Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojans PSW.Generic9.OCX and PWS.Agent.ASIO [Solved]


  • This topic is locked This topic is locked

#16
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Please repeat those two steps from my previous post here.
  • 0

Advertisements


#17
kerriev

kerriev

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
aswMBR version 0.9.9.1618 Copyright© 2011 AVAST Software
Run date: 2012-02-26 10:10:13
-----------------------------
10:10:13.500 OS Version: Windows 5.1.2600 Service Pack 3
10:10:13.500 Number of processors: 1 586 0xE08
10:10:13.500 ComputerName: LOTSASMILES UserName: Kerrie
10:10:25.671 Initialize success
10:18:23.875 AVAST engine defs: 12022502
10:28:30.000 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
10:28:30.000 Disk 0 Vendor: TOSHIBA_MK8007GAH BG011A Size: 76319MB BusType: 3
10:28:30.000 Disk 1 \Device\Harddisk1\DR4 -> \Device\0000009d
10:28:30.000 Disk 1 Vendor: ( Size: 76319MB BusType: 0
10:28:30.000 Disk 2 \Device\Harddisk2\DR5 -> \Device\0000009e
10:28:30.000 Disk 2 Vendor: ( Size: 76319MB BusType: 0
10:28:30.046 Disk 0 MBR read successfully
10:28:30.046 Disk 0 MBR scan
10:28:30.921 Disk 0 Windows XP default MBR code
10:28:30.953 Disk 0 Partition 1 00 12 Compaq diag NTFS 8110 MB offset 63
10:28:31.640 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 38154 MB offset 16611210
10:28:31.656 Disk 0 Partition - 00 0F Extended LBA 30051 MB offset 94751370
10:28:31.703 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 30051 MB offset 94751433
10:28:32.140 Disk 0 scanning sectors +156296385
10:28:32.203 Disk 0 malicious Win32:MBRoot code @ sector 156296388 !
10:28:33.031 Disk 0 scanning C:\WINDOWS\system32\drivers
10:29:27.718 Service scanning
10:30:07.156 Modules scanning
10:30:46.828 Disk 0 trace - called modules:
10:30:46.875 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
10:30:46.875 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x871d5ab8]
10:30:46.890 3 CLASSPNP.SYS[f7650fd7] -> nt!IofCallDriver -> \Device\00000084[0x8716a9e8]
10:30:46.890 5 ACPI.sys[f74c7620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8717f940]
10:30:48.515 AVAST engine scan C:\WINDOWS
10:31:11.812 AVAST engine scan C:\WINDOWS\system32
10:38:45.156 AVAST engine scan C:\WINDOWS\system32\drivers
10:39:30.890 AVAST engine scan C:\Documents and Settings\Kerrie
11:07:17.609 AVAST engine scan C:\Documents and Settings\All Users
11:13:34.953 Scan finished successfully
11:26:23.640 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Kerrie\Desktop\MBR.dat"
11:26:23.640 The log file has been saved successfully to "C:\Documents and Settings\Kerrie\Desktop\aswMBR 4.txt"


-------------------------------------------------------------------------------------------------------------------------

11:31:13.0718 2668 TDSS rootkit removing tool 2.7.14.0 Feb 22 2012 16:54:49
11:31:15.0718 2668 ============================================================
11:31:15.0718 2668 Current date / time: 2012/02/26 11:31:15.0718
11:31:15.0718 2668 SystemInfo:
11:31:15.0718 2668
11:31:15.0718 2668 OS Version: 5.1.2600 ServicePack: 3.0
11:31:15.0718 2668 Product type: Workstation
11:31:15.0718 2668 ComputerName: LOTSASMILES
11:31:15.0718 2668 UserName: Kerrie
11:31:15.0718 2668 Windows directory: C:\WINDOWS
11:31:15.0718 2668 System windows directory: C:\WINDOWS
11:31:15.0718 2668 Processor architecture: Intel x86
11:31:15.0718 2668 Number of processors: 1
11:31:15.0718 2668 Page size: 0x1000
11:31:15.0718 2668 Boot type: Normal boot
11:31:15.0718 2668 ============================================================
11:31:19.0375 2668 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:31:19.0406 2668 \Device\Harddisk0\DR0:
11:31:19.0437 2668 MBR used
11:31:19.0437 2668 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xFD778A, BlocksNum 0x4A85300
11:31:19.0437 2668 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x5A5CAC9, BlocksNum 0x3AB19F8
11:31:19.0562 2668 Initialize success
11:31:19.0562 2668 ============================================================
11:31:26.0515 1364 ============================================================
11:31:26.0515 1364 Scan started
11:31:26.0515 1364 Mode: Manual; SigCheck; TDLFS;
11:31:26.0515 1364 ============================================================
11:31:27.0328 1364 3xHybrid (802bf86dd3100099c6ffe5694ebfef12) C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
11:31:27.0656 1364 3xHybrid ( UnsignedFile.Multi.Generic ) - warning
11:31:27.0656 1364 3xHybrid - detected UnsignedFile.Multi.Generic (1)
11:31:27.0687 1364 Abiosdsk - ok
11:31:27.0703 1364 abp480n5 - ok
11:31:27.0796 1364 acedrv10 (b253d403cf527ff11921ceee193ef465) C:\WINDOWS\system32\drivers\acedrv10.sys
11:31:42.0968 1364 acedrv10 - ok
11:31:43.0156 1364 acehlp10 (77507733dc5e2953960c88da59a5c94b) C:\WINDOWS\system32\drivers\acehlp10.sys
11:31:43.0187 1364 acehlp10 - ok
11:31:43.0265 1364 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:31:45.0015 1364 ACPI - ok
11:31:45.0171 1364 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
11:31:45.0359 1364 ACPIEC - ok
11:31:45.0390 1364 adpu160m - ok
11:31:45.0453 1364 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:31:45.0640 1364 aec - ok
11:31:45.0703 1364 AegisP (91f3df93f40a74d222cd166fe95db633) C:\WINDOWS\system32\DRIVERS\AegisP.sys
11:31:45.0750 1364 AegisP ( UnsignedFile.Multi.Generic ) - warning
11:31:45.0750 1364 AegisP - detected UnsignedFile.Multi.Generic (1)
11:31:45.0812 1364 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:31:45.0906 1364 AFD - ok
11:31:46.0031 1364 Aha154x - ok
11:31:46.0046 1364 aic78u2 - ok
11:31:46.0078 1364 aic78xx - ok
11:31:46.0140 1364 alcan5wn (0940030d5a5869067ccc03e3b0b8dec7) C:\WINDOWS\system32\DRIVERS\alcan5wn.sys
11:31:46.0218 1364 alcan5wn - ok
11:31:46.0265 1364 alcaudsl (4c9577888c53243e2991456f510488a1) C:\WINDOWS\system32\DRIVERS\alcaudsl.sys
11:31:46.0328 1364 alcaudsl - ok
11:31:46.0359 1364 AliIde - ok
11:31:46.0390 1364 amsint - ok
11:31:46.0468 1364 ApfiltrService (b21fcbc58cb13bac70f74b5ac5da7409) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
11:31:46.0578 1364 ApfiltrService - ok
11:31:46.0765 1364 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:31:47.0015 1364 Arp1394 - ok
11:31:47.0046 1364 asc - ok
11:31:47.0062 1364 asc3350p - ok
11:31:47.0078 1364 asc3550 - ok
11:31:47.0140 1364 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:31:47.0328 1364 AsyncMac - ok
11:31:47.0375 1364 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:31:47.0578 1364 atapi - ok
11:31:47.0593 1364 Atdisk - ok
11:31:47.0640 1364 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:31:47.0843 1364 Atmarpc - ok
11:31:47.0890 1364 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:31:48.0046 1364 audstub - ok
11:31:48.0203 1364 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:31:48.0390 1364 Beep - ok
11:31:48.0406 1364 catchme - ok
11:31:48.0484 1364 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:31:48.0718 1364 cbidf2k - ok
11:31:48.0781 1364 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:31:48.0953 1364 CCDECODE - ok
11:31:48.0968 1364 cd20xrnt - ok
11:31:49.0015 1364 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:31:49.0218 1364 Cdaudio - ok
11:31:49.0265 1364 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:31:49.0453 1364 Cdfs - ok
11:31:49.0609 1364 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:31:49.0812 1364 Cdrom - ok
11:31:49.0828 1364 Changer - ok
11:31:49.0890 1364 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:31:50.0062 1364 CmBatt - ok
11:31:50.0093 1364 CmdIde - ok
11:31:50.0156 1364 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:31:50.0343 1364 Compbatt - ok
11:31:50.0375 1364 Cpqarray - ok
11:31:50.0390 1364 dac2w2k - ok
11:31:50.0421 1364 dac960nt - ok
11:31:50.0515 1364 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:31:50.0703 1364 Disk - ok
11:31:50.0796 1364 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
11:31:51.0000 1364 dmboot - ok
11:31:51.0171 1364 DMICall (526192bf7696f72e29777bf4a180513a) C:\WINDOWS\system32\DRIVERS\DMICall.sys
11:31:51.0359 1364 DMICall - ok
11:31:51.0437 1364 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
11:31:51.0687 1364 dmio - ok
11:31:51.0765 1364 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:31:52.0031 1364 dmload - ok
11:31:52.0093 1364 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:31:52.0281 1364 DMusic - ok
11:31:52.0406 1364 dpti2o - ok
11:31:52.0468 1364 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:31:52.0656 1364 drmkaud - ok
11:31:52.0718 1364 E100B (d57a8fc800b501ac05b10d00f66d127a) C:\WINDOWS\system32\DRIVERS\e100b325.sys
11:31:52.0843 1364 E100B - ok
11:31:52.0875 1364 ewusbnet - ok
11:31:52.0921 1364 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:31:53.0125 1364 Fastfat - ok
11:31:53.0171 1364 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
11:31:53.0421 1364 Fdc - ok
11:31:53.0546 1364 FdRedir (59558c6547d0362afb639ac682a9fcc3) C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys
11:31:53.0578 1364 FdRedir ( UnsignedFile.Multi.Generic ) - warning
11:31:53.0578 1364 FdRedir - detected UnsignedFile.Multi.Generic (1)
11:31:53.0640 1364 FileDisk2 (30967822edd32fb37f8209500724ae6c) C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys
11:31:53.0671 1364 FileDisk2 ( UnsignedFile.Multi.Generic ) - warning
11:31:53.0671 1364 FileDisk2 - detected UnsignedFile.Multi.Generic (1)
11:31:53.0859 1364 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
11:31:54.0093 1364 Fips - ok
11:31:54.0125 1364 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
11:31:54.0390 1364 Flpydisk - ok
11:31:54.0453 1364 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
11:31:54.0656 1364 FltMgr - ok
11:31:54.0703 1364 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:31:54.0890 1364 Fs_Rec - ok
11:31:54.0968 1364 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:31:55.0156 1364 Ftdisk - ok
11:31:55.0328 1364 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:31:55.0343 1364 GEARAspiWDM - ok
11:31:55.0406 1364 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:31:55.0593 1364 Gpc - ok
11:31:55.0656 1364 GTF32BUS (32634c6cc92db8a721e63c8a37af5eea) C:\WINDOWS\system32\DRIVERS\gtf32bus.sys
11:31:55.0750 1364 GTF32BUS - ok
11:31:55.0796 1364 GTPTSER (571e647090b44f61d2f4f3feb267a5dd) C:\WINDOWS\system32\DRIVERS\gtptser.sys
11:31:55.0875 1364 GTPTSER - ok
11:31:56.0031 1364 GTSCSER (aaf5b637b72df8275b82ff64ff80791d) C:\WINDOWS\system32\DRIVERS\gtscser.sys
11:31:56.0078 1364 GTSCSER - ok
11:31:56.0140 1364 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:31:56.0406 1364 HDAudBus - ok
11:31:56.0609 1364 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:31:56.0781 1364 HidUsb - ok
11:31:56.0812 1364 hpn - ok
11:31:56.0890 1364 HSFHWAZL (acc46dda7fece95a253ae88cea172e12) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
11:31:56.0937 1364 HSFHWAZL - ok
11:31:57.0125 1364 HSF_DPV (c9f4e7da78a02623abf78a4a34ce79b1) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
11:31:57.0296 1364 HSF_DPV - ok
11:31:57.0421 1364 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:31:57.0515 1364 HTTP - ok
11:31:57.0546 1364 hwdatacard - ok
11:31:57.0578 1364 hwusbdev - ok
11:31:57.0609 1364 i2omgmt - ok
11:31:57.0625 1364 i2omp - ok
11:31:57.0703 1364 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:31:57.0953 1364 i8042prt - ok
11:31:58.0140 1364 ialm (0f0194c4b635c10c3f785e4fee52d641) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
11:31:58.0312 1364 ialm - ok
11:31:58.0406 1364 IFXTPM (0a359837e021bc04a04a6fd189492c65) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
11:31:58.0484 1364 IFXTPM - ok
11:31:58.0640 1364 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:31:58.0906 1364 Imapi - ok
11:31:58.0937 1364 ini910u - ok
11:31:59.0250 1364 IntcAzAudAddService (255c82c31a570e6ef06f4b098521da52) C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:31:59.0984 1364 IntcAzAudAddService - ok
11:32:00.0140 1364 IntelIde - ok
11:32:00.0203 1364 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:32:00.0437 1364 intelppm - ok
11:32:00.0484 1364 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
11:32:00.0671 1364 Ip6Fw - ok
11:32:00.0750 1364 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:32:00.0937 1364 IpFilterDriver - ok
11:32:01.0015 1364 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:32:01.0187 1364 IpInIp - ok
11:32:01.0250 1364 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:32:01.0406 1364 IpNat - ok
11:32:01.0578 1364 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:32:01.0765 1364 IPSec - ok
11:32:01.0796 1364 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:32:01.0984 1364 IRENUM - ok
11:32:02.0031 1364 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:32:02.0234 1364 isapnp - ok
11:32:02.0296 1364 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:32:02.0484 1364 Kbdclass - ok
11:32:02.0890 1364 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:32:03.0062 1364 kmixer - ok
11:32:03.0265 1364 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:32:03.0406 1364 KSecDD - ok
11:32:03.0437 1364 lbrtfdc - ok
11:32:03.0531 1364 LVUSBSta (c5efbd05a5195402121711a6ebbb271f) C:\WINDOWS\system32\drivers\lvusbsta.sys
11:32:03.0671 1364 LVUSBSta - ok
11:32:03.0859 1364 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
11:32:03.0890 1364 mdmxsdk - ok
11:32:03.0968 1364 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:32:04.0218 1364 mnmdd - ok
11:32:04.0281 1364 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
11:32:04.0468 1364 Modem - ok
11:32:04.0546 1364 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:32:04.0718 1364 Mouclass - ok
11:32:04.0875 1364 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:32:05.0062 1364 mouhid - ok
11:32:05.0109 1364 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:32:05.0296 1364 MountMgr - ok
11:32:05.0328 1364 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
11:32:05.0515 1364 MPE - ok
11:32:05.0531 1364 mraid35x - ok
11:32:05.0609 1364 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:32:05.0796 1364 MRxDAV - ok
11:32:05.0890 1364 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:32:06.0031 1364 MRxSmb - ok
11:32:06.0171 1364 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:32:06.0359 1364 Msfs - ok
11:32:06.0421 1364 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:32:06.0640 1364 MSKSSRV - ok
11:32:06.0703 1364 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:32:06.0890 1364 MSPCLOCK - ok
11:32:06.0937 1364 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:32:07.0109 1364 MSPQM - ok
11:32:07.0171 1364 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:32:07.0328 1364 mssmbios - ok
11:32:07.0359 1364 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
11:32:07.0531 1364 MSTEE - ok
11:32:07.0718 1364 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:32:07.0750 1364 Mup - ok
11:32:07.0828 1364 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:32:08.0015 1364 NABTSFEC - ok
11:32:08.0078 1364 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:32:08.0359 1364 NDIS - ok
11:32:08.0390 1364 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:32:08.0562 1364 NdisIP - ok
11:32:08.0734 1364 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:32:08.0828 1364 NdisTapi - ok
11:32:08.0890 1364 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:32:09.0062 1364 Ndisuio - ok
11:32:09.0140 1364 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:32:09.0406 1364 NdisWan - ok
11:32:09.0484 1364 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:32:09.0609 1364 NDProxy - ok
11:32:09.0796 1364 Netaapl (1352e1648213551923a0a822e441553c) C:\WINDOWS\system32\DRIVERS\netaapl.sys
11:32:09.0875 1364 Netaapl - ok
11:32:10.0000 1364 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:32:10.0250 1364 NetBIOS - ok
11:32:10.0296 1364 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:32:10.0500 1364 NetBT - ok
11:32:10.0562 1364 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:32:10.0750 1364 NIC1394 - ok
11:32:10.0890 1364 nk23.sys - ok
11:32:10.0906 1364 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:32:11.0109 1364 Npfs - ok
11:32:11.0187 1364 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:32:11.0421 1364 Ntfs - ok
11:32:11.0515 1364 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:32:11.0687 1364 Null - ok
11:32:11.0734 1364 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:32:11.0921 1364 NwlnkFlt - ok
11:32:12.0062 1364 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:32:12.0265 1364 NwlnkFwd - ok
11:32:12.0343 1364 odysseyIM4 (7af6ec0ea4261ecf7da084103be31ea8) C:\WINDOWS\system32\DRIVERS\odysseyIM4.sys
11:32:12.0421 1364 odysseyIM4 - ok
