-
The scan from VirusTotal was ok herel the result:
SHA256: 1187559016b58539b1e58144146b8c76dfc448c2b35360ce35a148335e86f225
SHA1: 4792b0335a85df90ccfd2cffe9e1e0e6e9c87de5
MD5: 474d3dccb57defcd917311eec47204b9
File size: 353.1 KB ( 361600 bytes )
File type: Win32 EXE
Detection ratio: 0 / 41
Analysis date: 2012-01-20 17:35:49 UTC ( 4 minutes ago )
***************************************
Scan fromTDSSKiller
11:55:24.0881 1732 TDSS rootkit removing tool 2.7.5.0 Jan 18 2012 09:26:24
11:55:36.0347 1732 ============================================================
11:55:36.0347 1732 Current date / time: 2012/01/20 11:55:36.0347
11:55:36.0347 1732 SystemInfo:
11:55:36.0347 1732
11:55:36.0347 1732 OS Version: 5.1.2600 ServicePack: 3.0
11:55:36.0347 1732 Product type: Workstation
11:55:36.0347 1732 ComputerName: HASSELCOMPUTER
11:55:36.0357 1732 UserName: Administrator
11:55:36.0357 1732 Windows directory: C:\WINDOWS
11:55:36.0357 1732 System windows directory: C:\WINDOWS
11:55:36.0357 1732 Processor architecture: Intel x86
11:55:36.0357 1732 Number of processors: 1
11:55:36.0357 1732 Page size: 0x1000
11:55:36.0357 1732 Boot type: Normal boot
11:55:36.0357 1732 ============================================================
11:55:39.0472 1732 Drive \Device\Harddisk0\DR0 - Size: 0x950A60000 (37.26 Gb), SectorSize: 0x200, Cylinders: 0x1300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:55:39.0542 1732 Initialize success
11:55:41.0425 0688 ============================================================
11:55:41.0425 0688 Scan started
11:55:41.0425 0688 Mode: Manual;
11:55:41.0425 0688 ============================================================
11:55:42.0256 0688 Abiosdsk - ok
11:55:42.0276 0688 abp480n5 - ok
11:55:42.0356 0688 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:55:42.0366 0688 ACPI - ok
11:55:42.0566 0688 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:55:42.0576 0688 ACPIEC - ok
11:55:42.0737 0688 adpu160m - ok
11:55:42.0807 0688 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:55:42.0817 0688 aec - ok
11:55:43.0017 0688 AFD (f6b7b1ecd7b41736bdb6ff4b092bcb79) C:\WINDOWS\System32\drivers\afd.sys
11:55:43.0027 0688 AFD - ok
11:55:43.0217 0688 AgereSoftModem (55188b7c84a4c5e73e0680f744c4561d) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
11:55:43.0257 0688 AgereSoftModem - ok
11:55:43.0418 0688 Aha154x - ok
11:55:43.0448 0688 aic78u2 - ok
11:55:43.0478 0688 aic78xx - ok
11:55:43.0518 0688 AliIde - ok
11:55:43.0548 0688 amsint - ok
11:55:43.0628 0688 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:55:43.0638 0688 Arp1394 - ok
11:55:43.0828 0688 asc - ok
11:55:43.0858 0688 asc3350p - ok
11:55:43.0888 0688 asc3550 - ok
11:55:43.0968 0688 Aspi32 (5b01af89d16d562825c4db4530f20cbb) C:\WINDOWS\system32\drivers\Aspi32.sys
11:55:43.0968 0688 Aspi32 - ok
11:55:44.0439 0688 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:55:44.0449 0688 AsyncMac - ok
11:55:44.0689 0688 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:55:44.0689 0688 atapi - ok
11:55:44.0860 0688 Atdisk - ok
11:55:44.0930 0688 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:55:44.0940 0688 Atmarpc - ok
11:55:45.0140 0688 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:55:45.0140 0688 audstub - ok
11:55:45.0270 0688 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:55:45.0270 0688 Beep - ok
11:55:45.0410 0688 catchme - ok
11:55:45.0621 0688 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:55:45.0631 0688 cbidf2k - ok
11:55:45.0821 0688 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:55:45.0831 0688 CCDECODE - ok
11:55:45.0991 0688 cd20xrnt - ok
11:55:46.0061 0688 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:55:46.0071 0688 Cdaudio - ok
11:55:46.0282 0688 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:55:46.0282 0688 Cdfs - ok
