Author Topic: Virus and Spyware removal logs (Read 7585 times)

newbie71 · « **on:** December 04, 2011, 01:42:13 PM »

As per the instructions I have saved and am now posting the logs that you said I should. Thank you very much in advance for the help.
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/04/2011 at 02:05 PM

Application Version : 5.0.1136

Core Rules Database Version : 8012
Trace Rules Database Version: 5824

Scan type : Quick Scan
Total Scan Time : 00:07:50

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned : 738
Memory threats detected : 0
Registry items scanned : 39982
Registry threats detected : 0
File items scanned : 8564
File threats detected : 89

Adware.Tracking Cookie
   .adbrite.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .adbrite.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .pro-market.net [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\MGKRTP05.txt [ Cookie:[email protected]/ ]
   .atdmt.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .atdmt.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\PWUCR65V.txt [ Cookie:[email protected]/ ]
   .doubleclick.net [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\68JS0SQJ.txt [ Cookie:[email protected]/ ]
   .invitemedia.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\45UJW4GW.txt [ Cookie:[email protected]/ ]
   statse.webtrendslive.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\LT50S1MK.txt [ Cookie:[email protected]/ ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\UQSR3F6W.txt [ Cookie:[email protected]/ ]
   .doubleclick.net [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .megaclick.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\M6HITKYQ.txt [ Cookie:[email protected]/ ]
   .serving-sys.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .serving-sys.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\OC4FW7VG.txt [ Cookie:[email protected]/ ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\NN4ANGM6.txt [ Cookie:[email protected]/ ]
   .casalemedia.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\4CN9WIB8.txt [ Cookie:[email protected]/ ]
   .casalemedia.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .casalemedia.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZD5S6CHO.txt [ Cookie:[email protected]/hc/50553939 ]
   .adbrite.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .imrworldwide.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .imrworldwide.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .histats.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\4FO19M20.txt [ Cookie:[email protected]/ ]
   .histats.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\B53KACR5.txt [ Cookie:[email protected]/ ]
   .media6degrees.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\0HDB1ATP.txt [ Cookie:[email protected]/ ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\7797FEO0.txt [ Cookie:[email protected]/ ]
   .statcounter.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\7BH0FK8J.txt [ Cookie:[email protected]/ ]
   .ad.doubleclick.net [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .bs.serving-sys.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .serving-sys.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\YZYPK563.txt [ Cookie:[email protected]/ ]
   .serving-sys.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .adbrite.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\1ZUQGGNU.txt [ Cookie:[email protected]/hc/17490713 ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\GC8NXCQO.txt [ Cookie:[email protected]/ ]
   .media6degrees.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\IFILNV7F.txt [ Cookie:[email protected]/ ]
   .ru4.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\TPJHQ2NE.txt [ Cookie:[email protected]/ ]
   .ru4.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\39VDVTKQ.txt [ Cookie:[email protected]/ ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\NEN0JC70.txt [ Cookie:[email protected]/ ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\4B3HOAYY.txt [ Cookie:[email protected]/ ]
   .f.megaclick.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .f.megaclick.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .f.megaclick.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\OOZ2JWOR.txt [ Cookie:[email protected]/ ]
   .media6degrees.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .media6degrees.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .adbrite.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .adbrite.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .adbrite.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .adbrite.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .lucidmedia.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   .adbrite.com [ C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYQPTSS0.DEFAULT\COOKIES.SQLITE ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\KO7RL5N9.txt [ Cookie:[email protected]/ ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\TCY5WLWA.txt [ Cookie:[email protected]/ ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\2EK5QJWJ.txt [ Cookie:[email protected]/ ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\TCIRZ2IP.txt [ Cookie:[email protected]/cgi-bin ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\GMN2WV8Z.txt [ Cookie:[email protected]/ ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\8JZYWTWH.txt [ Cookie:[email protected]/ ]
   C:\USERS\SHARON\AppData\Roaming\Microsoft\Windows\Cookies\Low\3O939NJK.txt [ Cookie:[email protected]/ ]

Trace.Known Threat Sources
   C:\USERS\SHARON\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AUP9IX2S\favicon[4].ico [ cache:webfile ]
   C:\USERS\SHARON\Local Settings\Temporary Internet Files\Content.IE5\AUP9IX2S\favicon[4].ico [ cache:webfile ]

