Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

« previous next »
Pages: 1 2 [3] 4 5  All   Go Down

Author Topic: Malware TR/spy.keylogger.qme Help!  (Read 34784 times)

0 Members and 1 Guest are viewing this topic.

stonemanjr

    Topic Starter


    Beginner

    • Experience: Beginner
    • OS: Unknown
    Re: Malware TR/spy.keylogger.qme Help!
    « Reply #30 on: October 25, 2011, 01:43:50 PM »
    OK. it has been running pretty much since installed. It seems that when the Combo Fix was run, that the notice at first disappeared. The other notice that appears is a file in the temp (which is not visible) is being alerted for called "ark5.dll" and is connected with the TR/Keylogger notice and the other file the "msruneero.dll" do either of these sound suspicious? esp with us not being able to find them when looking for them?
    Logged

    SuperDave

    • Malware Removal Specialist


      • Genius
      • Thanked: 1020
    • Certifications: List
    • Experience: Expert
    • OS: Windows 10
    Re: Malware TR/spy.keylogger.qme Help!
    « Reply #31 on: October 26, 2011, 01:39:39 PM »
    Quote
    The other notice that appears is a file in the temp (which is not visible) is being alerted for called "ark5.dll" and is connected with the TR/Keylogger notice and the other file the "msruneero.dll" do either of these sound suspicious? esp with us not being able to find them when looking for them?
    What program is giving you these warnings?
    Logged
    Windows 8 and Windows 10 dual boot with two SSD's

    stonemanjr

      Topic Starter


      Beginner

      • Experience: Beginner
      • OS: Unknown
      Re: Malware TR/spy.keylogger.qme Help!
      « Reply #32 on: October 29, 2011, 02:51:30 PM »
      Avira AntiVir..shows a pop up windows that then asks if we want to remove. We select it runs thru a scan and what seems to be a removal and quarantine process. Dont see again until machine is shut down and restarted.

      Cannot locate thes files in any directory that they indicate where located in that warning
      Logged

      SuperDave

      • Malware Removal Specialist


        • Genius
        • Thanked: 1020
      • Certifications: List
      • Experience: Expert
      • OS: Windows 10
      Re: Malware TR/spy.keylogger.qme Help!
      « Reply #33 on: October 29, 2011, 07:00:56 PM »
      Were you getting those warnings with MSE?
      Logged
      Windows 8 and Windows 10 dual boot with two SSD's

      stonemanjr

        Topic Starter


        Beginner

        • Experience: Beginner
        • OS: Unknown
        Re: Malware TR/spy.keylogger.qme Help!
        « Reply #34 on: November 01, 2011, 02:13:47 PM »
        no nothing being picked up anywhere else or by other programs
        Logged

        SuperDave

        • Malware Removal Specialist


          • Genius
          • Thanked: 1020
        • Certifications: List
        • Experience: Expert
        • OS: Windows 10
        Re: Malware TR/spy.keylogger.qme Help!
        « Reply #35 on: November 01, 2011, 04:15:24 PM »
        It looks like a false-positive from Avira. Did you try uninstalling and re-installing Avira?
        Logged
        Windows 8 and Windows 10 dual boot with two SSD's

        stonemanjr

          Topic Starter


          Beginner

          • Experience: Beginner
          • OS: Unknown
          Re: Malware TR/spy.keylogger.qme Help!
          « Reply #36 on: November 03, 2011, 01:57:26 PM »
          yes. the strange thing is that it continues to refer to a TR/Keylogger with the names of files in a source directory that we cannot find them-not visible
          Logged

          SuperDave

          • Malware Removal Specialist


            • Genius
            • Thanked: 1020
          • Certifications: List
          • Experience: Expert
          • OS: Windows 10
          Re: Malware TR/spy.keylogger.qme Help!
          « Reply #37 on: November 03, 2011, 04:24:54 PM »
          Quote
          yes. the strange thing is that it continues to refer to a TR/Keylogger with the names of files in a source directory that we cannot find them-not visible
          Also strange is that no other protective program is picking this up. Let's try a few rootkit scans to see if there's anything there.

          Please download TDSSKiller from here and save it to your Desktop.
          • Doubleclick TDSSKiller.exe to run the tool
          • Click the Start Scan button (If prompted with a "hidden service warning" do go ahead and delete it.)

          • After the scan has finished, click the Close button
          • Click the Report button and copy/paste the contents of it into your next reply
          • Note:It will also create a log in the C:\ directory.
          ***************************************************
          Let's run a few more scans to see what turns up.

          Please download aswMBR.exe ( 511KB ) to your desktop.

          Double click the aswMBR.exe to run it



          Click the "Scan" button to start scan

          Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives



          On completion of the scan click save log, save it to your desktop and post in your next reply
          « Last Edit: November 07, 2011, 12:55:54 PM by SuperDave »
          Logged
          Windows 8 and Windows 10 dual boot with two SSD's

          stonemanjr

            Topic Starter


            Beginner

            • Experience: Beginner
            • OS: Unknown
            Re: Malware TR/spy.keylogger.qme Help!
            « Reply #38 on: November 07, 2011, 09:39:07 AM »
            Kaspersky showed no threats but didnt create a report, when closed
            Logged

            stonemanjr

              Topic Starter


              Beginner

              • Experience: Beginner
              • OS: Unknown
              Re: Malware TR/spy.keylogger.qme Help!
              « Reply #39 on: November 07, 2011, 09:53:46 AM »
              ok, while the aswMBR scan was running, a notice popped up saying: unp259168444.tmp file found with a notification from: TR/Crypt.XPack.Gen
              Logged

              stonemanjr

                Topic Starter


                Beginner

                • Experience: Beginner
                • OS: Unknown
                Re: Malware TR/spy.keylogger.qme Help!
                « Reply #40 on: November 07, 2011, 10:05:37 AM »
                aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
                Run date: 2011-11-07 11:34:03
                -----------------------------
                11:34:03.953    OS Version: Windows 5.1.2600 Service Pack 3
                11:34:03.953    Number of processors: 1 586 0x1601
                11:34:03.953    ComputerName: CORNERSTONE  UserName: TERESA
                11:34:08.328    Initialize success
                11:37:01.359    AVAST engine defs: 11110700
                11:37:59.218    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
                11:37:59.218    Disk 0 Vendor: WDC_WD800JD-75MSA3 10.01E04 Size: 76293MB BusType: 3
                11:38:01.265    Disk 0 MBR read successfully
                11:38:01.265    Disk 0 MBR scan
                11:38:01.406    Disk 0 Windows XP default MBR code
                11:38:01.421    Disk 0 scanning sectors +156232125
                11:38:01.890    Disk 0 scanning C:\WINDOWS\system32\drivers
                11:39:23.718    Service scanning
                11:39:27.406    Service MpKsl6f2081d9 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{19BC5739-9468-4930-83D5-25D96BF830C7}\MpKsl6f2081d9.sys **LOCKED** 32
                11:39:28.078    Modules scanning
                11:39:41.812    Disk 0 trace - called modules:
                11:39:41.875    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
                11:39:41.875    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86d8eab8]
                11:39:41.875    3 CLASSPNP.SYS[f75f3fd7] -> nt!IofCallDriver -> \Device\00000070[0x86d261c8]
                11:39:41.875    5 ACPI.sys[f748a620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86d1f940]
                11:39:43.125    AVAST engine scan C:\WINDOWS
                11:40:21.906    AVAST engine scan C:\WINDOWS\system32
                11:46:14.187    AVAST engine scan C:\WINDOWS\system32\drivers
                11:46:42.203    AVAST engine scan C:\Documents and Settings\TERESA
                11:50:07.921    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\TERESA\Desktop\MBR.dat"
                11:50:08.000    The log file has been saved successfully to "C:\Documents and Settings\TERESA\Desktop\aswMBR.txt"


                aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
                Run date: 2011-11-07 11:34:03
                -----------------------------
                11:34:03.953    OS Version: Windows 5.1.2600 Service Pack 3
                11:34:03.953    Number of processors: 1 586 0x1601
                11:34:03.953    ComputerName: CORNERSTONE  UserName: TERESA
                11:34:08.328    Initialize success
                11:37:01.359    AVAST engine defs: 11110700
                11:37:59.218    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
                11:37:59.218    Disk 0 Vendor: WDC_WD800JD-75MSA3 10.01E04 Size: 76293MB BusType: 3
                11:38:01.265    Disk 0 MBR read successfully
                11:38:01.265    Disk 0 MBR scan
                11:38:01.406    Disk 0 Windows XP default MBR code
                11:38:01.421    Disk 0 scanning sectors +156232125
                11:38:01.890    Disk 0 scanning C:\WINDOWS\system32\drivers
                11:39:23.718    Service scanning
                11:39:27.406    Service MpKsl6f2081d9 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{19BC5739-9468-4930-83D5-25D96BF830C7}\MpKsl6f2081d9.sys **LOCKED** 32
                11:39:28.078    Modules scanning
                11:39:41.812    Disk 0 trace - called modules:
                11:39:41.875    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
                11:39:41.875    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86d8eab8]
                11:39:41.875    3 CLASSPNP.SYS[f75f3fd7] -> nt!IofCallDriver -> \Device\00000070[0x86d261c8]
                11:39:41.875    5 ACPI.sys[f748a620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86d1f940]
                11:39:43.125    AVAST engine scan C:\WINDOWS
                11:40:21.906    AVAST engine scan C:\WINDOWS\system32
                11:46:14.187    AVAST engine scan C:\WINDOWS\system32\drivers
                11:46:42.203    AVAST engine scan C:\Documents and Settings\TERESA
                11:50:07.921    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\TERESA\Desktop\MBR.dat"
                11:50:08.000    The log file has been saved successfully to "C:\Documents and Settings\TERESA\Desktop\aswMBR.txt"
                11:54:58.234    AVAST engine scan C:\Documents and Settings\All Users
                11:56:32.625    Scan finished successfully
                12:00:15.718    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\TERESA\Desktop\MBR.dat"
                12:00:15.812    The log file has been saved successfully to "C:\Documents and Settings\TERESA\Desktop\aswMBR.txt"


                Logged

                SuperDave

                • Malware Removal Specialist


                  • Genius
                  • Thanked: 1020
                • Certifications: List
                • Experience: Expert
                • OS: Windows 10
                Re: Malware TR/spy.keylogger.qme Help!
                « Reply #41 on: November 07, 2011, 12:59:08 PM »
                Were you able to run TDSSKiller from Reply # 37?
                Logged
                Windows 8 and Windows 10 dual boot with two SSD's

                stonemanjr

                  Topic Starter


                  Beginner

                  • Experience: Beginner
                  • OS: Unknown
                  Re: Malware TR/spy.keylogger.qme Help!
                  « Reply #42 on: November 07, 2011, 03:45:18 PM »
                  OK found the log text under  C:\
                  see here

                  11:33:11.0328 2820   TDSS rootkit removing tool 2.6.16.0 Nov  7 2011 16:26:51
                  11:33:11.0640 2820   ============================================================
                  11:33:11.0640 2820   Current date / time: 2011/11/07 11:33:11.0640
                  11:33:11.0640 2820   SystemInfo:
                  11:33:11.0640 2820   
                  11:33:11.0640 2820   OS Version: 5.1.2600 ServicePack: 3.0
                  11:33:11.0640 2820   Product type: Workstation
                  11:33:11.0640 2820   ComputerName: CORNERSTONE
                  11:33:11.0640 2820   UserName: TERESA
                  11:33:11.0640 2820   Windows directory: C:\WINDOWS
                  11:33:11.0640 2820   System windows directory: C:\WINDOWS
                  11:33:11.0640 2820   Processor architecture: Intel x86
                  11:33:11.0640 2820   Number of processors: 1
                  11:33:11.0640 2820   Page size: 0x1000
                  11:33:11.0640 2820   Boot type: Normal boot
                  11:33:11.0640 2820   ============================================================
                  11:33:14.0640 2820   Initialize success
                  11:33:17.0390 0624   ============================================================
                  11:33:17.0390 0624   Scan started
                  11:33:17.0390 0624   Mode: Manual;
                  11:33:17.0390 0624   ============================================================
                  11:33:18.0937 0624   Abiosdsk - ok
                  11:33:19.0015 0624   abp480n5        (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
                  11:33:19.0031 0624   abp480n5 - ok
                  11:33:19.0109 0624   ACPI            (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
                  11:33:19.0109 0624   ACPI - ok
                  11:33:19.0187 0624   ACPIEC          (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
                  11:33:19.0187 0624   ACPIEC - ok
                  11:33:19.0281 0624   adpu160m        (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
                  11:33:19.0281 0624   adpu160m - ok
                  11:33:19.0328 0624   aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
                  11:33:19.0328 0624   aec - ok
                  11:33:19.0390 0624   AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
                  11:33:19.0390 0624   AFD - ok
                  11:33:19.0453 0624   agp440          (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
                  11:33:19.0453 0624   agp440 - ok
                  11:33:19.0484 0624   agpCPQ          (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
                  11:33:19.0484 0624   agpCPQ - ok
                  11:33:19.0578 0624   Aha154x         (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
                  11:33:19.0578 0624   Aha154x - ok
                  11:33:19.0640 0624   aic78u2         (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
                  11:33:19.0640 0624   aic78u2 - ok
                  11:33:19.0703 0624   aic78xx         (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
                  11:33:19.0703 0624   aic78xx - ok
                  11:33:19.0734 0624   aitvlgmq - ok
                  11:33:19.0765 0624   AliIde          (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
                  11:33:19.0765 0624   AliIde - ok
                  11:33:19.0812 0624   alim1541        (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
                  11:33:19.0812 0624   alim1541 - ok
                  11:33:20.0234 0624   amdagp          (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
                  11:33:20.0234 0624   amdagp - ok
                  11:33:20.0421 0624   amsint          (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
                  11:33:20.0453 0624   amsint - ok
                  11:33:20.0875 0624   asc             (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
                  11:33:20.0890 0624   asc - ok
                  11:33:21.0031 0624   asc3350p        (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
                  11:33:21.0031 0624   asc3350p - ok
                  11:33:21.0093 0624   asc3550         (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
                  11:33:21.0093 0624   asc3550 - ok
                  11:33:21.0125 0624   AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
                  11:33:21.0125 0624   AsyncMac - ok
                  11:33:21.0156 0624   atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
                  11:33:21.0156 0624   atapi - ok
                  11:33:21.0203 0624   Atdisk - ok
                  11:33:21.0218 0624   Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
                  11:33:21.0218 0624   Atmarpc - ok
                  11:33:21.0281 0624   audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
                  11:33:21.0281 0624   audstub - ok
                  11:33:21.0328 0624   avgntflt        (7713e4eb0276702faa08e52a6e23f2a6) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
                  11:33:21.0328 0624   avgntflt - ok
                  11:33:21.0375 0624   avipbb          (912d23140cd05980f6cdae790ddafc8d) C:\WINDOWS\system32\DRIVERS\avipbb.sys
                  11:33:21.0375 0624   avipbb - ok
                  11:33:21.0421 0624   avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
                  11:33:21.0453 0624   avkmgr - ok
                  11:33:21.0625 0624   Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
                  11:33:21.0640 0624   Beep - ok
                  11:33:21.0781 0624   catchme - ok
                  11:33:21.0859 0624   cbidf           (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
                  11:33:21.0859 0624   cbidf - ok
                  11:33:21.0859 0624   cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
                  11:33:21.0859 0624   cbidf2k - ok
                  11:33:21.0921 0624   cd20xrnt        (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
                  11:33:21.0921 0624   cd20xrnt - ok
                  11:33:22.0062 0624   Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
                  11:33:22.0062 0624   Cdaudio - ok
                  11:33:22.0078 0624   Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
                  11:33:22.0078 0624   Cdfs - ok
                  11:33:22.0093 0624   Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
                  11:33:22.0093 0624   Cdrom - ok
                  11:33:22.0109 0624   Changer - ok
                  11:33:22.0171 0624   CmdIde          (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
                  11:33:22.0171 0624   CmdIde - ok
                  11:33:22.0187 0624   Cpqarray        (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
                  11:33:22.0187 0624   Cpqarray - ok
                  11:33:22.0203 0624   csgcdngj - ok
                  11:33:22.0234 0624   dac2w2k         (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
                  11:33:22.0234 0624   dac2w2k - ok
                  11:33:22.0265 0624   dac960nt        (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
                  11:33:22.0265 0624   dac960nt - ok
                  11:33:22.0359 0624   Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
                  11:33:22.0359 0624   Disk - ok
                  11:33:22.0437 0624   DLABMFSM        (0659e6e0a95564f958d9df7313f7701e) C:\WINDOWS\system32\DLA\DLABMFSM.SYS
                  11:33:22.0437 0624   DLABMFSM - ok
                  11:33:22.0453 0624   DLABOIOM        (8691c78908f0bd66170669db268369f2) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
                  11:33:22.0453 0624   DLABOIOM - ok
                  11:33:22.0515 0624   DLACDBHM        (76167b5eb2dffc729edc36386876b40b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
                  11:33:22.0515 0624   DLACDBHM - ok
                  11:33:22.0515 0624   DLADResM        (5615744a1056933b90e6ac54feb86f35) C:\WINDOWS\system32\DLA\DLADResM.SYS
                  11:33:22.0531 0624   DLADResM - ok
                  11:33:22.0531 0624   DLAIFS_M        (1aeca2afa5005ce4a550cf8eb55a8c88) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
                  11:33:22.0531 0624   DLAIFS_M - ok
                  11:33:22.0546 0624   DLAOPIOM        (840e7f6abb885c72b9ffddb022ef5b6d) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
                  11:33:22.0546 0624   DLAOPIOM - ok
                  11:33:22.0562 0624   DLAPoolM        (0294d18731ac05da80132ce88f8a876b) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
                  11:33:22.0562 0624   DLAPoolM - ok
                  11:33:22.0562 0624   DLARTL_M        (91886fed52a3f9966207bce46cfd794f) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
                  11:33:22.0562 0624   DLARTL_M - ok
                  11:33:22.0578 0624   DLAUDFAM        (cca4e121d599d7d1706a30f603731e59) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
                  11:33:22.0578 0624   DLAUDFAM - ok
                  11:33:22.0593 0624   DLAUDF_M        (7dab85c33135df24419951da4e7d38e5) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
                  11:33:22.0593 0624   DLAUDF_M - ok
                  11:33:22.0687 0624   dmboot          (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
                  11:33:22.0687 0624   dmboot - ok
                  11:33:22.0703 0624   dmio            (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
                  11:33:22.0718 0624   dmio - ok
                  11:33:22.0781 0624   dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
                  11:33:22.0781 0624   dmload - ok
                  11:33:23.0078 0624   DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
                  11:33:23.0078 0624   DMusic - ok
                  11:33:23.0109 0624   dpti2o          (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
                  11:33:23.0109 0624   dpti2o - ok
                  11:33:23.0140 0624   drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
                  11:33:23.0140 0624   drmkaud - ok
                  11:33:23.0156 0624   DRVMCDB         (c00440385cf9f3d142917c63f989e244) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
                  11:33:23.0156 0624   DRVMCDB - ok
                  11:33:23.0171 0624   DRVNDDM         (6e6ab29d3c06e64ce81feacda85394b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
                  11:33:23.0171 0624   DRVNDDM - ok
                  11:33:23.0296 0624   DSproct         (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
                  11:33:23.0296 0624   DSproct - ok
                  11:33:23.0343 0624   dsunidrv        (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
                  11:33:23.0343 0624   dsunidrv - ok
                  11:33:23.0390 0624   E100B           (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
                  11:33:23.0390 0624   E100B - ok
                  11:33:23.0437 0624   e1express       (34aaa3b298a852b3663e6e0d94d12945) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
                  11:33:23.0437 0624   e1express - ok
                  11:33:23.0484 0624   Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
                  11:33:23.0484 0624   Fastfat - ok
                  11:33:23.0500 0624   Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
                  11:33:23.0500 0624   Fdc - ok
                  11:33:23.0515 0624   Fips            (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
                  11:33:23.0515 0624   Fips - ok
                  11:33:23.0546 0624   Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
                  11:33:23.0546 0624   Flpydisk - ok
                  11:33:23.0578 0624   FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
                  11:33:23.0593 0624   FltMgr - ok
                  11:33:23.0640 0624   Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
                  11:33:23.0640 0624   Fs_Rec - ok
                  11:33:23.0640 0624   Ftdisk          (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
                  11:33:23.0640 0624   Ftdisk - ok
                  11:33:23.0656 0624   fzbjjxqk - ok
                  11:33:23.0671 0624   Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
                  11:33:23.0671 0624   Gpc - ok
                  11:33:23.0687 0624   HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
                  11:33:23.0687 0624   HDAudBus - ok
                  11:33:23.0687 0624   HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
                  11:33:23.0687 0624   HidUsb - ok
                  11:33:23.0718 0624   hpn             (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
                  11:33:23.0718 0624   hpn - ok
                  11:33:23.0781 0624   HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
                  11:33:23.0781 0624   HTTP - ok
                  11:33:23.0875 0624   i2omgmt         (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
                  11:33:23.0875 0624   i2omgmt - ok
                  11:33:23.0937 0624   i2omp           (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
                  11:33:23.0937 0624   i2omp - ok
                  11:33:24.0031 0624   i8042prt        (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
                  11:33:24.0031 0624   i8042prt - ok
                  11:33:24.0250 0624   ialm            (28423512370705aeda6a652fedb25468) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
                  11:33:24.0296 0624   ialm - ok
                  11:33:24.0328 0624   iaStor          (997e8f5939f2d12cd9f2e6b395724c16) C:\WINDOWS\system32\drivers\iaStor.sys
                  11:33:24.0328 0624   iaStor - ok
                  11:33:24.0343 0624   Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
                  11:33:24.0343 0624   Imapi - ok
                  11:33:24.0375 0624   ini910u         (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
                  11:33:24.0375 0624   ini910u - ok
                  11:33:24.0531 0624   IntcAzAudAddService (17bbbabb21f86b650b2626045a9d016c) C:\WINDOWS\system32\drivers\RtkHDAud.sys
                  11:33:24.0562 0624   IntcAzAudAddService - ok
                  11:33:24.0593 0624   IntelIde        (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
                  11:33:24.0593 0624   IntelIde - ok
                  11:33:24.0656 0624   intelppm        (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
                  11:33:24.0656 0624   intelppm - ok
                  11:33:24.0703 0624   Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
                  11:33:24.0703 0624   Ip6Fw - ok
                  11:33:24.0718 0624   IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
                  11:33:24.0718 0624   IpFilterDriver - ok
                  11:33:24.0734 0624   IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
                  11:33:24.0734 0624   IpInIp - ok
                  11:33:24.0796 0624   IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
                  11:33:24.0796 0624   IpNat - ok
                  11:33:24.0812 0624   IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
                  11:33:24.0812 0624   IPSec - ok
                  11:33:24.0859 0624   IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
                  11:33:24.0859 0624   IRENUM - ok
                  11:33:24.0875 0624   isapnp          (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
                  11:33:24.0875 0624   isapnp - ok
                  11:33:24.0875 0624   jicuygtu - ok
                  11:33:24.0953 0624   Kbdclass        (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
                  11:33:24.0953 0624   Kbdclass - ok
                  11:33:24.0968 0624   kbdhid          (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
                  11:33:24.0968 0624   kbdhid - ok
                  11:33:25.0015 0624   kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
                  11:33:25.0015 0624   kmixer - ok
                  11:33:25.0046 0624   KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
                  11:33:25.0046 0624   KSecDD - ok
                  11:33:25.0046 0624   lbrtfdc - ok
                  11:33:25.0062 0624   mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
                  11:33:25.0062 0624   mnmdd - ok
                  11:33:25.0109 0624   Modem           (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
                  11:33:25.0109 0624   Modem - ok
                  11:33:25.0140 0624   Mouclass        (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
                  11:33:25.0140 0624   Mouclass - ok
                  11:33:25.0187 0624   mouhid          (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
                  11:33:25.0187 0624   mouhid - ok
                  11:33:25.0187 0624   MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
                  11:33:25.0187 0624   MountMgr - ok
                  11:33:25.0265 0624   MpFilter        (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
                  11:33:25.0265 0624   MpFilter - ok
                  11:33:25.0390 0624   MpKsl0821a7de - ok
                  11:33:25.0390 0624   MpKsl0e44e987 - ok
                  11:33:25.0390 0624   MpKsl0e57dffb - ok
                  11:33:25.0390 0624   MpKsl3be578e8 - ok
                  11:33:25.0390 0624   MpKsl6df5701a - ok
                  11:33:25.0437 0624   MpKsl6f2081d9   (5f53edfead46fa7adb78eee9ecce8fdf) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{19BC5739-9468-4930-83D5-25D96BF830C7}\MpKsl6f2081d9.sys
                  11:33:25.0437 0624   MpKsl6f2081d9 - ok
                  11:33:25.0437 0624   MpKsl730d167e - ok
                  11:33:25.0453 0624   MpKsl96e84b25 - ok
                  11:33:25.0453 0624   MpKsla4feba4a - ok
                  11:33:25.0453 0624   MpKsla63cd1ca - ok
                  11:33:25.0453 0624   MpKslb471e789 - ok
                  11:33:25.0453 0624   MpKslbd20a6ce - ok
                  11:33:25.0453 0624   MpKslcb1ffcb3 - ok
                  11:33:25.0468 0624   MpKslf03d2df7 - ok
                  11:33:25.0468 0624   MpKslfc685657 - ok
                  11:33:25.0531 0624   mraid35x        (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
                  11:33:25.0531 0624   mraid35x - ok
                  11:33:25.0562 0624   MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
                  11:33:25.0562 0624   MRxDAV - ok
                  11:33:25.0640 0624   MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
                  11:33:25.0640 0624   MRxSmb - ok
                  11:33:25.0656 0624   Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
                  11:33:25.0656 0624   Msfs - ok
                  11:33:25.0671 0624   MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
                  11:33:25.0671 0624   MSKSSRV - ok
                  11:33:25.0687 0624   MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
                  11:33:25.0687 0624   MSPCLOCK - ok
                  11:33:25.0703 0624   MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
                  11:33:25.0703 0624   MSPQM - ok
                  11:33:25.0750 0624   mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
                  11:33:25.0750 0624   mssmbios - ok
                  11:33:25.0765 0624   Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
                  11:33:25.0781 0624   Mup - ok
                  11:33:25.0781 0624   NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
                  11:33:25.0781 0624   NDIS - ok
                  11:33:25.0828 0624   NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
                  11:33:25.0828 0624   NdisTapi - ok
                  11:33:25.0859 0624   Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
                  11:33:25.0859 0624   Ndisuio - ok
                  11:33:25.0875 0624   NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
                  11:33:25.0875 0624   NdisWan - ok
                  11:33:25.0968 0624   NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
                  11:33:25.0968 0624   NDProxy - ok
                  11:33:26.0046 0624   NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
                  11:33:26.0046 0624   NetBIOS - ok
                  11:33:26.0109 0624   NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
                  11:33:26.0109 0624   NetBT - ok
                  11:33:26.0171 0624   Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
                  11:33:26.0171 0624   Npfs - ok
                  11:33:26.0234 0624   Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
                  11:33:26.0234 0624   Ntfs - ok
                  11:33:26.0265 0624   Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
                  11:33:26.0265 0624   Null - ok
                  11:33:26.0390 0624   nv              (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
                  11:33:26.0406 0624   nv - ok
                  11:33:26.0437 0624   NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
                  11:33:26.0437 0624   NwlnkFlt - ok
                  11:33:26.0453 0624   NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
                  11:33:26.0453 0624   NwlnkFwd - ok
                  11:33:26.0546 0624   Packet          (8f856dae19383bd69db444004d5d4f50) C:\WINDOWS\system32\DRIVERS\packet.sys
                  11:33:26.0546 0624   Packet - ok
                  11:33:26.0593 0624   Parport         (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
                  11:33:26.0609 0624   Parport - ok
                  11:33:26.0609 0624   PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
                  11:33:26.0609 0624   PartMgr - ok
                  11:33:26.0640 0624   ParVdm          (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
                  11:33:26.0640 0624   ParVdm - ok
                  11:33:26.0671 0624   PCI             (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
                  11:33:26.0671 0624   PCI - ok
                  11:33:26.0671 0624   PCIDump - ok
                  11:33:26.0703 0624   PCIIde          (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
                  11:33:26.0703 0624   PCIIde - ok
                  11:33:26.0734 0624   Pcmcia          (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
                  11:33:26.0734 0624   Pcmcia - ok
                  11:33:26.0750 0624   PDCOMP - ok
                  11:33:26.0750 0624   PDFRAME - ok
                  11:33:26.0750 0624   PDRELI - ok
                  11:33:26.0765 0624   PDRFRAME - ok
                  11:33:26.0781 0624   perc2           (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
                  11:33:26.0781 0624   perc2 - ok
                  11:33:26.0859 0624   perc2hib        (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
                  11:33:26.0859 0624   perc2hib - ok
                  11:33:26.0859 0624   pmirdaoq - ok
                  11:33:26.0921 0624   PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
                  11:33:26.0921 0624   PptpMiniport - ok
                  11:33:26.0921 0624   PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
                  11:33:26.0921 0624   PSched - ok
                  11:33:26.0937 0624   Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
                  11:33:26.0937 0624   Ptilink - ok
                  11:33:26.0984 0624   PxHelp20        (feffcfdc528764a04c8ed63d5fa6e711) C:\WINDOWS\system32\Drivers\PxHelp20.sys
                  11:33:27.0000 0624   PxHelp20 - ok
                  11:33:27.0031 0624   ql1080          (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
                  11:33:27.0031 0624   ql1080 - ok
                  11:33:27.0046 0624   Ql10wnt         (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
                  11:33:27.0046 0624   Ql10wnt - ok
                  11:33:27.0046 0624   ql12160         (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
                  11:33:27.0046 0624   ql12160 - ok
                  11:33:27.0062 0624   ql1240          (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
                  11:33:27.0062 0624   ql1240 - ok
                  11:33:27.0062 0624   ql1280          (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
                  11:33:27.0062 0624   ql1280 - ok
                  11:33:27.0078 0624   qlupagro - ok
                  11:33:27.0093 0624   RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
                  11:33:27.0093 0624   RasAcd - ok
                  11:33:27.0109 0624   Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
                  11:33:27.0109 0624   Rasl2tp - ok
                  11:33:27.0109 0624   RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
                  11:33:27.0125 0624   RasPppoe - ok
                  11:33:27.0140 0624   Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
                  11:33:27.0140 0624   Raspti - ok
                  11:33:27.0156 0624   Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
                  11:33:27.0156 0624   Rdbss - ok
                  11:33:27.0156 0624   rdjnrndg - ok
                  11:33:27.0171 0624   RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
                  11:33:27.0171 0624   RDPCDD - ok
                  11:33:27.0203 0624   rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
                  11:33:27.0203 0624   rdpdr - ok
                  11:33:27.0265 0624   RDPWD           (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
                  11:33:27.0265 0624   RDPWD - ok
                  11:33:27.0312 0624   redbook         (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
                  11:33:27.0312 0624   redbook - ok
                  11:33:27.0468 0624   SASDIFSV        (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
                  11:33:27.0468 0624   SASDIFSV - ok
                  11:33:27.0484 0624   SASKUTIL        (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
                  11:33:27.0484 0624   SASKUTIL - ok
                  11:33:27.0500 0624   SDDMI2 - ok
                  11:33:27.0531 0624   Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
                  11:33:27.0531 0624   Secdrv - ok
                  11:33:27.0562 0624   serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
                  11:33:27.0562 0624   serenum - ok
                  11:33:27.0593 0624   Serial          (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
                  11:33:27.0593 0624   Serial - ok
                  11:33:27.0609 0624   Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
                  11:33:27.0609 0624   Sfloppy - ok
                  11:33:27.0609 0624   Simbad - ok
                  11:33:27.0656 0624   sisagp          (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
                  11:33:27.0656 0624   sisagp - ok
                  11:33:27.0718 0624   Sparrow         (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
                  11:33:27.0718 0624   Sparrow - ok
                  11:33:27.0750 0624   splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
                  11:33:27.0750 0624   splitter - ok
                  11:33:27.0781 0624   sr              (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
                  11:33:27.0781 0624   sr - ok
                  11:33:27.0828 0624   Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
                  11:33:27.0843 0624   Srv - ok
                  11:33:27.0875 0624   ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
                  11:33:27.0875 0624   ssmdrv - ok
                  11:33:27.0890 0624   swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
                  11:33:27.0890 0624   swenum - ok
                  11:33:27.0968 0624   swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
                  11:33:27.0968 0624   swmidi - ok
                  11:33:28.0015 0624   symc810         (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
                  11:33:28.0015 0624   symc810 - ok
                  11:33:28.0046 0624   symc8xx         (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
                  11:33:28.0046 0624   symc8xx - ok
                  11:33:28.0046 0624   sym_hi          (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
                  11:33:28.0046 0624   sym_hi - ok
                  11:33:28.0062 0624   sym_u3          (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
                  11:33:28.0062 0624   sym_u3 - ok
                  11:33:28.0078 0624   sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
                  11:33:28.0078 0624   sysaudio - ok
                  11:33:28.0140 0624   Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
                  11:33:28.0156 0624   Tcpip - ok
                  11:33:28.0171 0624   TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
                  11:33:28.0171 0624   TDPIPE - ok
                  11:33:28.0203 0624   TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
                  11:33:28.0218 0624   TDTCP - ok
                  11:33:28.0234 0624   TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
                  11:33:28.0234 0624   TermDD - ok
                  11:33:28.0281 0624   TosIde          (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
                  11:33:28.0281 0624   TosIde - ok
                  11:33:28.0312 0624   Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
                  11:33:28.0312 0624   Udfs - ok
                  11:33:28.0609 0624   ultra           (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
                  11:33:28.0609 0624   ultra - ok
                  11:33:28.0656 0624   Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
                  11:33:28.0671 0624   Update - ok
                  11:33:28.0703 0624   usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
                  11:33:28.0703 0624   usbehci - ok
                  11:33:28.0718 0624   usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
                  11:33:28.0718 0624   usbhub - ok
                  11:33:28.0765 0624   usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
                  11:33:28.0765 0624   usbprint - ok
                  11:33:28.0828 0624   usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
                  11:33:28.0828 0624   usbscan - ok
                  11:33:29.0125 0624   USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
                  11:33:29.0125 0624   USBSTOR - ok
                  11:33:29.0171 0624   usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
                  11:33:29.0171 0624   usbuhci - ok
                  11:33:29.0187 0624   VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
                  11:33:29.0187 0624   VgaSave - ok
                  11:33:29.0218 0624   viaagp          (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
                  11:33:29.0218 0624   viaagp - ok
                  11:33:29.0265 0624   ViaIde          (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
                  11:33:29.0265 0624   ViaIde - ok
                  11:33:29.0328 0624   VolSnap         (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
                  11:33:29.0328 0624   VolSnap - ok
                  11:33:29.0390 0624   Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
                  11:33:29.0390 0624   Wanarp - ok
                  11:33:29.0406 0624   wanatw - ok
                  11:33:29.0406 0624   WDICA - ok
                  11:33:29.0421 0624   wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
                  11:33:29.0437 0624   wdmaud - ok
                  11:33:29.0500 0624   WpdUsb          (1385e5aa9c9821790d33a9563b8d2dd0) C:\WINDOWS\system32\Drivers\wpdusb.sys
                  11:33:29.0515 0624   WpdUsb - ok
                  11:33:29.0546 0624   MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
                  11:33:29.0687 0624   \Device\Harddisk0\DR0 - ok
                  11:33:29.0687 0624   Boot (0x1200)   (6e6ae64fed308109edb06ab1eeee5deb) \Device\Harddisk0\DR0\Partition0
                  11:33:29.0703 0624   \Device\Harddisk0\DR0\Partition0 - ok
                  11:33:29.0703 0624   ============================================================
                  11:33:29.0703 0624   Scan finished
                  11:33:29.0703 0624   ============================================================
                  11:33:29.0718 3276   Detected object count: 0
                  11:33:29.0718 3276   Actual detected object count: 0
                  11:33:33.0218 3296   Deinitialize success
                  Logged

                  stonemanjr

                    Topic Starter


                    Beginner

                    • Experience: Beginner
                    • OS: Unknown
                    Re: Malware TR/spy.keylogger.qme Help!
                    « Reply #43 on: November 07, 2011, 03:46:18 PM »
                    What is this?

                    unp259168444.tmp file

                    TR/Crypt.XPack.Gen
                    Logged

                    SuperDave

                    • Malware Removal Specialist


                      • Genius
                      • Thanked: 1020
                    • Certifications: List
                    • Experience: Expert
                    • OS: Windows 10
                    Re: Malware TR/spy.keylogger.qme Help!
                    « Reply #44 on: November 07, 2011, 04:49:54 PM »
                    Please update and run another scan with SAS and post the log.

                    Clean out your temporary internet files and temp files.

                    Download TFC by OldTimer to your desktop.

                    Double-click TFC.exe to run it.

                    Note: If you are running on Vista, right-click on the file and choose Run As Administrator

                    TFC will close all programs when run, so make sure you have saved all your work before you begin.

                    * Click the Start button to begin the cleaning process.
                    * Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
                    * Please let TFC run uninterrupted until it is finished.

                    Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.

                    Logged
                    Windows 8 and Windows 10 dual boot with two SSD's
                    Pages: 1 2 [3] 4 5  All   Go Up
                    « previous next »