11:55:46.0492 0688 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:55:46.0492 0688 Cdrom - ok
11:55:46.0662 0688 Changer - ok
11:55:46.0742 0688 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:55:46.0752 0688 CmBatt - ok
11:55:46.0883 0688 CmdIde - ok
11:55:46.0963 0688 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:55:46.0963 0688 Compbatt - ok
11:55:47.0173 0688 Cpqarray - ok
11:55:47.0353 0688 dac2w2k - ok
11:55:47.0443 0688 dac960nt - ok
11:55:47.0533 0688 Disk (47b6aaec570f2c11d8bad80a064d8ed1) C:\WINDOWS\system32\DRIVERS\disk.sys
11:55:47.0533 0688 Disk - ok
11:55:47.0714 0688 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
11:55:47.0754 0688 dmboot - ok
11:55:47.0924 0688 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
11:55:47.0964 0688 dmio - ok
11:55:48.0154 0688 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:55:48.0154 0688 dmload - ok
11:55:48.0305 0688 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:55:48.0315 0688 DMusic - ok
11:55:48.0465 0688 dpti2o - ok
11:55:48.0555 0688 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:55:48.0565 0688 drmkaud - ok
11:55:48.0785 0688 exFat (4d893323dae445e34a4c9038b0551bc9) C:\WINDOWS\system32\drivers\exFat.sys
11:55:48.0795 0688 exFat - ok
11:55:49.0026 0688 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:55:49.0026 0688 Fastfat - ok
11:55:49.0216 0688 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
11:55:49.0216 0688 Fdc - ok
11:55:49.0426 0688 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
11:55:49.0426 0688 Fips - ok
11:55:49.0637 0688 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
11:55:49.0647 0688 Flpydisk - ok
11:55:49.0727 0688 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:55:49.0727 0688 FltMgr - ok
11:55:49.0947 0688 Fs_Rec (30d42943a54704ef13e2562911dbfcea) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:55:49.0947 0688 Fs_Rec - ok
11:55:50.0187 0688 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:55:50.0197 0688 Ftdisk - ok
11:55:50.0388 0688 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:55:50.0388 0688 Gpc - ok
11:55:50.0578 0688 hpn - ok
11:55:50.0668 0688 HTTP (937031c085718c1c04a9c0864625ec6b) C:\WINDOWS\system32\Drivers\HTTP.sys
11:55:50.0688 0688 HTTP - ok
11:55:50.0848 0688 i2omgmt - ok
11:55:50.0878 0688 i2omp - ok
11:55:50.0948 0688 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:55:50.0958 0688 i8042prt - ok
11:55:51.0199 0688 ialm (1b49ec451363cbbf8d0549d4fd78072c) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
11:55:51.0199 0688 ialm - ok
11:55:51.0419 0688 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:55:51.0429 0688 Imapi - ok
11:55:51.0599 0688 ini910u - ok
11:55:51.0679 0688 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
11:55:51.0679 0688 IntelIde - ok
11:55:51.0860 0688 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:55:51.0860 0688 intelppm - ok
11:55:52.0100 0688 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:55:52.0110 0688 Ip6Fw - ok
11:55:52.0320 0688 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:55:52.0320 0688 IpFilterDriver - ok
11:55:52.0521 0688 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:55:52.0531 0688 IpInIp - ok
11:55:52.0661 0688 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:55:52.0671 0688 IpNat - ok
11:55:52.0791 0688 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:55:52.0801 0688 IPSec - ok
11:55:53.0021 0688 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
11:55:53.0031 0688 irda - ok
11:55:53.0162 0688 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:55:53.0162 0688 IRENUM - ok
11:55:53.0282 0688 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:55:53.0292 0688 isapnp - ok
11:55:53.0512 0688 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:55:53.0512 0688 Kbdclass - ok
11:55:53.0592 0688 kl1 (7dd41b7ac1fbb1dbf20bb1f4e4fbe58c) C:\WINDOWS\system32\DRIVERS\kl1.sys
