Solved Followed the 8 Steps for malware removal, posting results

[mikmik12]

kaspersky website didn't produce a report...wil try to run again.

 

[mikmik12]

still no report, it said it was successful though. but i just did a google search and was redirected...which sucks! avira is not picking up on any malware currently. i'll try to get a report from kaspersky again.

 

[mikmik12]

no report, though it said it was successful

 

[crunchie]

Please try the ESET Online Scanner and post the ScanLog with your post for assistance.

• You will need to use Internet Explorer to complete this scan.
• You will need to temporarily Disable your current Anti-virus program.
• Be sure the option to Remove found threats is Un-checked at this time (we may have it clean what it finds at a later time), and the option to Scan unwanted applications is Checked.
• When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please post that log for us as directed below.

NOTE: If you are unable to complete the ESET scan, please try another from the list below:

• Kaspersky Online Scanner ​

• Panda Active Scan​

• Trend Micro HouseCall​

• F-Secure Online Virus Scanner​

================

Download Bootkit Remover to your Desktop.

• You then need to extract the remover.exe file from the RAR using a program capable of extracting RAR compressed files. If you don't have an extraction program, you can use 7-Zip: http://www.7-zip.org/
• After extracting remover.exe to your Desktop, double-click on remover.exe to run the program (Vista/7 users,right click on remover.exe and click Run As Administrator.
• It will show a Black screen with some data on it.
• Right click on the screen and click Select All.
• Press CTRL+C
• Open a Notepad and press CTRL+V
• Post the output back here.

 

[mikmik12]

Ran Panda...couldn't run ESET

;***********************************************************************************************************************************************************************************
ANALYSIS: 2010-10-17 14:51:19
PROTECTIONS: 1
MALWARE: 36
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
AntiVir Desktop 10.0.1.44 No Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@trafficmp[2].txt
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@casalemedia[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No c:\documents and settings\mike\cookies\mike@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No c:\documents and settings\mike\cookies\mike@atdmt[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No c:\documents and settings\mike\cookies\mike@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@atdmt[2].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@247realmedia[2].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@fastclick[1].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@tribalfusion[2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@mediaplex[1].txt
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@linksynergy[2].txt
00147824 Cookie/Clickbank TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@clickbank[1].txt
00159564 Cookie/WUpd TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@revenue[2].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@com[1].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@statcounter[2].txt
00167760 Cookie/Hitslink TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@counter.hitslink[1].txt
00168048 Cookie/Overture TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@perf.overture[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No c:\documents and settings\mike\cookies\mike@ad.yieldmanager[3].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@ad.yieldmanager[2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No c:\documents and settings\mike\cookies\mike@ad.yieldmanager[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@apmebf[2].txt
00168076 Cookie/BurstNet TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@burstnet[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@bs.serving-sys[1].txt
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@www.burstbeacon[2].txt
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@server.iad.liveperson[2].txt
00168114 Cookie/onestat.com TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@stat.onestat[2].txt
00168114 Cookie/onestat.com TrackingCookie No 0 Yes No c:\documents and settings\mike\cookies\mike@stat.onestat[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@advertising[1].txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@adrevolver[3].txt
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@statse.webtrendslive[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No c:\documents and settings\mike\cookies\mike@ads.pointroll[3].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No c:\documents and settings\mike\cookies\mike@ads.pointroll[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@ads.pointroll[1].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@overture[1].txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@realmedia[1].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No c:\documents and settings\mike\cookies\mike@questionmarket[1].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@questionmarket[1].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@zedo[2].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@bluestreak[1].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@adrevolver[1].txt
00199984 Cookie/Searchportal TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@searchportal.information[1].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No c:\documents and settings\bec\cookies\bec@target[1].txt
03074964 Trj/CI.A Virus/Trojan No 0 Yes No c:\qoobox\quarantine\c\windows\system32\tutrol.dll.vir.vir
03074964 Trj/CI.A Virus/Trojan No 0 Yes No c:\qoobox\quarantine\c\windows\system32\ssqnkk.dll.vir
;===================================================================================================================================================================================
SUSPECTS
Sent Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description
;===================================================================================================================================================================================
223355 HIGH MS10-069
223353 HIGH MS10-067
223352 HIGH MS10-066
223349 HIGH MS10-063
223346 HIGH MS10-061
;===================================================================================================================================================================================

 

[mikmik12]

can't seem to get the bookit remover to run. even after i have downloaded the 7-Zip. i've tried to extract it with no luck. any ideas?

 

[mikmik12]

Seems like 223355 HIGH MS10-069
223353 HIGH MS10-067
223352 HIGH MS10-066
223349 HIGH MS10-063
223346 HIGH MS10-061
are bad news.

 

[crunchie]

Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

 

[mikmik12]

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000004c

Kernel Drivers (total 130):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E4000 \WINDOWS\system32\hal.dll
0xF7B73000 \WINDOWS\system32\KDCOM.DLL
0xF7A83000 \WINDOWS\system32\BOOTVID.dll
0xF7544000 ACPI.sys
0xF7B75000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF7533000 pci.sys
0xF7673000 isapnp.sys
0xF7C3B000 pciide.sys
0xF78F3000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF7683000 MountMgr.sys
0xF7514000 ftdisk.sys
0xF78FB000 PartMgr.sys
0xF7693000 VolSnap.sys
0xF74FC000 atapi.sys
0xF7435000 iaStor.sys
0xF76A3000 disk.sys
0xF76B3000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF7415000 fltmgr.sys
0xF7403000 sr.sys
0xF73ED000 DRVMCDB.SYS
0xF76C3000 PxHelp20.sys
0xF73D6000 KSecDD.sys
0xF7349000 Ntfs.sys
0xF731C000 NDIS.sys
0xF7302000 Mup.sys
0xF7763000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF5ED5000 \SystemRoot\system32\DRIVERS\igxpmp32.sys
0xF5EC1000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF5E80000 \SystemRoot\system32\DRIVERS\e1e5132.sys
0xF79AB000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF5E5C000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF79B3000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF5E34000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF79BB000 \SystemRoot\system32\DRIVERS\fdc.sys
0xF7773000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7B9B000 \SystemRoot\System32\Drivers\DLACDBHM.SYS
0xF64E4000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF64D4000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF5E11000 \SystemRoot\system32\DRIVERS\ks.sys
0xF79C3000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xF7D8A000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF64C4000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7B43000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF5DFA000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF64B4000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF64A4000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF79CB000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF5DE9000 \SystemRoot\system32\DRIVERS\psched.sys
0xF6494000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF79D3000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF79DB000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF6484000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF79E3000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF79EB000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF7B9D000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF5D8B000 \SystemRoot\system32\DRIVERS\update.sys
0xF7B4F000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF6464000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF7783000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF7BA3000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xAA110000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xAA0EC000 \SystemRoot\system32\drivers\portcls.sys
0xF77F3000 \SystemRoot\system32\drivers\drmk.sys
0xF6BF0000 \SystemRoot\System32\Drivers\i2omgmt.SYS
0xF7BBB000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7CCF000 \SystemRoot\System32\Drivers\Null.SYS
0xF7BBD000 \SystemRoot\System32\Drivers\Beep.SYS
0xF7A0B000 \SystemRoot\System32\Drivers\DLARTL_M.SYS
0xF7A13000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF7A1B000 \SystemRoot\System32\drivers\vga.sys
0xF7BBF000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7BC1000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF7A23000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF7A2B000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF7B13000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xAA051000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xA9FF8000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xA9FD0000 \SystemRoot\system32\DRIVERS\netbt.sys
0xA9FAA000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xA9F88000 \SystemRoot\System32\drivers\afd.sys
0xF7813000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF7823000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF7A33000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0xA9F35000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xA9EC5000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF7843000 \SystemRoot\System32\Drivers\Fips.SYS
0xA9E27000 \SystemRoot\system32\DRIVERS\avipbb.sys
0xF7B37000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xF7853000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xF7BC7000 \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys
0xF7A4B000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xF7A5B000 \SystemRoot\system32\DRIVERS\NuidFltr.sys
0xF7893000 \SystemRoot\system32\DRIVERS\WDFLDR.SYS
0xA8FF5000 \SystemRoot\system32\DRIVERS\Wdf01000.sys
0xAA0D8000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xAA0D0000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xA849F000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xA81EC000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF7C37000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF7B3B000 \SystemRoot\System32\drivers\Dxapi.sys
0xA824C000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7C83000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF024000 \SystemRoot\System32\igxpgd32.dll
0xBF012000 \SystemRoot\System32\igxprd32.dll
0xBF04E000 \SystemRoot\System32\igxpdv32.DLL
0xBF1F2000 \SystemRoot\System32\igxpdx32.DLL
0xA815F000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xF77D3000 \SystemRoot\System32\Drivers\DRVNDDM.SYS
0xF7CFD000 \SystemRoot\System32\DLA\DLADResM.SYS
0xA811F000 \SystemRoot\System32\DLA\DLAIFS_M.SYS
0xF7983000 \SystemRoot\System32\DLA\DLAOPIOM.SYS
0xF7BCB000 \SystemRoot\System32\DLA\DLAPoolM.SYS
0xF7993000 \SystemRoot\System32\DLA\DLABMFSM.SYS
0xF79A3000 \SystemRoot\System32\DLA\DLABOIOM.SYS
0xA8109000 \SystemRoot\System32\DLA\DLAUDFAM.SYS
0xA80F2000 \SystemRoot\System32\DLA\DLAUDF_M.SYS
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xA813B000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA7F0D000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xA7ED0000 \SystemRoot\system32\drivers\wdmaud.sys
0xF77B3000 \SystemRoot\system32\drivers\sysaudio.sys
0xF7BCF000 \SystemRoot\system32\DRIVERS\datunidr.sys
0xA7838000 \SystemRoot\system32\DRIVERS\srv.sys
0xA7397000 \SystemRoot\System32\Drivers\HTTP.sys
0xF7B91000 \??\C:\Program Files\DellAutomatedPCTuneUp\GTAction\triggers\PTproct.sys
0xA6AC7000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 53):
0 System Idle Process
4 System
624 C:\WINDOWS\system32\smss.exe
672 csrss.exe
696 C:\WINDOWS\system32\winlogon.exe
740 C:\WINDOWS\system32\services.exe
752 C:\WINDOWS\system32\lsass.exe
960 C:\WINDOWS\system32\svchost.exe
1032 svchost.exe
1128 C:\WINDOWS\system32\svchost.exe
1248 svchost.exe
1328 svchost.exe
1492 C:\WINDOWS\system32\spoolsv.exe
1544 C:\Program Files\Avira\AntiVir Desktop\sched.exe
1612 svchost.exe
1836 C:\WINDOWS\explorer.exe
1988 C:\WINDOWS\system32\hkcmd.exe
1996 C:\WINDOWS\system32\igfxpers.exe
2020 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
2036 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
2044 C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
140 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
128 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
180 C:\Program Files\Bonjour\mDNSResponder.exe
272 C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
300 C:\WINDOWS\system32\Brmfrmps.exe
468 C:\WINDOWS\system32\igfxsrvc.exe
520 C:\Program Files\Brother\ControlCenter2\brctrcen.exe
568 C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
616 C:\WINDOWS\RTHDCPL.EXE
648 C:\Program Files\Common Files\Java\Java Update\jusched.exe
976 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
968 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
1112 C:\Program Files\iTunes\iTunesHelper.exe
1304 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
1536 C:\Program Files\Java\jre6\bin\jqs.exe
1564 C:\WINDOWS\system32\rundll32.exe
1460 C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe
1740 C:\WINDOWS\system32\ctfmon.exe
228 C:\WINDOWS\system32\svchost.exe
1160 C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
2920 C:\Program Files\iPod\bin\iPodService.exe
2948 unsecapp.exe
3028 wmiprvse.exe
3272 alg.exe
4048 C:\WINDOWS\system32\svchost.exe
3264 C:\Program Files\Internet Explorer\iexplore.exe
3420 C:\Program Files\Internet Explorer\iexplore.exe
3848 C:\Program Files\Internet Explorer\iexplore.exe
4088 C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
3596 C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
2640 C:\Program Files\Internet Explorer\iexplore.exe
3820 C:\Documents and Settings\Mike\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`02f10c00 (NTFS)
\\.\G: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: HitachiHDS721616PLA380, Rev: P22OAB3A
PhysicalDrive1 Model Number: Maxtor2, Rev: 0344

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
149 GB \\.\PhysicalDrive1 RE: Unknown MBR code
SHA1: CEECB0630DEB98A912C967BD5561D0F2BFE7D8C6


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

 

[mikmik12]

Crunchie- you out there?

 

[crunchie]

Sorry, just got out of my sick bed. Got a killer flu .

====

Run MBRCheck again.

When it's done you'll see the following line:
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Press the Y key and then press Enter

When the program asks you to Enter your choice, enter 2 and press the Enter key.

Next the program will ask you to Enter the physical disk number to fix (0-99, -1 to cancel):
Enter 0 (zero) and press the Enter key.

Next the program will show Available MBR codes:, followed by a list of operating systems.
Please enter 1 for Windows XP, and then press Enter.

Next the program will prompt for confirmation.
Type YES and hit Enter.

When it's done there should be a text file with the results on your desktop.
Please copy and paste it back here.

Then reboot and run MBRCheck again and post that log.

 

[mikmik12]

Being sick is just not fun...hope you feel better.

Here is the log after the first run:

3ÀŽÐ¼ |ûPPü¾|¿PW¹å
ó¤Ë½¾±8n | uƒÅâôÍ‹õƒÆIt8,tö*µ´‹ð¬< tü» ´ÍëòˆNèF s*þF€~t€~ t*¶uÒ€FƒFƒV
è! s*¶ë¼>þ}Uªt€~ tÈ*·ë©‹üW‹õË¿ ŠV ´Ír#ŠÁ$?˜ŠÞŠüC÷ã‹Ñ†Ö±ÒîB÷â9V
w#r9Fs¸
» |‹N‹V ÍsQOtN2äŠV ÍëäŠV `»ªU´AÍr6ûUªu0öÁ
t+a`j j ÿv
ÿvj h |j
j´B‹ôÍaasOt2äŠV ÍëÖaùÃInvalid partition table Error loading operating system Missing operating system ,DcŒsôÐ

Þþ?? Gx
€
þÿÿ†x
vØž Uª

 

[mikmik12]

That last log doesn't seem right...let me know if I should run that again.

Then I rebooted and here is teh 2nd log:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000004c

Kernel Drivers (total 135):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E4000 \WINDOWS\system32\hal.dll
0xF7B73000 \WINDOWS\system32\KDCOM.DLL
0xF7A83000 \WINDOWS\system32\BOOTVID.dll
0xF7544000 ACPI.sys
0xF7B75000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF7533000 pci.sys
0xF7673000 isapnp.sys
0xF7C3B000 pciide.sys
0xF78F3000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF7683000 MountMgr.sys
0xF7514000 ftdisk.sys
0xF78FB000 PartMgr.sys
0xF7903000 pavboot.sys
0xF7693000 VolSnap.sys
0xF74FC000 atapi.sys
0xF7435000 iaStor.sys
0xF76A3000 disk.sys
0xF76B3000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF7415000 fltmgr.sys
0xF7403000 sr.sys
0xF73ED000 DRVMCDB.SYS
0xF76C3000 PxHelp20.sys
0xF73D6000 KSecDD.sys
0xF7349000 Ntfs.sys
0xF731C000 NDIS.sys
0xF7302000 Mup.sys
0xF77D3000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF6D3B000 \SystemRoot\system32\DRIVERS\igxpmp32.sys
0xF6D27000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF6CE6000 \SystemRoot\system32\DRIVERS\e1e5132.sys
0xF79FB000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF6CC2000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF7A03000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF6C9A000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF7A0B000 \SystemRoot\system32\DRIVERS\fdc.sys
0xF77E3000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7B9F000 \SystemRoot\System32\Drivers\DLACDBHM.SYS
0xF77F3000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF7803000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF6C77000 \SystemRoot\system32\DRIVERS\ks.sys
0xF7A13000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xF7DAB000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF7813000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7B3B000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF6C60000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF7823000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF7833000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF7A1B000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF6C4F000 \SystemRoot\system32\DRIVERS\psched.sys
0xF7843000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF7A23000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF7A2B000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF7853000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7A33000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF7A3B000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF7BA9000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF6BF1000 \SystemRoot\system32\DRIVERS\update.sys
0xF7B4F000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF7873000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF7893000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF7BAD000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xAA0C8000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xAA0A4000 \SystemRoot\system32\drivers\portcls.sys
0xF78B3000 \SystemRoot\system32\drivers\drmk.sys
0xF7B23000 \SystemRoot\System32\Drivers\i2omgmt.SYS
0xF7BBD000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7D6D000 \SystemRoot\System32\Drivers\Null.SYS
0xF7BBF000 \SystemRoot\System32\Drivers\Beep.SYS
0xF7A63000 \SystemRoot\System32\Drivers\DLARTL_M.SYS
0xF7A6B000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF7A73000 \SystemRoot\System32\drivers\vga.sys
0xF7BC1000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7BC3000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF7A7B000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF7913000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF7B2F000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xA9F6D000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xA9F14000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xA9EEC000 \SystemRoot\system32\DRIVERS\netbt.sys
0xA9EC6000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xA9EA4000 \SystemRoot\System32\drivers\afd.sys
0xF76F3000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF7703000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF7943000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0xA9E51000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xA9DE1000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF7723000 \SystemRoot\System32\Drivers\Fips.SYS
0xA9DBF000 \SystemRoot\system32\DRIVERS\avipbb.sys
0xF6BD1000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xF7733000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xF7BCB000 \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys
0xF794B000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xF795B000 \SystemRoot\system32\DRIVERS\NuidFltr.sys
0xF7753000 \SystemRoot\system32\DRIVERS\WDFLDR.SYS
0xA9CA4000 \SystemRoot\system32\DRIVERS\Wdf01000.sys
0xF6BC9000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xAA098000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xA9AD9000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xA8C2E000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF7C2D000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xAA0A0000 \SystemRoot\System32\drivers\Dxapi.sys
0xA8C8E000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7D2D000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF024000 \SystemRoot\System32\igxpgd32.dll
0xBF012000 \SystemRoot\System32\igxprd32.dll
0xBF04E000 \SystemRoot\System32\igxpdv32.DLL
0xBF1F2000 \SystemRoot\System32\igxpdx32.DLL
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xA8BA1000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xF77C3000 \SystemRoot\System32\Drivers\DRVNDDM.SYS
0xF7C98000 \SystemRoot\System32\DLA\DLADResM.SYS
0xA8B61000 \SystemRoot\System32\DLA\DLAIFS_M.SYS
0xA8C5E000 \SystemRoot\System32\DLA\DLAOPIOM.SYS
0xF7B91000 \SystemRoot\System32\DLA\DLAPoolM.SYS
0xA8C56000 \SystemRoot\System32\DLA\DLABMFSM.SYS
0xA8C4E000 \SystemRoot\System32\DLA\DLABOIOM.SYS
0xA8B4B000 \SystemRoot\System32\DLA\DLAUDFAM.SYS
0xA8B34000 \SystemRoot\System32\DLA\DLAUDF_M.SYS
0xA8B8D000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA894F000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xA8872000 \SystemRoot\system32\drivers\wdmaud.sys
0xA9AC9000 \SystemRoot\system32\drivers\sysaudio.sys
0xF7BFB000 \SystemRoot\system32\DRIVERS\datunidr.sys
0xA840A000 \SystemRoot\system32\DRIVERS\srv.sys
0xA7DB1000 \SystemRoot\System32\Drivers\HTTP.sys
0xF7C25000 \??\C:\Program Files\DellAutomatedPCTuneUp\GTAction\triggers\PTproct.sys
0xA7B2E000 \SystemRoot\system32\drivers\kmixer.sys
0xF7BE3000 \SystemRoot\system32\drivers\splitter.sys
0xA7B0B000 \SystemRoot\system32\drivers\aec.sys
0xA821A000 \SystemRoot\system32\drivers\swmidi.sys
0xA7E2A000 \SystemRoot\system32\drivers\DMusic.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 51):
0 System Idle Process
4 System
632 C:\WINDOWS\system32\smss.exe
680 csrss.exe
704 C:\WINDOWS\system32\winlogon.exe
752 C:\WINDOWS\system32\services.exe
764 C:\WINDOWS\system32\lsass.exe
984 C:\WINDOWS\system32\svchost.exe
1056 svchost.exe
1156 C:\WINDOWS\system32\svchost.exe
1264 svchost.exe
1368 svchost.exe
1544 C:\WINDOWS\system32\spoolsv.exe
1596 C:\Program Files\Avira\AntiVir Desktop\sched.exe
1688 svchost.exe
1896 C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe
1932 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
1956 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1984 C:\Program Files\Bonjour\mDNSResponder.exe
2020 C:\WINDOWS\system32\Brmfrmps.exe
120 C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
176 C:\WINDOWS\explorer.exe
448 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
616 C:\Program Files\Java\jre6\bin\jqs.exe
792 C:\WINDOWS\system32\svchost.exe
1336 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
1388 C:\WINDOWS\system32\wuauclt.exe
1712 C:\WINDOWS\system32\hkcmd.exe
1768 C:\WINDOWS\system32\igfxpers.exe
1824 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
1844 C:\WINDOWS\system32\igfxsrvc.exe
1848 C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
1876 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
168 C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
300 C:\Program Files\Brother\ControlCenter2\brctrcen.exe
408 C:\WINDOWS\RTHDCPL.EXE
428 C:\Program Files\Common Files\Java\Java Update\jusched.exe
460 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
520 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
572 C:\Program Files\iTunes\iTunesHelper.exe
1284 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
1316 C:\WINDOWS\system32\rundll32.exe
1656 C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe
1796 C:\WINDOWS\system32\ctfmon.exe
2168 C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
2940 unsecapp.exe
3268 wmiprvse.exe
3400 C:\Program Files\iPod\bin\iPodService.exe
3528 alg.exe
4076 C:\WINDOWS\system32\svchost.exe
2228 C:\Documents and Settings\Mike\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`02f10c00 (NTFS)
\\.\G: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: HitachiHDS721616PLA380, Rev: P22OAB3A
PhysicalDrive1 Model Number: Maxtor2, Rev: 0344

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
149 GB \\.\PhysicalDrive1 RE: Unknown MBR code
SHA1: CEECB0630DEB98A912C967BD5561D0F2BFE7D8C6


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!

 

[mikmik12]

ran that again..here you go:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000004c

Kernel Drivers (total 130):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E4000 \WINDOWS\system32\hal.dll
0xF7B73000 \WINDOWS\system32\KDCOM.DLL
0xF7A83000 \WINDOWS\system32\BOOTVID.dll
0xF7544000 ACPI.sys
0xF7B75000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF7533000 pci.sys
0xF7673000 isapnp.sys
0xF7C3B000 pciide.sys
0xF78F3000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF7683000 MountMgr.sys
0xF7514000 ftdisk.sys
0xF78FB000 PartMgr.sys
0xF7903000 pavboot.sys
0xF7693000 VolSnap.sys
0xF74FC000 atapi.sys
0xF7435000 iaStor.sys
0xF76A3000 disk.sys
0xF76B3000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF7415000 fltmgr.sys
0xF7403000 sr.sys
0xF73ED000 DRVMCDB.SYS
0xF76C3000 PxHelp20.sys
0xF73D6000 KSecDD.sys
0xF7349000 Ntfs.sys
0xF731C000 NDIS.sys
0xF7302000 Mup.sys
0xF77D3000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF6D3B000 \SystemRoot\system32\DRIVERS\igxpmp32.sys
0xF6D27000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF6CE6000 \SystemRoot\system32\DRIVERS\e1e5132.sys
0xF79FB000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF6CC2000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF7A03000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF6C9A000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF7A0B000 \SystemRoot\system32\DRIVERS\fdc.sys
0xF77E3000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7B9F000 \SystemRoot\System32\Drivers\DLACDBHM.SYS
0xF77F3000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF7803000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF6C77000 \SystemRoot\system32\DRIVERS\ks.sys
0xF7A13000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xF7DAB000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF7813000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7B3B000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF6C60000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF7823000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF7833000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF7A1B000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF6C4F000 \SystemRoot\system32\DRIVERS\psched.sys
0xF7843000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF7A23000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF7A2B000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF7853000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7A33000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF7A3B000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF7BA9000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF6BF1000 \SystemRoot\system32\DRIVERS\update.sys
0xF7B4F000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF7873000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF7893000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF7BAD000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xAA0C8000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xAA0A4000 \SystemRoot\system32\drivers\portcls.sys
0xF78B3000 \SystemRoot\system32\drivers\drmk.sys
0xF7B23000 \SystemRoot\System32\Drivers\i2omgmt.SYS
0xF7BBD000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7D6D000 \SystemRoot\System32\Drivers\Null.SYS
0xF7BBF000 \SystemRoot\System32\Drivers\Beep.SYS
0xF7A63000 \SystemRoot\System32\Drivers\DLARTL_M.SYS
0xF7A6B000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF7A73000 \SystemRoot\System32\drivers\vga.sys
0xF7BC1000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7BC3000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF7A7B000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF7913000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF7B2F000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xA9F6D000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xA9F14000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xA9EEC000 \SystemRoot\system32\DRIVERS\netbt.sys
0xA9EC6000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xA9EA4000 \SystemRoot\System32\drivers\afd.sys
0xF76F3000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF7703000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF7943000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0xA9E51000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xA9DE1000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF7723000 \SystemRoot\System32\Drivers\Fips.SYS
0xA9DBF000 \SystemRoot\system32\DRIVERS\avipbb.sys
0xF6BD1000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xF7733000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xF7BCB000 \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys
0xF794B000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xF795B000 \SystemRoot\system32\DRIVERS\NuidFltr.sys
0xF7753000 \SystemRoot\system32\DRIVERS\WDFLDR.SYS
0xA9CA4000 \SystemRoot\system32\DRIVERS\Wdf01000.sys
0xF6BC9000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xAA098000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xA9AD9000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xA8C2E000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF7C2D000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xAA0A0000 \SystemRoot\System32\drivers\Dxapi.sys
0xA8C8E000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7D2D000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF024000 \SystemRoot\System32\igxpgd32.dll
0xBF012000 \SystemRoot\System32\igxprd32.dll
0xBF04E000 \SystemRoot\System32\igxpdv32.DLL
0xBF1F2000 \SystemRoot\System32\igxpdx32.DLL
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xA8BA1000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xF77C3000 \SystemRoot\System32\Drivers\DRVNDDM.SYS
0xF7C98000 \SystemRoot\System32\DLA\DLADResM.SYS
0xA8B61000 \SystemRoot\System32\DLA\DLAIFS_M.SYS
0xA8C5E000 \SystemRoot\System32\DLA\DLAOPIOM.SYS
0xF7B91000 \SystemRoot\System32\DLA\DLAPoolM.SYS
0xA8C56000 \SystemRoot\System32\DLA\DLABMFSM.SYS
0xA8C4E000 \SystemRoot\System32\DLA\DLABOIOM.SYS
0xA8B4B000 \SystemRoot\System32\DLA\DLAUDFAM.SYS
0xA8B34000 \SystemRoot\System32\DLA\DLAUDF_M.SYS
0xA8B8D000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA894F000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xA8872000 \SystemRoot\system32\drivers\wdmaud.sys
0xA9AC9000 \SystemRoot\system32\drivers\sysaudio.sys
0xF7BFB000 \SystemRoot\system32\DRIVERS\datunidr.sys
0xA840A000 \SystemRoot\system32\DRIVERS\srv.sys
0xA7DB1000 \SystemRoot\System32\Drivers\HTTP.sys
0xF7C25000 \??\C:\Program Files\DellAutomatedPCTuneUp\GTAction\triggers\PTproct.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 52):
0 System Idle Process
4 System
632 C:\WINDOWS\system32\smss.exe
680 csrss.exe
704 C:\WINDOWS\system32\winlogon.exe
752 C:\WINDOWS\system32\services.exe
764 C:\WINDOWS\system32\lsass.exe
984 C:\WINDOWS\system32\svchost.exe
1056 svchost.exe
1156 C:\WINDOWS\system32\svchost.exe
1264 svchost.exe
1368 svchost.exe
1544 C:\WINDOWS\system32\spoolsv.exe
1596 C:\Program Files\Avira\AntiVir Desktop\sched.exe
1688 svchost.exe
1932 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
1956 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1984 C:\Program Files\Bonjour\mDNSResponder.exe
2020 C:\WINDOWS\system32\Brmfrmps.exe
120 C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
176 C:\WINDOWS\explorer.exe
448 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
616 C:\Program Files\Java\jre6\bin\jqs.exe
792 C:\WINDOWS\system32\svchost.exe
1336 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
1388 C:\WINDOWS\system32\wuauclt.exe
1712 C:\WINDOWS\system32\hkcmd.exe
1768 C:\WINDOWS\system32\igfxpers.exe
1824 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
1844 C:\WINDOWS\system32\igfxsrvc.exe
1848 C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
1876 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
168 C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
300 C:\Program Files\Brother\ControlCenter2\brctrcen.exe
408 C:\WINDOWS\RTHDCPL.EXE
428 C:\Program Files\Common Files\Java\Java Update\jusched.exe
520 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
572 C:\Program Files\iTunes\iTunesHelper.exe
1284 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
1316 C:\WINDOWS\system32\rundll32.exe
1656 C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe
1796 C:\WINDOWS\system32\ctfmon.exe
2168 C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
2940 unsecapp.exe
3268 wmiprvse.exe
3400 C:\Program Files\iPod\bin\iPodService.exe
3528 alg.exe
4076 C:\WINDOWS\system32\svchost.exe
2780 C:\Program Files\Internet Explorer\iexplore.exe
2848 C:\Program Files\Internet Explorer\iexplore.exe
3372 C:\Program Files\Yahoo!\Companion\Installs\cpn\ytbb.exe
836 C:\Documents and Settings\Mike\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`02f10c00 (NTFS)
\\.\G: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: HitachiHDS721616PLA380, Rev: P22OAB3A
PhysicalDrive1 Model Number: Maxtor2, Rev: 0344

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
149 GB \\.\PhysicalDrive1 RE: Unknown MBR code
SHA1: CEECB0630DEB98A912C967BD5561D0F2BFE7D8C6


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice: Enter the physical disk number to fix (0-99, -1 to cancel): 0Available MBR codes:
[ 0] Default (Windows XP)
[ 1] Windows XP
[ 2] Windows Server 2003
[ 3] Windows Vista
[ 4] Windows 2008
[ 5] Windows 7
[-1] Cancel

Please select the MBR code to write to this drive: 1
Do you want to fix the MBR code? Type 'YES' and hit ENTER to continue: yes
Successfully wrote new MBR code!
Please reboot your computer to complete the fix.


Done!

Thanks, and hope you start feeling better.

 

[crunchie]

Feeling a little better today, thank you .

Let's just try once more:

Run MBRCheck again.

When it's done you'll see the following line:
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Press the Y key and then press Enter

When the program asks you to Enter your choice, enter 2 and press the Enter key.

Next the program will ask you to Enter the physical disk number to fix (0-99, -1 to cancel):
Enter 1 (zero) and press the Enter key.

Next the program will show Available MBR codes:, followed by a list of operating systems.
Please enter 1 for Windows XP, and then press Enter.

Next the program will prompt for confirmation.
Type YES and hit Enter.

When it's done there should be a text file with the results on your desktop.
Please copy and paste it back here.

Then reboot and run MBRCheck again and post that log.

 

[mikmik12]

glad to hear you are feeling better.
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000004c

Kernel Drivers (total 131):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E4000 \WINDOWS\system32\hal.dll
0xF7B73000 \WINDOWS\system32\KDCOM.DLL
0xF7A83000 \WINDOWS\system32\BOOTVID.dll
0xF7544000 ACPI.sys
0xF7B75000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF7533000 pci.sys
0xF7673000 isapnp.sys
0xF7C3B000 pciide.sys
0xF78F3000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF7683000 MountMgr.sys
0xF7514000 ftdisk.sys
0xF78FB000 PartMgr.sys
0xF7903000 pavboot.sys
0xF7693000 VolSnap.sys
0xF74FC000 atapi.sys
0xF7435000 iaStor.sys
0xF76A3000 disk.sys
0xF76B3000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF7415000 fltmgr.sys
0xF7403000 sr.sys
0xF73ED000 DRVMCDB.SYS
0xF76C3000 PxHelp20.sys
0xF73D6000 KSecDD.sys
0xF7349000 Ntfs.sys
0xF731C000 NDIS.sys
0xF7302000 Mup.sys
0xF7793000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF6D3B000 \SystemRoot\system32\DRIVERS\igxpmp32.sys
0xF6D27000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF6CE6000 \SystemRoot\system32\DRIVERS\e1e5132.sys
0xF79FB000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF6CC2000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF7A03000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF6C9A000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF7A0B000 \SystemRoot\system32\DRIVERS\fdc.sys
0xF77A3000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7BA3000 \SystemRoot\System32\Drivers\DLACDBHM.SYS
0xF77B3000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF77C3000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF6C77000 \SystemRoot\system32\DRIVERS\ks.sys
0xF7A13000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xF7D97000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF77D3000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7B3B000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF6C60000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF77E3000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF77F3000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF7A1B000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF6C4F000 \SystemRoot\system32\DRIVERS\psched.sys
0xF7803000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF7A23000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF7A2B000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF7813000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7A33000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF7A3B000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF7BA5000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF6BF1000 \SystemRoot\system32\DRIVERS\update.sys
0xF7B47000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF7833000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF7853000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF7BA9000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xAA070000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xAA04C000 \SystemRoot\system32\drivers\portcls.sys
0xF7893000 \SystemRoot\system32\drivers\drmk.sys
0xF7B23000 \SystemRoot\System32\Drivers\i2omgmt.SYS
0xF7BB5000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7CAC000 \SystemRoot\System32\Drivers\Null.SYS
0xF7BB7000 \SystemRoot\System32\Drivers\Beep.SYS
0xF7A53000 \SystemRoot\System32\Drivers\DLARTL_M.SYS
0xF7A5B000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF7A63000 \SystemRoot\System32\drivers\vga.sys
0xF7BB9000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7BBB000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF7A6B000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF7A73000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF7B2F000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xA9FC9000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xA9F70000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xA9F22000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xA9EFA000 \SystemRoot\system32\DRIVERS\netbt.sys
0xF78B3000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xA9ED8000 \SystemRoot\System32\drivers\afd.sys
0xF78C3000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF7A7B000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0xA9EAD000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xA9E3D000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF78E3000 \SystemRoot\System32\Drivers\Fips.SYS
0xF6BC4000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xF76F3000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xA9E1B000 \SystemRoot\system32\DRIVERS\avipbb.sys
0xF7BC1000 \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys
0xF7913000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xF794B000 \SystemRoot\system32\DRIVERS\NuidFltr.sys
0xF7713000 \SystemRoot\system32\DRIVERS\WDFLDR.SYS
0xA9D00000 \SystemRoot\system32\DRIVERS\Wdf01000.sys
0xF6BC0000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xF6BB8000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xA9A91000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xA88C6000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF7C0D000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF7B2B000 \SystemRoot\System32\drivers\Dxapi.sys
0xA9BC1000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7D98000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF024000 \SystemRoot\System32\igxpgd32.dll
0xBF04E000 \SystemRoot\System32\igxpdv32.DLL
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xA8811000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xA88FE000 \SystemRoot\System32\Drivers\DRVNDDM.SYS
0xF7D7D000 \SystemRoot\System32\DLA\DLADResM.SYS
0xA87F9000 \SystemRoot\System32\DLA\DLAIFS_M.SYS
0xA9BB9000 \SystemRoot\System32\DLA\DLAOPIOM.SYS
0xF7C19000 \SystemRoot\System32\DLA\DLAPoolM.SYS
0xA8C8E000 \SystemRoot\System32\DLA\DLABMFSM.SYS
0xA8C86000 \SystemRoot\System32\DLA\DLABOIOM.SYS
0xA87E3000 \SystemRoot\System32\DLA\DLAUDFAM.SYS
0xA87CC000 \SystemRoot\System32\DLA\DLAUDF_M.SYS
0xA8846000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA860F000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xF7C39000 \SystemRoot\system32\DRIVERS\datunidr.sys
0xA8427000 \SystemRoot\system32\DRIVERS\srv.sys
0xA8052000 \SystemRoot\system32\drivers\wdmaud.sys
0xA8587000 \SystemRoot\system32\drivers\sysaudio.sys
0xA7DFE000 \SystemRoot\System32\Drivers\HTTP.sys
0xBFF50000 \SystemRoot\System32\TSDDD.dll
0xBF012000 \SystemRoot\System32\igxprd32.dll
0xBF1F2000 \SystemRoot\System32\igxpdx32.DLL
0xF7BE7000 \??\C:\Program Files\DellAutomatedPCTuneUp\GTAction\triggers\PTproct.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 69):
0 System Idle Process
4 System
632 C:\WINDOWS\system32\smss.exe
680 csrss.exe
704 C:\WINDOWS\system32\winlogon.exe
752 C:\WINDOWS\system32\services.exe
764 C:\WINDOWS\system32\lsass.exe
992 C:\WINDOWS\system32\svchost.exe
1064 svchost.exe
1164 C:\WINDOWS\system32\svchost.exe
1292 svchost.exe
1372 svchost.exe
1544 C:\WINDOWS\system32\spoolsv.exe
1596 C:\Program Files\Avira\AntiVir Desktop\sched.exe
1688 svchost.exe
1736 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
1756 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1776 C:\Program Files\Bonjour\mDNSResponder.exe
1816 C:\WINDOWS\system32\Brmfrmps.exe
1860 C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
136 C:\Program Files\Java\jre6\bin\jqs.exe
204 C:\WINDOWS\system32\svchost.exe
212 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
2024 unsecapp.exe
2032 alg.exe
440 wmiprvse.exe
3248 C:\WINDOWS\explorer.exe
3448 C:\WINDOWS\system32\hkcmd.exe
3480 C:\WINDOWS\system32\igfxsrvc.exe
3520 C:\WINDOWS\system32\igfxpers.exe
3648 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
3680 C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
3764 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
3888 C:\WINDOWS\system32\svchost.exe
3900 C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
4056 C:\Program Files\Brother\ControlCenter2\brctrcen.exe
452 C:\WINDOWS\RTHDCPL.EXE
472 C:\Program Files\Common Files\Java\Java Update\jusched.exe
928 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
1124 C:\Program Files\iTunes\iTunesHelper.exe
108 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
1060 C:\WINDOWS\system32\rundll32.exe
1700 C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe
468 C:\WINDOWS\system32\ctfmon.exe
836 C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
2232 C:\Program Files\iPod\bin\iPodService.exe
1500 csrss.exe
4024 C:\WINDOWS\system32\winlogon.exe
1288 explorer.exe
2896 igfxtray.exe
2932 hkcmd.exe
2964 igfxpers.exe
2904 issch.exe
3244 DrgToDsc.exe
2768 PDVDDXSrv.exe
2700 GoogleDesktop.exe
4036 pptd40nt.exe
2424 brctrcen.exe
3396 RTHDCPL.EXE
2604 jusched.exe
1520 igfxsrvc.exe
3064 iTunesHelper.exe
2160 avgnt.exe
1156 rundll32.exe
3196 ctfmon.exe
2304 GoogleDesktop.exe
3660 C:\Program Files\Internet Explorer\iexplore.exe
2020 C:\Program Files\Internet Explorer\iexplore.exe
168 C:\Documents and Settings\Mike\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`02f10c00 (NTFS)
\\.\G: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: HitachiHDS721616PLA380, Rev: P22OAB3A
PhysicalDrive1 Model Number: Maxtor2, Rev: 0344

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
149 GB \\.\PhysicalDrive1 RE: Unknown MBR code
SHA1: CEECB0630DEB98A912C967BD5561D0F2BFE7D8C6


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice: Enter the physical disk number to fix (0-99, -1 to cancel): 1Available MBR codes:
[ 0] Default (Windows XP)
[ 1] Windows XP
[ 2] Windows Server 2003
[ 3] Windows Vista
[ 4] Windows 2008
[ 5] Windows 7
[-1] Cancel

Please select the MBR code to write to this drive: 1
Do you want to fix the MBR code? Type 'YES' and hit ENTER to continue: yes
RE: Successfully wrote new MBR code!
Please reboot your computer to complete the fix.


Done!


still getting redirected on web searches...?

 

[crunchie]

I have uploaded the first bootkit_remover tool that asked you to run.
Please see if you can run it following my previous instructions.

 

[mikmik12]

nothing...just pulls up black screen with no other info

 

[crunchie]

Do you have your Windows CD and is this system a dual boot with two physical drives?

 

[mikmik12]

I can probably dig up the windows CD's hopefully...I don't think this is two physical drives. Just the hard drive and an external. There are two users that are separate...

 

[crunchie]

The log is reading two physical drives here:

149 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
149 GB \\.\PhysicalDrive1 RE: Unknown MBR code
SHA1: CEECB0630DEB98A912C967BD5561D0F2BFE7D8C6

Drive0 looks ok but drive1 seems to be having the problem.

So this does not have two operating systems installed?

 

[mikmik12]

no just the one. i have an external harddrive attatched but don't have two drives running? just the two log ons...

 

[mikmik12]

Anyway to figure out what that second drive is?

 

[crunchie]

Just got a 2nd opinion and that MBR is fine.

Can you try this please:

Please read carefully and follow these steps.

• Download TDSSKiller and save it to your Desktop.
• Extract its contents to your desktop.
• Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  
  
• If an infected file is detected, the default action will be Cure, click on Continue.
  
  
• If a suspicious file is detected, the default action will be Skip, click on Continue.
  
  
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  
  
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

 

[mikmik12]

Here you go...

