also @ TechSpot: 'Supercapacitor' could fully charge your phone in less than 30 seconds

TechSpot

TechSpot News Products Downloads Forums

About
Sign in

Welcome to TechSpot

Why should I register?

Sign up for a new account or log in here:

Forgot your password?

Couldn't sign you in, please try again.

Virus/malware that keeps coming back despite being removed with Malwarebytes

Discussion in 'Virus and Malware Removal' started by lunsk, Feb 28, 2012.

Post New Reply

Page 2 of 6

lunsk Newcomer, in training Posts: 62

Also, I can't turn on my Firewall for some reason saying "Due to an unidentified problem, Windows cannot display Windows Firewall settings"

I don't get popups anymore when I open Firefox though

Edit: Nevermind, I'm still getting popups

lunsk, Feb 29, 2012

#21
Broni Malware Annihilator Posts: 39,313 +175
Download TDSSKiller and save it to your desktop.

Extract (unzip) its contents to your desktop.

Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.

If an infected file is detected, the default action will be Cure, click on Continue.

If a suspicious file is detected, the default action will be Skip, click on Continue.

It may ask you to reboot the computer to complete the process. Click on Reboot Now.

If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.

If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
Broni, Feb 29, 2012

#22
lunsk Newcomer, in training Posts: 62

It produced a log this time

15:31:03.0781 5344 TDSS rootkit removing tool 2.7.17.0 Feb 29 2012 14:02:24
15:31:04.0246 5344 ============================================================
15:31:04.0246 5344 Current date / time: 2012/02/29 15:31:04.0246
15:31:04.0246 5344 SystemInfo:
15:31:04.0246 5344
15:31:04.0246 5344 OS Version: 6.0.6001 ServicePack: 1.0
15:31:04.0246 5344 Product type: Workstation
15:31:04.0246 5344 ComputerName: JONATHAN-PC
15:31:04.0246 5344 UserName: Jonathan
15:31:04.0246 5344 Windows directory: C:\Windows
15:31:04.0246 5344 System windows directory: C:\Windows
15:31:04.0246 5344 Processor architecture: Intel x86
15:31:04.0246 5344 Number of processors: 2
15:31:04.0247 5344 Page size: 0x1000
15:31:04.0247 5344 Boot type: Normal boot
15:31:04.0247 5344 ============================================================
15:31:05.0433 5344 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:31:05.0452 5344 \Device\Harddisk0\DR0:
15:31:05.0452 5344 MBR used
15:31:05.0452 5344 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1388000
15:31:05.0452 5344 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139B9C5, BlocksNum 0x240928EB
15:31:05.0531 5344 Initialize success
15:31:05.0531 5344 ============================================================
15:31:13.0118 7496 ============================================================
15:31:13.0119 7496 Scan started
15:31:13.0119 7496 Mode: Manual;
15:31:13.0119 7496 ============================================================
15:31:16.0135 7496 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
15:31:16.0139 7496 ACPI - ok
15:31:16.0243 7496 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
15:31:16.0265 7496 adp94xx - ok
15:31:16.0426 7496 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
15:31:16.0439 7496 adpahci - ok
15:31:16.0564 7496 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
15:31:16.0595 7496 adpu160m - ok
15:31:16.0738 7496 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
15:31:16.0791 7496 adpu320 - ok
15:31:16.0911 7496 AFD (a3ef19e838b95593607f2aaeb9c2a8db) C:\Windows\system32\drivers\afd.sys
15:31:16.0912 7496 Suspicious file (Forged): C:\Windows\system32\drivers\afd.sys. Real md5: a3ef19e838b95593607f2aaeb9c2a8db, Fake md5: 763e172a55177e478cb419f88fd0ba03
15:31:16.0913 7496 AFD ( Virus.Win32.ZAccess.c ) - infected
15:31:16.0913 7496 AFD - detected Virus.Win32.ZAccess.c (0)
15:31:17.0024 7496 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
15:31:17.0144 7496 agp440 - ok
15:31:17.0287 7496 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
15:31:17.0507 7496 aic78xx - ok
15:31:17.0623 7496 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
15:31:17.0637 7496 aliide - ok
15:31:17.0742 7496 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
15:31:17.0785 7496 amdagp - ok
15:31:17.0876 7496 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
15:31:17.0877 7496 amdide - ok
15:31:17.0928 7496 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
15:31:17.0952 7496 AmdK7 - ok
15:31:17.0993 7496 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
15:31:18.0026 7496 AmdK8 - ok
15:31:18.0095 7496 ApfiltrService (1de27858a431a5749e0f3df54ba935b9) C:\Windows\system32\DRIVERS\Apfiltr.sys
15:31:18.0140 7496 ApfiltrService - ok
15:31:18.0211 7496 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
15:31:18.0241 7496 arc - ok
15:31:18.0281 7496 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
15:31:18.0321 7496 arcsas - ok
15:31:18.0353 7496 ASPI32 - ok
15:31:18.0396 7496 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
15:31:18.0397 7496 AsyncMac - ok
15:31:18.0449 7496 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
15:31:18.0450 7496 atapi - ok
15:31:18.0585 7496 atikmdag (be4d8fdc6b2598c46b2b5e6e4fbaafc5) C:\Windows\system32\DRIVERS\atikmdag.sys
15:31:19.0037 7496 atikmdag - ok
15:31:19.0141 7496 ATSwpWDF (6d4bf9538e449d64c5413bc46afcd8ff) C:\Windows\system32\Drivers\ATSwpWDF.sys
15:31:19.0216 7496 ATSwpWDF - ok
15:31:19.0295 7496 BCM42RLY (423c7b87e886ac93d22936ea82665f83) C:\Windows\system32\drivers\BCM42RLY.sys
15:31:19.0296 7496 BCM42RLY - ok
15:31:19.0393 7496 BCM43XX (b56999be8f22ba3071e4ceafa9e82e26) C:\Windows\system32\DRIVERS\bcmwl6.sys
15:31:19.0426 7496 BCM43XX - ok
15:31:19.0456 7496 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
15:31:19.0457 7496 Beep - ok
15:31:19.0496 7496 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
15:31:19.0521 7496 blbdrive - ok
15:31:19.0582 7496 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
15:31:19.0621 7496 bowser - ok
15:31:19.0666 7496 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
15:31:19.0667 7496 BrFiltLo - ok
15:31:19.0714 7496 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
15:31:19.0715 7496 BrFiltUp - ok
15:31:19.0757 7496 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
15:31:19.0836 7496 Brserid - ok
15:31:19.0896 7496 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
15:31:20.0044 7496 BrSerWdm - ok
15:31:20.0097 7496 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
15:31:20.0098 7496 BrUsbMdm - ok
15:31:20.0149 7496 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
15:31:20.0153 7496 BrUsbSer - ok
15:31:20.0192 7496 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
15:31:20.0200 7496 BTHMODEM - ok
15:31:20.0305 7496 catchme - ok
15:31:20.0356 7496 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
15:31:20.0404 7496 cdfs - ok
15:31:20.0456 7496 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
15:31:20.0504 7496 cdrom - ok
15:31:20.0544 7496 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
15:31:20.0553 7496 circlass - ok
15:31:20.0601 7496 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
15:31:20.0604 7496 CLFS - ok
15:31:20.0640 7496 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
15:31:20.0663 7496 CmBatt - ok
15:31:20.0718 7496 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
15:31:20.0719 7496 cmdide - ok
15:31:20.0748 7496 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
15:31:20.0750 7496 Compbatt - ok
15:31:20.0769 7496 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
15:31:20.0770 7496 crcdisk - ok
15:31:20.0814 7496 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
15:31:20.0848 7496 Crusoe - ok
15:31:20.0906 7496 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
15:31:20.0960 7496 DfsC - ok
15:31:21.0072 7496 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
15:31:21.0107 7496 disk - ok
15:31:21.0244 7496 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
15:31:21.0265 7496 Dot4 - ok
15:31:21.0311 7496 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:31:21.0312 7496 Dot4Print - ok
15:31:21.0361 7496 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
15:31:21.0362 7496 dot4usb - ok
15:31:21.0449 7496 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
15:31:21.0451 7496 drmkaud - ok
15:31:21.0538 7496 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
15:31:21.0561 7496 DXGKrnl - ok
15:31:21.0600 7496 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
15:31:21.0805 7496 e1express - ok
15:31:21.0873 7496 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
15:31:21.0977 7496 E1G60 - ok
15:31:21.0990 7496 EagleNT - ok
15:31:22.0086 7496 EagleXNt (a8c4b2ae80afe54ec01d4591dbc1c396) C:\Windows\system32\drivers\EagleXNt.sys
15:31:25.0129 7496 EagleXNt - ok
15:31:25.0309 7496 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
15:31:25.0337 7496 Ecache - ok
15:31:25.0481 7496 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
15:31:25.0514 7496 elxstor - ok
15:31:25.0561 7496 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
15:31:25.0562 7496 ErrDev - ok
15:31:25.0619 7496 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
15:31:25.0656 7496 exfat - ok