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8271

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

04/12/2011 3:02:41 PM
mbam-log-2011-12-04 (15-02-41).txt

Scan type: Quick scan
Objects scanned: 167805
Time elapsed: 7 minute(s), 30 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by sharon at 15:29:54 on 2011-12-04
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\bin32\nSvcAppFlt.exe
C:\Program Files\bin32\nSvcIp.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\vVX1000.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
D:\Desktop\dds.scr
C:\Windows\system32\conime.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\WerFault.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ca/
uSearch Page =
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=1009&s=1&o=vp32&d=0109&m=aspire_x1200
uSearch Bar =
mStart Page = hxxp://en.ca.acer.yahoo.com
mDefault_Page_URL = hxxp://en.ca.acer.yahoo.com
uURLSearchHooks: H - No File
uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\prxtbVuze.dll
uURLSearchHooks: H - No File
mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\prxtbVuze.dll
mURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:\program files\acer\empowering technology\edatasecurity\x86\ActiveToolBand.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\prxtbVuze.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\program files\acer\empowering technology\edatasecurity\x86\eDStoolbar.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\prxtbVuze.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {50FAFAF0-70A9-419D-A109-FA4B4FFD4E37} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [AdobeUpdater] "c:\program files\common files\adobe\updater5\AdobeUpdater.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Acer Empowering Technology Monitor] c:\program files\acer\empowering technology\SysMonitor.exe
mRun: [EmpoweringTechnology] c:\program files\acer\empowering technology\Framework.Launcher.exe boot
mRun: [eDataSecurity Loader] c:\program files\acer\empowering technology\edatasecurity\x86\eDSloader.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Acer Product Registration] "c:\program files\acer\acer registration\ACE1.exe" /startup
mRun: [Acer Assist Launcher] c:\program files\acer\acer assist\launcher.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [VX1000] c:\windows\vVX1000.exe
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [00PCTFW] "c:\program files\pc tools firewall plus\FirewallGUI.exe" -s
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVWSzItQUxZTUYtU0xLTFUt
QVoyVUItNkdPS0ItSkhGTkg"&"inst=NzctNjA2NjM4MjYxLVQxLVU4NSsxLUJBKzEtS1YzKzctVUNBTE
wrMS1VQ0FMTDIrMi1GTCs4LVFJWDErNC1YMjAxM CsyLUYxME0rNS1MSUMrNzctRkwxMCsxLVNQMS
sxLVNVRCsxLVMxSSsxLVNVMysxLUREVCs0NDczN S1ERDEwRisxLVNUMTBGQVBQKzEtRjEwTTEyRF
QrMS1UQk4rMS1VMTArMQ"&"prod=90"&"ver=10.0.1411
mRunOnce: [B Register c:\program files\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll] "c:\windows\system32\rundll32.exe" "c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll",DllRegisterServer
dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10v_ActiveX.exe -update activex
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Search
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {53F6FCCD-9E22-4d71-86EA-6E43136192AB}
IE: {925DAB62-F9AC-4221-806A-057BFB1014AA}
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
LSP: %SYSTEMROOT%\system32\nvLsp.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 206.126.95.252 192.168.1.1
TCP: Interfaces\{0E8D2240-728B-40DA-B5D8-141D156B18B8} : DhcpNameServer = 206.126.95.252 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: {4F07DA45-8170-4859-9B5F-037EF2970034} - No File
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\sharon\appdata\roaming\mozilla\firefox\profiles\cyqptss0.default\
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
.
============= SERVICES / DRIVERS ===============
.
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? pctNdis;PC Tools Firewall Intermediate Filter Service
R? vmwvusb;VMware View Generic USB Driver
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? !SASCORE;SAS Core Service
S? aswFsBlk;aswFsBlk
S? aswMonFlt;aswMonFlt
S? aswSnx;aswSnx
S? aswSP;aswSP
S? avast! Antivirus;avast! Antivirus
S? ETService;Empowering Technology Service
S? FontCache;Windows Font Cache Service
S? NVHDA;Service for NVIDIA High Definition Audio Driver
S? PCTAppEvent;PCTAppEvent Driver
S? PCTFW-PacketFilter;PCTools Firewall - Packet filter driver
S? pctgntdi;pctgntdi
S? pctNdisMP;PC Tools Driver
S? PCToolsFirewallPlus;PC Tools Firewall Plus
S? pctplfw;pctplfw
S? RapportCerberus_29574;RapportCerberus_29574
S? RapportEI;RapportEI
S? RapportKELL;RapportKELL
S? RapportPG;RapportPG
S? SASDIFSV;SASDIFSV
S? SASKUTIL;SASKUTIL
.
=============== Created Last 30 ================
.
2011-12-04 20:12:06   848   ----a-w-   c:\programdata\qembdaa.tmp
2011-12-04 20:08:07   476904   ----a-w-   c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-12-04 19:34:06   56200   ----a-w-   c:\programdata\microsoft\windows defender\definition updates\{706713c4-c07a-4c8a-8c6b-7510fdba70b0}\offreg.dll
2011-12-04 19:06:52   862   ----a-w-   c:\programdata\whribaa.tmp
2011-12-04 19:06:25   833   ----a-w-   c:\programdata\odjmaaa.tmp
2011-12-04 18:57:35   854   ----a-w-   c:\programdata\wbslbaa.tmp
2011-12-04 18:57:20   797   ----a-w-   c:\programdata\wlntaaa.tmp
2011-12-04 18:53:27   --------   d-----w-   c:\users\sharon\appdata\roaming\PCToolsFirewallPlus
2011-12-04 18:52:55   218592   ----a-w-   c:\windows\system32\drivers\PCTCore.sys
2011-12-04 18:52:55   160576   ----a-w-   c:\windows\system32\drivers\PCTAppEvent.sys
2011-12-04 18:52:51   251560   ----a-w-   c:\windows\system32\drivers\pctgntdi.sys
2011-12-04 18:52:51   105280   ----a-w-   c:\windows\system32\drivers\pctwfpfilter.sys
2011-12-04 18:51:27   89472   ----a-w-   c:\windows\system32\drivers\pctNdis-PacketFilter.sys
2011-12-04 18:51:27   32808   ----a-w-   c:\windows\system32\drivers\pctNdis-DNS.sys
2011-12-04 18:51:26   57536   ----a-w-   c:\windows\system32\drivers\pctNdis.sys
2011-12-04 18:51:26   --------   d-----w-   c:\program files\common files\PC Tools
2011-12-04 18:51:23   125248   ----a-w-   c:\windows\system32\drivers\pctplfw.sys
2011-12-04 18:51:20   --------   d-----w-   c:\program files\PC Tools Firewall Plus
2011-12-04 18:26:26   855   ----a-w-   c:\programdata\wzkjbaa.tmp
2011-12-04 18:25:26   906   ----a-w-   c:\programdata\kfnuaaa.tmp
2011-12-04 18:25:11   824   ----a-w-   c:\programdata\eibnaaa.tmp
2011-12-04 18:10:44   834   ----a-w-   c:\programdata\eowtaaa.tmp
2011-12-04 18:10:20   821   ----a-w-   c:\programdata\wnylaaa.tmp
2011-12-04 18:08:41   796   ----a-w-   c:\programdata\eavnaaa.tmp
2011-12-04 17:52:17   784   ----a-w-   c:\programdata\whzoaaa.tmp
2011-12-04 17:39:36   873   ----a-w-   c:\programdata\gxhraaa.tmp
2011-12-04 16:33:49   833   ----a-w-   c:\programdata\obytaaa.tmp
2011-12-04 12:03:45   888   ----a-w-   c:\programdata\icbuaaa.tmp
2011-12-04 10:37:08   890   ----a-w-   c:\programdata\khymaaa.tmp
2011-12-04 09:09:21   829   ----a-w-   c:\programdata\gbamaaa.tmp
2011-12-04 09:07:49   790   ----a-w-   c:\programdata\uynraaa.tmp
2011-12-04 09:06:11   814   ----a-w-   c:\programdata\mqfuaaa.tmp
2011-12-04 08:46:40   865   ----a-w-   c:\programdata\qicpaaa.tmp
2011-12-03 23:44:10   813   ----a-w-   c:\programdata\qgvmaaa.tmp
2011-12-03 23:43:45   846   ----a-w-   c:\programdata\iauraaa.tmp
2011-12-03 20:54:51   861   ----a-w-   c:\programdata\egquaaa.tmp
2011-12-03 20:54:13   885   ----a-w-   c:\programdata\uuzmaaa.tmp
2011-12-03 20:54:05   805   ----a-w-   c:\programdata\ktsqaaa.tmp
2011-12-03 19:37:19   860   ----a-w-   c:\programdata\ofqoaaa.tmp
2011-12-03 12:37:01   875   ----a-w-   c:\programdata\euvqaaa.tmp
2011-12-03 11:12:54   848   ----a-w-   c:\programdata\stuoaaa.tmp
2011-12-03 11:11:13   813   ----a-w-   c:\programdata\yoztaaa.tmp
2011-12-03 08:13:11   822   ----a-w-   c:\programdata\yglmgaa.tmp
2011-12-02 19:34:34   497664   ----a-w-   c:\windows\system32\ac3filter.acm
2011-12-02 19:34:33   --------   d-----w-   c:\program files\AC3Filter
2011-12-02 19:25:59   89048   ----a-w-   c:\program files\mozilla firefox\libEGL.dll
2011-12-02 19:25:59   478168   ----a-w-   c:\program files\mozilla firefox\libGLESv2.dll
2011-12-02 19:25:59   269272   ----a-w-   c:\program files\mozilla firefox\freebl3.dll
2011-12-02 19:25:58   924632   ----a-w-   c:\program files\mozilla firefox\firefox.exe
2011-12-02 19:25:58   1998168   ----a-w-   c:\program files\mozilla firefox\d3dx9_43.dll
2011-12-02 19:25:57   2106216   ----a-w-   c:\program files\mozilla firefox\D3DCompiler_43.dll
2011-12-02 19:25:57   19416   ----a-w-   c:\program files\mozilla firefox\AccessibleMarshal.dll
2011-12-02 19:25:57   125912   ----a-w-   c:\program files\mozilla firefox\crashreporter.exe
2011-12-02 18:39:19   867   ----a-w-   c:\programdata\ovcnaaa.tmp
2011-12-02 17:16:39   845   ----a-w-   c:\programdata\griuaaa.tmp
2011-12-02 07:40:41   843   ----a-w-   c:\programdata\muxoaaa.tmp
2011-12-02 06:35:03   6823496   ----a-w-   c:\programdata\microsoft\windows defender\definition updates\{706713c4-c07a-4c8a-8c6b-7510fdba70b0}\mpengine.dll
2011-12-02 03:57:45   --------   d-----w-   c:\users\sharon\appdata\roaming\ESET
2011-12-02 03:57:45   --------   d-----w-   c:\users\sharon\appdata\local\ESET
2011-12-02 03:42:11   811   ----a-w-   c:\programdata\yqkmaaa.tmp
2011-12-02 01:28:33   863   ----a-w-   c:\programdata\gzotaaa.tmp
2011-12-02 00:20:48   --------   d-----w-   c:\program files\ESET
2011-11-30 17:22:44   832   ----a-w-   c:\programdata\spcuaaa.tmp
2011-11-30 16:25:13   782   ----a-w-   c:\programdata\wrmqaaa.tmp
2011-11-30 09:48:26   801   ----a-w-   c:\programdata\yemsaaa.tmp
2011-11-30 09:25:17   0   ----a-w-   c:\programdata\kxcfbaa.tmp
2011-11-30 08:02:28   887   ----a-w-   c:\programdata\otvkaaa.tmp
2011-11-30 03:29:47   809   ----a-w-   c:\programdata\qszdcaa.tmp
2011-11-30 03:25:06   55128   ----a-w-   c:\windows\system32\drivers\aswMonFlt.sys
2011-11-30 03:25:06   435032   ----a-w-   c:\windows\system32\drivers\aswSnx.sys
2011-11-30 03:24:49   41184   ----a-w-   c:\windows\avastSS.scr
2011-11-30 03:12:46   832   ----a-w-   c:\programdata\ygjfeaa.tmp
2011-11-30 03:03:38   812   ----a-w-   c:\programdata\srnmaaa.tmp
2011-11-30 02:40:51   801   ----a-w-   c:\programdata\iglibaa.tmp
2011-11-30 02:31:04   806   ----a-w-   c:\programdata\myltaaa.tmp
2011-11-30 02:30:06   856   ----a-w-   c:\programdata\sbxxaaa.tmp
2011-11-30 01:46:02   818   ----a-w-   c:\programdata\ucgmaaa.tmp
2011-11-29 21:01:27   797   ----a-w-   c:\programdata\aastaaa.tmp
2011-11-29 20:53:05   791   ----a-w-   c:\programdata\wfkgbaa.tmp
2011-11-29 19:32:00   844   ----a-w-   c:\programdata\mweraaa.tmp
2011-11-29 19:26:04   897   ----a-w-   c:\programdata\igtoaaa.tmp
2011-11-29 19:15:56   --------   d-----w-   c:\users\sharon\appdata\roaming\Malwarebytes
2011-11-29 19:15:31   22216   ----a-w-   c:\windows\system32\drivers\mbam.sys
2011-11-29 19:15:31   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2011-11-29 00:26:57   824   ----a-w-   c:\programdata\iqgqaaa.tmp
2011-11-29 00:04:48   835   ----a-w-   c:\programdata\kpemaaa.tmp
2011-11-28 21:49:34   845   ----a-w-   c:\programdata\maxlaaa.tmp
2011-11-28 20:52:32   832   ----a-w-   c:\programdata\knttaaa.tmp
2011-11-28 20:09:39   --------   d-----w-   c:\users\sharon\appdata\roaming\SUPERAntiSpyware.com
2011-11-28 20:08:10   --------   d-----w-   c:\programdata\SUPERAntiSpyware.com
2011-11-28 20:08:10   --------   d-----w-   c:\program files\SUPERAntiSpyware
2011-11-28 19:44:29   --------   d-----w-   c:\program files\CCleaner
2011-11-28 19:36:33   859   ----a-w-   c:\programdata\iemmaaa.tmp
2011-11-28 19:35:39   823   ----a-w-   c:\programdata\ohxqaaa.tmp
2011-11-28 00:42:39   200976   ----a-w-   c:\windows\system32\drivers\tmcomm.sys
2011-11-28 00:25:29   844   ----a-w-   c:\programdata\uenoaaa.tmp
2011-11-28 00:02:02   857   ----a-w-   c:\programdata\agrqaaa.tmp
2011-11-26 23:40:20   --------   d-----w-   c:\programdata\ErrorEND
2011-11-26 23:10:12   833   ----a-w-   c:\programdata\olplaaa.tmp
2011-11-26 07:59:14   894   ----a-w-   c:\programdata\crjqaaa.tmp
2011-11-26 04:58:24   --------   d-----w-   c:\users\sharon\appdata\local\DDMSettings
2011-11-26 04:46:17   --------   d-----w-   c:\program files\Yontoo Layers Runtime
2011-11-26 04:46:04   --------   d-----w-   c:\programdata\Tarma Installer
2011-11-26 04:46:01   --------   d-----w-   c:\program files\Free Offers from Freeze.com
2011-11-26 03:41:22   817   ----a-w-   c:\programdata\qqioaaa.tmp
2011-11-25 01:39:31   890   ----a-w-   c:\programdata\melqaaa.tmp
2011-11-24 20:39:27   876   ----a-w-   c:\programdata\krloaaa.tmp
2011-11-24 01:05:08   0   ---ha-w-   c:\users\sharon\appdata\local\BITF881.tmp
2011-11-24 00:25:59   819   ----a-w-   c:\programdata\eqhmaaa.tmp
2011-11-24 00:08:20   810   ----a-w-   c:\programdata\yyqlaaa.tmp
2011-11-23 23:15:48   856   ----a-w-   c:\programdata\qyonaaa.tmp
2011-11-23 02:49:46   853   ----a-w-   c:\programdata\yuyqaaa.tmp
2011-11-23 02:28:18   837   ----a-w-   c:\programdata\onsxaaa.tmp
2011-11-23 02:28:16   825   ----a-w-   c:\programdata\uoaqaaa.tmp
2011-11-23 02:06:23   867   ----a-w-   c:\programdata\krdibaa.tmp
2011-11-23 00:54:26   --------   d-----w-   c:\programdata\AVAST Software
2011-11-23 00:54:26   --------   d-----w-   c:\program files\AVAST Software
2011-11-22 23:29:17   819   ----a-w-   c:\programdata\gnupaaa.tmp
2011-11-22 22:29:07   850   ----a-w-   c:\programdata\aygbbaa.tmp
2011-11-22 15:11:23   883   ----a-w-   c:\programdata\aqacbaa.tmp
2011-11-22 02:06:17   824   ----a-w-   c:\programdata\eskyaaa.tmp
2011-11-22 01:36:26   829   ----a-w-   c:\programdata\ohtabaa.tmp
2011-11-22 01:16:52   847   ----a-w-   c:\programdata\yauxaaa.tmp
2011-11-21 20:52:35   834   ----a-w-   c:\programdata\aoxpaaa.tmp
2011-11-21 20:35:38   --------   d-----w-   c:\program files\Nero
2011-11-21 20:35:07   868   ----a-w-   c:\programdata\crfabaa.tmp
2011-11-21 20:35:06   842   ----a-w-   c:\programdata\gljxaaa.tmp
2011-11-21 20:32:41   823   ----a-w-   c:\programdata\iymnfaa.tmp
2011-11-21 20:27:04   828   ----a-w-   c:\programdata\ysroaaa.tmp
2011-11-21 19:25:15   --------   d-----w-   c:\program files\Conduit
2011-11-21 19:25:09   --------   d-----w-   c:\program files\Vuze_Remote
2011-11-21 18:57:51   --------   d-----w-   c:\users\sharon\appdata\roaming\JAM Software
2011-11-21 18:57:42   --------   d-----w-   c:\program files\JAM Software
2011-11-16 03:02:50   --------   d-----w-   c:\users\sharon\appdata\local\VMware
2011-11-14 02:18:59   --------   d-----w-   c:\users\sharon\appdata\local\VirtualStore
2011-11-13 23:55:18   --------   d-----w-   c:\users\sharon\appdata\local\Temp
2011-11-12 21:27:45   --------   d--h--w-   c:\users\sharon\appdata\local\MicrosoftNT
2011-11-09 05:07:18   2409784   ----a-w-   c:\program files\windows mail\OESpamFilter.dat
2011-11-09 05:07:14   905088   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2011-11-09 05:07:09   707584   ----a-w-   c:\program files\common files\system\wab32.dll
.
==================== Find3M ====================
.
2011-12-04 20:31:11   890   ----a-w-   c:\programdata\wrekbaa.tmp
2011-12-04 20:31:02   822   ----a-w-   c:\programdata\wdhuaaa.tmp
2011-12-04 20:30:34   807   ----a-w-   c:\programdata\wfsmaaa.tmp
2011-12-01 22:50:25   46080   ----a-w-   c:\windows\system32\svchost.exe
2011-12-01 22:50:09   338944   ----a-w-   c:\windows\system32\winlogon.exe
2011-10-20 23:26:22   94208   ----a-w-   c:\windows\system32\dpl100.dll
2011-10-03 10:06:03   472808   ----a-w-   c:\windows\system32\deployJava1.dll
2011-09-06 13:30:12   2043392   ----a-w-   c:\windows\system32\win32k.sys
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.0.6002 Disk: WDC_WD32 rev.01.0 -> Harddisk0\DR0 ->
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x883464D0]<<
_asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x8834c7d0]; MOV EAX, [0x8834c84c]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }
1 ntkrnlpa!IofCallDriver[0x83E4D912] -> \Device\Harddisk0\DR0[0x87C703E0]
3 CLASSPNP[0x8B7AA8B3] -> ntkrnlpa!IofCallDriver[0x83E4D912] -> [0x871F95D8]
5 acpi[0x806086BC] -> ntkrnlpa!IofCallDriver[0x83E4D912] -> [0x871F1C90]
\Driver\nvstor32[0x8767B4E8] -> IRP_MJ_CREATE -> 0x883464D0
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV DI, 0x5; XOR AX, AX; MOV DL, 0x80; INT 0x13; JAE 0x2d; DEC DI; }
detected disk devices:
\Device\00000067 -> \??\SCSI#Disk&Ven_WDC_WD32&Prod_00AAJS-22L7A#4&184b1603&0&010100#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !
.
============= FINISH: 15:33:51.95 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
.
==== Disk Partitions =========================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer
7-Zip 4.57
AC3Filter 1.63b
Acer Assist
Acer eDataSecurity Management
Acer Empowering Technology
Acer Registration
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.0
Adobe Shockwave Player 11.5
ASUS Wireless Router RT-G32 Manuals
ASUS Wireless Router RT-G32 Utilities v1.0.12.0(EU)
avast! Free Antivirus
BufferChm
CCleaner
Copy
CustomerResearchQFolder
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DivX Setup
DJ_AIO_03_F4200_ProductContext
DJ_AIO_03_F4200_Software
DJ_AIO_03_F4200_Software_Min
eSupportQFolder
F4200
F4200_Help
Garmin Communicator Plugin
Garmin USB Drivers
Google Toolbar for Internet Explorer
GPBaseService
GPBaseService2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 10.0
HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3
HP Imaging Device Functions 10.0
HP Photosmart Essential 2.5
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
HPProductAssistant
ImagXpress
Java Auto Updater
Java(TM) 6 Update 29
Junk Mail filter update
LightScribe 1.4.142.1
Malwarebytes' Anti-Malware version 1.51.2.1300
MarketResearch
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Corporation
Microsoft LifeCam
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mozilla Firefox 8.0.1 (x86 en-US)
MSVCRT
MSVCSetup
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 7 Ultra Edition
neroxml
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
ParetoLogic PC Health Advisor
PC Tools Firewall Plus 7.0
PSSWCORE
Rapport
Realtek High Definition Audio Driver
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Simply Accounting 2005 Pro Student Version
SmartWebPrinting
SolutionCenter
Status
SUPERAntiSpyware
Toolbox
TrayApp
TreeSize Free V2.6
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
VC80CRTRedist - 8.0.50727.762
VideoToolkit01
Vuze
Vuze Remote Toolbar
WebReg
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
.

SuperDave · « **Reply #1 on:** December 04, 2011, 07:30:42 PM »

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
Download OTL to your desktop.

* Open OTL
* Copy and Paste the following text in the codebox into the Custom Scans/Fixes window.

Code: [Select]

:OTL

uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {50FAFAF0-70A9-419D-A109-FA4B4FFD4E37} - No File

:Files

c:\programdata\qembdaa.tmp
c:\programdata\whribaa.tmp
c:\programdata\odjmaaa.tmp
c:\programdata\wbslbaa.tmp
c:\programdata\wlntaaa.tmp
c:\programdata\kfnuaaa.tmp
c:\programdata\eibnaaa.tmp
c:\programdata\eowtaaa.tmp
c:\programdata\wnylaaa.tmp
c:\programdata\eavnaaa.tmp
c:\programdata\whzoaaa.tmp
c:\programdata\gxhraaa.tmp
c:\programdata\obytaaa.tmp
c:\programdata\icbuaaa.tmp
c:\programdata\khymaaa.tmp
c:\programdata\gbamaaa.tmp
c:\programdata\uynraaa.tmp
c:\programdata\mqfuaaa.tmp
c:\programdata\qicpaaa.tmp
c:\programdata\qgvmaaa.tmp
c:\programdata\iauraaa.tmp
c:\programdata\egquaaa.tmp
c:\programdata\uuzmaaa.tmp
c:\programdata\ktsqaaa.tmp
c:\programdata\ofqoaaa.tmp
c:\programdata\euvqaaa.tmp
c:\programdata\stuoaaa.tmp
c:\programdata\yoztaaa.tmp
c:\programdata\yglmgaa.tmp
c:\programdata\ovcnaaa.tmp
c:\programdata\griuaaa.tmp
c:\programdata\muxoaaa.tmp
c:\programdata\yqkmaaa.tmp
c:\programdata\gzotaaa.tmp
c:\programdata\spcuaaa.tmp
c:\programdata\wrmqaaa.tmp
c:\programdata\yemsaaa.tmp
c:\programdata\kxcfbaa.tmp
c:\programdata\otvkaaa.tmp
c:\programdata\qszdcaa.tmp
c:\programdata\ygjfeaa.tmp
c:\programdata\srnmaaa.tmp
c:\programdata\iglibaa.tmp
c:\programdata\myltaaa.tmp
c:\programdata\sbxxaaa.tmp
c:\programdata\ucgmaaa.tmp
c:\programdata\aastaaa.tmp
c:\programdata\wfkgbaa.tmp
c:\programdata\mweraaa.tmp
c:\programdata\igtoaaa.tmp
c:\programdata\iqgqaaa.tmp
c:\programdata\kpemaaa.tmp
c:\programdata\maxlaaa.tmp
c:\programdata\knttaaa.tmp
c:\programdata\iemmaaa.tmp
c:\programdata\ohxqaaa.tmp
c:\programdata\uenoaaa.tmp
c:\programdata\agrqaaa.tmp
c:\programdata\ErrorEND
c:\programdata\olplaaa.tmp
c:\programdata\crjqaaa.tmp
c:\programdata\qqioaaa.tmp
c:\programdata\melqaaa.tmp
c:\programdata\krloaaa.tmp
c:\users\sharon\appdata\local\BITF881.tmp
c:\programdata\eqhmaaa.tmp
c:\programdata\yyqlaaa.tmp
c:\programdata\qyonaaa.tmp
c:\programdata\yuyqaaa.tmp
c:\programdata\onsxaaa.tmp
c:\programdata\uoaqaaa.tmp
c:\programdata\krdibaa.tmp
c:\programdata\gnupaaa.tmp
c:\programdata\aygbbaa.tmp
c:\programdata\aqacbaa.tmp
c:\programdata\eskyaaa.tmp
c:\programdata\ohtabaa.tmp
c:\programdata\yauxaaa.tmp
c:\programdata\aoxpaaa.tmp
c:\programdata\crfabaa.tmp
c:\programdata\gljxaaa.tmp
c:\programdata\iymnfaa.tmp
c:\programdata\ysroaaa.tmp
c:\programdata\wrekbaa.tmp
c:\programdata\wdhuaaa.tmp
c:\programdata\wfsmaaa.tmp

:COMMANDS
[resethosts]
[purity]
[start explorer]

* Click Run Fix
* OTLI2 may ask to reboot the machine. Please do so if asked.
* Click OK
* A report will open. Copy and Paste that report in your next reply.
*************************************************************

Download TDSSKiller and save it to your Desktop.
Extract its contents to your desktop.
Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
Click the Report button and copy/paste the contents of it into your next reply

Note:It will also create a log in the C:\ directory..

newbie71 · « **Reply #2 on:** December 05, 2011, 12:06:09 PM »

