Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser(s) hijacked, I think


  • Please log in to reply
18 replies to this topic

#1 nonaste

nonaste

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 21 September 2011 - 08:02 PM

I opened up an email from a seller I've used in the past with no problems. I clicked on a link which took me their page with no problem. Browsed and left. Later I tried to return to the website and now neither Firefox, Firefox portable or IE Explorer will open. The first time I tried to open the second two browsers they opened and then they stopped working. I get the error message, "Windows cannot access the specified device, path, or file".

I tried to run Malwarebytes and it is disabled. Spybot Search and Destroy finds nothing. Avira found several problems and corrected them, except this one. An unknown process is running. "13441673:1994732887.exe". I cannot close this process. It also runs in safe mode. I can still play my multiplayer online game. I just can't use my browsers.

Can you please help me. Thank you.

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:49 AM

Posted 21 September 2011 - 08:48 PM

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 nonaste

nonaste
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 22 September 2011 - 07:39 AM

Results of screen317's Security Check version 0.99.7
Windows XP Service Pack 2
Out of date service pack!!
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
Avira AntiVir Personal - Free Antivirus
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:

Ad-Aware
MVPS Hosts File
Malwarebytes' Anti-Malware
CCleaner (remove only)
Little Registry Cleaner
WinCleaner Memory Optimizer Version 5.2
EasyCleaner
Java™ 6 Update 22
Adobe Flash Player 10.3.183.7
Adobe Reader 9.4.5
Out of date Adobe Reader installed!
Mozilla Firefox (3.6.22)
Mozilla Thunderbird (2.0.0) Thunderbird Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
``````````End of Log````````````




MiniToolBox by Farbar
Ran by Raymondo (administrator) on 22-09-2011 at 11:56:19
Microsoft Windows XP Service Pack 2 (X86)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: 72.249.104.151:9939

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================





127.0.0.1 localhost
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 acezip.net 127.0.0.1 www.acezip.net 127.0.0.1 phpadsnew.abac.com
127.0.0.1 a.abnad.net
127.0.0.1 b.abnad.net
127.0.0.1 c.abnad.net 127.0.0.1 d.abnad.net
127.0.0.1 e.abnad.net
127.0.0.1 t.abnad.net
127.0.0.1 z.abnad.net
127.0.0.1 banners.absolpublisher.com
127.0.0.1 tracking.absolstats.com
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 gtb5.acecounter.com

There are 14762 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================The following helper DLL cannot be loaded: IFMON.DLL.
The following command was not found: int ip dump.
Windows IP Configuration Host Name . . . . . . . . . . . . : RAY1 Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : ph.cox.netEthernet adapter Local Area Connection 2: Connection-specific DNS Suffix . : ph.cox.net Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller Physical Address. . . . . . . . . : 40-61-86-F4-5C-71 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.1.3 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1 DHCP Server . . . . . . . . . . . : 192.168.1.1 DNS Servers . . . . . . . . . . . : 192.168.1.1 Lease Obtained. . . . . . . . . . : Thursday, September 22, 2011 03:17:27 Lease Expires . . . . . . . . . . : Friday, September 23, 2011 03:17:27Pinging google.com [74.125.73.99] with 32 bytes of data:Reply from 74.125.73.99: bytes=32 time=54ms TTL=54Reply from 74.125.73.99: bytes=32 time=56ms TTL=54Ping statistics for 74.125.73.99: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 54ms, Maximum = 56ms, Average = 55msPinging yahoo.com [67.195.160.76] with 32 bytes of data:Reply from 67.195.160.76: bytes=32 time=93ms TTL=55Reply from 67.195.160.76: bytes=32 time=91ms TTL=55Ping statistics for 67.195.160.76: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 91ms, Maximum = 93ms, Average = 92msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...40 61 86 f4 5c 71 ...... Realtek PCIe GBE Family Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.3 192.168.1.3 20
192.168.1.3 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.3 192.168.1.3 20
224.0.0.0 240.0.0.0 192.168.1.3 192.168.1.3 20
255.255.255.255 255.255.255.255 192.168.1.3 192.168.1.3 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/22/2011 11:51:40 AM) (Source: SecurityCenter) (User: )
Description: The Windows Security Center Service was unable to load instances of AntiVirusProduct from WMI.

Error: (09/22/2011 11:51:40 AM) (Source: WinMgmt) (User: )
Description: Event filter with query "SELECT * FROM __InstanceOperationEvent WHERE TargetInstance ISA 'AntiVirusProduct' OR TargetInstance ISA 'FirewallProduct'" could not be (re)activated in namespace "//./ROOT/SecurityCenter"
because of error 0x80041010. Events may not be delivered through this filter until the
problem is corrected.

Error: (09/22/2011 11:33:07 AM) (Source: SecurityCenter) (User: )
Description: The Windows Security Center Service was unable to load instances of AntiVirusProduct from WMI.

Error: (09/22/2011 11:33:07 AM) (Source: WinMgmt) (User: )
Description: Event filter with query "SELECT * FROM __InstanceOperationEvent WHERE TargetInstance ISA 'AntiVirusProduct' OR TargetInstance ISA 'FirewallProduct'" could not be (re)activated in namespace "//./ROOT/SecurityCenter"
because of error 0x80041010. Events may not be delivered through this filter until the
problem is corrected.

Error: (09/22/2011 03:17:49 AM) (Source: SecurityCenter) (User: )
Description: The Windows Security Center Service was unable to load instances of AntiVirusProduct from WMI.

Error: (09/22/2011 03:17:49 AM) (Source: WinMgmt) (User: )
Description: Event filter with query "SELECT * FROM __InstanceOperationEvent WHERE TargetInstance ISA 'AntiVirusProduct' OR TargetInstance ISA 'FirewallProduct'" could not be (re)activated in namespace "//./ROOT/SecurityCenter"
because of error 0x80041010. Events may not be delivered through this filter until the
problem is corrected.

Error: (09/22/2011 00:32:29 AM) (Source: SecurityCenter) (User: )
Description: The Windows Security Center Service was unable to load instances of AntiVirusProduct from WMI.

Error: (09/22/2011 00:32:29 AM) (Source: WinMgmt) (User: )
Description: Event filter with query "SELECT * FROM __InstanceOperationEvent WHERE TargetInstance ISA 'AntiVirusProduct' OR TargetInstance ISA 'FirewallProduct'" could not be (re)activated in namespace "//./ROOT/SecurityCenter"
because of error 0x80041010. Events may not be delivered through this filter until the
problem is corrected.

Error: (09/22/2011 00:21:40 AM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/22/2011 00:21:40 AM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


System errors:
=============
Error: (09/22/2011 11:53:35 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service terminated with the following error:
%%127

Error: (09/22/2011 11:53:23 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service terminated with the following error:
%%127

Error: (09/22/2011 11:53:06 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service terminated with the following error:
%%127

Error: (09/22/2011 11:52:03 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service terminated with the following error:
%%127

Error: (09/22/2011 11:52:02 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service terminated with the following error:
%%127

Error: (09/22/2011 11:51:41 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service terminated with the following error:
%%127

Error: (09/22/2011 11:51:41 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service terminated with the following error:
%%127

Error: (09/22/2011 11:51:41 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service terminated with the following error:
%%127

Error: (09/22/2011 11:51:41 AM) (Source: Service Control Manager) (User: )
Description: The SmartLinkService service failed to start due to the following error:
%%2

Error: (09/22/2011 11:51:41 AM) (Source: Service Control Manager) (User: )
Description: The PnkBstrA service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (09/22/2011 11:51:40 AM) (Source: SecurityCenter)(User: )
Description:

Error: (09/22/2011 11:51:40 AM) (Source: WinMgmt)(User: )
Description: //./ROOT/SecurityCenterSELECT * FROM __InstanceOperationEvent WHERE TargetInstance ISA 'AntiVirusProduct' OR TargetInstance ISA 'FirewallProduct'0x80041010

Error: (09/22/2011 11:33:07 AM) (Source: SecurityCenter)(User: )
Description:

Error: (09/22/2011 11:33:07 AM) (Source: WinMgmt)(User: )
Description: //./ROOT/SecurityCenterSELECT * FROM __InstanceOperationEvent WHERE TargetInstance ISA 'AntiVirusProduct' OR TargetInstance ISA 'FirewallProduct'0x80041010

Error: (09/22/2011 03:17:49 AM) (Source: SecurityCenter)(User: )
Description:

Error: (09/22/2011 03:17:49 AM) (Source: WinMgmt)(User: )
Description: //./ROOT/SecurityCenterSELECT * FROM __InstanceOperationEvent WHERE TargetInstance ISA 'AntiVirusProduct' OR TargetInstance ISA 'FirewallProduct'0x80041010

Error: (09/22/2011 00:32:29 AM) (Source: SecurityCenter)(User: )
Description:

Error: (09/22/2011 00:32:29 AM) (Source: WinMgmt)(User: )
Description: //./ROOT/SecurityCenterSELECT * FROM __InstanceOperationEvent WHERE TargetInstance ISA 'AntiVirusProduct' OR TargetInstance ISA 'FirewallProduct'0x80041010

Error: (09/22/2011 00:21:40 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/22/2011 00:21:40 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

µTorrent (Version: 2.0.0)
3DMark06 (Version: 1.2.0)
7-Zip 4.65
Acronis True Image Home (Version: 11.0.8053)
Ad-Aware (Version: 7.1.0.7)
Adobe AIR (Version: 2.5.0.16600)
Adobe Flash Player 10 ActiveX (Version: 10.0.12.36)
Adobe Flash Player 10 Plugin (Version: 10.3.183.7)
Adobe Reader 9.4.5 (Version: 9.4.5)
Akamai NetSession Interface
AlacrityPC (Version: 1.0.0)
AMD Processor Driver (Version: 1.3.2.0053)
AMD USB Filter Driver (Version: 1.0.15.94)
AnyDVD
Apple Application Support (Version: 1.3.2)
Apple Software Update (Version: 2.1.1.116)
ATI Catalyst Install Manager (Version: 3.0.765.0)
ATI Multimedia Center 7.9.0.0
Avira AntiVir Personal - Free Antivirus (Version: 10.2.0.700)
Belarc Advisor 7.2
BioShock 2 (Version: 1.0.0004.131)
BlindWrite 6.0.8.92
Canon PIXMA iP3000
CCleaner (remove only)
CDDRV_Installer (Version: 4.60)
CloneDVD2
Compatibility Pack for the 2007 Office system (Version: 12.0.6514.5001)
CPUID CPU-Z 1.54
Cracklock 3.9.44 (Version: 3.9.44)
Creative Audio Control Panel (Version: 2.00)
Creative Console Launcher
Creative MediaSource 5 (Version: 5.26)
Creative Software AutoUpdate (Version: 1.40)
Creative System Information
Creative WaveStudio 7 (Version: 7.12)
Crysis® 2 (Version: 1.0.0.0)
DAO (Version: 3.5)
DaZZle Emule Mod 0.46c
DirectX Happy Uninstall v3.91
DiskCheckup V3.0 (Version: 3.0)
Diskeeper Professional Premier Edition (Version: 10.0.608)
Driver Sweeper 1.5.5
EasyCleaner (Version: 2.0.6.380)
EndItAll 2.0 (Version: 2.0)
erLT (Version: 1.20.137.31)
Fallout New Vegas
Far Cry (Patch 1.4) (Version: 1.00.0000)
Flash2X Flash Player version 3.0.2
FreeArc 0.666 (Version: 0.666)
Futuremark SystemInfo (Version: 3.21.2.1)
Google Update Helper (Version: 1.2.183.23)
GUIDE PLUS+™ for Windows® System - ATI
Half-Life® 2 (Version: 1.0.0.0)
Hot CPU Tester Pro 4.3 (Version: 4.3)
HP HDX Mouse
HyperLobby client (Version: 4.2.12)
IL-2 Sturmovik 1946 (Version: 4.08)
InterActual Player
InterVideo WinDVD 6 (Version: 6.0-B6.161)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 22 (Version: 6.0.220)
K-Lite Codec Pack 4.8.0 (Standard) (Version: 4.8.0)
KeyTweak - Keyboard Remapper (remove only)
KhalInstallWrapper (Version: 4.60.122)
Left 4 Dead
Left 4 Dead 2
Little Registry Cleaner
Logitech SetPoint (Version: 4.60)
Magic ISO Maker v5.5 (build 0272)
MagicDisc 2.7.106
Malwarebytes' Anti-Malware
Marvell Miniport Driver (Version: 10.55.3.3)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Games for Windows - LIVE (Version: 3.1.186.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.1.99.0)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003 (Version: 11.0.7969.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MightyFax
Mozilla Firefox (3.6.22) (Version: 3.6.22 (en-US))
Mozilla Thunderbird (2.0.0.24) (Version: 2.0.0.24 (en-US))
MP3 Splitter & Joiner
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
NEC Electronics USB 3.0 Host Controller Driver (Version: 1.0.19.0)
Nero 8 (Version: 8.3.31)
neroxml (Version: 1.0.0)
NVIDIA Control Panel 275.33 (Version: 275.33)
NVIDIA Drivers (Version: 1.9)
NVIDIA Graphics Driver 275.33 (Version: 275.33)
NVIDIA Install Application (Version: 2.275.80.0)
NVIDIA nView 135.85 (Version: 135.85)
NVIDIA nView Desktop Manager (Version: 6.14.10.13585)
NVIDIA Performance (Version: 6.5)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
NVIDIA System Monitor (Version: 6.5)
NVIDIA System Update (Version: 1.00.0000)
NVIDIA System Update (Version: 3.00)
NVIDIA Update 1.3.5 (Version: 1.3.5)
NVIDIA Update Components (Version: 1.3.5)
OpenAL
PeerBlock 1.1 (r518) (Version: 1.1.0.518)
PerfectDisk 11 Professional (Version: 11.00.183)
PowerISO
PunkBuster Services (Version: 0.986)
QuickTime (Version: 7.68.75.0)
QuickTime Alternative 1.67 (Version: 1.67)
Rainlendar2 (remove only)
RealPlayer
REALTEK GbE & FE Ethernet PCI-E NIC Driver (Version: 1.25.0000)
Replay AV 8
RESIDENT EVIL 5 (Version: 1.0.0.129)
Revo Uninstaller Pro 2.5.1 (Version: 2.5.1)
RoboForm 7-1-3 (All Users) (Version: 7-1-3)
Sandboxie 3.442
Smart Link 56K Voice Modem
SoundFont Bank Manager (Version: 3.21)
Spybot - Search & Destroy (Version: 1.6.2)
SpywareBlaster 4.1 (Version: 4.1.0)
Steam (Version: 1.0.0.0)
System Requirements Lab
TrackIR4
Tweakui Powertoy for Windows XP (Version: 1.00.0001)
VCRedistSetup (Version: 1.0.0)
VirusTotal Uploader
VirusTotal Uploader 2.0
VLC media player 1.1.8 (Version: 1.1.8)
Vopt 9
WinCleaner Memory Optimizer Version 5.2 (Version: 5.2)
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) (Version: 05/27/2006 1.3.2.0)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 7 (Version: 20070813.185237)
WinPcap 3.1 (Version: 3.1.0.27)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
XML Paper Specification Shared Components Pack 1.0
YouTube Downloader 3.3

========================= Memory info: ===================================

Percentage of memory in use: 15%
Total physical RAM: 3071.1 MB
Available physical RAM: 2606.84 MB
Total Pagefile: 5980.72 MB
Available Pagefile: 5746.17 MB
Total Virtual: 2047.88 MB
Available Virtual: 1998.33 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.88 GB) (Free:93.21 GB) NTFS
3 Drive e: () (Fixed) (Total:232.88 GB) (Free:59.85 GB) NTFS

========================= Users: ========================================

User accounts for \\RAY1

Administrator ASPNET Guest
HelpAssistant Raymondo SUPPORT_388945a0
UpdatusUser


**** End of log ****



Malwarebytes runs once without completing and then will not run again. Error message returned when I try to run it again: "Windows cannot access the specified device path or file. You may not have the appropriate permissions to access the item"


GMER runs once without completing. Closes in mid process. It will not run again and returns to same error message as in Malwarebytes. Same result in Safe Mode.

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:49 AM

Posted 22 September 2011 - 06:58 PM

Download TDSSKiller and save it to your desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 nonaste

nonaste
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 22 September 2011 - 08:15 PM

2011/09/23 02:09:26.0312 2700 TDSS rootkit removing tool 2.5.23.0 Sep 20 2011 08:53:10
2011/09/23 02:09:26.0687 2700 ================================================================================
2011/09/23 02:09:26.0687 2700 SystemInfo:
2011/09/23 02:09:26.0687 2700
2011/09/23 02:09:26.0687 2700 OS Version: 5.1.2600 ServicePack: 2.0
2011/09/23 02:09:26.0687 2700 Product type: Workstation
2011/09/23 02:09:26.0687 2700 ComputerName: RAY1
2011/09/23 02:09:26.0687 2700 UserName: Raymondo
2011/09/23 02:09:26.0687 2700 Windows directory: C:\WINDOWS
2011/09/23 02:09:26.0687 2700 System windows directory: C:\WINDOWS
2011/09/23 02:09:26.0687 2700 Processor architecture: Intel x86
2011/09/23 02:09:26.0687 2700 Number of processors: 2
2011/09/23 02:09:26.0687 2700 Page size: 0x1000
2011/09/23 02:09:26.0687 2700 Boot type: Normal boot
2011/09/23 02:09:26.0687 2700 ================================================================================
2011/09/23 02:09:33.0875 2700 Initialize success
2011/09/23 02:09:43.0406 3044 ================================================================================
2011/09/23 02:09:43.0406 3044 Scan started
2011/09/23 02:09:43.0406 3044 Mode: Manual;
2011/09/23 02:09:43.0406 3044 ================================================================================
2011/09/23 02:09:44.0093 3044 891acd00 (8f2bb1827cac01aee6a16e30a1260199) C:\WINDOWS\13441673:1994732287.exe
2011/09/23 02:09:44.0093 3044 Suspicious file (Hidden): C:\WINDOWS\13441673:1994732287.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
2011/09/23 02:09:44.0093 3044 891acd00 - detected HiddenFile.Multi.Generic (1)
2011/09/23 02:09:44.0203 3044 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/23 02:09:44.0234 3044 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/09/23 02:09:44.0296 3044 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
2011/09/23 02:09:44.0375 3044 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys
2011/09/23 02:09:44.0515 3044 AmdK8 (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/09/23 02:09:44.0593 3044 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
2011/09/23 02:09:44.0640 3044 AnyDVD (7a7a9f83fa3572448111886e34ca8565) C:\WINDOWS\system32\Drivers\AnyDVD.sys
2011/09/23 02:09:44.0703 3044 APLMp50 (a9a22d7bad607cf7f698e32fb2983d2d) C:\WINDOWS\system32\Drivers\APLMp50.sys
2011/09/23 02:09:44.0796 3044 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/23 02:09:44.0828 3044 atapi (c4b52426b79c6f6664b70b8e63b1b837) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/23 02:09:44.0906 3044 ATIBTCAP (6e7a9ad5133f63c0e6c05f1791eba600) C:\WINDOWS\system32\drivers\atibtcap.sys
2011/09/23 02:09:44.0984 3044 ATIBTXBAR (1a9435b7b685e1f55160f99224fa5ba2) C:\WINDOWS\system32\drivers\atibtxbr.sys
2011/09/23 02:09:45.0000 3044 ATIVTUTW (c9162756bec92ac5beaa6e60fde1fcc5) C:\WINDOWS\system32\drivers\ativtutw.sys
2011/09/23 02:09:45.0046 3044 ATIVXSTW (9349d2664e1da61f04a022011d8834d7) C:\WINDOWS\system32\drivers\ativxstw.sys
2011/09/23 02:09:45.0125 3044 atksgt (e46d344412d1abc60c58e95c73bcdc70) C:\WINDOWS\system32\DRIVERS\atksgt.sys
2011/09/23 02:09:45.0140 3044 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/23 02:09:45.0156 3044 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/09/23 02:09:45.0312 3044 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/09/23 02:09:45.0406 3044 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2011/09/23 02:09:45.0406 3044 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/09/23 02:09:45.0437 3044 BANTExt (5d7be7b19e827125e016325334e58ff1) C:\WINDOWS\System32\Drivers\BANTExt.sys
2011/09/23 02:09:45.0484 3044 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/09/23 02:09:45.0562 3044 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/09/23 02:09:45.0593 3044 CCDECODE (fdc06e2ada8c468ebb161624e03976cf) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/09/23 02:09:45.0640 3044 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/09/23 02:09:45.0750 3044 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/09/23 02:09:45.0796 3044 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/23 02:09:45.0968 3044 cpuz133 (13a0d3f9d5f39adaca0a8d3bb327eb31) C:\WINDOWS\system32\drivers\cpuz133_x32.sys
2011/09/23 02:09:46.0000 3044 CT20XUT (134cdd242af1ae9961f065fba3508a7b) C:\WINDOWS\system32\drivers\CT20XUT.SYS
2011/09/23 02:09:46.0015 3044 CT20XUT.SYS (134cdd242af1ae9961f065fba3508a7b) C:\WINDOWS\System32\drivers\CT20XUT.SYS
2011/09/23 02:09:46.0046 3044 ctac32k (93439baf09ce3c6d4ce55da5b07d1b6a) C:\WINDOWS\system32\drivers\ctac32k.sys
2011/09/23 02:09:46.0156 3044 ctaud2k (6ab74512f09d673452d63ddec9014db5) C:\WINDOWS\system32\drivers\ctaud2k.sys
2011/09/23 02:09:46.0203 3044 ctdvda2k (788db5d99b2ca44ff61d8ed7b3c67c2e) C:\WINDOWS\system32\drivers\ctdvda2k.sys
2011/09/23 02:09:46.0250 3044 CTEXFIFX (3a9ad039d94be8d955ad0b2cb207378d) C:\WINDOWS\system32\drivers\CTEXFIFX.SYS
2011/09/23 02:09:46.0343 3044 CTEXFIFX.SYS (3a9ad039d94be8d955ad0b2cb207378d) C:\WINDOWS\System32\drivers\CTEXFIFX.SYS
2011/09/23 02:09:46.0375 3044 CTHWIUT (4602ad8c8e1b285e1a23a957f487da86) C:\WINDOWS\system32\drivers\CTHWIUT.SYS
2011/09/23 02:09:46.0390 3044 CTHWIUT.SYS (4602ad8c8e1b285e1a23a957f487da86) C:\WINDOWS\System32\drivers\CTHWIUT.SYS
2011/09/23 02:09:46.0421 3044 ctprxy2k (d42b84671f2193330215d3c375a2e948) C:\WINDOWS\system32\drivers\ctprxy2k.sys
2011/09/23 02:09:46.0453 3044 ctsfm2k (974cfcbe3206367bec1d527d9dade998) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
2011/09/23 02:09:46.0515 3044 DefragFS (4bb22f61e7257ed353a39130b3ed2461) C:\WINDOWS\system32\drivers\DefragFS.sys
2011/09/23 02:09:46.0656 3044 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/09/23 02:09:46.0718 3044 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
2011/09/23 02:09:46.0734 3044 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
2011/09/23 02:09:46.0750 3044 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/09/23 02:09:46.0843 3044 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2011/09/23 02:09:46.0875 3044 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/09/23 02:09:46.0906 3044 ElbyCDIO (027319ab8628d3ae07ff3b5a40fab62f) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
2011/09/23 02:09:46.0937 3044 ElbyDelay (e205c313417da6fa7afe85912a310a65) C:\WINDOWS\system32\Drivers\ElbyDelay.sys
2011/09/23 02:09:47.0031 3044 emupia (04afe5c11777e33178ec11e1fac47b07) C:\WINDOWS\system32\drivers\emupia2k.sys
2011/09/23 02:09:47.0046 3044 ENTECH (16ebd8bf1d5090923694cc972c7ce1b4) C:\WINDOWS\system32\DRIVERS\ENTECH.sys
2011/09/23 02:09:47.0078 3044 ezplay (73e701e0fa4d2fc7d22efceff276c50a) C:\WINDOWS\system32\Drivers\ezplay.sys
2011/09/23 02:09:47.0187 3044 Fastfat (144ca88c1bfdb5ed724138d9c08d44c3) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/09/23 02:09:47.0203 3044 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys
2011/09/23 02:09:47.0234 3044 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
2011/09/23 02:09:47.0343 3044 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/09/23 02:09:47.0390 3044 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/09/23 02:09:47.0437 3044 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/09/23 02:09:47.0515 3044 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/09/23 02:09:47.0546 3044 gameenum (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2011/09/23 02:09:47.0609 3044 GamingMsFltr (be982808337d92000705c23e192e45bf) C:\WINDOWS\system32\drivers\gamingms.sys
2011/09/23 02:09:47.0656 3044 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/09/23 02:09:47.0734 3044 ha20x2k (41fce1833d8f659acc56cb0ee43b2ced) C:\WINDOWS\system32\drivers\ha20x2k.sys
2011/09/23 02:09:47.0843 3044 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/09/23 02:09:47.0890 3044 hidusb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/09/23 02:09:47.0937 3044 HTTP (3247a2db333d1521680e6864a8295a47) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/09/23 02:09:48.0031 3044 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/09/23 02:09:48.0078 3044 Imapi (ad5e8a6c823f24882a6826d7dbccf4a3) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/09/23 02:09:48.0140 3044 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/09/23 02:09:48.0218 3044 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/09/23 02:09:48.0234 3044 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/09/23 02:09:48.0265 3044 IpNat (d58ecd3b3969a670e68588f1640920b6) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/09/23 02:09:48.0312 3044 IPSec (b51fc69a1ff9a591fc0122d7e5895d66) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/09/23 02:09:48.0343 3044 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/09/23 02:09:48.0468 3044 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/09/23 02:09:48.0546 3044 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/09/23 02:09:48.0593 3044 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/09/23 02:09:48.0687 3044 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
2011/09/23 02:09:48.0781 3044 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/09/23 02:09:48.0828 3044 LHidFilt (24e0ddb99aeccf86bb37702611761459) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
2011/09/23 02:09:48.0921 3044 lirsgt (8ccf9ed46d52af1375875f74a91ffacf) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
2011/09/23 02:09:48.0953 3044 LMouFilt (d58b330d318361a66a9fe60d7c9b4951) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
2011/09/23 02:09:48.0984 3044 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\WINDOWS\system32\DRIVERS\mcdbus.sys
2011/09/23 02:09:49.0078 3044 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/09/23 02:09:49.0093 3044 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
2011/09/23 02:09:49.0125 3044 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
2011/09/23 02:09:49.0156 3044 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/09/23 02:09:49.0218 3044 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/09/23 02:09:49.0265 3044 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/09/23 02:09:49.0312 3044 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/09/23 02:09:49.0375 3044 MRxSmb (4ae1dd77357f08b33854ab93b98a1371) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/23 02:09:49.0390 3044 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2011/09/23 02:09:49.0421 3044 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/09/23 02:09:49.0500 3044 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/09/23 02:09:49.0515 3044 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/09/23 02:09:49.0546 3044 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/09/23 02:09:49.0578 3044 MSTEE (d5059366b361f0e1124753447af08aa2) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/09/23 02:09:49.0656 3044 Mtlmnt5 (8cc4ab0f1fdb5fc7f58779dab0b1d22e) C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlmnt5.sys
2011/09/23 02:09:49.0718 3044 Mtlstrm (195c5a0b44240dbb999f267ecfd3fab2) C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlstrm.sys
2011/09/23 02:09:49.0843 3044 Mup (79a9c030299e8cc04f18d0765155d902) C:\WINDOWS\system32\drivers\Mup.sys
2011/09/23 02:09:49.0875 3044 NABTSFEC (ac31b352ce5e92704056d409834beb74) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/09/23 02:09:49.0937 3044 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2011/09/23 02:09:49.0968 3044 NdisIP (abd7629cf2796250f315c1dd0b6cf7a0) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/09/23 02:09:50.0046 3044 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/09/23 02:09:50.0062 3044 Ndisuio (eefa1ce63805d2145978621be5c6d955) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/09/23 02:09:50.0078 3044 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/09/23 02:09:50.0109 3044 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/09/23 02:09:50.0203 3044 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/09/23 02:09:50.0234 3044 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/09/23 02:09:50.0265 3044 nm (60cf8c7192b3614f240838ddbaa4a245) C:\WINDOWS\system32\DRIVERS\NMnt.sys
2011/09/23 02:09:50.0296 3044 NPF (d21fee8db254ba762656878168ac1db6) C:\WINDOWS\system32\drivers\npf.sys
2011/09/23 02:09:50.0375 3044 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2011/09/23 02:09:50.0453 3044 NPUSB (1200c4321c982aeefa60326e89d15fd8) C:\WINDOWS\system32\DRIVERS\npusb.sys
2011/09/23 02:09:50.0500 3044 npusbio (0a01056f5128d80f6e6826e32ba52177) C:\WINDOWS\system32\Drivers\npusbio.sys
2011/09/23 02:09:50.0562 3044 Ntfs (04e2d8d0de4c76cee33b7a7a0bcaf8c5) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/09/23 02:09:50.0656 3044 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/09/23 02:09:50.0718 3044 nusb3hub (9a3879b890f395ef8007a69543b56e8d) C:\WINDOWS\system32\DRIVERS\nusb3hub.sys
2011/09/23 02:09:50.0750 3044 nusb3xhc (61c3a3c6b35f596831358d954d20712f) C:\WINDOWS\system32\DRIVERS\nusb3xhc.sys
2011/09/23 02:09:51.0031 3044 nv (8b2c874897ea498da012284e12f9db2b) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/09/23 02:09:51.0359 3044 nvoclock (96c5900331bd17344f338d006888bae5) C:\WINDOWS\system32\DRIVERS\nvoclock.sys
2011/09/23 02:09:51.0406 3044 NVR0FLASHDev (d429e370a8581b80a3eaadfd88ce867b) C:\WINDOWS\nvflash.sys
2011/09/23 02:09:51.0453 3044 nvsmu (c44ee36dd84fa95eb81d79c374756003) C:\WINDOWS\system32\DRIVERS\nvsmu.sys
2011/09/23 02:09:51.0562 3044 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/09/23 02:09:51.0609 3044 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/09/23 02:09:51.0656 3044 ossrv (11b3328d84ed6c11baf4f4f115459ab6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
2011/09/23 02:09:51.0812 3044 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/09/23 02:09:51.0875 3044 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/09/23 02:09:51.0921 3044 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/09/23 02:09:52.0015 3044 PCI (de1d9a5d50166a6d8a51daa936fc56a4) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/09/23 02:09:52.0078 3044 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/09/23 02:09:52.0125 3044 Pcmcia (36458ab24389af198194f73b9c6db8fe) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/09/23 02:09:52.0250 3044 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
2011/09/23 02:09:52.0343 3044 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/09/23 02:09:52.0375 3044 Processor (9e372a156f92425a1904b84589093a37) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/09/23 02:09:52.0406 3044 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/09/23 02:09:52.0484 3044 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/09/23 02:09:52.0531 3044 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/09/23 02:09:52.0593 3044 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/09/23 02:09:52.0625 3044 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/09/23 02:09:52.0656 3044 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/09/23 02:09:52.0750 3044 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/09/23 02:09:52.0781 3044 Rdbss (d0fef8156d2d2fec557c100956d76887) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/09/23 02:09:52.0828 3044 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/09/23 02:09:52.0859 3044 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/09/23 02:09:52.0906 3044 RDPWD (047bea21274c8a4a233674a76c958c2c) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/09/23 02:09:53.0031 3044 RecAgent (5df1543b5258af20deddbb32808470c5) C:\WINDOWS\system32\DRIVERS\SLDRV\RecAgent.sys
2011/09/23 02:09:53.0062 3044 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/09/23 02:09:53.0109 3044 Revoflt (8b5b8a11306190c6963d3473f052d3c8) C:\WINDOWS\system32\DRIVERS\revoflt.sys
2011/09/23 02:09:53.0171 3044 RTLE8023xp (6fc7ddf3b8d94fba7ac664452d6478d4) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/09/23 02:09:53.0265 3044 SbieDrv (8767091e7b57c686b3f97754c30949be) C:\Program Files\Sandboxie\SbieDrv.sys
2011/09/23 02:09:53.0375 3044 sbpci (51e16b053ee28fd309beac5722bcc735) C:\WINDOWS\system32\drivers\sbpci.sys
2011/09/23 02:09:53.0406 3044 SCDEmu (c23dbd9bfba8b1170706e0896b3cf7da) C:\WINDOWS\system32\drivers\SCDEmu.sys
2011/09/23 02:09:53.0453 3044 Secdrv (07f7f501ad50de2ba2d5842d9b6d6155) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/09/23 02:09:53.0562 3044 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/09/23 02:09:53.0578 3044 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/09/23 02:09:53.0625 3044 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/09/23 02:09:53.0687 3044 SLIP (1ffc44d6787ec1ea9a2b1440a90fa5c1) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/09/23 02:09:53.0796 3044 Slntamr (e61f4a8551ed6d42245ec5c4a29c120b) C:\WINDOWS\system32\DRIVERS\SLDRV\slntamr.sys
2011/09/23 02:09:53.0812 3044 SlNtHal (7f5f9b53bea4238aa18ba05382ec7629) C:\WINDOWS\system32\DRIVERS\SLDRV\Slnthal.sys
2011/09/23 02:09:53.0859 3044 SlWdmSup (58f389daea07a855f7f38dd0d66e20c2) C:\WINDOWS\system32\DRIVERS\SLDRV\SlWdmSup.sys
2011/09/23 02:09:53.0984 3044 snapman (bcc773872041aa59bc9a6cf770fb32e2) C:\WINDOWS\system32\DRIVERS\snapman.sys
2011/09/23 02:09:54.0046 3044 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
2011/09/23 02:09:54.0125 3044 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys
2011/09/23 02:09:54.0125 3044 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
2011/09/23 02:09:54.0125 3044 sptd - detected LockedFile.Multi.Generic (1)
2011/09/23 02:09:54.0234 3044 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/09/23 02:09:54.0281 3044 Srv (54e79b08d0abc9c551d0fe69cc2f87ec) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/09/23 02:09:54.0328 3044 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2011/09/23 02:09:54.0375 3044 streamip (a9f9fd0212e572b84edb9eb661f6bc04) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/09/23 02:09:54.0437 3044 SVKP (f05028b163b92c302a74409d683ac9b0) C:\WINDOWS\system32\SVKP.sys
2011/09/23 02:09:54.0515 3044 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/09/23 02:09:54.0578 3044 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2011/09/23 02:09:54.0625 3044 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/09/23 02:09:54.0687 3044 Tcpip (2a4818aea80acd2c95d7d92d2f3155f8) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/09/23 02:09:54.0734 3044 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/09/23 02:09:54.0812 3044 tdrpman (eb53ec341458256deae2ad58822c4a17) C:\WINDOWS\system32\DRIVERS\tdrpman.sys
2011/09/23 02:09:54.0875 3044 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/09/23 02:09:54.0906 3044 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/09/23 02:09:54.0921 3044 tifsfilter (b0b3122bff3910e0ba97014045467778) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
2011/09/23 02:09:54.0953 3044 timounter (13bfe330880ac0ce8672d00aa5aff738) C:\WINDOWS\system32\DRIVERS\timntr.sys
2011/09/23 02:09:55.0093 3044 Udfs (5468714efdcc70e24981e5874b5a6ce5) C:\WINDOWS\system32\drivers\Udfs.sys
2011/09/23 02:09:55.0203 3044 Update (a4815a4884898f355a3513e60843a4fd) C:\WINDOWS\system32\DRIVERS\update.sys
2011/09/23 02:09:55.0296 3044 usbccgp (dd0b8c7b96107cbf8f70201a6ef7156e) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/09/23 02:09:55.0359 3044 usbehci (085328b088e4d2bdb359c4952b2489d4) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/09/23 02:09:55.0437 3044 usbfilter (e5b14557793164db879ee56f5b59c3e2) C:\WINDOWS\system32\DRIVERS\usbfilter.sys
2011/09/23 02:09:55.0500 3044 usbhub (d31e07bf822c7f2bd32714e9ddca8be2) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/09/23 02:09:55.0562 3044 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/09/23 02:09:55.0593 3044 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/09/23 02:09:55.0671 3044 USBSTOR (d31343bc16e50ad3b639e7d8d2639816) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/09/23 02:09:55.0703 3044 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2011/09/23 02:09:55.0781 3044 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/09/23 02:09:55.0828 3044 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/09/23 02:09:55.0921 3044 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2011/09/23 02:09:56.0046 3044 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/09/23 02:09:56.0078 3044 WmiAcpi (ae2c8544e747c20062db27456ea2d67a) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/09/23 02:09:56.0140 3044 WSTCODEC (233cdd1c06942115802eb7ce6669e099) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/09/23 02:09:56.0218 3044 yukonwxp (577f39e3b9a1c66b27e04e06669ca1fe) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
2011/09/23 02:09:56.0250 3044 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/09/23 02:09:56.0515 3044 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
2011/09/23 02:09:56.0578 3044 Boot (0x1200) (1bb7bc385056e03969ea57ac49714e87) \Device\Harddisk0\DR0\Partition0
2011/09/23 02:09:56.0593 3044 Boot (0x1200) (6ab975682517d5a381d1266ea043071a) \Device\Harddisk1\DR1\Partition0
2011/09/23 02:09:56.0593 3044 ================================================================================
2011/09/23 02:09:56.0593 3044 Scan finished
2011/09/23 02:09:56.0593 3044 ================================================================================
2011/09/23 02:09:56.0593 2660 Detected object count: 2
2011/09/23 02:09:56.0593 2660 Actual detected object count: 2
2011/09/23 02:10:15.0359 2660 HiddenFile.Multi.Generic(891acd00) - User select action: Skip
2011/09/23 02:10:15.0359 2660 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/09/23 02:10:31.0828 1988 ================================================================================
2011/09/23 02:10:31.0828 1988 Scan started
2011/09/23 02:10:31.0828 1988 Mode: Manual;
2011/09/23 02:10:31.0828 1988 ================================================================================
2011/09/23 02:10:32.0265 1988 891acd00 (8f2bb1827cac01aee6a16e30a1260199) C:\WINDOWS\13441673:1994732287.exe
2011/09/23 02:10:32.0265 1988 Suspicious file (Hidden): C:\WINDOWS\13441673:1994732287.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
2011/09/23 02:10:32.0265 1988 891acd00 - detected HiddenFile.Multi.Generic (1)
2011/09/23 02:10:32.0406 1988 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/23 02:10:32.0453 1988 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/09/23 02:10:32.0593 1988 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
2011/09/23 02:10:32.0640 1988 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys
2011/09/23 02:10:32.0875 1988 AmdK8 (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/09/23 02:10:32.0890 1988 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
2011/09/23 02:10:32.0921 1988 AnyDVD (7a7a9f83fa3572448111886e34ca8565) C:\WINDOWS\system32\Drivers\AnyDVD.sys
2011/09/23 02:10:32.0953 1988 APLMp50 (a9a22d7bad607cf7f698e32fb2983d2d) C:\WINDOWS\system32\Drivers\APLMp50.sys
2011/09/23 02:10:33.0078 1988 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/23 02:10:33.0109 1988 atapi (c4b52426b79c6f6664b70b8e63b1b837) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/23 02:10:33.0171 1988 ATIBTCAP (6e7a9ad5133f63c0e6c05f1791eba600) C:\WINDOWS\system32\drivers\atibtcap.sys
2011/09/23 02:10:33.0234 1988 ATIBTXBAR (1a9435b7b685e1f55160f99224fa5ba2) C:\WINDOWS\system32\drivers\atibtxbr.sys
2011/09/23 02:10:33.0281 1988 ATIVTUTW (c9162756bec92ac5beaa6e60fde1fcc5) C:\WINDOWS\system32\drivers\ativtutw.sys
2011/09/23 02:10:33.0296 1988 ATIVXSTW (9349d2664e1da61f04a022011d8834d7) C:\WINDOWS\system32\drivers\ativxstw.sys
2011/09/23 02:10:33.0312 1988 atksgt (e46d344412d1abc60c58e95c73bcdc70) C:\WINDOWS\system32\DRIVERS\atksgt.sys
2011/09/23 02:10:33.0406 1988 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/23 02:10:33.0453 1988 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/09/23 02:10:33.0593 1988 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/09/23 02:10:33.0656 1988 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2011/09/23 02:10:33.0671 1988 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/09/23 02:10:33.0734 1988 BANTExt (5d7be7b19e827125e016325334e58ff1) C:\WINDOWS\System32\Drivers\BANTExt.sys
2011/09/23 02:10:33.0781 1988 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/09/23 02:10:33.0843 1988 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/09/23 02:10:33.0921 1988 CCDECODE (fdc06e2ada8c468ebb161624e03976cf) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/09/23 02:10:33.0984 1988 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/09/23 02:10:34.0078 1988 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/09/23 02:10:34.0171 1988 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/23 02:10:34.0375 1988 cpuz133 (13a0d3f9d5f39adaca0a8d3bb327eb31) C:\WINDOWS\system32\drivers\cpuz133_x32.sys
2011/09/23 02:10:34.0421 1988 CT20XUT (134cdd242af1ae9961f065fba3508a7b) C:\WINDOWS\system32\drivers\CT20XUT.SYS
2011/09/23 02:10:34.0421 1988 CT20XUT.SYS (134cdd242af1ae9961f065fba3508a7b) C:\WINDOWS\System32\drivers\CT20XUT.SYS
2011/09/23 02:10:34.0453 1988 ctac32k (93439baf09ce3c6d4ce55da5b07d1b6a) C:\WINDOWS\system32\drivers\ctac32k.sys
2011/09/23 02:10:34.0562 1988 ctaud2k (6ab74512f09d673452d63ddec9014db5) C:\WINDOWS\system32\drivers\ctaud2k.sys
2011/09/23 02:10:34.0625 1988 ctdvda2k (788db5d99b2ca44ff61d8ed7b3c67c2e) C:\WINDOWS\system32\drivers\ctdvda2k.sys
2011/09/23 02:10:34.0671 1988 CTEXFIFX (3a9ad039d94be8d955ad0b2cb207378d) C:\WINDOWS\system32\drivers\CTEXFIFX.SYS
2011/09/23 02:10:34.0765 1988 CTEXFIFX.SYS (3a9ad039d94be8d955ad0b2cb207378d) C:\WINDOWS\System32\drivers\CTEXFIFX.SYS
2011/09/23 02:10:34.0796 1988 CTHWIUT (4602ad8c8e1b285e1a23a957f487da86) C:\WINDOWS\system32\drivers\CTHWIUT.SYS
2011/09/23 02:10:34.0812 1988 CTHWIUT.SYS (4602ad8c8e1b285e1a23a957f487da86) C:\WINDOWS\System32\drivers\CTHWIUT.SYS
2011/09/23 02:10:34.0828 1988 ctprxy2k (d42b84671f2193330215d3c375a2e948) C:\WINDOWS\system32\drivers\ctprxy2k.sys
2011/09/23 02:10:34.0843 1988 ctsfm2k (974cfcbe3206367bec1d527d9dade998) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
2011/09/23 02:10:34.0921 1988 DefragFS (4bb22f61e7257ed353a39130b3ed2461) C:\WINDOWS\system32\drivers\DefragFS.sys
2011/09/23 02:10:35.0031 1988 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/09/23 02:10:35.0093 1988 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
2011/09/23 02:10:35.0203 1988 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
2011/09/23 02:10:35.0234 1988 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/09/23 02:10:35.0265 1988 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2011/09/23 02:10:35.0375 1988 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/09/23 02:10:35.0406 1988 ElbyCDIO (027319ab8628d3ae07ff3b5a40fab62f) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
2011/09/23 02:10:35.0468 1988 ElbyDelay (e205c313417da6fa7afe85912a310a65) C:\WINDOWS\system32\Drivers\ElbyDelay.sys
2011/09/23 02:10:35.0562 1988 emupia (04afe5c11777e33178ec11e1fac47b07) C:\WINDOWS\system32\drivers\emupia2k.sys
2011/09/23 02:10:35.0593 1988 ENTECH (16ebd8bf1d5090923694cc972c7ce1b4) C:\WINDOWS\system32\DRIVERS\ENTECH.sys
2011/09/23 02:10:35.0640 1988 ezplay (73e701e0fa4d2fc7d22efceff276c50a) C:\WINDOWS\system32\Drivers\ezplay.sys
2011/09/23 02:10:35.0734 1988 Fastfat (144ca88c1bfdb5ed724138d9c08d44c3) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/09/23 02:10:35.0765 1988 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys
2011/09/23 02:10:35.0781 1988 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
2011/09/23 02:10:35.0875 1988 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/09/23 02:10:35.0921 1988 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/09/23 02:10:35.0953 1988 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/09/23 02:10:36.0031 1988 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/09/23 02:10:36.0062 1988 gameenum (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2011/09/23 02:10:36.0093 1988 GamingMsFltr (be982808337d92000705c23e192e45bf) C:\WINDOWS\system32\drivers\gamingms.sys
2011/09/23 02:10:36.0109 1988 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/09/23 02:10:36.0234 1988 ha20x2k (41fce1833d8f659acc56cb0ee43b2ced) C:\WINDOWS\system32\drivers\ha20x2k.sys
2011/09/23 02:10:36.0359 1988 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/09/23 02:10:36.0406 1988 hidusb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/09/23 02:10:36.0437 1988 HTTP (3247a2db333d1521680e6864a8295a47) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/09/23 02:10:36.0593 1988 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/09/23 02:10:36.0656 1988 Imapi (ad5e8a6c823f24882a6826d7dbccf4a3) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/09/23 02:10:36.0703 1988 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/09/23 02:10:36.0812 1988 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/09/23 02:10:36.0812 1988 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/09/23 02:10:36.0843 1988 IpNat (d58ecd3b3969a670e68588f1640920b6) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/09/23 02:10:36.0890 1988 IPSec (b51fc69a1ff9a591fc0122d7e5895d66) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/09/23 02:10:36.0968 1988 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/09/23 02:10:37.0015 1988 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/09/23 02:10:37.0046 1988 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/09/23 02:10:37.0078 1988 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/09/23 02:10:37.0187 1988 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
2011/09/23 02:10:37.0250 1988 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/09/23 02:10:37.0296 1988 LHidFilt (24e0ddb99aeccf86bb37702611761459) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
2011/09/23 02:10:37.0437 1988 lirsgt (8ccf9ed46d52af1375875f74a91ffacf) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
2011/09/23 02:10:37.0468 1988 LMouFilt (d58b330d318361a66a9fe60d7c9b4951) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
2011/09/23 02:10:37.0515 1988 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\WINDOWS\system32\DRIVERS\mcdbus.sys
2011/09/23 02:10:37.0640 1988 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/09/23 02:10:37.0656 1988 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
2011/09/23 02:10:37.0687 1988 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
2011/09/23 02:10:37.0765 1988 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/09/23 02:10:37.0781 1988 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/09/23 02:10:37.0828 1988 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/09/23 02:10:37.0843 1988 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/09/23 02:10:37.0968 1988 MRxSmb (4ae1dd77357f08b33854ab93b98a1371) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/23 02:10:38.0062 1988 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2011/09/23 02:10:38.0093 1988 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/09/23 02:10:38.0109 1988 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/09/23 02:10:38.0125 1988 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/09/23 02:10:38.0218 1988 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/09/23 02:10:38.0250 1988 MSTEE (d5059366b361f0e1124753447af08aa2) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/09/23 02:10:38.0281 1988 Mtlmnt5 (8cc4ab0f1fdb5fc7f58779dab0b1d22e) C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlmnt5.sys
2011/09/23 02:10:38.0390 1988 Mtlstrm (195c5a0b44240dbb999f267ecfd3fab2) C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlstrm.sys
2011/09/23 02:10:38.0468 1988 Mup (79a9c030299e8cc04f18d0765155d902) C:\WINDOWS\system32\drivers\Mup.sys
2011/09/23 02:10:38.0578 1988 NABTSFEC (ac31b352ce5e92704056d409834beb74) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/09/23 02:10:38.0625 1988 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2011/09/23 02:10:38.0640 1988 NdisIP (abd7629cf2796250f315c1dd0b6cf7a0) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/09/23 02:10:38.0703 1988 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/09/23 02:10:38.0781 1988 Ndisuio (eefa1ce63805d2145978621be5c6d955) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/09/23 02:10:38.0828 1988 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/09/23 02:10:38.0875 1988 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/09/23 02:10:38.0921 1988 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/09/23 02:10:39.0031 1988 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/09/23 02:10:39.0062 1988 nm (60cf8c7192b3614f240838ddbaa4a245) C:\WINDOWS\system32\DRIVERS\NMnt.sys
2011/09/23 02:10:39.0125 1988 NPF (d21fee8db254ba762656878168ac1db6) C:\WINDOWS\system32\drivers\npf.sys
2011/09/23 02:10:39.0234 1988 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2011/09/23 02:10:39.0281 1988 NPUSB (1200c4321c982aeefa60326e89d15fd8) C:\WINDOWS\system32\DRIVERS\npusb.sys
2011/09/23 02:10:39.0343 1988 npusbio (0a01056f5128d80f6e6826e32ba52177) C:\WINDOWS\system32\Drivers\npusbio.sys
2011/09/23 02:10:39.0468 1988 Ntfs (04e2d8d0de4c76cee33b7a7a0bcaf8c5) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/09/23 02:10:39.0531 1988 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/09/23 02:10:39.0640 1988 nusb3hub (9a3879b890f395ef8007a69543b56e8d) C:\WINDOWS\system32\DRIVERS\nusb3hub.sys
2011/09/23 02:10:39.0671 1988 nusb3xhc (61c3a3c6b35f596831358d954d20712f) C:\WINDOWS\system32\DRIVERS\nusb3xhc.sys
2011/09/23 02:10:39.0921 1988 nv (8b2c874897ea498da012284e12f9db2b) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/09/23 02:10:40.0125 1988 nvoclock (96c5900331bd17344f338d006888bae5) C:\WINDOWS\system32\DRIVERS\nvoclock.sys
2011/09/23 02:10:40.0156 1988 NVR0FLASHDev (d429e370a8581b80a3eaadfd88ce867b) C:\WINDOWS\nvflash.sys
2011/09/23 02:10:40.0203 1988 nvsmu (c44ee36dd84fa95eb81d79c374756003) C:\WINDOWS\system32\DRIVERS\nvsmu.sys
2011/09/23 02:10:40.0250 1988 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/09/23 02:10:40.0343 1988 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/09/23 02:10:40.0390 1988 ossrv (11b3328d84ed6c11baf4f4f115459ab6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
2011/09/23 02:10:40.0453 1988 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/09/23 02:10:40.0562 1988 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/09/23 02:10:40.0609 1988 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/09/23 02:10:40.0640 1988 PCI (de1d9a5d50166a6d8a51daa936fc56a4) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/09/23 02:10:40.0687 1988 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/09/23 02:10:40.0781 1988 Pcmcia (36458ab24389af198194f73b9c6db8fe) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/09/23 02:10:40.0828 1988 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
2011/09/23 02:10:40.0921 1988 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/09/23 02:10:41.0015 1988 Processor (9e372a156f92425a1904b84589093a37) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/09/23 02:10:41.0046 1988 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/09/23 02:10:41.0093 1988 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/09/23 02:10:41.0171 1988 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/09/23 02:10:41.0328 1988 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/09/23 02:10:41.0375 1988 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/09/23 02:10:41.0406 1988 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/09/23 02:10:41.0453 1988 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/09/23 02:10:41.0546 1988 Rdbss (d0fef8156d2d2fec557c100956d76887) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/09/23 02:10:41.0593 1988 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/09/23 02:10:41.0640 1988 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/09/23 02:10:41.0687 1988 RDPWD (047bea21274c8a4a233674a76c958c2c) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/09/23 02:10:41.0781 1988 RecAgent (5df1543b5258af20deddbb32808470c5) C:\WINDOWS\system32\DRIVERS\SLDRV\RecAgent.sys
2011/09/23 02:10:41.0828 1988 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/09/23 02:10:41.0875 1988 Revoflt (8b5b8a11306190c6963d3473f052d3c8) C:\WINDOWS\system32\DRIVERS\revoflt.sys
2011/09/23 02:10:41.0921 1988 RTLE8023xp (6fc7ddf3b8d94fba7ac664452d6478d4) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/09/23 02:10:42.0015 1988 SbieDrv (8767091e7b57c686b3f97754c30949be) C:\Program Files\Sandboxie\SbieDrv.sys
2011/09/23 02:10:42.0125 1988 sbpci (51e16b053ee28fd309beac5722bcc735) C:\WINDOWS\system32\drivers\sbpci.sys
2011/09/23 02:10:42.0156 1988 SCDEmu (c23dbd9bfba8b1170706e0896b3cf7da) C:\WINDOWS\system32\drivers\SCDEmu.sys
2011/09/23 02:10:42.0218 1988 Secdrv (07f7f501ad50de2ba2d5842d9b6d6155) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/09/23 02:10:42.0343 1988 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/09/23 02:10:42.0375 1988 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/09/23 02:10:42.0406 1988 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/09/23 02:10:42.0546 1988 SLIP (1ffc44d6787ec1ea9a2b1440a90fa5c1) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/09/23 02:10:42.0609 1988 Slntamr (e61f4a8551ed6d42245ec5c4a29c120b) C:\WINDOWS\system32\DRIVERS\SLDRV\slntamr.sys
2011/09/23 02:10:42.0718 1988 SlNtHal (7f5f9b53bea4238aa18ba05382ec7629) C:\WINDOWS\system32\DRIVERS\SLDRV\Slnthal.sys
2011/09/23 02:10:42.0750 1988 SlWdmSup (58f389daea07a855f7f38dd0d66e20c2) C:\WINDOWS\system32\DRIVERS\SLDRV\SlWdmSup.sys
2011/09/23 02:10:42.0812 1988 snapman (bcc773872041aa59bc9a6cf770fb32e2) C:\WINDOWS\system32\DRIVERS\snapman.sys
2011/09/23 02:10:42.0875 1988 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
2011/09/23 02:10:43.0000 1988 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys
2011/09/23 02:10:43.0000 1988 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
2011/09/23 02:10:43.0000 1988 sptd - detected LockedFile.Multi.Generic (1)
2011/09/23 02:10:43.0046 1988 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/09/23 02:10:43.0093 1988 Srv (54e79b08d0abc9c551d0fe69cc2f87ec) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/09/23 02:10:43.0218 1988 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2011/09/23 02:10:43.0250 1988 streamip (a9f9fd0212e572b84edb9eb661f6bc04) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/09/23 02:10:43.0296 1988 SVKP (f05028b163b92c302a74409d683ac9b0) C:\WINDOWS\system32\SVKP.sys