11:55:53.0602 0688 kl1 - ok
11:55:53.0883 0688 KLIF (a11c971434468fa05815eec8228d63fd) C:\WINDOWS\system32\DRIVERS\klif.sys
11:55:53.0893 0688 KLIF - ok
11:55:54.0143 0688 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:55:54.0153 0688 kmixer - ok
11:55:54.0373 0688 KSecDD (c6ebf1d6ad71df30db49b8d3287e1368) C:\WINDOWS\system32\drivers\KSecDD.sys
11:55:54.0373 0688 KSecDD - ok
11:55:54.0554 0688 lbrtfdc - ok
11:55:54.0674 0688 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:55:54.0684 0688 mnmdd - ok
11:55:54.0894 0688 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
11:55:54.0904 0688 Modem - ok
11:55:54.0974 0688 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:55:54.0974 0688 Mouclass - ok
11:55:55.0255 0688 MountMgr (1a1faa5102466f418494e94ff9b0b091) C:\WINDOWS\system32\drivers\MountMgr.sys
11:55:55.0255 0688 MountMgr - ok
11:55:55.0345 0688 mraid35x - ok
11:55:55.0455 0688 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
11:55:55.0455 0688 MREMP50 - ok
11:55:55.0495 0688 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
11:55:55.0495 0688 MRESP50 - ok
11:55:55.0715 0688 MRxDAV (4fefd389d71126ee581b9f9cb2918be4) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:55:55.0725 0688 MRxDAV - ok
11:55:55.0986 0688 MRxSmb (fb2fccc70f7174c7bf64f48e96d3adf4) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:55:56.0006 0688 MRxSmb - ok
11:55:56.0246 0688 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:55:56.0246 0688 Msfs - ok
11:55:56.0466 0688 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:55:56.0476 0688 MSKSSRV - ok
11:55:56.0677 0688 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:55:56.0677 0688 MSPCLOCK - ok
11:55:56.0787 0688 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:55:56.0797 0688 MSPQM - ok
11:55:56.0887 0688 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:55:56.0887 0688 mssmbios - ok
11:55:57.0017 0688 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
11:55:57.0017 0688 MSTEE - ok
11:55:57.0257 0688 Mup (f7b1ad991491f02af6da70b00b8bf114) C:\WINDOWS\system32\drivers\Mup.sys
11:55:57.0267 0688 Mup - ok
11:55:57.0478 0688 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:55:57.0488 0688 NABTSFEC - ok
11:55:57.0738 0688 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:55:57.0748 0688 NDIS - ok
11:55:57.0928 0688 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:55:57.0928 0688 NdisIP - ok
11:55:58.0079 0688 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:55:58.0079 0688 NdisTapi - ok
11:55:58.0159 0688 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:55:58.0169 0688 Ndisuio - ok
11:55:58.0309 0688 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:55:58.0319 0688 NdisWan - ok
11:55:58.0409 0688 NDProxy (816460bd4b4acd27937d1d0813e2e9e9) C:\WINDOWS\system32\drivers\NDProxy.sys
11:55:58.0409 0688 NDProxy - ok
11:55:58.0539 0688 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:55:58.0539 0688 NetBIOS - ok
11:55:58.0669 0688 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:55:58.0680 0688 NetBT - ok
11:55:58.0930 0688 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:55:58.0940 0688 NIC1394 - ok
11:55:59.0130 0688 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:55:59.0140 0688 Npfs - ok
11:55:59.0200 0688 Ntfs (4c51d5275ae8a16999edfe7e647d00de) C:\WINDOWS\system32\drivers\Ntfs.sys
11:55:59.0220 0688 Ntfs - ok
11:55:59.0451 0688 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:55:59.0451 0688 Null - ok
11:55:59.0661 0688 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:55:59.0671 0688 NwlnkFlt - ok
11:55:59.0691 0688 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:55:59.0701 0688 NwlnkFwd - ok
11:55:59.0771 0688 ohci1394 (2553f7c60b8d291b5a812245e6d4da6e) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:55:59.0781 0688 ohci1394 - ok
11:56:00.0001 0688 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
11:56:00.0001 0688 Parport - ok
11:56:00.0202 0688 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:56:00.0212 0688 PartMgr - ok
11:56:00.0332 0688 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
11:56:00.0342 0688 ParVdm - ok
11:56:00.0582 0688 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
11:56:00.0582 0688 PCI - ok
11:56:00.0742 0688 PCIDump - ok
11:56:00.0803 0688 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:56:00.0813 0688 PCIIde - ok
11:56:01.0023 0688 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
11:56:01.0033 0688 Pcmcia - ok
11:56:01.0213 0688 PDCOMP - ok
11:56:01.0243 0688 PDFRAME - ok
11:56:01.0273 0688 PDRELI - ok
11:56:01.0303 0688 PDRFRAME - ok
11:56:01.0323 0688 perc2 - ok
11:56:01.0353 0688 perc2hib - ok
11:56:01.0484 0688 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:56:01.0484 0688 PptpMiniport - ok
11:56:01.0694 0688 PSched (d8e11d311785f89f1d70a28b0e879127) C:\WINDOWS\system32\DRIVERS\psched.sys
11:56:01.0704 0688 PSched - ok
11:56:01.0814 0688 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:56:01.0814 0688 Ptilink - ok
11:56:01.0924 0688 PxHelp20 (42d4c34300405d9f377e55f5ddadd720) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
11:56:01.0934 0688 PxHelp20 - ok
11:56:02.0054 0688 ql1080 - ok
11:56:02.0104 0688 Ql10wnt - ok
11:56:02.0155 0688 ql12160 - ok
11:56:02.0185 0688 ql1240 - ok
11:56:02.0205 0688 ql1280 - ok
11:56:02.0265 0688 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:56:02.0265 0688 RasAcd - ok
11:56:02.0445 0688 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
11:56:02.0455 0688 Rasirda - ok
11:56:02.0575 0688 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:56:02.0575 0688 Rasl2tp - ok
11:56:02.0675 0688 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:56:02.0675 0688 RasPppoe - ok
11:56:02.0815 0688 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:56:02.0825 0688 Raspti - ok
11:56:02.0956 0688 Rdbss (77050c6615f6eb5402f832b27fd695e0) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:56:02.0966 0688 Rdbss - ok
11:56:03.0186 0688 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:56:03.0196 0688 RDPCDD - ok
11:56:03.0386 0688 rdpdr (47ea20320e3d6fdc7b7bb22b2b881ca6) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:56:03.0396 0688 rdpdr - ok
11:56:03.0637 0688 RDPWD (3348e61a78ba4f79c795aad6565d3b6f) C:\WINDOWS\system32\drivers\RDPWD.sys
11:56:03.0647 0688 RDPWD - ok
11:56:03.0927 0688 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:56:03.0937 0688 redbook - ok
11:56:04.0177 0688 RTL8023xp (cf84b1f0e8b14d4120aaf9cf35cbb265) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
11:56:04.0177 0688 RTL8023xp - ok
11:56:04.0428 0688 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:56:04.0438 0688 Secdrv - ok
11:56:04.0668 0688 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:56:04.0668 0688 serenum - ok
11:56:04.0808 0688 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
11:56:04.0818 0688 Serial - ok
11:56:04.0928 0688 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:56:04.0928 0688 Sfloppy - ok
11:56:05.0219 0688 Si3112 (f459dd5ee69d4b68cb6767c9731b5faf) C:\WINDOWS\system32\drivers\Si3112.sys
11:56:05.0229 0688 Si3112 - ok
11:56:05.0359 0688 Simbad - ok
11:56:05.0459 0688 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:56:05.0459 0688 SLIP - ok
11:56:05.0690 0688 SMCIRDA (707647a1aa0edb6cbef61b0c75c28ed3) C:\WINDOWS\system32\DRIVERS\smcirda.sys
11:56:05.0700 0688 SMCIRDA - ok
11:56:05.0860 0688 Sparrow - ok
11:56:05.0930 0688 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:56:05.0940 0688 splitter - ok
11:56:06.0220 0688 sptd (ca9a2690a2b53662565654b48f7ae68f) C:\WINDOWS\System32\Drivers\sptd.sys
11:56:06.0220 0688 Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\sptd.sys. md5: ca9a2690a2b53662565654b48f7ae68f