11:32:12.0484 1364 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:32:12.0671 1364 ohci1394 - ok
11:32:12.0750 1364 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
11:32:12.0937 1364 Parport - ok
11:32:13.0093 1364 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:32:13.0281 1364 PartMgr - ok
11:32:13.0343 1364 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
11:32:13.0515 1364 ParVdm - ok
11:32:13.0562 1364 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
11:32:13.0750 1364 PCI - ok
11:32:13.0765 1364 PCIDump - ok
11:32:13.0828 1364 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:32:14.0031 1364 PCIIde - ok
11:32:14.0125 1364 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
11:32:14.0312 1364 Pcmcia - ok
11:32:14.0453 1364 PDCOMP - ok
11:32:14.0468 1364 PDFRAME - ok
11:32:14.0484 1364 PDRELI - ok
11:32:14.0515 1364 PDRFRAME - ok
11:32:14.0562 1364 pepifilter (2a3efd6c3f116675d149da5e36a010a4) C:\WINDOWS\system32\DRIVERS\lv302af.sys
11:32:14.0609 1364 pepifilter - ok
11:32:14.0625 1364 perc2 - ok
11:32:14.0640 1364 perc2hib - ok
11:32:14.0765 1364 PID_08A0 (cebefeae6156f4fee41f56be89ea9c96) C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
11:32:14.0890 1364 PID_08A0 - ok
11:32:14.0984 1364 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:32:15.0234 1364 PptpMiniport - ok
11:32:15.0375 1364 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:32:15.0578 1364 PSched - ok
11:32:15.0640 1364 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:32:15.0828 1364 Ptilink - ok
11:32:15.0890 1364 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:32:15.0906 1364 PxHelp20 - ok
11:32:15.0921 1364 ql1080 - ok
11:32:15.0937 1364 Ql10wnt - ok
11:32:15.0953 1364 ql12160 - ok
11:32:15.0984 1364 ql1240 - ok
11:32:16.0000 1364 ql1280 - ok
11:32:16.0062 1364 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:32:16.0250 1364 RasAcd - ok
11:32:16.0343 1364 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:32:16.0531 1364 Rasl2tp - ok
11:32:16.0671 1364 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:32:16.0859 1364 RasPppoe - ok
11:32:16.0937 1364 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:32:17.0125 1364 Raspti - ok
11:32:17.0171 1364 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:32:17.0359 1364 Rdbss - ok
11:32:17.0406 1364 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:32:17.0593 1364 RDPCDD - ok
11:32:17.0687 1364 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:32:17.0875 1364 rdpdr - ok
11:32:18.0062 1364 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
11:32:18.0125 1364 RDPWD - ok
11:32:18.0187 1364 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:32:18.0390 1364 redbook - ok
11:32:18.0515 1364 s24trans (078eba5670fdaa041552cd86b984f2de) C:\WINDOWS\system32\DRIVERS\s24trans.sys
11:32:18.0531 1364 s24trans ( UnsignedFile.Multi.Generic ) - warning
11:32:18.0531 1364 s24trans - detected UnsignedFile.Multi.Generic (1)
11:32:18.0718 1364 SBRE (c1ae5d1f53285d79a0b73a62af20734f) C:\WINDOWS\system32\drivers\SBREdrv.sys
11:32:18.0750 1364 SBRE - ok
11:32:18.0828 1364 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:32:19.0093 1364 Secdrv - ok
11:32:19.0156 1364 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
11:32:19.0328 1364 Serial - ok
11:32:19.0406 1364 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
11:32:19.0593 1364 Sfloppy - ok
11:32:19.0687 1364 shpf (b8e1ac2cdad522572bfc73781d0e37e2) C:\WINDOWS\system32\DRIVERS\shpf.sys
11:32:19.0718 1364 shpf ( UnsignedFile.Multi.Generic ) - warning
11:32:19.0718 1364 shpf - detected UnsignedFile.Multi.Generic (1)
11:32:19.0843 1364 Simbad - ok
11:32:19.0890 1364 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:32:20.0046 1364 SLIP - ok
11:32:20.0140 1364 SNC (be6038e0a7d2e2fe69107e41a0265831) C:\WINDOWS\system32\Drivers\SonyNC.sys
11:32:20.0203 1364 SNC - ok
11:32:20.0234 1364 Sparrow - ok
11:32:20.0281 1364 SPI (ad9436c46c10222b8f03405628a8cd86) C:\WINDOWS\system32\DRIVERS\SonyPI.sys
11:32:20.0343 1364 SPI - ok
11:32:20.0406 1364 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:32:20.0640 1364 splitter - ok
11:32:20.0687 1364 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
11:32:20.0890 1364 sr - ok
11:32:21.0078 1364 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:32:21.0203 1364 Srv - ok
11:32:21.0250 1364 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:32:21.0437 1364 streamip - ok
11:32:21.0531 1364 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:32:21.0796 1364 swenum - ok
11:32:21.0875 1364 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:32:22.0062 1364 swmidi - ok
11:32:22.0203 1364 symc810 - ok
11:32:22.0218 1364 symc8xx - ok
11:32:22.0250 1364 sym_hi - ok
11:32:22.0265 1364 sym_u3 - ok
11:32:22.0312 1364 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:32:22.0515 1364 sysaudio - ok
11:32:22.0578 1364 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:32:22.0671 1364 Tcpip - ok
11:32:22.0734 1364 TcUsb (fc6fe02f400308606a911640e72326b5) C:\WINDOWS\system32\Drivers\tcusb.sys
11:32:22.0796 1364 TcUsb - ok
11:32:22.0859 1364 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:32:23.0031 1364 TDPIPE - ok
11:32:23.0187 1364 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:32:23.0359 1364 TDTCP - ok
11:32:23.0421 1364 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:32:23.0625 1364 TermDD - ok
11:32:23.0718 1364 ti21sony (26587ce8e6c6f16b8b4e7e2c16fa00bf) C:\WINDOWS\system32\drivers\ti21sony.sys
11:32:23.0750 1364 ti21sony - ok
11:32:23.0812 1364 toshidpt (e362d54fd394999c4178936396664e57) C:\WINDOWS\system32\drivers\Toshidpt.sys
11:32:23.0812 1364 toshidpt ( UnsignedFile.Multi.Generic ) - warning
11:32:23.0812 1364 toshidpt - detected UnsignedFile.Multi.Generic (1)
11:32:23.0859 1364 TosIde - ok
11:32:23.0937 1364 tosporte (d626e0af9232d8799d3a449530f3c220) C:\WINDOWS\system32\DRIVERS\tosporte.sys
11:32:23.0968 1364 tosporte ( UnsignedFile.Multi.Generic ) - warning
11:32:23.0968 1364 tosporte - detected UnsignedFile.Multi.Generic (1)
11:32:24.0062 1364 Tosrfbd (0ec5206059d97a8dc785be73fb457ec7) C:\WINDOWS\system32\Drivers\tosrfbd.sys
11:32:24.0093 1364 Tosrfbd ( UnsignedFile.Multi.Generic ) - warning
11:32:24.0093 1364 Tosrfbd - detected UnsignedFile.Multi.Generic (1)
11:32:24.0140 1364 Tosrfbnp (33498b8f0b2ca549c2b7ffc1b3c0f1bc) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
11:32:24.0171 1364 Tosrfbnp ( UnsignedFile.Multi.Generic ) - warning
11:32:24.0171 1364 Tosrfbnp - detected UnsignedFile.Multi.Generic (1)
11:32:24.0234 1364 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys
11:32:24.0265 1364 Tosrfcom ( UnsignedFile.Multi.Generic ) - warning
11:32:24.0265 1364 Tosrfcom - detected UnsignedFile.Multi.Generic (1)
11:32:24.0328 1364 Tosrfhid (5dbf390aab62dd0d4d43a9278614e001) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
11:32:24.0359 1364 Tosrfhid ( UnsignedFile.Multi.Generic ) - warning
11:32:24.0359 1364 Tosrfhid - detected UnsignedFile.Multi.Generic (1)
11:32:24.0515 1364 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
11:32:24.0546 1364 tosrfnds ( UnsignedFile.Multi.Generic ) - warning
11:32:24.0546 1364 tosrfnds - detected UnsignedFile.Multi.Generic (1)
11:32:24.0671 1364 TosRfSnd (0d86d15caff2b3203c785d604ec7c942) C:\WINDOWS\system32\drivers\TosRfSnd.sys
11:32:24.0703 1364 TosRfSnd ( UnsignedFile.Multi.Generic ) - warning
11:32:24.0703 1364 TosRfSnd - detected UnsignedFile.Multi.Generic (1)
11:32:24.0796 1364 Tosrfusb (c582b7716f0be7e65505365f4f941587) C:\WINDOWS\system32\Drivers\tosrfusb.sys
11:32:24.0828 1364 Tosrfusb ( UnsignedFile.Multi.Generic ) - warning
11:32:24.0828 1364 Tosrfusb - detected UnsignedFile.Multi.Generic (1)
11:32:24.0921 1364 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:32:25.0187 1364 Udfs - ok
11:32:25.0203 1364 ultra - ok
11:32:25.0296 1364 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:32:25.0546 1364 Update - ok
11:32:25.0703 1364 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
11:32:25.0781 1364 USBAAPL - ok
11:32:25.0843 1364 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
11:32:26.0031 1364 usbaudio - ok
11:32:26.0062 1364 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:32:26.0328 1364 usbccgp - ok
11:32:26.0390 1364 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:32:26.0593 1364 usbehci - ok
11:32:27.0171 1364 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:32:27.0437 1364 usbhub - ok
11:32:27.0515 1364 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
11:32:27.0687 1364 usbohci - ok
11:32:27.0734 1364 USBREC (8d9e86d710889ebb31dd42435922da2f) C:\WINDOWS\system32\DRIVERS\USBREC.sys
11:32:27.0828 1364 USBREC - ok
11:32:27.0875 1364 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:32:28.0078 1364 usbscan - ok
11:32:28.0234 1364 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:32:28.0468 1364 USBSTOR - ok
11:32:28.0531 1364 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:32:28.0718 1364 usbuhci - ok
11:32:28.0781 1364 USBVCD (f4a825865e31a849aca14efc8340f229) C:\WINDOWS\system32\drivers\USBVCD.sys
11:32:28.0812 1364 USBVCD - ok
11:32:28.0921 1364 VCIDRV (9b58d735c22e218e717f055d06354b77) C:\WINDOWS\system32\DRIVERS\VCIDRV.sys
11:32:28.0953 1364 VCIDRV - ok
11:32:29.0000 1364 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:32:29.0171 1364 VgaSave - ok
11:32:29.0187 1364 ViaIde - ok
11:32:29.0218 1364 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
11:32:29.0406 1364 VolSnap - ok
11:32:29.0546 1364 VPROEVENTMONITOR - ok
11:32:29.0687 1364 w39n51 (4e7b07653f4f9937cf62ad2869fba520) C:\WINDOWS\system32\DRIVERS\w39n51.sys
11:32:29.0906 1364 w39n51 - ok
11:32:29.0968 1364 W8335XP (b21116c6a922379f7693b66f90985016) C:\WINDOWS\system32\DRIVERS\Mrvw125.sys
11:32:30.0062 1364 W8335XP - ok
11:32:30.0234 1364 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:32:30.0484 1364 Wanarp - ok
11:32:30.0546 1364 wceusbsh (dc7f91b2ed24a738c807ea07f298928c) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
11:32:30.0609 1364 wceusbsh - ok
11:32:30.0718 1364 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
11:32:30.0765 1364 Wdf01000 - ok
11:32:30.0906 1364 WDICA - ok
11:32:30.0953 1364 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:32:31.0203 1364 wdmaud - ok
11:32:31.0312 1364 winachsf (c1d5cbd8aa0d674da1ba1bb189696396) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
11:32:31.0406 1364 winachsf - ok
11:32:31.0687 1364 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
11:32:31.0750 1364 WpdUsb - ok
11:32:31.0921 1364 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:32:32.0171 1364 WS2IFSL - ok
11:32:32.0234 1364 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:32:32.0421 1364 WSTCODEC - ok
11:32:32.0515 1364 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:32:32.0578 1364 WudfPf - ok
11:32:32.0671 1364 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:32:32.0734 1364 WudfRd - ok
11:32:32.0890 1364 xpsec - ok
11:32:32.0937 1364 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
11:32:33.0359 1364 \Device\Harddisk0\DR0 - ok
11:32:33.0375 1364 Boot (0x1200) (72412319608862f60692e879058fe6c0) \Device\Harddisk0\DR0\Partition0
11:32:33.0375 1364 \Device\Harddisk0\DR0\Partition0 - ok
11:32:33.0421 1364 Boot (0x1200) (a9662f7a49f35981ba269aa730df7118) \Device\Harddisk0\DR0\Partition1
11:32:33.0421 1364 \Device\Harddisk0\DR0\Partition1 - ok
11:32:33.0421 1364 ============================================================
11:32:33.0421 1364 Scan finished
11:32:33.0421 1364 ============================================================
11:32:33.0546 3420 Detected object count: 15
11:32:33.0546 3420 Actual detected object count: 15
11:32:56.0093 3420 3xHybrid ( UnsignedFile.Multi.Generic ) - skipped by user
11:32:56.0093 3420 3xHybrid ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:32:56.0093 3420 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
11:32:56.0093 3420 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:32:56.0093 3420 FdRedir ( UnsignedFile.Multi.Generic ) - skipped by user
11:32:56.0093 3420 FdRedir ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:32:56.0093 3420 FileDisk2 ( UnsignedFile.Multi.Generic ) - skipped by user
11:32:56.0093 3420 FileDisk2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:32:56.0109 3420 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
11:32:56.0109 3420 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:32:56.0109 3420 shpf ( UnsignedFile.Multi.Generic ) - skipped by user
11:32:56.0109 3420 shpf ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:32:56.0109 3420 toshidpt ( UnsignedFile.Multi.Generic ) - skipped by user
11:32:56.0109 3420 toshidpt ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:32:56.0109 3420 tosporte ( UnsignedFile.Multi.Generic ) - skipped by user
11:32:56.0109 3420 tosporte ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:32:56.0125 3420 Tosrfbd ( UnsignedFile.Multi.Generic ) - skipped by user
11:32:56.0125 3420 Tosrfbd ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:32:56.0125 3420 Tosrfbnp ( UnsignedFile.Multi.Generic ) - skipped by user
11:32:56.0125 3420 Tosrfbnp ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:32:56.0125 3420 Tosrfcom ( UnsignedFile.Multi.Generic ) - skipped by user
11:32:56.0125 3420 Tosrfcom ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:32:56.0125 3420 Tosrfhid ( UnsignedFile.Multi.Generic ) - skipped by user
11:32:56.0125 3420 Tosrfhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:32:56.0140 3420 tosrfnds ( UnsignedFile.Multi.Generic ) - skipped by user
11:32:56.0140 3420 tosrfnds ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:32:56.0140 3420 TosRfSnd ( UnsignedFile.Multi.Generic ) - skipped by user
11:32:56.0140 3420 TosRfSnd ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:32:56.0140 3420 Tosrfusb ( UnsignedFile.Multi.Generic ) - skipped by user
11:32:56.0140 3420 Tosrfusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:32:59.0890 4012 Deinitialize success

Computer will now hibernate and doesn't seem to be running at the same capacity. :-)
  • 0

#18
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
We should proceed with general antimalware scan which can take quite a long time so please be patient.

Download Virus Removal Tool (VRT) from Here to your desktop
(You have to enter your e-mail address and click on Submit Form button. Please download latest English version of this tool)

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
(Please be patient as this scan can take a few hours)
Posted Image

Allow VRT to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post


Now the Analysis

Rerun VRT and select the Manual Disinfection tab and press Start Gathering System Information

Posted Image

On completion click the link to locate the zip file to upload and attach to your next post

Posted Image
  • 0

#19
kerriev

kerriev

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Attached File  avptool_sysinfo.zip   20.87KB   25 downloads
  • 0

#20
kerriev

kerriev

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Status: Disinfected (events: 3)
27/02/2012 20:10:44 Disinfected Trojan program Exploit.Java.CVE-2011-3544.ap C:\Documents and Settings\Kerrie\Application Data\AVG\Rescue\PC Tuneup 2011\120208205432046.rsc High
27/02/2012 20:10:44 Disinfected Trojan program Exploit.Java.CVE-2011-3544.ap C:\Documents and Settings\Kerrie\Application Data\AVG\Rescue\PC Tuneup 2011\120208205432046.rsc/120208205432046-002934.file High
27/02/2012 20:08:37 Disinfected Trojan program Exploit.Java.CVE-2011-3544.ap C:\Documents and Settings\Kerrie\Application Data\AVG\Rescue\PC Tuneup 2011\120208205432046.rsc/120208205432046-002934.file/Market.class High
Status: Deleted (events: 1)
27/02/2012 21:29:24 Deleted Trojan program Backdoor.Win32.Sinowal.knf C:\TDSSKiller_Quarantine\22.02.2012_12.57.47\mbr0000\mbr0000\tsk0000.dta High
  • 0

#21
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Hi,

How is your computer running now? Any problems?
  • 0

#22
kerriev

kerriev

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
All seems to be working well and the computer hibernates correctly.

Thanks again for helping with all of this! Nasty people out there!!

So, what's next?
  • 0

#23
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Your logs shows that your system is clean. If you have no further issues with your computer, then please proceed with the following housekeeping procedures outlined below.

Removing the tools we used:

Reset System Restore points:

  • Please reopen Posted Image on your desktop.
  • Copy (select all lines inside quote box and press CTRL+C) and Paste (press CTRL+V) the following code into the Posted Image textbox.

    :Commands
    [ClearAllRestorePoints]

  • Click on Posted Image button.
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click on Posted Image button.

NEXT...

OTL Clean-Up:

  • Reopen Posted Image on your desktop.
  • Click on Posted Image
  • You will be prompted to reboot your system. Please do so.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.


There are a few things I recommend you to do once your computer is completely clean:

Updates for Windows - One of the essentials is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats, Microsoft releases security updates that help your computer from becoming vulnerable. It is best if you have these set to download automatically.

How to turn on Automatic Updates for Windows:

Updates for other installed software

A common attack method for hacking attempts and malware installs is to exploit known vulnerabilities in programs that are commonly installed on a person's computer. These vulnerabilities could allow a remote user or malware developer to install malware, keyloggers, and backdoors on to your computer without your knowledge or permission.
Some of the programs that are commonly exploited include Adobe Shockwave, Adobe Reader, Sun Java, Adobe Flash, and even Windows itself. Therefore it is crucial that everyone remain vigilant as to when a security vulnerability is found in our installed programs and to update it when a security update is released. Unfortunately, no one has the time to stay on top of these updates, which can happen frequently.

I highly recommend you to install Secunia Personal Software Inspector (PSI) that can be used to scan your computer for known vulnerable programs, provide information on the vulnerability, and provide a location to an update for the vulnerable program. A tutorial on how to use Secunia Personal Software Inspector (PSI) can be found here: Keep Software Updated with Secunia PSI.

Web Browsers - Picking the right internet browser is very important. You need to find one that suits your needs but that is also safe. All browsers listed below are far more secure than Internet Explorer, immune to almost all known browser hijackers, and also have the best built-in pop up blockers.

Although, if you prefer staying with Internet Explorer I highly recommend you do this :

Make Internet Explorer more secure:
  • Click Start > Run
  • Type Inetcpl.cpl & click OK
  • Click on the Security tab
  • Click Reset all zones to default level
  • Make sure the Internet Zone is selected & Click Custom level
  • In the ActiveX section, set the options Download signed and unsigned ActiveX controls to Prompt, and Initialize and Script ActiveX controls not marked as safe to Disable.
  • Next click OK, then Apply button and then OK to exit the Internet Properties page.

Tips to protect yourself against malware and reduce the potential for re-infection:

Now after all these steps, your PC will be more secure. However it is important to note that you can still get infected if you are not careful. One of the best security programs you can have is common sense. As malware gets more sophisticated, you need to be more wary. If you do get caught though and the above steps can't help prevent it, we will be here to help you out.

Stay secure and thank you for choosing GeeksToGo.
  • 0

#24
kerriev

kerriev

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
Thanks so much!!!!
  • 0

#25
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
You are welcome.
  • 0

Advertisements


#26
Render

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP