Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

TDSSKiller claims I have a rootkit?


  • This topic is locked This topic is locked
27 replies to this topic

#1 Ducon

Ducon

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:08:44 AM

Posted 23 February 2012 - 06:48 AM

Here is the log and I would like to know if that is a valid concern.

12:56:16.0257 14140 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
12:56:16.0563 14140 ============================================================
12:56:16.0563 14140 Current date / time: 2012/02/23 12:56:16.0563
12:56:16.0563 14140 SystemInfo:
12:56:16.0563 14140
12:56:16.0563 14140 OS Version: 6.0.6002 ServicePack: 2.0
12:56:16.0563 14140 Product type: Workstation
12:56:16.0563 14140 ComputerName: JUSSI-PC
12:56:16.0564 14140 UserName: Jussi
12:56:16.0564 14140 Windows directory: C:\Windows
12:56:16.0564 14140 System windows directory: C:\Windows
12:56:16.0564 14140 Processor architecture: Intel x86
12:56:16.0564 14140 Number of processors: 4
12:56:16.0564 14140 Page size: 0x1000
12:56:16.0564 14140 Boot type: Normal boot
12:56:16.0564 14140 ============================================================
12:56:18.0157 14140 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:56:18.0179 14140 Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:56:19.0328 14140 \Device\Harddisk0\DR0:
12:56:19.0340 14140 MBR used
12:56:19.0341 14140 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x49055B51
12:56:19.0341 14140 \Device\Harddisk1\DR1:
12:56:19.0362 14140 MBR used
12:56:19.0362 14140 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x4A857000
12:56:19.0459 14140 Initialize success
12:56:19.0459 14140 ============================================================
12:56:33.0944 5864 ============================================================
12:56:33.0944 5864 Scan started
12:56:33.0944 5864 Mode: Manual; SigCheck; TDLFS;
12:56:33.0944 5864 ============================================================
12:56:34.0559 5864 Scan interrupted by user!
12:56:34.0559 5864 Scan interrupted by user!
12:56:34.0559 5864 Scan interrupted by user!
12:56:34.0559 5864 ============================================================
12:56:34.0559 5864 Scan finished
12:56:34.0559 5864 ============================================================
12:56:34.0578 11784 Detected object count: 0
12:56:34.0578 11784 Actual detected object count: 0
12:56:45.0155 9704 ============================================================
12:56:45.0155 9704 Scan started
12:56:45.0155 9704 Mode: Manual; SigCheck; TDLFS;
12:56:45.0155 9704 ============================================================
12:56:45.0511 9704 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
12:56:45.0740 9704 ACPI - ok
12:56:45.0791 9704 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
12:56:45.0850 9704 adp94xx - ok
12:56:45.0875 9704 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
12:56:45.0935 9704 adpahci - ok
12:56:45.0964 9704 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
12:56:46.0056 9704 adpu160m - ok
12:56:46.0077 9704 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
12:56:46.0189 9704 adpu320 - ok
12:56:46.0243 9704 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
12:56:46.0367 9704 AFD - ok
12:56:46.0387 9704 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
12:56:46.0475 9704 agp440 - ok
12:56:46.0488 9704 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
12:56:46.0568 9704 aic78xx - ok
12:56:46.0591 9704 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
12:56:46.0635 9704 aliide - ok
12:56:46.0665 9704 Alpham1 (acd2f2df292b6cc28f58095bba63a068) C:\Windows\system32\DRIVERS\Alpham1.sys
12:56:46.0770 9704 Alpham1 - ok
12:56:46.0787 9704 Alpham2 (f4fafb2e74b83a156408b1b02302799e) C:\Windows\system32\DRIVERS\Alpham2.sys
12:56:46.0847 9704 Alpham2 - ok
12:56:46.0867 9704 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
12:56:46.0956 9704 amdagp - ok
12:56:46.0993 9704 amdide (b39f8c63f6e0655b6cf99899be039250) C:\Windows\system32\DRIVERS\amdide.sys
12:56:47.0097 9704 amdide - ok
12:56:47.0115 9704 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
12:56:47.0279 9704 AmdK7 - ok
12:56:47.0295 9704 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
12:56:47.0381 9704 AmdK8 - ok
12:56:47.0412 9704 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\Windows\system32\DRIVERS\AmdLLD.sys
12:56:47.0472 9704 AmdLLD - ok
12:56:47.0506 9704 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
12:56:47.0579 9704 arc - ok
12:56:47.0596 9704 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
12:56:47.0666 9704 arcsas - ok
12:56:47.0705 9704 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
12:56:47.0782 9704 AsyncMac - ok
12:56:47.0818 9704 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
12:56:47.0852 9704 atapi - ok
12:56:47.0874 9704 AtiPcie (5a1465ad2e7c1bc39cda12a355329096) C:\Windows\system32\DRIVERS\AtiPcie.sys
12:56:47.0911 9704 AtiPcie - ok
12:56:47.0943 9704 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
12:56:48.0127 9704 atksgt - ok
12:56:48.0163 9704 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
12:56:48.0256 9704 Beep - ok
12:56:48.0367 9704 BHDrvx86 (e685ba3267c5a4ec4ce9e2b4a1481725) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20111223.001\BHDrvx86.sys
12:56:48.0822 9704 BHDrvx86 - ok
12:56:48.0851 9704 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
12:56:48.0942 9704 blbdrive - ok
12:56:48.0975 9704 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
12:56:49.0092 9704 bowser - ok
12:56:49.0108 9704 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
12:56:49.0238 9704 BrFiltLo - ok
12:56:49.0265 9704 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
12:56:49.0342 9704 BrFiltUp - ok
12:56:49.0372 9704 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
12:56:49.0605 9704 Brserid - ok
12:56:49.0628 9704 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
12:56:49.0785 9704 BrSerWdm - ok
12:56:49.0805 9704 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
12:56:49.0877 9704 BrUsbMdm - ok
12:56:49.0895 9704 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
12:56:50.0007 9704 BrUsbSer - ok
12:56:50.0031 9704 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
12:56:50.0146 9704 BTHMODEM - ok
12:56:50.0173 9704 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
12:56:50.0283 9704 cdfs - ok
12:56:50.0311 9704 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
12:56:50.0402 9704 cdrom - ok
12:56:50.0421 9704 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
12:56:50.0498 9704 circlass - ok
12:56:50.0531 9704 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
12:56:50.0594 9704 CLFS - ok
12:56:50.0625 9704 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
12:56:50.0662 9704 cmdide - ok
12:56:50.0683 9704 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
12:56:50.0720 9704 Compbatt - ok
12:56:50.0741 9704 cpuz135 - ok
12:56:50.0752 9704 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
12:56:50.0812 9704 crcdisk - ok
12:56:50.0854 9704 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
12:56:50.0928 9704 Crusoe - ok
12:56:50.0977 9704 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
12:56:51.0092 9704 DfsC - ok
12:56:51.0143 9704 DFU (b684540dfa0bc06a504f837ed39daf5a) C:\Windows\system32\drivers\MassDfu.sys
12:56:51.0184 9704 DFU ( UnsignedFile.Multi.Generic ) - warning
12:56:51.0184 9704 DFU - detected UnsignedFile.Multi.Generic (1)
12:56:51.0217 9704 dg_ssudbus (c9f9cafafbffaf7e380efc353ccc940c) C:\Windows\system32\DRIVERS\ssudbus.sys
12:56:51.0329 9704 dg_ssudbus - ok
12:56:51.0363 9704 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
12:56:51.0425 9704 disk - ok
12:56:51.0452 9704 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
12:56:51.0500 9704 drmkaud - ok
12:56:51.0551 9704 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
12:56:51.0640 9704 DXGKrnl - ok
12:56:51.0662 9704 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
12:56:51.0792 9704 E1G60 - ok
12:56:51.0800 9704 EagleNT - ok
12:56:51.0811 9704 EagleXNt - ok
12:56:51.0844 9704 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
12:56:51.0901 9704 Ecache - ok
12:56:51.0974 9704 eeCtrl (75e8b69f28c813675b16db357f20720f) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:56:52.0048 9704 eeCtrl - ok
12:56:52.0083 9704 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
12:56:52.0135 9704 elxstor - ok
12:56:52.0213 9704 EraserUtilRebootDrv (720b18d76de9e603b626dfcd6f1fca7c) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:56:52.0275 9704 EraserUtilRebootDrv - ok
12:56:52.0292 9704 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
12:56:52.0350 9704 ErrDev - ok
12:56:52.0396 9704 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
12:56:52.0479 9704 exfat - ok
12:56:52.0494 9704 facicvgu - ok
12:56:52.0528 9704 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
12:56:52.0598 9704 fastfat - ok
12:56:52.0617 9704 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
12:56:52.0694 9704 fdc - ok
12:56:52.0723 9704 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
12:56:52.0788 9704 FileInfo - ok
12:56:52.0804 9704 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
12:56:52.0889 9704 Filetrace - ok
12:56:52.0913 9704 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
12:56:52.0977 9704 flpydisk - ok
12:56:53.0015 9704 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
12:56:53.0077 9704 FltMgr - ok
12:56:53.0103 9704 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
12:56:53.0164 9704 Fs_Rec - ok
12:56:53.0189 9704 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
12:56:53.0260 9704 gagp30kx - ok
12:56:53.0294 9704 GEARAspiWDM (5ae3a887ece5bbb72cfab273c2fd1cfa) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:56:53.0350 9704 GEARAspiWDM - ok
12:56:53.0414 9704 HCW85BDA (654ec061f07254cd818b9ed0ac790de3) C:\Windows\system32\drivers\HCW85BDA.sys
12:56:53.0598 9704 HCW85BDA - ok
12:56:53.0642 9704 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:56:53.0794 9704 HDAudBus - ok
12:56:53.0816 9704 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
12:56:53.0966 9704 HidBth - ok
12:56:53.0992 9704 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
12:56:54.0131 9704 HidIr - ok
12:56:54.0159 9704 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
12:56:54.0242 9704 HidUsb - ok
12:56:54.0267 9704 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
12:56:54.0332 9704 HpCISSs - ok
12:56:54.0375 9704 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
12:56:54.0544 9704 HTTP - ok
12:56:54.0568 9704 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
12:56:54.0626 9704 i2omp - ok
12:56:54.0646 9704 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
12:56:54.0747 9704 i8042prt - ok
12:56:54.0775 9704 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
12:56:54.0844 9704 iaStorV - ok
12:56:55.0005 9704 IDSVix86 (9bc8840de4140e8e2a6fc3192e054a8c) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120120.002\IDSvix86.sys
12:56:55.0146 9704 IDSVix86 - ok
12:56:55.0177 9704 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
12:56:55.0246 9704 iirsp - ok
12:56:55.0371 9704 IntcAzAudAddService (345ac48d17f5c2f2aa1ee50d34c3978b) C:\Windows\system32\drivers\RTKVHDA.sys
12:56:55.0785 9704 IntcAzAudAddService - ok
12:56:55.0812 9704 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
12:56:55.0860 9704 intelide - ok
12:56:55.0882 9704 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
12:56:55.0993 9704 intelppm - ok
12:56:56.0022 9704 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:56:56.0140 9704 IpFilterDriver - ok
12:56:56.0154 9704 IpInIp - ok
12:56:56.0175 9704 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
12:56:56.0285 9704 IPMIDRV - ok
12:56:56.0309 9704 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
12:56:56.0375 9704 IPNAT - ok
12:56:56.0391 9704 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
12:56:56.0445 9704 IRENUM - ok
12:56:56.0467 9704 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
12:56:56.0519 9704 isapnp - ok
12:56:56.0555 9704 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
12:56:56.0612 9704 iScsiPrt - ok
12:56:56.0630 9704 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
12:56:56.0687 9704 iteatapi - ok
12:56:56.0705 9704 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
12:56:56.0754 9704 iteraid - ok
12:56:56.0774 9704 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
12:56:56.0834 9704 kbdclass - ok
12:56:56.0870 9704 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
12:56:56.0949 9704 kbdhid - ok
12:56:56.0989 9704 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
12:56:57.0091 9704 KSecDD - ok
12:56:57.0137 9704 Lbd (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\Windows\system32\DRIVERS\Lbd.sys
12:56:57.0283 9704 Lbd - ok
12:56:57.0325 9704 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
12:56:57.0393 9704 lirsgt - ok
12:56:57.0412 9704 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
12:56:57.0543 9704 lltdio - ok
12:56:57.0577 9704 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
12:56:57.0687 9704 LSI_FC - ok
12:56:57.0706 9704 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
12:56:57.0810 9704 LSI_SAS - ok
12:56:57.0830 9704 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
12:56:57.0925 9704 LSI_SCSI - ok
12:56:57.0945 9704 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
12:56:58.0065 9704 luafv - ok
12:56:58.0091 9704 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
12:56:58.0140 9704 MBAMProtector - ok
12:56:58.0164 9704 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
12:56:58.0228 9704 megasas - ok
12:56:58.0258 9704 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
12:56:58.0353 9704 MegaSR - ok
12:56:58.0382 9704 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
12:56:58.0498 9704 Modem - ok
12:56:58.0519 9704 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
12:56:58.0642 9704 monitor - ok
12:56:58.0665 9704 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
12:56:58.0731 9704 mouclass - ok
12:56:58.0749 9704 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
12:56:58.0845 9704 mouhid - ok
12:56:58.0855 9704 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
12:56:58.0929 9704 MountMgr - ok
12:56:58.0963 9704 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
12:56:59.0040 9704 MpFilter - ok
12:56:59.0060 9704 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
12:56:59.0176 9704 mpio - ok
12:56:59.0275 9704 MpKsl53540661 (a69630d039c38018689190234f866d77) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C9FCD414-BEC0-476C-BC3C-BC1D4A0AEC0B}\MpKsl53540661.sys
12:56:59.0341 9704 MpKsl53540661 - ok
12:56:59.0368 9704 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
12:56:59.0431 9704 MpNWMon - ok
12:56:59.0443 9704 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
12:56:59.0503 9704 mpsdrv - ok
12:56:59.0531 9704 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
12:56:59.0582 9704 Mraid35x - ok
12:56:59.0612 9704 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
12:56:59.0679 9704 MRxDAV - ok
12:56:59.0720 9704 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:56:59.0822 9704 mrxsmb - ok
12:56:59.0861 9704 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:56:59.0935 9704 mrxsmb10 - ok
12:56:59.0963 9704 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:57:00.0060 9704 mrxsmb20 - ok
12:57:00.0083 9704 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
12:57:00.0133 9704 msahci - ok
12:57:00.0153 9704 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
12:57:00.0194 9704 msdsm - ok
12:57:00.0225 9704 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
12:57:00.0301 9704 Msfs - ok
12:57:00.0322 9704 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
12:57:00.0359 9704 msisadrv - ok
12:57:00.0386 9704 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
12:57:00.0471 9704 MSKSSRV - ok
12:57:00.0502 9704 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
12:57:00.0548 9704 MSPCLOCK - ok
12:57:00.0567 9704 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
12:57:00.0612 9704 MSPQM - ok
12:57:00.0641 9704 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
12:57:00.0756 9704 MsRPC - ok
12:57:00.0773 9704 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
12:57:00.0818 9704 mssmbios - ok
12:57:00.0836 9704 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
12:57:00.0914 9704 MSTEE - ok
12:57:00.0924 9704 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
12:57:00.0979 9704 Mup - ok
12:57:01.0036 9704 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
12:57:01.0120 9704 NativeWifiP - ok
12:57:01.0214 9704 NAVENG (862f55824ac81295837b0ab63f91071f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120120.035\NAVENG.SYS
12:57:01.0323 9704 NAVENG - ok
12:57:01.0382 9704 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120120.035\NAVEX15.SYS
12:57:01.0550 9704 NAVEX15 - ok
12:57:01.0602 9704 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
12:57:01.0718 9704 NDIS - ok
12:57:01.0743 9704 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
12:57:01.0810 9704 NdisTapi - ok
12:57:01.0828 9704 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
12:57:01.0902 9704 Ndisuio - ok
12:57:01.0931 9704 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
12:57:01.0995 9704 NdisWan - ok
12:57:02.0015 9704 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
12:57:02.0090 9704 NDProxy - ok
12:57:02.0110 9704 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
12:57:02.0188 9704 NetBIOS - ok
12:57:02.0228 9704 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
12:57:02.0349 9704 netbt - ok
12:57:02.0426 9704 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
12:57:02.0487 9704 nfrd960 - ok
12:57:02.0515 9704 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:57:02.0589 9704 NisDrv - ok
12:57:02.0612 9704 nmwcd - ok
12:57:02.0641 9704 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
12:57:02.0720 9704 Npfs - ok
12:57:02.0748 9704 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
12:57:02.0851 9704 nsiproxy - ok
12:57:02.0906 9704 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
12:57:03.0464 9704 Ntfs - ok
12:57:03.0488 9704 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
12:57:03.0617 9704 ntrigdigi - ok
12:57:03.0637 9704 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
12:57:03.0724 9704 Null - ok
12:57:04.0032 9704 nvlddmkm (f452e6ad3eda2852f44be492e283c40f) C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:57:07.0900 9704 nvlddmkm - ok
12:57:07.0954 9704 nvport - ok
12:57:07.0984 9704 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
12:57:08.0060 9704 nvraid - ok
12:57:08.0079 9704 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
12:57:08.0125 9704 nvstor - ok
12:57:08.0162 9704 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
12:57:08.0211 9704 nv_agp - ok
12:57:08.0220 9704 NwlnkFlt - ok
12:57:08.0232 9704 NwlnkFwd - ok
12:57:08.0263 9704 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
12:57:08.0334 9704 ohci1394 - ok
12:57:08.0375 9704 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
12:57:08.0508 9704 Parport - ok
12:57:08.0537 9704 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
12:57:08.0602 9704 partmgr - ok
12:57:08.0619 9704 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
12:57:08.0696 9704 Parvdm - ok
12:57:08.0712 9704 pccsmcfd - ok
12:57:08.0751 9704 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
12:57:08.0795 9704 pci - ok
12:57:08.0807 9704 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
12:57:08.0843 9704 pciide - ok
12:57:08.0861 9704 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
12:57:08.0920 9704 pcmcia - ok
12:57:08.0952 9704 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
12:57:09.0100 9704 PEAUTH - ok
12:57:09.0153 9704 pfc (da86016f0672ada925f589ede715f185) C:\Windows\system32\drivers\pfc.sys
12:57:09.0190 9704 pfc ( UnsignedFile.Multi.Generic ) - warning
12:57:09.0190 9704 pfc - detected UnsignedFile.Multi.Generic (1)
12:57:09.0247 9704 Point32 (60a044879c4fa76314494f5fddc43b93) C:\Windows\system32\DRIVERS\point32.sys
12:57:09.0297 9704 Point32 - ok
12:57:09.0325 9704 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
12:57:09.0446 9704 PptpMiniport - ok
12:57:09.0467 9704 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
12:57:09.0552 9704 Processor - ok
12:57:09.0597 9704 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
12:57:09.0702 9704 PSched - ok
12:57:09.0740 9704 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
12:57:09.0837 9704 ql2300 - ok
12:57:09.0862 9704 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
12:57:09.0992 9704 ql40xx - ok
12:57:10.0018 9704 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
12:57:10.0111 9704 QWAVEdrv - ok
12:57:10.0123 9704 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
12:57:10.0200 9704 RasAcd - ok
12:57:10.0229 9704 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:57:10.0331 9704 Rasl2tp - ok
12:57:10.0351 9704 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
12:57:10.0425 9704 RasPppoe - ok
12:57:10.0451 9704 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
12:57:10.0550 9704 RasSstp - ok
12:57:10.0582 9704 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
12:57:10.0697 9704 rdbss - ok
12:57:10.0707 9704 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:57:10.0755 9704 RDPCDD - ok
12:57:10.0783 9704 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
12:57:10.0867 9704 rdpdr - ok
12:57:10.0898 9704 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
12:57:10.0944 9704 RDPENCDD - ok
12:57:10.0969 9704 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
12:57:11.0106 9704 RDPWD - ok
12:57:11.0148 9704 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
12:57:11.0244 9704 rspndr - ok
12:57:11.0289 9704 RSUSBSTOR (c5acb4d2ca623f678257b0844bd1ac8a) C:\Windows\system32\Drivers\RtsUStor.sys
12:57:11.0345 9704 RSUSBSTOR - ok
12:57:11.0389 9704 SANDRA - ok
12:57:11.0448 9704 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
12:57:11.0657 9704 SASDIFSV - ok
12:57:11.0690 9704 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
12:57:11.0792 9704 SASKUTIL - ok
12:57:11.0816 9704 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
12:57:11.0904 9704 sbp2port - ok
12:57:11.0948 9704 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
12:57:12.0059 9704 secdrv - ok
12:57:12.0110 9704 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
12:57:12.0224 9704 Serenum - ok
12:57:12.0249 9704 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
12:57:12.0348 9704 Serial - ok
12:57:12.0372 9704 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
12:57:12.0458 9704 sermouse - ok
12:57:12.0502 9704 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
12:57:12.0561 9704 sffdisk - ok
12:57:12.0587 9704 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
12:57:12.0655 9704 sffp_mmc - ok
12:57:12.0673 9704 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
12:57:12.0730 9704 sffp_sd - ok
12:57:12.0752 9704 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
12:57:12.0851 9704 sfloppy - ok
12:57:12.0899 9704 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
12:57:12.0962 9704 sisagp - ok
12:57:12.0996 9704 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
12:57:13.0047 9704 SiSRaid2 - ok
12:57:13.0069 9704 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
12:57:13.0138 9704 SiSRaid4 - ok
12:57:13.0191 9704 skfiltv (a48b5af8e18e4765acdec5bbb8343f84) C:\Windows\system32\drivers\skfiltv.sys
12:57:13.0253 9704 skfiltv - ok
12:57:13.0292 9704 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
12:57:13.0394 9704 Smb - ok
12:57:13.0433 9704 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
12:57:13.0479 9704 spldr - ok
12:57:13.0625 9704 SRTSP (83726cf02eced69138948083e06b6eac) C:\Windows\System32\Drivers\N360\0502000.00D\SRTSP.SYS
12:57:13.0756 9704 SRTSP - ok
12:57:13.0790 9704 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\Windows\system32\drivers\N360\0502000.00D\SRTSPX.SYS
12:57:13.0865 9704 SRTSPX - ok
12:57:13.0946 9704 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
12:57:14.0102 9704 srv - ok
12:57:14.0137 9704 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
12:57:14.0194 9704 srv2 - ok
12:57:14.0224 9704 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
12:57:14.0302 9704 srvnet - ok
12:57:14.0410 9704 ssudmdm (91970cc4a3a30a01c1573184a62f5143) C:\Windows\system32\DRIVERS\ssudmdm.sys
12:57:14.0565 9704 ssudmdm - ok
12:57:14.0659 9704 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
12:57:14.0713 9704 swenum - ok
12:57:14.0743 9704 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
12:57:14.0784 9704 Symc8xx - ok
12:57:14.0892 9704 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\Windows\system32\drivers\N360\0502000.00D\SYMDS.SYS
12:57:15.0098 9704 SymDS - ok
12:57:15.0137 9704 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\Windows\system32\drivers\N360\0502000.00D\SYMEFA.SYS
12:57:15.0219 9704 SymEFA - ok
12:57:15.0262 9704 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\Windows\system32\Drivers\SYMEVENT.SYS
12:57:15.0420 9704 SymEvent - ok
12:57:15.0455 9704 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\Windows\system32\drivers\N360\0502000.00D\Ironx86.SYS
12:57:15.0528 9704 SymIRON - ok
12:57:15.0569 9704 SYMTDIv (d42a7229e333af725f1445f785e4658d) C:\Windows\System32\Drivers\N360\0502000.00D\SYMTDIV.SYS
12:57:15.0651 9704 SYMTDIv - ok
12:57:15.0682 9704 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
12:57:15.0722 9704 Sym_hi - ok
12:57:15.0737 9704 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
12:57:15.0790 9704 Sym_u3 - ok
12:57:15.0862 9704 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
12:57:15.0980 9704 Tcpip - ok
12:57:16.0017 9704 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
12:57:16.0116 9704 Tcpip6 - ok
12:57:16.0161 9704 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
12:57:16.0241 9704 tcpipreg - ok
12:57:16.0259 9704 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
12:57:16.0340 9704 TDPIPE - ok
12:57:16.0359 9704 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
12:57:16.0428 9704 TDTCP - ok
12:57:16.0462 9704 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
12:57:16.0554 9704 tdx - ok
12:57:16.0589 9704 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
12:57:16.0650 9704 TermDD - ok
12:57:16.0696 9704 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:57:16.0791 9704 tssecsrv - ok
12:57:16.0815 9704 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
12:57:16.0885 9704 tunmp - ok
12:57:16.0921 9704 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
12:57:16.0992 9704 tunnel - ok
12:57:17.0017 9704 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
12:57:17.0107 9704 uagp35 - ok
12:57:17.0143 9704 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
12:57:17.0229 9704 udfs - ok
12:57:17.0265 9704 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
12:57:17.0357 9704 uliagpkx - ok
12:57:17.0379 9704 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
12:57:17.0539 9704 uliahci - ok
12:57:17.0562 9704 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
12:57:17.0597 9704 UlSata - ok
12:57:17.0616 9704 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
12:57:17.0659 9704 ulsata2 - ok
12:57:17.0679 9704 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
12:57:17.0748 9704 umbus - ok
12:57:17.0764 9704 upperdev - ok
12:57:17.0803 9704 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys
12:57:17.0870 9704 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
12:57:17.0871 9704 USBAAPL - detected UnsignedFile.Multi.Generic (1)
12:57:17.0902 9704 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
12:57:18.0031 9704 usbaudio - ok
12:57:18.0064 9704 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
12:57:18.0157 9704 usbccgp - ok
12:57:18.0179 9704 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
12:57:18.0308 9704 usbcir - ok
12:57:18.0320 9704 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
12:57:18.0397 9704 usbehci - ok
12:57:18.0420 9704 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
12:57:18.0508 9704 usbhub - ok
12:57:18.0534 9704 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
12:57:18.0601 9704 usbohci - ok
12:57:18.0629 9704 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
12:57:18.0724 9704 usbprint - ok
12:57:18.0743 9704 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:57:18.0858 9704 USBSTOR - ok
12:57:18.0880 9704 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
12:57:18.0970 9704 usbuhci - ok
12:57:19.0004 9704 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
12:57:19.0111 9704 vga - ok
12:57:19.0135 9704 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
12:57:19.0237 9704 VgaSave - ok
12:57:19.0265 9704 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
12:57:19.0356 9704 viaagp - ok
12:57:19.0375 9704 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
12:57:19.0480 9704 ViaC7 - ok
12:57:19.0504 9704 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
12:57:19.0546 9704 viaide - ok
12:57:19.0557 9704 vlcycgpk - ok
12:57:19.0571 9704 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
12:57:19.0643 9704 volmgr - ok
12:57:19.0675 9704 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
12:57:19.0727 9704 volmgrx - ok
12:57:19.0745 9704 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
12:57:19.0790 9704 volsnap - ok
12:57:19.0814 9704 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
12:57:19.0927 9704 vsmraid - ok
12:57:19.0965 9704 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
12:57:20.0095 9704 WacomPen - ok
12:57:20.0115 9704 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
12:57:20.0253 9704 Wanarp - ok
12:57:20.0260 9704 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
12:57:20.0385 9704 Wanarpv6 - ok
12:57:20.0416 9704 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
12:57:20.0463 9704 Wd - ok
12:57:20.0501 9704 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
12:57:20.0558 9704 Wdf01000 - ok
12:57:20.0651 9704 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
12:57:20.0714 9704 WmiAcpi - ok
12:57:20.0757 9704 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
12:57:20.0820 9704 WpdUsb - ok
12:57:20.0840 9704 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
12:57:20.0916 9704 ws2ifsl - ok
12:57:20.0956 9704 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:57:21.0099 9704 WUDFRd - ok
12:57:21.0142 9704 X10Hid (ab2d77bf7222b007717abb61b15f9ae2) C:\Windows\system32\Drivers\x10hid.sys
12:57:21.0193 9704 X10Hid - ok
12:57:21.0236 9704 XENfiltv (abc8bbea8f643e200508c3a2a8e475a9) C:\Windows\system32\drivers\XENfiltv.sys
12:57:21.0314 9704 XENfiltv - ok
12:57:21.0351 9704 xnacc (9eea6d029fef5f3016d089b1a603837d) C:\Windows\system32\DRIVERS\xnacc.sys
12:57:21.0492 9704 xnacc - ok
12:57:21.0525 9704 xusb21 (a640c90b007762939507c28a021be3b3) C:\Windows\system32\DRIVERS\xusb21.sys
12:57:21.0636 9704 xusb21 - ok
12:57:21.0676 9704 yukonwlh (e745b9d5fe1fda8a50913fdcc8ff9fdc) C:\Windows\system32\DRIVERS\yk60x86.sys
12:57:21.0735 9704 yukonwlh - ok
12:57:21.0762 9704 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
12:57:21.0835 9704 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:57:21.0835 9704 \Device\Harddisk0\DR0 - detected TDSS File System (1)
12:57:21.0859 9704 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
12:57:21.0920 9704 \Device\Harddisk1\DR1 - ok
12:57:21.0925 9704 Boot (0x1200) (2967fc66e4c112ef76700ae5b5283543) \Device\Harddisk0\DR0\Partition0
12:57:21.0926 9704 \Device\Harddisk0\DR0\Partition0 - ok
12:57:21.0950 9704 Boot (0x1200) (ad4c07341174e882f188c156da349070) \Device\Harddisk1\DR1\Partition0
12:57:21.0953 9704 \Device\Harddisk1\DR1\Partition0 - ok
12:57:21.0953 9704 ============================================================
12:57:21.0953 9704 Scan finished
12:57:21.0953 9704 ============================================================
12:57:21.0971 13776 Detected object count: 4
12:57:21.0971 13776 Actual detected object count: 4
13:05:37.0792 13776 DFU ( UnsignedFile.Multi.Generic ) - skipped by user
13:05:37.0792 13776 DFU ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:05:37.0794 13776 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
13:05:37.0794 13776 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:05:37.0800 13776 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
13:05:37.0800 13776 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:05:37.0805 13776 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:05:37.0805 13776 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
13:06:09.0843 9636 ============================================================
13:06:09.0843 9636 Scan started
13:06:09.0843 9636 Mode: Manual; SigCheck; TDLFS;
13:06:09.0843 9636 ============================================================
13:06:10.0289 9636 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
13:06:10.0393 9636 ACPI - ok
13:06:10.0453 9636 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
13:06:10.0517 9636 adp94xx - ok
13:06:10.0544 9636 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
13:06:10.0581 9636 adpahci - ok
13:06:10.0600 9636 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
13:06:10.0672 9636 adpu160m - ok
13:06:10.0688 9636 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
13:06:10.0770 9636 adpu320 - ok
13:06:10.0820 9636 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
13:06:10.0885 9636 AFD - ok
13:06:10.0907 9636 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
13:06:10.0983 9636 agp440 - ok
13:06:10.0999 9636 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
13:06:11.0053 9636 aic78xx - ok
13:06:11.0077 9636 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
13:06:11.0105 9636 aliide - ok
13:06:11.0134 9636 Alpham1 (acd2f2df292b6cc28f58095bba63a068) C:\Windows\system32\DRIVERS\Alpham1.sys
13:06:11.0193 9636 Alpham1 - ok
13:06:11.0214 9636 Alpham2 (f4fafb2e74b83a156408b1b02302799e) C:\Windows\system32\DRIVERS\Alpham2.sys
13:06:11.0261 9636 Alpham2 - ok
13:06:11.0278 9636 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
13:06:11.0341 9636 amdagp - ok
13:06:11.0379 9636 amdide (b39f8c63f6e0655b6cf99899be039250) C:\Windows\system32\DRIVERS\amdide.sys
13:06:11.0411 9636 amdide - ok
13:06:11.0434 9636 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
13:06:11.0501 9636 AmdK7 - ok
13:06:11.0514 9636 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
13:06:11.0581 9636 AmdK8 - ok
13:06:11.0615 9636 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\Windows\system32\DRIVERS\AmdLLD.sys
13:06:11.0664 9636 AmdLLD - ok
13:06:11.0693 9636 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
13:06:11.0763 9636 arc - ok
13:06:11.0782 9636 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
13:06:11.0847 9636 arcsas - ok
13:06:11.0883 9636 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
13:06:11.0959 9636 AsyncMac - ok
13:06:11.0988 9636 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
13:06:12.0030 9636 atapi - ok
13:06:12.0052 9636 AtiPcie (5a1465ad2e7c1bc39cda12a355329096) C:\Windows\system32\DRIVERS\AtiPcie.sys
13:06:12.0091 9636 AtiPcie - ok
13:06:12.0130 9636 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
13:06:12.0312 9636 atksgt - ok
13:06:12.0341 9636 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
13:06:12.0380 9636 Beep - ok
13:06:12.0491 9636 BHDrvx86 (e685ba3267c5a4ec4ce9e2b4a1481725) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20111223.001\BHDrvx86.sys
13:06:12.0868 9636 BHDrvx86 - ok
13:06:12.0887 9636 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
13:06:12.0987 9636 blbdrive - ok
13:06:13.0029 9636 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
13:06:13.0133 9636 bowser - ok
13:06:13.0153 9636 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
13:06:13.0215 9636 BrFiltLo - ok
13:06:13.0234 9636 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
13:06:13.0275 9636 BrFiltUp - ok
13:06:13.0301 9636 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
13:06:13.0442 9636 Brserid - ok
13:06:13.0464 9636 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
13:06:13.0566 9636 BrSerWdm - ok
13:06:13.0583 9636 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
13:06:13.0683 9636 BrUsbMdm - ok
13:06:13.0698 9636 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
13:06:13.0800 9636 BrUsbSer - ok
13:06:13.0817 9636 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
13:06:13.0914 9636 BTHMODEM - ok
13:06:13.0942 9636 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
13:06:14.0042 9636 cdfs - ok
13:06:14.0072 9636 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
13:06:14.0165 9636 cdrom - ok
13:06:14.0190 9636 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
13:06:14.0276 9636 circlass - ok
13:06:14.0298 9636 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
13:06:14.0360 9636 CLFS - ok
13:06:14.0394 9636 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
13:06:14.0428 9636 cmdide - ok
13:06:14.0444 9636 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
13:06:14.0478 9636 Compbatt - ok
13:06:14.0502 9636 cpuz135 - ok
13:06:14.0519 9636 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
13:06:14.0557 9636 crcdisk - ok
13:06:14.0582 9636 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
13:06:14.0671 9636 Crusoe - ok
13:06:14.0721 9636 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
13:06:14.0826 9636 DfsC - ok
13:06:14.0862 9636 DFU (b684540dfa0bc06a504f837ed39daf5a) C:\Windows\system32\drivers\MassDfu.sys
13:06:14.0893 9636 DFU ( UnsignedFile.Multi.Generic ) - warning
13:06:14.0893 9636 DFU - detected UnsignedFile.Multi.Generic (1)
13:06:14.0928 9636 dg_ssudbus (c9f9cafafbffaf7e380efc353ccc940c) C:\Windows\system32\DRIVERS\ssudbus.sys
13:06:15.0042 9636 dg_ssudbus - ok
13:06:15.0083 9636 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
13:06:15.0179 9636 disk - ok
13:06:15.0214 9636 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
13:06:15.0254 9636 drmkaud - ok
13:06:15.0304 9636 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
13:06:15.0400 9636 DXGKrnl - ok
13:06:15.0423 9636 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
13:06:15.0560 9636 E1G60 - ok
13:06:15.0569 9636 EagleNT - ok
13:06:15.0583 9636 EagleXNt - ok
13:06:15.0622 9636 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
13:06:15.0700 9636 Ecache - ok
13:06:15.0762 9636 eeCtrl (75e8b69f28c813675b16db357f20720f) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
13:06:15.0873 9636 eeCtrl - ok
13:06:15.0921 9636 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
13:06:15.0998 9636 elxstor - ok
13:06:16.0041 9636 EraserUtilRebootDrv (720b18d76de9e603b626dfcd6f1fca7c) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
13:06:16.0101 9636 EraserUtilRebootDrv - ok
13:06:16.0120 9636 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
13:06:16.0146 9636 ErrDev - ok
13:06:16.0191 9636 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
13:06:16.0262 9636 exfat - ok
13:06:16.0280 9636 facicvgu - ok
13:06:16.0322 9636 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
13:06:16.0381 9636 fastfat - ok
13:06:16.0404 9636 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
13:06:16.0473 9636 fdc - ok
13:06:16.0501 9636 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
13:06:16.0577 9636 FileInfo - ok
13:06:16.0591 9636 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
13:06:16.0680 9636 Filetrace - ok
13:06:16.0699 9636 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
13:06:16.0777 9636 flpydisk - ok
13:06:16.0818 9636 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
13:06:16.0900 9636 FltMgr - ok
13:06:16.0923 9636 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
13:06:16.0984 9636 Fs_Rec - ok
13:06:17.0009 9636 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
13:06:17.0084 9636 gagp30kx - ok
13:06:17.0123 9636 GEARAspiWDM (5ae3a887ece5bbb72cfab273c2fd1cfa) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:06:17.0189 9636 GEARAspiWDM - ok
13:06:17.0267 9636 HCW85BDA (654ec061f07254cd818b9ed0ac790de3) C:\Windows\system32\drivers\HCW85BDA.sys
13:06:17.0465 9636 HCW85BDA - ok
13:06:17.0514 9636 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:06:17.0663 9636 HDAudBus - ok
13:06:17.0686 9636 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
13:06:17.0767 9636 HidBth - ok
13:06:17.0787 9636 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
13:06:17.0881 9636 HidIr - ok
13:06:17.0903 9636 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
13:06:17.0958 9636 HidUsb - ok
13:06:17.0987 9636 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
13:06:18.0047 9636 HpCISSs - ok
13:06:18.0093 9636 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
13:06:18.0242 9636 HTTP - ok
13:06:18.0263 9636 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
13:06:18.0320 9636 i2omp - ok
13:06:18.0341 9636 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
13:06:18.0453 9636 i8042prt - ok
13:06:18.0478 9636 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
13:06:18.0559 9636 iaStorV - ok
13:06:18.0716 9636 IDSVix86 (9bc8840de4140e8e2a6fc3192e054a8c) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120120.002\IDSvix86.sys
13:06:18.0856 9636 IDSVix86 - ok
13:06:18.0879 9636 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
13:06:18.0932 9636 iirsp - ok
13:06:19.0039 9636 IntcAzAudAddService (345ac48d17f5c2f2aa1ee50d34c3978b) C:\Windows\system32\drivers\RTKVHDA.sys
13:06:19.0276 9636 IntcAzAudAddService - ok
13:06:19.0306 9636 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
13:06:19.0340 9636 intelide - ok
13:06:19.0359 9636 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
13:06:19.0432 9636 intelppm - ok
13:06:19.0459 9636 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:06:19.0542 9636 IpFilterDriver - ok
13:06:19.0556 9636 IpInIp - ok
13:06:19.0578 9636 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
13:06:19.0694 9636 IPMIDRV - ok
13:06:19.0712 9636 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
13:06:19.0803 9636 IPNAT - ok
13:06:19.0819 9636 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
13:06:19.0906 9636 IRENUM - ok
13:06:19.0928 9636 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
13:06:20.0010 9636 isapnp - ok
13:06:20.0042 9636 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
13:06:20.0111 9636 iScsiPrt - ok
13:06:20.0133 9636 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
13:06:20.0197 9636 iteatapi - ok
13:06:20.0216 9636 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
13:06:20.0280 9636 iteraid - ok
13:06:20.0302 9636 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
13:06:20.0367 9636 kbdclass - ok
13:06:20.0398 9636 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
13:06:20.0452 9636 kbdhid - ok
13:06:20.0482 9636 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
13:06:20.0549 9636 KSecDD - ok
13:06:20.0606 9636 Lbd (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\Windows\system32\DRIVERS\Lbd.sys
13:06:20.0708 9636 Lbd - ok
13:06:20.0752 9636 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
13:06:20.0800 9636 lirsgt - ok
13:06:20.0814 9636 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
13:06:20.0891 9636 lltdio - ok
13:06:20.0921 9636 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
13:06:20.0997 9636 LSI_FC - ok
13:06:21.0017 9636 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
13:06:21.0089 9636 LSI_SAS - ok
13:06:21.0107 9636 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
13:06:21.0186 9636 LSI_SCSI - ok
13:06:21.0206 9636 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
13:06:21.0313 9636 luafv - ok
13:06:21.0344 9636 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
13:06:21.0389 9636 MBAMProtector - ok
13:06:21.0417 9636 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
13:06:21.0463 9636 megasas - ok
13:06:21.0493 9636 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
13:06:21.0556 9636 MegaSR - ok
13:06:21.0585 9636 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
13:06:21.0657 9636 Modem - ok
13:06:21.0672 9636 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
13:06:21.0746 9636 monitor - ok
13:06:21.0759 9636 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
13:06:21.0801 9636 mouclass - ok
13:06:21.0818 9636 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
13:06:21.0873 9636 mouhid - ok
13:06:21.0884 9636 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
13:06:21.0960 9636 MountMgr - ok
13:06:21.0991 9636 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
13:06:22.0063 9636 MpFilter - ok
13:06:22.0088 9636 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
13:06:22.0174 9636 mpio - ok
13:06:22.0269 9636 MpKsl53540661 (a69630d039c38018689190234f866d77) C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C9FCD414-BEC0-476C-BC3C-BC1D4A0AEC0B}\MpKsl53540661.sys
13:06:22.0322 9636 MpKsl53540661 - ok
13:06:22.0355 9636 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
13:06:22.0416 9636 MpNWMon - ok
13:06:22.0429 9636 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
13:06:22.0477 9636 mpsdrv - ok
13:06:22.0500 9636 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
13:06:22.0546 9636 Mraid35x - ok
13:06:22.0582 9636 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
13:06:22.0653 9636 MRxDAV - ok
13:06:22.0698 9636 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:06:22.0785 9636 mrxsmb - ok
13:06:22.0823 9636 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:06:22.0904 9636 mrxsmb10 - ok
13:06:22.0924 9636 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:06:23.0045 9636 mrxsmb20 - ok
13:06:23.0061 9636 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
13:06:23.0095 9636 msahci - ok
13:06:23.0114 9636 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
13:06:23.0158 9636 msdsm - ok
13:06:23.0194 9636 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
13:06:23.0264 9636 Msfs - ok
13:06:23.0283 9636 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
13:06:23.0311 9636 msisadrv - ok
13:06:23.0339 9636 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
13:06:23.0388 9636 MSKSSRV - ok
13:06:23.0413 9636 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
13:06:23.0444 9636 MSPCLOCK - ok
13:06:23.0462 9636 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
13:06:23.0495 9636 MSPQM - ok
13:06:23.0527 9636 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
13:06:23.0653 9636 MsRPC - ok
13:06:23.0668 9636 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
13:06:23.0718 9636 mssmbios - ok
13:06:23.0739 9636 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
13:06:23.0770 9636 MSTEE - ok
13:06:23.0780 9636 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
13:06:23.0850 9636 Mup - ok
13:06:23.0897 9636 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
13:06:23.0955 9636 NativeWifiP - ok
13:06:24.0033 9636 NAVENG (862f55824ac81295837b0ab63f91071f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120120.035\NAVENG.SYS
13:06:24.0144 9636 NAVENG - ok
13:06:24.0202 9636 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120120.035\NAVEX15.SYS
13:06:24.0405 9636 NAVEX15 - ok
13:06:24.0463 9636 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
13:06:24.0568 9636 NDIS - ok
13:06:24.0597 9636 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
13:06:24.0676 9636 NdisTapi - ok
13:06:24.0698 9636 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
13:06:24.0767 9636 Ndisuio - ok
13:06:24.0784 9636 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:06:24.0837 9636 NdisWan - ok
13:06:24.0852 9636 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
13:06:24.0930 9636 NDProxy - ok
13:06:24.0946 9636 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
13:06:25.0015 9636 NetBIOS - ok
13:06:25.0048 9636 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
13:06:25.0136 9636 netbt - ok
13:06:25.0195 9636 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
13:06:25.0248 9636 nfrd960 - ok
13:06:25.0276 9636 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:06:25.0354 9636 NisDrv - ok
13:06:25.0381 9636 nmwcd - ok
13:06:25.0411 9636 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
13:06:25.0509 9636 Npfs - ok
13:06:25.0534 9636 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
13:06:25.0620 9636 nsiproxy - ok
13:06:25.0679 9636 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
13:06:26.0120 9636 Ntfs - ok
13:06:26.0149 9636 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
13:06:26.0280 9636 ntrigdigi - ok
13:06:26.0298 9636 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
13:06:26.0352 9636 Null - ok
13:06:26.0611 9636 nvlddmkm (f452e6ad3eda2852f44be492e283c40f) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:06:29.0891 9636 nvlddmkm - ok
13:06:29.0951 9636 nvport - ok
13:06:29.0996 9636 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
13:06:30.0084 9636 nvraid - ok
13:06:30.0099 9636 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
13:06:30.0142 9636 nvstor - ok
13:06:30.0165 9636 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
13:06:30.0210 9636 nv_agp - ok
13:06:30.0218 9636 NwlnkFlt - ok
13:06:30.0230 9636 NwlnkFwd - ok
13:06:30.0266 9636 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
13:06:30.0335 9636 ohci1394 - ok
13:06:30.0361 9636 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
13:06:30.0480 9636 Parport - ok
13:06:30.0515 9636 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
13:06:30.0577 9636 partmgr - ok
13:06:30.0597 9636 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
13:06:30.0684 9636 Parvdm - ok
13:06:30.0699 9636 pccsmcfd - ok
13:06:30.0738 9636 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
13:06:30.0782 9636 pci - ok
13:06:30.0794 9636 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
13:06:30.0823 9636 pciide - ok
13:06:30.0839 9636 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
13:06:30.0886 9636 pcmcia - ok
13:06:30.0921 9636 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
13:06:31.0035 9636 PEAUTH - ok
13:06:31.0064 9636 pfc (da86016f0672ada925f589ede715f185) C:\Windows\system32\drivers\pfc.sys
13:06:31.0097 9636 pfc ( UnsignedFile.Multi.Generic ) - warning
13:06:31.0097 9636 pfc - detected UnsignedFile.Multi.Generic (1)
13:06:31.0131 9636 Point32 (60a044879c4fa76314494f5fddc43b93) C:\Windows\system32\DRIVERS\point32.sys
13:06:31.0187 9636 Point32 - ok
13:06:31.0220 9636 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
13:06:31.0319 9636 PptpMiniport - ok
13:06:31.0336 9636 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
13:06:31.0406 9636 Processor - ok
13:06:31.0450 9636 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
13:06:31.0531 9636 PSched - ok
13:06:31.0568 9636 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
13:06:31.0646 9636 ql2300 - ok
13:06:31.0672 9636 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
13:06:31.0759 9636 ql40xx - ok
13:06:31.0773 9636 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
13:06:31.0836 9636 QWAVEdrv - ok
13:06:31.0847 9636 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
13:06:31.0900 9636 RasAcd - ok
13:06:31.0924 9636 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:06:32.0017 9636 Rasl2tp - ok
13:06:32.0045 9636 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
13:06:32.0104 9636 RasPppoe - ok
13:06:32.0129 9636 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
13:06:32.0196 9636 RasSstp - ok
13:06:32.0234 9636 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
13:06:32.0320 9636 rdbss - ok
13:06:32.0330 9636 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:06:32.0361 9636 RDPCDD - ok
13:06:32.0386 9636 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
13:06:32.0424 9636 rdpdr - ok
13:06:32.0433 9636 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
13:06:32.0465 9636 RDPENCDD - ok
13:06:32.0490 9636 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
13:06:32.0617 9636 RDPWD - ok
13:06:32.0651 9636 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
13:06:32.0743 9636 rspndr - ok
13:06:32.0783 9636 RSUSBSTOR (c5acb4d2ca623f678257b0844bd1ac8a) C:\Windows\system32\Drivers\RtsUStor.sys
13:06:32.0842 9636 RSUSBSTOR - ok
13:06:32.0884 9636 SANDRA - ok
13:06:32.0935 9636 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
13:06:33.0185 9636 SASDIFSV - ok
13:06:33.0218 9636 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
13:06:33.0315 9636 SASKUTIL - ok
13:06:33.0335 9636 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
13:06:33.0429 9636 sbp2port - ok
13:06:33.0467 9636 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:06:33.0586 9636 secdrv - ok
13:06:33.0614 9636 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
13:06:33.0735 9636 Serenum - ok
13:06:33.0752 9636 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
13:06:33.0810 9636 Serial - ok
13:06:33.0825 9636 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
13:06:33.0885 9636 sermouse - ok
13:06:33.0914 9636 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
13:06:33.0956 9636 sffdisk - ok
13:06:33.0974 9636 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
13:06:34.0027 9636 sffp_mmc - ok
13:06:34.0043 9636 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
13:06:34.0095 9636 sffp_sd - ok
13:06:34.0113 9636 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
13:06:34.0191 9636 sfloppy - ok
13:06:34.0218 9636 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
13:06:34.0277 9636 sisagp - ok
13:06:34.0299 9636 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
13:06:34.0346 9636 SiSRaid2 - ok
13:06:34.0372 9636 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
13:06:34.0442 9636 SiSRaid4 - ok
13:06:34.0468 9636 skfiltv (a48b5af8e18e4765acdec5bbb8343f84) C:\Windows\system32\drivers\skfiltv.sys
13:06:34.0525 9636 skfiltv - ok
13:06:34.0562 9636 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
13:06:34.0695 9636 Smb - ok
13:06:34.0727 9636 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
13:06:34.0780 9636 spldr - ok
13:06:34.0844 9636 SRTSP (83726cf02eced69138948083e06b6eac) C:\Windows\System32\Drivers\N360\0502000.00D\SRTSP.SYS
13:06:34.0944 9636 SRTSP - ok
13:06:34.0976 9636 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\Windows\system32\drivers\N360\0502000.00D\SRTSPX.SYS
13:06:35.0051 9636 SRTSPX - ok
13:06:35.0092 9636 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
13:06:35.0181 9636 srv - ok
13:06:35.0224 9636 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
13:06:35.0295 9636 srv2 - ok
13:06:35.0319 9636 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
13:06:35.0401 9636 srvnet - ok
13:06:35.0438 9636 ssudmdm (91970cc4a3a30a01c1573184a62f5143) C:\Windows\system32\DRIVERS\ssudmdm.sys
13:06:35.0531 9636 ssudmdm - ok
13:06:35.0571 9636 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
13:06:35.0607 9636 swenum - ok
13:06:35.0638 9636 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
13:06:35.0683 9636 Symc8xx - ok
13:06:35.0712 9636 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\Windows\system32\drivers\N360\0502000.00D\SYMDS.SYS
13:06:35.0806 9636 SymDS - ok
13:06:35.0845 9636 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\Windows\system32\drivers\N360\0502000.00D\SYMEFA.SYS
13:06:35.0934 9636 SymEFA - ok
13:06:35.0973 9636 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\Windows\system32\Drivers\SYMEVENT.SYS
13:06:36.0132 9636 SymEvent - ok
13:06:36.0149 9636 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\Windows\system32\drivers\N360\0502000.00D\Ironx86.SYS
13:06:36.0213 9636 SymIRON - ok
13:06:36.0249 9636 SYMTDIv (d42a7229e333af725f1445f785e4658d) C:\Windows\System32\Drivers\N360\0502000.00D\SYMTDIV.SYS
13:06:36.0330 9636 SYMTDIv - ok
13:06:36.0352 9636 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
13:06:36.0400 9636 Sym_hi - ok
13:06:36.0424 9636 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
13:06:36.0473 9636 Sym_u3 - ok
13:06:36.0548 9636 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
13:06:36.0654 9636 Tcpip - ok
13:06:36.0695 9636 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
13:06:36.0810 9636 Tcpip6 - ok
13:06:36.0847 9636 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
13:06:36.0928 9636 tcpipreg - ok
13:06:36.0946 9636 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
13:06:37.0003 9636 TDPIPE - ok
13:06:37.0020 9636 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
13:06:37.0091 9636 TDTCP - ok
13:06:37.0132 9636 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
13:06:37.0237 9636 tdx - ok
13:06:37.0267 9636 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
13:06:37.0333 9636 TermDD - ok
13:06:37.0374 9636 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:06:37.0441 9636 tssecsrv - ok
13:06:37.0460 9636 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
13:06:37.0500 9636 tunmp - ok
13:06:37.0533 9636 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
13:06:37.0582 9636 tunnel - ok
13:06:37.0604 9636 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
13:06:37.0673 9636 uagp35 - ok
13:06:37.0712 9636 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
13:06:37.0773 9636 udfs - ok
13:06:37.0810 9636 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
13:06:37.0883 9636 uliagpkx - ok
13:06:37.0907 9636 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
13:06:38.0042 9636 uliahci - ok
13:06:38.0065 9636 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
13:06:38.0116 9636 UlSata - ok
13:06:38.0136 9636 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
13:06:38.0188 9636 ulsata2 - ok
13:06:38.0215 9636 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
13:06:38.0284 9636 umbus - ok
13:06:38.0300 9636 upperdev - ok
13:06:38.0340 9636 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys
13:06:38.0401 9636 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
13:06:38.0402 9636 USBAAPL - detected UnsignedFile.Multi.Generic (1)
13:06:38.0438 9636 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
13:06:38.0551 9636 usbaudio - ok
13:06:38.0576 9636 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
13:06:38.0681 9636 usbccgp - ok
13:06:38.0699 9636 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
13:06:38.0834 9636 usbcir - ok
13:06:38.0846 9636 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
13:06:38.0928 9636 usbehci - ok
13:06:38.0947 9636 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
13:06:39.0005 9636 usbhub - ok
13:06:39.0029 9636 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
13:06:39.0076 9636 usbohci - ok
13:06:39.0099 9636 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
13:06:39.0154 9636 usbprint - ok
13:06:39.0172 9636 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:06:39.0250 9636 USBSTOR - ok
13:06:39.0275 9636 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
13:06:39.0346 9636 usbuhci - ok
13:06:39.0382 9636 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
13:06:39.0460 9636 vga - ok
13:06:39.0480 9636 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
13:06:39.0552 9636 VgaSave - ok
13:06:39.0577 9636 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
13:06:39.0643 9636 viaagp - ok
13:06:39.0661 9636 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
13:06:39.0742 9636 ViaC7 - ok
13:06:39.0766 9636 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
13:06:39.0807 9636 viaide - ok
13:06:39.0818 9636 vlcycgpk - ok
13:06:39.0834 9636 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
13:06:39.0909 9636 volmgr - ok
13:06:39.0954 9636 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
13:06:40.0021 9636 volmgrx - ok
13:06:40.0041 9636 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
13:06:40.0107 9636 volsnap - ok
13:06:40.0135 9636 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
13:06:40.0237 9636 vsmraid - ok
13:06:40.0276 9636 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
13:06:40.0399 9636 WacomPen - ok
13:06:40.0419 9636 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:06:40.0545 9636 Wanarp - ok
13:06:40.0551 9636 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:06:40.0675 9636 Wanarpv6 - ok
13:06:40.0703 9636 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
13:06:40.0755 9636 Wd - ok
13:06:40.0799 9636 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
13:06:40.0894 9636 Wdf01000 - ok
13:06:40.0995 9636 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
13:06:41.0047 9636 WmiAcpi - ok
13:06:41.0094 9636 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
13:06:41.0155 9636 WpdUsb - ok
13:06:41.0176 9636 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
13:06:41.0242 9636 ws2ifsl - ok
13:06:41.0276 9636 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:06:41.0404 9636 WUDFRd - ok
13:06:41.0429 9636 X10Hid (ab2d77bf7222b007717abb61b15f9ae2) C:\Windows\system32\Drivers\x10hid.sys
13:06:41.0464 9636 X10Hid - ok
13:06:41.0506 9636 XENfiltv (abc8bbea8f643e200508c3a2a8e475a9) C:\Windows\system32\drivers\XENfiltv.sys
13:06:41.0565 9636 XENfiltv - ok
13:06:41.0606 9636 xnacc (9eea6d029fef5f3016d089b1a603837d) C:\Windows\system32\DRIVERS\xnacc.sys
13:06:41.0745 9636 xnacc - ok
13:06:41.0786 9636 xusb21 (a640c90b007762939507c28a021be3b3) C:\Windows\system32\DRIVERS\xusb21.sys
13:06:41.0864 9636 xusb21 - ok
13:06:41.0904 9636 yukonwlh (e745b9d5fe1fda8a50913fdcc8ff9fdc) C:\Windows\system32\DRIVERS\yk60x86.sys
13:06:41.0947 9636 yukonwlh - ok
13:06:41.0974 9636 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
13:06:42.0046 9636 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:06:42.0047 9636 \Device\Harddisk0\DR0 - detected TDSS File System (1)
13:06:42.0070 9636 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
13:06:42.0140 9636 \Device\Harddisk1\DR1 - ok
13:06:42.0145 9636 Boot (0x1200) (2967fc66e4c112ef76700ae5b5283543) \Device\Harddisk0\DR0\Partition0
13:06:42.0147 9636 \Device\Harddisk0\DR0\Partition0 - ok
13:06:42.0178 9636 Boot (0x1200) (ad4c07341174e882f188c156da349070) \Device\Harddisk1\DR1\Partition0
13:06:42.0180 9636 \Device\Harddisk1\DR1\Partition0 - ok
13:06:42.0181 9636 ============================================================
13:06:42.0181 9636 Scan finished
13:06:42.0181 9636 ============================================================
13:06:42.0199 2692 Detected object count: 4
13:06:42.0199 2692 Actual detected object count: 4
13:19:46.0970 2692 DFU ( UnsignedFile.Multi.Generic ) - skipped by user
13:19:46.0971 2692 DFU ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:19:46.0974 2692 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
13:19:46.0974 2692 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:19:46.0979 2692 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
13:19:46.0979 2692 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:19:46.0982 2692 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:19:46.0982 2692 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
13:19:51.0869 14232 Deinitialize success

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:44 AM

Posted 24 February 2012 - 02:06 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

In order for me to see the status of the infection I will need a new set of logs to start with.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.

Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Ducon

Ducon
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:08:44 AM

Posted 24 February 2012 - 02:23 AM

I havent noticed any strange behaviour really. Also did some googling and it appears 2 of those "flagged" are something for Ipod or Android ( cant remember which) Logs as requested.

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Jussi at 13:23:42 on 2012-02-23
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.358.1035.18.3326.1167 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: Norton 360 Premier Edition *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 Premier Edition *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 Premier Edition *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton 360 Premier Edition\Norton 360\Engine\5.2.0.13\ccSvcHst.exe
C:\Windows\system32\IoctlSvc.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Program Files\Norton 360 Premier Edition\Norton 360\Engine\5.2.0.13\ccSvcHst.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WinZip System Utilities Suite\WINZIPSS.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\NVIDIA Corporation\Display\NvTray.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Steam\Steam.exe
C:\Program Files\Common Files\Steam\SteamService.exe
c:\program files\real\realplayer\update\realsched.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uStart Page = hxxp://www.l2dive.com/
uDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040b&s=1&o=vp32&d=0109&m=imedia_a6500_ncd
mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040b&s=1&o=vp32&d=0109&m=imedia_a6500_ncd
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360 premier edition\norton 360\engine\5.2.0.13\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360 premier edition\norton 360\engine\5.2.0.13\ips\IPSBHO.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360 premier edition\norton 360\engine\5.2.0.13\coIEPlg.dll
uRun: [Steam] "d:\steam\steam.exe" -silent
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [ASO3SPCDone] "c:\program files\winzip system utilities suite\WINZIPSS.exe" -startedafteroptimizationPartial
uRun: [OpenDNS Updater] "c:\program files\opendns updater\OpenDNSUpdater.exe" /autostart
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [VolPanel] "c:\program files\creative\usb headsets\volume panel\VolPanlu.exe" /r
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: HideFastUserSwitching = 0 (0x0)
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{57D29552-3B29-4A65-8D61-D4E458B114ED} : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{57D29552-3B29-4A65-8D61-D4E458B114ED} : DhcpNameServer = 192.168.1.1
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\jussi\appdata\roaming\mozilla\firefox\profiles\w7a81fei.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.newhorizonwow.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.1.0.32\coffplgn\components\coFFPlgn.dll
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.1.0.32\ipsffplgn\components\IPSFFPl.dll
FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\opera\program\plugins\np_gp.dll
FF - plugin: c:\program files\opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\opera\program\plugins\nprjplug.dll
FF - plugin: c:\program files\opera\program\plugins\nprpjplug.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\jussi\appdata\local\fancy\npfancygame.dll
FF - plugin: c:\users\jussi\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-6-5 64288]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0502000.00d\symds.sys [2012-1-31 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0502000.00d\symefa.sys [2012-1-31 744568]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\bashdefs\20111223.001\BHDrvx86.sys [2011-12-1 820344]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\ipsdefs\20120120.002\IDSvix86.sys [2012-1-21 368248]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648]
R1 MpKsl53540661;MpKsl53540661;c:\programdata\microsoft\microsoft antimalware\definition updates\{c9fcd414-bec0-476c-bc3c-bc1d4a0aec0b}\MpKsl53540661.sys [2012-2-23 29904]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-2-17 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67664]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0502000.00d\ironx86.sys [2012-1-31 136312]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\0502000.00d\symtdiv.sys [2012-1-31 331384]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-6-7 116608]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
R2 FontCache;Windowsin fonttien välimuistipalvelu;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-1-3 652360]
R2 N360;Norton 360;c:\program files\norton 360 premier edition\norton 360\engine\5.2.0.13\ccsvchst.exe [2012-1-31 130008]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-2-21 2348352]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-2-9 382272]
R2 WINZIPSSDiskOptimizer;WINZIPSSDiskOptimizer;c:\program files\winzip system utilities suite\WINZIPSSDefragSrv.exe [2011-8-1 605520]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-1-20 106104]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2011-12-6 1596672]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-1-3 20464]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 65024]
R3 NisSrv;Microsoftin verkkotarkastus;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2011-1-18 197224]
R3 skfiltv;skfiltv;c:\windows\system32\drivers\skfiltv.sys [2012-1-20 17408]
R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [2008-10-14 13976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2012-1-20 79360]
S3 DFU;DFU;c:\windows\system32\drivers\MassDfu.sys [2012-2-14 12288]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2011-8-8 77624]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2011-6-13 267568]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2011-8-8 181432]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys [2011-8-16 17920]
.
=============== Created Last 30 ================
.
2012-02-23 11:23:03 607260 ------r- c:\users\jussi\dds.scr
2012-02-23 11:20:43 50477 ----a-w- c:\users\jussi\Defogger.exe
2012-02-23 10:56:19 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c9fcd414-bec0-476c-bc3c-bc1d4a0aec0b}\MpKsl53540661.sys
2012-02-23 04:27:59 1760455392 ----a-w- c:\users\jussi\setup_demon_stone.exe
2012-02-23 03:01:50 6552120 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c9fcd414-bec0-476c-bc3c-bc1d4a0aec0b}\mpengine.dll
2012-02-22 06:11:13 -------- d-----w- C:\Fists
2012-02-21 19:13:44 61248 ----a-w- c:\windows\system32\OpenCL.dll
2012-02-21 19:13:43 19443520 ----a-w- c:\windows\system32\nvoglv32.dll
2012-02-21 19:13:43 10816832 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-02-21 19:13:42 5892928 ----a-w- c:\windows\system32\nvcuda.dll
2012-02-21 19:13:42 2517312 ----a-w- c:\windows\system32\nvcuvid.dll
2012-02-21 19:13:42 2437440 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-02-21 19:13:41 17543488 ----a-w- c:\windows\system32\nvcompiler.dll
2012-02-21 19:09:20 164939744 ----a-w- c:\users\jussi\295.73-desktop-win7-winvista-32bit-international-whql.exe
2012-02-21 08:45:49 -------- d-----w- c:\users\jussi\appdata\roaming\AVG
2012-02-21 03:18:45 -------- d-----w- c:\users\jussi\appdata\roaming\RealNetworks
2012-02-21 03:14:53 11776 ----a-w- c:\program files\mozilla firefox\plugins\nprjplug.dll
2012-02-21 03:13:59 150696 ----a-w- c:\program files\mozilla firefox\plugins\nppl3260.dll
2012-02-21 03:13:44 108544 ----a-w- c:\program files\mozilla firefox\plugins\nprpjplug.dll
2012-02-21 03:08:45 692480 ----a-w- c:\users\jussi\RealPlayer.exe
2012-02-21 02:44:12 -------- d-----w- c:\program files\SpywareBlaster
2012-02-21 02:33:19 3255248 ----a-w- c:\users\jussi\spywareblastersetup46.exe
2012-02-21 02:07:51 -------- d-----w- c:\users\jussi\appdata\roaming\SinisterDesign.TelepathRPGServantsOfGod.9734F53159B682152B7C442264602A0CEA7C53C9.1
2012-02-20 22:45:16 -------- d-----w- c:\users\jussi\appdata\roaming\RotMG.Production
2012-02-20 21:33:33 22578239 ----a-w- c:\users\jussi\mojam.exe
2012-02-19 17:13:50 496788312 ----a-w- c:\users\jussi\ME2_Hammerhead.exe
2012-02-19 17:13:23 522684080 ----a-w- c:\users\jussi\ME2_Zaeed.exe
2012-02-19 17:13:11 65107976 ----a-w- c:\users\jussi\ME2_NormandyCrash.exe
2012-02-19 17:01:54 44284992 ----a-w- c:\users\jussi\MassEffect2-1.02.exe
2012-02-19 15:35:10 -------- d-----w- c:\program files\Mass Effect 2
2012-02-17 17:54:41 -------- d--h--w- c:\programdata\Common Files
2012-02-17 17:52:13 -------- d-----w- c:\program files\AVG
2012-02-17 17:48:43 -------- d-----w- c:\programdata\MFAData
2012-02-17 17:44:20 3968384 ----a-w- c:\users\jussi\avg_free_stb_all_2012_1913_cnet.exe
2012-02-15 17:34:16 2060336 ----a-w- c:\users\jussi\TDSSKiller.exe
2012-02-15 13:17:39 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-15 13:17:11 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-02-15 13:17:10 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-02-14 20:01:15 -------- d-----w- c:\users\jussi\appdata\local\Futuremark
2012-02-14 17:20:17 2902498 ------w- c:\windows\system32\Sens_oal.dll
2012-02-14 17:05:50 12288 ----a-w- c:\windows\system32\drivers\MassDfu.sys
2012-02-14 17:04:03 1032192 ----a-w- c:\users\jussi\HS-1000_Vista_XP_32bit.exe
2012-02-14 17:02:57 30799040 ----a-w- c:\users\jussi\HSHP_PCDRV_LB_1_01_0004.exe
2012-02-13 19:56:11 -------- d-----w- C:\HackSlashLoot
2012-02-12 23:58:24 406718651 ----a-w- c:\users\jussi\CrusaderKingsII_Demo_Setup.exe
2012-02-11 22:25:41 -------- d-----w- c:\program files\OpenDNS Updater
2012-02-11 22:25:06 225336 ----a-w- c:\users\jussi\OpenDNS-Updater-2.2.1.exe
2012-02-11 10:31:41 -------- d-----w- c:\program files\MagicalTimeBean
2012-02-11 10:29:35 34666919 ----a-w- c:\users\jussi\Soulcaster_II_1.0.0_Setup.exe
2012-02-11 10:29:09 23768634 ----a-w- c:\users\jussi\Soulcaster_1.0.0_Setup.exe
2012-02-10 14:52:33 713784 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{4f1391f6-1690-4e22-9ccb-8275f2066d9f}\gapaengine.dll
2012-02-09 21:33:01 -------- d-----w- C:\KOYA_RIFT_1_03
2012-02-09 18:05:44 416064 ----a-w- c:\windows\system32\nvStreaming.exe
2012-02-09 02:31:42 5417632 ----a-w- c:\users\jussi\Last.fm-1.5.4.27091.exe
2012-02-08 22:55:26 -------- d-----w- c:\users\jussi\appdata\roaming\Scoregasm
2012-02-08 17:43:43 -------- d-----w- c:\users\jussi\.ultratron_2.40
2012-02-08 17:42:28 -------- d-----w- c:\program files\Ultratron
2012-02-06 22:01:29 112898640 ----a-w- c:\users\jussi\285.62-desktop-win7-winvista-32bit-english-whql.exe
2012-02-04 23:56:02 -------- d-----w- c:\users\jussi\appdata\local\BoH
2012-02-03 18:45:01 -------- d-----w- c:\users\jussi\.titan_attacks_2.00
2012-02-03 18:35:15 -------- d-----w- c:\program files\Titan Attacks
2012-02-03 16:02:16 -------- d-----w- c:\users\jussi\appdata\roaming\Quest3D
2012-02-02 10:16:52 -------- d-----w- c:\program files\Nooskewl
2012-01-31 03:28:38 -------- d-----w- c:\users\jussi\appdata\roaming\Nooskewl
2012-01-31 02:49:24 744568 ----a-r- c:\windows\system32\drivers\n360\0502000.00d\symefa.sys
2012-01-31 02:49:24 516216 ----a-r- c:\windows\system32\drivers\n360\0502000.00d\srtsp.sys
2012-01-31 02:49:24 50168 ----a-r- c:\windows\system32\drivers\n360\0502000.00d\srtspx.sys
2012-01-31 02:49:24 340088 ----a-r- c:\windows\system32\drivers\n360\0502000.00d\symds.sys
2012-01-31 02:49:24 331384 ----a-w- c:\windows\system32\drivers\n360\0502000.00d\symtdiv.sys
2012-01-31 02:49:24 299640 ----a-w- c:\windows\system32\drivers\n360\0502000.00d\symnets.sys
2012-01-31 02:49:24 136312 ----a-r- c:\windows\system32\drivers\n360\0502000.00d\ironx86.sys
2012-01-31 02:48:49 -------- d-----w- c:\windows\system32\drivers\n360\0502000.00D
2012-01-26 19:51:48 -------- d-----w- c:\users\jussi\appdata\roaming\HackSlashLoot
2012-01-25 17:16:27 -------- d-----w- c:\users\jussi\appdata\roaming\DarknessIIDemo
.
==================== Find3M ====================
.
2012-02-21 03:13:24 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-02-21 02:56:15 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-17 16:58:16 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-14 17:20:35 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2012-02-14 17:20:35 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2012-02-12 07:06:52 78554624 ----a-w- c:\users\jussi\Fractal Installer.msi
2012-02-10 04:13:00 881984 ----a-w- c:\windows\system32\nvgenco32.dll
2012-02-10 04:13:00 7713088 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-02-10 04:13:00 2301248 ----a-w- c:\windows\system32\nvapi.dll
2012-02-10 04:13:00 15009600 ----a-w- c:\windows\system32\nvd3dum.dll
2012-02-10 04:13:00 1000256 ----a-w- c:\windows\system32\nvdispco32.dll
2012-02-10 03:02:06 3881792 ----a-w- c:\windows\system32\nvcpl.dll
2012-02-10 03:00:44 2719040 ----a-w- c:\windows\system32\nvsvc.dll
2012-02-10 03:00:26 645440 ----a-w- c:\windows\system32\nvvsvc.exe
2012-02-10 03:00:26 62272 ----a-w- c:\windows\system32\nvshext.dll
2012-02-10 03:00:26 108352 ----a-w- c:\windows\system32\nvmctray.dll
2012-02-10 03:00:25 2561344 ----a-w- c:\windows\system32\nvsvcr.dll
2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-22 20:48:21 71644789 ----a-w- c:\users\jussi\defenders_quest.exe
2012-01-20 17:08:41 290825 ----a-w- c:\users\jussi\Download No Time to Explain.exe
2012-01-20 16:52:09 290825 ----a-w- c:\users\jussi\Download Icewind Dale 2.exe
2012-01-18 18:08:02 910624 ----a-w- c:\users\jussi\jre-6u30-windows-i586-iftw.exe
2012-01-18 14:25:41 2220 ----a-w- c:\windows\system32\ASOROSet.bin
2012-01-13 09:51:44 96973 ----a-w- c:\users\jussi\Unity_of_Command_v101_Matrix.exe
2012-01-11 15:34:22 104104064 ----a-w- c:\users\jussi\UnityOfCommand-SetupRelease-v100.exe
2012-01-06 02:33:00 54143191 ----a-w- c:\users\jussi\release_games_16410_SuperCrossfireInstaller.exe
2011-12-28 02:00:00 265421712 ----a-w- c:\users\jussi\BA-BlitzkriegFrance160.exe
2011-12-28 01:59:23 266601803 ----a-w- c:\users\jussi\BattleAcademy-Full-MultiLang-160.exe
2011-12-26 16:22:45 54314312 ----a-w- c:\users\jussi\winzip160.exe
2011-12-14 03:04:54 1798656 ----a-w- c:\windows\system32\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-12-10 13:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-30 22:09:28 1606656 ----a-w- c:\users\jussi\SteamInstall.msi
2011-11-30 22:03:27 1940992 ----a-w- c:\users\jussi\Steam Fix - Installer Errors.exe
2011-11-25 15:59:48 376320 ----a-w- c:\windows\system32\winsrv.dll
.
============= FINISH: 13:24:45,60 ===============



.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Jussi at 13:23:42 on 2012-02-23
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.358.1035.18.3326.1167 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: Norton 360 Premier Edition *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 Premier Edition *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 Premier Edition *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton 360 Premier Edition\Norton 360\Engine\5.2.0.13\ccSvcHst.exe
C:\Windows\system32\IoctlSvc.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Program Files\Norton 360 Premier Edition\Norton 360\Engine\5.2.0.13\ccSvcHst.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WinZip System Utilities Suite\WINZIPSS.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\NVIDIA Corporation\Display\NvTray.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Steam\Steam.exe
C:\Program Files\Common Files\Steam\SteamService.exe
c:\program files\real\realplayer\update\realsched.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uStart Page = hxxp://www.l2dive.com/
uDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040b&s=1&o=vp32&d=0109&m=imedia_a6500_ncd
mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040b&s=1&o=vp32&d=0109&m=imedia_a6500_ncd
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360 premier edition\norton 360\engine\5.2.0.13\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360 premier edition\norton 360\engine\5.2.0.13\ips\IPSBHO.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360 premier edition\norton 360\engine\5.2.0.13\coIEPlg.dll
uRun: [Steam] "d:\steam\steam.exe" -silent
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [ASO3SPCDone] "c:\program files\winzip system utilities suite\WINZIPSS.exe" -startedafteroptimizationPartial
uRun: [OpenDNS Updater] "c:\program files\opendns updater\OpenDNSUpdater.exe" /autostart
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [VolPanel] "c:\program files\creative\usb headsets\volume panel\VolPanlu.exe" /r
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: HideFastUserSwitching = 0 (0x0)
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{57D29552-3B29-4A65-8D61-D4E458B114ED} : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{57D29552-3B29-4A65-8D61-D4E458B114ED} : DhcpNameServer = 192.168.1.1
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\jussi\appdata\roaming\mozilla\firefox\profiles\w7a81fei.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.newhorizonwow.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.1.0.32\coffplgn\components\coFFPlgn.dll
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_4.1.0.32\ipsffplgn\components\IPSFFPl.dll
FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\opera\program\plugins\np_gp.dll
FF - plugin: c:\program files\opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\opera\program\plugins\nprjplug.dll
FF - plugin: c:\program files\opera\program\plugins\nprpjplug.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\jussi\appdata\local\fancy\npfancygame.dll
FF - plugin: c:\users\jussi\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-6-5 64288]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0502000.00d\symds.sys [2012-1-31 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0502000.00d\symefa.sys [2012-1-31 744568]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\bashdefs\20111223.001\BHDrvx86.sys [2011-12-1 820344]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.1.0.29\definitions\ipsdefs\20120120.002\IDSvix86.sys [2012-1-21 368248]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648]
R1 MpKsl53540661;MpKsl53540661;c:\programdata\microsoft\microsoft antimalware\definition updates\{c9fcd414-bec0-476c-bc3c-bc1d4a0aec0b}\MpKsl53540661.sys [2012-2-23 29904]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-2-17 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67664]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0502000.00d\ironx86.sys [2012-1-31 136312]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\n360\0502000.00d\symtdiv.sys [2012-1-31 331384]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-6-7 116608]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
R2 FontCache;Windowsin fonttien välimuistipalvelu;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-1-3 652360]
R2 N360;Norton 360;c:\program files\norton 360 premier edition\norton 360\engine\5.2.0.13\ccsvchst.exe [2012-1-31 130008]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-2-21 2348352]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-2-9 382272]
R2 WINZIPSSDiskOptimizer;WINZIPSSDiskOptimizer;c:\program files\winzip system utilities suite\WINZIPSSDefragSrv.exe [2011-8-1 605520]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-1-20 106104]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2011-12-6 1596672]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-1-3 20464]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 65024]
R3 NisSrv;Microsoftin verkkotarkastus;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2011-1-18 197224]
R3 skfiltv;skfiltv;c:\windows\system32\drivers\skfiltv.sys [2012-1-20 17408]
R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [2008-10-14 13976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2012-1-20 79360]
S3 DFU;DFU;c:\windows\system32\drivers\MassDfu.sys [2012-2-14 12288]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2011-8-8 77624]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2011-6-13 267568]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2011-8-8 181432]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys [2011-8-16 17920]
.
=============== Created Last 30 ================
.
2012-02-23 11:23:03 607260 ------r- c:\users\jussi\dds.scr
2012-02-23 11:20:43 50477 ----a-w- c:\users\jussi\Defogger.exe
2012-02-23 10:56:19 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c9fcd414-bec0-476c-bc3c-bc1d4a0aec0b}\MpKsl53540661.sys
2012-02-23 04:27:59 1760455392 ----a-w- c:\users\jussi\setup_demon_stone.exe
2012-02-23 03:01:50 6552120 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c9fcd414-bec0-476c-bc3c-bc1d4a0aec0b}\mpengine.dll
2012-02-22 06:11:13 -------- d-----w- C:\Fists
2012-02-21 19:13:44 61248 ----a-w- c:\windows\system32\OpenCL.dll
2012-02-21 19:13:43 19443520 ----a-w- c:\windows\system32\nvoglv32.dll
2012-02-21 19:13:43 10816832 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-02-21 19:13:42 5892928 ----a-w- c:\windows\system32\nvcuda.dll
2012-02-21 19:13:42 2517312 ----a-w- c:\windows\system32\nvcuvid.dll
2012-02-21 19:13:42 2437440 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-02-21 19:13:41 17543488 ----a-w- c:\windows\system32\nvcompiler.dll
2012-02-21 19:09:20 164939744 ----a-w- c:\users\jussi\295.73-desktop-win7-winvista-32bit-international-whql.exe
2012-02-21 08:45:49 -------- d-----w- c:\users\jussi\appdata\roaming\AVG
2012-02-21 03:18:45 -------- d-----w- c:\users\jussi\appdata\roaming\RealNetworks
2012-02-21 03:14:53 11776 ----a-w- c:\program files\mozilla firefox\plugins\nprjplug.dll
2012-02-21 03:13:59 150696 ----a-w- c:\program files\mozilla firefox\plugins\nppl3260.dll
2012-02-21 03:13:44 108544 ----a-w- c:\program files\mozilla firefox\plugins\nprpjplug.dll
2012-02-21 03:08:45 692480 ----a-w- c:\users\jussi\RealPlayer.exe
2012-02-21 02:44:12 -------- d-----w- c:\program files\SpywareBlaster
2012-02-21 02:33:19 3255248 ----a-w- c:\users\jussi\spywareblastersetup46.exe
2012-02-21 02:07:51 -------- d-----w- c:\users\jussi\appdata\roaming\SinisterDesign.TelepathRPGServantsOfGod.9734F53159B682152B7C442264602A0CEA7C53C9.1
2012-02-20 22:45:16 -------- d-----w- c:\users\jussi\appdata\roaming\RotMG.Production
2012-02-20 21:33:33 22578239 ----a-w- c:\users\jussi\mojam.exe
2012-02-19 17:13:50 496788312 ----a-w- c:\users\jussi\ME2_Hammerhead.exe
2012-02-19 17:13:23 522684080 ----a-w- c:\users\jussi\ME2_Zaeed.exe
2012-02-19 17:13:11 65107976 ----a-w- c:\users\jussi\ME2_NormandyCrash.exe
2012-02-19 17:01:54 44284992 ----a-w- c:\users\jussi\MassEffect2-1.02.exe
2012-02-19 15:35:10 -------- d-----w- c:\program files\Mass Effect 2
2012-02-17 17:54:41 -------- d--h--w- c:\programdata\Common Files
2012-02-17 17:52:13 -------- d-----w- c:\program files\AVG
2012-02-17 17:48:43 -------- d-----w- c:\programdata\MFAData
2012-02-17 17:44:20 3968384 ----a-w- c:\users\jussi\avg_free_stb_all_2012_1913_cnet.exe
2012-02-15 17:34:16 2060336 ----a-w- c:\users\jussi\TDSSKiller.exe
2012-02-15 13:17:39 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-15 13:17:11 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-02-15 13:17:10 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-02-14 20:01:15 -------- d-----w- c:\users\jussi\appdata\local\Futuremark
2012-02-14 17:20:17 2902498 ------w- c:\windows\system32\Sens_oal.dll
2012-02-14 17:05:50 12288 ----a-w- c:\windows\system32\drivers\MassDfu.sys
2012-02-14 17:04:03 1032192 ----a-w- c:\users\jussi\HS-1000_Vista_XP_32bit.exe
2012-02-14 17:02:57 30799040 ----a-w- c:\users\jussi\HSHP_PCDRV_LB_1_01_0004.exe
2012-02-13 19:56:11 -------- d-----w- C:\HackSlashLoot
2012-02-12 23:58:24 406718651 ----a-w- c:\users\jussi\CrusaderKingsII_Demo_Setup.exe
2012-02-11 22:25:41 -------- d-----w- c:\program files\OpenDNS Updater
2012-02-11 22:25:06 225336 ----a-w- c:\users\jussi\OpenDNS-Updater-2.2.1.exe
2012-02-11 10:31:41 -------- d-----w- c:\program files\MagicalTimeBean
2012-02-11 10:29:35 34666919 ----a-w- c:\users\jussi\Soulcaster_II_1.0.0_Setup.exe
2012-02-11 10:29:09 23768634 ----a-w- c:\users\jussi\Soulcaster_1.0.0_Setup.exe
2012-02-10 14:52:33 713784 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{4f1391f6-1690-4e22-9ccb-8275f2066d9f}\gapaengine.dll
2012-02-09 21:33:01 -------- d-----w- C:\KOYA_RIFT_1_03
2012-02-09 18:05:44 416064 ----a-w- c:\windows\system32\nvStreaming.exe
2012-02-09 02:31:42 5417632 ----a-w- c:\users\jussi\Last.fm-1.5.4.27091.exe
2012-02-08 22:55:26 -------- d-----w- c:\users\jussi\appdata\roaming\Scoregasm
2012-02-08 17:43:43 -------- d-----w- c:\users\jussi\.ultratron_2.40
2012-02-08 17:42:28 -------- d-----w- c:\program files\Ultratron
2012-02-06 22:01:29 112898640 ----a-w- c:\users\jussi\285.62-desktop-win7-winvista-32bit-english-whql.exe
2012-02-04 23:56:02 -------- d-----w- c:\users\jussi\appdata\local\BoH
2012-02-03 18:45:01 -------- d-----w- c:\users\jussi\.titan_attacks_2.00
2012-02-03 18:35:15 -------- d-----w- c:\program files\Titan Attacks
2012-02-03 16:02:16 -------- d-----w- c:\users\jussi\appdata\roaming\Quest3D
2012-02-02 10:16:52 -------- d-----w- c:\program files\Nooskewl
2012-01-31 03:28:38 -------- d-----w- c:\users\jussi\appdata\roaming\Nooskewl
2012-01-31 02:49:24 744568 ----a-r- c:\windows\system32\drivers\n360\0502000.00d\symefa.sys
2012-01-31 02:49:24 516216 ----a-r- c:\windows\system32\drivers\n360\0502000.00d\srtsp.sys
2012-01-31 02:49:24 50168 ----a-r- c:\windows\system32\drivers\n360\0502000.00d\srtspx.sys
2012-01-31 02:49:24 340088 ----a-r- c:\windows\system32\drivers\n360\0502000.00d\symds.sys
2012-01-31 02:49:24 331384 ----a-w- c:\windows\system32\drivers\n360\0502000.00d\symtdiv.sys
2012-01-31 02:49:24 299640 ----a-w- c:\windows\system32\drivers\n360\0502000.00d\symnets.sys
2012-01-31 02:49:24 136312 ----a-r- c:\windows\system32\drivers\n360\0502000.00d\ironx86.sys
2012-01-31 02:48:49 -------- d-----w- c:\windows\system32\drivers\n360\0502000.00D
2012-01-26 19:51:48 -------- d-----w- c:\users\jussi\appdata\roaming\HackSlashLoot
2012-01-25 17:16:27 -------- d-----w- c:\users\jussi\appdata\roaming\DarknessIIDemo
.
==================== Find3M ====================
.
2012-02-21 03:13:24 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-02-21 02:56:15 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-17 16:58:16 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-14 17:20:35 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2012-02-14 17:20:35 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2012-02-12 07:06:52 78554624 ----a-w- c:\users\jussi\Fractal Installer.msi
2012-02-10 04:13:00 881984 ----a-w- c:\windows\system32\nvgenco32.dll
2012-02-10 04:13:00 7713088 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-02-10 04:13:00 2301248 ----a-w- c:\windows\system32\nvapi.dll
2012-02-10 04:13:00 15009600 ----a-w- c:\windows\system32\nvd3dum.dll
2012-02-10 04:13:00 1000256 ----a-w- c:\windows\system32\nvdispco32.dll
2012-02-10 03:02:06 3881792 ----a-w- c:\windows\system32\nvcpl.dll
2012-02-10 03:00:44 2719040 ----a-w- c:\windows\system32\nvsvc.dll
2012-02-10 03:00:26 645440 ----a-w- c:\windows\system32\nvvsvc.exe
2012-02-10 03:00:26 62272 ----a-w- c:\windows\system32\nvshext.dll
2012-02-10 03:00:26 108352 ----a-w- c:\windows\system32\nvmctray.dll
2012-02-10 03:00:25 2561344 ----a-w- c:\windows\system32\nvsvcr.dll
2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-22 20:48:21 71644789 ----a-w- c:\users\jussi\defenders_quest.exe
2012-01-20 17:08:41 290825 ----a-w- c:\users\jussi\Download No Time to Explain.exe
2012-01-20 16:52:09 290825 ----a-w- c:\users\jussi\Download Icewind Dale 2.exe
2012-01-18 18:08:02 910624 ----a-w- c:\users\jussi\jre-6u30-windows-i586-iftw.exe
2012-01-18 14:25:41 2220 ----a-w- c:\windows\system32\ASOROSet.bin
2012-01-13 09:51:44 96973 ----a-w- c:\users\jussi\Unity_of_Command_v101_Matrix.exe
2012-01-11 15:34:22 104104064 ----a-w- c:\users\jussi\UnityOfCommand-SetupRelease-v100.exe
2012-01-06 02:33:00 54143191 ----a-w- c:\users\jussi\release_games_16410_SuperCrossfireInstaller.exe
2011-12-28 02:00:00 265421712 ----a-w- c:\users\jussi\BA-BlitzkriegFrance160.exe
2011-12-28 01:59:23 266601803 ----a-w- c:\users\jussi\BattleAcademy-Full-MultiLang-160.exe
2011-12-26 16:22:45 54314312 ----a-w- c:\users\jussi\winzip160.exe
2011-12-14 03:04:54 1798656 ----a-w- c:\windows\system32\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-12-10 13:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-30 22:09:28 1606656 ----a-w- c:\users\jussi\SteamInstall.msi
2011-11-30 22:03:27 1940992 ----a-w- c:\users\jussi\Steam Fix - Installer Errors.exe
2011-11-25 15:59:48 376320 ----a-w- c:\windows\system32\winsrv.dll
.
============= FINISH: 13:24:45,60 ===============

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:44 AM

Posted 24 February 2012 - 02:27 AM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 Ducon

Ducon
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:08:44 AM

Posted 24 February 2012 - 03:10 AM

ComboFix 12-02-23.02 - Jussi 24.02.2012 9:42.1.4 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.358.1035.18.3326.1153 [GMT 2:00]
Sijainti: c:\users\Jussi\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: Norton 360 Premier Edition *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 Premier Edition *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Norton 360 Premier Edition *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jussi\270.61-desktop-win7-winvista-32bit-international-whql.exe
c:\users\Jussi\280.26-desktop-win7-winvista-32bit-international-whql.exe
c:\users\Jussi\285.62-desktop-win7-winvista-32bit-english-whql.exe
c:\users\Jussi\285.62-desktop-win7-winvista-32bit-international-whql.exe
c:\users\Jussi\295.73-desktop-win7-winvista-32bit-international-whql.exe
c:\users\Jussi\3k5rlu8o.exe
c:\users\Jussi\AppData\Local\.#
c:\users\Jussi\avast_free_antivirus_setup.exe
c:\users\Jussi\avg_free_stb_all_2012_1913_cnet.exe
c:\users\Jussi\Aztaka-Developers Edition.exe
c:\users\Jussi\BA-BlitzkriegFrance160.exe
c:\users\Jussi\BattleAcademy-Full-MultiLang-160.exe
c:\users\Jussi\chromentum_2-v3.exe
c:\users\Jussi\CrusaderKingsII_Demo_Setup.exe
c:\users\Jussi\dds.scr
c:\users\Jussi\defenders_quest.exe
c:\users\Jussi\Defogger.exe
c:\users\Jussi\Download Icewind Dale 2.exe
c:\users\Jussi\Download No Time to Explain.exe
c:\users\Jussi\Hegemony Gold Installer.exe
c:\users\Jussi\HS-1000_Vista_XP_32bit.exe
c:\users\Jussi\HSHP_PCDRV_LB_1_01_0004.exe
c:\users\Jussi\jre-6u30-windows-i586-iftw.exe
c:\users\Jussi\Last.fm-1.5.4.27091.exe
c:\users\Jussi\MassEffect2-1.02.exe
c:\users\Jussi\ME2_Hammerhead.exe
c:\users\Jussi\ME2_NormandyCrash.exe
c:\users\Jussi\ME2_Zaeed.exe
c:\users\Jussi\mojam.exe
c:\users\Jussi\OpenDNS-Updater-2.2.1.exe
c:\users\Jussi\Proun_installer.exe
c:\users\Jussi\RealPlayer.exe
c:\users\Jussi\release_games_16410_SuperCrossfireInstaller.exe
c:\users\Jussi\setup_demon_stone.exe
c:\users\Jussi\Soulcaster_1.0.0_Setup.exe
c:\users\Jussi\Soulcaster_II_1.0.0_Setup.exe
c:\users\Jussi\spywareblastersetup46.exe
c:\users\Jussi\supersound.dll
c:\users\Jussi\TDSSKiller.exe
c:\users\Jussi\Unity_of_Command_v101_Matrix.exe
c:\users\Jussi\UnityOfCommand-SetupRelease-v100.exe
c:\users\Jussi\winzip155.exe
c:\users\Jussi\winzip160.exe
c:\users\Jussi\wzsysutil.exe
c:\windows\system32\SET1CB7.tmp
c:\windows\system32\SET4323.tmp
c:\windows\system32\SET45E5.tmp
c:\windows\system32\SET47CD.tmp
c:\windows\system32\SETF99D.tmp
D:\install.exe
.
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2012-01-24 to 2012-02-24 )))))))))))))))))
.
.
2012-02-24 04:50 . 2012-02-23 16:10 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-02-24 04:50 . 2012-02-23 16:12 337112 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-02-24 04:50 . 2012-02-23 16:10 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-02-24 04:50 . 2012-02-23 16:10 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-02-24 04:50 . 2012-02-23 16:12 610648 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-02-24 04:50 . 2012-02-23 16:10 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-02-24 04:49 . 2012-02-23 16:23 41184 ----a-w- c:\windows\avastSS.scr
2012-02-24 04:49 . 2012-02-23 16:23 201352 ----a-w- c:\windows\system32\aswBoot.exe
2012-02-24 04:49 . 2012-02-24 04:49 -------- d-----w- c:\programdata\AVAST Software
2012-02-24 04:49 . 2012-02-24 04:49 -------- d-----w- c:\program files\AVAST Software
2012-02-24 03:02 . 2012-02-08 06:03 6552120 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{028BCEF5-5C51-4A5C-8DE9-8E6581F35832}\mpengine.dll
2012-02-22 06:58 . 2012-02-24 02:06 -------- d-----w- C:\Wyv and Keep
2012-02-22 06:11 . 2012-02-22 06:25 -------- d-----w- C:\Fists
2012-02-21 19:20 . 2012-02-21 19:20 -------- d-----w- c:\users\UpdatusUser
2012-02-21 19:15 . 2012-02-21 19:20 -------- d-----w- c:\windows\LastGood
2012-02-21 19:13 . 2012-02-10 04:13 61248 ----a-w- c:\windows\system32\OpenCL.dll
2012-02-21 19:13 . 2012-02-10 04:13 19443520 ----a-w- c:\windows\system32\nvoglv32.dll
2012-02-21 19:13 . 2012-02-10 04:13 10816832 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-02-21 19:13 . 2012-02-10 04:13 5892928 ----a-w- c:\windows\system32\nvcuda.dll
2012-02-21 19:13 . 2012-02-10 04:13 2517312 ----a-w- c:\windows\system32\nvcuvid.dll
2012-02-21 19:13 . 2012-02-10 04:13 2437440 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-02-21 19:13 . 2012-02-10 04:13 17543488 ----a-w- c:\windows\system32\nvcompiler.dll
2012-02-21 08:45 . 2012-02-21 17:35 -------- d-----w- c:\users\Jussi\AppData\Roaming\AVG
2012-02-21 03:18 . 2012-02-21 03:18 -------- d-----w- c:\users\Jussi\AppData\Roaming\RealNetworks
2012-02-21 03:14 . 2012-02-21 03:14 11776 ----a-w- c:\program files\Mozilla Firefox\plugins\nprjplug.dll
2012-02-21 03:13 . 2012-02-21 03:13 150696 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2012-02-21 03:13 . 2012-02-21 03:13 108544 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2012-02-21 02:44 . 2012-02-21 02:44 -------- d-----w- c:\program files\SpywareBlaster
2012-02-21 02:07 . 2012-02-21 02:07 -------- d-----w- c:\users\Jussi\AppData\Roaming\SinisterDesign.TelepathRPGServantsOfGod.9734F53159B682152B7C442264602A0CEA7C53C9.1
2012-02-20 22:45 . 2012-02-20 22:45 -------- d-----w- c:\users\Jussi\AppData\Roaming\RotMG.Production
2012-02-19 15:35 . 2012-02-19 17:28 -------- d-----w- c:\program files\Mass Effect 2
2012-02-17 17:54 . 2012-02-17 17:54 -------- d--h--w- c:\programdata\Common Files
2012-02-17 17:52 . 2012-02-21 18:47 -------- d-----w- c:\program files\AVG
2012-02-17 17:48 . 2012-02-17 18:32 -------- d-----w- c:\programdata\MFAData
2012-02-15 13:17 . 2011-12-14 16:17 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-15 13:17 . 2012-01-12 19:52 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-02-15 13:17 . 2011-12-20 10:56 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-02-14 20:01 . 2012-02-14 20:01 -------- d-----w- c:\users\Jussi\AppData\Local\Futuremark
2012-02-14 17:20 . 2010-02-02 08:57 2902498 ------w- c:\windows\system32\Sens_oal.dll
2012-02-14 17:05 . 2012-02-14 17:05 12288 ----a-w- c:\windows\system32\drivers\MassDfu.sys
2012-02-13 19:56 . 2012-02-13 19:56 -------- d-----w- C:\HackSlashLoot
2012-02-11 22:25 . 2012-02-11 22:25 -------- d-----w- c:\program files\OpenDNS Updater
2012-02-11 10:31 . 2012-02-11 21:56 -------- d-----w- c:\program files\MagicalTimeBean
2012-02-10 14:52 . 2012-02-10 14:51 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4F1391F6-1690-4E22-9CCB-8275F2066D9F}\gapaengine.dll
2012-02-09 21:33 . 2012-02-09 21:33 -------- d-----w- C:\KOYA_RIFT_1_03
2012-02-09 18:05 . 2012-02-09 18:05 416064 ----a-w- c:\windows\system32\nvStreaming.exe
2012-02-08 22:55 . 2012-02-22 13:25 -------- d-----w- c:\users\Jussi\AppData\Roaming\Scoregasm
2012-02-08 17:43 . 2012-02-08 17:43 -------- d-----w- c:\users\Jussi\.ultratron_2.40
2012-02-08 17:42 . 2012-02-08 18:00 -------- d-----w- c:\program files\Ultratron
2012-02-04 23:56 . 2012-02-05 00:06 -------- d-----w- c:\users\Jussi\AppData\Local\BoH
2012-02-03 18:45 . 2012-02-04 12:54 -------- d-----w- c:\users\Jussi\.titan_attacks_2.00
2012-02-03 18:35 . 2012-02-04 12:54 -------- d-----w- c:\program files\Titan Attacks
2012-02-03 16:02 . 2012-02-03 16:02 -------- d-----w- c:\users\Jussi\AppData\Roaming\Quest3D
2012-02-02 10:16 . 2012-02-02 10:16 -------- d-----w- c:\program files\Nooskewl
2012-01-31 03:28 . 2012-01-31 03:28 -------- d-----w- c:\users\Jussi\AppData\Roaming\Nooskewl
2012-01-31 02:48 . 2012-02-12 20:28 -------- d-----w- c:\windows\system32\drivers\N360\0502000.00D
2012-01-26 19:51 . 2012-01-26 19:51 -------- d-----w- c:\users\Jussi\AppData\Roaming\HackSlashLoot
2012-01-25 22:00 . 2012-02-24 01:23 -------- d-----w- C:\Towns
2012-01-25 17:16 . 2012-01-25 18:07 -------- d-----w- c:\users\Jussi\AppData\Roaming\DarknessIIDemo
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-21 03:13 . 2003-03-18 21:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-02-21 02:56 . 2011-05-25 01:11 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-17 16:58 . 2010-06-20 06:43 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-14 17:20 . 2010-09-19 17:55 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2012-02-14 17:20 . 2010-09-19 17:55 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2012-02-12 07:06 . 2011-11-29 20:51 78554624 ----a-w- c:\users\Jussi\Fractal Installer.msi
2012-02-10 04:13 . 2011-08-09 21:34 7713088 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-02-10 04:13 . 2011-08-09 21:34 881984 ----a-w- c:\windows\system32\nvgenco32.dll
2012-02-10 04:13 . 2011-08-09 21:34 1000256 ----a-w- c:\windows\system32\nvdispco32.dll
2012-02-10 04:13 . 2011-02-23 05:27 15009600 ----a-w- c:\windows\system32\nvd3dum.dll
2012-02-10 04:13 . 2010-07-23 01:13 2301248 ----a-w- c:\windows\system32\nvapi.dll
2012-02-10 03:02 . 2010-07-09 13:20 3881792 ----a-w- c:\windows\system32\nvcpl.dll
2012-02-10 03:00 . 2010-07-09 13:20 2719040 ----a-w- c:\windows\system32\nvsvc.dll
2012-02-10 03:00 . 2010-07-09 13:20 108352 ----a-w- c:\windows\system32\nvmctray.dll
2012-02-10 03:00 . 2010-07-09 13:20 645440 ----a-w- c:\windows\system32\nvvsvc.exe
2012-02-10 03:00 . 2010-07-09 13:20 62272 ----a-w- c:\windows\system32\nvshext.dll
2012-02-10 03:00 . 2010-07-09 13:20 2561344 ----a-w- c:\windows\system32\nvsvcr.dll
2012-02-08 06:03 . 2011-03-30 17:43 6552120 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-01-31 12:44 . 2010-02-10 16:17 237072 ------w- c:\windows\system32\MpSigStub.exe
2011-12-10 13:24 . 2010-01-03 15:41 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-30 22:09 . 2011-11-30 21:27 1606656 ----a-w- c:\users\Jussi\SteamInstall.msi
2011-11-30 22:03 . 2011-11-30 22:03 1940992 ----a-w- c:\users\Jussi\Steam Fix - Installer Errors.exe
2012-02-17 21:44 . 2011-03-29 18:26 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2009-03-31 19:47 . 2009-02-22 15:54 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
.
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-02-22 21:33 123536 ------w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="d:\steam\steam.exe" [2012-02-23 1242448]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"ASO3SPCDone"="c:\program files\WinZip System Utilities Suite\WINZIPSS.exe" [2011-06-02 3592016]
"OpenDNS Updater"="c:\program files\OpenDNS Updater\OpenDNSUpdater.exe" [2010-06-16 839680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-10-17 11430504]
"VolPanel"="c:\program files\Creative\USB Headsets\Volume Panel\VolPanlu.exe" [2008-08-27 233588]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2012-02-21 296056]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-02-22 4033440]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"aswAhAScr.dll"="c:\program files\AVAST Software\Avast\aswRegSvr.exe" [2012-02-23 48352]
"aswasOutExt.dll"="c:\program files\AVAST Software\Avast\aswRegSvr.exe" [2012-02-23 48352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-09-23 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sasnative32
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt]
2008-07-22 11:53 77824 ----a-w- c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2010-07-21 13:52 1797008 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2012-01-13 12:53 981680 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 11:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 12:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-09-23 116608]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
.
.
--- Muut muistissa olevat ajurit/palvelut ---
.
*NewlyCreated* - 43257512
*NewlyCreated* - ASWFSBLK
*NewlyCreated* - ASWMONFLT
*NewlyCreated* - ASWRDR
*NewlyCreated* - ASWSNX
*NewlyCreated* - ASWSP
*NewlyCreated* - ASWTDI
*NewlyCreated* - PGDOYPOC
*Deregistered* - 43257512
*Deregistered* - pgdoypoc
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
'Ajoitetut tehtävät'-kansion sisältö
.
2012-02-24 c:\windows\Tasks\Laajennettu takuu-Jussi.job
- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2008-10-14 09:13]
.
.
------- Täydentävä tarkistus -------
.
uStart Page = hxxp://www.l2dive.com/
mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040b&s=1&o=vp32&d=0109&m=imedia_a6500_ncd
uInternet Settings,ProxyOverride = *.local
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{57D29552-3B29-4A65-8D61-D4E458B114ED}: NameServer = 208.67.222.222,208.67.220.220
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
FF - ProfilePath - c:\users\Jussi\AppData\Roaming\Mozilla\Firefox\Profiles\w7a81fei.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.newhorizonwow.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - prefs.js: network.proxy.type - 0
.
- - - - POISTETUT JÄMÄRIVIT - - - -
.
URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
HKU-Default-Run-msnmsgr - c:\program files\Windows Live\Messenger\msnmsgr.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
MSConfigStartUp-Google Update - c:\users\Jussi\AppData\Local\Google\Update\GoogleUpdate.exe
MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
MSConfigStartUp-RayV - c:\program files\RayV\RayV\RayV.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-24 10:01
Windows 6.0.6002 Service Pack 2 NTFS
.
tarkistaa piilotettuja prosesseja ...
.
tarkistaa piilotettuja käynnistysarvoja ...
.
tarkistaa piilotettuja tiedostoja ...
.
tarkistus on valmis
piilotetut tiedostot: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360 Premier Edition\Norton 360\Engine\5.2.0.13\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360 Premier Edition\Norton 360\Engine\5.2.0.13\diMaster.dll\" /prefetch:1"
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------
.
[HKEY_USERS\S-1-5-21-625289935-3182868809-2741512627-1000\Software\SecuROM\License information*]
"datasecu"=hex:00,53,26,34,a7,5b,03,e4,a3,59,1d,07,ce,f9,eb,91,4f,41,7b,c7,28,
96,14,a8,7f,f1,52,89,a5,21,5d,c9,11,dc,47,ee,be,d2,a7,fb,46,93,c3,42,3f,c7,\
"rkeysecu"=hex:3d,de,8f,71,d7,b5,59,68,3c,e8,d7,e3,24,61,1e,39
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Valmistumisajankohta: 2012-02-24 10:06:51
ComboFix-quarantined-files.txt 2012-02-24 08:06
.
Ennen ajoa: 117 500 973 056 tavua vapaana
Ajon jälkeen: 117 461 602 304 tavua vapaana
.
- - End Of File - - 693BE8500C8F93877F66E9BF0DAFE50D

#6 Ducon

Ducon
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:08:44 AM

Posted 24 February 2012 - 03:11 AM

Just adding Norton sub ran out so I used MS Essentials till now but now Im going to uninstall it and use Avast instead.

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:44 AM

Posted 24 February 2012 - 03:15 AM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 Ducon

Ducon
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:08:44 AM

Posted 24 February 2012 - 03:53 AM

I ran TDSS and it said nothing found however it seems I cant post the log as if I click Start or try to open My Computer it freezes and if I try to ctrl-alt-del it says something about not able to create "safety settings" or something among those lines (dont know how its in english). So its actually a lot worss now.

#9 Ducon

Ducon
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:08:44 AM

Posted 24 February 2012 - 04:25 AM

Disabled MS Security and managed to get aswmbr to scan now.

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:44 AM

Posted 24 February 2012 - 07:41 AM

let me have the aswmbr scan

restart the computer and see if it gets any better


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 Ducon

Ducon
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:08:44 AM

Posted 24 February 2012 - 07:49 AM

Started the scan when I posted and its still scanning. Seems to go very slowly. Also Ive booted several times as every time computer froze I had to hard reset it.

Edited by Ducon, 24 February 2012 - 07:50 AM.


#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:09:44 AM

Posted 24 February 2012 - 07:55 AM

Hello

I would like you to run this tool for me - fixTDSS

download it to your desktop and start the program

Follow the prompts and Ok any security prompts

when it is complete it will say the infection was cleared or no infection was found - let me know what it says

after it is complete I want you to restart the computer and try to rerun ASWMbr for me and send me the report

  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 Ducon

Ducon
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:08:44 AM

Posted 24 February 2012 - 07:58 AM

So should I exit this scan now?

#14 Ducon

Ducon
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:08:44 AM

Posted 24 February 2012 - 08:15 AM

Ran it and it said Backdoor.tidserv was not found in your system. Will try asw again.

Edited by Ducon, 24 February 2012 - 09:29 AM.


#15 Ducon

Ducon
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:08:44 AM

Posted 24 February 2012 - 09:28 AM

Running asw again and it went faster to seemingly same point as first time and then its kinda crawling again. Now its been scanning OpenAL64.dll file for a bit over half an hour already. Also it didnt ask me to download anything extra.

Edited by Ducon, 24 February 2012 - 09:31 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users