11:56:06.0220 0688 sptd ( LockedFile.Multi.Generic ) - warning
11:56:06.0220 0688 sptd - detected LockedFile.Multi.Generic (1)
11:56:06.0401 0688 Sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
11:56:06.0421 0688 Sr - ok
11:56:06.0521 0688 Srv (9b390283569ea58d43d2586032b892f5) C:\WINDOWS\system32\DRIVERS\srv.sys
11:56:06.0531 0688 Srv - ok
11:56:06.0741 0688 STAC97 (94958b68384bb931f571cd35bb65028d) C:\WINDOWS\system32\drivers\STAC97.sys
11:56:06.0761 0688 STAC97 - ok
11:56:06.0991 0688 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:56:06.0991 0688 streamip - ok
11:56:07.0222 0688 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:56:07.0232 0688 swenum - ok
11:56:07.0442 0688 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:56:07.0452 0688 swmidi - ok
11:56:07.0612 0688 symc810 - ok
11:56:07.0642 0688 symc8xx - ok
11:56:07.0672 0688 sym_hi - ok
11:56:07.0702 0688 sym_u3 - ok
11:56:07.0783 0688 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:56:07.0783 0688 sysaudio - ok
11:56:08.0043 0688 Tcpip (474d3dccb57defcd917311eec47204b9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:56:08.0063 0688 Tcpip - ok
11:56:08.0263 0688 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:56:08.0273 0688 TDPIPE - ok
11:56:08.0373 0688 TDTCP (c0578456f29e5f26285f81b7b71fe57d) C:\WINDOWS\system32\drivers\TDTCP.sys
11:56:08.0383 0688 TDTCP - ok
11:56:08.0474 0688 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:56:08.0484 0688 TermDD - ok
11:56:08.0604 0688 TosIde - ok
11:56:08.0684 0688 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:56:08.0684 0688 Udfs - ok
11:56:08.0754 0688 ultra - ok
11:56:09.0034 0688 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:56:09.0064 0688 Update - ok
11:56:09.0265 0688 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:56:09.0265 0688 usbccgp - ok
11:56:09.0495 0688 usbehci (52674b5dbee499342a599c7771abecaa) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:56:09.0495 0688 usbehci - ok
11:56:09.0675 0688 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:56:09.0675 0688 usbhub - ok
11:56:09.0775 0688 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:56:09.0785 0688 usbscan - ok
11:56:09.0996 0688 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:56:09.0996 0688 USBSTOR - ok
11:56:10.0206 0688 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:56:10.0216 0688 usbuhci - ok
11:56:10.0426 0688 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
11:56:10.0436 0688 usbvideo - ok
11:56:10.0637 0688 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:56:10.0647 0688 VgaSave - ok
11:56:10.0817 0688 ViaIde - ok
11:56:10.0887 0688 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
11:56:10.0897 0688 VolSnap - ok
11:56:11.0127 0688 vsdatant (1045d05bbd5170565927d7653346c961) C:\WINDOWS\system32\vsdatant.sys
11:56:11.0228 0688 vsdatant - ok
11:56:11.0488 0688 w70n51 (8e5cf571c00c806ed7c08dbb74356646) C:\WINDOWS\system32\DRIVERS\w70n51.sys
11:56:11.0518 0688 w70n51 - ok
11:56:11.0718 0688 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:56:11.0718 0688 Wanarp - ok
11:56:11.0889 0688 WDICA - ok
11:56:11.0969 0688 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:56:11.0979 0688 wdmaud - ok
11:56:12.0289 0688 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
11:56:12.0289 0688 WS2IFSL - ok
11:56:12.0499 0688 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:56:12.0509 0688 WSTCODEC - ok
11:56:12.0720 0688 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:56:12.0730 0688 WudfPf - ok
11:56:12.0910 0688 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:56:12.0920 0688 WudfRd - ok
11:56:13.0020 0688 {6080A529-897E-4629-A488-ABA0C29B635E} (a7ab6e6fcb5d9276160d9998593638e3) C:\WINDOWS\system32\drivers\ialmsbw.sys
11:56:13.0030 0688 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
11:56:13.0270 0688 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} (d9c1c60a4e414052e30dbb2800f0893a) C:\WINDOWS\system32\drivers\ialmkchw.sys
11:56:13.0281 0688 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
11:56:13.0321 0688 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
11:56:13.0551 0688 \Device\Harddisk0\DR0 - ok
11:56:13.0581 0688 Boot (0x1200) (ca4c82ff5ce81bf5e3b095fdd0b5f4fa) \Device\Harddisk0\DR0\Partition0
11:56:13.0581 0688 \Device\Harddisk0\DR0\Partition0 - ok
11:56:13.0591 0688 ============================================================
11:56:13.0591 0688 Scan finished
11:56:13.0591 0688 ============================================================
11:56:13.0621 2400 Detected object count: 1
11:56:13.0621 2400 Actual detected object count: 1
11:56:15.0934 2400 sptd ( LockedFile.Multi.Generic ) - skipped by user
11:56:15.0934 2400 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
11:56:29.0083 1388 Deinitialize success
-
Was the VirusTotal scan report what you wanted? The site did not make clear what to send.
-
Well, thats not the entire Virus Total report, go ahead and rerun that file through Jotti
http://virusscan.jotti.org/en
C:\WINDOWS\system32\drivers\tcpip.sys
Logs look ok, how is your system behaving now ?
-
2012-01-20 Found nothing 2012-01-19 Found nothing
2012-01-20 Found nothing 2012-01-20 Found nothing
2012-01-20 Found nothing 2012-01-20 Found nothing
2012-01-20 Found nothing 2012-01-20 Found nothing
2012-01-20 Found nothing 2012-01-20 Found nothing
2012-01-20 Found nothing 2012-01-20 Found nothing
2012-01-20 Found nothing 2012-01-20 Found nothing
2012-01-20 Found nothing 2012-01-20 Found nothing
2012-01-20 Found nothing 2012-01-19 Found nothing
2012-01-20 Found nothing 2012-01-20 Found nothing
2012-01-20 Found nothing 2012-01-19 Found nothing
2012-01-20 Found nothing 2012-01-20 Found nothing
2012-01-20 Found nothing 2012-01-20 Found nothing
2012-01-20 Found nothing 2012-01-20 Found nothing
2012-01-20 Found nothing 2012-01-20 Found nothing
2012-01-20 Found nothing 2012-01-20 Found nothing
2012-01-20 Found nothing 2012-01-20 Found nothing
2012-01-20 Found nothing 2012-01-20 Found nothing
2012-01-20 Found nothing 2012-01-19 Found nothing
2012-01-20 Found nothing 2012-01-20 Found nothing
Says nothing found out of 20 scanners.
The computer seems to be running normal, shut down and reboot created no problems or warnings.
-
Great, that may have been a false positive on the Combofix log, but it dont hurt to check.
- Click START then RUN
- Now type Combofix /uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.
Open OTL and click on Clean Up and it will remove programs we used to clean your system along with there backups, any programs that where not removed you can just drag to the trash.
Malwarebytes is the free version and yours to keep and will not be removed
Safe Surfn
Ken
-
Ken you have been a great help and very patient but I have to admit that I don't know what OTL is. Where is it?
-
My bad
Between this forum and all the other ones I am active on I have over 20 threads going, I thought we used this tool in the cleaning of your system but we did not, no biggie you can use this one in lew of OTL
Now to remove most of the tools that we have used in fixing your machine:- Make sure you have an Internet Connection.
- Download OTC to your desktop and run it
- A list of tool components used in the cleanup of malware will be downloaded.
- If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
- Click Yes to begin the cleanup process and remove these components, including this application.
- You will be asked to reboot the machine to finish the cleanup process. If you are asked to reboot the machine choose Yes.
-
-
Your very welcome
You take care now
Ken
-
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules