21:38:51.0546 2488 e1express (00192f0c612591d585594e9467e6ca8b) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
2011/07/22 21:38:51.0609 2488 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/07/22 21:38:51.0625 2488 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/07/22 21:38:51.0640 2488 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/07/22 21:38:51.0656 2488 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/07/22 21:38:51.0703 2488 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/07/22 21:38:51.0718 2488 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/07/22 21:38:51.0750 2488 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/07/22 21:38:51.0796 2488 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/07/22 21:38:51.0828 2488 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/07/22 21:38:51.0875 2488 HECI (d0fc694df051bc65946db616f20d1168) C:\WINDOWS\system32\DRIVERS\HECI.sys
2011/07/22 21:38:51.0906 2488 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/07/22 21:38:52.0015 2488 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/07/22 21:38:52.0125 2488 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/07/22 21:38:52.0156 2488 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
2011/07/22 21:38:52.0171 2488 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
2011/07/22 21:38:52.0203 2488 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
2011/07/22 21:38:52.0234 2488 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
2011/07/22 21:38:52.0265 2488 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
2011/07/22 21:38:52.0296 2488 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
2011/07/22 21:38:52.0328 2488 iAimFP5 (0308aef61941e4af478fa1a0f83812f5) C:\WINDOWS\system32\DRIVERS\wADV07nt.sys
2011/07/22 21:38:52.0343 2488 iAimFP6 (714038a8aa5de08e12062202cd7eaeb5) C:\WINDOWS\system32\DRIVERS\wADV08nt.sys
2011/07/22 21:38:52.0375 2488 iAimFP7 (7bb3aa595e4507a788de1cdc63f4c8c4) C:\WINDOWS\system32\DRIVERS\wADV09nt.sys
2011/07/22 21:38:52.0406 2488 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
2011/07/22 21:38:52.0437 2488 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
2011/07/22 21:38:52.0468 2488 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
2011/07/22 21:38:52.0484 2488 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
2011/07/22 21:38:52.0515 2488 iAimTV5 (791cc45de6e50445be72e8ad6401ff45) C:\WINDOWS\system32\DRIVERS\wATV10nt.sys
2011/07/22 21:38:52.0546 2488 iAimTV6 (352fa0e98bc461ce1ce5d41f64db558d) C:\WINDOWS\system32\DRIVERS\wATV06nt.sys
2011/07/22 21:38:52.0593 2488 iaStor (019cf5f31c67030841233c545a0e217a) C:\WINDOWS\system32\DRIVERS\iaStor.sys
2011/07/22 21:38:52.0625 2488 IFXTPM (f67554da27d5b55efcb6c7cb4818fbfd) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
2011/07/22 21:38:52.0640 2488 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/07/22 21:38:52.0781 2488 IntcAzAudAddService (418fe3a08346ccca61bc9a04457f46cf) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/07/22 21:38:52.0859 2488 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/07/22 21:38:52.0875 2488 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/07/22 21:38:52.0906 2488 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/07/22 21:38:52.0921 2488 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/07/22 21:38:52.0953 2488 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/07/22 21:38:52.0984 2488 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/07/22 21:38:53.0015 2488 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/07/22 21:38:53.0046 2488 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/07/22 21:38:53.0062 2488 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/07/22 21:38:53.0078 2488 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/07/22 21:38:53.0093 2488 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/07/22 21:38:53.0140 2488 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/07/22 21:38:53.0171 2488 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/07/22 21:38:53.0265 2488 MBAMSwissArmy (b18225739ed9caa83ba2df966e9f43e8) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011/07/22 21:38:53.0296 2488 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\WINDOWS\system32\DRIVERS\mcdbus.sys
2011/07/22 21:38:53.0343 2488 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/07/22 21:38:53.0375 2488 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/07/22 21:38:53.0390 2488 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/07/22 21:38:53.0406 2488 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/07/22 21:38:53.0421 2488 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/07/22 21:38:53.0453 2488 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
2011/07/22 21:38:53.0484 2488 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/07/22 21:38:53.0546 2488 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/07/22 21:38:53.0593 2488 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/07/22 21:38:53.0625 2488 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/07/22 21:38:53.0640 2488 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/07/22 21:38:53.0671 2488 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/07/22 21:38:53.0703 2488 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/07/22 21:38:53.0734 2488 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/07/22 21:38:53.0765 2488 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/07/22 21:38:53.0796 2488 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/07/22 21:38:53.0828 2488 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/07/22 21:38:53.0859 2488 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/07/22 21:38:53.0890 2488 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/07/22 21:38:53.0906 2488 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/07/22 21:38:53.0937 2488 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/07/22 21:38:53.0984 2488 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/07/22 21:38:54.0000 2488 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/07/22 21:38:54.0031 2488 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/07/22 21:38:54.0078 2488 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/07/22 21:38:54.0109 2488 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/07/22 21:38:54.0140 2488 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/07/22 21:38:54.0375 2488 nv (ae6fcf506a4bc33b287bcbc75f71f728) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/07/22 21:38:54.0593 2488 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/07/22 21:38:54.0609 2488 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/07/22 21:38:54.0656 2488 P3 (c90018bafdc7098619a4a95b046b30f3) C:\WINDOWS\system32\DRIVERS\p3.sys
2011/07/22 21:38:54.0671 2488 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/07/22 21:38:54.0687 2488 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/07/22 21:38:54.0718 2488 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/07/22 21:38:54.0750 2488 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/07/22 21:38:54.0781 2488 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/07/22 21:38:54.0812 2488 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/07/22 21:38:54.0890 2488 pdiddcci (a893b05b457f2e7eca0e5ea867e2249d) C:\WINDOWS\system32\DRIVERS\pdiddcci.sys
2011/07/22 21:38:54.0906 2488 PdiPorts (18ed1d71fef6f71d38c24263500bbd01) C:\WINDOWS\system32\Drivers\PdiPorts.sys
2011/07/22 21:38:55.0046 2488 PersonalSecureDrive (9abf51856b69b6a343988bc7d74840c4) C:\WINDOWS\System32\drivers\psd.sys
2011/07/22 21:38:55.0062 2488 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/07/22 21:38:55.0093 2488 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/07/22 21:38:55.0125 2488 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/07/22 21:38:55.0171 2488 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/07/22 21:38:55.0218 2488 QCDonner (fddd1aeb9f81ef1e6e48ae1edc2a97d6) C:\WINDOWS\system32\DRIVERS\OVCD.sys
2011/07/22 21:38:55.0328 2488 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/07/22 21:38:55.0343 2488 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/07/22 21:38:55.0375 2488 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/07/22 21:38:55.0406 2488 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/07/22 21:38:55.0421 2488 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/07/22 21:38:55.0453 2488 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/07/22 21:38:55.0500 2488 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/07/22 21:38:55.0531 2488 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/07/22 21:38:55.0578 2488 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/07/22 21:38:55.0687 2488 SANDRA (230fd3749904ca045ea5ec0aa14006e9) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\Sandra.sys
2011/07/22 21:38:55.0734 2488 SASDIFSV (4bfbb868c869a4f8486d4c36849d59cf) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/07/22 21:38:55.0750 2488 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/07/22 21:38:55.0796 2488 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/07/22 21:38:55.0812 2488 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/07/22 21:38:55.0843 2488 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/07/22 21:38:55.0875 2488 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/07/22 21:38:55.0937 2488 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/07/22 21:38:56.0000 2488 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/07/22 21:38:56.0015 2488 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/07/22 21:38:56.0093 2488 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/07/22 21:38:56.0140 2488 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys
2011/07/22 21:38:56.0171 2488 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/07/22 21:38:56.0203 2488 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/07/22 21:38:56.0250 2488 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/07/22 21:38:56.0296 2488 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/07/22 21:38:56.0343 2488 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/07/22 21:38:56.0359 2488 Symmpi (f2b7e8416f508368ac6730e2ae1c614f) C:\WINDOWS\system32\DRIVERS\symmpi.sys
2011/07/22 21:38:56.0390 2488 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/07/22 21:38:56.0421 2488 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/07/22 21:38:56.0453 2488 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/07/22 21:38:56.0500 2488 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/07/22 21:38:56.0531 2488 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/07/22 21:38:56.0562 2488 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/07/22 21:38:56.0593 2488 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/07/22 21:38:56.0656 2488 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/07/22 21:38:56.0718 2488 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/07/22 21:38:56.0781 2488 USBAVCap (abcbef8b4b8c0181aff2ae77b41ccfea) C:\WINDOWS\system32\drivers\USBAVCap.sys
2011/07/22 21:38:56.0812 2488 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/07/22 21:38:56.0859 2488 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/07/22 21:38:56.0875 2488 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/07/22 21:38:56.0906 2488 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/07/22 21:38:56.0937 2488 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/07/22 21:38:56.0953 2488 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/07/22 21:38:57.0000 2488 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/07/22 21:38:57.0046 2488 VBoxDrv (3de2e217627bb058bbe5e04b95a59b0c) C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
2011/07/22 21:38:57.0093 2488 VBoxNetAdp (a708bbadde4e4374bf15b0c064b7e7ce) C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
2011/07/22 21:38:57.0125 2488 VBoxNetFlt (5154f5bad19a83463d0359ed3af28b60) C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys
2011/07/22 21:38:57.0187 2488 VBoxUSBMon (c0fa5a87fa5e3ae0079f436ca1449107) C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
2011/07/22 21:38:57.0203 2488 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/07/22 21:38:57.0234 2488 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/07/22 21:38:57.0281 2488 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/07/22 21:38:57.0312 2488 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/07/22 21:38:57.0359 2488 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/07/22 21:38:57.0406 2488 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/07/22 21:38:57.0453 2488 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/07/22 21:38:57.0500 2488 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/07/22 21:38:57.0531 2488 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/07/22 21:38:57.0562 2488 MBR (0x1B8) (edc00a9c9e79634953f952c6d701052f) \Device\Harddisk0\DR0
2011/07/22 21:38:57.0703 2488 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
2011/07/22 21:38:57.0890 2488 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk2\DR4
2011/07/22 21:38:57.0890 2488 Boot (0x1200) (f98a855d3d28eb84f9a8dc26a2aea793) \Device\Harddisk0\DR0\Partition0
2011/07/22 21:38:57.0906 2488 Boot (0x1200) (ff82bb24d55553fc21e7d5535debd131) \Device\Harddisk1\DR1\Partition0
2011/07/22 21:38:57.0906 2488 Boot (0x1200) (555beb0499599f6604826cf3d3a3b436) \Device\Harddisk2\DR4\Partition0
2011/07/22 21:38:57.0921 2488 ================================================================================
2011/07/22 21:38:57.0921 2488 Scan finished
2011/07/22 21:38:57.0921 2488 ================================================================================
2011/07/22 21:38:57.0937 1416 Detected object count: 0
2011/07/22 21:38:57.0937 1416 Actual detected object count: 0

MBAM

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7235

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/22/2011 9:45:26 PM
mbam-log-2011-07-22 (21-45-26).txt

Scan type: Quick scan
Objects scanned: 177975
Time elapsed: 4 minute(s), 40 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#15 UpgradeMe

UpgradeMe
  • Topic Starter

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Atlanta, GA USA
  • Local time:10:41 PM

Posted 22 July 2011 - 09:22 PM

BM...went ahead and tried a Google search and back came the cookies and the redirects. It's anywhere from 32-36 tracking cookies that show up. If I don't use a Google search I am fine. I just ran an SAS quick scan (I actually stop the scan after all the tracking cookies are found), and everything is fine for me to use Favorites. I have this page bookmarked, so I can just come here without a Google search. By the way, I cannot use Favorites either when the tracking cookies are present without getting the redirect. I can use favorites, however, when they are gone without triggering the virus. I am at your command...ready to do whatever you say at this point...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users