Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

System Check virus


  • Please log in to reply
14 replies to this topic

#1 Jw278

Jw278

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:29 AM

Posted 22 January 2012 - 08:51 AM

Hello,
Please help me, I don't know what to do next.
I got the system check virus on my laptop, and I have followed the instructions on the removal guide here: http://www.bleepingcomputer.com/virus-removal/remove-system-check.

This has stopped all the popups and error messages but I still have the system check icon in the taskbar and toolbar, also I don't have control panel and a few other things in the right place!

What can I do to get rid of it?

Any help greatly appreciated, thanks :)

(Dell 1525 inspiron, windows vista home premium, SP2)

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:29 AM

Posted 22 January 2012 - 08:53 AM

You can manually remove the system check icon

Download

TDSSkiller

Launch it Click on "Scan".Please post the LOG report

Please download GMER from here

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 Jw278

Jw278
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:29 AM

Posted 22 January 2012 - 01:50 PM

Thank you very much!

Here's the log reports:

TDSSkiller:

14:06:46.0886 2700 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
14:06:48.0913 2700 ============================================================
14:06:48.0913 2700 Current date / time: 2012/01/22 14:06:48.0913
14:06:48.0913 2700 SystemInfo:
14:06:48.0913 2700
14:06:48.0913 2700 OS Version: 6.0.6002 ServicePack: 2.0
14:06:48.0913 2700 Product type: Workstation
14:06:48.0913 2700 ComputerName: JW278
14:06:48.0914 2700 UserName: Jen
14:06:48.0914 2700 Windows directory: C:\Windows
14:06:48.0914 2700 System windows directory: C:\Windows
14:06:48.0914 2700 Processor architecture: Intel x86
14:06:48.0914 2700 Number of processors: 1
14:06:48.0914 2700 Page size: 0x1000
14:06:48.0914 2700 Boot type: Normal boot
14:06:48.0914 2700 ============================================================
14:06:52.0074 2700 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:06:53.0079 2700 Initialize success
14:06:57.0804 4648 ============================================================
14:06:57.0804 4648 Scan started
14:06:57.0804 4648 Mode: Manual;
14:06:57.0804 4648 ============================================================
14:07:06.0350 4648 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
14:07:06.0355 4648 ACPI - ok
14:07:06.0777 4648 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
14:07:06.0784 4648 adp94xx - ok
14:07:06.0878 4648 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
14:07:06.0884 4648 adpahci - ok
14:07:07.0229 4648 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
14:07:07.0232 4648 adpu160m - ok
14:07:07.0650 4648 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
14:07:07.0654 4648 adpu320 - ok
14:07:08.0753 4648 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
14:07:08.0758 4648 AFD - ok
14:07:09.0068 4648 AFGMp50 - ok
14:07:09.0080 4648 AFGSp50 - ok
14:07:09.0679 4648 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
14:07:09.0681 4648 agp440 - ok
14:07:09.0979 4648 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
14:07:09.0982 4648 aic78xx - ok
14:07:10.0413 4648 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
14:07:10.0414 4648 aliide - ok
14:07:10.0841 4648 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
14:07:10.0843 4648 amdagp - ok
14:07:11.0216 4648 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
14:07:11.0217 4648 amdide - ok
14:07:11.0855 4648 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
14:07:11.0857 4648 AmdK7 - ok
14:07:12.0127 4648 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
14:07:12.0129 4648 AmdK8 - ok
14:07:12.0411 4648 ApfiltrService (a80230bd04f0b8bf05185b369bb1cbb8) C:\Windows\system32\DRIVERS\Apfiltr.sys
14:07:12.0413 4648 ApfiltrService - ok
14:07:12.0822 4648 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
14:07:12.0824 4648 arc - ok
14:07:13.0033 4648 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
14:07:13.0035 4648 arcsas - ok
14:07:13.0217 4648 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
14:07:13.0218 4648 AsyncMac - ok
14:07:13.0561 4648 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
14:07:13.0563 4648 atapi - ok
14:07:13.0959 4648 BCM42RLY (7bd70aeed0d975285a1b20bd012ebf4e) C:\Windows\system32\drivers\BCM42RLY.sys
14:07:13.0960 4648 BCM42RLY - ok
14:07:14.0861 4648 BCM43XX (fa6707a346cd122407f3b0bad1c47639) C:\Windows\system32\DRIVERS\bcmwl6.sys
14:07:14.0968 4648 BCM43XX - ok
14:07:15.0932 4648 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
14:07:15.0932 4648 Beep - ok
14:07:16.0563 4648 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
14:07:16.0565 4648 blbdrive - ok
14:07:16.0897 4648 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
14:07:16.0898 4648 bowser - ok
14:07:17.0273 4648 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
14:07:17.0275 4648 BrFiltLo - ok
14:07:17.0580 4648 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
14:07:17.0581 4648 BrFiltUp - ok
14:07:17.0971 4648 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
14:07:17.0977 4648 Brserid - ok
14:07:18.0254 4648 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
14:07:18.0256 4648 BrSerWdm - ok
14:07:19.0115 4648 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
14:07:19.0120 4648 BrUsbMdm - ok
14:07:19.0274 4648 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
14:07:19.0275 4648 BrUsbSer - ok
14:07:19.0730 4648 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
14:07:19.0732 4648 BTHMODEM - ok
14:07:20.0010 4648 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
14:07:20.0049 4648 cdfs - ok
14:07:20.0425 4648 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
14:07:20.0428 4648 cdrom - ok
14:07:20.0787 4648 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
14:07:20.0789 4648 circlass - ok
14:07:21.0122 4648 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
14:07:21.0125 4648 CLFS - ok
14:07:21.0862 4648 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
14:07:21.0863 4648 CmBatt - ok
14:07:22.0474 4648 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
14:07:22.0475 4648 cmdide - ok
14:07:23.0058 4648 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
14:07:23.0059 4648 Compbatt - ok
14:07:23.0285 4648 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
14:07:23.0287 4648 crcdisk - ok
14:07:23.0615 4648 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
14:07:23.0616 4648 Crusoe - ok
14:07:24.0089 4648 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
14:07:24.0091 4648 DfsC - ok
14:07:24.0751 4648 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
14:07:24.0801 4648 disk - ok
14:07:25.0420 4648 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
14:07:25.0421 4648 drmkaud - ok
14:07:26.0027 4648 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
14:07:26.0036 4648 DXGKrnl - ok
14:07:26.0343 4648 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
14:07:26.0347 4648 e1express - ok
14:07:26.0838 4648 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
14:07:26.0841 4648 E1G60 - ok
14:07:27.0369 4648 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
14:07:27.0372 4648 Ecache - ok
14:07:27.0924 4648 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
14:07:28.0011 4648 elxstor - ok
14:07:28.0300 4648 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
14:07:28.0303 4648 ErrDev - ok
14:07:28.0744 4648 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
14:07:28.0748 4648 exfat - ok
14:07:28.0955 4648 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
14:07:28.0957 4648 fastfat - ok
14:07:29.0570 4648 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
14:07:29.0571 4648 fdc - ok
14:07:30.0142 4648 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
14:07:30.0144 4648 FileInfo - ok
14:07:30.0439 4648 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
14:07:30.0440 4648 Filetrace - ok
14:07:30.0738 4648 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
14:07:30.0739 4648 flpydisk - ok
14:07:31.0012 4648 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
14:07:31.0013 4648 FltMgr - ok
14:07:31.0797 4648 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
14:07:31.0798 4648 Fs_Rec - ok
14:07:32.0064 4648 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
14:07:32.0066 4648 gagp30kx - ok
14:07:32.0509 4648 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:07:32.0514 4648 GEARAspiWDM - ok
14:07:32.0963 4648 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:07:32.0972 4648 HDAudBus - ok
14:07:33.0311 4648 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
14:07:33.0313 4648 HidBth - ok
14:07:33.0900 4648 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
14:07:33.0903 4648 HidIr - ok
14:07:34.0188 4648 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
14:07:34.0192 4648 HidUsb - ok
14:07:34.0337 4648 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
14:07:34.0338 4648 HpCISSs - ok
14:07:34.0965 4648 HSF_DPV (99f85640054ba65190b860d878a7c9ae) C:\Windows\system32\DRIVERS\HSX_DPV.sys
14:07:34.0983 4648 HSF_DPV - ok
14:07:36.0153 4648 HSXHWAZL (cfbc2b81972e298f0e19ee68fa9e73da) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
14:07:36.0157 4648 HSXHWAZL - ok
14:07:36.0984 4648 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
14:07:36.0996 4648 HTTP - ok
14:07:37.0653 4648 hwdatacard (0515065a3c7e8869dd01253e987c5bd1) C:\Windows\system32\DRIVERS\ewusbmdm.sys
14:07:37.0655 4648 hwdatacard - ok
14:07:38.0159 4648 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
14:07:38.0165 4648 i2omp - ok
14:07:39.0477 4648 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
14:07:39.0479 4648 i8042prt - ok
14:07:39.0919 4648 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
14:07:39.0922 4648 iaStor - ok
