Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot run Malwarebytes, HJT, SuperAntiSpyware, IE Popups


  • This topic is locked This topic is locked
5 replies to this topic

#1 Guest85

Guest85

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:18 PM

Posted 03 October 2011 - 01:14 PM

Cannot run Malwarebytes, HJT, SuperAntiSpyware. The icons for these on the desktop are white box (can not find icon). Error message when opening "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item." I was also getting some popups in IE.

DDS and GMER logs follow.

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Michelle Gamblin at 8:56:03 on 2011-10-03
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2037.1594 [GMT -7:00]
.
AV: a-squared Anti-Malware *Disabled/Updated* {0F8591BB-342B-4493-91C3-4E948ED21255}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat_sl.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\WINDOWS\system32\wscntfy.exe
.
============== Pseudo HJT Report ===============
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://google.com/
uInternet Connection Wizard,ShellNext = hxxp://partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=4081106
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"
mRun: [HP Software Update] "c:\program files\hewlett-packard\hp software update\HPWuSchd.exe"
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Corel File Shell Monitor] c:\program files\corel\corel paint shop pro photo x2\CorelIOMonitor.exe
mRun: [Corel Photo Downloader] "c:\program files\common files\corel\corel photodownloader\Corel Photo Downloader.exe" -startup
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-0000-7760-000000000002}\SC_Acrobat.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\apcups~1.lnk - c:\program files\apc\apc powerchute personal edition\Display.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
TCP: DhcpNameServer = 192.168.10.1
TCP: Interfaces\{F5FD7061-3C49-449A-81AB-79D359DF9B56} : DhcpNameServer = 192.168.10.1
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Name-Space Handler: ftp\* - {419A0123-4312-1122-A0C0-434FDA6DA542} - c:\program files\coreftp\pftpns.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]
S3 getPlus® Installer;getPlus® Installer;c:\program files\nos\bin\getPlus_HelperSvc.exe [2009-5-20 59552]
S3 Wdm1;USB Bridge Cable Driver;c:\windows\system32\drivers\usbbc.sys [2008-11-13 15576]
.
=============== Created Last 30 ================
.
2011-09-30 23:04:32 75264 -c--a-w- c:\windows\system32\dllcache\ipsec.sys
2011-09-30 23:04:32 75264 ----a-w- c:\windows\system32\drivers\ipsec.sys
2011-09-30 23:02:39 -------- d-sha-r- C:\cmdcons
2011-09-30 22:59:52 98816 ----a-w- c:\windows\sed.exe
2011-09-30 22:59:52 518144 ----a-w- c:\windows\SWREG.exe
2011-09-30 22:59:52 256000 ----a-w- c:\windows\PEV.exe
2011-09-30 22:59:52 208896 ----a-w- c:\windows\MBR.exe
2011-09-30 22:20:55 388096 ----a-r- c:\documents and settings\michelle gamblin\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-09-30 22:19:12 -------- d-----w- c:\program files\Trend Micro
2011-09-30 22:09:39 -------- d--h--w- c:\windows\PIF
2011-09-30 19:47:54 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-09-30 16:32:35 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-30 16:31:44 -------- d-----w- c:\documents and settings\michelle gamblin\application data\SUPERAntiSpyware.com
2011-09-30 16:31:25 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-09-30 16:31:25 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2011-09-30 16:25:52 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-30 16:25:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
.
==================== Find3M ====================
.
2011-09-16 18:34:14 2516 --sha-w- c:\documents and settings\all users\application data\KGyGaAvL.sys
2011-09-16 18:34:13 88 --sh--r- c:\documents and settings\all users\application data\8C099A68A8.sys
2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
.
============= FINISH: 8:56:41.85 ===============




GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-10-03 10:24:50
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST3250310AS rev.4.ADA
Running: gmer.exe; Driver: C:\DOCUME~1\MICHEL~1\LOCALS~1\Temp\kxlyapow.sys


---- Kernel code sections - GMER 1.0.15 ----

? C:\DOCUME~1\MICHEL~1\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Roxio)

---- EOF - GMER 1.0.15 ----

Anyone have any suggestions?

