Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect


  • Please log in to reply
11 replies to this topic

#1 carran

carran

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:31 PM

Posted 13 February 2012 - 04:40 PM

Hi,

I have a google redirect, which prompted me to run MBAM. I detected a Trojan, which I quarantined but it did not solve the redirect issue. In addition it seems to be getting worse - performance is now affected to the point that the computer is nearly unusable. It appears an instance of svchost is growing over time and taking all the CPU and much of the system memory. It also is blasting data out through my firewall. I lock the internet access when I don't need it to access some antivirus download, but I am more than a little worried about what it has been doing.

I am using Antivira (up-to-date) which originally reported 2 detections (after I noticed the problem), but still no solution. Now when I try to run Antivira it slows to a crawl and MBAM mysteriously quit before completing. Can't remember if it gave an error or just crashed - sorry it was late last night.

Can someone help? I am worried running large apps may be time consuming since the machine performance has been hit severely, so I will do as much as I can in a an evening.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:31 PM

Posted 13 February 2012 - 04:50 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 carran

carran
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:31 PM

Posted 14 February 2012 - 07:14 AM

ok, here it is. TDSS found a rootkit, which it "cured" and also gave a warning I skipped. I then reran TDSS after reboot and chose to quarantine instead of skipping the warning (cryptic description that sounded like my hard drive, sorry forgot to note the exact name). Didn't attach the second scan.

I then ran gmer which hung the computer the first scan, then I lost my desktop settings on reboot (the desktop settings maybe had to do with quarantine in TDSS Killer?). gmer then completed successfully the second time. I'll sort the desktop stuff later.

aswMBR ran without issues.

My redirect problems are gone and performance is back to normal. It is an older XP machine but still meets my needs.

Below are the logs pasted into the message. A bit verbose - How do you attach files????

Many thanks for helping, this is a bit out of my league.

TDSS
19:46:59.0625 0724 TDSS rootkit removing tool 2.7.12.0 Feb 11 2012 16:58:52
19:47:01.0437 0724 ============================================================
19:47:01.0437 0724 Current date / time: 2012/02/13 19:47:01.0437
19:47:01.0437 0724 SystemInfo:
19:47:01.0437 0724
19:47:01.0437 0724 OS Version: 5.1.2600 ServicePack: 2.0
19:47:01.0437 0724 Product type: Workstation
19:47:01.0437 0724 ComputerName: D1Z7WB91
19:47:01.0453 0724 UserName: Steve
19:47:01.0453 0724 Windows directory: C:\WINDOWS
19:47:01.0453 0724 System windows directory: C:\WINDOWS
19:47:01.0453 0724 Processor architecture: Intel x86
19:47:01.0453 0724 Number of processors: 2
19:47:01.0453 0724 Page size: 0x1000
19:47:01.0453 0724 Boot type: Normal boot
19:47:01.0453 0724 ============================================================
19:47:02.0203 0724 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:47:02.0203 0724 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:47:02.0218 0724 \Device\Harddisk0\DR0:
19:47:02.0218 0724 MBR used
19:47:02.0218 0724 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x123B5260
19:47:02.0218 0724 \Device\Harddisk1\DR1:
19:47:02.0218 0724 MBR used
19:47:02.0218 0724 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
19:47:02.0437 0724 Initialize success
19:47:02.0437 0724 ============================================================
19:47:34.0171 2860 ============================================================
19:47:34.0171 2860 Scan started
19:47:34.0171 2860 Mode: Manual; TDLFS;
19:47:34.0171 2860 ============================================================
19:47:35.0578 2860 Abiosdsk - ok
19:47:35.0656 2860 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
19:47:35.0656 2860 abp480n5 - ok
19:47:35.0765 2860 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:47:35.0781 2860 ACPI - ok
19:47:35.0812 2860 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
19:47:35.0812 2860 ACPIEC - ok
19:47:35.0843 2860 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
19:47:35.0843 2860 adpu160m - ok
19:47:36.0125 2860 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
19:47:36.0171 2860 aec - ok
19:47:36.0390 2860 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
19:47:36.0453 2860 AFD - ok
19:47:36.0546 2860 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
19:47:36.0562 2860 agp440 - ok
19:47:36.0640 2860 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
19:47:36.0671 2860 agpCPQ - ok
19:47:36.0796 2860 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
19:47:36.0812 2860 Aha154x - ok
19:47:37.0140 2860 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
19:47:37.0156 2860 aic78u2 - ok
19:47:37.0328 2860 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
19:47:37.0359 2860 aic78xx - ok
19:47:37.0437 2860 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
19:47:37.0437 2860 AliIde - ok
19:47:37.0484 2860 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\system32\DRIVERS\alim1541.sys
19:47:37.0484 2860 alim1541 - ok
19:47:37.0578 2860 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\system32\DRIVERS\amdagp.sys
19:47:37.0578 2860 amdagp - ok
19:47:37.0640 2860 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
19:47:37.0640 2860 amsint - ok
19:47:37.0703 2860 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:47:37.0703 2860 Arp1394 - ok
19:47:37.0750 2860 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
19:47:37.0750 2860 asc - ok
19:47:37.0812 2860 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
19:47:37.0812 2860 asc3350p - ok
19:47:37.0843 2860 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
19:47:37.0843 2860 asc3550 - ok
19:47:37.0921 2860 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:47:37.0921 2860 AsyncMac - ok
19:47:38.0000 2860 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
19:47:38.0000 2860 atapi - ok
19:47:38.0125 2860 Atdisk - ok
19:47:40.0468 2860 ati2mtag (03621f7f968ff63713943405deb777f9) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
19:47:42.0250 2860 ati2mtag - ok
19:47:42.0703 2860 ATICDSDr (6678e6d3b2cbe635b86f678bd0e6465b) C:\Program Files\ATI Technologies\ATI Control Panel\atiicdxx.sys
19:47:42.0812 2860 ATICDSDr - ok
19:47:43.0359 2860 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:47:43.0359 2860 Atmarpc - ok
19:47:43.0468 2860 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
19:47:43.0468 2860 audstub - ok
19:47:43.0656 2860 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
19:47:43.0656 2860 avgio - ok
19:47:43.0921 2860 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:47:43.0921 2860 avgntflt - ok
19:47:44.0093 2860 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:47:44.0218 2860 avipbb - ok
19:47:44.0484 2860 BCM42RLY (438179abe9b7a922a21b8d6369ff52ff) C:\WINDOWS\System32\BCM42RLY.SYS
19:47:44.0484 2860 BCM42RLY - ok
19:47:44.0687 2860 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
19:47:44.0687 2860 Beep - ok
19:47:44.0734 2860 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
19:47:44.0734 2860 BVRPMPR5 - ok
19:47:44.0796 2860 CA561 (50ded7c73e0fb40693edab8cad7c46e7) C:\WINDOWS\system32\Drivers\SPCA561.SYS
19:47:44.0796 2860 CA561 - ok
19:47:45.0031 2860 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
19:47:45.0031 2860 cbidf - ok
19:47:45.0140 2860 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
19:47:45.0140 2860 cbidf2k - ok
19:47:45.0265 2860 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:47:45.0265 2860 CCDECODE - ok
19:47:45.0375 2860 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
19:47:45.0375 2860 cd20xrnt - ok
19:47:45.0515 2860 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
19:47:45.0515 2860 Cdaudio - ok
19:47:45.0718 2860 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
19:47:45.0718 2860 Cdfs - ok
19:47:45.0859 2860 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:47:45.0859 2860 Cdrom - ok
19:47:45.0859 2860 Changer - ok
19:47:45.0968 2860 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
19:47:45.0968 2860 CmdIde - ok
19:47:46.0156 2860 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
19:47:46.0156 2860 Cpqarray - ok
19:47:46.0359 2860 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
19:47:46.0359 2860 dac2w2k - ok
19:47:46.0484 2860 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
19:47:46.0484 2860 dac960nt - ok
19:47:46.0609 2860 dalwdmservice (014810830a80659b7962655b697e3af1) C:\WINDOWS\system32\drivers\dalwdm.sys
19:47:46.0625 2860 dalwdmservice - ok
19:47:46.0843 2860 DcCam (1b269ed3eb2d81ec11cd5b0544e89962) C:\WINDOWS\system32\DRIVERS\DcCam.sys
19:47:46.0843 2860 DcCam - ok
19:47:46.0968 2860 DcFpoint (bd6ce20068159f9714ebe9e76decab2c) C:\WINDOWS\system32\DRIVERS\DcFpoint.sys
19:47:46.0968 2860 DcFpoint - ok
19:47:47.0125 2860 DCFS2K (1315e0b5b6fc1fe930ee3498309700bd) C:\WINDOWS\system32\drivers\dcfs2k.sys
19:47:47.0125 2860 DCFS2K - ok
19:47:47.0265 2860 DcLps (5f5055efb3e0820f349924e7c5bd5af4) C:\WINDOWS\system32\DRIVERS\DcLps.sys
19:47:47.0265 2860 DcLps - ok
19:47:47.0750 2860 DcPTP (31689427da60a724b31a622b35ed21ec) C:\WINDOWS\system32\DRIVERS\DcPTP.sys
19:47:47.0812 2860 DcPTP - ok
19:47:47.0953 2860 DigiNet (f0ae709958ccfe5d30afe1083cdb0bf1) C:\WINDOWS\system32\DRIVERS\diginet.sys
19:47:47.0953 2860 DigiNet - ok
19:47:48.0062 2860 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
19:47:48.0062 2860 Disk - ok
19:47:48.0218 2860 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
19:47:48.0234 2860 dmboot - ok
19:47:48.0312 2860 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
19:47:48.0328 2860 dmio - ok
19:47:48.0406 2860 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
19:47:48.0406 2860 dmload - ok
19:47:48.0500 2860 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
19:47:48.0500 2860 DMusic - ok
19:47:48.0656 2860 DNE (812f9714b6d2d93078bf4d126167c5ba) C:\WINDOWS\system32\DRIVERS\dne2000.sys
19:47:48.0656 2860 DNE - ok
19:47:48.0687 2860 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
19:47:48.0687 2860 dpti2o - ok
19:47:48.0734 2860 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
19:47:48.0734 2860 drmkaud - ok
19:47:48.0765 2860 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
19:47:48.0765 2860 drvmcdb - ok
19:47:48.0781 2860 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
19:47:48.0781 2860 drvnddm - ok
19:47:48.0812 2860 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
19:47:48.0812 2860 E100B - ok
19:47:48.0843 2860 e1express (5b75bbf89d8341f424171df7ad9dc465) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
19:47:48.0843 2860 e1express - ok
19:47:48.0906 2860 Exportit (f85ffdeae43f9e9a7c3f4e3cc5ef09eb) C:\WINDOWS\system32\DRIVERS\exportit.sys
19:47:48.0906 2860 Exportit - ok
19:47:48.0937 2860 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
19:47:48.0937 2860 Fastfat - ok
19:47:48.0968 2860 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
19:47:48.0984 2860 Fdc - ok
19:47:49.0000 2860 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
19:47:49.0000 2860 Fips - ok
19:47:49.0015 2860 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:47:49.0015 2860 Flpydisk - ok
19:47:49.0109 2860 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
19:47:49.0125 2860 FltMgr - ok
19:47:49.0156 2860 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:47:49.0156 2860 Fs_Rec - ok
19:47:49.0203 2860 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:47:49.0203 2860 Ftdisk - ok
19:47:49.0250 2860 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
19:47:49.0250 2860 GEARAspiWDM - ok
19:47:49.0265 2860 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:47:49.0265 2860 Gpc - ok
19:47:49.0312 2860 GTNDIS5 (fc80052194d5708254a346568f0e77c0) C:\WINDOWS\system32\GTNDIS5.SYS
19:47:49.0312 2860 GTNDIS5 - ok
19:47:49.0359 2860 HDAudBus (e31363d186b3e1d7c4e9117884a6aee5) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:47:49.0375 2860 HDAudBus - ok
19:47:49.0437 2860 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:47:49.0437 2860 HidUsb - ok
19:47:49.0453 2860 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
19:47:49.0453 2860 hpn - ok
19:47:49.0531 2860 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
19:47:49.0531 2860 HTTP - ok
19:47:49.0578 2860 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys
19:47:49.0578 2860 i2omgmt - ok
19:47:49.0609 2860 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\system32\DRIVERS\i2omp.sys
19:47:49.0625 2860 i2omp - ok
19:47:49.0640 2860 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:47:49.0640 2860 i8042prt - ok
19:47:49.0703 2860 iastor (9a65e42664d1534b68512caad0efe963) C:\WINDOWS\system32\drivers\iastor.sys
19:47:49.0718 2860 iastor - ok
19:47:49.0750 2860 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
19:47:49.0765 2860 Imapi - ok
19:47:49.0781 2860 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
19:47:49.0781 2860 ini910u - ok
19:47:49.0796 2860 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
19:47:49.0796 2860 IntelIde - ok
19:47:49.0812 2860 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:47:49.0812 2860 intelppm - ok
19:47:49.0843 2860 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
19:47:49.0843 2860 Ip6Fw - ok
19:47:49.0859 2860 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:47:49.0859 2860 IpFilterDriver - ok
19:47:49.0890 2860 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:47:49.0890 2860 IpInIp - ok
19:47:49.0953 2860 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:47:49.0953 2860 IpNat - ok
19:47:49.0984 2860 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:47:49.0984 2860 IPSec - ok
19:47:50.0000 2860 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
19:47:50.0000 2860 IRENUM - ok
19:47:50.0031 2860 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:47:50.0031 2860 isapnp - ok
19:47:50.0078 2860 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:47:50.0078 2860 Kbdclass - ok
19:47:50.0156 2860 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:47:50.0156 2860 kbdhid - ok
19:47:50.0203 2860 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
19:47:50.0218 2860 kmixer - ok
19:47:50.0281 2860 KSecDD (1be7cc2535d760ae4d481576eb789f24) C:\WINDOWS\system32\drivers\KSecDD.sys
19:47:50.0281 2860 KSecDD - ok
19:47:50.0375 2860 L6PODLV (27207f289cbf01d46e4f5f7a261aa4ac) C:\WINDOWS\system32\Drivers\L6PODLV.sys
19:47:50.0390 2860 L6PODLV - ok
19:47:50.0406 2860 lbrtfdc - ok
19:47:50.0515 2860 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
19:47:50.0531 2860 MBAMSwissArmy - ok
19:47:50.0531 2860 mcmta - ok
19:47:50.0593 2860 MLPTDR_C (a0559040b0df7403ddcd9574cb2694de) C:\WINDOWS\system32\MLPTDR_C.SYS
19:47:50.0593 2860 MLPTDR_C - ok
19:47:50.0625 2860 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
19:47:50.0625 2860 mnmdd - ok
19:47:50.0640 2860 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
19:47:50.0640 2860 Modem - ok
19:47:50.0671 2860 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:47:50.0671 2860 Mouclass - ok
19:47:50.0687 2860 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:47:50.0687 2860 mouhid - ok
19:47:50.0703 2860 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
19:47:50.0703 2860 MountMgr - ok
19:47:50.0734 2860 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
19:47:50.0734 2860 mraid35x - ok
19:47:50.0781 2860 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:47:50.0781 2860 MRxDAV - ok
19:47:50.0859 2860 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:47:50.0875 2860 MRxSmb - ok
19:47:50.0890 2860 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
19:47:50.0890 2860 Msfs - ok
19:47:50.0937 2860 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:47:50.0937 2860 MSKSSRV - ok
19:47:50.0984 2860 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:47:50.0984 2860 MSPCLOCK - ok
19:47:51.0031 2860 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
19:47:51.0046 2860 MSPQM - ok
19:47:51.0078 2860 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:47:51.0093 2860 mssmbios - ok
19:47:51.0187 2860 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
19:47:51.0187 2860 MSTEE - ok
19:47:51.0203 2860 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
19:47:51.0203 2860 Mup - ok
19:47:51.0265 2860 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:47:51.0281 2860 NABTSFEC - ok
19:47:51.0312 2860 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
19:47:51.0312 2860 NDIS - ok
19:47:51.0343 2860 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:47:51.0343 2860 NdisIP - ok
19:47:51.0359 2860 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:47:51.0359 2860 NdisTapi - ok
19:47:51.0375 2860 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:47:51.0375 2860 Ndisuio - ok
19:47:51.0406 2860 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:47:51.0406 2860 NdisWan - ok
19:47:51.0421 2860 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
19:47:51.0421 2860 NDProxy - ok
19:47:51.0437 2860 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
19:47:51.0437 2860 NetBIOS - ok
19:47:51.0453 2860 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
19:47:51.0468 2860 NetBT - ok
19:47:51.0500 2860 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:47:51.0500 2860 NIC1394 - ok
19:47:51.0515 2860 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
19:47:51.0515 2860 Npfs - ok
19:47:51.0593 2860 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
19:47:51.0609 2860 Ntfs - ok
19:47:51.0625 2860 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
19:47:51.0640 2860 Null - ok
19:47:51.0765 2860 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:47:51.0796 2860 nv - ok
19:47:51.0828 2860 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:47:51.0828 2860 NwlnkFlt - ok
19:47:51.0843 2860 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:47:51.0843 2860 NwlnkFwd - ok
19:47:51.0859 2860 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:47:51.0859 2860 ohci1394 - ok
19:47:51.0890 2860 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
19:47:51.0890 2860 Parport - ok
19:47:51.0921 2860 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
19:47:51.0921 2860 PartMgr - ok
19:47:51.0937 2860 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
19:47:51.0937 2860 ParVdm - ok
19:47:51.0968 2860 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
19:47:51.0968 2860 PCI - ok
19:47:51.0984 2860 PCIDump - ok
19:47:52.0000 2860 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
19:47:52.0000 2860 PCIIde - ok
19:47:52.0031 2860 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
19:47:52.0046 2860 Pcmcia - ok
19:47:52.0046 2860 PDCOMP - ok
19:47:52.0062 2860 PDFRAME - ok
19:47:52.0078 2860 PDRELI - ok
19:47:52.0093 2860 PDRFRAME - ok
19:47:52.0140 2860 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
19:47:52.0140 2860 perc2 - ok
19:47:52.0156 2860 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
19:47:52.0156 2860 perc2hib - ok
19:47:52.0343 2860 PORTMON - ok
19:47:52.0406 2860 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:47:52.0406 2860 PptpMiniport - ok
19:47:52.0421 2860 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
19:47:52.0421 2860 PSched - ok
19:47:52.0453 2860 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:47:52.0453 2860 Ptilink - ok
19:47:52.0484 2860 PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:47:52.0484 2860 PxHelp20 - ok
19:47:52.0500 2860 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
19:47:52.0515 2860 ql1080 - ok
19:47:52.0531 2860 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
19:47:52.0531 2860 Ql10wnt - ok
19:47:52.0562 2860 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
19:47:52.0562 2860 ql12160 - ok
19:47:52.0578 2860 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
19:47:52.0593 2860 ql1240 - ok
19:47:52.0609 2860 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
19:47:52.0609 2860 ql1280 - ok
19:47:52.0640 2860 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:47:52.0640 2860 RasAcd - ok
19:47:52.0718 2860 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:47:52.0718 2860 Rasl2tp - ok
19:47:52.0750 2860 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:47:52.0750 2860 RasPppoe - ok
19:47:52.0765 2860 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
19:47:52.0765 2860 Raspti - ok
19:47:52.0828 2860 RCFOX (02b4c051d302a6e291ebdcc07a5fb594) C:\WINDOWS\system32\Drivers\RCFOX.sys
19:47:52.0843 2860 RCFOX - ok
19:47:52.0859 2860 rcvpn (bca39c96b11318cbc2797c4b842e22e4) C:\WINDOWS\system32\DRIVERS\rcvpn.sys
19:47:52.0859 2860 rcvpn - ok
19:47:52.0921 2860 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:47:52.0921 2860 Rdbss - ok
19:47:52.0953 2860 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:47:52.0953 2860 RDPCDD - ok
19:47:52.0968 2860 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:47:52.0984 2860 rdpdr - ok
19:47:53.0031 2860 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
19:47:53.0031 2860 RDPWD - ok
19:47:53.0109 2860 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
19:47:53.0109 2860 redbook - ok
19:47:53.0171 2860 RT73 (7436bfd3a542cf6ff55097200031b293) C:\WINDOWS\system32\DRIVERS\rt73.sys
19:47:53.0171 2860 RT73 - ok
19:47:53.0296 2860 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:47:53.0296 2860 SASDIFSV - ok
19:47:53.0312 2860 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
19:47:53.0312 2860 SASKUTIL - ok
19:47:53.0359 2860 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:47:53.0359 2860 Secdrv - ok
19:47:53.0390 2860 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
19:47:53.0390 2860 serenum - ok
19:47:53.0406 2860 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
19:47:53.0406 2860 Serial - ok
19:47:53.0468 2860 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
19:47:53.0468 2860 Sfloppy - ok
19:47:53.0484 2860 Simbad - ok
19:47:53.0500 2860 sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\system32\DRIVERS\sisagp.sys
19:47:53.0500 2860 sisagp - ok
19:47:53.0546 2860 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:47:53.0546 2860 SLIP - ok
19:47:53.0562 2860 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
19:47:53.0578 2860 Sparrow - ok
19:47:53.0625 2860 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
19:47:53.0625 2860 splitter - ok
19:47:53.0656 2860 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
19:47:53.0656 2860 sr - ok
19:47:53.0687 2860 srescan - ok
19:47:53.0750 2860 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
19:47:53.0750 2860 Srv - ok
19:47:53.0781 2860 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
19:47:53.0781 2860 sscdbhk5 - ok
19:47:53.0828 2860 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
19:47:53.0828 2860 ssmdrv - ok
19:47:53.0875 2860 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
19:47:53.0875 2860 ssrtln - ok
19:47:53.0921 2860 STHDA (352b663a81402be7cd7bd4ea27c9998c) C:\WINDOWS\system32\drivers\sthda.sys
19:47:53.0921 2860 STHDA - ok
19:47:53.0937 2860 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:47:53.0953 2860 streamip - ok
19:47:53.0953 2860 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
19:47:53.0968 2860 swenum - ok
19:47:54.0000 2860 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
19:47:54.0000 2860 swmidi - ok
19:47:54.0078 2860 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
19:47:54.0078 2860 symc810 - ok
19:47:54.0109 2860 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
19:47:54.0109 2860 symc8xx - ok
19:47:54.0109 2860 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
19:47:54.0125 2860 sym_hi - ok
19:47:54.0125 2860 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
19:47:54.0125 2860 sym_u3 - ok
19:47:54.0171 2860 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
19:47:54.0171 2860 sysaudio - ok
19:47:54.0250 2860 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:47:54.0250 2860 Tcpip - ok
19:47:54.0281 2860 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
19:47:54.0281 2860 TDPIPE - ok
19:47:54.0296 2860 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
19:47:54.0296 2860 TDTCP - ok
19:47:54.0312 2860 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
19:47:54.0328 2860 TermDD - ok
19:47:54.0375 2860 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
19:47:54.0375 2860 tfsnboio - ok
19:47:54.0390 2860 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
19:47:54.0406 2860 tfsncofs - ok
19:47:54.0421 2860 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
19:47:54.0421 2860 tfsndrct - ok
19:47:54.0437 2860 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
19:47:54.0437 2860 tfsndres - ok
19:47:54.0453 2860 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
19:47:54.0453 2860 tfsnifs - ok
19:47:54.0468 2860 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
19:47:54.0484 2860 tfsnopio - ok
19:47:54.0500 2860 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
19:47:54.0500 2860 tfsnpool - ok
19:47:54.0515 2860 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
19:47:54.0515 2860 tfsnudf - ok
19:47:54.0546 2860 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
19:47:54.0546 2860 tfsnudfa - ok
19:47:54.0562 2860 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
19:47:54.0562 2860 TosIde - ok
19:47:54.0625 2860 TPkd (2f4e8077febfe11199ee3b011a34cd18) C:\WINDOWS\system32\drivers\TPkd.sys
19:47:54.0625 2860 TPkd - ok
19:47:54.0656 2860 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
19:47:54.0656 2860 Udfs - ok
19:47:54.0671 2860 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
19:47:54.0671 2860 ultra - ok
19:47:54.0734 2860 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
19:47:54.0750 2860 Update - ok
19:47:54.0812 2860 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
19:47:54.0812 2860 USBAAPL - ok
19:47:54.0843 2860 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:47:54.0843 2860 usbccgp - ok
19:47:54.0859 2860 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:47:54.0859 2860 usbehci - ok
19:47:54.0875 2860 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:47:54.0890 2860 usbhub - ok
19:47:54.0921 2860 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:47:54.0921 2860 usbprint - ok
19:47:54.0968 2860 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:47:54.0968 2860 usbscan - ok
19:47:55.0015 2860 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:47:55.0015 2860 USBSTOR - ok
19:47:55.0109 2860 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:47:55.0109 2860 usbuhci - ok
19:47:55.0125 2860 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
19:47:55.0125 2860 VgaSave - ok
19:47:55.0140 2860 viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\system32\DRIVERS\viaagp.sys
19:47:55.0156 2860 viaagp - ok
19:47:55.0171 2860 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys
19:47:55.0171 2860 ViaIde - ok
19:47:55.0171 2860 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
19:47:55.0171 2860 VolSnap - ok
19:47:55.0250 2860 vsdatant (050c38ebb22512122e54b47dc278bccd) C:\WINDOWS\system32\vsdatant.sys
19:47:55.0296 2860 vsdatant - ok
19:47:55.0328 2860 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:47:55.0328 2860 Wanarp - ok
19:47:55.0343 2860 wanatw - ok
19:47:55.0359 2860 WDICA - ok
19:47:55.0390 2860 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
19:47:55.0406 2860 wdmaud - ok
19:47:55.0515 2860 WLAN_USB (5db553c610649ac141497fe052bdb8a0) C:\WINDOWS\system32\DRIVERS\MA111nd5.sys
19:47:55.0531 2860 WLAN_USB - ok
19:47:55.0593 2860 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:47:55.0593 2860 WSTCODEC - ok
19:47:55.0640 2860 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:47:55.0640 2860 WudfPf - ok
19:47:55.0656 2860 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:47:55.0671 2860 WudfRd - ok
19:47:55.0734 2860 MBR (0x1B8) (4bc21aabb8ea83c34000756722b7398b) \Device\Harddisk0\DR0
19:47:55.0765 2860 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
19:47:55.0765 2860 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
19:47:56.0484 2860 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:47:56.0484 2860 \Device\Harddisk0\DR0 - detected TDSS File System (1)
19:47:56.0500 2860 MBR (0x1B8) (35c6b2fcde68facbefe0a4a7200bae58) \Device\Harddisk1\DR1
19:47:59.0562 2860 \Device\Harddisk1\DR1 - ok
19:47:59.0578 2860 Boot (0x1200) (18df8755def57d7ffcf4eb5eb7b19587) \Device\Harddisk0\DR0\Partition0
19:47:59.0578 2860 \Device\Harddisk0\DR0\Partition0 - ok
19:47:59.0593 2860 Boot (0x1200) (91979d792bbf599c507ddb9fdd36a736) \Device\Harddisk1\DR1\Partition0
19:47:59.0593 2860 \Device\Harddisk1\DR1\Partition0 - ok
19:47:59.0593 2860 ============================================================
19:47:59.0593 2860 Scan finished
19:47:59.0593 2860 ============================================================
19:47:59.0609 2104 Detected object count: 2
19:47:59.0609 2104 Actual detected object count: 2
19:48:57.0796 2104 \Device\Harddisk0\DR0\# - copied to quarantine
19:48:57.0796 2104 \Device\Harddisk0\DR0 - copied to quarantine
19:48:57.0843 2104 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
19:48:57.0875 2104 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
19:48:57.0890 2104 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
19:48:57.0890 2104 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
19:48:57.0906 2104 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
19:48:57.0921 2104 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
19:48:57.0937 2104 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
19:48:57.0953 2104 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
19:48:57.0953 2104 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
19:48:57.0953 2104 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
19:48:58.0031 2104 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
19:48:58.0109 2104 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
19:48:58.0109 2104 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
19:48:58.0109 2104 \Device\Harddisk0\DR0 - ok
19:48:58.0125 2104 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
19:48:58.0125 2104 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
19:48:58.0125 2104 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
19:49:13.0000 3172 Deinitialize success

gmer

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-02-14 05:44:15
Windows 5.1.2600 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 SAMSUNG_ rev.ZM10
Running: nnqe9l1t.exe; Driver: C:\DOCUME~1\STEVE~1.D1Z\LOCALS~1\Temp\kwlyapod.sys


---- System - GMER 1.0.15 ----

SSDT F7CF5B54 ZwClose
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwConnectPort [0xF2EF5534]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateFile [0xF2EEF782]
SSDT F7CF5B0E ZwCreateKey
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreatePort [0xF2EF5CC0]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateProcess [0xF2F08EB4]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateProcessEx [0xF2F092A2]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateSection [0xF2F12916]
SSDT F7CF5B04 ZwCreateThread
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwCreateWaitablePort [0xF2EF5DF6]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwDeleteFile [0xF2EF0398]
SSDT F7CF5B13 ZwDeleteKey
SSDT F7CF5B1D ZwDeleteValueKey
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwDuplicateObject [0xF2F07DF0]
SSDT F7CF5B22 ZwLoadKey
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwLoadKey2 [0xF2F10B44]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwOpenFile [0xF2EEFFAA]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwOpenProcess [0xF2F0B1CE]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwOpenThread [0xF2F0ADF8]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwRenameKey [0xF2F118D2]
SSDT F7CF5B2C ZwReplaceKey
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwRequestWaitReplyPort [0xF2EF50F4]
SSDT F7CF5B27 ZwRestoreKey
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSecureConnectPort [0xF2EF57DC]
SSDT F7CF5B63 ZwSetContextThread
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSetInformationFile [0xF2EF075C]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSetSecurityObject [0xF2F11E12]
SSDT F7CF5B18 ZwSetValueKey
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwSystemDebugControl [0xF2F09F0A]
SSDT \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD) ZwTerminateProcess [0xF2F09C86]

Code ADED9CF0 KeFindConfigurationEntry

---- Kernel code sections - GMER 1.0.15 ----

.text ntoskrnl.exe!ZwYieldExecution + 12E 804E4988 12 Bytes [C0, 5C, EF, F2, B4, 8E, F0, ...]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2760] USER32.dll!SetWindowLongA 7E41D60D 5 Bytes JMP 106B66DC C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2760] USER32.dll!SetWindowLongW 7E41D62B 5 Bytes JMP 106B666E C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2760] USER32.dll!GetWindowInfo 7E41E77C 5 Bytes JMP 1044A4E7 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2760] USER32.dll!TrackPopupMenu 7E4650EE 5 Bytes JMP 1044AABD C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[3532] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 01201B30 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [F2EFA672] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [F2EFA4C8] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [F2EFACBA] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [F2EF8C2A] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [F2EF8C2A] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [F2EFA672] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [F2EFA4C8] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [F2EFACBA] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [F2EFA672] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [F2EFACBA] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [F2EFA4C8] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [F2EF8C2A] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [F2EFACBA] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [F2EFA4C8] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [F2EFA672] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [F2EF8C2A] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [F2EFA672] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [F2EFA4C8] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [F2EFACBA] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisCloseAdapter] [F2EFACBA] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisOpenAdapter] [F2EFA4C8] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol] [F2EF8C2A] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol] [F2EFA672] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\System32\drivers\afd.sys[ntoskrnl.exe!IoCreateFile] [F2ED83C4] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [F2EFA672] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [F2EF8C2A] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [F2EFACBA] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [F2EFA4C8] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\srv.sys[ntoskrnl.exe!NtOpenFile] [F2EF141C] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\srv.sys[ntoskrnl.exe!NtSetInformationFile] [F2EF12AA] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\srv.sys[ntoskrnl.exe!IoCreateFile] [F2EF160C] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
IAT \SystemRoot\system32\DRIVERS\srv.sys[ntoskrnl.exe!NtCreateFile] [F2EF0D40] \SystemRoot\System32\vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)

---- Devices - GMER 1.0.15 ----

Device \Driver\Tcpip \Device\Ip vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
Device \Driver\Tcpip \Device\Tcp vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
Device \Driver\Tcpip \Device\Udp vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
Device \Driver\Tcpip \Device\RawIp vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
Device \Driver\Tcpip \Device\IPMULTICAST vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)
Device \FileSystem\Fastfat \Fat EB54EC8A

AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- EOF - GMER 1.0.15 ----

aswMBR

aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-14 05:48:03
-----------------------------
05:48:03.187 OS Version: Windows 5.1.2600 Service Pack 2
05:48:03.187 Number of processors: 2 586 0x404
05:48:03.187 ComputerName: D1Z7WB91 UserName: Steve
05:48:04.296 Initialize success
05:52:05.671 AVAST engine defs: 12021302
05:54:22.843 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
05:54:22.843 Disk 0 Vendor: SAMSUNG_ ZM10 Size: 152587MB BusType: 3
05:54:25.890 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1
05:54:25.890 Disk 1 Vendor: ST332062 3.AA Size: 305245MB BusType: 3
05:54:25.953 Disk 0 MBR read successfully
05:54:25.953 Disk 0 MBR scan
05:54:26.000 Disk 0 unknown MBR code
05:54:26.046 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63
05:54:26.093 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 149354 MB offset 112455
05:54:26.156 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3176 MB offset 305990055
05:54:26.171 Disk 0 scanning sectors +312496380
05:54:26.453 Disk 0 scanning C:\WINDOWS\system32\drivers
05:55:00.984 Service scanning
05:55:02.281 Service vsdatant C:\WINDOWS\System32\vsdatant.sys **LOCKED** 32
05:55:02.890 Modules scanning
05:55:35.046 Disk 0 trace - called modules:
05:55:35.093 ntoskrnl.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
05:55:35.093 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84754ab8]
05:55:35.109 3 CLASSPNP.SYS[f767605b] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x84794030]
05:55:35.671 AVAST engine scan C:\WINDOWS
05:56:02.046 AVAST engine scan C:\WINDOWS\system32
06:03:07.875 AVAST engine scan C:\WINDOWS\system32\drivers
06:04:06.765 AVAST engine scan C:\Documents and Settings\Steve.D1Z7WB91
06:04:47.250 AVAST engine scan C:\Documents and Settings\All Users
06:07:49.046 Scan finished successfully
06:10:56.734 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Steve.D1Z7WB91\Desktop\MBR.dat"
06:10:56.750 The log file has been saved successfully to "C:\Documents and Settings\Steve.D1Z7WB91\Desktop\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:31 PM

Posted 14 February 2012 - 08:37 AM

Download a new copy of TDSSkiller,launch it and click on SCAN

Make sure to select DELETE for TDSSfilesystem

Restart the PC and then run ASWMBR once again and post the log

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#5 carran

carran
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:31 PM

Posted 15 February 2012 - 02:15 AM

Below, the logs for TDSSkiller, aswMBR, EST and minitoolbox. aswMBR froze the computer first time thru but ran the second time.

TDSSkiller
20:15:19.0453 1596 TDSS rootkit removing tool 2.7.12.0 Feb 11 2012 16:58:52
20:15:20.0156 1596 ============================================================
20:15:20.0156 1596 Current date / time: 2012/02/14 20:15:20.0156
20:15:20.0156 1596 SystemInfo:
20:15:20.0156 1596
20:15:20.0156 1596 OS Version: 5.1.2600 ServicePack: 2.0
20:15:20.0156 1596 Product type: Workstation
20:15:20.0156 1596 ComputerName: D1Z7WB91
20:15:20.0156 1596 UserName: Steve
20:15:20.0156 1596 Windows directory: C:\WINDOWS
20:15:20.0156 1596 System windows directory: C:\WINDOWS
20:15:20.0156 1596 Processor architecture: Intel x86
20:15:20.0156 1596 Number of processors: 2
20:15:20.0156 1596 Page size: 0x1000
20:15:20.0156 1596 Boot type: Normal boot
20:15:20.0156 1596 ============================================================
20:15:20.0703 1596 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:15:20.0703 1596 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:15:20.0718 1596 \Device\Harddisk0\DR0:
20:15:20.0718 1596 MBR used
20:15:20.0718 1596 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x123B5260
20:15:20.0718 1596 \Device\Harddisk1\DR1:
20:15:20.0718 1596 MBR used
20:15:20.0718 1596 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
20:15:20.0828 1596 Initialize success
20:15:20.0828 1596 ============================================================
20:16:00.0250 2140 ============================================================
20:16:00.0250 2140 Scan started
20:16:00.0250 2140 Mode: Manual; TDLFS;
20:16:00.0250 2140 ============================================================
20:16:00.0484 2140 Abiosdsk - ok
20:16:00.0531 2140 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
20:16:00.0531 2140 abp480n5 - ok
20:16:00.0609 2140 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:16:00.0609 2140 ACPI - ok
20:16:00.0640 2140 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:16:00.0640 2140 ACPIEC - ok
20:16:00.0687 2140 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
20:16:00.0687 2140 adpu160m - ok
20:16:00.0765 2140 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
20:16:00.0765 2140 aec - ok
20:16:00.0828 2140 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
20:16:00.0828 2140 AFD - ok
20:16:00.0859 2140 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
20:16:00.0859 2140 agp440 - ok
20:16:00.0921 2140 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
20:16:00.0921 2140 agpCPQ - ok
20:16:00.0984 2140 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
20:16:00.0984 2140 Aha154x - ok
20:16:01.0000 2140 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
20:16:01.0000 2140 aic78u2 - ok
20:16:01.0062 2140 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
20:16:01.0062 2140 aic78xx - ok
20:16:01.0156 2140 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
20:16:01.0156 2140 AliIde - ok
20:16:01.0187 2140 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\system32\DRIVERS\alim1541.sys
20:16:01.0187 2140 alim1541 - ok
20:16:01.0265 2140 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\system32\DRIVERS\amdagp.sys
20:16:01.0265 2140 amdagp - ok
20:16:01.0296 2140 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
20:16:01.0312 2140 amsint - ok
20:16:01.0421 2140 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:16:01.0437 2140 Arp1394 - ok
20:16:01.0453 2140 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
20:16:01.0453 2140 asc - ok
20:16:01.0468 2140 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
20:16:01.0468 2140 asc3350p - ok
20:16:01.0484 2140 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
20:16:01.0484 2140 asc3550 - ok
20:16:01.0500 2140 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:16:01.0500 2140 AsyncMac - ok
20:16:01.0515 2140 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:16:01.0515 2140 atapi - ok
20:16:01.0531 2140 Atdisk - ok
20:16:01.0562 2140 ati2mtag (31c6e0ccf7d1c467814e5d67d93139ec) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:16:01.0671 2140 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ati2mtag.sys. Real md5: 31c6e0ccf7d1c467814e5d67d93139ec, Fake md5: 03621f7f968ff63713943405deb777f9
20:16:01.0671 2140 ati2mtag ( ForgedFile.Multi.Generic ) - warning
20:16:01.0671 2140 ati2mtag - detected ForgedFile.Multi.Generic (1)
20:16:01.0812 2140 ATICDSDr (6678e6d3b2cbe635b86f678bd0e6465b) C:\Program Files\ATI Technologies\ATI Control Panel\atiicdxx.sys
20:16:01.0812 2140 ATICDSDr - ok
20:16:01.0921 2140 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:16:01.0921 2140 Atmarpc - ok
20:16:01.0984 2140 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:16:01.0984 2140 audstub - ok
20:16:02.0093 2140 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
20:16:02.0093 2140 avgio - ok
20:16:02.0125 2140 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:16:02.0125 2140 avgntflt - ok
20:16:02.0171 2140 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:16:02.0171 2140 avipbb - ok
20:16:02.0218 2140 BCM42RLY (438179abe9b7a922a21b8d6369ff52ff) C:\WINDOWS\System32\BCM42RLY.SYS
20:16:02.0234 2140 BCM42RLY - ok
20:16:02.0250 2140 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:16:02.0250 2140 Beep - ok
20:16:02.0296 2140 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
20:16:02.0296 2140 BVRPMPR5 - ok
20:16:02.0359 2140 CA561 (50ded7c73e0fb40693edab8cad7c46e7) C:\WINDOWS\system32\Drivers\SPCA561.SYS
20:16:02.0359 2140 CA561 - ok
20:16:02.0375 2140 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
20:16:02.0375 2140 cbidf - ok
20:16:02.0390 2140 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:16:02.0390 2140 cbidf2k - ok
20:16:02.0437 2140 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:16:02.0437 2140 CCDECODE - ok
20:16:02.0453 2140 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
20:16:02.0453 2140 cd20xrnt - ok
20:16:02.0468 2140 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:16:02.0468 2140 Cdaudio - ok
20:16:02.0500 2140 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
20:16:02.0500 2140 Cdfs - ok
20:16:02.0531 2140 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:16:02.0531 2140 Cdrom - ok
20:16:02.0531 2140 Changer - ok
20:16:02.0578 2140 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
20:16:02.0578 2140 CmdIde - ok
20:16:02.0687 2140 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
20:16:02.0687 2140 Cpqarray - ok
20:16:02.0765 2140 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
20:16:02.0765 2140 dac2w2k - ok
20:16:02.0781 2140 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
20:16:02.0781 2140 dac960nt - ok
20:16:02.0843 2140 dalwdmservice (014810830a80659b7962655b697e3af1) C:\WINDOWS\system32\drivers\dalwdm.sys
20:16:02.0843 2140 dalwdmservice - ok
20:16:02.0890 2140 DcCam (1b269ed3eb2d81ec11cd5b0544e89962) C:\WINDOWS\system32\DRIVERS\DcCam.sys
20:16:02.0890 2140 DcCam - ok
20:16:02.0906 2140 DcFpoint (bd6ce20068159f9714ebe9e76decab2c) C:\WINDOWS\system32\DRIVERS\DcFpoint.sys
20:16:02.0906 2140 DcFpoint - ok
20:16:02.0953 2140 DCFS2K (1315e0b5b6fc1fe930ee3498309700bd) C:\WINDOWS\system32\drivers\dcfs2k.sys
20:16:02.0953 2140 DCFS2K - ok
20:16:02.0984 2140 DcLps (5f5055efb3e0820f349924e7c5bd5af4) C:\WINDOWS\system32\DRIVERS\DcLps.sys
20:16:02.0984 2140 DcLps - ok
20:16:03.0015 2140 DcPTP (31689427da60a724b31a622b35ed21ec) C:\WINDOWS\system32\DRIVERS\DcPTP.sys
20:16:03.0015 2140 DcPTP - ok
20:16:03.0078 2140 DigiNet (f0ae709958ccfe5d30afe1083cdb0bf1) C:\WINDOWS\system32\DRIVERS\diginet.sys
20:16:03.0078 2140 DigiNet - ok
20:16:03.0093 2140 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
20:16:03.0093 2140 Disk - ok
20:16:03.0156 2140 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
20:16:03.0171 2140 dmboot - ok
20:16:03.0203 2140 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
20:16:03.0203 2140 dmio - ok
20:16:03.0218 2140 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:16:03.0218 2140 dmload - ok
20:16:03.0265 2140 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
20:16:03.0265 2140 DMusic - ok
20:16:03.0312 2140 DNE (812f9714b6d2d93078bf4d126167c5ba) C:\WINDOWS\system32\DRIVERS\dne2000.sys
20:16:03.0312 2140 DNE - ok
20:16:03.0328 2140 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
20:16:03.0328 2140 dpti2o - ok
20:16:03.0375 2140 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
20:16:03.0375 2140 drmkaud - ok
20:16:03.0406 2140 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
20:16:03.0406 2140 drvmcdb - ok
20:16:03.0437 2140 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
20:16:03.0437 2140 drvnddm - ok
20:16:03.0484 2140 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
20:16:03.0484 2140 E100B - ok
20:16:03.0515 2140 e1express (5b75bbf89d8341f424171df7ad9dc465) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
20:16:03.0515 2140 e1express - ok
20:16:03.0562 2140 Exportit (f85ffdeae43f9e9a7c3f4e3cc5ef09eb) C:\WINDOWS\system32\DRIVERS\exportit.sys
20:16:03.0562 2140 Exportit - ok
20:16:03.0593 2140 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
20:16:03.0609 2140 Fastfat - ok
20:16:03.0640 2140 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:16:03.0640 2140 Fdc - ok
20:16:03.0687 2140 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
20:16:03.0687 2140 Fips - ok
20:16:03.0703 2140 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:16:03.0703 2140 Flpydisk - ok
20:16:03.0796 2140 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
20:16:03.0796 2140 FltMgr - ok
20:16:03.0812 2140 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:16:03.0812 2140 Fs_Rec - ok
20:16:03.0828 2140 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:16:03.0828 2140 Ftdisk - ok
20:16:03.0859 2140 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
20:16:03.0859 2140 GEARAspiWDM - ok
20:16:03.0875 2140 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:16:03.0875 2140 Gpc - ok
20:16:03.0921 2140 GTNDIS5 (fc80052194d5708254a346568f0e77c0) C:\WINDOWS\system32\GTNDIS5.SYS
20:16:03.0921 2140 GTNDIS5 - ok
20:16:03.0937 2140 HDAudBus (e31363d186b3e1d7c4e9117884a6aee5) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:16:03.0953 2140 HDAudBus - ok
20:16:03.0984 2140 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:16:03.0984 2140 HidUsb - ok
20:16:04.0000 2140 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
20:16:04.0000 2140 hpn - ok
20:16:04.0078 2140 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
20:16:04.0078 2140 HTTP - ok
20:16:04.0109 2140 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys
20:16:04.0109 2140 i2omgmt - ok
20:16:04.0125 2140 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\system32\DRIVERS\i2omp.sys
20:16:04.0125 2140 i2omp - ok
20:16:04.0140 2140 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:16:04.0140 2140 i8042prt - ok
20:16:04.0218 2140 iastor (9a65e42664d1534b68512caad0efe963) C:\WINDOWS\system32\drivers\iastor.sys
20:16:04.0234 2140 iastor - ok
20:16:04.0281 2140 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:16:04.0281 2140 Imapi - ok
20:16:04.0343 2140 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
20:16:04.0359 2140 ini910u - ok
20:16:04.0375 2140 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
20:16:04.0375 2140 IntelIde - ok
20:16:04.0390 2140 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:16:04.0390 2140 intelppm - ok
20:16:04.0421 2140 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
20:16:04.0421 2140 Ip6Fw - ok
20:16:04.0453 2140 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:16:04.0453 2140 IpFilterDriver - ok
20:16:04.0468 2140 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:16:04.0468 2140 IpInIp - ok
20:16:04.0515 2140 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:16:04.0515 2140 IpNat - ok
20:16:04.0546 2140 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:16:04.0546 2140 IPSec - ok
20:16:04.0562 2140 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:16:04.0562 2140 IRENUM - ok
20:16:04.0578 2140 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:16:04.0578 2140 isapnp - ok
20:16:04.0671 2140 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:16:04.0671 2140 Kbdclass - ok
20:16:04.0703 2140 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:16:04.0703 2140 kbdhid - ok
20:16:04.0750 2140 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
20:16:04.0750 2140 kmixer - ok
20:16:04.0781 2140 KSecDD (1be7cc2535d760ae4d481576eb789f24) C:\WINDOWS\system32\drivers\KSecDD.sys
20:16:04.0781 2140 KSecDD - ok
20:16:04.0843 2140 L6PODLV (27207f289cbf01d46e4f5f7a261aa4ac) C:\WINDOWS\system32\Drivers\L6PODLV.sys
20:16:04.0859 2140 L6PODLV - ok
20:16:04.0875 2140 lbrtfdc - ok
20:16:04.0937 2140 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
20:16:04.0937 2140 MBAMSwissArmy - ok
20:16:04.0937 2140 mcmta - ok
20:16:05.0000 2140 MLPTDR_C (a0559040b0df7403ddcd9574cb2694de) C:\WINDOWS\system32\MLPTDR_C.SYS
20:16:05.0000 2140 MLPTDR_C - ok
20:16:05.0031 2140 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:16:05.0031 2140 mnmdd - ok
20:16:05.0046 2140 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
20:16:05.0046 2140 Modem - ok
20:16:05.0062 2140 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:16:05.0078 2140 Mouclass - ok
20:16:05.0093 2140 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:16:05.0093 2140 mouhid - ok
20:16:05.0093 2140 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
20:16:05.0109 2140 MountMgr - ok
20:16:05.0125 2140 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
20:16:05.0125 2140 mraid35x - ok
20:16:05.0156 2140 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:16:05.0156 2140 MRxDAV - ok
20:16:05.0218 2140 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:16:05.0218 2140 MRxSmb - ok
20:16:05.0234 2140 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
20:16:05.0250 2140 Msfs - ok
20:16:05.0296 2140 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:16:05.0296 2140 MSKSSRV - ok
20:16:05.0343 2140 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:16:05.0343 2140 MSPCLOCK - ok
20:16:05.0390 2140 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
20:16:05.0390 2140 MSPQM - ok
20:16:05.0406 2140 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:16:05.0406 2140 mssmbios - ok
20:16:05.0453 2140 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
20:16:05.0453 2140 MSTEE - ok
20:16:05.0468 2140 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
20:16:05.0468 2140 Mup - ok
20:16:05.0515 2140 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:16:05.0515 2140 NABTSFEC - ok
20:16:05.0562 2140 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
20:16:05.0578 2140 NDIS - ok
20:16:05.0609 2140 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:16:05.0609 2140 NdisIP - ok
20:16:05.0656 2140 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:16:05.0671 2140 NdisTapi - ok
20:16:05.0718 2140 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:16:05.0718 2140 Ndisuio - ok
20:16:05.0781 2140 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:16:05.0812 2140 NdisWan - ok
20:16:05.0859 2140 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
20:16:05.0875 2140 NDProxy - ok
20:16:05.0890 2140 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:16:05.0890 2140 NetBIOS - ok
20:16:05.0937 2140 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:16:05.0968 2140 NetBT - ok
20:16:06.0015 2140 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:16:06.0015 2140 NIC1394 - ok
20:16:06.0046 2140 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
20:16:06.0046 2140 Npfs - ok
20:16:06.0109 2140 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
20:16:06.0140 2140 Ntfs - ok
20:16:06.0171 2140 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:16:06.0171 2140 Null - ok
20:16:06.0203 2140 nv (c04fa0ccf740e1920bc7c19ca4f597a4) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:16:06.0796 2140 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\nv4_mini.sys. Real md5: c04fa0ccf740e1920bc7c19ca4f597a4, Fake md5: 2b298519edbfcf451d43e0f1e8f1006d
20:16:06.0796 2140 nv ( ForgedFile.Multi.Generic ) - warning
20:16:06.0796 2140 nv - detected ForgedFile.Multi.Generic (1)
20:16:06.0859 2140 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:16:06.0875 2140 NwlnkFlt - ok
20:16:06.0906 2140 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:16:06.0906 2140 NwlnkFwd - ok
20:16:06.0937 2140 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:16:06.0953 2140 ohci1394 - ok
20:16:07.0000 2140 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
20:16:07.0000 2140 Parport - ok
20:16:07.0031 2140 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
20:16:07.0046 2140 PartMgr - ok
20:16:07.0093 2140 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
20:16:07.0093 2140 ParVdm - ok
20:16:07.0125 2140 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
20:16:07.0140 2140 PCI - ok
20:16:07.0156 2140 PCIDump - ok
20:16:07.0171 2140 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:16:07.0171 2140 PCIIde - ok
20:16:07.0218 2140 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:16:07.0218 2140 Pcmcia - ok
20:16:07.0234 2140 PDCOMP - ok
20:16:07.0250 2140 PDFRAME - ok
20:16:07.0312 2140 PDRELI - ok
20:16:07.0312 2140 PDRFRAME - ok
20:16:07.0406 2140 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
20:16:07.0437 2140 perc2 - ok
20:16:07.0484 2140 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
20:16:07.0484 2140 perc2hib - ok
20:16:07.0750 2140 PORTMON - ok
20:16:07.0890 2140 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:16:07.0921 2140 PptpMiniport - ok
20:16:08.0109 2140 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
20:16:08.0140 2140 PSched - ok
20:16:08.0187 2140 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:16:08.0203 2140 Ptilink - ok
20:16:08.0343 2140 PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:16:08.0375 2140 PxHelp20 - ok
20:16:08.0437 2140 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
20:16:08.0468 2140 ql1080 - ok
20:16:08.0515 2140 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
20:16:08.0546 2140 Ql10wnt - ok
20:16:08.0609 2140 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
20:16:08.0625 2140 ql12160 - ok
20:16:08.0687 2140 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
20:16:08.0687 2140 ql1240 - ok
20:16:08.0796 2140 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
20:16:08.0812 2140 ql1280 - ok
20:16:08.0875 2140 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:16:08.0906 2140 RasAcd - ok
20:16:08.0968 2140 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:16:09.0000 2140 Rasl2tp - ok
20:16:09.0125 2140 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:16:09.0156 2140 RasPppoe - ok
20:16:09.0203 2140 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:16:09.0234 2140 Raspti - ok
20:16:09.0390 2140 RCFOX (02b4c051d302a6e291ebdcc07a5fb594) C:\WINDOWS\system32\Drivers\RCFOX.sys
20:16:09.0421 2140 RCFOX - ok
20:16:09.0546 2140 rcvpn (bca39c96b11318cbc2797c4b842e22e4) C:\WINDOWS\system32\DRIVERS\rcvpn.sys
20:16:09.0562 2140 rcvpn - ok
20:16:09.0765 2140 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:16:09.0796 2140 Rdbss - ok
20:16:09.0828 2140 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:16:09.0828 2140 RDPCDD - ok
20:16:09.0906 2140 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:16:09.0921 2140 rdpdr - ok
20:16:10.0093 2140 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
20:16:10.0125 2140 RDPWD - ok
20:16:10.0203 2140 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:16:10.0234 2140 redbook - ok
20:16:10.0390 2140 RT73 (7436bfd3a542cf6ff55097200031b293) C:\WINDOWS\system32\DRIVERS\rt73.sys
20:16:10.0421 2140 RT73 - ok
20:16:10.0609 2140 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
20:16:10.0609 2140 SASDIFSV - ok
20:16:10.0671 2140 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
20:16:10.0671 2140 SASKUTIL - ok
20:16:10.0750 2140 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:16:10.0750 2140 Secdrv - ok
20:16:10.0812 2140 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:16:10.0812 2140 serenum - ok
20:16:10.0906 2140 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
20:16:10.0937 2140 Serial - ok
20:16:11.0031 2140 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:16:11.0031 2140 Sfloppy - ok
20:16:11.0046 2140 Simbad - ok
20:16:11.0125 2140 sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\system32\DRIVERS\sisagp.sys
20:16:11.0125 2140 sisagp - ok
20:16:11.0203 2140 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:16:11.0203 2140 SLIP - ok
20:16:11.0296 2140 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
20:16:11.0296 2140 Sparrow - ok
20:16:11.0421 2140 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
20:16:11.0421 2140 splitter - ok
20:16:11.0531 2140 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
20:16:11.0531 2140 sr - ok
20:16:11.0609 2140 srescan - ok
20:16:11.0796 2140 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
20:16:11.0796 2140 Srv - ok
20:16:11.0953 2140 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
20:16:11.0953 2140 sscdbhk5 - ok
20:16:11.0984 2140 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:16:11.0984 2140 ssmdrv - ok
20:16:12.0015 2140 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
20:16:12.0015 2140 ssrtln - ok
20:16:12.0062 2140 STHDA (352b663a81402be7cd7bd4ea27c9998c) C:\WINDOWS\system32\drivers\sthda.sys
20:16:12.0062 2140 STHDA - ok
20:16:12.0109 2140 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:16:12.0109 2140 streamip - ok
20:16:12.0140 2140 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:16:12.0140 2140 swenum - ok
20:16:12.0187 2140 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
20:16:12.0187 2140 swmidi - ok
20:16:12.0203 2140 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
20:16:12.0203 2140 symc810 - ok
20:16:12.0218 2140 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
20:16:12.0218 2140 symc8xx - ok
20:16:12.0234 2140 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
20:16:12.0234 2140 sym_hi - ok
20:16:12.0250 2140 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
20:16:12.0250 2140 sym_u3 - ok
20:16:12.0296 2140 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
20:16:12.0296 2140 sysaudio - ok
20:16:12.0375 2140 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:16:12.0375 2140 Tcpip - ok
20:16:12.0406 2140 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:16:12.0406 2140 TDPIPE - ok
20:16:12.0421 2140 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
20:16:12.0421 2140 TDTCP - ok
20:16:12.0453 2140 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:16:12.0453 2140 TermDD - ok
20:16:12.0515 2140 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
20:16:12.0515 2140 tfsnboio - ok
20:16:12.0515 2140 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
20:16:12.0531 2140 tfsncofs - ok
20:16:12.0546 2140 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
20:16:12.0546 2140 tfsndrct - ok
20:16:12.0562 2140 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
20:16:12.0562 2140 tfsndres - ok
20:16:12.0578 2140 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
20:16:12.0578 2140 tfsnifs - ok
20:16:12.0609 2140 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
20:16:12.0609 2140 tfsnopio - ok
20:16:12.0625 2140 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
20:16:12.0625 2140 tfsnpool - ok
20:16:12.0640 2140 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
20:16:12.0640 2140 tfsnudf - ok
20:16:12.0656 2140 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
20:16:12.0656 2140 tfsnudfa - ok
20:16:12.0687 2140 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
20:16:12.0687 2140 TosIde - ok
20:16:12.0750 2140 TPkd (2f4e8077febfe11199ee3b011a34cd18) C:\WINDOWS\system32\drivers\TPkd.sys
20:16:12.0750 2140 TPkd - ok
20:16:12.0781 2140 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
20:16:12.0781 2140 Udfs - ok
20:16:12.0812 2140 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
20:16:12.0812 2140 ultra - ok
20:16:12.0859 2140 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
20:16:12.0875 2140 Update - ok
20:16:12.0921 2140 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
20:16:12.0921 2140 USBAAPL - ok
20:16:12.0953 2140 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:16:12.0953 2140 usbccgp - ok
20:16:12.0968 2140 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:16:12.0968 2140 usbehci - ok
20:16:13.0000 2140 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:16:13.0000 2140 usbhub - ok
20:16:13.0031 2140 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:16:13.0031 2140 usbprint - ok
20:16:13.0062 2140 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:16:13.0062 2140 usbscan - ok
20:16:13.0093 2140 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:16:13.0109 2140 USBSTOR - ok
20:16:13.0125 2140 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:16:13.0125 2140 usbuhci - ok
20:16:13.0140 2140 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
20:16:13.0140 2140 VgaSave - ok
20:16:13.0156 2140 viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\system32\DRIVERS\viaagp.sys
20:16:13.0156 2140 viaagp - ok
20:16:13.0171 2140 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys
20:16:13.0171 2140 ViaIde - ok
20:16:13.0187 2140 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
20:16:13.0187 2140 VolSnap - ok
20:16:13.0281 2140 vsdatant (050c38ebb22512122e54b47dc278bccd) C:\WINDOWS\system32\vsdatant.sys
20:16:13.0281 2140 vsdatant - ok
20:16:13.0343 2140 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:16:13.0343 2140 Wanarp - ok
20:16:13.0359 2140 wanatw - ok
20:16:13.0359 2140 WDICA - ok
20:16:13.0421 2140 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
20:16:13.0421 2140 wdmaud - ok
20:16:13.0500 2140 WLAN_USB (5db553c610649ac141497fe052bdb8a0) C:\WINDOWS\system32\DRIVERS\MA111nd5.sys
20:16:13.0515 2140 WLAN_USB - ok
20:16:13.0578 2140 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:16:13.0578 2140 WSTCODEC - ok
20:16:13.0640 2140 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:16:13.0640 2140 WudfPf - ok
20:16:13.0656 2140 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:16:13.0671 2140 WudfRd - ok
20:16:13.0718 2140 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
20:16:14.0453 2140 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
20:16:14.0453 2140 \Device\Harddisk0\DR0 - detected TDSS File System (1)
20:16:14.0468 2140 MBR (0x1B8) (35c6b2fcde68facbefe0a4a7200bae58) \Device\Harddisk1\DR1
20:16:17.0562 2140 \Device\Harddisk1\DR1 - ok
20:16:17.0578 2140 Boot (0x1200) (18df8755def57d7ffcf4eb5eb7b19587) \Device\Harddisk0\DR0\Partition0
20:16:17.0578 2140 \Device\Harddisk0\DR0\Partition0 - ok
20:16:17.0593 2140 Boot (0x1200) (91979d792bbf599c507ddb9fdd36a736) \Device\Harddisk1\DR1\Partition0
20:16:17.0593 2140 \Device\Harddisk1\DR1\Partition0 - ok
20:16:17.0593 2140 ============================================================
20:16:17.0593 2140 Scan finished
20:16:17.0593 2140 ============================================================
20:16:17.0593 1172 Detected object count: 3
20:16:17.0609 1172 Actual detected object count: 3
20:17:08.0031 1172 C:\WINDOWS\system32\DRIVERS\ati2mtag.sys - copied to quarantine
20:17:08.0031 1172 HKLM\SYSTEM\ControlSet001\services\ati2mtag - will be deleted on reboot
20:17:08.0031 1172 HKLM\SYSTEM\ControlSet003\services\ati2mtag - will be deleted on reboot
20:17:08.0031 1172 C:\WINDOWS\system32\DRIVERS\ati2mtag.sys - will be deleted on reboot
20:17:08.0031 1172 ati2mtag ( ForgedFile.Multi.Generic ) - User select action: Delete
20:17:08.0296 1172 C:\WINDOWS\system32\DRIVERS\nv4_mini.sys - copied to quarantine
20:17:08.0296 1172 HKLM\SYSTEM\ControlSet001\services\nv - will be deleted on reboot
20:17:08.0296 1172 HKLM\SYSTEM\ControlSet003\services\nv - will be deleted on reboot
20:17:08.0296 1172 C:\WINDOWS\system32\DRIVERS\nv4_mini.sys - will be deleted on reboot
20:17:08.0296 1172 nv ( ForgedFile.Multi.Generic ) - User select action: Delete
20:17:08.0421 1172 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
20:17:08.0890 1172 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
20:17:08.0953 1172 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
20:17:09.0093 1172 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
20:17:09.0281 1172 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
20:17:09.0937 1172 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
20:17:10.0421 1172 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
20:17:10.0421 1172 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
20:17:10.0437 1172 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
20:17:10.0453 1172 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
20:17:10.0515 1172 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
20:17:10.0578 1172 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
20:17:10.0578 1172 \Device\Harddisk0\DR0\TDLFS - deleted
20:17:10.0578 1172 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
20:17:34.0062 1756 Deinitialize success

aswMBR
aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-14 20:44:58
-----------------------------
20:44:58.484 OS Version: Windows 5.1.2600 Service Pack 2
20:44:58.484 Number of processors: 2 586 0x404
20:44:58.484 ComputerName: D1Z7WB91 UserName: Steve
20:44:58.984 Initialize success
20:45:13.203 AVAST engine defs: 12021302
20:45:29.125 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
20:45:29.140 Disk 0 Vendor: SAMSUNG_ ZM10 Size: 152587MB BusType: 3
20:45:29.156 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1
20:45:29.171 Disk 1 Vendor: ST332062 3.AA Size: 305245MB BusType: 3
20:45:29.218 Disk 0 MBR read successfully
20:45:29.234 Disk 0 MBR scan
20:45:29.343 Disk 0 unknown MBR code
20:45:29.375 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63
20:45:29.406 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 149354 MB offset 112455
20:45:29.468 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3176 MB offset 305990055
20:45:29.500 Disk 0 scanning sectors +312496380
20:45:29.593 Disk 0 scanning C:\WINDOWS\system32\drivers
20:45:42.156 Service scanning
20:45:44.015 Service vsdatant C:\WINDOWS\System32\vsdatant.sys **LOCKED** 32
20:45:44.718 Modules scanning
20:45:51.453 Disk 0 trace - called modules:
20:45:51.578 ntoskrnl.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
20:45:51.687 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84746ab8]
20:45:51.796 3 CLASSPNP.SYS[f767605b] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8474c030]
20:45:52.421 AVAST engine scan C:\WINDOWS
20:46:00.531 AVAST engine scan C:\WINDOWS\system32
20:49:53.046 AVAST engine scan C:\WINDOWS\system32\drivers
20:50:10.828 AVAST engine scan C:\Documents and Settings\Steve.D1Z7WB91
20:50:16.296 File: C:\Documents and Settings\Steve.D1Z7WB91\Desktop\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0001.dta **INFECTED** Win32:DNSChanger-VJ [Trj]
20:50:16.375 File: C:\Documents and Settings\Steve.D1Z7WB91\Desktop\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0003.dta **INFECTED** Win32:Alureon-MJ@mbr [Rtk]
20:50:16.468 File: C:\Documents and Settings\Steve.D1Z7WB91\Desktop\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0005.dta **INFECTED** Win32:Alureon-AQL [Rtk]
20:50:16.531 File: C:\Documents and Settings\Steve.D1Z7WB91\Desktop\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0006.dta **INFECTED** MBR:Pihar-C [Rtk]
20:50:16.625 File: C:\Documents and Settings\Steve.D1Z7WB91\Desktop\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0010.dta **INFECTED** Win32:Alureon-ANW [Rtk]
20:50:16.671 File: C:\Documents and Settings\Steve.D1Z7WB91\Desktop\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0011.dta **INFECTED** Win32:Alureon-ANW [Rtk]
20:50:35.796 AVAST engine scan C:\Documents and Settings\All Users
20:52:45.750 Scan finished successfully
20:52:53.062 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Steve.D1Z7WB91\My Documents\MBR.dat"
20:52:53.125 The log file has been saved successfully to "C:\Documents and Settings\Steve.D1Z7WB91\My Documents\aswMBR021412.txt"

EST
C:\Documents and Settings\Steve\My Documents\Downloads\YouTubeDownloaderSetup272.exe a variant of Win32/Toolbar.Widgi application deleted - quarantined
C:\Documents and Settings\Steve.D1Z7WB91\Desktop\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\Documents and Settings\Steve.D1Z7WB91\Desktop\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AD trojan cleaned by deleting - quarantined
C:\Documents and Settings\Steve.D1Z7WB91\Desktop\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0003.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\Documents and Settings\Steve.D1Z7WB91\Desktop\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AE trojan cleaned by deleting - quarantined
C:\Documents and Settings\Steve.D1Z7WB91\Desktop\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.JG trojan cleaned by deleting - quarantined
C:\Documents and Settings\Steve.D1Z7WB91\Desktop\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.AC trojan cleaned by deleting - quarantined
C:\Documents and Settings\Steve.D1Z7WB91\Desktop\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0010.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\Documents and Settings\Steve.D1Z7WB91\Desktop\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0011.dta Win64/Olmarik.X trojan cleaned by deleting - quarantined
C:\Program Files\Mozilla Firefox\cbbleepingregistrybooster.exe Win32/RegistryBooster application deleted - quarantined
C:\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AD trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0003.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AE trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.JG trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.AC trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0010.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\13.02.2012_19.47.01\mbr0000\tdlfs0000\tsk0011.dta Win64/Olmarik.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\14.02.2012_20.15.20\tdlfs0000\tsk0001.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\14.02.2012_20.15.20\tdlfs0000\tsk0002.dta Win64/Olmarik.AD trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\14.02.2012_20.15.20\tdlfs0000\tsk0003.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\14.02.2012_20.15.20\tdlfs0000\tsk0004.dta Win64/Olmarik.AE trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\14.02.2012_20.15.20\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.JG trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\14.02.2012_20.15.20\tdlfs0000\tsk0006.dta Win64/Olmarik.AC trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\14.02.2012_20.15.20\tdlfs0000\tsk0010.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\14.02.2012_20.15.20\tdlfs0000\tsk0011.dta Win64/Olmarik.X trojan cleaned by deleting - quarantined
F:\C Drive My Documents Backup 091111\My Documents\Downloads\YouTubeDownloaderSetup272.exe a variant of Win32/Toolbar.Widgi application deleted - quarantined


MiniToolBox

MiniToolBox by Farbar Version: 18-01-2012
Ran by Steve (administrator) on 15-02-2012 at 01:52:53
Microsoft Windows XP Home Edition Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.1001-search.info
127.0.0.1 1001-search.info
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com

There are 8745 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® PRO/1000 PL Network Connection = Local Area Connection (Disconnected)
SonicWALL VPN Adapter = SonicWALL Virtual Adapter (Disconnected)
1394 Net Adapter = 1394 Connection (Connected)
Compact Wireless-G USB Adapter = Wireless Network Connection 19 (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Wireless Network Connection 19"

set address name="Wireless Network Connection 19" source=dhcp
set dns name="Wireless Network Connection 19" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection 19" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : D1Z7WB91

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Wireless Network Connection 19:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Compact Wireless-G USB Adapter

Physical Address. . . . . . . . . : 00-14-BF-7D-03-FA

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.2

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

Lease Obtained. . . . . . . . . . : Tuesday, February 14, 2012 8:39:10 PM

Lease Expires . . . . . . . . . . : Wednesday, February 15, 2012 8:39:10 PM

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.45.138, 74.125.45.100, 74.125.45.102, 74.125.45.139
74.125.45.113, 74.125.45.101



Pinging google.com [74.125.47.101] with 32 bytes of data:



Reply from 74.125.47.101: bytes=32 time=44ms TTL=49

Reply from 74.125.47.101: bytes=32 time=44ms TTL=49



Ping statistics for 74.125.47.101:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 44ms, Maximum = 44ms, Average = 44ms

Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 209.191.122.70, 98.139.127.62, 98.139.183.24



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:



Reply from 209.191.122.70: bytes=32 time=50ms TTL=48

Reply from 209.191.122.70: bytes=32 time=51ms TTL=48



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 50ms, Maximum = 51ms, Average = 50ms

Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 14 bf 7d 03 fa ...... Compact Wireless-G USB Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.2 192.168.1.2 20
192.168.1.0 255.255.255.0 192.168.1.2 192.168.1.2 25
192.168.1.2 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.2 192.168.1.2 25
224.0.0.0 240.0.0.0 192.168.1.2 192.168.1.2 25
255.255.255.255 255.255.255.255 192.168.1.2 192.168.1.2 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/14/2012 08:07:03 PM) (Source: MsiInstaller) (User: Steve)Steve
Description: Product: Microsoft Office 2000 SR-1 Professional -- Error 1706. No valid source could be found for product Microsoft Office 2000 SR-1 Professional. The Windows installer cannot continue.

Error: (02/13/2012 08:50:00 PM) (Source: MsiInstaller) (User: Steve)Steve
Description: Product: Microsoft Office 2000 SR-1 Professional -- Error 1706. No valid source could be found for product Microsoft Office 2000 SR-1 Professional. The Windows installer cannot continue.

Error: (02/13/2012 08:12:18 PM) (Source: MsiInstaller) (User: Steve)Steve
Description: Product: WebFldrs XP -- Error 1704. An installation for Microsoft Office 2000 SR-1 Professional is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?

Error: (02/13/2012 06:38:50 AM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: Microsoft Office 2000 SR-1 Professional -- Error 1706. No valid source could be found for product Microsoft Office 2000 SR-1 Professional. The Windows installer cannot continue.

Error: (02/13/2012 06:38:29 AM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: Microsoft Office 2000 SR-1 Professional -- Error 1706. No valid source could be found for product Microsoft Office 2000 SR-1 Professional. The Windows installer cannot continue.

Error: (02/13/2012 06:37:29 AM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: Microsoft Office 2000 SR-1 Professional -- Error 1706. No valid source could be found for product Microsoft Office 2000 SR-1 Professional. The Windows installer cannot continue.

Error: (02/13/2012 06:37:02 AM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: Microsoft Office 2000 SR-1 Professional -- Error 1706. No valid source could be found for product Microsoft Office 2000 SR-1 Professional. The Windows installer cannot continue.

Error: (02/13/2012 06:36:18 AM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: Microsoft Office 2000 SR-1 Professional -- Error 1706. No valid source could be found for product Microsoft Office 2000 SR-1 Professional. The Windows installer cannot continue.

Error: (02/13/2012 06:25:37 AM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: Microsoft Office 2000 SR-1 Professional -- Error 1706. No valid source could be found for product Microsoft Office 2000 SR-1 Professional. The Windows installer cannot continue.

Error: (02/13/2012 05:50:45 AM) (Source: MsiInstaller) (User: SYSTEM)SYSTEM
Description: Product: Microsoft Office 2000 SR-1 Professional -- Error 1706. No valid source could be found for product Microsoft Office 2000 SR-1 Professional. The Windows installer cannot continue.


System errors:
=============
Error: (02/14/2012 10:31:01 PM) (Source: 0) (User: )
Description: \Device\Ide\iaStor0

Error: (02/14/2012 10:30:50 PM) (Source: 0) (User: )
Description: \Device\Ide\iaStor0

Error: (02/14/2012 10:27:36 PM) (Source: 0) (User: )
Description: \Device\Ide\iaStor0

Error: (02/14/2012 10:27:24 PM) (Source: 0) (User: )
Description: \Device\Ide\iaStor0

Error: (02/14/2012 10:25:55 PM) (Source: 0) (User: )
Description: \Device\Ide\iaStor0

Error: (02/14/2012 10:24:11 PM) (Source: 0) (User: )
Description: \Device\Ide\iaStor0

Error: (02/14/2012 10:21:01 PM) (Source: 0) (User: )
Description: \Device\Ide\iaStor0

Error: (02/14/2012 10:20:14 PM) (Source: 0) (User: )
Description: \Device\Ide\iaStor0

Error: (02/14/2012 10:19:44 PM) (Source: 0) (User: )
Description: \Device\Ide\iaStor0

Error: (02/14/2012 10:19:32 PM) (Source: 0) (User: )
Description: \Device\Ide\iaStor0


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Acrobat.com (Version: 1.6.65)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.34)
Adobe Flash Player 11 Plugin (Version: 11.0.1.152)
Adobe Reader X (10.1.0) (Version: 10.1.0)
AmpliTube2 (Version: 2.1.0)
Apple Application Support (Version: 1.4.1)
Apple Mobile Device Support (Version: 3.3.1.3)
Apple Software Update (Version: 2.1.2.120)
ATI Control Panel (Version: 6.14.10.5160)
Autodesk Express Viewer (Version: 3.1)
Avira AntiVir Personal - Free Antivirus (Version: 10.2.0.707)
Bonjour (Version: 2.0.4.0)
Business Plan Pro 2005 (Version: 8.09.0001)
Business Plan Pro 2005 Sample Plans (Version: 8.00.0005)
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP Navigator EX 2.0
Canon MP620 series MP Drivers
Canon MP620 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
CardRd81 (Version: 4.00.0000.0004)
CCleaner (Version: 3.07)
CCScore (Version: 5.00.0000.0011)
CR2 (Version: 4.00.0000.0003)
Crystal Reports Basic for Visual Studio 2008 (Version: 10.5.0.0)
Dell Driver Reset Tool (Version: 1.02.0000)
Dell Support 3.1 (Version: 5.1.760)
Dell System Restore (Version: 2.00.0000)
DGOControls (Version: 1.00.0000)
Digidesign ASIO Driver
Digidesign Audio Drivers 8.0.3 (Version: 8.0.3)
Digidesign ElevenRack Driver 1.0.8 (x86) (Version: 1.0.8)
Digidesign Pro Tools Creative Collection 8.0.3 (Version: 8.0.3)
Digidesign Pro Tools LE 8.0.3 (Version: 8.0.3)
DiscWizard for Windows
ESET Online Scanner v3
ESSBrwr (Version: 5.00.0000.0004)
ESSCDBK (Version: 5.00.0000.0004)
ESScore (Version: 5.00.0000.0037)
ESSCT (Version: 5.00.0000.0101)
ESSEMAIL (Version: 5.00.0000.0001)
ESSgui (Version: 5.00.0000.0013)
ESShelp (Version: 5.00.0000.0005)
ESSini (Version: 5.00.0000.0111)
ESSPCD (Version: 5.00.0000.0007)
ESSPDock (Version: 5.00.0000.0020)
ESSSONIC (Version: 5.00.0000.0002)
ESSTOOLS (Version: 5.00.0000.0004)
ESSTUTOR (Version: 5.00.0000.0102)
ESSvpaht (Version: 5.00.0000.0001)
ESSvpot (Version: 5.00.0000.0101)
Free DigiRack Plug-Ins 8.0.3 (Version: 8.0.3)
GMATPrep™ (Version: 2.3.601.409)
Google Earth (Version: 4.0.2737)
Google Talk Plugin (Version: 2.6.1.5251)
HLPIndex (Version: 5.00.0000.0002)
HLPPDOCK (Version: 5.00.0000.0001)
HLPSFO (Version: 5.00.0000.0101)
IK Digidesign Bundle (Version: 1.00.000)
Intel Matrix Storage Manager
Intel® PROSet for Wired Connections (Version: 9.30.0000)
Interlok driver setup x32 (Version: 5.8.12)
iTunes (Version: 10.1.2.17)
J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
KSU (Version: 632.62.0002.0001)
Learn2 Player (Uninstall Only)
LindXpress Version 6.2.4
Line 6 Edit (remove only) (Version: 3.00)
Line 6 Uninstaller (Version: )
Live 5.2.2
Live Digidesign Edition 2.1
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
MCU (Version: 1.00.0000)
Mechanical Desktop 2004 DX (Version: 8.0.24.6)
Melodyne Runtime 4.0 (x86) (Version: 1.0.0)
Melodyne singletrack (Version: 1.02.0112)
Microsoft .NET Compact Framework 2.0 SP2 (Version: 2.0.7045)
Microsoft .NET Compact Framework 3.5 (Version: 3.5.7283)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Device Emulator version 3.0 - ENU (Version: 9.0.21022)
Microsoft Document Explorer 2008
Microsoft Document Explorer 2008 (Version: 9.0.21022)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 SR-1 Professional (Version: 9.00.3821)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) (Version: 9.2.3042.00)
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.2.3042.00)
Microsoft SQL Server Compact 3.5 Design Tools ENU (Version: 3.5.5386.0)
Microsoft SQL Server Compact 3.5 ENU (Version: 3.5.5386.0)
Microsoft SQL Server Compact 3.5 for Devices ENU (Version: 3.5.5386.0)
Microsoft SQL Server Database Publishing Wizard 1.2 (Version: 1.2.0.0)
Microsoft SQL Server Native Client (Version: 9.00.3042.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.3042.00)
Microsoft SQL Server VSS Writer (Version: 9.00.3042.00)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework (Version: 3.5.21022)
Microsoft Windows XP Video Decoder Checkup Utility
MINOLTA-QMS PagePro 1250W
Mozilla Firefox 10.0.1 (x86 en-US) (Version: 10.0.1)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
Native Instruments Guitar Rig 2
neroxml (Version: 1.0.0)
Netflix Movie Viewer (Version: 1.2.211)
Notifier (Version: 5.00.0000.0101)
OfotoXMI (Version: 5.00.0000.0003)
OTtBP (Version: 5.00.0000.0003)
OTtBPSDK (Version: 4.00.0000.0000)
Palo Alto Software's Application Manager 8.1 (Version: 8.26.0004)
Philips PC Camera (Version: 1.0.4.1)
QuickBooks Pro 2005 (Version: )
QuickTime (Version: 7.69.80.9)
REAPER
Reason Adapted for Digidesign 2.5 (Version: 2.5)
Redistributable_MM (Version: 1.00.0000)
Rio Internet Update (Version: 2.90)
Rio Music Manager (Version: 2.90)
Rio Taxi (Version: 1.00.0000)
SFR (Version: 5.00.0000.0005)
SHASTA (Version: 5.00.0000.0003)
SKIN0001 (Version: 5.00.0000.0007)
SKINXSDK (Version: 5.00.0000.0004)
Skype™ 3.6 (Version: 3.6.244)
SolidWorks eDrawings 2009 (Version: 9.1.152)
Sonic DLA (Version: 4.95)
Sonic RecordNow Audio (Version: 2.0.0)
Sonic RecordNow Copy (Version: 2.0.0)
Sonic RecordNow Data (Version: 2.0.0)
SonicWALL Global VPN Client 4.0.0.830 (Version: 4.0.0.830)
StreetSmart Edge (Version: 1.12.43.0)
StreetSmart Pro (Version: 4.22)
SUPERAntiSpyware (Version: 5.0.1144)
T-RackS 24
TaxCut Basic 2006
TaxCut Premium + State + Efile 2008 (Version: 08.07.7101)
TaxCut Standard 2005
thinkorswim
TurboCAD Deluxe v10.2 (Version: 10.0.44.0)
TurboTax Basic 2007
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
USB Storage Driver
VC 9.0 Runtime (Version: 1.0.0)
VectorVest 7 (Version: 1.3.2.5)
VectorVest U.S. (Version: 1.4.5)
Viewpoint Media Player
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.21022)
VLC media player 1.0.3 (Version: 1.0.3)
VPRINTOL (Version: 5.00.0000.0002)
WebEx
WebFldrs XP (Version: 9.50.7523)
WILLPower v6 (Version: 2.1.0.0)
Windows Essentials Media Codec Pack 2.3d (Version: 2.3d)
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0)
Windows Imaging Component (Version: 3.0.0.0)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 10 (Version: 9.00.3636)
Windows Media Player 11
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows XP Hotfix - KB873339 (Version: 20041117.092459)
Windows XP Hotfix - KB885250 (Version: 20050118.202711)
Windows XP Hotfix - KB885835 (Version: 20041027.181713)
Windows XP Hotfix - KB887472 (Version: 20041014.162858)
Windows XP Hotfix - KB888113 (Version: 20041116.131036)
Windows XP Hotfix - KB888310 (Version: 20041027.095746)
Windows XP Hotfix - KB889673 (Version: 20041116.085848)
Windows XP Hotfix - KB890175 (Version: 20041201.233338)
Windows XP Hotfix - KB891781 (Version: 20050110.165439)
WIRELESS (Version: 5.00.0000.0001)
XML Paper Specification Shared Components Pack 1.0
YouTube Downloader 2.6.5
ZoneAlarm (Version: 9.2.044.000)

========================= Memory info: ===================================

Percentage of memory in use: 34%
Total physical RAM: 1022.09 MB
Available physical RAM: 664.48 MB
Total Pagefile: 2503.86 MB
Available Pagefile: 2137.74 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.02 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:145.85 GB) (Free:81.62 GB) NTFS
4 Drive f: (Audio Drive) (Fixed) (Total:298.09 GB) (Free:249.32 GB) NTFS

========================= Users: ========================================

User accounts for \\D1Z7WB91

Admin Administrator ASPNET
Guest HelpAssistant Steve
SUPPORT_388945a0


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:31 PM

Posted 15 February 2012 - 09:09 AM

Download a new copy of TDSSkiller,Launch it ,click on SCAN and post the latest log in C drive

Thanks

Edited by narenxp, 15 February 2012 - 09:10 AM.


#7 carran

carran
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:31 PM

Posted 15 February 2012 - 08:32 PM

No detections this time. Things seem to be significantly improved. Is there an application that fixes the desktop issues caused by pihar.b? I guess unhide doesn't work?

20:19:31.0898 1676 TDSS rootkit removing tool 2.7.12.0 Feb 11 2012 16:58:52
20:19:32.0523 1676 ============================================================
20:19:32.0523 1676 Current date / time: 2012/02/15 20:19:32.0523
20:19:32.0523 1676 SystemInfo:
20:19:32.0523 1676
20:19:32.0523 1676 OS Version: 5.1.2600 ServicePack: 2.0
20:19:32.0523 1676 Product type: Workstation
20:19:32.0523 1676 ComputerName: D1Z7WB91
20:19:32.0523 1676 UserName: Steve
20:19:32.0523 1676 Windows directory: C:\WINDOWS
20:19:32.0523 1676 System windows directory: C:\WINDOWS
20:19:32.0523 1676 Processor architecture: Intel x86
20:19:32.0523 1676 Number of processors: 2
20:19:32.0523 1676 Page size: 0x1000
20:19:32.0523 1676 Boot type: Normal boot
20:19:32.0523 1676 ============================================================
20:19:32.0976 1676 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:19:32.0992 1676 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:19:32.0992 1676 \Device\Harddisk0\DR0:
20:19:32.0992 1676 MBR used
20:19:32.0992 1676 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x123B5260
20:19:32.0992 1676 \Device\Harddisk1\DR1:
20:19:32.0992 1676 MBR used
20:19:32.0992 1676 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
20:19:33.0101 1676 Initialize success
20:19:33.0101 1676 ============================================================
20:19:40.0211 0280 ============================================================
20:19:40.0211 0280 Scan started
20:19:40.0211 0280 Mode: Manual; TDLFS;
20:19:40.0211 0280 ============================================================
20:19:40.0617 0280 07239580 - ok
20:19:40.0648 0280 Abiosdsk - ok
20:19:40.0695 0280 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
20:19:40.0695 0280 abp480n5 - ok
20:19:40.0758 0280 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:19:40.0758 0280 ACPI - ok
20:19:40.0789 0280 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:19:40.0789 0280 ACPIEC - ok
20:19:40.0836 0280 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
20:19:40.0836 0280 adpu160m - ok
20:19:40.0883 0280 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
20:19:40.0883 0280 aec - ok
20:19:40.0929 0280 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
20:19:40.0945 0280 AFD - ok
20:19:40.0976 0280 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
20:19:40.0976 0280 agp440 - ok
20:19:40.0992 0280 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
20:19:40.0992 0280 agpCPQ - ok
20:19:41.0023 0280 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
20:19:41.0023 0280 Aha154x - ok
20:19:41.0054 0280 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
20:19:41.0054 0280 aic78u2 - ok
20:19:41.0086 0280 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
20:19:41.0086 0280 aic78xx - ok
20:19:41.0148 0280 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
20:19:41.0148 0280 AliIde - ok
20:19:41.0179 0280 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\system32\DRIVERS\alim1541.sys
20:19:41.0179 0280 alim1541 - ok
20:19:41.0195 0280 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\system32\DRIVERS\amdagp.sys
20:19:41.0195 0280 amdagp - ok
20:19:41.0242 0280 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
20:19:41.0242 0280 amsint - ok
20:19:41.0320 0280 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:19:41.0320 0280 Arp1394 - ok
20:19:41.0351 0280 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
20:19:41.0351 0280 asc - ok
20:19:41.0383 0280 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
20:19:41.0383 0280 asc3350p - ok
20:19:41.0398 0280 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
20:19:41.0414 0280 asc3550 - ok
20:19:41.0492 0280 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:19:41.0492 0280 AsyncMac - ok
20:19:41.0523 0280 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:19:41.0523 0280 atapi - ok
20:19:41.0554 0280 Atdisk - ok
20:19:41.0601 0280 ati2mtag - ok
20:19:41.0758 0280 ATICDSDr (6678e6d3b2cbe635b86f678bd0e6465b) C:\Program Files\ATI Technologies\ATI Control Panel\atiicdxx.sys
20:19:41.0773 0280 ATICDSDr - ok
20:19:41.0883 0280 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:19:41.0883 0280 Atmarpc - ok
20:19:41.0976 0280 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:19:41.0976 0280 audstub - ok
20:19:42.0148 0280 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
20:19:42.0148 0280 avgio - ok
20:19:42.0226 0280 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:19:42.0226 0280 avgntflt - ok
20:19:42.0351 0280 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:19:42.0367 0280 avipbb - ok
20:19:42.0539 0280 BCM42RLY (438179abe9b7a922a21b8d6369ff52ff) C:\WINDOWS\System32\BCM42RLY.SYS
20:19:42.0539 0280 BCM42RLY - ok
20:19:42.0570 0280 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:19:42.0570 0280 Beep - ok
20:19:42.0648 0280 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
20:19:42.0648 0280 BVRPMPR5 - ok
20:19:42.0711 0280 CA561 (50ded7c73e0fb40693edab8cad7c46e7) C:\WINDOWS\system32\Drivers\SPCA561.SYS
20:19:42.0711 0280 CA561 - ok
20:19:42.0742 0280 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
20:19:42.0742 0280 cbidf - ok
20:19:42.0773 0280 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:19:42.0773 0280 cbidf2k - ok
20:19:42.0820 0280 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:19:42.0820 0280 CCDECODE - ok
20:19:42.0851 0280 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
20:19:42.0851 0280 cd20xrnt - ok
20:19:42.0883 0280 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:19:42.0883 0280 Cdaudio - ok
20:19:42.0914 0280 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
20:19:42.0929 0280 Cdfs - ok
20:19:42.0945 0280 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:19:42.0961 0280 Cdrom - ok
20:19:42.0976 0280 Changer - ok
20:19:43.0070 0280 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
20:19:43.0070 0280 CmdIde - ok
20:19:43.0133 0280 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
20:19:43.0133 0280 Cpqarray - ok
20:19:43.0179 0280 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
20:19:43.0179 0280 dac2w2k - ok
20:19:43.0211 0280 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
20:19:43.0211 0280 dac960nt - ok
20:19:43.0258 0280 dalwdmservice (014810830a80659b7962655b697e3af1) C:\WINDOWS\system32\drivers\dalwdm.sys
20:19:43.0258 0280 dalwdmservice - ok
20:19:43.0336 0280 DcCam (1b269ed3eb2d81ec11cd5b0544e89962) C:\WINDOWS\system32\DRIVERS\DcCam.sys
20:19:43.0336 0280 DcCam - ok
20:19:43.0429 0280 DcFpoint (bd6ce20068159f9714ebe9e76decab2c) C:\WINDOWS\system32\DRIVERS\DcFpoint.sys
20:19:43.0429 0280 DcFpoint - ok
20:19:43.0492 0280 DCFS2K (1315e0b5b6fc1fe930ee3498309700bd) C:\WINDOWS\system32\drivers\dcfs2k.sys
20:19:43.0492 0280 DCFS2K - ok
20:19:43.0523 0280 DcLps (5f5055efb3e0820f349924e7c5bd5af4) C:\WINDOWS\system32\DRIVERS\DcLps.sys
20:19:43.0523 0280 DcLps - ok
20:19:43.0554 0280 DcPTP (31689427da60a724b31a622b35ed21ec) C:\WINDOWS\system32\DRIVERS\DcPTP.sys
20:19:43.0554 0280 DcPTP - ok
20:19:43.0695 0280 DigiNet (f0ae709958ccfe5d30afe1083cdb0bf1) C:\WINDOWS\system32\DRIVERS\diginet.sys
20:19:43.0695 0280 DigiNet - ok
20:19:43.0742 0280 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
20:19:43.0742 0280 Disk - ok
20:19:43.0836 0280 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
20:19:43.0851 0280 dmboot - ok
20:19:43.0867 0280 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
20:19:43.0867 0280 dmio - ok
20:19:43.0898 0280 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:19:43.0898 0280 dmload - ok
20:19:43.0961 0280 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
20:19:43.0961 0280 DMusic - ok
20:19:44.0008 0280 DNE (812f9714b6d2d93078bf4d126167c5ba) C:\WINDOWS\system32\DRIVERS\dne2000.sys
20:19:44.0008 0280 DNE - ok
20:19:44.0039 0280 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
20:19:44.0039 0280 dpti2o - ok
20:19:44.0101 0280 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
20:19:44.0101 0280 drmkaud - ok
20:19:44.0133 0280 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
20:19:44.0133 0280 drvmcdb - ok
20:19:44.0164 0280 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
20:19:44.0164 0280 drvnddm - ok
20:19:44.0226 0280 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
20:19:44.0226 0280 E100B - ok
20:19:44.0304 0280 e1express (5b75bbf89d8341f424171df7ad9dc465) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
20:19:44.0320 0280 e1express - ok
20:19:44.0429 0280 Exportit (f85ffdeae43f9e9a7c3f4e3cc5ef09eb) C:\WINDOWS\system32\DRIVERS\exportit.sys
20:19:44.0429 0280 Exportit - ok
20:19:44.0492 0280 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
20:19:44.0492 0280 Fastfat - ok
20:19:44.0539 0280 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:19:44.0539 0280 Fdc - ok
20:19:44.0601 0280 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
20:19:44.0617 0280 Fips - ok
20:19:44.0633 0280 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:19:44.0633 0280 Flpydisk - ok
20:19:44.0695 0280 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
20:19:44.0695 0280 FltMgr - ok
20:19:44.0742 0280 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:19:44.0742 0280 Fs_Rec - ok
20:19:44.0773 0280 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:19:44.0773 0280 Ftdisk - ok
20:19:44.0836 0280 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
20:19:44.0836 0280 GEARAspiWDM - ok
20:19:44.0867 0280 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:19:44.0867 0280 Gpc - ok
20:19:44.0914 0280 GTNDIS5 (fc80052194d5708254a346568f0e77c0) C:\WINDOWS\system32\GTNDIS5.SYS
20:19:44.0929 0280 GTNDIS5 - ok
20:19:44.0961 0280 HDAudBus (e31363d186b3e1d7c4e9117884a6aee5) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:19:44.0961 0280 HDAudBus - ok
20:19:45.0023 0280 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:19:45.0023 0280 HidUsb - ok
20:19:45.0054 0280 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
20:19:45.0054 0280 hpn - ok
20:19:45.0117 0280 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
20:19:45.0117 0280 HTTP - ok
20:19:45.0164 0280 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys
20:19:45.0164 0280 i2omgmt - ok
20:19:45.0195 0280 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\system32\DRIVERS\i2omp.sys
20:19:45.0195 0280 i2omp - ok
20:19:45.0211 0280 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:19:45.0211 0280 i8042prt - ok
20:19:45.0367 0280 iastor (9a65e42664d1534b68512caad0efe963) C:\WINDOWS\system32\drivers\iastor.sys
20:19:45.0367 0280 iastor - ok
20:19:45.0445 0280 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:19:45.0445 0280 Imapi - ok
20:19:45.0508 0280 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
20:19:45.0508 0280 ini910u - ok
20:19:45.0539 0280 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
20:19:45.0539 0280 IntelIde - ok
20:19:45.0570 0280 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:19:45.0586 0280 intelppm - ok
20:19:45.0601 0280 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
20:19:45.0617 0280 Ip6Fw - ok
20:19:45.0648 0280 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:19:45.0648 0280 IpFilterDriver - ok
20:19:45.0679 0280 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:19:45.0679 0280 IpInIp - ok
20:19:45.0726 0280 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:19:45.0726 0280 IpNat - ok
20:19:45.0773 0280 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:19:45.0773 0280 IPSec - ok
20:19:45.0804 0280 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:19:45.0804 0280 IRENUM - ok
20:19:45.0836 0280 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:19:45.0836 0280 isapnp - ok
20:19:45.0883 0280 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:19:45.0883 0280 Kbdclass - ok
20:19:45.0914 0280 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:19:45.0914 0280 kbdhid - ok
20:19:45.0976 0280 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
20:19:45.0976 0280 kmixer - ok
20:19:46.0023 0280 KSecDD (1be7cc2535d760ae4d481576eb789f24) C:\WINDOWS\system32\drivers\KSecDD.sys
20:19:46.0023 0280 KSecDD - ok
20:19:46.0086 0280 L6PODLV (27207f289cbf01d46e4f5f7a261aa4ac) C:\WINDOWS\system32\Drivers\L6PODLV.sys
20:19:46.0101 0280 L6PODLV - ok
20:19:46.0148 0280 lbrtfdc - ok
20:19:46.0226 0280 mcmta - ok
20:19:46.0304 0280 MLPTDR_C (a0559040b0df7403ddcd9574cb2694de) C:\WINDOWS\system32\MLPTDR_C.SYS
20:19:46.0304 0280 MLPTDR_C - ok
20:19:46.0336 0280 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:19:46.0336 0280 mnmdd - ok
20:19:46.0383 0280 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
20:19:46.0383 0280 Modem - ok
20:19:46.0398 0280 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:19:46.0414 0280 Mouclass - ok
20:19:46.0429 0280 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:19:46.0429 0280 mouhid - ok
20:19:46.0461 0280 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
20:19:46.0461 0280 MountMgr - ok
20:19:46.0492 0280 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
20:19:46.0492 0280 mraid35x - ok
20:19:46.0523 0280 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:19:46.0523 0280 MRxDAV - ok
20:19:46.0601 0280 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:19:46.0601 0280 MRxSmb - ok
20:19:46.0664 0280 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
20:19:46.0664 0280 Msfs - ok
20:19:46.0742 0280 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:19:46.0742 0280 MSKSSRV - ok
20:19:46.0789 0280 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:19:46.0789 0280 MSPCLOCK - ok
20:19:46.0836 0280 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
20:19:46.0836 0280 MSPQM - ok
20:19:46.0867 0280 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:19:46.0867 0280 mssmbios - ok
20:19:46.0929 0280 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
20:19:46.0929 0280 MSTEE - ok
20:19:46.0945 0280 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
20:19:46.0945 0280 Mup - ok
20:19:47.0008 0280 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:19:47.0008 0280 NABTSFEC - ok
20:19:47.0054 0280 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
20:19:47.0054 0280 NDIS - ok
20:19:47.0086 0280 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:19:47.0086 0280 NdisIP - ok
20:19:47.0117 0280 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:19:47.0133 0280 NdisTapi - ok
20:19:47.0148 0280 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:19:47.0148 0280 Ndisuio - ok
20:19:47.0179 0280 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:19:47.0179 0280 NdisWan - ok
20:19:47.0211 0280 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
20:19:47.0211 0280 NDProxy - ok
20:19:47.0226 0280 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:19:47.0242 0280 NetBIOS - ok
20:19:47.0336 0280 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:19:47.0336 0280 NetBT - ok
20:19:47.0461 0280 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:19:47.0461 0280 NIC1394 - ok
20:19:47.0492 0280 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
20:19:47.0492 0280 Npfs - ok
20:19:47.0586 0280 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
20:19:47.0586 0280 Ntfs - ok
20:19:47.0664 0280 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:19:47.0664 0280 Null - ok
20:19:47.0679 0280 nv - ok
20:19:47.0726 0280 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:19:47.0726 0280 NwlnkFlt - ok
20:19:47.0742 0280 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:19:47.0742 0280 NwlnkFwd - ok
20:19:47.0773 0280 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:19:47.0773 0280 ohci1394 - ok
20:19:47.0820 0280 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
20:19:47.0820 0280 Parport - ok
20:19:47.0836 0280 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
20:19:47.0836 0280 PartMgr - ok
20:19:47.0883 0280 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
20:19:47.0883 0280 ParVdm - ok
20:19:47.0898 0280 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
20:19:47.0898 0280 PCI - ok
20:19:47.0929 0280 PCIDump - ok
20:19:47.0961 0280 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:19:47.0961 0280 PCIIde - ok
20:19:47.0992 0280 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:19:48.0008 0280 Pcmcia - ok
20:19:48.0023 0280 PDCOMP - ok
20:19:48.0054 0280 PDFRAME - ok
20:19:48.0070 0280 PDRELI - ok
20:19:48.0101 0280 PDRFRAME - ok
20:19:48.0148 0280 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
20:19:48.0148 0280 perc2 - ok
20:19:48.0179 0280 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
20:19:48.0179 0280 perc2hib - ok
20:19:48.0445 0280 PORTMON - ok
20:19:48.0508 0280 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:19:48.0508 0280 PptpMiniport - ok
20:19:48.0554 0280 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
20:19:48.0554 0280 PSched - ok
20:19:48.0586 0280 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:19:48.0586 0280 Ptilink - ok
20:19:48.0617 0280 PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:19:48.0617 0280 PxHelp20 - ok
20:19:48.0664 0280 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
20:19:48.0664 0280 ql1080 - ok
20:19:48.0695 0280 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
20:19:48.0695 0280 Ql10wnt - ok
20:19:48.0726 0280 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
20:19:48.0726 0280 ql12160 - ok
20:19:48.0742 0280 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
20:19:48.0742 0280 ql1240 - ok
20:19:48.0789 0280 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
20:19:48.0789 0280 ql1280 - ok
20:19:48.0820 0280 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:19:48.0836 0280 RasAcd - ok
20:19:48.0867 0280 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:19:48.0867 0280 Rasl2tp - ok
20:19:48.0914 0280 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:19:48.0914 0280 RasPppoe - ok
20:19:48.0945 0280 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:19:48.0945 0280 Raspti - ok
20:19:49.0008 0280 RCFOX (02b4c051d302a6e291ebdcc07a5fb594) C:\WINDOWS\system32\Drivers\RCFOX.sys
20:19:49.0008 0280 RCFOX - ok
20:19:49.0054 0280 rcvpn (bca39c96b11318cbc2797c4b842e22e4) C:\WINDOWS\system32\DRIVERS\rcvpn.sys
20:19:49.0054 0280 rcvpn - ok
20:19:49.0101 0280 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:19:49.0117 0280 Rdbss - ok
20:19:49.0148 0280 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:19:49.0148 0280 RDPCDD - ok
20:19:49.0195 0280 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:19:49.0195 0280 rdpdr - ok
20:19:49.0258 0280 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
20:19:49.0273 0280 RDPWD - ok
20:19:49.0336 0280 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:19:49.0336 0280 redbook - ok
20:19:49.0445 0280 RT73 (7436bfd3a542cf6ff55097200031b293) C:\WINDOWS\system32\DRIVERS\rt73.sys
20:19:49.0461 0280 RT73 - ok
20:19:49.0601 0280 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
20:19:49.0601 0280 SASDIFSV - ok
20:19:49.0617 0280 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
20:19:49.0617 0280 SASKUTIL - ok
20:19:49.0695 0280 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:19:49.0695 0280 Secdrv - ok
20:19:49.0742 0280 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:19:49.0758 0280 serenum - ok
20:19:49.0789 0280 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
20:19:49.0789 0280 Serial - ok
20:19:49.0898 0280 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:19:49.0898 0280 Sfloppy - ok
20:19:49.0945 0280 Simbad - ok
20:19:49.0976 0280 sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\system32\DRIVERS\sisagp.sys
20:19:49.0976 0280 sisagp - ok
20:19:50.0023 0280 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:19:50.0039 0280 SLIP - ok
20:19:50.0101 0280 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
20:19:50.0101 0280 Sparrow - ok
20:19:50.0148 0280 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
20:19:50.0148 0280 splitter - ok
20:19:50.0226 0280 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
20:19:50.0226 0280 sr - ok
20:19:50.0383 0280 srescan - ok
20:19:50.0508 0280 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
20:19:50.0508 0280 Srv - ok
20:19:50.0539 0280 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
20:19:50.0539 0280 sscdbhk5 - ok
20:19:50.0601 0280 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:19:50.0601 0280 ssmdrv - ok
20:19:50.0633 0280 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
20:19:50.0633 0280 ssrtln - ok
20:19:50.0679 0280 STHDA (352b663a81402be7cd7bd4ea27c9998c) C:\WINDOWS\system32\drivers\sthda.sys
20:19:50.0695 0280 STHDA - ok
20:19:50.0726 0280 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:19:50.0726 0280 streamip - ok
20:19:50.0758 0280 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:19:50.0758 0280 swenum - ok
20:19:50.0804 0280 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
20:19:50.0804 0280 swmidi - ok
20:19:50.0851 0280 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
20:19:50.0851 0280 symc810 - ok
20:19:50.0883 0280 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
20:19:50.0883 0280 symc8xx - ok
20:19:50.0898 0280 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
20:19:50.0898 0280 sym_hi - ok
20:19:50.0929 0280 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
20:19:50.0929 0280 sym_u3 - ok
20:19:50.0976 0280 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
20:19:50.0992 0280 sysaudio - ok
20:19:51.0086 0280 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:19:51.0086 0280 Tcpip - ok
20:19:51.0133 0280 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:19:51.0133 0280 TDPIPE - ok
20:19:51.0148 0280 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
20:19:51.0148 0280 TDTCP - ok
20:19:51.0195 0280 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:19:51.0195 0280 TermDD - ok
20:19:51.0258 0280 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
20:19:51.0258 0280 tfsnboio - ok
20:19:51.0289 0280 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
20:19:51.0289 0280 tfsncofs - ok
20:19:51.0320 0280 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
20:19:51.0320 0280 tfsndrct - ok
20:19:51.0336 0280 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
20:19:51.0336 0280 tfsndres - ok
20:19:51.0383 0280 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
20:19:51.0383 0280 tfsnifs - ok
20:19:51.0414 0280 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
20:19:51.0414 0280 tfsnopio - ok
20:19:51.0429 0280 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
20:19:51.0429 0280 tfsnpool - ok
20:19:51.0461 0280 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
20:19:51.0476 0280 tfsnudf - ok
20:19:51.0492 0280 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
20:19:51.0492 0280 tfsnudfa - ok
20:19:51.0539 0280 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
20:19:51.0539 0280 TosIde - ok
20:19:51.0586 0280 TPkd (2f4e8077febfe11199ee3b011a34cd18) C:\WINDOWS\system32\drivers\TPkd.sys
20:19:51.0586 0280 TPkd - ok
20:19:51.0633 0280 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
20:19:51.0648 0280 Udfs - ok
20:19:51.0679 0280 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
20:19:51.0679 0280 ultra - ok
20:19:51.0742 0280 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
20:19:51.0742 0280 Update - ok
20:19:51.0820 0280 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
20:19:51.0820 0280 USBAAPL - ok
20:19:51.0851 0280 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:19:51.0851 0280 usbccgp - ok
20:19:51.0883 0280 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:19:51.0883 0280 usbehci - ok
20:19:51.0898 0280 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:19:51.0914 0280 usbhub - ok
20:19:51.0945 0280 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:19:51.0945 0280 usbprint - ok
20:19:51.0976 0280 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:19:51.0976 0280 usbscan - ok
20:19:52.0008 0280 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:19:52.0023 0280 USBSTOR - ok
20:19:52.0039 0280 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:19:52.0039 0280 usbuhci - ok
20:19:52.0070 0280 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
20:19:52.0070 0280 VgaSave - ok
20:19:52.0101 0280 viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\system32\DRIVERS\viaagp.sys
20:19:52.0101 0280 viaagp - ok
20:19:52.0133 0280 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys
20:19:52.0133 0280 ViaIde - ok
20:19:52.0164 0280 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
20:19:52.0164 0280 VolSnap - ok
20:19:52.0258 0280 vsdatant (050c38ebb22512122e54b47dc278bccd) C:\WINDOWS\system32\vsdatant.sys
20:19:52.0289 0280 vsdatant - ok
20:19:52.0383 0280 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:19:52.0398 0280 Wanarp - ok
20:19:52.0414 0280 wanatw - ok
20:19:52.0429 0280 WDICA - ok
20:19:52.0492 0280 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
20:19:52.0492 0280 wdmaud - ok
20:19:52.0695 0280 WLAN_USB (5db553c610649ac141497fe052bdb8a0) C:\WINDOWS\system32\DRIVERS\MA111nd5.sys
20:19:52.0695 0280 WLAN_USB - ok
20:19:52.0898 0280 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:19:52.0898 0280 WSTCODEC - ok
20:19:52.0945 0280 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:19:52.0961 0280 WudfPf - ok
20:19:52.0976 0280 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:19:52.0976 0280 WudfRd - ok
20:19:53.0179 0280 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
20:19:53.0945 0280 \Device\Harddisk0\DR0 - ok
20:19:53.0961 0280 MBR (0x1B8) (35c6b2fcde68facbefe0a4a7200bae58) \Device\Harddisk1\DR1
20:19:57.0133 0280 \Device\Harddisk1\DR1 - ok
20:19:57.0164 0280 Boot (0x1200) (18df8755def57d7ffcf4eb5eb7b19587) \Device\Harddisk0\DR0\Partition0
20:19:57.0164 0280 \Device\Harddisk0\DR0\Partition0 - ok
20:19:57.0179 0280 Boot (0x1200) (91979d792bbf599c507ddb9fdd36a736) \Device\Harddisk1\DR1\Partition0
20:19:57.0179 0280 \Device\Harddisk1\DR1\Partition0 - ok
20:19:57.0195 0280 ============================================================
20:19:57.0195 0280 Scan finished
20:19:57.0195 0280 ============================================================
20:19:57.0242 3292 Detected object count: 0
20:19:57.0242 3292 Actual detected object count: 0

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:31 PM

Posted 15 February 2012 - 09:05 PM

No detections this time. Things seem to be significantly improved. Is there an application that fixes the desktop issues caused by pihar.b? I guess unhide doesn't work?

what issues do you face now?

Run unhide fix and let me know if it worked.

http://download.bleepingcomputer.com/grinler/unhide.exe

#9 carran

carran
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:31 PM

Posted 16 February 2012 - 06:30 AM

Nope, unhide didn't work. Appears that when I log in I don't access my old user account files (My Documents, Desktop, My Pictures, etc.), but a newly created set.

There are two similar user names (Steve and Steve.DIZ7WB91) in Documents and Settings. The DIZ7WB91 is my full computer name under My Computer Properties. I don't remember creating it although I have had the computer a long time so it is possible. I wonder if XP creates a new user and set of files if it can't access the old ones? Or is it part of the virus?

I can browse to my data and all the files appear to be there and are accessible. But I can't open my .pst files and monitor driver isn't loading. I think I can get everything reconfigured but would love to be able to get back to old settings.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:31 PM

Posted 16 February 2012 - 12:15 PM

UNHIDE will not work because the issue you face looks like a USER PROFILE CORRUPTION

Steve is your original profile and other one is a temporary profile created at every logon

There are many fixes(most of them fails) going around for this issue.I use a different FIX which involves editing registry and repairing the corrupted account which is risky.

Migrating a user profile should be secured and easy way

http://support.microsoft.com/kb/811151


good luck

Edited by narenxp, 16 February 2012 - 12:15 PM.


#11 carran

carran
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:31 PM

Posted 17 February 2012 - 01:40 AM

OK, I will see if I can get the user profile fixed. Thanks for all the help.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:31 PM

Posted 17 February 2012 - 08:46 AM

good luck :thumbup2:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users