14:07:40.0416 4648 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
14:07:40.0421 4648 iaStorV - ok
14:07:42.0776 4648 igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
14:07:43.0109 4648 igfx - ok
14:07:43.0332 4648 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
14:07:43.0333 4648 iirsp - ok
14:07:43.0867 4648 IntcHdmiAddService (98d303ccb3415e9202e82043b37d66dc) C:\Windows\system32\drivers\IntcHdmi.sys
14:07:43.0869 4648 IntcHdmiAddService - ok
14:07:44.0178 4648 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
14:07:44.0180 4648 intelide - ok
14:07:44.0300 4648 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
14:07:44.0302 4648 intelppm - ok
14:07:44.0665 4648 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:07:44.0668 4648 IpFilterDriver - ok
14:07:44.0845 4648 IpInIp - ok
14:07:44.0910 4648 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
14:07:44.0912 4648 IPMIDRV - ok
14:07:45.0162 4648 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
14:07:45.0165 4648 IPNAT - ok
14:07:45.0408 4648 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
14:07:45.0412 4648 IRENUM - ok
14:07:45.0615 4648 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
14:07:45.0617 4648 isapnp - ok
14:07:46.0045 4648 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
14:07:46.0049 4648 iScsiPrt - ok
14:07:46.0257 4648 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
14:07:46.0259 4648 iteatapi - ok
14:07:46.0331 4648 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
14:07:46.0372 4648 iteraid - ok
14:07:46.0864 4648 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
14:07:46.0937 4648 kbdclass - ok
14:07:47.0358 4648 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
14:07:47.0370 4648 kbdhid - ok
14:07:48.0115 4648 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
14:07:48.0122 4648 KSecDD - ok
14:07:48.0874 4648 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
14:07:48.0879 4648 lltdio - ok
14:07:49.0255 4648 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
14:07:49.0257 4648 LSI_FC - ok
14:07:49.0453 4648 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
14:07:49.0522 4648 LSI_SAS - ok
14:07:50.0232 4648 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
14:07:50.0239 4648 LSI_SCSI - ok
14:07:50.0828 4648 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
14:07:50.0834 4648 luafv - ok
14:07:51.0433 4648 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
14:07:51.0435 4648 MBAMProtector - ok
14:07:52.0512 4648 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
14:07:52.0513 4648 mdmxsdk - ok
14:07:53.0210 4648 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
14:07:53.0211 4648 megasas - ok
14:07:54.0106 4648 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
14:07:54.0112 4648 MegaSR - ok
14:07:54.0364 4648 mfeavfk (c97cbfd71c1c215150a3b3e55f77a7a3) C:\Windows\system32\drivers\mfeavfk.sys
14:07:54.0366 4648 mfeavfk - ok
14:07:54.0827 4648 mfebopk (5447338b83a1a2354fb2fea7604387fd) C:\Windows\system32\drivers\mfebopk.sys
14:07:54.0831 4648 mfebopk - ok
14:07:55.0089 4648 mfehidk (6c9a6ed60b8fc3baf72fe1b1d096445b) C:\Windows\system32\drivers\mfehidk.sys
14:07:55.0092 4648 mfehidk - ok
14:07:55.0397 4648 mferkdk (a551154b51d6a93fccf70fc4e8eaf4bd) C:\Windows\system32\drivers\mferkdk.sys
14:07:55.0398 4648 mferkdk - ok
14:07:56.0010 4648 mfesmfk (299a86b780c9627aaa24e74292363ed2) C:\Windows\system32\drivers\mfesmfk.sys
14:07:56.0011 4648 mfesmfk - ok
14:07:56.0509 4648 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
14:07:56.0511 4648 Modem - ok
14:07:57.0137 4648 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
14:07:57.0139 4648 monitor - ok
14:07:57.0465 4648 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
14:07:57.0466 4648 mouclass - ok
14:07:58.0186 4648 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
14:07:58.0251 4648 mouhid - ok
14:07:58.0897 4648 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
14:07:58.0899 4648 MountMgr - ok
14:07:59.0758 4648 MPFP (96cf5286bc370b558735a7b891232d92) C:\Windows\system32\Drivers\Mpfp.sys
14:07:59.0765 4648 MPFP - ok
14:08:00.0440 4648 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
14:08:00.0442 4648 mpio - ok
14:08:00.0939 4648 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
14:08:00.0940 4648 mpsdrv - ok
14:08:01.0654 4648 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
14:08:01.0656 4648 Mraid35x - ok
14:08:01.0785 4648 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
14:08:01.0788 4648 MRxDAV - ok
14:08:01.0874 4648 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:08:01.0876 4648 mrxsmb - ok
14:08:02.0185 4648 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:08:02.0189 4648 mrxsmb10 - ok
14:08:02.0359 4648 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:08:02.0362 4648 mrxsmb20 - ok
14:08:02.0744 4648 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
14:08:02.0746 4648 msahci - ok
14:08:03.0060 4648 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
14:08:03.0062 4648 msdsm - ok
14:08:03.0430 4648 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
14:08:03.0465 4648 Msfs - ok
14:08:03.0929 4648 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
14:08:03.0930 4648 msisadrv - ok
14:08:04.0450 4648 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
14:08:04.0452 4648 MSKSSRV - ok
14:08:04.0988 4648 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
14:08:04.0989 4648 MSPCLOCK - ok
14:08:05.0081 4648 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
14:08:05.0082 4648 MSPQM - ok
14:08:05.0190 4648 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
14:08:05.0193 4648 MsRPC - ok
14:08:05.0533 4648 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
14:08:05.0539 4648 mssmbios - ok
14:08:05.0944 4648 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
14:08:05.0945 4648 MSTEE - ok
14:08:06.0357 4648 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
14:08:06.0359 4648 Mup - ok
14:08:06.0864 4648 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
14:08:06.0867 4648 NativeWifiP - ok
14:08:07.0093 4648 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
14:08:07.0101 4648 NDIS - ok
14:08:07.0286 4648 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
14:08:07.0291 4648 NdisTapi - ok
14:08:07.0762 4648 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
14:08:07.0764 4648 Ndisuio - ok
14:08:08.0093 4648 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
14:08:08.0096 4648 NdisWan - ok
14:08:08.0407 4648 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
14:08:08.0412 4648 NDProxy - ok
14:08:08.0757 4648 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
14:08:08.0759 4648 NetBIOS - ok
14:08:09.0139 4648 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
14:08:09.0142 4648 netbt - ok
14:08:09.0498 4648 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
14:08:09.0499 4648 nfrd960 - ok
14:08:10.0191 4648 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
14:08:10.0193 4648 Npfs - ok
14:08:10.0525 4648 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
14:08:10.0527 4648 nsiproxy - ok
14:08:10.0869 4648 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
14:08:10.0886 4648 Ntfs - ok
14:08:11.0113 4648 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
14:08:11.0114 4648 ntrigdigi - ok
14:08:11.0453 4648 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
14:08:11.0454 4648 Null - ok
14:08:11.0989 4648 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
14:08:11.0991 4648 nvraid - ok
14:08:12.0278 4648 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
14:08:12.0279 4648 nvstor - ok
14:08:12.0530 4648 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
14:08:12.0532 4648 nv_agp - ok
14:08:12.0689 4648 NwlnkFlt - ok
14:08:12.0708 4648 NwlnkFwd - ok
14:08:13.0320 4648 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
14:08:13.0322 4648 ohci1394 - ok
14:08:14.0133 4648 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
14:08:14.0136 4648 Parport - ok
14:08:14.0475 4648 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
14:08:14.0476 4648 partmgr - ok
14:08:14.0917 4648 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
14:08:14.0919 4648 Parvdm - ok
14:08:15.0205 4648 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
14:08:15.0208 4648 pci - ok
14:08:16.0989 4648 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
14:08:16.0991 4648 pciide - ok
14:08:17.0319 4648 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
14:08:17.0322 4648 pcmcia - ok
14:08:17.0938 4648 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
14:08:17.0951 4648 PEAUTH - ok
14:08:18.0331 4648 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
14:08:18.0333 4648 PptpMiniport - ok
14:08:18.0741 4648 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
14:08:18.0753 4648 Processor - ok
14:08:19.0357 4648 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
14:08:19.0358 4648 PSched - ok
14:08:19.0714 4648 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
14:08:19.0716 4648 PxHelp20 - ok
14:08:20.0522 4648 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
14:08:20.0777 4648 ql2300 - ok
14:08:20.0987 4648 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
14:08:20.0991 4648 ql40xx - ok
14:08:21.0372 4648 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
14:08:21.0375 4648 QWAVEdrv - ok
14:08:22.0435 4648 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
14:08:23.0045 4648 R300 - ok
14:08:23.0347 4648 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
14:08:23.0367 4648 RasAcd - ok
14:08:23.0931 4648 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:08:23.0933 4648 Rasl2tp - ok
14:08:24.0243 4648 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
14:08:24.0245 4648 RasPppoe - ok
14:08:24.0529 4648 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
14:08:24.0531 4648 RasSstp - ok
14:08:24.0792 4648 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
14:08:24.0796 4648 rdbss - ok
14:08:25.0055 4648 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:08:25.0088 4648 RDPCDD - ok
14:08:25.0691 4648 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
14:08:25.0696 4648 rdpdr - ok
14:08:26.0012 4648 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
14:08:26.0013 4648 RDPENCDD - ok
14:08:26.0425 4648 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
14:08:26.0428 4648 RDPWD - ok
14:08:27.0214 4648 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
14:08:27.0216 4648 rimmptsk - ok
14:08:27.0601 4648 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
14:08:27.0603 4648 rimsptsk - ok
14:08:28.0318 4648 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
14:08:28.0319 4648 RimUsb - ok
14:08:28.0779 4648 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
14:08:28.0848 4648 RimVSerPort - ok
14:08:29.0241 4648 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
14:08:29.0243 4648 rismxdp - ok
14:08:29.0462 4648 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
14:08:29.0463 4648 ROOTMODEM - ok
14:08:29.0818 4648 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
14:08:29.0820 4648 rspndr - ok
14:08:30.0050 4648 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
14:08:30.0052 4648 sbp2port - ok
14:08:30.0450 4648 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
14:08:30.0487 4648 sdbus - ok
14:08:30.0784 4648 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:08:30.0807 4648 secdrv - ok
14:08:31.0141 4648 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
14:08:31.0143 4648 Serenum - ok
14:08:31.0404 4648 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
14:08:31.0420 4648 Serial - ok
14:08:31.0659 4648 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
14:08:31.0661 4648 sermouse - ok
14:08:32.0030 4648 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
14:08:32.0031 4648 sffdisk - ok
14:08:32.0289 4648 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
14:08:32.0290 4648 sffp_mmc - ok
14:08:32.0746 4648 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
14:08:32.0832 4648 sffp_sd - ok
14:08:33.0153 4648 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
14:08:33.0154 4648 sfloppy - ok
14:08:33.0480 4648 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
14:08:33.0491 4648 sisagp - ok
14:08:33.0877 4648 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
14:08:33.0878 4648 SiSRaid2 - ok
14:08:34.0336 4648 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
14:08:34.0338 4648 SiSRaid4 - ok
14:08:34.0657 4648 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
14:08:34.0718 4648 Smb - ok
14:08:34.0964 4648 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
14:08:34.0965 4648 spldr - ok
14:08:35.0766 4648 sptd (c4bb8a12843d9cbb65f5ff617f389bbd) C:\Windows\system32\Drivers\sptd.sys
14:08:35.0766 4648 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: c4bb8a12843d9cbb65f5ff617f389bbd
14:08:35.0769 4648 sptd ( LockedFile.Multi.Generic ) - warning
14:08:35.0769 4648 sptd - detected LockedFile.Multi.Generic (1)
14:08:36.0084 4648 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
14:08:36.0089 4648 srv - ok
14:08:36.0792 4648 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
14:08:36.0795 4648 srv2 - ok
14:08:37.0000 4648 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
14:08:37.0003 4648 srvnet - ok
14:08:37.0294 4648 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
14:08:37.0300 4648 STHDA - ok
14:08:37.0540 4648 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
14:08:37.0541 4648 swenum - ok
14:08:37.0613 4648 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
14:08:37.0615 4648 Symc8xx - ok
14:08:37.0822 4648 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
14:08:37.0824 4648 Sym_hi - ok
14:08:38.0050 4648 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
14:08:38.0126 4648 Sym_u3 - ok
14:08:38.0556 4648 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
14:08:38.0569 4648 Tcpip - ok
14:08:38.0979 4648 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
14:08:38.0986 4648 Tcpip6 - ok
14:08:39.0222 4648 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
14:08:39.0223 4648 tcpipreg - ok
14:08:39.0326 4648 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
14:08:39.0327 4648 TDPIPE - ok
14:08:39.0666 4648 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
14:08:39.0668 4648 TDTCP - ok
14:08:39.0835 4648 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
14:08:39.0838 4648 tdx - ok
14:08:39.0889 4648 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
14:08:39.0891 4648 TermDD - ok
14:08:40.0314 4648 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:08:40.0316 4648 tssecsrv - ok
14:08:40.0657 4648 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
14:08:40.0659 4648 tunmp - ok
14:08:40.0689 4648 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
14:08:40.0694 4648 tunnel - ok
14:08:40.0792 4648 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
14:08:40.0794 4648 uagp35 - ok
14:08:40.0877 4648 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
14:08:40.0881 4648 udfs - ok
14:08:40.0989 4648 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
14:08:40.0993 4648 uliagpkx - ok
14:08:41.0065 4648 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
14:08:41.0069 4648 uliahci - ok
14:08:41.0099 4648 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
14:08:41.0101 4648 UlSata - ok
14:08:41.0198 4648 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
14:08:41.0200 4648 ulsata2 - ok
14:08:41.0265 4648 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
14:08:41.0266 4648 umbus - ok
14:08:41.0362 4648 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
14:08:41.0363 4648 USBAAPL - ok
14:08:41.0405 4648 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
14:08:41.0412 4648 usbccgp - ok
14:08:41.0579 4648 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
14:08:41.0582 4648 usbcir - ok
14:08:41.0917 4648 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
14:08:41.0919 4648 usbehci - ok
14:08:42.0160 4648 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
14:08:42.0164 4648 usbhub - ok
14:08:42.0380 4648 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
14:08:42.0382 4648 usbohci - ok
14:08:42.0612 4648 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
14:08:42.0613 4648 usbprint - ok
14:08:42.0933 4648 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
14:08:42.0934 4648 usbscan - ok
14:08:43.0073 4648 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:08:43.0075 4648 USBSTOR - ok
14:08:43.0115 4648 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
14:08:43.0116 4648 usbuhci - ok
14:08:43.0286 4648 VClone (94d73b62e458fb56c9ce60aa96d914f9) C:\Windows\system32\DRIVERS\VClone.sys
14:08:43.0287 4648 VClone - ok
14:08:43.0377 4648 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
14:08:43.0379 4648 vga - ok
14:08:43.0466 4648 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
14:08:43.0468 4648 VgaSave - ok
14:08:43.0496 4648 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
14:08:43.0498 4648 viaagp - ok
14:08:43.0530 4648 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
14:08:43.0532 4648 ViaC7 - ok
14:08:43.0594 4648 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
14:08:43.0595 4648 viaide - ok
14:08:43.0677 4648 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
14:08:43.0679 4648 volmgr - ok
14:08:43.0778 4648 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
14:08:43.0784 4648 volmgrx - ok
14:08:43.0918 4648 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
14:08:43.0923 4648 volsnap - ok
14:08:44.0024 4648 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
14:08:44.0027 4648 vsmraid - ok
14:08:44.0614 4648 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
14:08:44.0616 4648 WacomPen - ok
14:08:45.0292 4648 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:08:45.0294 4648 Wanarp - ok
14:08:45.0334 4648 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:08:45.0335 4648 Wanarpv6 - ok
14:08:45.0606 4648 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
14:08:45.0607 4648 Wd - ok
14:08:46.0632 4648 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
14:08:46.0640 4648 Wdf01000 - ok
14:08:47.0304 4648 winachsf (72cc6a8ca7891031d6380db5025c773c) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
14:08:47.0314 4648 winachsf - ok
14:08:47.0499 4648 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:08:47.0500 4648 WmiAcpi - ok
14:08:47.0667 4648 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
14:08:47.0668 4648 WpdUsb - ok
14:08:47.0750 4648 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
14:08:47.0751 4648 ws2ifsl - ok
14:08:47.0971 4648 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:08:47.0974 4648 WUDFRd - ok
14:08:48.0142 4648 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
14:08:48.0143 4648 XAudio - ok
14:08:48.0236 4648 yukonwlh (a4822191c7cea271903c2a4fb6d9809d) C:\Windows\system32\DRIVERS\yk60x86.sys
14:08:48.0242 4648 yukonwlh - ok
14:08:48.0327 4648 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
14:08:48.0377 4648 \Device\Harddisk0\DR0 - ok
14:08:48.0401 4648 Boot (0x1200) (e8d77853523e8223c09b0cfabfddb27a) \Device\Harddisk0\DR0\Partition0
14:08:48.0402 4648 \Device\Harddisk0\DR0\Partition0 - ok
14:08:48.0408 4648 Boot (0x1200) (1a0962194aacb8c929cc1b5d0f40a1aa) \Device\Harddisk0\DR0\Partition1
14:08:48.0409 4648 \Device\Harddisk0\DR0\Partition1 - ok
14:08:48.0413 4648 ============================================================
14:08:48.0413 4648 Scan finished
14:08:48.0413 4648 ============================================================
14:08:48.0437 5404 Detected object count: 1
14:08:48.0437 5404 Actual detected object count: 1
14:11:25.0331 5404 sptd ( LockedFile.Multi.Generic ) - skipped by user
14:11:25.0331 5404 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

GMER:

14:06:46.0886 2700 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
14:06:48.0913 2700 ============================================================
14:06:48.0913 2700 Current date / time: 2012/01/22 14:06:48.0913
14:06:48.0913 2700 SystemInfo:
14:06:48.0913 2700
14:06:48.0913 2700 OS Version: 6.0.6002 ServicePack: 2.0
14:06:48.0913 2700 Product type: Workstation
14:06:48.0913 2700 ComputerName: JW278
14:06:48.0914 2700 UserName: Jen
14:06:48.0914 2700 Windows directory: C:\Windows
14:06:48.0914 2700 System windows directory: C:\Windows
14:06:48.0914 2700 Processor architecture: Intel x86
14:06:48.0914 2700 Number of processors: 1
14:06:48.0914 2700 Page size: 0x1000
14:06:48.0914 2700 Boot type: Normal boot
14:06:48.0914 2700 ============================================================
14:06:52.0074 2700 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:06:53.0079 2700 Initialize success
14:06:57.0804 4648 ============================================================
14:06:57.0804 4648 Scan started
14:06:57.0804 4648 Mode: Manual;
14:06:57.0804 4648 ============================================================
14:07:06.0350 4648 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
14:07:06.0355 4648 ACPI - ok
14:07:06.0777 4648 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
14:07:06.0784 4648 adp94xx - ok
14:07:06.0878 4648 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
14:07:06.0884 4648 adpahci - ok
14:07:07.0229 4648 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
14:07:07.0232 4648 adpu160m - ok
14:07:07.0650 4648 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
14:07:07.0654 4648 adpu320 - ok
14:07:08.0753 4648 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
14:07:08.0758 4648 AFD - ok
14:07:09.0068 4648 AFGMp50 - ok
14:07:09.0080 4648 AFGSp50 - ok
14:07:09.0679 4648 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
14:07:09.0681 4648 agp440 - ok
14:07:09.0979 4648 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
14:07:09.0982 4648 aic78xx - ok
14:07:10.0413 4648 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
14:07:10.0414 4648 aliide - ok
14:07:10.0841 4648 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
14:07:10.0843 4648 amdagp - ok
14:07:11.0216 4648 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
14:07:11.0217 4648 amdide - ok
14:07:11.0855 4648 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
14:07:11.0857 4648 AmdK7 - ok
14:07:12.0127 4648 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
14:07:12.0129 4648 AmdK8 - ok
14:07:12.0411 4648 ApfiltrService (a80230bd04f0b8bf05185b369bb1cbb8) C:\Windows\system32\DRIVERS\Apfiltr.sys
14:07:12.0413 4648 ApfiltrService - ok
14:07:12.0822 4648 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
14:07:12.0824 4648 arc - ok
14:07:13.0033 4648 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
14:07:13.0035 4648 arcsas - ok
14:07:13.0217 4648 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
14:07:13.0218 4648 AsyncMac - ok
14:07:13.0561 4648 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
14:07:13.0563 4648 atapi - ok
14:07:13.0959 4648 BCM42RLY (7bd70aeed0d975285a1b20bd012ebf4e) C:\Windows\system32\drivers\BCM42RLY.sys
14:07:13.0960 4648 BCM42RLY - ok
14:07:14.0861 4648 BCM43XX (fa6707a346cd122407f3b0bad1c47639) C:\Windows\system32\DRIVERS\bcmwl6.sys
14:07:14.0968 4648 BCM43XX - ok
14:07:15.0932 4648 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
14:07:15.0932 4648 Beep - ok
14:07:16.0563 4648 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
14:07:16.0565 4648 blbdrive - ok
14:07:16.0897 4648 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
14:07:16.0898 4648 bowser - ok
14:07:17.0273 4648 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
14:07:17.0275 4648 BrFiltLo - ok
14:07:17.0580 4648 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
14:07:17.0581 4648 BrFiltUp - ok
14:07:17.0971 4648 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
14:07:17.0977 4648 Brserid - ok
14:07:18.0254 4648 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
14:07:18.0256 4648 BrSerWdm - ok
14:07:19.0115 4648 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
14:07:19.0120 4648 BrUsbMdm - ok
14:07:19.0274 4648 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
14:07:19.0275 4648 BrUsbSer - ok
14:07:19.0730 4648 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
14:07:19.0732 4648 BTHMODEM - ok
14:07:20.0010 4648 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
14:07:20.0049 4648 cdfs - ok
14:07:20.0425 4648 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
14:07:20.0428 4648 cdrom - ok
14:07:20.0787 4648 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
14:07:20.0789 4648 circlass - ok
14:07:21.0122 4648 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
14:07:21.0125 4648 CLFS - ok
14:07:21.0862 4648 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
14:07:21.0863 4648 CmBatt - ok
14:07:22.0474 4648 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
14:07:22.0475 4648 cmdide - ok
14:07:23.0058 4648 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
14:07:23.0059 4648 Compbatt - ok
14:07:23.0285 4648 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
14:07:23.0287 4648 crcdisk - ok
14:07:23.0615 4648 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
14:07:23.0616 4648 Crusoe - ok
14:07:24.0089 4648 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
14:07:24.0091 4648 DfsC - ok
14:07:24.0751 4648 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
14:07:24.0801 4648 disk - ok
14:07:25.0420 4648 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
14:07:25.0421 4648 drmkaud - ok
14:07:26.0027 4648 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
14:07:26.0036 4648 DXGKrnl - ok
14:07:26.0343 4648 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
14:07:26.0347 4648 e1express - ok
14:07:26.0838 4648 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
14:07:26.0841 4648 E1G60 - ok
14:07:27.0369 4648 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
14:07:27.0372 4648 Ecache - ok
14:07:27.0924 4648 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
14:07:28.0011 4648 elxstor - ok
14:07:28.0300 4648 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
14:07:28.0303 4648 ErrDev - ok
14:07:28.0744 4648 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
14:07:28.0748 4648 exfat - ok
14:07:28.0955 4648 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
14:07:28.0957 4648 fastfat - ok
14:07:29.0570 4648 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
14:07:29.0571 4648 fdc - ok
14:07:30.0142 4648 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
14:07:30.0144 4648 FileInfo - ok
14:07:30.0439 4648 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
14:07:30.0440 4648 Filetrace - ok
14:07:30.0738 4648 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
14:07:30.0739 4648 flpydisk - ok
14:07:31.0012 4648 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
14:07:31.0013 4648 FltMgr - ok
14:07:31.0797 4648 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
14:07:31.0798 4648 Fs_Rec - ok
14:07:32.0064 4648 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
14:07:32.0066 4648 gagp30kx - ok
14:07:32.0509 4648 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:07:32.0514 4648 GEARAspiWDM - ok
14:07:32.0963 4648 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:07:32.0972 4648 HDAudBus - ok
14:07:33.0311 4648 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
14:07:33.0313 4648 HidBth - ok
14:07:33.0900 4648 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
14:07:33.0903 4648 HidIr - ok
14:07:34.0188 4648 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
14:07:34.0192 4648 HidUsb - ok
14:07:34.0337 4648 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
14:07:34.0338 4648 HpCISSs - ok
14:07:34.0965 4648 HSF_DPV (99f85640054ba65190b860d878a7c9ae) C:\Windows\system32\DRIVERS\HSX_DPV.sys
14:07:34.0983 4648 HSF_DPV - ok
14:07:36.0153 4648 HSXHWAZL (cfbc2b81972e298f0e19ee68fa9e73da) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
14:07:36.0157 4648 HSXHWAZL - ok
14:07:36.0984 4648 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
14:07:36.0996 4648 HTTP - ok
14:07:37.0653 4648 hwdatacard (0515065a3c7e8869dd01253e987c5bd1) C:\Windows\system32\DRIVERS\ewusbmdm.sys
14:07:37.0655 4648 hwdatacard - ok
14:07:38.0159 4648 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
14:07:38.0165 4648 i2omp - ok
14:07:39.0477 4648 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
14:07:39.0479 4648 i8042prt - ok
14:07:39.0919 4648 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
14:07:39.0922 4648 iaStor - ok
14:07:40.0416 4648 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
14:07:40.0421 4648 iaStorV - ok
14:07:42.0776 4648 igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
14:07:43.0109 4648 igfx - ok
14:07:43.0332 4648 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
14:07:43.0333 4648 iirsp - ok
14:07:43.0867 4648 IntcHdmiAddService (98d303ccb3415e9202e82043b37d66dc) C:\Windows\system32\drivers\IntcHdmi.sys
14:07:43.0869 4648 IntcHdmiAddService - ok
14:07:44.0178 4648 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
14:07:44.0180 4648 intelide - ok
14:07:44.0300 4648 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
14:07:44.0302 4648 intelppm - ok
14:07:44.0665 4648 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:07:44.0668 4648 IpFilterDriver - ok
14:07:44.0845 4648 IpInIp - ok
14:07:44.0910 4648 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
14:07:44.0912 4648 IPMIDRV - ok
14:07:45.0162 4648 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
14:07:45.0165 4648 IPNAT - ok
14:07:45.0408 4648 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
14:07:45.0412 4648 IRENUM - ok
14:07:45.0615 4648 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
14:07:45.0617 4648 isapnp - ok
14:07:46.0045 4648 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
14:07:46.0049 4648 iScsiPrt - ok
14:07:46.0257 4648 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
14:07:46.0259 4648 iteatapi - ok
14:07:46.0331 4648 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
14:07:46.0372 4648 iteraid - ok
14:07:46.0864 4648 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
14:07:46.0937 4648 kbdclass - ok
14:07:47.0358 4648 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
14:07:47.0370 4648 kbdhid - ok
14:07:48.0115 4648 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
14:07:48.0122 4648 KSecDD - ok
14:07:48.0874 4648 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
14:07:48.0879 4648 lltdio - ok
14:07:49.0255 4648 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
14:07:49.0257 4648 LSI_FC - ok
14:07:49.0453 4648 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
14:07:49.0522 4648 LSI_SAS - ok
14:07:50.0232 4648 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
14:07:50.0239 4648 LSI_SCSI - ok
14:07:50.0828 4648 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
14:07:50.0834 4648 luafv - ok
14:07:51.0433 4648 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
14:07:51.0435 4648 MBAMProtector - ok
14:07:52.0512 4648 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
14:07:52.0513 4648 mdmxsdk - ok
14:07:53.0210 4648 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
14:07:53.0211 4648 megasas - ok
14:07:54.0106 4648 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
14:07:54.0112 4648 MegaSR - ok
14:07:54.0364 4648 mfeavfk (c97cbfd71c1c215150a3b3e55f77a7a3) C:\Windows\system32\drivers\mfeavfk.sys
14:07:54.0366 4648 mfeavfk - ok
14:07:54.0827 4648 mfebopk (5447338b83a1a2354fb2fea7604387fd) C:\Windows\system32\drivers\mfebopk.sys
14:07:54.0831 4648 mfebopk - ok
14:07:55.0089 4648 mfehidk (6c9a6ed60b8fc3baf72fe1b1d096445b) C:\Windows\system32\drivers\mfehidk.sys
14:07:55.0092 4648 mfehidk - ok
14:07:55.0397 4648 mferkdk (a551154b51d6a93fccf70fc4e8eaf4bd) C:\Windows\system32\drivers\mferkdk.sys
14:07:55.0398 4648 mferkdk - ok
14:07:56.0010 4648 mfesmfk (299a86b780c9627aaa24e74292363ed2) C:\Windows\system32\drivers\mfesmfk.sys
14:07:56.0011 4648 mfesmfk - ok
14:07:56.0509 4648 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
14:07:56.0511 4648 Modem - ok
14:07:57.0137 4648 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
14:07:57.0139 4648 monitor - ok
14:07:57.0465 4648 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
14:07:57.0466 4648 mouclass - ok
14:07:58.0186 4648 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
14:07:58.0251 4648 mouhid - ok
14:07:58.0897 4648 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
14:07:58.0899 4648 MountMgr - ok
14:07:59.0758 4648 MPFP (96cf5286bc370b558735a7b891232d92) C:\Windows\system32\Drivers\Mpfp.sys
14:07:59.0765 4648 MPFP - ok
14:08:00.0440 4648 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
14:08:00.0442 4648 mpio - ok
14:08:00.0939 4648 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
14:08:00.0940 4648 mpsdrv - ok
14:08:01.0654 4648 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
14:08:01.0656 4648 Mraid35x - ok
14:08:01.0785 4648 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
14:08:01.0788 4648 MRxDAV - ok
14:08:01.0874 4648 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:08:01.0876 4648 mrxsmb - ok
14:08:02.0185 4648 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:08:02.0189 4648 mrxsmb10 - ok
14:08:02.0359 4648 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:08:02.0362 4648 mrxsmb20 - ok
14:08:02.0744 4648 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
14:08:02.0746 4648 msahci - ok
14:08:03.0060 4648 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
14:08:03.0062 4648 msdsm - ok
14:08:03.0430 4648 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
14:08:03.0465 4648 Msfs - ok
14:08:03.0929 4648 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
14:08:03.0930 4648 msisadrv - ok
14:08:04.0450 4648 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
14:08:04.0452 4648 MSKSSRV - ok
14:08:04.0988 4648 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
14:08:04.0989 4648 MSPCLOCK - ok
14:08:05.0081 4648 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
14:08:05.0082 4648 MSPQM - ok
14:08:05.0190 4648 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
14:08:05.0193 4648 MsRPC - ok
14:08:05.0533 4648 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
14:08:05.0539 4648 mssmbios - ok
14:08:05.0944 4648 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
14:08:05.0945 4648 MSTEE - ok
14:08:06.0357 4648 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
14:08:06.0359 4648 Mup - ok
14:08:06.0864 4648 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
14:08:06.0867 4648 NativeWifiP - ok
14:08:07.0093 4648 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
14:08:07.0101 4648 NDIS - ok
14:08:07.0286 4648 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
14:08:07.0291 4648 NdisTapi - ok
14:08:07.0762 4648 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
14:08:07.0764 4648 Ndisuio - ok
14:08:08.0093 4648 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
14:08:08.0096 4648 NdisWan - ok
14:08:08.0407 4648 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
14:08:08.0412 4648 NDProxy - ok
14:08:08.0757 4648 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
14:08:08.0759 4648 NetBIOS - ok
14:08:09.0139 4648 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
14:08:09.0142 4648 netbt - ok
14:08:09.0498 4648 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
14:08:09.0499 4648 nfrd960 - ok
14:08:10.0191 4648 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
14:08:10.0193 4648 Npfs - ok
14:08:10.0525 4648 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
14:08:10.0527 4648 nsiproxy - ok
14:08:10.0869 4648 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
14:08:10.0886 4648 Ntfs - ok
14:08:11.0113 4648 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
14:08:11.0114 4648 ntrigdigi - ok
14:08:11.0453 4648 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
14:08:11.0454 4648 Null - ok
14:08:11.0989 4648 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
14:08:11.0991 4648 nvraid - ok
14:08:12.0278 4648 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
14:08:12.0279 4648 nvstor - ok
14:08:12.0530 4648 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
14:08:12.0532 4648 nv_agp - ok
14:08:12.0689 4648 NwlnkFlt - ok
14:08:12.0708 4648 NwlnkFwd - ok
14:08:13.0320 4648 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
14:08:13.0322 4648 ohci1394 - ok
14:08:14.0133 4648 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
14:08:14.0136 4648 Parport - ok
14:08:14.0475 4648 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
14:08:14.0476 4648 partmgr - ok
14:08:14.0917 4648 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
14:08:14.0919 4648 Parvdm - ok
14:08:15.0205 4648 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
14:08:15.0208 4648 pci - ok
14:08:16.0989 4648 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
14:08:16.0991 4648 pciide - ok
14:08:17.0319 4648 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
14:08:17.0322 4648 pcmcia - ok
14:08:17.0938 4648 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
14:08:17.0951 4648 PEAUTH - ok
14:08:18.0331 4648 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
14:08:18.0333 4648 PptpMiniport - ok
14:08:18.0741 4648 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
14:08:18.0753 4648 Processor - ok
14:08:19.0357 4648 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
14:08:19.0358 4648 PSched - ok
14:08:19.0714 4648 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
14:08:19.0716 4648 PxHelp20 - ok
14:08:20.0522 4648 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
14:08:20.0777 4648 ql2300 - ok
14:08:20.0987 4648 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
14:08:20.0991 4648 ql40xx - ok
14:08:21.0372 4648 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
14:08:21.0375 4648 QWAVEdrv - ok
14:08:22.0435 4648 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
14:08:23.0045 4648 R300 - ok
14:08:23.0347 4648 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
14:08:23.0367 4648 RasAcd - ok
14:08:23.0931 4648 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:08:23.0933 4648 Rasl2tp - ok
14:08:24.0243 4648 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
14:08:24.0245 4648 RasPppoe - ok
14:08:24.0529 4648 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
14:08:24.0531 4648 RasSstp - ok
14:08:24.0792 4648 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
14:08:24.0796 4648 rdbss - ok
14:08:25.0055 4648 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:08:25.0088 4648 RDPCDD - ok
14:08:25.0691 4648 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
14:08:25.0696 4648 rdpdr - ok
14:08:26.0012 4648 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
14:08:26.0013 4648 RDPENCDD - ok
14:08:26.0425 4648 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
14:08:26.0428 4648 RDPWD - ok
14:08:27.0214 4648 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
14:08:27.0216 4648 rimmptsk - ok
14:08:27.0601 4648 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
14:08:27.0603 4648 rimsptsk - ok
14:08:28.0318 4648 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
14:08:28.0319 4648 RimUsb - ok
14:08:28.0779 4648 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
14:08:28.0848 4648 RimVSerPort - ok
14:08:29.0241 4648 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
14:08:29.0243 4648 rismxdp - ok
14:08:29.0462 4648 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
14:08:29.0463 4648 ROOTMODEM - ok
14:08:29.0818 4648 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
14:08:29.0820 4648 rspndr - ok
14:08:30.0050 4648 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
14:08:30.0052 4648 sbp2port - ok
14:08:30.0450 4648 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
14:08:30.0487 4648 sdbus - ok
14:08:30.0784 4648 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:08:30.0807 4648 secdrv - ok
14:08:31.0141 4648 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
14:08:31.0143 4648 Serenum - ok
14:08:31.0404 4648 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
14:08:31.0420 4648 Serial - ok
14:08:31.0659 4648 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
14:08:31.0661 4648 sermouse - ok
14:08:32.0030 4648 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
14:08:32.0031 4648 sffdisk - ok
14:08:32.0289 4648 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
14:08:32.0290 4648 sffp_mmc - ok
14:08:32.0746 4648 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
14:08:32.0832 4648 sffp_sd - ok
14:08:33.0153 4648 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
14:08:33.0154 4648 sfloppy - ok
14:08:33.0480 4648 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
14:08:33.0491 4648 sisagp - ok
14:08:33.0877 4648 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
14:08:33.0878 4648 SiSRaid2 - ok
14:08:34.0336 4648 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
14:08:34.0338 4648 SiSRaid4 - ok
14:08:34.0657 4648 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
14:08:34.0718 4648 Smb - ok
14:08:34.0964 4648 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
14:08:34.0965 4648 spldr - ok
14:08:35.0766 4648 sptd (c4bb8a12843d9cbb65f5ff617f389bbd) C:\Windows\system32\Drivers\sptd.sys
14:08:35.0766 4648 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: c4bb8a12843d9cbb65f5ff617f389bbd
14:08:35.0769 4648 sptd ( LockedFile.Multi.Generic ) - warning
14:08:35.0769 4648 sptd - detected LockedFile.Multi.Generic (1)
14:08:36.0084 4648 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
14:08:36.0089 4648 srv - ok
14:08:36.0792 4648 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
14:08:36.0795 4648 srv2 - ok
14:08:37.0000 4648 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
14:08:37.0003 4648 srvnet - ok
14:08:37.0294 4648 STHDA (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
14:08:37.0300 4648 STHDA - ok
14:08:37.0540 4648 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
14:08:37.0541 4648 swenum - ok
14:08:37.0613 4648 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
14:08:37.0615 4648 Symc8xx - ok
14:08:37.0822 4648 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
14:08:37.0824 4648 Sym_hi - ok
14:08:38.0050 4648 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
14:08:38.0126 4648 Sym_u3 - ok
14:08:38.0556 4648 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
14:08:38.0569 4648 Tcpip - ok
14:08:38.0979 4648 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
14:08:38.0986 4648 Tcpip6 - ok
14:08:39.0222 4648 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
14:08:39.0223 4648 tcpipreg - ok
14:08:39.0326 4648 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
14:08:39.0327 4648 TDPIPE - ok
14:08:39.0666 4648 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
14:08:39.0668 4648 TDTCP - ok
14:08:39.0835 4648 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
14:08:39.0838 4648 tdx - ok
14:08:39.0889 4648 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
14:08:39.0891 4648 TermDD - ok
14:08:40.0314 4648 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:08:40.0316 4648 tssecsrv - ok
14:08:40.0657 4648 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
14:08:40.0659 4648 tunmp - ok
14:08:40.0689 4648 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
14:08:40.0694 4648 tunnel - ok
14:08:40.0792 4648 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
14:08:40.0794 4648 uagp35 - ok
14:08:40.0877 4648 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
14:08:40.0881 4648 udfs - ok
14:08:40.0989 4648 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
14:08:40.0993 4648 uliagpkx - ok
14:08:41.0065 4648 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
14:08:41.0069 4648 uliahci - ok
14:08:41.0099 4648 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
14:08:41.0101 4648 UlSata - ok
14:08:41.0198 4648 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
14:08:41.0200 4648 ulsata2 - ok
14:08:41.0265 4648 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
14:08:41.0266 4648 umbus - ok
14:08:41.0362 4648 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
14:08:41.0363 4648 USBAAPL - ok
14:08:41.0405 4648 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
14:08:41.0412 4648 usbccgp - ok
14:08:41.0579 4648 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
14:08:41.0582 4648 usbcir - ok
14:08:41.0917 4648 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
14:08:41.0919 4648 usbehci - ok
14:08:42.0160 4648 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
14:08:42.0164 4648 usbhub - ok
14:08:42.0380 4648 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
14:08:42.0382 4648 usbohci - ok
14:08:42.0612 4648 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
14:08:42.0613 4648 usbprint - ok
14:08:42.0933 4648 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
14:08:42.0934 4648 usbscan - ok
14:08:43.0073 4648 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:08:43.0075 4648 USBSTOR - ok
14:08:43.0115 4648 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
14:08:43.0116 4648 usbuhci - ok
14:08:43.0286 4648 VClone (94d73b62e458fb56c9ce60aa96d914f9) C:\Windows\system32\DRIVERS\VClone.sys
14:08:43.0287 4648 VClone - ok
14:08:43.0377 4648 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
14:08:43.0379 4648 vga - ok
14:08:43.0466 4648 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
14:08:43.0468 4648 VgaSave - ok
14:08:43.0496 4648 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
14:08:43.0498 4648 viaagp - ok
14:08:43.0530 4648 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
14:08:43.0532 4648 ViaC7 - ok
14:08:43.0594 4648 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
14:08:43.0595 4648 viaide - ok
14:08:43.0677 4648 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
14:08:43.0679 4648 volmgr - ok
14:08:43.0778 4648 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
14:08:43.0784 4648 volmgrx - ok
14:08:43.0918 4648 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
14:08:43.0923 4648 volsnap - ok
14:08:44.0024 4648 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
14:08:44.0027 4648 vsmraid - ok
14:08:44.0614 4648 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
14:08:44.0616 4648 WacomPen - ok
14:08:45.0292 4648 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:08:45.0294 4648 Wanarp - ok
14:08:45.0334 4648 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:08:45.0335 4648 Wanarpv6 - ok
14:08:45.0606 4648 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
14:08:45.0607 4648 Wd - ok
14:08:46.0632 4648 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
14:08:46.0640 4648 Wdf01000 - ok
14:08:47.0304 4648 winachsf (72cc6a8ca7891031d6380db5025c773c) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
14:08:47.0314 4648 winachsf - ok
14:08:47.0499 4648 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:08:47.0500 4648 WmiAcpi - ok
14:08:47.0667 4648 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
14:08:47.0668 4648 WpdUsb - ok
14:08:47.0750 4648 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
14:08:47.0751 4648 ws2ifsl - ok
14:08:47.0971 4648 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:08:47.0974 4648 WUDFRd - ok
14:08:48.0142 4648 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
14:08:48.0143 4648 XAudio - ok
14:08:48.0236 4648 yukonwlh (a4822191c7cea271903c2a4fb6d9809d) C:\Windows\system32\DRIVERS\yk60x86.sys
14:08:48.0242 4648 yukonwlh - ok
14:08:48.0327 4648 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
14:08:48.0377 4648 \Device\Harddisk0\DR0 - ok
14:08:48.0401 4648 Boot (0x1200) (e8d77853523e8223c09b0cfabfddb27a) \Device\Harddisk0\DR0\Partition0
14:08:48.0402 4648 \Device\Harddisk0\DR0\Partition0 - ok
14:08:48.0408 4648 Boot (0x1200) (1a0962194aacb8c929cc1b5d0f40a1aa) \Device\Harddisk0\DR0\Partition1
14:08:48.0409 4648 \Device\Harddisk0\DR0\Partition1 - ok
14:08:48.0413 4648 ============================================================
14:08:48.0413 4648 Scan finished
14:08:48.0413 4648 ============================================================
14:08:48.0437 5404 Detected object count: 1
14:08:48.0437 5404 Actual detected object count: 1
14:11:25.0331 5404 sptd ( LockedFile.Multi.Generic ) - skipped by user
14:11:25.0331 5404 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

aswMBR:

aswMBR version 0.9.9.1297 Copyright© 2011 AVAST Software
Run date: 2012-01-22 18:43:06
-----------------------------
18:43:06.478 OS Version: Windows 6.0.6002 Service Pack 2
18:43:06.478 Number of processors: 1 586 0x1601
18:43:06.481 ComputerName: JW278 UserName: Jen
18:43:08.371 Initialize success
18:43:18.812 AVAST engine download error: 407
18:43:37.588 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
18:43:37.590 Disk 0 Vendor: TOSHIBA_ LV01 Size: 152627MB BusType: 3
18:43:37.979 Disk 0 MBR read successfully
18:43:37.982 Disk 0 MBR scan
18:43:37.985 Disk 0 Windows VISTA default MBR code
18:43:38.060 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 101 MB offset 63
18:43:38.209 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 208896
18:43:38.230 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 139723 MB offset 21180416
18:43:38.234 Disk 0 Partition - 00 0F Extended LBA 2560 MB offset 307335168
18:43:38.282 Disk 0 Partition 4 00 DD MSDOS5.0 2559 MB offset 307337216
18:43:38.498 Disk 0 scanning sectors +312578048
18:43:38.844 Disk 0 scanning C:\Windows\system32\drivers
18:44:21.361 Service scanning
18:44:22.333 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
18:44:22.934 Modules scanning
18:44:55.631 Disk 0 trace - called modules:
18:44:55.678 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys spcv.sys hal.dll
18:44:55.684 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85c438e0]
18:44:55.691 3 CLASSPNP.SYS[893a18b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x851ea030]
18:44:55.697 Scan finished successfully
18:46:05.399 Disk 0 MBR has been saved successfully to "C:\Users\Jen\Desktop\MBR.dat"
18:46:05.410 The log file has been saved successfully to "C:\Users\Jen\Desktop\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:29 AM

Posted 22 January 2012 - 07:34 PM

That looks clean

Post the GMER log too

Also

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Good luck

#5 Jw278

Jw278
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:29 AM

Posted 23 January 2012 - 05:17 PM

The ESET scanner is taking an extremely long time to do its thing, so in the meantime here's the gmer log:

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-01-22 18:41:53
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 TOSHIBA_ rev.LV01
Running: pr8mq7ef.exe; Driver: C:\Users\Jen\AppData\Local\Temp\kxldypod.sys


---- System - GMER 1.0.15 ----

INT 0x62 ? 869B8C88
INT 0x72 ? 869B8C88
INT 0x72 ? 869B8C88
INT 0x72 ? 869B8C88
INT 0x82 ? 869B8C88
INT 0x82 ? 869B8C88
INT 0x82 ? 869B8C88
INT 0x82 ? 869B8C88
INT 0xA2 ? 8514BC88
INT 0xB2 ? 85150C88

Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateFile [0x8E31A9BE]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateProcess [0x8E31A958]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateProcessEx [0x8E31A96C]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwNotifyChangeKey [0x8E31A9E8]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenProcess [0x8E31A930]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenThread [0x8E31A944]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwProtectVirtualMemory [0x8E31A9D2]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwReplaceKey [0x8E31AA10]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwRestoreKey [0x8E31A9FC]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwSetContextThread [0x8E31A9AA]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwSetInformationProcess [0x8E31A996]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwTerminateProcess [0x8E31A91C]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateUserProcess [0x8E31A982]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtCreateFile
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtOpenProcess
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtOpenThread
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtSetInformationProcess

---- Kernel code sections - GMER 1.0.15 ----

PAGE ntkrnlpa.exe!ZwNotifyChangeKey 821C8609 5 Bytes JMP 8E31A9EC \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwCreateUserProcess 821D2C11 5 Bytes JMP 8E31A986 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwTerminateProcess 821FA143 5 Bytes JMP 8E31A920 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!NtSetInformationProcess 8221D8C8 5 Bytes JMP 8E31A99A \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwProtectVirtualMemory 822232DD 7 Bytes JMP 8E31A9D6 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!NtOpenThread 822254FA 5 Bytes JMP 8E31A948 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!NtOpenProcess 82229FA8 5 Bytes JMP 8E31A934 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!NtCreateFile 8224B33B 5 Bytes JMP 8E31A9C2 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwRestoreKey 8225BDB2 5 Bytes JMP 8E31AA00 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwReplaceKey 8225CFB6 5 Bytes JMP 8E31AA14 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwCreateProcess 8229AD7F 5 Bytes JMP 8E31A95C \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 8229ADCA 7 Bytes JMP 8E31A970 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntkrnlpa.exe!ZwSetContextThread 8229B883 5 Bytes JMP 8E31A9AE \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
? System32\Drivers\spcv.sys The system cannot find the path specified. !
.text USBPORT.SYS!DllUnload 8D93741B 5 Bytes JMP 869B81D8
.text ar251xb6.SYS 8C976000 47 Bytes [82, A3, 3C, 82, 6C, A2, 3C, ...]
.text ar251xb6.SYS 8C976030 148 Bytes [08, E5, 04, 82, 83, 57, 0B, ...]
.text ar251xb6.SYS 8C9760C6 32 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text ar251xb6.SYS 8C9760E7 31 Bytes [00, 38, 0F, 00, 00, 00, 00, ...]
.text ar251xb6.SYS 8C976107 224 Bytes [56, 09, 18, 08, DA, 0A, 9C, ...]
.text ...
? system32\drivers\81386487.sys The system cannot find the path specified. !

---- User code sections - GMER 1.0.15 ----

.text c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe[472] kernel32.dll!LoadLibraryW 77069400 5 Bytes JMP 0041C1F0 c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee Proxy Service Module/McAfee, Inc.)
.text c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe[472] kernel32.dll!LoadLibraryA 7706957C 5 Bytes JMP 0041C170 c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee Proxy Service Module/McAfee, Inc.)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[1548] USER32.dll!SetWindowLongA 76DDE7CD 5 Bytes JMP 6629A2FB C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[1548] USER32.dll!SetWindowLongW 76DE13B4 5 Bytes JMP 6629A28D C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[1548] USER32.dll!GetWindowInfo 76DE428E 5 Bytes JMP 660A1BD2 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[1548] USER32.dll!TrackPopupMenu 76DF14F3 5 Bytes JMP 660A219D C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[4800] ntdll.dll!LdrLoadDll 772D93A8 5 Bytes JMP 00041410 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [80698F9C] \SystemRoot\System32\Drivers\spcv.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUlong] [806983E6] \SystemRoot\System32\Drivers\spcv.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [8069890E] \SystemRoot\System32\Drivers\spcv.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [80699178] \SystemRoot\System32\Drivers\spcv.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [80698116] \SystemRoot\System32\Drivers\spcv.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [806981D4] \SystemRoot\System32\Drivers\spcv.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [806A9976] \SystemRoot\System32\Drivers\spcv.sys
IAT \SystemRoot\System32\Drivers\ar251xb6.SYS[HAL.dll!KfAcquireSpinLock] 0000A300
IAT \SystemRoot\System32\Drivers\ar251xb6.SYS[HAL.dll!KfReleaseSpinLock] 00009200
IAT \SystemRoot\System32\Drivers\ar251xb6.SYS[storport.sys!StorPortPauseDevice] 00003800
IAT \SystemRoot\System32\Drivers\ar251xb6.SYS[storport.sys!StorPortResumeDevice] 0000F500
IAT \SystemRoot\System32\Drivers\ar251xb6.SYS[storport.sys!StorPortInitialize] 0000BC00
IAT \SystemRoot\System32\Drivers\ar251xb6.SYS[storport.sys!StorPortNotification] 0000B600
IAT \SystemRoot\System32\Drivers\ar251xb6.SYS[TDI.SYS!TdiDeregisterPnPHandlers] 00001000
IAT \SystemRoot\System32\Drivers\ar251xb6.SYS[TDI.SYS!TdiRegisterPnPHandlers] 0000FF00
IAT \SystemRoot\System32\Drivers\ar251xb6.SYS[NETIO.SYS!WskDeregister] 0000D200
IAT \SystemRoot\System32\Drivers\ar251xb6.SYS[NETIO.SYS!WskReleaseProviderNPI] 0000CD00
IAT \SystemRoot\System32\Drivers\ar251xb6.SYS[NETIO.SYS!WskRegister] 00000C00
IAT \SystemRoot\System32\Drivers\ar251xb6.SYS[NETIO.SYS!WskCaptureProviderNPI] 00001300

---- Devices - GMER 1.0.15 ----

Device 851521F8
Device Ntfs.sys (NT File System Driver/Microsoft Corporation)

AttachedDevice mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)

Device 87FE91F8
Device fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
Device 86A2D1F8
Device \Driver\volmgr \Device\VolMgrControl 8514D1F8
Device \Driver\usbuhci \Device\USBPDO-0 8698D1F8
Device \Driver\usbuhci \Device\USBPDO-1 8698D1F8
Device \Driver\usbehci \Device\USBPDO-2 869AD1F8
Device \Driver\usbuhci \Device\USBPDO-3 8698D1F8
Device \Driver\PCI_PNP8063 \Device\00000055 spcv.sys
Device \Driver\usbuhci \Device\USBPDO-4 8698D1F8

AttachedDevice \Driver\tdx \Device\Tcp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)

Device \Driver\usbuhci \Device\USBPDO-5 8698D1F8
Device \Driver\usbehci \Device\USBPDO-6 869AD1F8
Device \Driver\volmgr \Device\HarddiskVolume1 8514D1F8
Device \Driver\volmgr \Device\HarddiskVolume2 8514D1F8
Device \Driver\cdrom \Device\CdRom0 86AE11F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 851511F8
Device \Driver\iaStor \Device\Ide\iaStor0 [826D26D0] \SystemRoot\system32\drivers\iastor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 851511F8
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 [826D26D0] \SystemRoot\system32\drivers\iastor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\volmgr \Device\HarddiskVolume3 8514D1F8
Device \Driver\cdrom \Device\CdRom1 86AE11F8
Device \Driver\volmgr \Device\HarddiskVolume4 8514D1F8
Device \Driver\netbt \Device\NetBt_Wins_Export 871541F8
Device \Driver\netbt \Device\NetBT_Tcpip_{A66C9025-4862-48BE-A247-1FE0345D1493} 871541F8
Device \Driver\Smb \Device\NetbiosSmb 871673E8
Device \Driver\iScsiPrt \Device\RaidPort0 86A94470

AttachedDevice \Driver\tdx \Device\Udp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)

Device \Driver\sptd \Device\145306081 spcv.sys

AttachedDevice \Driver\tdx \Device\RawIp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)

Device \Driver\56813874 \Device\KLMD16012012_207010 81386487.sys
Device \Driver\usbuhci \Device\USBFDO-0 8698D1F8
Device \Driver\usbuhci \Device\USBFDO-1 8698D1F8
Device \Driver\usbehci \Device\USBFDO-2 869AD1F8
Device \Driver\usbuhci \Device\USBFDO-3 8698D1F8
Device \Driver\usbuhci \Device\USBFDO-4 8698D1F8
Device \Driver\netbt \Device\NetBT_Tcpip_{25990671-22A4-4603-95A5-8C2E1801474E} 871541F8
Device \Driver\usbuhci \Device\USBFDO-5 8698D1F8
Device \Driver\usbehci \Device\USBFDO-6 869AD1F8
Device \Driver\ar251xb6 \Device\Scsi\ar251xb61Port3Path0Target0Lun0 86A6E470
Device \Driver\ar251xb6 \Device\Scsi\ar251xb61 86A6E470

AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\cdfs \Cdfs 87E25470

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Pro\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xF9 0x07 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x82 0x95 0x09 0x5A ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xAB 0x82 0x44 0x76 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x08 0x21 0xA9 0x72 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Pro\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xF9 0x07 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x82 0x95 0x09 0x5A ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xAB 0x82 0x44 0x76 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x08 0x21 0xA9 0x72 ...

---- EOF - GMER 1.0.15 ----

Thanks again :)

#6 Jw278

Jw278
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:29 AM

Posted 23 January 2012 - 06:33 PM

Here's the ESET log:
C:\Users\Jen\AppData\Local\Temp\7EB7.tmp a variant of Win32/Kryptik.YUE trojan cleaned by deleting - quarantined
C:\Users\Jen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\4f2dbff3-5cad8163 Java/Exploit.CVE-2011-3544.V trojan deleted - quarantined
C:\Users\Jen\Downloads\cnet_HandBrake-0_9_5-Win_GUI_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:29 AM

Posted 23 January 2012 - 08:35 PM

That looks good

Right click on start menu-customize

Click on use default settings


Press Windows+R key and type

%temp% and click ok

If you see a folder named SMTMP,copy it to a safe location and let me know

Good luck

Edited by narenxp, 23 January 2012 - 08:36 PM.


#8 Jw278

Jw278
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:29 AM

Posted 24 January 2012 - 04:45 PM

Ok I've copied that folder to the desktop...
I've also got all my stuff back on the start menu, thank you!!

What should the next step be?
Your help is very much appreciated! :thumbsup:

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:29 AM

Posted 24 January 2012 - 09:06 PM

Hope you have run UNHIDE fix already

Open the SMTMP folder,you can find folders with numbers 1,2,3 and 4

1. Copy the entire content of this smtmp\1
and paste it to this folder:
c:\program data/microsoft/windows/start menu

2. Copy the entire content of smtmp\2
and paste it to this folder:
C:\Users\user_name\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch

3. Copy the entire content of smtmp\3
and paste it to this folder:
C:\Users\user-name\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar

4. Copy the entire content of smtmp\4
and paste it to this folder:
C:\Users\Public\Desktop

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Edited by narenxp, 24 January 2012 - 09:06 PM.


#10 Jw278

Jw278
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:29 AM

Posted 26 January 2012 - 05:25 AM

Hi narenxp,

When I ran the ESET online scanner, I didn't get the option to look at a list, and there were no threats found.
I did the steps with the folders (all except for SMTMP 3 because I didn't have one)...

Thanks :)

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:29 AM

Posted 26 January 2012 - 06:38 AM

How is the PC doing now?

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Download

Minitoolbox

Checkmark following boxes:

* List content of Hosts
* List last 10 Event Viewer log
* List Installed Programs
* List Users, Partitions and Memory size

Click Go and post the result.

Good luck

Edited by narenxp, 26 January 2012 - 06:38 AM.


#12 Jw278

Jw278
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:29 AM

Posted 26 January 2012 - 08:07 AM

Thanks narenxp.

Unfortunately the computer is exactly the same, no change that I can see :-s the only difference since we started is the return of my start menu things.

Here's the result from minitoolbox:

MiniToolBox by Farbar Version: 18-01-2012
Ran by Jen (administrator) on 26-01-2012 at 13:03:27
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost


========================= Event log errors: ===============================

Application errors:
==================
Error: (01/26/2012 00:58:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/26/2012 00:34:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/26/2012 10:25:32 AM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (01/26/2012 07:26:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/26/2012 07:22:37 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14882635

Error: (01/26/2012 07:22:37 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14882635

Error: (01/26/2012 07:22:37 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/26/2012 07:22:36 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14881543

Error: (01/26/2012 07:22:36 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14881543

Error: (01/26/2012 07:22:36 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (12/16/2008 07:07:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 3179 seconds with 1200 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

3Connect (Version: 3.0.0)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 10 Plugin (Version: 10.1.53.64)
Adobe Flash Player ActiveX (Version: 9.0.124.0)
Adobe Reader 9 (Version: 9.0.0)
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
µTorrent (Version: 1.8.2)
BlackBerry Desktop Software 6.0 (Version: 6.0.0.40)
BlackBerry Device Software Updater (Version: 5.0.1.32)
Bonjour (Version: 3.0.0.10)
Browser Address Error Redirector (Version: 1.00.0000)
Cisco EAP-FAST Module (Version: 2.1.3)
Cisco LEAP Module (Version: 1.0.12)
Cisco PEAP Module (Version: 1.0.13)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Conexant HDA D330 MDC V.92 Modem (Version: 7.74.00)
CRON-O-METER 0.9.8 (Version: 0.9.8)
Dell-eBay (Version: 1.00.0000)
Dell Dock (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Version: 2.1.08060)
Dell Touchpad (Version: 7.1.103.4)
Dell Wireless WLAN Card Utility (Version: 4.170.77.13)
Digital Line Detect (Version: 1.21)
DivX Setup (Version: 1.0.1.5)
Documents To Go Desktop for iPhone (Version: 2.0000.006)
EA Download Manager (Version: 5.0.0.255)
EDocs
GoToAssist 8.0.0.514
HandBrake 0.9.5 (Version: 0.9.5)
Homeworld2
Huawei modem
Intel® Matrix Storage Manager
Internet From BT
iTunes (Version: 10.5.1.42)
Jasc Paint Shop Pro 9 (Version: 9.00.0000)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 27 (Version: 6.0.270)
Lexmark 2300 Series
Malwarebytes Anti-Malware version 1.60.0.1800 (Version: 1.60.0.1800)
McAfee SecurityCenter
MediaDirect (Version: 3.5)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Modem Diagnostic Tool (Version: 1.0.24.0)
Mozilla Firefox 6.0 (x86 en-GB) (Version: 6.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NetWaiting (Version: 2.5.53)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OutlookAddinSetup (Version: 1.0.0)
QuickSet (Version: 8.2.20)
QuickTime (Version: 7.66.73.0)
SimTheme Park
SOTI Pocket Controller-Pro For BlackBerry
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
SPORE™ (Version: 1.03.0000)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Warcraft III
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
WinX Free DVD Ripper 4.5.14

========================= Memory info: ===================================

Percentage of memory in use: 58%
Total physical RAM: 2549.31 MB
Available physical RAM: 1064.2 MB
Total Pagefile: 5321.43 MB
Available Pagefile: 3728.52 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.02 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:136.45 GB) (Free:9.76 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.12 GB) NTFS
3 Drive e: (2012-01-04_1443) (CDROM) (Total:3.62 GB) (Free:0 GB) UDF
4 Drive f: (3Connect) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\JW278

Administrator Guest Jen


**** End of log ****

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:29 AM

Posted 26 January 2012 - 08:12 AM

Unfortunately the computer is exactly the same, no change that I can see :-s the only difference since we started is the return of my start menu things.//

Can you say me what are the current issues

Edited by narenxp, 26 January 2012 - 08:12 AM.


#14 Jw278

Jw278
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:29 AM

Posted 26 January 2012 - 08:19 AM

I will try the best I can, but as you know I'm not very knowledgable on the whole topic of computers, so sorry if my descriptions are not very detailed or helpful.
I still have the system check icon in my application menu. It's also in the toolbar and taskbar, and it keeps popping up with notifications there. On my desktop I also have some random documents which have appeared since getting the virus, and the whole 'look' of my desktop has not returned to normal.

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:29 AM

Posted 26 January 2012 - 08:23 AM

System check icon can be deleted manually.If you're still doubtful about your PC security then

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users