15:31:25.0686 7496 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
15:31:25.0704 7496 fastfat - ok
15:31:25.0742 7496 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
15:31:25.0756 7496 fdc - ok
15:31:25.0777 7496 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
15:31:25.0884 7496 FileInfo - ok
15:31:25.0962 7496 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
15:31:25.0965 7496 Filetrace - ok
15:31:26.0013 7496 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
15:31:26.0014 7496 flpydisk - ok
15:31:26.0029 7496 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
15:31:26.0058 7496 FltMgr - ok
15:31:26.0116 7496 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
15:31:26.0131 7496 Fs_Rec - ok
15:31:26.0179 7496 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
15:31:26.0214 7496 gagp30kx - ok
15:31:26.0359 7496 GarenaPEngine - ok
15:31:26.0450 7496 GDISpyDevice (38303f4f86305cce7180b29ce902503b) C:\Windows\system32\GDISpy.sys
15:31:26.0489 7496 GDISpyDevice - ok
15:31:26.0585 7496 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:31:26.0587 7496 GEARAspiWDM - ok
15:31:26.0666 7496 GGSAFERDriver - ok
15:31:26.0731 7496 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
15:31:26.0734 7496 hamachi - ok
15:31:26.0784 7496 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
15:31:26.0809 7496 HdAudAddService - ok
15:31:26.0852 7496 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:31:26.0852 7496 HDAudBus - ok
15:31:26.0887 7496 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
15:31:26.0888 7496 HidBth - ok
15:31:26.0932 7496 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
15:31:26.0934 7496 HidIr - ok
15:31:26.0962 7496 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
15:31:26.0963 7496 HidUsb - ok
15:31:27.0010 7496 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
15:31:27.0064 7496 HpCISSs - ok
15:31:27.0122 7496 HTTP (406c027c18e98a396faa1963dad5ff70) C:\Windows\system32\drivers\HTTP.sys
15:31:27.0199 7496 HTTP - ok
15:31:27.0226 7496 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
15:31:27.0260 7496 i2omp - ok
15:31:27.0298 7496 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
15:31:27.0330 7496 i8042prt - ok
15:31:27.0386 7496 iaStor (2358c53f30cb9dcd1d3843c4e2f299b2) C:\Windows\system32\drivers\iastor.sys
15:31:27.0388 7496 iaStor - ok
15:31:27.0422 7496 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
15:31:27.0466 7496 iaStorV - ok
15:31:27.0518 7496 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
15:31:27.0537 7496 iirsp - ok
15:31:27.0598 7496 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
15:31:27.0613 7496 intelide - ok
15:31:27.0646 7496 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
15:31:27.0647 7496 intelppm - ok
15:31:27.0690 7496 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:31:27.0721 7496 IpFilterDriver - ok
15:31:27.0737 7496 IpInIp - ok
15:31:27.0781 7496 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
15:31:27.0815 7496 IPMIDRV - ok
15:31:27.0869 7496 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
15:31:27.0888 7496 IPNAT - ok
15:31:27.0927 7496 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
15:31:27.0928 7496 IRENUM - ok
15:31:27.0958 7496 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
15:31:27.0987 7496 isapnp - ok
15:31:28.0040 7496 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
15:31:28.0043 7496 iScsiPrt - ok
15:31:28.0074 7496 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
15:31:28.0078 7496 iteatapi - ok
15:31:28.0142 7496 itecir (8bcd857c7932ad005d5f9c89329da2e1) C:\Windows\system32\DRIVERS\itecir.sys
15:31:28.0216 7496 itecir - ok
15:31:28.0270 7496 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
15:31:28.0275 7496 iteraid - ok
15:31:28.0331 7496 k57nd60x (a67e8cfcad7d4f8b35643d6c79ba64c3) C:\Windows\system32\DRIVERS\k57nd60x.sys
15:31:28.0442 7496 k57nd60x - ok
15:31:28.0473 7496 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:31:28.0497 7496 kbdclass - ok
15:31:28.0522 7496 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
15:31:28.0524 7496 kbdhid - ok
15:31:28.0585 7496 KSecDD (5367dc846cae9639b899bfd13b97a8c9) C:\Windows\system32\Drivers\ksecdd.sys
15:31:28.0683 7496 KSecDD - ok
15:31:28.0755 7496 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
15:31:28.0787 7496 lltdio - ok
15:31:28.0846 7496 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
15:31:28.0948 7496 LSI_FC - ok
15:31:28.0983 7496 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
15:31:29.0031 7496 LSI_SAS - ok
15:31:29.0062 7496 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
15:31:29.0123 7496 LSI_SCSI - ok
15:31:29.0136 7496 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
15:31:29.0258 7496 luafv - ok
15:31:29.0284 7496 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
15:31:29.0285 7496 megasas - ok
15:31:29.0331 7496 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
15:31:29.0416 7496 MegaSR - ok
15:31:29.0452 7496 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
15:31:29.0456 7496 Modem - ok
15:31:29.0483 7496 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
15:31:29.0484 7496 monitor - ok
15:31:29.0510 7496 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
15:31:29.0512 7496 mouclass - ok
15:31:29.0529 7496 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
15:31:29.0531 7496 mouhid - ok
15:31:29.0545 7496 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
15:31:29.0582 7496 MountMgr - ok
15:31:29.0624 7496 MpFilter (7e34bfa1a7b60bba1da03d677f16cd63) C:\Windows\system32\DRIVERS\MpFilter.sys
15:31:29.0626 7496 MpFilter - ok
15:31:29.0692 7496 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
15:31:29.0772 7496 mpio - ok
15:31:29.0823 7496 MpNWMon (f32e2d6a1640a469a9ed4f1929a4a861) C:\Windows\system32\DRIVERS\MpNWMon.sys
15:31:29.0824 7496 MpNWMon - ok
15:31:29.0937 7496 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
15:31:29.0959 7496 mpsdrv - ok
15:31:29.0987 7496 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
15:31:29.0989 7496 Mraid35x - ok
15:31:30.0032 7496 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
15:31:30.0054 7496 MRxDAV - ok
15:31:30.0100 7496 mrxsmb (c4ad205530888404e2b5fc8d9319b119) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:31:30.0139 7496 mrxsmb - ok
15:31:30.0205 7496 mrxsmb10 (0a986b34f1678a2697574d7b1664e2dd) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:31:30.0282 7496 mrxsmb10 - ok
15:31:30.0319 7496 mrxsmb20 (3268b8c3fa92bfc086355c39b45e9cc9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:31:30.0376 7496 mrxsmb20 - ok
15:31:30.0409 7496 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
15:31:30.0411 7496 msahci - ok
15:31:30.0454 7496 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
15:31:30.0478 7496 msdsm - ok
15:31:30.0522 7496 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
15:31:30.0535 7496 Msfs - ok
15:31:30.0561 7496 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
15:31:30.0562 7496 msisadrv - ok
15:31:30.0590 7496 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
15:31:30.0591 7496 MSKSSRV - ok
15:31:30.0622 7496 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
15:31:30.0623 7496 MSPCLOCK - ok
15:31:30.0647 7496 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
15:31:30.0649 7496 MSPQM - ok
15:31:30.0675 7496 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
15:31:30.0778 7496 MsRPC - ok
15:31:30.0817 7496 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
15:31:30.0817 7496 mssmbios - ok
15:31:30.0841 7496 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
15:31:30.0843 7496 MSTEE - ok
15:31:30.0858 7496 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
15:31:30.0888 7496 Mup - ok
15:31:31.0000 7496 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
15:31:31.0003 7496 NativeWifiP - ok
15:31:31.0054 7496 NDIS (c8560010a542b5dca94c62468dc20784) C:\Windows\system32\drivers\ndis.sys
15:31:31.0064 7496 NDIS - ok
15:31:31.0084 7496 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
15:31:31.0123 7496 NdisTapi - ok
15:31:31.0138 7496 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
15:31:31.0149 7496 Ndisuio - ok
15:31:31.0183 7496 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
15:31:31.0218 7496 NdisWan - ok
15:31:31.0296 7496 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
15:31:31.0884 7496 NDProxy - ok
15:31:31.0974 7496 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
15:31:32.0018 7496 NetBIOS - ok
15:31:32.0030 7496 netbt - ok
15:31:32.0142 7496 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
15:31:32.0144 7496 nfrd960 - ok
15:31:32.0202 7496 NisDrv (17e2c08c5ecfbe94a7c67b1c275ee9d9) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:31:32.0207 7496 NisDrv - ok
15:31:32.0279 7496 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
15:31:32.0310 7496 Npfs - ok
15:31:32.0345 7496 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
15:31:32.0396 7496 nsiproxy - ok
15:31:32.0470 7496 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
15:31:32.0560 7496 Ntfs - ok
15:31:32.0590 7496 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
15:31:32.0592 7496 ntrigdigi - ok
15:31:32.0626 7496 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
15:31:32.0628 7496 Null - ok