2011/09/23 02:10:43.0390 1988 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/09/23 02:10:43.0421 1988 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2011/09/23 02:10:43.0500 1988 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/09/23 02:10:43.0640 1988 Tcpip (2a4818aea80acd2c95d7d92d2f3155f8) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/09/23 02:10:43.0687 1988 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/09/23 02:10:43.0781 1988 tdrpman (eb53ec341458256deae2ad58822c4a17) C:\WINDOWS\system32\DRIVERS\tdrpman.sys
2011/09/23 02:10:43.0875 1988 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/09/23 02:10:43.0953 1988 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/09/23 02:10:44.0031 1988 tifsfilter (b0b3122bff3910e0ba97014045467778) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
2011/09/23 02:10:44.0156 1988 timounter (13bfe330880ac0ce8672d00aa5aff738) C:\WINDOWS\system32\DRIVERS\timntr.sys
2011/09/23 02:10:44.0218 1988 Udfs (5468714efdcc70e24981e5874b5a6ce5) C:\WINDOWS\system32\drivers\Udfs.sys
2011/09/23 02:10:44.0281 1988 Update (a4815a4884898f355a3513e60843a4fd) C:\WINDOWS\system32\DRIVERS\update.sys
2011/09/23 02:10:44.0375 1988 usbccgp (dd0b8c7b96107cbf8f70201a6ef7156e) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/09/23 02:10:44.0421 1988 usbehci (085328b088e4d2bdb359c4952b2489d4) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/09/23 02:10:44.0484 1988 usbfilter (e5b14557793164db879ee56f5b59c3e2) C:\WINDOWS\system32\DRIVERS\usbfilter.sys
2011/09/23 02:10:44.0593 1988 usbhub (d31e07bf822c7f2bd32714e9ddca8be2) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/09/23 02:10:44.0640 1988 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/09/23 02:10:44.0703 1988 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/09/23 02:10:44.0796 1988 USBSTOR (d31343bc16e50ad3b639e7d8d2639816) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/09/23 02:10:44.0812 1988 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2011/09/23 02:10:44.0859 1988 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/09/23 02:10:44.0890 1988 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/09/23 02:10:45.0000 1988 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2011/09/23 02:10:45.0031 1988 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/09/23 02:10:45.0062 1988 WmiAcpi (ae2c8544e747c20062db27456ea2d67a) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/09/23 02:10:45.0171 1988 WSTCODEC (233cdd1c06942115802eb7ce6669e099) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/09/23 02:10:45.0218 1988 yukonwxp (577f39e3b9a1c66b27e04e06669ca1fe) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
2011/09/23 02:10:45.0265 1988 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/09/23 02:10:45.0515 1988 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
2011/09/23 02:10:45.0593 1988 Boot (0x1200) (1bb7bc385056e03969ea57ac49714e87) \Device\Harddisk0\DR0\Partition0
2011/09/23 02:10:45.0609 1988 Boot (0x1200) (6ab975682517d5a381d1266ea043071a) \Device\Harddisk1\DR1\Partition0
2011/09/23 02:10:45.0609 1988 ================================================================================
2011/09/23 02:10:45.0609 1988 Scan finished
2011/09/23 02:10:45.0609 1988 ================================================================================
2011/09/23 02:10:45.0609 2328 Detected object count: 2
2011/09/23 02:10:45.0609 2328 Actual detected object count: 2
2011/09/23 02:12:00.0890 2328 HiddenFile.Multi.Generic(891acd00) - User select action: Skip
2011/09/23 02:12:00.0890 2328 LockedFile.Multi.Generic(sptd) - User select action: Skip

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:49 AM

Posted 22 September 2011 - 08:32 PM

Re-run the tool and when you got to this file:
891acd00 (8f2bb1827cac01aee6a16e30a1260199) C:\WINDOWS\13441673:1994732287.exe
instead of skipping it delete it.
Post new log.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 nonaste

nonaste
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 22 September 2011 - 08:59 PM

2011/09/23 02:53:46.0156 0636 TDSS rootkit removing tool 2.5.23.0 Sep 20 2011 08:53:10
2011/09/23 02:53:46.0515 0636 ================================================================================
2011/09/23 02:53:46.0515 0636 SystemInfo:
2011/09/23 02:53:46.0515 0636
2011/09/23 02:53:46.0515 0636 OS Version: 5.1.2600 ServicePack: 2.0
2011/09/23 02:53:46.0515 0636 Product type: Workstation
2011/09/23 02:53:46.0515 0636 ComputerName: RAY1
2011/09/23 02:53:46.0515 0636 UserName: Raymondo
2011/09/23 02:53:46.0515 0636 Windows directory: C:\WINDOWS
2011/09/23 02:53:46.0515 0636 System windows directory: C:\WINDOWS
2011/09/23 02:53:46.0515 0636 Processor architecture: Intel x86
2011/09/23 02:53:46.0515 0636 Number of processors: 2
2011/09/23 02:53:46.0515 0636 Page size: 0x1000
2011/09/23 02:53:46.0515 0636 Boot type: Normal boot
2011/09/23 02:53:46.0515 0636 ================================================================================
2011/09/23 02:53:53.0281 0636 Initialize success
2011/09/23 02:54:01.0437 2320 ================================================================================
2011/09/23 02:54:01.0437 2320 Scan started
2011/09/23 02:54:01.0437 2320 Mode: Manual;
2011/09/23 02:54:01.0437 2320 ================================================================================
2011/09/23 02:54:04.0921 2320 891acd00 (8f2bb1827cac01aee6a16e30a1260199) C:\WINDOWS\13441673:1994732287.exe
2011/09/23 02:54:04.0921 2320 Suspicious file (Hidden): C:\WINDOWS\13441673:1994732287.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
2011/09/23 02:54:04.0921 2320 891acd00 - detected HiddenFile.Multi.Generic (1)
2011/09/23 02:54:06.0250 2320 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/23 02:54:06.0843 2320 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/09/23 02:54:07.0343 2320 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
2011/09/23 02:54:07.0375 2320 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys
2011/09/23 02:54:07.0703 2320 AmdK8 (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/09/23 02:54:07.0765 2320 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
2011/09/23 02:54:08.0171 2320 AnyDVD (7a7a9f83fa3572448111886e34ca8565) C:\WINDOWS\system32\Drivers\AnyDVD.sys
2011/09/23 02:54:08.0390 2320 APLMp50 (a9a22d7bad607cf7f698e32fb2983d2d) C:\WINDOWS\system32\Drivers\APLMp50.sys
2011/09/23 02:54:08.0453 2320 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/23 02:54:08.0562 2320 atapi (c4b52426b79c6f6664b70b8e63b1b837) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/23 02:54:08.0625 2320 ATIBTCAP (6e7a9ad5133f63c0e6c05f1791eba600) C:\WINDOWS\system32\drivers\atibtcap.sys
2011/09/23 02:54:08.0640 2320 ATIBTXBAR (1a9435b7b685e1f55160f99224fa5ba2) C:\WINDOWS\system32\drivers\atibtxbr.sys
2011/09/23 02:54:08.0718 2320 ATIVTUTW (c9162756bec92ac5beaa6e60fde1fcc5) C:\WINDOWS\system32\drivers\ativtutw.sys
2011/09/23 02:54:08.0765 2320 ATIVXSTW (9349d2664e1da61f04a022011d8834d7) C:\WINDOWS\system32\drivers\ativxstw.sys
2011/09/23 02:54:08.0812 2320 atksgt (e46d344412d1abc60c58e95c73bcdc70) C:\WINDOWS\system32\DRIVERS\atksgt.sys
2011/09/23 02:54:08.0890 2320 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/23 02:54:08.0937 2320 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/09/23 02:54:09.0078 2320 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/09/23 02:54:09.0156 2320 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2011/09/23 02:54:09.0171 2320 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/09/23 02:54:09.0203 2320 BANTExt (5d7be7b19e827125e016325334e58ff1) C:\WINDOWS\System32\Drivers\BANTExt.sys
2011/09/23 02:54:09.0218 2320 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/09/23 02:54:09.0296 2320 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/09/23 02:54:09.0328 2320 CCDECODE (fdc06e2ada8c468ebb161624e03976cf) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/09/23 02:54:09.0359 2320 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/09/23 02:54:09.0468 2320 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/09/23 02:54:09.0515 2320 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/23 02:54:09.0703 2320 cpuz133 (13a0d3f9d5f39adaca0a8d3bb327eb31) C:\WINDOWS\system32\drivers\cpuz133_x32.sys
2011/09/23 02:54:09.0734 2320 CT20XUT (134cdd242af1ae9961f065fba3508a7b) C:\WINDOWS\system32\drivers\CT20XUT.SYS
2011/09/23 02:54:09.0750 2320 CT20XUT.SYS (134cdd242af1ae9961f065fba3508a7b) C:\WINDOWS\System32\drivers\CT20XUT.SYS
2011/09/23 02:54:09.0781 2320 ctac32k (93439baf09ce3c6d4ce55da5b07d1b6a) C:\WINDOWS\system32\drivers\ctac32k.sys
2011/09/23 02:54:09.0906 2320 ctaud2k (6ab74512f09d673452d63ddec9014db5) C:\WINDOWS\system32\drivers\ctaud2k.sys
2011/09/23 02:54:09.0953 2320 ctdvda2k (788db5d99b2ca44ff61d8ed7b3c67c2e) C:\WINDOWS\system32\drivers\ctdvda2k.sys
2011/09/23 02:54:10.0000 2320 CTEXFIFX (3a9ad039d94be8d955ad0b2cb207378d) C:\WINDOWS\system32\drivers\CTEXFIFX.SYS
2011/09/23 02:54:10.0093 2320 CTEXFIFX.SYS (3a9ad039d94be8d955ad0b2cb207378d) C:\WINDOWS\System32\drivers\CTEXFIFX.SYS
2011/09/23 02:54:10.0109 2320 CTHWIUT (4602ad8c8e1b285e1a23a957f487da86) C:\WINDOWS\system32\drivers\CTHWIUT.SYS
2011/09/23 02:54:10.0406 2320 CTHWIUT.SYS (4602ad8c8e1b285e1a23a957f487da86) C:\WINDOWS\System32\drivers\CTHWIUT.SYS
2011/09/23 02:54:10.0437 2320 ctprxy2k (d42b84671f2193330215d3c375a2e948) C:\WINDOWS\system32\drivers\ctprxy2k.sys
2011/09/23 02:54:10.0453 2320 ctsfm2k (974cfcbe3206367bec1d527d9dade998) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
2011/09/23 02:54:10.0515 2320 DefragFS (4bb22f61e7257ed353a39130b3ed2461) C:\WINDOWS\system32\drivers\DefragFS.sys
2011/09/23 02:54:10.0640 2320 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/09/23 02:54:10.0703 2320 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
2011/09/23 02:54:10.0828 2320 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
2011/09/23 02:54:10.0859 2320 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/09/23 02:54:10.0890 2320 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2011/09/23 02:54:10.0921 2320 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/09/23 02:54:11.0000 2320 ElbyCDIO (027319ab8628d3ae07ff3b5a40fab62f) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
2011/09/23 02:54:11.0031 2320 ElbyDelay (e205c313417da6fa7afe85912a310a65) C:\WINDOWS\system32\Drivers\ElbyDelay.sys
2011/09/23 02:54:11.0046 2320 emupia (04afe5c11777e33178ec11e1fac47b07) C:\WINDOWS\system32\drivers\emupia2k.sys
2011/09/23 02:54:11.0156 2320 ENTECH (16ebd8bf1d5090923694cc972c7ce1b4) C:\WINDOWS\system32\DRIVERS\ENTECH.sys
2011/09/23 02:54:11.0187 2320 ezplay (73e701e0fa4d2fc7d22efceff276c50a) C:\WINDOWS\system32\Drivers\ezplay.sys
2011/09/23 02:54:11.0296 2320 Fastfat (144ca88c1bfdb5ed724138d9c08d44c3) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/09/23 02:54:11.0312 2320 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys
2011/09/23 02:54:11.0343 2320 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
2011/09/23 02:54:11.0437 2320 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/09/23 02:54:11.0468 2320 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/09/23 02:54:11.0515 2320 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/09/23 02:54:11.0593 2320 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/09/23 02:54:11.0625 2320 gameenum (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2011/09/23 02:54:11.0640 2320 GamingMsFltr (be982808337d92000705c23e192e45bf) C:\WINDOWS\system32\drivers\gamingms.sys
2011/09/23 02:54:11.0671 2320 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/09/23 02:54:11.0796 2320 ha20x2k (41fce1833d8f659acc56cb0ee43b2ced) C:\WINDOWS\system32\drivers\ha20x2k.sys
2011/09/23 02:54:11.0921 2320 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/09/23 02:54:11.0968 2320 hidusb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/09/23 02:54:12.0015 2320 HTTP (3247a2db333d1521680e6864a8295a47) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/09/23 02:54:12.0125 2320 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/09/23 02:54:12.0156 2320 Imapi (ad5e8a6c823f24882a6826d7dbccf4a3) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/09/23 02:54:12.0218 2320 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/09/23 02:54:12.0312 2320 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/09/23 02:54:12.0328 2320 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/09/23 02:54:12.0359 2320 IpNat (d58ecd3b3969a670e68588f1640920b6) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/09/23 02:54:12.0390 2320 IPSec (b51fc69a1ff9a591fc0122d7e5895d66) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/09/23 02:54:12.0390 2320 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ipsec.sys. Real md5: b51fc69a1ff9a591fc0122d7e5895d66, Fake md5: 64537aa5c003a6afeee1df819062d0d1
2011/09/23 02:54:12.0390 2320 IPSec - detected ForgedFile.Multi.Generic (1)
2011/09/23 02:54:12.0484 2320 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/09/23 02:54:12.0515 2320 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/09/23 02:54:12.0562 2320 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/09/23 02:54:12.0578 2320 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/09/23 02:54:12.0687 2320 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
2011/09/23 02:54:12.0750 2320 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/09/23 02:54:12.0812 2320 LHidFilt (24e0ddb99aeccf86bb37702611761459) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
2011/09/23 02:54:12.0906 2320 lirsgt (8ccf9ed46d52af1375875f74a91ffacf) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
2011/09/23 02:54:12.0953 2320 LMouFilt (d58b330d318361a66a9fe60d7c9b4951) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
2011/09/23 02:54:13.0015 2320 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\WINDOWS\system32\DRIVERS\mcdbus.sys
2011/09/23 02:54:13.0031 2320 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/09/23 02:54:13.0109 2320 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
2011/09/23 02:54:13.0140 2320 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
2011/09/23 02:54:13.0171 2320 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/09/23 02:54:13.0171 2320 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/09/23 02:54:13.0281 2320 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/09/23 02:54:13.0296 2320 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/09/23 02:54:13.0328 2320 MRxSmb (4ae1dd77357f08b33854ab93b98a1371) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/23 02:54:13.0328 2320 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2011/09/23 02:54:13.0375 2320 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/09/23 02:54:13.0468 2320 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/09/23 02:54:13.0484 2320 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/09/23 02:54:13.0500 2320 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/09/23 02:54:13.0531 2320 MSTEE (d5059366b361f0e1124753447af08aa2) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/09/23 02:54:13.0625 2320 Mtlmnt5 (8cc4ab0f1fdb5fc7f58779dab0b1d22e) C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlmnt5.sys
2011/09/23 02:54:13.0687 2320 Mtlstrm (195c5a0b44240dbb999f267ecfd3fab2) C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlstrm.sys
2011/09/23 02:54:13.0921 2320 Mup (79a9c030299e8cc04f18d0765155d902) C:\WINDOWS\system32\drivers\Mup.sys
2011/09/23 02:54:14.0156 2320 NABTSFEC (ac31b352ce5e92704056d409834beb74) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/09/23 02:54:14.0406 2320 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2011/09/23 02:54:14.0687 2320 NdisIP (abd7629cf2796250f315c1dd0b6cf7a0) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/09/23 02:54:14.0781 2320 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/09/23 02:54:14.0875 2320 Ndisuio (eefa1ce63805d2145978621be5c6d955) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/09/23 02:54:14.0921 2320 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/09/23 02:54:15.0359 2320 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/09/23 02:54:15.0406 2320 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/09/23 02:54:15.0859 2320 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/09/23 02:54:16.0046 2320 nm (60cf8c7192b3614f240838ddbaa4a245) C:\WINDOWS\system32\DRIVERS\NMnt.sys
2011/09/23 02:54:16.0343 2320 NPF (d21fee8db254ba762656878168ac1db6) C:\WINDOWS\system32\drivers\npf.sys
2011/09/23 02:54:16.0656 2320 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2011/09/23 02:54:16.0921 2320 NPUSB (1200c4321c982aeefa60326e89d15fd8) C:\WINDOWS\system32\DRIVERS\npusb.sys
2011/09/23 02:54:17.0140 2320 npusbio (0a01056f5128d80f6e6826e32ba52177) C:\WINDOWS\system32\Drivers\npusbio.sys
2011/09/23 02:54:17.0484 2320 Ntfs (04e2d8d0de4c76cee33b7a7a0bcaf8c5) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/09/23 02:54:17.0765 2320 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/09/23 02:54:18.0078 2320 nusb3hub (9a3879b890f395ef8007a69543b56e8d) C:\WINDOWS\system32\DRIVERS\nusb3hub.sys
2011/09/23 02:54:18.0281 2320 nusb3xhc (61c3a3c6b35f596831358d954d20712f) C:\WINDOWS\system32\DRIVERS\nusb3xhc.sys
2011/09/23 02:54:18.0859 2320 nv (8b2c874897ea498da012284e12f9db2b) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/09/23 02:54:19.0156 2320 nvoclock (96c5900331bd17344f338d006888bae5) C:\WINDOWS\system32\DRIVERS\nvoclock.sys
2011/09/23 02:54:19.0187 2320 NVR0FLASHDev (d429e370a8581b80a3eaadfd88ce867b) C:\WINDOWS\nvflash.sys
2011/09/23 02:54:19.0218 2320 nvsmu (c44ee36dd84fa95eb81d79c374756003) C:\WINDOWS\system32\DRIVERS\nvsmu.sys
2011/09/23 02:54:19.0296 2320 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/09/23 02:54:19.0312 2320 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/09/23 02:54:19.0343 2320 ossrv (11b3328d84ed6c11baf4f4f115459ab6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
2011/09/23 02:54:19.0453 2320 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/09/23 02:54:19.0484 2320 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/09/23 02:54:19.0515 2320 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/09/23 02:54:19.0609 2320 PCI (de1d9a5d50166a6d8a51daa936fc56a4) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/09/23 02:54:19.0625 2320 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/09/23 02:54:19.0640 2320 Pcmcia (36458ab24389af198194f73b9c6db8fe) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/09/23 02:54:19.0671 2320 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
2011/09/23 02:54:19.0812 2320 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/09/23 02:54:19.0843 2320 Processor (9e372a156f92425a1904b84589093a37) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/09/23 02:54:19.0875 2320 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/09/23 02:54:19.0890 2320 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/09/23 02:54:20.0000 2320 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/09/23 02:54:20.0062 2320 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/09/23 02:54:20.0093 2320 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/09/23 02:54:20.0359 2320 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/09/23 02:54:20.0562 2320 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/09/23 02:54:20.0890 2320 Rdbss (d0fef8156d2d2fec557c100956d76887) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/09/23 02:54:21.0093 2320 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/09/23 02:54:21.0343 2320 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/09/23 02:54:21.0625 2320 RDPWD (047bea21274c8a4a233674a76c958c2c) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/09/23 02:54:21.0890 2320 RecAgent (5df1543b5258af20deddbb32808470c5) C:\WINDOWS\system32\DRIVERS\SLDRV\RecAgent.sys
2011/09/23 02:54:21.0953 2320 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/09/23 02:54:22.0000 2320 Revoflt (8b5b8a11306190c6963d3473f052d3c8) C:\WINDOWS\system32\DRIVERS\revoflt.sys
2011/09/23 02:54:22.0046 2320 RTLE8023xp (6fc7ddf3b8d94fba7ac664452d6478d4) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/09/23 02:54:22.0156 2320 SbieDrv (8767091e7b57c686b3f97754c30949be) C:\Program Files\Sandboxie\SbieDrv.sys
2011/09/23 02:54:22.0265 2320 sbpci (51e16b053ee28fd309beac5722bcc735) C:\WINDOWS\system32\drivers\sbpci.sys
2011/09/23 02:54:22.0296 2320 SCDEmu (c23dbd9bfba8b1170706e0896b3cf7da) C:\WINDOWS\system32\drivers\SCDEmu.sys
2011/09/23 02:54:22.0359 2320 Secdrv (07f7f501ad50de2ba2d5842d9b6d6155) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/09/23 02:54:22.0468 2320 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/09/23 02:54:22.0515 2320 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/09/23 02:54:22.0546 2320 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/09/23 02:54:22.0578 2320 SLIP (1ffc44d6787ec1ea9a2b1440a90fa5c1) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/09/23 02:54:22.0687 2320 Slntamr (e61f4a8551ed6d42245ec5c4a29c120b) C:\WINDOWS\system32\DRIVERS\SLDRV\slntamr.sys
2011/09/23 02:54:22.0718 2320 SlNtHal (7f5f9b53bea4238aa18ba05382ec7629) C:\WINDOWS\system32\DRIVERS\SLDRV\Slnthal.sys
2011/09/23 02:54:22.0765 2320 SlWdmSup (58f389daea07a855f7f38dd0d66e20c2) C:\WINDOWS\system32\DRIVERS\SLDRV\SlWdmSup.sys
2011/09/23 02:54:22.0875 2320 snapman (bcc773872041aa59bc9a6cf770fb32e2) C:\WINDOWS\system32\DRIVERS\snapman.sys
2011/09/23 02:54:22.0937 2320 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
2011/09/23 02:54:23.0015 2320 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys
2011/09/23 02:54:23.0015 2320 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
2011/09/23 02:54:23.0015 2320 sptd - detected LockedFile.Multi.Generic (1)
2011/09/23 02:54:23.0125 2320 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/09/23 02:54:23.0171 2320 Srv (54e79b08d0abc9c551d0fe69cc2f87ec) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/09/23 02:54:23.0203 2320 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2011/09/23 02:54:23.0234 2320 streamip (a9f9fd0212e572b84edb9eb661f6bc04) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/09/23 02:54:23.0312 2320 SVKP (f05028b163b92c302a74409d683ac9b0) C:\WINDOWS\system32\SVKP.sys
2011/09/23 02:54:23.0546 2320 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/09/23 02:54:23.0578 2320 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2011/09/23 02:54:23.0625 2320 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/09/23 02:54:23.0734 2320 Tcpip (2a4818aea80acd2c95d7d92d2f3155f8) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/09/23 02:54:23.0765 2320 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/09/23 02:54:23.0812 2320 tdrpman (eb53ec341458256deae2ad58822c4a17) C:\WINDOWS\system32\DRIVERS\tdrpman.sys
2011/09/23 02:54:23.0921 2320 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/09/23 02:54:23.0968 2320 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/09/23 02:54:23.0968 2320 tifsfilter (b0b3122bff3910e0ba97014045467778) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
2011/09/23 02:54:24.0015 2320 timounter (13bfe330880ac0ce8672d00aa5aff738) C:\WINDOWS\system32\DRIVERS\timntr.sys
2011/09/23 02:54:24.0140 2320 Udfs (5468714efdcc70e24981e5874b5a6ce5) C:\WINDOWS\system32\drivers\Udfs.sys
2011/09/23 02:54:24.0203 2320 Update (a4815a4884898f355a3513e60843a4fd) C:\WINDOWS\system32\DRIVERS\update.sys
2011/09/23 02:54:24.0312 2320 usbccgp (dd0b8c7b96107cbf8f70201a6ef7156e) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/09/23 02:54:24.0328 2320 usbehci (085328b088e4d2bdb359c4952b2489d4) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/09/23 02:54:24.0359 2320 usbfilter (e5b14557793164db879ee56f5b59c3e2) C:\WINDOWS\system32\DRIVERS\usbfilter.sys
2011/09/23 02:54:24.0468 2320 usbhub (d31e07bf822c7f2bd32714e9ddca8be2) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/09/23 02:54:24.0484 2320 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/09/23 02:54:24.0500 2320 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/09/23 02:54:24.0593 2320 USBSTOR (d31343bc16e50ad3b639e7d8d2639816) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/09/23 02:54:24.0640 2320 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2011/09/23 02:54:24.0687 2320 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/09/23 02:54:24.0781 2320 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/09/23 02:54:24.0843 2320 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2011/09/23 02:54:24.0890 2320 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/09/23 02:54:25.0000 2320 WmiAcpi (ae2c8544e747c20062db27456ea2d67a) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/09/23 02:54:25.0031 2320 WSTCODEC (233cdd1c06942115802eb7ce6669e099) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/09/23 02:54:25.0062 2320 yukonwxp (577f39e3b9a1c66b27e04e06669ca1fe) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
2011/09/23 02:54:25.0109 2320 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/09/23 02:54:25.0359 2320 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
2011/09/23 02:54:25.0437 2320 Boot (0x1200) (1bb7bc385056e03969ea57ac49714e87) \Device\Harddisk0\DR0\Partition0
2011/09/23 02:54:25.0437 2320 Boot (0x1200) (6ab975682517d5a381d1266ea043071a) \Device\Harddisk1\DR1\Partition0
2011/09/23 02:54:25.0437 2320 ================================================================================
2011/09/23 02:54:25.0437 2320 Scan finished
2011/09/23 02:54:25.0437 2320 ================================================================================
2011/09/23 02:54:25.0453 2312 Detected object count: 3
2011/09/23 02:54:25.0453 2312 Actual detected object count: 3
2011/09/23 02:54:43.0906 2312 HiddenFile.Multi.Generic(891acd00) - User select action: Skip
2011/09/23 02:54:43.0906 2312 ForgedFile.Multi.Generic(IPSec) - User select action: Skip
2011/09/23 02:54:43.0906 2312 LockedFile.Multi.Generic(sptd) - User select action: Skip

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:49 AM

Posted 22 September 2011 - 09:02 PM

Re-run the tool again and when you get to this file:
891acd00 (8f2bb1827cac01aee6a16e30a1260199) C:\WINDOWS\13441673:1994732287.exe
delete it instead of skipping it.

Post new log.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 nonaste

nonaste
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 22 September 2011 - 09:10 PM

2011/09/23 03:07:29.0484 2548 TDSS rootkit removing tool 2.5.23.0 Sep 20 2011 08:53:10
2011/09/23 03:07:29.0828 2548 ================================================================================
2011/09/23 03:07:29.0828 2548 SystemInfo:
2011/09/23 03:07:29.0828 2548
2011/09/23 03:07:29.0828 2548 OS Version: 5.1.2600 ServicePack: 2.0
2011/09/23 03:07:29.0828 2548 Product type: Workstation
2011/09/23 03:07:29.0828 2548 ComputerName: RAY1
2011/09/23 03:07:29.0828 2548 UserName: Raymondo
2011/09/23 03:07:29.0828 2548 Windows directory: C:\WINDOWS
2011/09/23 03:07:29.0828 2548 System windows directory: C:\WINDOWS
2011/09/23 03:07:29.0828 2548 Processor architecture: Intel x86
2011/09/23 03:07:29.0828 2548 Number of processors: 2
2011/09/23 03:07:29.0828 2548 Page size: 0x1000
2011/09/23 03:07:29.0828 2548 Boot type: Normal boot
2011/09/23 03:07:29.0828 2548 ================================================================================
2011/09/23 03:07:35.0156 2548 Initialize success
2011/09/23 03:07:38.0593 2736 ================================================================================
2011/09/23 03:07:38.0593 2736 Scan started
2011/09/23 03:07:38.0593 2736 Mode: Manual;
2011/09/23 03:07:38.0593 2736 ================================================================================
2011/09/23 03:07:40.0078 2736 891acd00 (8f2bb1827cac01aee6a16e30a1260199) C:\WINDOWS\13441673:1994732287.exe
2011/09/23 03:07:40.0078 2736 Suspicious file (Hidden): C:\WINDOWS\13441673:1994732287.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
2011/09/23 03:07:40.0078 2736 891acd00 - detected HiddenFile.Multi.Generic (1)
2011/09/23 03:07:40.0187 2736 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/23 03:07:40.0234 2736 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/09/23 03:07:40.0328 2736 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
2011/09/23 03:07:40.0359 2736 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys
2011/09/23 03:07:40.0578 2736 AmdK8 (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/09/23 03:07:40.0609 2736 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
2011/09/23 03:07:40.0703 2736 AnyDVD (7a7a9f83fa3572448111886e34ca8565) C:\WINDOWS\system32\Drivers\AnyDVD.sys
2011/09/23 03:07:40.0796 2736 APLMp50 (a9a22d7bad607cf7f698e32fb2983d2d) C:\WINDOWS\system32\Drivers\APLMp50.sys
2011/09/23 03:07:40.0859 2736 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/23 03:07:40.0890 2736 atapi (c4b52426b79c6f6664b70b8e63b1b837) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/23 03:07:41.0000 2736 ATIBTCAP (6e7a9ad5133f63c0e6c05f1791eba600) C:\WINDOWS\system32\drivers\atibtcap.sys
2011/09/23 03:07:41.0031 2736 ATIBTXBAR (1a9435b7b685e1f55160f99224fa5ba2) C:\WINDOWS\system32\drivers\atibtxbr.sys
2011/09/23 03:07:41.0062 2736 ATIVTUTW (c9162756bec92ac5beaa6e60fde1fcc5) C:\WINDOWS\system32\drivers\ativtutw.sys
2011/09/23 03:07:41.0140 2736 ATIVXSTW (9349d2664e1da61f04a022011d8834d7) C:\WINDOWS\system32\drivers\ativxstw.sys
2011/09/23 03:07:41.0187 2736 atksgt (e46d344412d1abc60c58e95c73bcdc70) C:\WINDOWS\system32\DRIVERS\atksgt.sys
2011/09/23 03:07:41.0218 2736 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/23 03:07:41.0234 2736 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/09/23 03:07:41.0375 2736 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/09/23 03:07:41.0453 2736 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2011/09/23 03:07:41.0468 2736 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/09/23 03:07:41.0500 2736 BANTExt (5d7be7b19e827125e016325334e58ff1) C:\WINDOWS\System32\Drivers\BANTExt.sys
2011/09/23 03:07:41.0515 2736 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/09/23 03:07:41.0609 2736 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/09/23 03:07:41.0625 2736 CCDECODE (fdc06e2ada8c468ebb161624e03976cf) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/09/23 03:07:41.0671 2736 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/09/23 03:07:41.0781 2736 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/09/23 03:07:41.0843 2736 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/23 03:07:42.0031 2736 cpuz133 (13a0d3f9d5f39adaca0a8d3bb327eb31) C:\WINDOWS\system32\drivers\cpuz133_x32.sys
2011/09/23 03:07:42.0062 2736 CT20XUT (134cdd242af1ae9961f065fba3508a7b) C:\WINDOWS\system32\drivers\CT20XUT.SYS
2011/09/23 03:07:42.0078 2736 CT20XUT.SYS (134cdd242af1ae9961f065fba3508a7b) C:\WINDOWS\System32\drivers\CT20XUT.SYS
2011/09/23 03:07:42.0109 2736 ctac32k (93439baf09ce3c6d4ce55da5b07d1b6a) C:\WINDOWS\system32\drivers\ctac32k.sys
2011/09/23 03:07:42.0218 2736 ctaud2k (6ab74512f09d673452d63ddec9014db5) C:\WINDOWS\system32\drivers\ctaud2k.sys
2011/09/23 03:07:42.0265 2736 ctdvda2k (788db5d99b2ca44ff61d8ed7b3c67c2e) C:\WINDOWS\system32\drivers\ctdvda2k.sys
2011/09/23 03:07:42.0296 2736 CTEXFIFX (3a9ad039d94be8d955ad0b2cb207378d) C:\WINDOWS\system32\drivers\CTEXFIFX.SYS
2011/09/23 03:07:42.0390 2736 CTEXFIFX.SYS (3a9ad039d94be8d955ad0b2cb207378d) C:\WINDOWS\System32\drivers\CTEXFIFX.SYS
2011/09/23 03:07:42.0421 2736 CTHWIUT (4602ad8c8e1b285e1a23a957f487da86) C:\WINDOWS\system32\drivers\CTHWIUT.SYS
2011/09/23 03:07:42.0437 2736 CTHWIUT.SYS (4602ad8c8e1b285e1a23a957f487da86) C:\WINDOWS\System32\drivers\CTHWIUT.SYS
2011/09/23 03:07:42.0453 2736 ctprxy2k (d42b84671f2193330215d3c375a2e948) C:\WINDOWS\system32\drivers\ctprxy2k.sys
2011/09/23 03:07:42.0468 2736 ctsfm2k (974cfcbe3206367bec1d527d9dade998) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
2011/09/23 03:07:42.0546 2736 DefragFS (4bb22f61e7257ed353a39130b3ed2461) C:\WINDOWS\system32\drivers\DefragFS.sys
2011/09/23 03:07:42.0656 2736 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/09/23 03:07:42.0718 2736 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
2011/09/23 03:07:42.0843 2736 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
2011/09/23 03:07:42.0875 2736 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/09/23 03:07:42.0906 2736 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2011/09/23 03:07:43.0000 2736 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/09/23 03:07:43.0031 2736 ElbyCDIO (027319ab8628d3ae07ff3b5a40fab62f) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
2011/09/23 03:07:43.0062 2736 ElbyDelay (e205c313417da6fa7afe85912a310a65) C:\WINDOWS\system32\Drivers\ElbyDelay.sys
2011/09/23 03:07:43.0156 2736 emupia (04afe5c11777e33178ec11e1fac47b07) C:\WINDOWS\system32\drivers\emupia2k.sys
2011/09/23 03:07:43.0171 2736 ENTECH (16ebd8bf1d5090923694cc972c7ce1b4) C:\WINDOWS\system32\DRIVERS\ENTECH.sys
2011/09/23 03:07:43.0203 2736 ezplay (73e701e0fa4d2fc7d22efceff276c50a) C:\WINDOWS\system32\Drivers\ezplay.sys
2011/09/23 03:07:43.0312 2736 Fastfat (144ca88c1bfdb5ed724138d9c08d44c3) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/09/23 03:07:43.0328 2736 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys
2011/09/23 03:07:43.0359 2736 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
2011/09/23 03:07:43.0453 2736 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/09/23 03:07:43.0500 2736 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/09/23 03:07:43.0546 2736 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/09/23 03:07:43.0609 2736 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/09/23 03:07:43.0640 2736 gameenum (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2011/09/23 03:07:43.0687 2736 GamingMsFltr (be982808337d92000705c23e192e45bf) C:\WINDOWS\system32\drivers\gamingms.sys
2011/09/23 03:07:43.0734 2736 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/09/23 03:07:43.0828 2736 ha20x2k (41fce1833d8f659acc56cb0ee43b2ced) C:\WINDOWS\system32\drivers\ha20x2k.sys
2011/09/23 03:07:43.0937 2736 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/09/23 03:07:44.0000 2736 hidusb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/09/23 03:07:44.0078 2736 HTTP (3247a2db333d1521680e6864a8295a47) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/09/23 03:07:44.0187 2736 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/09/23 03:07:44.0218 2736 Imapi (ad5e8a6c823f24882a6826d7dbccf4a3) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/09/23 03:07:44.0281 2736 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/09/23 03:07:44.0390 2736 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/09/23 03:07:44.0390 2736 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/09/23 03:07:44.0421 2736 IpNat (d58ecd3b3969a670e68588f1640920b6) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/09/23 03:07:44.0453 2736 IPSec (b51fc69a1ff9a591fc0122d7e5895d66) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/09/23 03:07:44.0453 2736 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ipsec.sys. Real md5: b51fc69a1ff9a591fc0122d7e5895d66, Fake md5: 64537aa5c003a6afeee1df819062d0d1
2011/09/23 03:07:44.0453 2736 IPSec - detected ForgedFile.Multi.Generic (1)
2011/09/23 03:07:44.0546 2736 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/09/23 03:07:44.0578 2736 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/09/23 03:07:44.0625 2736 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/09/23 03:07:44.0640 2736 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/09/23 03:07:44.0765 2736 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
2011/09/23 03:07:44.0828 2736 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/09/23 03:07:44.0890 2736 LHidFilt (24e0ddb99aeccf86bb37702611761459) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
2011/09/23 03:07:44.0984 2736 lirsgt (8ccf9ed46d52af1375875f74a91ffacf) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
2011/09/23 03:07:45.0015 2736 LMouFilt (d58b330d318361a66a9fe60d7c9b4951) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
2011/09/23 03:07:45.0046 2736 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\WINDOWS\system32\DRIVERS\mcdbus.sys
2011/09/23 03:07:45.0109 2736 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/09/23 03:07:45.0203 2736 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
2011/09/23 03:07:45.0250 2736 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
2011/09/23 03:07:45.0281 2736 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/09/23 03:07:45.0296 2736 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/09/23 03:07:45.0406 2736 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/09/23 03:07:45.0718 2736 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/09/23 03:07:46.0062 2736 MRxSmb (4ae1dd77357f08b33854ab93b98a1371) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/23 03:07:46.0375 2736 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2011/09/23 03:07:46.0421 2736 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/09/23 03:07:46.0531 2736 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/09/23 03:07:47.0015 2736 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/09/23 03:07:47.0062 2736 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/09/23 03:07:47.0312 2736 MSTEE (d5059366b361f0e1124753447af08aa2) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/09/23 03:07:47.0609 2736 Mtlmnt5 (8cc4ab0f1fdb5fc7f58779dab0b1d22e) C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlmnt5.sys
2011/09/23 03:07:48.0125 2736 Mtlstrm (195c5a0b44240dbb999f267ecfd3fab2) C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlstrm.sys
2011/09/23 03:07:48.0718 2736 Mup (79a9c030299e8cc04f18d0765155d902) C:\WINDOWS\system32\drivers\Mup.sys
2011/09/23 03:07:48.0890 2736 NABTSFEC (ac31b352ce5e92704056d409834beb74) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/09/23 03:07:49.0109 2736 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2011/09/23 03:07:49.0390 2736 NdisIP (abd7629cf2796250f315c1dd0b6cf7a0) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/09/23 03:07:49.0546 2736 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/09/23 03:07:49.0562 2736 Ndisuio (eefa1ce63805d2145978621be5c6d955) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/09/23 03:07:49.0578 2736 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/09/23 03:07:49.0625 2736 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/09/23 03:07:49.0718 2736 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/09/23 03:07:49.0765 2736 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/09/23 03:07:49.0812 2736 nm (60cf8c7192b3614f240838ddbaa4a245) C:\WINDOWS\system32\DRIVERS\NMnt.sys
2011/09/23 03:07:49.0859 2736 NPF (d21fee8db254ba762656878168ac1db6) C:\WINDOWS\system32\drivers\npf.sys
2011/09/23 03:07:49.0953 2736 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2011/09/23 03:07:50.0000 2736 NPUSB (1200c4321c982aeefa60326e89d15fd8) C:\WINDOWS\system32\DRIVERS\npusb.sys
2011/09/23 03:07:50.0046 2736 npusbio (0a01056f5128d80f6e6826e32ba52177) C:\WINDOWS\system32\Drivers\npusbio.sys
2011/09/23 03:07:50.0109 2736 Ntfs (04e2d8d0de4c76cee33b7a7a0bcaf8c5) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/09/23 03:07:50.0187 2736 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/09/23 03:07:50.0281 2736 nusb3hub (9a3879b890f395ef8007a69543b56e8d) C:\WINDOWS\system32\DRIVERS\nusb3hub.sys
2011/09/23 03:07:50.0296 2736 nusb3xhc (61c3a3c6b35f596831358d954d20712f) C:\WINDOWS\system32\DRIVERS\nusb3xhc.sys
2011/09/23 03:07:50.0531 2736 nv (8b2c874897ea498da012284e12f9db2b) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/09/23 03:07:50.0843 2736 nvoclock (96c5900331bd17344f338d006888bae5) C:\WINDOWS\system32\DRIVERS\nvoclock.sys
2011/09/23 03:07:50.0859 2736 NVR0FLASHDev (d429e370a8581b80a3eaadfd88ce867b) C:\WINDOWS\nvflash.sys
2011/09/23 03:07:50.0890 2736 nvsmu (c44ee36dd84fa95eb81d79c374756003) C:\WINDOWS\system32\DRIVERS\nvsmu.sys
2011/09/23 03:07:50.0984 2736 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/09/23 03:07:50.0984 2736 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/09/23 03:07:51.0015 2736 ossrv (11b3328d84ed6c11baf4f4f115459ab6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
2011/09/23 03:07:51.0125 2736 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/09/23 03:07:51.0171 2736 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/09/23 03:07:51.0203 2736 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/09/23 03:07:51.0296 2736 PCI (de1d9a5d50166a6d8a51daa936fc56a4) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/09/23 03:07:51.0312 2736 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/09/23 03:07:51.0328 2736 Pcmcia (36458ab24389af198194f73b9c6db8fe) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/09/23 03:07:51.0359 2736 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
2011/09/23 03:07:51.0484 2736 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/09/23 03:07:51.0515 2736 Processor (9e372a156f92425a1904b84589093a37) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/09/23 03:07:51.0546 2736 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/09/23 03:07:51.0562 2736 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/09/23 03:07:51.0671 2736 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/09/23 03:07:51.0734 2736 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/09/23 03:07:51.0750 2736 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/09/23 03:07:51.0781 2736 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/09/23 03:07:51.0812 2736 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/09/23 03:07:51.0906 2736 Rdbss (d0fef8156d2d2fec557c100956d76887) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/09/23 03:07:51.0937 2736 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/09/23 03:07:51.0953 2736 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/09/23 03:07:51.0984 2736 RDPWD (047bea21274c8a4a233674a76c958c2c) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/09/23 03:07:52.0078 2736 RecAgent (5df1543b5258af20deddbb32808470c5) C:\WINDOWS\system32\DRIVERS\SLDRV\RecAgent.sys
2011/09/23 03:07:52.0093 2736 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/09/23 03:07:52.0125 2736 Revoflt (8b5b8a11306190c6963d3473f052d3c8) C:\WINDOWS\system32\DRIVERS\revoflt.sys
2011/09/23 03:07:52.0171 2736 RTLE8023xp (6fc7ddf3b8d94fba7ac664452d6478d4) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/09/23 03:07:52.0250 2736 SbieDrv (8767091e7b57c686b3f97754c30949be) C:\Program Files\Sandboxie\SbieDrv.sys
2011/09/23 03:07:52.0359 2736 sbpci (51e16b053ee28fd309beac5722bcc735) C:\WINDOWS\system32\drivers\sbpci.sys
2011/09/23 03:07:52.0390 2736 SCDEmu (c23dbd9bfba8b1170706e0896b3cf7da) C:\WINDOWS\system32\drivers\SCDEmu.sys
2011/09/23 03:07:52.0437 2736 Secdrv (07f7f501ad50de2ba2d5842d9b6d6155) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/09/23 03:07:52.0531 2736 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/09/23 03:07:52.0562 2736 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/09/23 03:07:52.0625 2736 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/09/23 03:07:52.0671 2736 SLIP (1ffc44d6787ec1ea9a2b1440a90fa5c1) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/09/23 03:07:52.0781 2736 Slntamr (e61f4a8551ed6d42245ec5c4a29c120b) C:\WINDOWS\system32\DRIVERS\SLDRV\slntamr.sys
2011/09/23 03:07:52.0812 2736 SlNtHal (7f5f9b53bea4238aa18ba05382ec7629) C:\WINDOWS\system32\DRIVERS\SLDRV\Slnthal.sys
2011/09/23 03:07:52.0828 2736 SlWdmSup (58f389daea07a855f7f38dd0d66e20c2) C:\WINDOWS\system32\DRIVERS\SLDRV\SlWdmSup.sys
2011/09/23 03:07:52.0937 2736 snapman (bcc773872041aa59bc9a6cf770fb32e2) C:\WINDOWS\system32\DRIVERS\snapman.sys
2011/09/23 03:07:52.0984 2736 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
2011/09/23 03:07:53.0031 2736 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys
2011/09/23 03:07:53.0031 2736 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
2011/09/23 03:07:53.0031 2736 sptd - detected LockedFile.Multi.Generic (1)
2011/09/23 03:07:53.0140 2736 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/09/23 03:07:53.0187 2736 Srv (54e79b08d0abc9c551d0fe69cc2f87ec) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/09/23 03:07:53.0218 2736 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2011/09/23 03:07:53.0328 2736 streamip (a9f9fd0212e572b84edb9eb661f6bc04) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/09/23 03:07:53.0343 2736 SVKP (f05028b163b92c302a74409d683ac9b0) C:\WINDOWS\system32\SVKP.sys
2011/09/23 03:07:53.0578 2736 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/09/23 03:07:53.0656 2736 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2011/09/23 03:07:53.0718 2736 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/09/23 03:07:54.0015 2736 Tcpip (2a4818aea80acd2c95d7d92d2f3155f8) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/09/23 03:07:54.0265 2736 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/09/23 03:07:54.0578 2736 tdrpman (eb53ec341458256deae2ad58822c4a17) C:\WINDOWS\system32\DRIVERS\tdrpman.sys
2011/09/23 03:07:54.0812 2736 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/09/23 03:07:55.0015 2736 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/09/23 03:07:55.0281 2736 tifsfilter (b0b3122bff3910e0ba97014045467778) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
2011/09/23 03:07:55.0531 2736 timounter (13bfe330880ac0ce8672d00aa5aff738) C:\WINDOWS\system32\DRIVERS\timntr.sys
2011/09/23 03:07:55.0640 2736 Udfs (5468714efdcc70e24981e5874b5a6ce5) C:\WINDOWS\system32\drivers\Udfs.sys
2011/09/23 03:07:55.0750 2736 Update (a4815a4884898f355a3513e60843a4fd) C:\WINDOWS\system32\DRIVERS\update.sys
2011/09/23 03:07:55.0843 2736 usbccgp (dd0b8c7b96107cbf8f70201a6ef7156e) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/09/23 03:07:55.0906 2736 usbehci (085328b088e4d2bdb359c4952b2489d4) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/09/23 03:07:55.0968 2736 usbfilter (e5b14557793164db879ee56f5b59c3e2) C:\WINDOWS\system32\DRIVERS\usbfilter.sys
2011/09/23 03:07:56.0046 2736 usbhub (d31e07bf822c7f2bd32714e9ddca8be2) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/09/23 03:07:56.0093 2736 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/09/23 03:07:56.0125 2736 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/09/23 03:07:56.0203 2736 USBSTOR (d31343bc16e50ad3b639e7d8d2639816) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/09/23 03:07:56.0265 2736 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2011/09/23 03:07:56.0296 2736 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/09/23 03:07:56.0390 2736 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/09/23 03:07:56.0453 2736 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2011/09/23 03:07:56.0500 2736 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/09/23 03:07:56.0578 2736 WmiAcpi (ae2c8544e747c20062db27456ea2d67a) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/09/23 03:07:56.0687 2736 WSTCODEC (233cdd1c06942115802eb7ce6669e099) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/09/23 03:07:56.0781 2736 yukonwxp (577f39e3b9a1c66b27e04e06669ca1fe) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
2011/09/23 03:07:56.0828 2736 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/09/23 03:07:57.0078 2736 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
2011/09/23 03:07:57.0156 2736 Boot (0x1200) (1bb7bc385056e03969ea57ac49714e87) \Device\Harddisk0\DR0\Partition0
2011/09/23 03:07:57.0156 2736 Boot (0x1200) (6ab975682517d5a381d1266ea043071a) \Device\Harddisk1\DR1\Partition0
2011/09/23 03:07:57.0156 2736 ================================================================================
2011/09/23 03:07:57.0156 2736 Scan finished
2011/09/23 03:07:57.0156 2736 ================================================================================
2011/09/23 03:07:57.0171 2728 Detected object count: 3
2011/09/23 03:07:57.0171 2728 Actual detected object count: 3
2011/09/23 03:08:11.0421 2728 HiddenFile.Multi.Generic(891acd00) - User select action: Skip
2011/09/23 03:08:11.0421 2728 ForgedFile.Multi.Generic(IPSec) - User select action: Skip
2011/09/23 03:08:11.0421 2728 LockedFile.Multi.Generic(sptd) - User select action: Skip

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:49 AM

Posted 22 September 2011 - 09:12 PM

Please re-read my previous reply and proceed accordingly.

HiddenFile.Multi.Generic(891acd00) - User select action: Skip


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 nonaste

nonaste
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 22 September 2011 - 09:35 PM

"Re-run the tool again and when you get to this file:
891acd00 (8f2bb1827cac01aee6a16e30a1260199) C:\WINDOWS\13441673:1994732287.exe
delete it instead of skipping it"

I repeated the procedure. The tool called for a reboot. I rebooted the file was still there. I ran the tool a second time. The tool called for a reboot. I did and now the computer has stopped the boot process at "30,722mb OK" I'm leaving it there to see if it completes booting unless you have instructions to the contrary.

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:49 AM

Posted 22 September 2011 - 09:41 PM

Let me know if it'll eventually boot.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 nonaste

nonaste
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 22 September 2011 - 09:42 PM

Will do. Still sitting there after 15 minutes.

#14 nonaste

nonaste
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:03:49 AM

Posted 22 September 2011 - 09:56 PM

It's been 30 minutes. Still no movement. My screen options are Press DEL key or F11. Do I press F11 and then what or do a warm reset or do a hard reset?

#15 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:49 AM

Posted 22 September 2011 - 09:59 PM

Turn computer off manually.
Wait 1 minute.
Start it again.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users