Here are is the log from the otl
========== OTL ==========
========== FILES ==========
c:\programdata\qembdaa.tmp moved successfully.
c:\programdata\whribaa.tmp moved successfully.
c:\programdata\odjmaaa.tmp moved successfully.
c:\programdata\wbslbaa.tmp moved successfully.
c:\programdata\wlntaaa.tmp moved successfully.
c:\programdata\kfnuaaa.tmp moved successfully.
c:\programdata\eibnaaa.tmp moved successfully.
c:\programdata\eowtaaa.tmp moved successfully.
c:\programdata\wnylaaa.tmp moved successfully.
c:\programdata\eavnaaa.tmp moved successfully.
c:\programdata\whzoaaa.tmp moved successfully.
c:\programdata\gxhraaa.tmp moved successfully.
c:\programdata\obytaaa.tmp moved successfully.
c:\programdata\icbuaaa.tmp moved successfully.
c:\programdata\khymaaa.tmp moved successfully.
c:\programdata\gbamaaa.tmp moved successfully.
c:\programdata\uynraaa.tmp moved successfully.
c:\programdata\mqfuaaa.tmp moved successfully.
c:\programdata\qicpaaa.tmp moved successfully.
c:\programdata\qgvmaaa.tmp moved successfully.
c:\programdata\iauraaa.tmp moved successfully.
c:\programdata\egquaaa.tmp moved successfully.
c:\programdata\uuzmaaa.tmp moved successfully.
c:\programdata\ktsqaaa.tmp moved successfully.
c:\programdata\ofqoaaa.tmp moved successfully.
c:\programdata\euvqaaa.tmp moved successfully.
c:\programdata\stuoaaa.tmp moved successfully.
c:\programdata\yoztaaa.tmp moved successfully.
c:\programdata\yglmgaa.tmp moved successfully.
c:\programdata\ovcnaaa.tmp moved successfully.
c:\programdata\griuaaa.tmp moved successfully.
c:\programdata\muxoaaa.tmp moved successfully.
c:\programdata\yqkmaaa.tmp moved successfully.
c:\programdata\gzotaaa.tmp moved successfully.
c:\programdata\spcuaaa.tmp moved successfully.
c:\programdata\wrmqaaa.tmp moved successfully.
c:\programdata\yemsaaa.tmp moved successfully.
c:\programdata\kxcfbaa.tmp moved successfully.
c:\programdata\otvkaaa.tmp moved successfully.
c:\programdata\qszdcaa.tmp moved successfully.
c:\programdata\ygjfeaa.tmp moved successfully.
c:\programdata\srnmaaa.tmp moved successfully.
c:\programdata\iglibaa.tmp moved successfully.
c:\programdata\myltaaa.tmp moved successfully.
c:\programdata\sbxxaaa.tmp moved successfully.
c:\programdata\ucgmaaa.tmp moved successfully.
c:\programdata\aastaaa.tmp moved successfully.
c:\programdata\wfkgbaa.tmp moved successfully.
c:\programdata\mweraaa.tmp moved successfully.
c:\programdata\igtoaaa.tmp moved successfully.
c:\programdata\iqgqaaa.tmp moved successfully.
c:\programdata\kpemaaa.tmp moved successfully.
c:\programdata\maxlaaa.tmp moved successfully.
c:\programdata\knttaaa.tmp moved successfully.
c:\programdata\iemmaaa.tmp moved successfully.
c:\programdata\ohxqaaa.tmp moved successfully.
c:\programdata\uenoaaa.tmp moved successfully.
c:\programdata\agrqaaa.tmp moved successfully.
c:\programdata\ErrorEND\LOGS folder moved successfully.
c:\programdata\ErrorEND folder moved successfully.
c:\programdata\olplaaa.tmp moved successfully.
c:\programdata\crjqaaa.tmp moved successfully.
c:\programdata\qqioaaa.tmp moved successfully.
c:\programdata\melqaaa.tmp moved successfully.
c:\programdata\krloaaa.tmp moved successfully.
c:\users\sharon\appdata\local\BITF881.tmp moved successfully.
c:\programdata\eqhmaaa.tmp moved successfully.
c:\programdata\yyqlaaa.tmp moved successfully.
c:\programdata\qyonaaa.tmp moved successfully.
c:\programdata\yuyqaaa.tmp moved successfully.
c:\programdata\onsxaaa.tmp moved successfully.
c:\programdata\uoaqaaa.tmp moved successfully.
c:\programdata\krdibaa.tmp moved successfully.
c:\programdata\gnupaaa.tmp moved successfully.
c:\programdata\aygbbaa.tmp moved successfully.
c:\programdata\aqacbaa.tmp moved successfully.
c:\programdata\eskyaaa.tmp moved successfully.
c:\programdata\ohtabaa.tmp moved successfully.
c:\programdata\yauxaaa.tmp moved successfully.
c:\programdata\aoxpaaa.tmp moved successfully.
c:\programdata\crfabaa.tmp moved successfully.
c:\programdata\gljxaaa.tmp moved successfully.
c:\programdata\iymnfaa.tmp moved successfully.
c:\programdata\ysroaaa.tmp moved successfully.
c:\programdata\wrekbaa.tmp moved successfully.
c:\programdata\wdhuaaa.tmp moved successfully.
c:\programdata\wfsmaaa.tmp moved successfully.
========== COMMANDS ==========
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 12052011_140453

newbie71 · « **Reply #3 on:** December 05, 2011, 12:13:37 PM »

and here is the other log
4:08:53.0872 7220   TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
14:08:55.0622 7220   ============================================================
14:08:55.0622 7220   Current date / time: 2011/12/05 14:08:55.0622
14:08:55.0622 7220   SystemInfo:
14:08:55.0622 7220
14:08:55.0623 7220   OS Version: 6.0.6002 ServicePack: 2.0
14:08:55.0623 7220   Product type: Workstation
14:08:55.0623 7220   ComputerName: SHARON-PC
14:08:55.0624 7220   UserName: sharon
14:08:55.0624 7220   Windows directory: C:\Windows
14:08:55.0624 7220   System windows directory: C:\Windows
14:08:55.0625 7220   Processor architecture: Intel x86
14:08:55.0625 7220   Number of processors: 2
14:08:55.0625 7220   Page size: 0x1000
14:08:55.0625 7220   Boot type: Normal boot
14:08:55.0625 7220   ============================================================
14:08:56.0522 7220   Initialize success
14:09:15.0399 10428   ============================================================
14:09:15.0399 10428   Scan started
14:09:15.0399 10428   Mode: Manual;
14:09:15.0399 10428   ============================================================
14:09:17.0067 10428   ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
14:09:17.0085 10428   ACPI - ok
14:09:17.0359 10428   adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
14:09:17.0377 10428   adp94xx - ok
14:09:18.0371 10428   adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
14:09:18.0388 10428   adpahci - ok
14:09:20.0784 10428   adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
14:09:20.0818 10428   adpu160m - ok
14:09:23.0744 10428   adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
14:09:23.0750 10428   adpu320 - ok
14:09:24.0074 10428   AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
14:09:24.0091 10428   AFD - ok
14:09:24.0277 10428   agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
14:09:24.0282 10428   agp440 - ok
14:09:24.0452 10428   aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
14:09:24.0456 10428   aic78xx - ok
14:09:24.0652 10428   aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
14:09:24.0655 10428   aliide - ok
14:09:24.0865 10428   amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
14:09:24.0868 10428   amdagp - ok
14:09:25.0054 10428   amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
14:09:25.0058 10428   amdide - ok
14:09:25.0240 10428   AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
14:09:25.0243 10428   AmdK7 - ok
14:09:25.0412 10428   AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
14:09:25.0415 10428   AmdK8 - ok
14:09:25.0603 10428   arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
14:09:25.0609 10428   arc - ok
14:09:25.0790 10428   arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
14:09:25.0794 10428   arcsas - ok
14:09:25.0980 10428   aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\Windows\system32\drivers\aswFsBlk.sys
14:09:25.0983 10428   aswFsBlk - ok
14:09:26.0155 10428   aswMonFlt (258143605e77e4008f1758481d6a977d) C:\Windows\system32\drivers\aswMonFlt.sys
14:09:26.0158 10428   aswMonFlt - ok
14:09:26.0365 10428   aswRdr (352d5a48ebab35a7693b048679304831) C:\Windows\system32\drivers\aswRdr.sys
14:09:26.0368 10428   aswRdr - ok
14:09:26.0551 10428   aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\Windows\system32\drivers\aswSnx.sys
14:09:26.0570 10428   aswSnx - ok
14:09:26.0876 10428   aswSP (010012597333da1f46c3243f33f8409e) C:\Windows\system32\drivers\aswSP.sys
14:09:26.0892 10428   aswSP - ok
14:09:27.0128 10428   aswTdi (f9f84364416658e9786235904d448d37) C:\Windows\system32\drivers\aswTdi.sys
14:09:27.0132 10428   aswTdi - ok
14:09:27.0323 10428   AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
14:09:27.0326 10428   AsyncMac - ok
14:09:27.0531 10428   atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
14:09:27.0534 10428   atapi - ok
14:09:27.0757 10428   Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
14:09:27.0760 10428   Beep - ok
14:09:28.0028 10428   blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
14:09:28.0032 10428   blbdrive - ok
14:09:28.0248 10428   bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
14:09:28.0252 10428   bowser - ok
14:09:28.0553 10428   BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
14:09:28.0555 10428   BrFiltLo - ok
14:09:28.0750 10428   BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
14:09:28.0752 10428   BrFiltUp - ok
14:09:28.0975 10428   Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
14:09:28.0979 10428   Brserid - ok
14:09:29.0171 10428   BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
14:09:29.0175 10428   BrSerWdm - ok
14:09:29.0351 10428   BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
14:09:29.0354 10428   BrUsbMdm - ok
14:09:29.0614 10428   BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
14:09:29.0616 10428   BrUsbSer - ok
14:09:29.0892 10428   BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
14:09:29.0896 10428   BTHMODEM - ok
14:09:30.0110 10428   catchme - ok
14:09:30.0379 10428   cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
14:09:30.0383 10428   cdfs - ok
14:09:30.0602 10428   cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
14:09:30.0605 10428   cdrom - ok
14:09:30.0812 10428   circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
14:09:30.0815 10428   circlass - ok
14:09:31.0037 10428   CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
14:09:31.0047 10428   CLFS - ok
14:09:31.0266 10428   cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
14:09:31.0270 10428   cmdide - ok
14:09:31.0477 10428   Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
14:09:31.0481 10428   Compbatt - ok
14:09:31.0705 10428   crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
14:09:31.0709 10428   crcdisk - ok
14:09:31.0917 10428   Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
14:09:31.0920 10428   Crusoe - ok
14:09:32.0202 10428   DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
14:09:32.0212 10428   DfsC - ok
14:09:32.0432 10428   disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
14:09:32.0436 10428   disk - ok
14:09:32.0719 10428   Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
14:09:32.0724 10428   Dot4 - ok
14:09:33.0037 10428   Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:09:33.0039 10428   Dot4Print - ok
14:09:33.0360 10428   dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
14:09:33.0363 10428   dot4usb - ok
14:09:33.0593 10428   drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
14:09:33.0596 10428   drmkaud - ok
14:09:33.0831 10428   DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
14:09:33.0842 10428   DXGKrnl - ok
14:09:34.0030 10428   E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
14:09:34.0035 10428   E1G60 - ok
14:09:34.0241 10428   Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
14:09:34.0248 10428   Ecache - ok
14:09:34.0607 10428   elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
14:09:34.0625 10428   elxstor - ok
14:09:34.0903 10428   ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
14:09:34.0905 10428   ErrDev - ok
14:09:35.0192 10428   exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
14:09:35.0198 10428   exfat - ok
14:09:35.0424 10428   fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
14:09:35.0430 10428   fastfat - ok
14:09:35.0614 10428   fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
14:09:35.0620 10428   fdc - ok
14:09:35.0852 10428   FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
14:09:35.0856 10428   FileInfo - ok
14:09:36.0135 10428   Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
14:09:36.0138 10428   Filetrace - ok
14:09:36.0314 10428   flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
14:09:36.0317 10428   flpydisk - ok
14:09:36.0528 10428   FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
14:09:36.0535 10428   FltMgr - ok
14:09:36.0748 10428   Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
14:09:36.0750 10428   Fs_Rec - ok
14:09:36.0985 10428   gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
14:09:36.0988 10428   gagp30kx - ok
14:09:37.0199 10428   HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
14:09:37.0221 10428   HdAudAddService - ok
14:09:37.0488 10428   HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:09:37.0500 10428   HDAudBus - ok
14:09:37.0800 10428   HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
14:09:37.0819 10428   HidBth - ok
14:09:38.0311 10428   HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
14:09:38.0314 10428   HidIr - ok
14:09:38.0551 10428   HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
14:09:38.0553 10428   HidUsb - ok
14:09:38.0800 10428   HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
14:09:38.0804 10428   HpCISSs - ok
14:09:39.0025 10428   HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
14:09:39.0043 10428   HTTP - ok
14:09:39.0216 10428   i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
14:09:39.0220 10428   i2omp - ok
14:09:39.0396 10428   i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
14:09:39.0399 10428   i8042prt - ok
14:09:39.0623 10428   iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
14:09:39.0639 10428   iaStorV - ok
14:09:39.0909 10428   iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
14:09:39.0913 10428   iirsp - ok
14:09:40.0100 10428   int15 (58ff11c95c3681c9250914521cb9f036) C:\Windows\system32\drivers\int15.sys
14:09:40.0103 10428   int15 - ok
14:09:40.0347 10428   IntcAzAudAddService (4c01298060cf930d26a75a86b874b6ae) C:\Windows\system32\drivers\RTKVHDA.sys
14:09:40.0414 10428   IntcAzAudAddService - ok
14:09:40.0816 10428   intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
14:09:40.0819 10428   intelide - ok
14:09:40.0989 10428   intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
14:09:40.0992 10428   intelppm - ok
14:09:41.0161 10428   IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:09:41.0164 10428   IpFilterDriver - ok
14:09:41.0328 10428   IpInIp - ok
14:09:41.0498 10428   IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
14:09:41.0502 10428   IPMIDRV - ok
14:09:41.0690 10428   IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
14:09:41.0697 10428   IPNAT - ok
14:09:41.0920 10428   IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
14:09:41.0923 10428   IRENUM - ok
14:09:42.0094 10428   isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
14:09:42.0098 10428   isapnp - ok
14:09:42.0352 10428   iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
14:09:42.0359 10428   iScsiPrt - ok
14:09:42.0685 10428   iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
14:09:42.0688 10428   iteatapi - ok
14:09:42.0892 10428   iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
14:09:42.0895 10428   iteraid - ok
14:09:43.0096 10428   kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
14:09:43.0099 10428   kbdclass - ok
14:09:43.0292 10428   kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
14:09:43.0295 10428   kbdhid - ok
14:09:43.0619 10428   KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
14:09:43.0637 10428   KSecDD - ok
14:09:44.0031 10428   lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
14:09:44.0034 10428   lltdio - ok
14:09:44.0253 10428   LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
14:09:44.0258 10428   LSI_FC - ok
14:09:44.0461 10428   LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
14:09:44.0466 10428   LSI_SAS - ok
14:09:44.0664 10428   LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
14:09:44.0669 10428   LSI_SCSI - ok
14:09:44.0873 10428   luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
14:09:44.0878 10428   luafv - ok
14:09:45.0052 10428   megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
14:09:45.0055 10428   megasas - ok
14:09:45.0224 10428   MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
14:09:45.0242 10428   MegaSR - ok
14:09:45.0417 10428   Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
14:09:45.0421 10428   Modem - ok
14:09:45.0576 10428   monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
14:09:45.0579 10428   monitor - ok
14:09:45.0733 10428   mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
14:09:45.0738 10428   mouclass - ok
14:09:45.0915 10428   mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
14:09:45.0918 10428   mouhid - ok
14:09:46.0088 10428   MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
14:09:46.0092 10428   MountMgr - ok
14:09:46.0258 10428   mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
14:09:46.0263 10428   mpio - ok
14:09:46.0438 10428   mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
14:09:46.0442 10428   mpsdrv - ok
14:09:46.0628 10428   Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
14:09:46.0632 10428   Mraid35x - ok
14:09:46.0824 10428   MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
14:09:46.0829 10428   MRxDAV - ok
14:09:46.0998 10428   mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:09:47.0003 10428   mrxsmb - ok
14:09:47.0220 10428   mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:09:47.0237 10428   mrxsmb10 - ok
14:09:47.0490 10428   mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:09:47.0494 10428   mrxsmb20 - ok
14:09:47.0696 10428   msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
14:09:47.0699 10428   msahci - ok
14:09:47.0925 10428   msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
14:09:47.0930 10428   msdsm - ok
14:09:48.0189 10428   Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
14:09:48.0192 10428   Msfs - ok
14:09:48.0597 10428   msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
14:09:48.0600 10428   msisadrv - ok
14:09:48.0938 10428   MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
14:09:48.0941 10428   MSKSSRV - ok
14:09:49.0119 10428   MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
14:09:49.0123 10428   MSPCLOCK - ok
14:09:49.0296 10428   MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
14:09:49.0299 10428   MSPQM - ok
14:09:49.0519 10428   MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
14:09:49.0525 10428   MsRPC - ok
14:09:49.0693 10428   mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
14:09:49.0696 10428   mssmbios - ok
14:09:49.0905 10428   MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
14:09:49.0908 10428   MSTEE - ok
14:09:50.0131 10428   Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
14:09:50.0135 10428   Mup - ok
14:09:50.0348 10428   NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
14:09:50.0354 10428   NativeWifiP - ok
14:09:50.0613 10428   NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
14:09:50.0630 10428   NDIS - ok
14:09:50.0924 10428   NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
14:09:50.0928 10428   NdisTapi - ok
14:09:51.0146 10428   Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
14:09:51.0150 10428   Ndisuio - ok
14:09:51.0354 10428   NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
14:09:51.0360 10428   NdisWan - ok
14:09:51.0551 10428   NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
14:09:51.0555 10428   NDProxy - ok
14:09:51.0728 10428   NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
14:09:51.0731 10428   NetBIOS - ok
14:09:51.0956 10428   netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
14:09:51.0972 10428   netbt - ok
14:09:52.0298 10428   nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
14:09:52.0303 10428   nfrd960 - ok
14:09:52.0529 10428   Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
14:09:52.0534 10428   Npfs - ok
14:09:52.0717 10428   nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
14:09:52.0721 10428   nsiproxy - ok
14:09:52.0980 10428   Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
14:09:53.0016 10428   Ntfs - ok
14:09:53.0258 10428   NTIDrvr (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys
14:09:53.0261 10428   NTIDrvr - ok
14:09:53.0446 10428   ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
14:09:53.0449 10428   ntrigdigi - ok
14:09:53.0623 10428   Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
14:09:53.0627 10428   Null - ok
14:09:53.0833 10428   NVENETFD (ae78a7285df03a277415fc62f8ce8f24) C:\Windows\system32\DRIVERS\nvmfdx32.sys
14:09:53.0851 10428   NVENETFD - ok
14:09:54.0040 10428   NVHDA (f972dc046c374a9e02f2dfbe74ebb203) C:\Windows\system32\drivers\nvhda32v.sys
14:09:54.0047 10428   NVHDA - ok
14:09:54.0504 10428   nvlddmkm (35b7985d727974c7f6046b215ee01048) C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:09:54.0684 10428   nvlddmkm - ok
14:09:54.0959 10428   nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
14:09:54.0965 10428   nvraid - ok
14:09:55.0142 10428   nvsmu (c44ee36dd84fa95eb81d79c374756003) C:\Windows\system32\DRIVERS\nvsmu.sys
14:09:55.0145 10428   nvsmu - ok
14:09:55.0329 10428   nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
14:09:55.0334 10428   nvstor - ok
14:09:55.0508 10428   nvstor32 (fa7b8eca6e845b244b7e30a9dcd82c6c) C:\Windows\system32\DRIVERS\nvstor32.sys
14:09:55.0513 10428   nvstor32 - ok
14:09:55.0684 10428   nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
14:09:55.0692 10428   nv_agp - ok
14:09:55.0897 10428   NwlnkFlt - ok
14:09:56.0070 10428   NwlnkFwd - ok
14:09:56.0280 10428   ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
14:09:56.0284 10428   ohci1394 - ok
14:09:56.0487 10428   Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
14:09:56.0492 10428   Parport - ok
14:09:56.0690 10428   partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
14:09:56.0694 10428   partmgr - ok
14:09:56.0923 10428   Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
14:09:56.0927 10428   Parvdm - ok
14:09:57.0150 10428   pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
14:09:57.0156 10428   pci - ok
14:09:57.0346 10428   pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
14:09:57.0350 10428   pciide - ok
14:09:57.0534 10428   pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
14:09:57.0541 10428   pcmcia - ok
14:09:57.0722 10428   pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
14:09:57.0727 10428   pcouffin - ok
14:09:58.0033 10428   PCTAppEvent (7ea0ebd6e5aa687e116eb185a7cfb667) C:\Windows\system32\drivers\PCTAppEvent.sys
14:09:58.0042 10428   PCTAppEvent - ok
14:09:58.0278 10428   PCTFW-PacketFilter (60af5fa418efe284fb81dbbf5a0391fb) C:\Windows\system32\drivers\pctNdis-PacketFilter.sys
14:09:58.0284 10428   PCTFW-PacketFilter - ok
14:09:58.0502 10428   pctgntdi (5be722c8c9bba995693c8cd524d83b27) C:\Windows\System32\drivers\pctgntdi.sys
14:09:58.0518 10428   pctgntdi - ok
14:09:58.0757 10428   pctNdis (3ec79cfb2e0e74aada8b561ed8904577) C:\Windows\system32\DRIVERS\pctNdis.sys
14:09:58.0762 10428   pctNdis - ok
14:09:58.0780 10428   pctNdisMP (3ec79cfb2e0e74aada8b561ed8904577) C:\Windows\system32\DRIVERS\pctNdis.sys
14:09:58.0783 10428   pctNdisMP - ok
14:09:59.0052 10428   pctplfw (fe6803af91ddb32ff8edf5d6c0d370af) C:\Windows\System32\drivers\pctplfw.sys
14:09:59.0058 10428   pctplfw - ok
14:09:59.0266 10428   PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
14:09:59.0294 10428   PEAUTH - ok
14:09:59.0699 10428   PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
14:09:59.0706 10428   PptpMiniport - ok
14:09:59.0925 10428   Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
14:09:59.0928 10428   Processor - ok
14:10:00.0202 10428   PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
14:10:00.0209 10428   PSched - ok
14:10:00.0389 10428   PSDFilter (ab94285ff6c6bc5433407d8d182a4bb4) C:\Windows\system32\DRIVERS\psdfilter.sys
14:10:00.0393 10428   PSDFilter - ok
14:10:00.0564 10428   PSDNServ (2aaf9a5d7a63d26bfaea853c5f2292bc) C:\Windows\system32\DRIVERS\PSDNServ.sys
14:10:00.0568 10428   PSDNServ - ok
14:10:00.0730 10428   psdvdisk (0eb8cec99855beae5b0d02c2302619ef) C:\Windows\system32\DRIVERS\PSDVdisk.sys
14:10:00.0735 10428   psdvdisk - ok
14:10:00.0957 10428   ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
14:10:00.0993 10428   ql2300 - ok
14:10:01.0232 10428   ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
14:10:01.0238 10428   ql40xx - ok
14:10:01.0421 10428   QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
14:10:01.0424 10428   QWAVEdrv - ok
14:10:01.0506 10428   RapportCerberus_29574 (dda98cc4f34977914c731b8155e1cbd5) C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\29574\RapportCerberus32_29574.sys
14:10:01.0522 10428   RapportCerberus_29574 - ok
14:10:01.0582 10428   RapportEI (e26d74708d0e2705e811e92186240e3e) C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
14:10:01.0589 10428   RapportEI - ok
14:10:01.0875 10428   RapportKELL (4cc45ef9bd020e995a9708e6d9f7eedf) C:\Windows\system32\Drivers\RapportKELL.sys
14:10:01.0880 10428   RapportKELL - ok
14:10:01.0949 10428   RapportPG (7bbd996df8ba13720bfdec059aea770f) C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
14:10:01.0956 10428   RapportPG - ok
14:10:02.0209 10428   RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
14:10:02.0217 10428   RasAcd - ok
14:10:02.0421 10428   Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:10:02.0426 10428   Rasl2tp - ok
14:10:02.0651 10428   RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
14:10:02.0655 10428   RasPppoe - ok
14:10:02.0894 10428   RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
14:10:02.0900 10428   RasSstp - ok
14:10:03.0126 10428   rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
14:10:03.0136 10428   rdbss - ok
14:10:03.0315 10428   RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:10:03.0319 10428   RDPCDD - ok
14:10:03.0501 10428   rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
14:10:03.0519 10428   rdpdr - ok
14:10:03.0691 10428   RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
14:10:03.0695 10428   RDPENCDD - ok
14:10:03.0936 10428   RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
14:10:03.0945 10428   RDPWD - ok
14:10:04.0158 10428   rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
14:10:04.0163 10428   rspndr - ok
14:10:04.0217 10428   SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
14:10:04.0220 10428   SASDIFSV - ok
14:10:04.0244 10428   SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
14:10:04.0251 10428   SASKUTIL - ok
14:10:04.0545 10428   sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
14:10:04.0550 10428   sbp2port - ok
14:10:04.0915 10428   secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:10:04.0919 10428   secdrv - ok
14:10:05.0178 10428   Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
14:10:05.0184 10428   Serenum - ok
14:10:05.0379 10428   Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
14:10:05.0384 10428   Serial - ok
14:10:05.0625 10428   sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
14:10:05.0629 10428   sermouse - ok
14:10:05.0876 10428   sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
14:10:05.0880 10428   sffdisk - ok
14:10:06.0101 10428   sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
14:10:06.0104 10428   sffp_mmc - ok
14:10:06.0295 10428   sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
14:10:06.0300 10428   sffp_sd - ok
14:10:06.0463 10428   sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
14:10:06.0468 10428   sfloppy - ok
14:10:06.0750 10428   sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
14:10:06.0753 10428   sisagp - ok
14:10:06.0950 10428   SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
14:10:06.0954 10428   SiSRaid2 - ok
14:10:07.0173 10428   SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
14:10:07.0179 10428   SiSRaid4 - ok
14:10:07.0403 10428   Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
14:10:07.0408 10428   Smb - ok
14:10:07.0675 10428   spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
14:10:07.0679 10428   spldr - ok
14:10:07.0928 10428   srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
14:10:07.0947 10428   srv - ok
14:10:08.0215 10428   srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
14:10:08.0231 10428   srv2 - ok
14:10:08.0416 10428   srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
14:10:08.0422 10428   srvnet - ok
14:10:08.0626 10428   swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
14:10:08.0630 10428   swenum - ok
14:10:08.0811 10428   Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
14:10:08.0815 10428   Symc8xx - ok
14:10:09.0001 10428   Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
14:10:09.0007 10428   Sym_hi - ok
14:10:09.0230 10428   Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
14:10:09.0234 10428   Sym_u3 - ok
14:10:09.0516 10428   Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
14:10:09.0553 10428   Tcpip - ok
14:10:09.0844 10428   Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
14:10:09.0861 10428   Tcpip6 - ok
14:10:10.0174 10428   tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
14:10:10.0178 10428   tcpipreg - ok
14:10:10.0351 10428   TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
14:10:10.0354 10428   TDPIPE - ok
14:10:10.0535 10428   TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
14:10:10.0539 10428   TDTCP - ok
14:10:10.0734 10428   tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
14:10:10.0740 10428   tdx - ok
14:10:11.0025 10428   TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
14:10:11.0030 10428   TermDD - ok
14:10:11.0255 10428   tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:10:11.0259 10428   tssecsrv - ok
14:10:11.0439 10428   tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
14:10:11.0444 10428   tunmp - ok
14:10:11.0634 10428   tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
14:10:11.0638 10428   tunnel - ok
14:10:11.0837 10428   uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
14:10:11.0843 10428   uagp35 - ok
14:10:12.0097 10428   UBHelper (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys
14:10:12.0101 10428   UBHelper - ok
14:10:12.0323 10428   udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
14:10:12.0342 10428   udfs - ok
14:10:12.0605 10428   uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
14:10:12.0611 10428   uliagpkx - ok
14:10:12.0780 10428   uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
14:10:12.0798 10428   uliahci - ok
14:10:12.0982 10428   UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
14:10:12.0989 10428   UlSata - ok
14:10:13.0172 10428   ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
14:10:13.0179 10428   ulsata2 - ok
14:10:13.0351 10428   umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
14:10:13.0356 10428   umbus - ok
14:10:13.0609 10428   usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
14:10:13.0614 10428   usbaudio - ok
14:10:13.0930 10428   usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
14:10:13.0936 10428   usbccgp - ok
14:10:14.0134 10428   usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
14:10:14.0140 10428   usbcir - ok
14:10:14.0327 10428   usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
14:10:14.0332 10428   usbehci - ok
14:10:14.0570 10428   usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
14:10:14.0577 10428   usbhub - ok
14:10:14.0785 10428   usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
14:10:14.0801 10428   usbohci - ok
14:10:14.0989 10428   usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
14:10:14.0993 10428   usbprint - ok
14:10:15.0194 10428   usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
14:10:15.0200 10428   usbscan - ok
14:10:15.0479 10428   USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:10:15.0483 10428   USBSTOR - ok
14:10:15.0673 10428   usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
14:10:15.0677 10428   usbuhci - ok
14:10:15.0918 10428   vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
14:10:15.0923 10428   vga - ok
14:10:16.0101 10428   VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
14:10:16.0104 10428   VgaSave - ok
14:10:16.0336 10428   viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
14:10:16.0341 10428   viaagp - ok
14:10:16.0522 10428   ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
14:10:16.0527 10428   ViaC7 - ok
14:10:16.0755 10428   viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
14:10:16.0759 10428   viaide - ok
14:10:16.0994 10428   vmwvusb - ok
14:10:17.0190 10428   volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
14:10:17.0197 10428   volmgr - ok
14:10:17.0472 10428   volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
14:10:17.0491 10428   volmgrx - ok
14:10:17.0809 10428   volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
14:10:17.0817 10428   volsnap - ok
14:10:18.0011 10428   vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
14:10:18.0018 10428   vsmraid - ok
14:10:18.0264 10428   VX1000 (d22c6b9c2f840d403fd387ad207a4b16) C:\Windows\system32\DRIVERS\VX1000.sys
14:10:18.0318 10428   VX1000 - ok
14:10:18.0583 10428   WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
14:10:18.0587 10428   WacomPen - ok
14:10:18.0760 10428   Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:10:18.0766 10428   Wanarp - ok
14:10:18.0776 10428   Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:10:18.0784 10428   Wanarpv6 - ok
14:10:19.0040 10428   Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
14:10:19.0044 10428   Wd - ok
14:10:19.0244 10428   Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
14:10:19.0263 10428   Wdf01000 - ok
14:10:19.0696 10428   WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:10:19.0700 10428   WmiAcpi - ok
14:10:19.0955 10428   WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
14:10:19.0960 10428   WpdUsb - ok
14:10:20.0158 10428   ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
14:10:20.0163 10428   ws2ifsl - ok
14:10:20.0370 10428   WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:10:20.0377 10428   WUDFRd - ok
14:10:20.0432 10428   MBR (0x1B8) (c3cb91169c3379597e17079feecbfd03) \Device\Harddisk0\DR0
14:10:20.0434 10428   \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - infected
14:10:20.0434 10428   \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
14:10:20.0458 10428   Boot (0x1200) (30cc371a6762176167473b53d1286e04) \Device\Harddisk0\DR0\Partition0
14:10:20.0459 10428   \Device\Harddisk0\DR0\Partition0 - ok
14:10:20.0487 10428   Boot (0x1200) (4767919c7f79416bba91d81443fb8e63) \Device\Harddisk0\DR0\Partition1
14:10:20.0489 10428   \Device\Harddisk0\DR0\Partition1 - ok
14:10:20.0490 10428   ============================================================
14:10:20.0490 10428   Scan finished
14:10:20.0490 10428   ============================================================
14:10:20.0535 11256   Detected object count: 1
14:10:20.0535 11256   Actual detected object count: 1
14:10:32.0434 11256   \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - will be cured on reboot
14:10:32.0435 11256   \Device\Harddisk0\DR0 - ok
14:10:32.0439 11256   \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - User select action: Cure

Thanks for all the help

SuperDave · « **Reply #4 on:** December 05, 2011, 01:12:32 PM »

Download Security Check by screen317 from one of the following links and save it to your desktop.

Link 1
Link 2

* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
******************************************************
Download ComboFix by sUBs from one of the below links. Be sure to save it to the Desktop.

link # 1
Link # 2
If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

Close any open web browsers (Firefox, Internet Explorer, etc) before starting ComboFix.

Temporarily disable your anti-virus, and any anti-spyware real-time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

Right-click combofix.exe and select Run as Administrator and follow the prompts.
When finished, ComboFix will produce a log for you.
Post the ComboFix login your next reply.

NOTE: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

Remember to re-enable your anti-virus and anti-spyware protection when ComboFix is complete.

newbie71 · « **Reply #5 on:** December 05, 2011, 04:47:06 PM »

I am running the security check now. It seems to be taking a long time, is this normal? also, since i ran the last two scans i keep getting a pop up that tells me WMI Provider host stopped working and was closed. A problem caused the application to stop working correctly. Windows will notify you if a solution is available.

SuperDave · « **Reply #6 on:** December 06, 2011, 12:56:48 PM »

What happens when you tried to reboot your computer?

newbie71 · « **Reply #7 on:** December 10, 2011, 04:54:11 AM »

it is telling me I have no operating system installed.

SuperDave · « **Reply #8 on:** December 10, 2011, 11:46:26 AM »

Go to this link to create a Rescue CD or to this site to create a Rescue USB. Carefully follow all the instructions for whichever method you choose.

Computer Hope Forum

News:

Author Topic: Virus and Spyware removal logs (Read 7585 times)

newbie71

Virus and Spyware removal logs

SuperDave

Re: Virus and Spyware removal logs

newbie71

Re: Virus and Spyware removal logs

newbie71

Re: Virus and Spyware removal logs

SuperDave

Re: Virus and Spyware removal logs

newbie71

Re: Virus and Spyware removal logs

SuperDave

Re: Virus and Spyware removal logs

newbie71

Re: Virus and Spyware removal logs

SuperDave

Re: Virus and Spyware removal logs