2010/10/23 12:18:14.0812 TDSS rootkit removing tool 2.4.4.0 Oct 4 2010 09:06:59
2010/10/23 12:18:14.0812 ================================================================================
2010/10/23 12:18:14.0812 SystemInfo:
2010/10/23 12:18:14.0812
2010/10/23 12:18:14.0812 OS Version: 5.1.2600 ServicePack: 3.0
2010/10/23 12:18:14.0812 Product type: Workstation
2010/10/23 12:18:14.0812 ComputerName: VOSTRO
2010/10/23 12:18:14.0812 UserName: Mike
2010/10/23 12:18:14.0812 Windows directory: C:\WINDOWS
2010/10/23 12:18:14.0812 System windows directory: C:\WINDOWS
2010/10/23 12:18:14.0812 Processor architecture: Intel x86
2010/10/23 12:18:14.0812 Number of processors: 2
2010/10/23 12:18:14.0812 Page size: 0x1000
2010/10/23 12:18:14.0812 Boot type: Normal boot
2010/10/23 12:18:14.0812 ================================================================================
2010/10/23 12:18:15.0765 Initialize success
2010/10/23 12:18:17.0968 ================================================================================
2010/10/23 12:18:17.0968 Scan started
2010/10/23 12:18:17.0968 Mode: Manual;
2010/10/23 12:18:17.0968 ================================================================================
2010/10/23 12:18:18.0703 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2010/10/23 12:18:18.0750 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/10/23 12:18:18.0765 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/10/23 12:18:18.0796 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2010/10/23 12:18:18.0843 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/10/23 12:18:18.0890 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2010/10/23 12:18:18.0937 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2010/10/23 12:18:18.0953 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2010/10/23 12:18:18.0984 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2010/10/23 12:18:19.0046 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2010/10/23 12:18:19.0062 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2010/10/23 12:18:19.0078 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2010/10/23 12:18:19.0093 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2010/10/23 12:18:19.0140 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2010/10/23 12:18:19.0203 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2010/10/23 12:18:19.0250 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2010/10/23 12:18:19.0281 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2010/10/23 12:18:19.0296 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2010/10/23 12:18:19.0328 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/10/23 12:18:19.0343 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/10/23 12:18:19.0390 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/10/23 12:18:19.0468 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/10/23 12:18:19.0609 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2010/10/23 12:18:19.0640 avgntflt (a88d29d928ad2b830e87b53e3f9bc182) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2010/10/23 12:18:19.0703 avipbb (1289e9a5d9118a25a13c0009519088e3) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2010/10/23 12:18:19.0703 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/10/23 12:18:19.0765 brfilt (4ba311473e0d8557827e6f2fe33a8095) C:\WINDOWS\system32\Drivers\Brfilt.sys
2010/10/23 12:18:19.0781 BrSerWDM (791ef93168dcf057715493d607e37983) C:\WINDOWS\system32\Drivers\BrSerWdm.sys
2010/10/23 12:18:19.0796 BrUsbMdm (37e2d0b12ddf536cd64af6eb3b580ef8) C:\WINDOWS\system32\Drivers\BrUsbMdm.sys
2010/10/23 12:18:19.0796 BrUsbScn (1c5f014048e5b2748c1a8ad297c50b6f) C:\WINDOWS\system32\Drivers\BrUsbScn.sys
2010/10/23 12:18:20.0015 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2010/10/23 12:18:20.0031 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/10/23 12:18:20.0062 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2010/10/23 12:18:20.0093 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/10/23 12:18:20.0125 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/10/23 12:18:20.0140 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/10/23 12:18:20.0250 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2010/10/23 12:18:20.0281 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2010/10/23 12:18:20.0296 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2010/10/23 12:18:20.0312 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2010/10/23 12:18:20.0343 datunidr (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\datunidr.sys
2010/10/23 12:18:20.0390 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/10/23 12:18:20.0453 DLABMFSM (0659e6e0a95564f958d9df7313f7701e) C:\WINDOWS\system32\DLA\DLABMFSM.SYS
2010/10/23 12:18:20.0453 DLABOIOM (8691c78908f0bd66170669db268369f2) C:\WINDOWS\system32\DLA\DLABOIOM.SYS
2010/10/23 12:18:20.0468 DLACDBHM (76167b5eb2dffc729edc36386876b40b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
2010/10/23 12:18:20.0484 DLADResM (5615744a1056933b90e6ac54feb86f35) C:\WINDOWS\system32\DLA\DLADResM.SYS
2010/10/23 12:18:20.0484 DLAIFS_M (1aeca2afa5005ce4a550cf8eb55a8c88) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
2010/10/23 12:18:20.0500 DLAOPIOM (840e7f6abb885c72b9ffddb022ef5b6d) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
2010/10/23 12:18:20.0500 DLAPoolM (0294d18731ac05da80132ce88f8a876b) C:\WINDOWS\system32\DLA\DLAPoolM.SYS
2010/10/23 12:18:20.0515 DLARTL_M (91886fed52a3f9966207bce46cfd794f) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
2010/10/23 12:18:20.0531 DLAUDFAM (cca4e121d599d7d1706a30f603731e59) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
2010/10/23 12:18:20.0531 DLAUDF_M (7dab85c33135df24419951da4e7d38e5) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
2010/10/23 12:18:20.0593 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2010/10/23 12:18:20.0984 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2010/10/23 12:18:21.0015 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/10/23 12:18:21.0046 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/10/23 12:18:21.0093 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2010/10/23 12:18:21.0156 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/10/23 12:18:21.0218 DRVMCDB (c00440385cf9f3d142917c63f989e244) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
2010/10/23 12:18:21.0218 DRVNDDM (6e6ab29d3c06e64ce81feacda85394b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
2010/10/23 12:18:21.0265 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2010/10/23 12:18:21.0281 e1express (34aaa3b298a852b3663e6e0d94d12945) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
2010/10/23 12:18:21.0312 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/10/23 12:18:21.0375 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/10/23 12:18:21.0421 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2010/10/23 12:18:21.0453 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/10/23 12:18:21.0468 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/10/23 12:18:21.0484 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/10/23 12:18:21.0500 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/10/23 12:18:21.0546 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2010/10/23 12:18:21.0609 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/10/23 12:18:21.0640 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2010/10/23 12:18:21.0656 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/10/23 12:18:21.0718 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2010/10/23 12:18:21.0781 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/10/23 12:18:21.0828 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2010/10/23 12:18:21.0859 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2010/10/23 12:18:21.0875 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/10/23 12:18:22.0015 ialm (28423512370705aeda6a652fedb25468) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2010/10/23 12:18:22.0234 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\WINDOWS\system32\drivers\iaStor.sys
2010/10/23 12:18:22.0281 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/10/23 12:18:22.0312 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2010/10/23 12:18:22.0437 IntcAzAudAddService (17bbbabb21f86b650b2626045a9d016c) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2010/10/23 12:18:22.0562 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2010/10/23 12:18:22.0609 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/10/23 12:18:22.0625 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/10/23 12:18:22.0656 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/10/23 12:18:22.0671 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/10/23 12:18:22.0703 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/10/23 12:18:22.0765 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/10/23 12:18:22.0781 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/10/23 12:18:22.0812 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/10/23 12:18:22.0875 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/10/23 12:18:22.0921 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2010/10/23 12:18:22.0984 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/10/23 12:18:23.0031 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/10/23 12:18:23.0125 mf (a7da20ab18a1bdae28b0f349e57da0d1) C:\WINDOWS\system32\DRIVERS\mf.sys
2010/10/23 12:18:23.0125 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/10/23 12:18:23.0140 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2010/10/23 12:18:23.0171 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/10/23 12:18:23.0234 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/10/23 12:18:23.0281 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/10/23 12:18:23.0312 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2010/10/23 12:18:23.0328 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/10/23 12:18:23.0359 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/10/23 12:18:23.0406 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/10/23 12:18:23.0437 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/10/23 12:18:23.0468 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/10/23 12:18:23.0500 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/10/23 12:18:23.0531 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/10/23 12:18:23.0546 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/10/23 12:18:23.0640 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/10/23 12:18:23.0687 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/10/23 12:18:23.0703 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/10/23 12:18:23.0703 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/10/23 12:18:23.0734 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/10/23 12:18:23.0750 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/10/23 12:18:23.0796 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/10/23 12:18:23.0828 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/10/23 12:18:23.0843 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/10/23 12:18:23.0921 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
2010/10/23 12:18:23.0968 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/10/23 12:18:24.0031 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2010/10/23 12:18:24.0125 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/10/23 12:18:24.0140 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/10/23 12:18:24.0187 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/10/23 12:18:24.0218 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/10/23 12:18:24.0234 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/10/23 12:18:24.0250 pavboot (3adb8bd6154a3ef87496e8fce9c22493) C:\WINDOWS\system32\drivers\pavboot.sys
2010/10/23 12:18:24.0312 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/10/23 12:18:24.0328 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/10/23 12:18:24.0359 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/10/23 12:18:24.0406 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2010/10/23 12:18:24.0421 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2010/10/23 12:18:24.0468 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/10/23 12:18:24.0500 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/10/23 12:18:24.0500 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/10/23 12:18:24.0625 PTproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellAutomatedPCTuneUp\GTAction\triggers\PTproct.sys
2010/10/23 12:18:24.0671 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2010/10/23 12:18:24.0703 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2010/10/23 12:18:24.0718 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2010/10/23 12:18:24.0734 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2010/10/23 12:18:24.0765 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2010/10/23 12:18:24.0796 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2010/10/23 12:18:24.0843 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/10/23 12:18:24.0890 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/10/23 12:18:24.0937 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/10/23 12:18:24.0953 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/10/23 12:18:24.0984 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/10/23 12:18:25.0000 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/10/23 12:18:25.0015 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/10/23 12:18:25.0078 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/10/23 12:18:25.0109 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/10/23 12:18:25.0171 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/10/23 12:18:25.0203 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/10/23 12:18:25.0250 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/10/23 12:18:25.0265 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/10/23 12:18:25.0328 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2010/10/23 12:18:25.0375 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2010/10/23 12:18:25.0421 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/10/23 12:18:25.0468 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/10/23 12:18:25.0531 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/10/23 12:18:25.0593 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2010/10/23 12:18:25.0656 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/10/23 12:18:25.0671 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/10/23 12:18:25.0703 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2010/10/23 12:18:25.0718 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2010/10/23 12:18:25.0765 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2010/10/23 12:18:25.0765 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2010/10/23 12:18:25.0796 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/10/23 12:18:25.0859 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/10/23 12:18:25.0906 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/10/23 12:18:25.0968 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/10/23 12:18:26.0015 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/10/23 12:18:26.0062 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2010/10/23 12:18:26.0109 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/10/23 12:18:26.0140 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2010/10/23 12:18:26.0187 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/10/23 12:18:26.0281 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
2010/10/23 12:18:26.0328 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/10/23 12:18:26.0375 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/10/23 12:18:26.0406 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/10/23 12:18:26.0406 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/10/23 12:18:26.0421 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/10/23 12:18:26.0437 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/10/23 12:18:26.0500 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/10/23 12:18:26.0515 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2010/10/23 12:18:26.0562 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2010/10/23 12:18:26.0593 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/10/23 12:18:26.0625 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/10/23 12:18:26.0687 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2010/10/23 12:18:26.0781 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/10/23 12:18:26.0953 ================================================================================
2010/10/23 12:18:26.0953 Scan finished
2010/10/23 12:18:26.0953 ================================================================================