EDIT: Please be patient. There are over 160 unanswered topics in this forum at present and the current average wait time to receive help is 5-6 days. ~Budapest

Attached Files


Edited by Budapest, 07 October 2011 - 05:12 PM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,955 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:18 PM

Posted 08 October 2011 - 07:01 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) ( 511KB ) to your desktop. Double click the aswMBR.exe to run it

  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

===

Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

===

Please post the logs and let me know what problem persists.

#3 Guest85

Guest85
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:18 PM

Posted 10 October 2011 - 10:17 AM

I think the system is clean now? I'm not seeing any of the same problems I was having previously. The scanning tools I was having problems with now open without an error message. Do you see anything else in these logs that needs cleaned? Thank you!


aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-10-10 08:10:27
-----------------------------
08:10:27.828 OS Version: Windows 5.1.2600 Service Pack 3
08:10:27.828 Number of processors: 2 586 0x1706
08:10:27.828 ComputerName: D9FH8PH1 UserName:
08:10:28.593 Initialize success
08:10:47.687 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
08:10:47.687 Disk 0 Vendor: ST3250310AS 4.ADA Size: 238418MB BusType: 3
08:10:49.703 Disk 0 MBR read successfully
08:10:49.703 Disk 0 MBR scan
08:10:49.703 Disk 0 Windows VISTA default MBR code
08:10:49.703 Disk 0 scanning sectors +488263545
08:10:49.781 Disk 0 scanning C:\WINDOWS\system32\drivers
08:10:54.156 Service scanning
08:10:55.250 Modules scanning
08:10:59.828 Disk 0 trace - called modules:
08:10:59.859 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
08:10:59.859 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a95cab8]
08:10:59.859 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\00000065[0x8a978258]
08:10:59.859 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a904940]
08:11:00.359 Scan finished successfully
08:11:18.421 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Michelle Gamblin\Desktop\MBR.dat"
08:11:18.453 The log file has been saved successfully to "C:\Documents and Settings\Michelle Gamblin\Desktop\aswMBR.txt"


08:12:21.0625 1588 TDSS rootkit removing tool 2.6.7.0 Oct 10 2011 09:40:06
08:12:21.0968 1588 ============================================================
08:12:21.0968 1588 Current date / time: 2011/10/10 08:12:21.0968
08:12:21.0968 1588 SystemInfo:
08:12:21.0968 1588
08:12:21.0968 1588 OS Version: 5.1.2600 ServicePack: 3.0
08:12:21.0968 1588 Product type: Workstation
08:12:21.0968 1588 ComputerName: D9FH8PH1
08:12:21.0968 1588 UserName: Michelle Gamblin
08:12:21.0968 1588 Windows directory: C:\WINDOWS
08:12:21.0968 1588 System windows directory: C:\WINDOWS
08:12:21.0968 1588 Processor architecture: Intel x86
08:12:21.0968 1588 Number of processors: 2
08:12:21.0968 1588 Page size: 0x1000
08:12:21.0968 1588 Boot type: Normal boot
08:12:21.0968 1588 ============================================================
08:12:23.0218 1588 Initialize success
08:12:36.0062 3152 ============================================================
08:12:36.0062 3152 Scan started
08:12:36.0062 3152 Mode: Manual;
08:12:36.0062 3152 ============================================================
08:12:36.0656 3152 Abiosdsk - ok
08:12:36.0703 3152 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
08:12:36.0703 3152 abp480n5 - ok
08:12:36.0734 3152 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:12:36.0734 3152 ACPI - ok
08:12:36.0734 3152 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
08:12:36.0734 3152 ACPIEC - ok
08:12:36.0781 3152 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
08:12:36.0781 3152 adpu160m - ok
08:12:36.0828 3152 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
08:12:36.0828 3152 aec - ok
08:12:36.0875 3152 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
08:12:36.0890 3152 AFD - ok
08:12:36.0921 3152 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
08:12:36.0937 3152 agp440 - ok
08:12:36.0937 3152 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
08:12:36.0937 3152 agpCPQ - ok
08:12:36.0937 3152 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
08:12:36.0937 3152 Aha154x - ok
08:12:36.0953 3152 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
08:12:36.0953 3152 aic78u2 - ok
08:12:36.0953 3152 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
08:12:36.0953 3152 aic78xx - ok
08:12:36.0984 3152 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
08:12:36.0984 3152 AliIde - ok
08:12:37.0000 3152 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
08:12:37.0000 3152 alim1541 - ok
08:12:37.0015 3152 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
08:12:37.0015 3152 amdagp - ok
08:12:37.0031 3152 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
08:12:37.0031 3152 amsint - ok
08:12:37.0046 3152 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
08:12:37.0046 3152 asc - ok
08:12:37.0062 3152 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
08:12:37.0062 3152 asc3350p - ok
08:12:37.0062 3152 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
08:12:37.0062 3152 asc3550 - ok
08:12:37.0109 3152 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:12:37.0109 3152 AsyncMac - ok
08:12:37.0156 3152 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
08:12:37.0156 3152 atapi - ok
08:12:37.0171 3152 Atdisk - ok
08:12:37.0171 3152 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:12:37.0171 3152 Atmarpc - ok
08:12:37.0187 3152 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
08:12:37.0187 3152 audstub - ok
08:12:37.0203 3152 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
08:12:37.0203 3152 Beep - ok
08:12:37.0203 3152 catchme - ok
08:12:37.0250 3152 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
08:12:37.0250 3152 cbidf - ok
08:12:37.0250 3152 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
08:12:37.0250 3152 cbidf2k - ok
08:12:37.0265 3152 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
08:12:37.0265 3152 cd20xrnt - ok
08:12:37.0281 3152 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
08:12:37.0281 3152 Cdaudio - ok
08:12:37.0296 3152 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
08:12:37.0296 3152 Cdfs - ok
08:12:37.0328 3152 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:12:37.0328 3152 Cdrom - ok
08:12:37.0328 3152 Changer - ok
08:12:37.0406 3152 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
08:12:37.0406 3152 CmdIde - ok
08:12:37.0437 3152 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
08:12:37.0437 3152 Compbatt - ok
08:12:37.0484 3152 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
08:12:37.0484 3152 Cpqarray - ok
08:12:37.0500 3152 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
08:12:37.0500 3152 dac2w2k - ok
08:12:37.0500 3152 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
08:12:37.0515 3152 dac960nt - ok
08:12:37.0531 3152 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
08:12:37.0531 3152 Disk - ok
08:12:37.0546 3152 DLABMFSM (a0500678a33802d8954153839301d539) C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
08:12:37.0546 3152 DLABMFSM - ok
08:12:37.0546 3152 DLABOIOM (b8d2f68cac54d46281399f9092644794) C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
08:12:37.0546 3152 DLABOIOM - ok
08:12:37.0562 3152 DLACDBHM (0ee93ab799d1cb4ec90b36f3612fe907) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
08:12:37.0562 3152 DLACDBHM - ok
08:12:37.0562 3152 DLADResM (87413b94ae1fabc117c4e8ae6725134e) C:\WINDOWS\system32\Drivers\DLADResM.SYS
08:12:37.0562 3152 DLADResM - ok
08:12:37.0593 3152 DLAIFS_M (766a148235be1c0039c974446e4c0edc) C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
08:12:37.0593 3152 DLAIFS_M - ok
08:12:37.0609 3152 DLAOPIOM (38267cca177354f1c64450a43a4f7627) C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
08:12:37.0609 3152 DLAOPIOM - ok
08:12:37.0625 3152 DLAPoolM (fd363369fd313b46b5aeab1a688b52e9) C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
08:12:37.0625 3152 DLAPoolM - ok
08:12:37.0640 3152 DLARTL_M (336ae18f0912ef4fbe5518849e004d74) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
08:12:37.0640 3152 DLARTL_M - ok
08:12:37.0640 3152 DLAUDFAM (fd85f682c1cc2a7ca878c7a448e6d87e) C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
08:12:37.0656 3152 DLAUDFAM - ok
08:12:37.0671 3152 DLAUDF_M (af389ce587b6bf5bbdcd6f6abe5eabc0) C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
08:12:37.0671 3152 DLAUDF_M - ok
08:12:37.0750 3152 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
08:12:37.0765 3152 dmboot - ok
08:12:37.0890 3152 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
08:12:37.0890 3152 dmio - ok
08:12:37.0906 3152 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
08:12:37.0906 3152 dmload - ok
08:12:37.0953 3152 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
08:12:37.0953 3152 DMusic - ok
08:12:38.0000 3152 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
08:12:38.0000 3152 dpti2o - ok
08:12:38.0031 3152 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
08:12:38.0031 3152 drmkaud - ok
08:12:38.0093 3152 DRVMCDB (5d3b71bb2bb0009d65d290e2ef374bd3) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
08:12:38.0093 3152 DRVMCDB - ok
08:12:38.0109 3152 DRVNDDM (c591ba9f96f40a1fd6494dafdcd17185) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
08:12:38.0109 3152 DRVNDDM - ok
08:12:38.0156 3152 e1express (34aaa3b298a852b3663e6e0d94d12945) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
08:12:38.0156 3152 e1express - ok
08:12:38.0218 3152 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
08:12:38.0218 3152 Fastfat - ok
08:12:38.0234 3152 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
08:12:38.0234 3152 Fdc - ok
08:12:38.0250 3152 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
08:12:38.0250 3152 Fips - ok
08:12:38.0265 3152 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
08:12:38.0265 3152 Flpydisk - ok
08:12:38.0281 3152 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
08:12:38.0296 3152 FltMgr - ok
08:12:38.0296 3152 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:12:38.0296 3152 Fs_Rec - ok
08:12:38.0328 3152 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:12:38.0328 3152 Ftdisk - ok
08:12:38.0375 3152 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:12:38.0375 3152 Gpc - ok
08:12:38.0390 3152 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
08:12:38.0390 3152 HDAudBus - ok
08:12:38.0421 3152 HidBatt (748031ff4fe45ccc47546294905feab8) C:\WINDOWS\system32\DRIVERS\HidBatt.sys
08:12:38.0421 3152 HidBatt - ok
08:12:38.0468 3152 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:12:38.0468 3152 hidusb - ok
08:12:38.0500 3152 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
08:12:38.0500 3152 hpn - ok
08:12:38.0546 3152 HSFHWBS2 (ac04fc91b57b27086ccf02086fd3f4cb) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
08:12:38.0546 3152 HSFHWBS2 - ok
08:12:38.0562 3152 HSF_DPV (f362c0b442337da8ab0608dfaa4ca076) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
08:12:38.0609 3152 HSF_DPV - ok
08:12:38.0671 3152 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
08:12:38.0671 3152 HTTP - ok
08:12:38.0718 3152 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
08:12:38.0718 3152 i2omgmt - ok
08:12:38.0750 3152 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
08:12:38.0750 3152 i2omp - ok
08:12:38.0890 3152 ialm (28423512370705aeda6a652fedb25468) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
08:12:39.0031 3152 ialm - ok
08:12:39.0078 3152 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\WINDOWS\system32\drivers\iaStor.sys
08:12:39.0078 3152 iaStor - ok
08:12:39.0140 3152 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
08:12:39.0140 3152 Imapi - ok
08:12:39.0171 3152 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
08:12:39.0171 3152 ini910u - ok
08:12:39.0281 3152 IntcAzAudAddService (17bbbabb21f86b650b2626045a9d016c) C:\WINDOWS\system32\drivers\RtkHDAud.sys
08:12:39.0375 3152 IntcAzAudAddService - ok
08:12:39.0421 3152 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
08:12:39.0421 3152 IntelIde - ok
08:12:39.0484 3152 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:12:39.0484 3152 intelppm - ok
08:12:39.0531 3152 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
08:12:39.0531 3152 Ip6Fw - ok
08:12:39.0562 3152 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:12:39.0562 3152 IpFilterDriver - ok
08:12:39.0578 3152 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:12:39.0593 3152 IpInIp - ok
08:12:39.0593 3152 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:12:39.0593 3152 IpNat - ok
08:12:39.0656 3152 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:12:39.0656 3152 IPSec - ok
08:12:39.0703 3152 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
08:12:39.0703 3152 IRENUM - ok
08:12:39.0796 3152 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:12:39.0796 3152 isapnp - ok
08:12:39.0859 3152 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:12:39.0859 3152 Kbdclass - ok
08:12:39.0890 3152 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
08:12:39.0890 3152 kbdhid - ok
08:12:39.0953 3152 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
08:12:39.0953 3152 kmixer - ok
08:12:40.0015 3152 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
08:12:40.0015 3152 KSecDD - ok
08:12:40.0140 3152 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
08:12:40.0140 3152 Lavasoft Kernexplorer - ok