15:31:32.0661 7496 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
15:31:32.0668 7496 nvraid - ok
15:31:32.0701 7496 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
15:31:32.0726 7496 nvstor - ok
15:31:32.0755 7496 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
15:31:32.0774 7496 nv_agp - ok
15:31:32.0786 7496 NwlnkFlt - ok
15:31:32.0803 7496 NwlnkFwd - ok
15:31:32.0872 7496 OA001Ufd (9b7cd7151a7c4009c383396155f02b95) C:\Windows\system32\DRIVERS\OA001Ufd.sys
15:31:32.0877 7496 OA001Ufd - ok
15:31:32.0914 7496 OA001Vid (cdcdad303a9208cf3513400ef2a05f80) C:\Windows\system32\DRIVERS\OA001Vid.sys
15:31:32.0920 7496 OA001Vid - ok
15:31:32.0954 7496 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
15:31:32.0955 7496 ohci1394 - ok
15:31:33.0026 7496 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
15:31:33.0034 7496 Parport - ok
15:31:33.0093 7496 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
15:31:33.0095 7496 partmgr - ok
15:31:33.0126 7496 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
15:31:33.0127 7496 Parvdm - ok
15:31:33.0178 7496 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
15:31:33.0181 7496 pci - ok
15:31:33.0214 7496 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
15:31:33.0222 7496 pciide - ok
15:31:33.0282 7496 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
15:31:33.0299 7496 pcmcia - ok
15:31:33.0366 7496 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
15:31:33.0389 7496 PEAUTH - ok
15:31:33.0565 7496 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
15:31:33.0567 7496 PptpMiniport - ok
15:31:33.0726 7496 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
15:31:33.0728 7496 Processor - ok
15:31:33.0817 7496 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
15:31:33.0827 7496 PSched - ok
15:31:33.0916 7496 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
15:31:33.0922 7496 PxHelp20 - ok
15:31:34.0118 7496 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
15:31:34.0157 7496 ql2300 - ok
15:31:34.0273 7496 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
15:31:34.0308 7496 ql40xx - ok
15:31:34.0413 7496 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
15:31:34.0418 7496 QWAVEdrv - ok
15:31:34.0825 7496 R300 (be4d8fdc6b2598c46b2b5e6e4fbaafc5) C:\Windows\system32\DRIVERS\atikmdag.sys
15:31:34.0848 7496 R300 - ok
15:31:34.0935 7496 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
15:31:34.0941 7496 RasAcd - ok
15:31:35.0092 7496 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:31:35.0190 7496 Rasl2tp - ok
15:31:35.0296 7496 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
15:31:35.0298 7496 RasPppoe - ok
15:31:35.0394 7496 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
15:31:35.0435 7496 RasSstp - ok
15:31:35.0902 7496 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
15:31:36.0002 7496 rdbss - ok
15:31:36.0093 7496 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:31:36.0100 7496 RDPCDD - ok
15:31:36.0251 7496 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
15:31:36.0256 7496 rdpdr - ok
15:31:36.0428 7496 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
15:31:36.0429 7496 RDPENCDD - ok
15:31:36.0653 7496 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
15:31:36.0776 7496 RDPWD - ok
15:31:37.0247 7496 rimmptsk (c2ef513bbe069f0d4ee0938a76f975d3) C:\Windows\system32\DRIVERS\rimmptsk.sys
15:31:37.0271 7496 rimmptsk - ok
15:31:37.0659 7496 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys
15:31:37.0660 7496 rimsptsk - ok
15:31:37.0858 7496 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
15:31:37.0874 7496 RimUsb - ok
15:31:38.0124 7496 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
15:31:38.0134 7496 RimVSerPort - ok
15:31:38.0223 7496 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys
15:31:38.0226 7496 rismxdp - ok
15:31:38.0412 7496 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
15:31:38.0421 7496 ROOTMODEM - ok
15:31:38.0522 7496 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
15:31:38.0525 7496 rspndr - ok
15:31:38.0945 7496 s916bus (fec4f19c80f623c3bfb386fc815bcd30) C:\Windows\system32\DRIVERS\s916bus.sys
15:31:38.0948 7496 s916bus - ok
15:31:39.0102 7496 s916mdfl (a6f154da17cafd5743f552b1a88b2c32) C:\Windows\system32\DRIVERS\s916mdfl.sys
15:31:39.0103 7496 s916mdfl - ok
15:31:39.0236 7496 s916mdm (b4362e96e0a9d258cf5c7ca7ad28958a) C:\Windows\system32\DRIVERS\s916mdm.sys
15:31:39.0296 7496 s916mdm - ok
15:31:39.0483 7496 s916mgmt (16926a57dcc885691e34aafc42e1f652) C:\Windows\system32\DRIVERS\s916mgmt.sys
15:31:39.0498 7496 s916mgmt - ok
15:31:40.0196 7496 s916obex (c04f59dd93625883357953cf367373fb) C:\Windows\system32\DRIVERS\s916obex.sys
15:31:40.0216 7496 s916obex - ok
15:31:40.0354 7496 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
15:31:40.0368 7496 sbp2port - ok
15:31:40.0485 7496 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
15:31:40.0489 7496 sdbus - ok
15:31:41.0103 7496 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:31:41.0104 7496 secdrv - ok
15:31:41.0567 7496 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
15:31:41.0777 7496 Serenum - ok
15:31:42.0186 7496 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
15:31:42.0217 7496 Serial - ok
15:31:42.0676 7496 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
15:31:42.0677 7496 sermouse - ok
15:31:43.0015 7496 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
15:31:43.0043 7496 sffdisk - ok
15:31:43.0231 7496 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
15:31:43.0235 7496 sffp_mmc - ok
15:31:43.0352 7496 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\DRIVERS\sffp_sd.sys
15:31:43.0354 7496 sffp_sd - ok
15:31:43.0591 7496 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
15:31:43.0896 7496 sfloppy - ok
15:31:44.0037 7496 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
15:31:44.0053 7496 sisagp - ok
15:31:44.0263 7496 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
15:31:44.0280 7496 SiSRaid2 - ok
15:31:44.0431 7496 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
15:31:44.0436 7496 SiSRaid4 - ok
15:31:44.0653 7496 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
15:31:44.0713 7496 Smb - ok
15:31:45.0196 7496 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
15:31:45.0210 7496 spldr - ok
15:31:45.0339 7496 sptd (7f1b7c4d446cd3f926af45b8c48bd593) C:\Windows\system32\Drivers\sptd.sys
15:31:45.0339 7496 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 7f1b7c4d446cd3f926af45b8c48bd593
15:31:45.0341 7496 sptd ( LockedFile.Multi.Generic ) - warning
15:31:45.0342 7496 sptd - detected LockedFile.Multi.Generic (1)
15:31:45.0500 7496 srv (73dddbeec61e78568082916a27aadaee) C:\Windows\system32\DRIVERS\srv.sys
15:31:45.0506 7496 srv - ok
15:31:45.0711 7496 srv2 (805fac010405ad3f82ef8df0bb035d81) C:\Windows\system32\DRIVERS\srv2.sys
15:31:45.0717 7496 srv2 - ok
15:31:46.0462 7496 srvnet (f63a0a58aafe34d7a1a0a74abccdd9c0) C:\Windows\system32\DRIVERS\srvnet.sys
15:31:46.0464 7496 srvnet - ok
15:31:46.0749 7496 STEC3 (e4ebf293d1f612bda19b646c36715b20) C:\Windows\system32\STEC3.sys
15:31:46.0760 7496 STEC3 - ok
15:31:46.0909 7496 STHDA (87b7fc4cde516c40ab84e786b97953dd) C:\Windows\system32\DRIVERS\stwrt.sys
15:31:46.0917 7496 STHDA - ok
15:31:47.0170 7496 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
15:31:47.0171 7496 swenum - ok
15:31:47.0288 7496 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
15:31:47.0289 7496 Symc8xx - ok
15:31:47.0386 7496 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
15:31:47.0387 7496 Sym_hi - ok
15:31:47.0828 7496 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
15:31:47.0830 7496 Sym_u3 - ok
15:31:48.0116 7496 Tcpip (a6a02ef5b5e40fbd31a1adc577da54bb) C:\Windows\system32\drivers\tcpip.sys
15:31:48.0513 7496 Tcpip - ok
15:31:48.0694 7496 Tcpip6 (a6a02ef5b5e40fbd31a1adc577da54bb) C:\Windows\system32\DRIVERS\tcpip.sys
15:31:48.0700 7496 Tcpip6 - ok
15:31:49.0043 7496 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
15:31:49.0045 7496 tcpipreg - ok
15:31:49.0177 7496 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
15:31:49.0179 7496 TDPIPE - ok
15:31:49.0281 7496 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
15:31:49.0282 7496 TDTCP - ok
15:31:49.0404 7496 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
15:31:49.0472 7496 tdx - ok
15:31:49.0564 7496 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
15:31:49.0623 7496 TermDD - ok
15:31:49.0829 7496 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:31:49.0836 7496 tssecsrv - ok
15:31:49.0925 7496 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
15:31:49.0936 7496 tunmp - ok
15:31:50.0357 7496 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
15:31:50.0402 7496 tunnel - ok
15:31:50.0562 7496 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
15:31:50.0564 7496 uagp35 - ok
15:31:50.0668 7496 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
15:31:50.0673 7496 udfs - ok
15:31:50.0813 7496 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
15:31:50.0815 7496 uliagpkx - ok
15:31:51.0177 7496 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
15:31:51.0182 7496 uliahci - ok
15:31:51.0386 7496 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
15:31:51.0388 7496 UlSata - ok
15:31:51.0493 7496 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
15:31:51.0499 7496 ulsata2 - ok
15:31:51.0634 7496 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
15:31:51.0635 7496 umbus - ok
15:31:51.0954 7496 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys
15:31:51.0965 7496 USBAAPL - ok
15:31:52.0765 7496 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
15:31:52.0768 7496 usbccgp - ok
15:31:52.0860 7496 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
15:31:52.0861 7496 usbcir - ok
15:31:53.0535 7496 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
15:31:53.0536 7496 usbehci - ok
15:31:53.0735 7496 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
15:31:53.0740 7496 usbhub - ok
15:31:54.0154 7496 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
15:31:54.0160 7496 usbohci - ok
15:31:54.0384 7496 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
15:31:54.0428 7496 usbprint - ok
15:31:54.0577 7496 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
15:31:54.0579 7496 usbscan - ok
15:31:54.0717 7496 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:31:54.0720 7496 USBSTOR - ok
15:31:55.0051 7496 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
15:31:55.0056 7496 usbuhci - ok
15:31:55.0383 7496 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
15:31:55.0384 7496 vga - ok
15:31:55.0537 7496 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
15:31:55.0539 7496 VgaSave - ok
15:31:55.0705 7496 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
15:31:55.0708 7496 viaagp - ok
15:31:56.0138 7496 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
15:31:56.0140 7496 ViaC7 - ok
15:31:56.0330 7496 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
15:31:56.0331 7496 viaide - ok
15:31:56.0462 7496 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
15:31:56.0464 7496 volmgr - ok
15:31:56.0558 7496 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
15:31:56.0564 7496 volmgrx - ok
15:31:56.0661 7496 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
15:31:56.0663 7496 volsnap - ok
15:31:56.0762 7496 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
15:31:56.0765 7496 vsmraid - ok
15:31:56.0901 7496 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
15:31:56.0904 7496 WacomPen - ok
15:31:57.0269 7496 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:31:57.0273 7496 Wanarp - ok
15:31:57.0278 7496 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:31:57.0279 7496 Wanarpv6 - ok
15:31:57.0464 7496 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
15:31:57.0465 7496 Wd - ok
15:31:57.0594 7496 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
15:31:57.0616 7496 Wdf01000 - ok
15:31:57.0788 7496 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:31:57.0789 7496 WmiAcpi - ok
15:31:58.0073 7496 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
15:31:58.0074 7496 WpdUsb - ok
15:31:58.0191 7496 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
15:31:58.0192 7496 ws2ifsl - ok
15:31:58.0370 7496 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:31:58.0374 7496 WUDFRd - ok
15:31:58.0487 7496 xbdtm - ok
15:31:58.0626 7496 XDva189 (dd9b676c862449f5f70a953ba5db6f44) C:\Windows\system32\XDva189.sys
15:31:58.0668 7496 XDva189 - ok
15:31:58.0725 7496 XDva195 - ok
15:31:58.0814 7496 XDva391 - ok
15:31:58.0874 7496 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
15:31:58.0958 7496 \Device\Harddisk0\DR0 - ok
15:31:58.0989 7496 Boot (0x1200) (a431838945ca4aead0b42711b8ca0e9b) \Device\Harddisk0\DR0\Partition0
15:31:59.0035 7496 \Device\Harddisk0\DR0\Partition0 - ok
15:31:59.0081 7496 Boot (0x1200) (86628e57b823531841ea55830fe00bd8) \Device\Harddisk0\DR0\Partition1
15:31:59.0082 7496 \Device\Harddisk0\DR0\Partition1 - ok
15:31:59.0083 7496 ============================================================
15:31:59.0083 7496 Scan finished
15:31:59.0083 7496 ============================================================
15:31:59.0122 9720 Detected object count: 2
15:31:59.0122 9720 Actual detected object count: 2
15:32:17.0584 9720 C:\Windows\system32\drivers\afd.sys - copied to quarantine
15:32:21.0903 9720 Backup copy not found, trying to cure infected file..
15:32:21.0944 9720 Cure success, using it..
15:32:22.0042 9720 C:\Windows\system32\drivers\afd.sys - will be cured on reboot
15:32:41.0817 9720 AFD ( Virus.Win32.ZAccess.c ) - User select action: Cure
15:32:41.0819 9720 sptd ( LockedFile.Multi.Generic ) - skipped by user
15:32:41.0819 9720 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
15:33:49.0983 4340 Deinitialize success

lunsk, Feb 29, 2012

#23
lunsk Newcomer, in training Posts: 62

Uh Security Essentials just started scanning by itself when it detected something and now it's telling me to restart, should I?

lunsk, Feb 29, 2012

#24
Broni Malware Annihilator Posts: 39,313 +175

Go ahead.

Then re-run TDSSKiller one more time.

Broni, Feb 29, 2012

#25

lunsk Newcomer, in training Posts: 62

Im getting a blue screen on startup, should I run it in safemode?

lunsk, Feb 29, 2012

#26

Broni Malware Annihilator Posts: 39,313 +175

Yes you can.

Broni, Feb 29, 2012

#27
lunsk Newcomer, in training Posts: 62

I ran it in safe mode, but now my desktop is missing and it says "failed to connect to windows service" and "c:/windows/system32/config/systemprofile/desktop is not accessible. Access is denied." What should I do?

lunsk, Feb 29, 2012

#28
Broni Malware Annihilator Posts: 39,313 +175

Turn the computer off.
Wait 1 minute.
Restart.
If normal mode won't work try safe mode.

Broni, Feb 29, 2012

#29
lunsk Newcomer, in training Posts: 62

Normal mode doesn't work still, safe mode says "failed to connect to windows service" and is missing some icons.

lunsk, Feb 29, 2012

#30
Broni Malware Annihilator Posts: 39,313 +175

Can you re-run TDSSKiller from safe mode?

Broni, Feb 29, 2012

#31
lunsk Newcomer, in training Posts: 62

Getting blue screen when starting normally

lunsk, Feb 29, 2012

#32
lunsk Newcomer, in training Posts: 62

But all my stuff is back when I go into safe mode though

lunsk, Feb 29, 2012

#33
lunsk Newcomer, in training Posts: 62

Rerunning tdsskiller doesn't ask me to reboot when I cure it. When I manually restart I still get blue screen from entering normally

lunsk, Feb 29, 2012

#34
Broni Malware Annihilator Posts: 39,313 +175

See if Combofix will run now from safe mode.

Broni, Feb 29, 2012

#35
lunsk Newcomer, in training Posts: 62

I'm trying to runit in safe mode now, but it keeps saying security essentials is on even though I turned it off. Should I just run it?

lunsk, Feb 29, 2012

#36
Broni Malware Annihilator Posts: 39,313 +175

Yes............

Broni, Feb 29, 2012

#37
lunsk Newcomer, in training Posts: 62

Combofix isn't running

lunsk, Feb 29, 2012

#38
lunsk Newcomer, in training Posts: 62

I tried turning on security essentials, to see if I could turn it off so that I could run combofix, but I'm having problems turning it on. Still getting a blue screen on normal startup.

Error code is 0x800705b4

lunsk, Feb 29, 2012

#39
Broni Malware Annihilator Posts: 39,313 +175
Let's see, if we can look at your computer booting from an external source.

Please download OTLPE (filesize 120,9 MB)

When downloaded double click on OTLPENet.exe and make sure there is a blank CD in your CD drive. This will automatically create a bootable CD.

Reboot your system using the boot CD you just created.

Note : If you do not know how to set your computer to boot from CD follow the steps here

Your system should now display a REATOGO-X-PE desktop.

Depending on your type of internet connection, you should be able to get online as well so you can access this topic more easily.

Double-click on the OTLPE icon.

When asked Do you wish to load the remote registry, select Yes

When asked Do you wish to load remote user profile(s) for scanning, select Yes

Ensure the box Automatically Load All Remaining Users" is checked and press OK

OTL should now start.

Under the Custom Scan box paste this in:

/md5start
explorer.exe
winlogon.exe
userinit.exe
svchost.exe
afd.sys
/md5stop

Press Run Scan to start the scan.

When finished, the file will be saved in drive C:\OTL.txt

Copy this file to your USB drive if you do not have internet connection on this system

Please post the contents of the OTL.txt file in your reply.
Broni, Feb 29, 2012

#40

Page 2 of 6

Add New Comment

	Social Login & Guest Posting			TechSpot Members Login here or sign up for free, it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.