08:12:40.0296 3152 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
08:12:40.0296 3152 Lbd - ok
08:12:40.0328 3152 lbrtfdc - ok
08:12:40.0375 3152 LHidFilt (7f9c7b28cf1c859e1c42619eea946dc8) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
08:12:40.0375 3152 LHidFilt - ok
08:12:40.0390 3152 LMouFilt (ab33792a87285344f43b5ce23421bab0) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
08:12:40.0390 3152 LMouFilt - ok
08:12:40.0390 3152 MBAMSwissArmy - ok
08:12:40.0437 3152 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
08:12:40.0437 3152 mdmxsdk - ok
08:12:40.0500 3152 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
08:12:40.0500 3152 mnmdd - ok
08:12:40.0515 3152 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
08:12:40.0515 3152 Modem - ok
08:12:40.0546 3152 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:12:40.0562 3152 Mouclass - ok
08:12:40.0562 3152 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:12:40.0562 3152 mouhid - ok
08:12:40.0578 3152 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
08:12:40.0593 3152 MountMgr - ok
08:12:40.0625 3152 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
08:12:40.0625 3152 mraid35x - ok
08:12:40.0656 3152 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:12:40.0671 3152 MRxDAV - ok
08:12:40.0703 3152 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:12:40.0703 3152 MRxSmb - ok
08:12:40.0765 3152 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
08:12:40.0765 3152 Msfs - ok
08:12:40.0812 3152 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:12:40.0812 3152 MSKSSRV - ok
08:12:40.0828 3152 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:12:40.0828 3152 MSPCLOCK - ok
08:12:40.0843 3152 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
08:12:40.0843 3152 MSPQM - ok
08:12:40.0875 3152 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:12:40.0875 3152 mssmbios - ok
08:12:40.0921 3152 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
08:12:40.0921 3152 Mup - ok
08:12:40.0984 3152 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
08:12:40.0984 3152 NDIS - ok
08:12:41.0031 3152 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:12:41.0031 3152 NdisTapi - ok
08:12:41.0046 3152 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:12:41.0046 3152 Ndisuio - ok
08:12:41.0062 3152 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:12:41.0062 3152 NdisWan - ok
08:12:41.0109 3152 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
08:12:41.0109 3152 NDProxy - ok
08:12:41.0156 3152 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
08:12:41.0156 3152 NetBIOS - ok
08:12:41.0203 3152 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
08:12:41.0218 3152 NetBT - ok
08:12:41.0218 3152 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
08:12:41.0218 3152 Npfs - ok
08:12:41.0281 3152 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
08:12:41.0296 3152 Ntfs - ok
08:12:41.0328 3152 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
08:12:41.0328 3152 Null - ok
08:12:41.0359 3152 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:12:41.0359 3152 NwlnkFlt - ok
08:12:41.0375 3152 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:12:41.0390 3152 NwlnkFwd - ok
08:12:41.0390 3152 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
08:12:41.0390 3152 Parport - ok
08:12:41.0421 3152 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
08:12:41.0421 3152 PartMgr - ok
08:12:41.0453 3152 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
08:12:41.0453 3152 ParVdm - ok
08:12:41.0468 3152 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
08:12:41.0468 3152 PCI - ok
08:12:41.0468 3152 PCIDump - ok
08:12:41.0484 3152 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
08:12:41.0484 3152 PCIIde - ok
08:12:41.0515 3152 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
08:12:41.0515 3152 Pcmcia - ok
08:12:41.0515 3152 PDCOMP - ok
08:12:41.0531 3152 PDFRAME - ok
08:12:41.0531 3152 PDRELI - ok
08:12:41.0546 3152 PDRFRAME - ok
08:12:41.0562 3152 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
08:12:41.0562 3152 perc2 - ok
08:12:41.0562 3152 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
08:12:41.0562 3152 perc2hib - ok
08:12:41.0593 3152 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:12:41.0593 3152 PptpMiniport - ok
08:12:41.0609 3152 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
08:12:41.0609 3152 PSched - ok
08:12:41.0609 3152 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:12:41.0609 3152 Ptilink - ok
08:12:41.0656 3152 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
08:12:41.0656 3152 PxHelp20 - ok
08:12:41.0687 3152 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
08:12:41.0687 3152 ql1080 - ok
08:12:41.0703 3152 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
08:12:41.0703 3152 Ql10wnt - ok
08:12:41.0734 3152 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
08:12:41.0734 3152 ql12160 - ok
08:12:41.0734 3152 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
08:12:41.0734 3152 ql1240 - ok
08:12:41.0750 3152 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
08:12:41.0750 3152 ql1280 - ok
08:12:41.0781 3152 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:12:41.0781 3152 RasAcd - ok
08:12:41.0781 3152 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:12:41.0796 3152 Rasl2tp - ok
08:12:41.0796 3152 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:12:41.0796 3152 RasPppoe - ok
08:12:41.0812 3152 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
08:12:41.0812 3152 Raspti - ok
08:12:41.0828 3152 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:12:41.0828 3152 Rdbss - ok
08:12:41.0828 3152 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:12:41.0828 3152 RDPCDD - ok
08:12:41.0859 3152 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
08:12:41.0859 3152 rdpdr - ok
08:12:41.0890 3152 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
08:12:41.0906 3152 RDPWD - ok
08:12:41.0937 3152 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
08:12:41.0937 3152 redbook - ok
08:12:41.0968 3152 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:12:41.0984 3152 Secdrv - ok
08:12:42.0015 3152 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
08:12:42.0015 3152 Serial - ok
08:12:42.0031 3152 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
08:12:42.0031 3152 Sfloppy - ok
08:12:42.0031 3152 Simbad - ok
08:12:42.0046 3152 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
08:12:42.0046 3152 sisagp - ok
08:12:42.0078 3152 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
08:12:42.0078 3152 Sparrow - ok
08:12:42.0125 3152 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
08:12:42.0125 3152 splitter - ok
08:12:42.0171 3152 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
08:12:42.0171 3152 sr - ok
08:12:42.0234 3152 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
08:12:42.0234 3152 Srv - ok
08:12:42.0296 3152 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
08:12:42.0296 3152 swenum - ok
08:12:42.0343 3152 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
08:12:42.0343 3152 swmidi - ok
08:12:42.0375 3152 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
08:12:42.0375 3152 symc810 - ok
08:12:42.0390 3152 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
08:12:42.0390 3152 symc8xx - ok
08:12:42.0421 3152 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
08:12:42.0421 3152 sym_hi - ok
08:12:42.0421 3152 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
08:12:42.0421 3152 sym_u3 - ok
08:12:42.0468 3152 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
08:12:42.0468 3152 sysaudio - ok
08:12:42.0531 3152 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:12:42.0531 3152 Tcpip - ok
08:12:42.0578 3152 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
08:12:42.0578 3152 TDPIPE - ok
08:12:42.0593 3152 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
08:12:42.0593 3152 TDTCP - ok
08:12:42.0625 3152 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
08:12:42.0625 3152 TermDD - ok
08:12:42.0625 3152 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
08:12:42.0625 3152 TosIde - ok
08:12:42.0640 3152 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
08:12:42.0640 3152 Udfs - ok
08:12:42.0656 3152 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
08:12:42.0656 3152 ultra - ok
08:12:42.0671 3152 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
08:12:42.0671 3152 Update - ok
08:12:42.0687 3152 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:12:42.0687 3152 usbccgp - ok
08:12:42.0703 3152 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:12:42.0703 3152 usbehci - ok
08:12:42.0734 3152 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:12:42.0734 3152 usbhub - ok
08:12:42.0765 3152 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
08:12:42.0765 3152 usbprint - ok
08:12:42.0781 3152 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:12:42.0781 3152 usbscan - ok
08:12:42.0828 3152 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:12:42.0828 3152 USBSTOR - ok
08:12:42.0875 3152 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
08:12:42.0875 3152 usbuhci - ok
08:12:42.0921 3152 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
08:12:42.0921 3152 VgaSave - ok
08:12:42.0968 3152 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
08:12:42.0968 3152 viaagp - ok
08:12:42.0984 3152 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
08:12:42.0984 3152 ViaIde - ok
08:12:43.0000 3152 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
08:12:43.0000 3152 VolSnap - ok
08:12:43.0046 3152 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:12:43.0062 3152 Wanarp - ok
08:12:43.0109 3152 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
08:12:43.0109 3152 Wdf01000 - ok
08:12:43.0125 3152 WDICA - ok
08:12:43.0156 3152 Wdm1 (2f4b3c0e58d4a7bd8e38d1cd9ca47691) C:\WINDOWS\system32\Drivers\usbbc.sys
08:12:43.0156 3152 Wdm1 - ok
08:12:43.0203 3152 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
08:12:43.0203 3152 wdmaud - ok
08:12:43.0234 3152 winachsf (92ce6497076eac3083185c44157b3a46) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
08:12:43.0250 3152 winachsf - ok
08:12:43.0296 3152 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
08:12:43.0312 3152 WudfPf - ok
08:12:43.0312 3152 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
08:12:43.0312 3152 WudfRd - ok
08:12:43.0328 3152 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
08:12:43.0343 3152 \Device\Harddisk0\DR0 - ok
08:12:43.0343 3152 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR3
08:12:43.0343 3152 \Device\Harddisk1\DR3 - ok
08:12:43.0359 3152 Boot (0x1200) (a9c6d041b6e3bee984906e8f3072ccc2) \Device\Harddisk0\DR0\Partition0
08:12:43.0359 3152 \Device\Harddisk0\DR0\Partition0 - ok
08:12:43.0359 3152 Boot (0x1200) (8a43db1b70393a591a8721c8eaf39f0e) \Device\Harddisk1\DR3\Partition0
08:12:43.0359 3152 \Device\Harddisk1\DR3\Partition0 - ok
08:12:43.0359 3152 ============================================================
08:12:43.0359 3152 Scan finished
08:12:43.0359 3152 ============================================================
08:12:43.0359 2316 Detected object count: 0
08:12:43.0359 2316 Actual detected object count: 0
08:13:00.0921 4008 Deinitialize success

Attached Files

  • Attached File  MBR.zip   557bytes   0 downloads


#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,955 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:18 PM

Posted 10 October 2011 - 12:46 PM

Good news.

Just want to check this.

Third party programs if not up to date can be the cause infiltration of an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

#5 Guest85

Guest85
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:18 PM

Posted 10 October 2011 - 05:55 PM

Results of screen317's Security Check version 0.99.24
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date! (On Access scanning disabled!)
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
CCleaner (remove only)
Adobe Flash Player ( 10.0.12.36) Flash Player Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe
Microsoft Security Client Antimalware MsMpEng.exe
Microsoft Security Client Antimalware MpCmdRun.exe
Trend Micro HiJackThis HiJackThis.exe -?-
``````````End of Log````````````

#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,955 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:18 PM

Posted 10 October 2011 - 07:24 PM

I suggest you update your Flash.

Critical vulnerabilities have been identified in Adobe Flash Player 10.3.183.10 and earlier versions... being exploited in the wild in active targeted attacks... update to Adobe Adobe Flash Player 11.0.1.152

Flash Player 11.0.1.152

On the top of the page you will be given an opportunity to download the version for your operating system.
Make sure you select appropriate version.

You will also have an option to install the Free! McAfee Security Scan Plus Un-check the box if you are NOT using McAfee's virus protection software.

If all is well I will close this topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users