Numerous Small Problems Likely Resulting From Malware Infections

**Shadefyre** · 06-06-2011

Hi, I've returned because my computer has been exhibiting some unusual behavior in the form of performance issues mostly in the form of application issues and cpu usage. Since I'm aware that these are possible symptoms of malware infection, so I thought I'd be safe and have you take a look at it again. I made a thread about one of these issues earlier (about certain programs failing to open as anything more that a name in the process tree), however I didn't pursue the thread because the issue seem to resolve itself soon after, and I thought it might simply be a performance hiccup. However, the issue has returned, among others (such as a similar issue occuring when I try to run most setup exe's), so I decided to have my system checked. Below are the initial post logs.

**Shadefyre** · 06-06-2011

Malwarebytes' Anti-Malware 1.51.0.1200
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Database version: 6788

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

6/6/2011 4:13:07 PM
mbam-log-2011-06-06 (16-13-07).txt

Scan type: Quick scan
Objects scanned: 165156
Time elapsed: 2 minute(s), 46 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

**Shadefyre** · 06-06-2011

Reusing this accidental mispost for the MBRCheck log.

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x000000fc

Kernel Drivers (total 151):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x80700000 \WINDOWS\system32\hal.dll
0xF7987000 \WINDOWS\system32\KDCOM.DLL
0xF7897000 \WINDOWS\system32\BOOTVID.dll
0xF74E3000 spbw.sys
0xF7989000 \WINDOWS\System32\Drivers\WMILIB.SYS
0xF74CB000 \WINDOWS\System32\Drivers\SCSIPORT.SYS
0xF749D000 ACPI.sys
0xF748C000 pci.sys
0xF75F7000 ohci1394.sys
0xF7607000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xF7617000 isapnp.sys
0xF7A4F000 pciide.sys
0xF7707000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF7627000 MountMgr.sys
0xF7858000 ftdisk.sys
0xF798B000 dmload.sys
0xF7832000 dmio.sys
0xF770F000 PartMgr.sys
0xF7637000 VolSnap.sys
0xF796F000 atapi.sys
0xF7A1C000 mv61xx.sys
0xF7647000 disk.sys
0xF7657000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF794F000 fltMgr.sys
0xF7BCD000 sr.sys
0xF7BB6000 KSecDD.sys
0xF7B29000 Ntfs.sys
0xF7AFC000 NDIS.sys
0xF7AE2000 Mup.sys
0xB9A4E000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB8F4C000 \SystemRoot\system32\DRIVERS\ati2mtag.sys
0xB8F38000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xB8F10000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF7797000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB8EEC000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF779F000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB9A3E000 \SystemRoot\system32\DRIVERS\imapi.sys
0xB9A2E000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xB9A1E000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB8EC9000 \SystemRoot\system32\DRIVERS\ks.sys
0xF77A7000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xB8CC8000 \SystemRoot\system32\drivers\cmudaxp.sys
0xB8CA4000 \SystemRoot\system32\drivers\portcls.sys
0xB9A0E000 \SystemRoot\system32\drivers\drmk.sys
0xB99FE000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xF79B5000 \SystemRoot\system32\DRIVERS\ASACPI.sys
0xB99EE000 \SystemRoot\system32\DRIVERS\serial.sys
0xBA7A8000 \SystemRoot\system32\DRIVERS\serenum.sys
0xB99DE000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF77AF000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF77B7000 \??\C:\WINDOWS\system32\drivers\VMkbd.sys
0xF7AC0000 \SystemRoot\system32\DRIVERS\audstub.sys
0xBA760000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xBA7A4000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB8C8D000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xBA750000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xBA740000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF77BF000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB8C7C000 \SystemRoot\system32\DRIVERS\psched.sys
0xBA730000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF77C7000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF77CF000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB8C4C000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xBA720000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF77D7000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xB8C2F000 \SystemRoot\system32\DRIVERS\mcdbus.sys
0xF79B7000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB8BD1000 \SystemRoot\system32\DRIVERS\update.sys
0xB9C9C000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xB9C98000 \SystemRoot\system32\DRIVERS\vmnetadapter.sys
0xB9C94000 \SystemRoot\system32\DRIVERS\VMNET.SYS
0xB966E000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xAC7B9000 \SystemRoot\system32\drivers\AtiHdmi.sys
0xB960E000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF79D1000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xAC617000 \SystemRoot\system32\drivers\ADIHdAud.sys
0xAC5FF000 \SystemRoot\system32\drivers\AEAudio.sys
0xAC59F000 \SystemRoot\system32\drivers\Senfilt.sys
0xF79E5000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7A65000 \SystemRoot\System32\Drivers\Null.SYS
0xF79E7000 \SystemRoot\System32\Drivers\Beep.SYS
0xF7817000 \SystemRoot\System32\drivers\vga.sys
0xF79E9000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF79EB000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF781F000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF771F000 \SystemRoot\System32\Drivers\Npfs.SYS
0xB8BCD000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xABB64000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xABB0B000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xF76D7000 \SystemRoot\System32\Drivers\aswTdi.SYS
0xABAE5000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xABABD000 \SystemRoot\system32\DRIVERS\netbt.sys
0xF76E7000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF76F7000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xF774F000 \SystemRoot\System32\Drivers\aswRdr.SYS
0xAB9EC000 \SystemRoot\System32\vsdatant.sys
0xB8BB1000 \SystemRoot\System32\drivers\ws2ifsl.sys
0xAB9CA000 \SystemRoot\System32\drivers\afd.sys
0xF747C000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF7757000 \SystemRoot\System32\Drivers\SCDEmu.SYS
0xAB977000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xAC30F000 \SystemRoot\System32\Drivers\PQNTDrv.SYS
0xAB907000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF746C000 \SystemRoot\System32\Drivers\Fips.SYS
0xAB8A9000 \SystemRoot\System32\Drivers\aswSP.SYS
0xAB811000 \SystemRoot\System32\Drivers\aswSnx.SYS
0xABB93000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xF744C000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xF7767000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF79A1000 \SystemRoot\system32\drivers\AsIO.sys
0xF7787000 \SystemRoot\System32\Drivers\Aavmker4.SYS
0xABA9D000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xAB248000 \SystemRoot\system32\DRIVERS\rt73.sys
0xAB589000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xABCA7000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xAB4E3000 \SystemRoot\System32\drivers\Dxapi.sys
0xABA8D000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xB9CB2000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\ati2dvag.dll
0xBF060000 \SystemRoot\System32\ati2cqag.dll
0xBF130000 \SystemRoot\System32\atikvmag.dll
0xBF1DF000 \SystemRoot\System32\atiok3x2.dll
0xBF25C000 \SystemRoot\System32\ati3duag.dll
0xBF9C7000 \SystemRoot\System32\ativvaxx.dll
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xABB87000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0xAB6AD000 \SystemRoot\system32\DRIVERS\AegisP.sys
0xAB6A5000 \SystemRoot\system32\DRIVERS\vmnetbridge.sys
0xAB7D9000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xBA6F0000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xF778F000 \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
0xA85F0000 \SystemRoot\System32\Drivers\aswMon2.SYS
0xA8293000 \SystemRoot\system32\drivers\wdmaud.sys
0xA8420000 \SystemRoot\system32\drivers\sysaudio.sys
0xA8245000 \SystemRoot\system32\drivers\kmixer.sys
0xA80FF000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xA8598000 \??\C:\WINDOWS\system32\drivers\hcmon.sys
0xA8568000 \??\C:\WINDOWS\system32\Drivers\vmci.sys
0xA8030000 \??\C:\WINDOWS\system32\Drivers\vmx86.sys
0xA8394000 \SystemRoot\System32\Drivers\Aspi32.SYS
0xA7FED000 \SystemRoot\system32\DRIVERS\atksgt.sys
0xB979A000 \SystemRoot\system32\DRIVERS\lirsgt.sys
0xA7ECD000 \SystemRoot\system32\DRIVERS\srv.sys
0xF77F7000 \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys
0xA7964000 \SystemRoot\System32\Drivers\HTTP.sys
0xA7B0D000 \??\C:\WINDOWS\system32\GTNDIS5.SYS
0xAB3F9000 \SystemRoot\system32\drivers\splitter.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 65):
0 System Idle Process
4 System
844 C:\WINDOWS\system32\smss.exe
908 csrss.exe
960 C:\WINDOWS\system32\winlogon.exe
1004 C:\WINDOWS\system32\services.exe
1016 C:\WINDOWS\system32\lsass.exe
1196 C:\WINDOWS\system32\ati2evxx.exe
1216 C:\WINDOWS\system32\svchost.exe
1272 svchost.exe
1920 C:\WINDOWS\system32\svchost.exe
696 svchost.exe
884 svchost.exe
1092 C:\WINDOWS\system32\ZoneLabs\vsmon.exe
1388 C:\WINDOWS\system32\ati2evxx.exe
1656 C:\WINDOWS\explorer.exe
416 C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
500 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
368 C:\WINDOWS\system32\spoolsv.exe
1816 C:\Program Files\Creative\Shared Files\CTAudSvc.exe
2668 svchost.exe
2712 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2732 C:\Program Files\Bonjour\mDNSResponder.exe
2896 C:\WINDOWS\system32\CTSVCCDA.EXE
2932 C:\Program Files\Java\jre6\bin\jqs.exe
3016 C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
3284 C:\WINDOWS\system32\PnkBstrA.exe
3700 C:\WINDOWS\system32\svchost.exe
3744 C:\Program Files\TVersity\Media Server\MediaServer.exe
3924 C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
1976 C:\WINDOWS\system32\vmnat.exe
1348 C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
688 C:\WINDOWS\system32\vmnetdhcp.exe
2104 C:\WINDOWS\system32\wuauclt.exe
2108 C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
3236 C:\Program Files\Unlocker\UnlockerAssistant.exe
3248 alg.exe
3508 C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe
3516 C:\WINDOWS\system32\rundll32.exe
3528 C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
3552 C:\Program Files\Analog Devices\Core\smax4pnp.exe
3852 C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
3884 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
3892 C:\WINDOWS\iPScan5x.exe
4004 C:\WINDOWS\vsnpstd3.exe
2556 C:\WINDOWS\system32\rundll32.exe
2544 C:\Program Files\iTunes\iTunesHelper.exe
3116 C:\WINDOWS\system\HsMgr.exe
3308 C:\Program Files\Common Files\Java\Java Update\jusched.exe
3564 C:\Program Files\RocketDock\RocketDock.exe
3800 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
4032 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
4036 C:\Program Files\ASUS Xonar DG Audio\CustomApp\Program\AsusAudioCenter.exe
2124 C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
2248 C:\WINDOWS\system32\ctfmon.exe
2256 C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
2516 C:\Program Files\ASUS Xonar DG Audio\CustomApp\Program\MXmon.exe
2512 C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
736 G:\FRAPSd\fraps.exe
3584 C:\Program Files\iPod\bin\iPodService.exe
3348 C:\WINDOWS\system32\svchost.exe
3996 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
2532 C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
3964 C:\WINDOWS\system32\wuauclt.exe
1888 C:\Documents and Settings\Administrator\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\F: --> \\.\PhysicalDrive0 at offset 0x00000024`9ed8e200 (NTFS)
\\.\G: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (NTFS)
\\.\H: --> \\.\PhysicalDrive2 at offset 0x00000000`007e0000 (NTFS)

PhysicalDrive0 Model Number: ST31000528AS, Rev: CC38
PhysicalDrive1 Model Number: ST31000528AS, Rev: CC37
PhysicalDrive2 Model Number: InitioINIC-1610P, Rev: 1.03

Size Device Name MBR Status
--------------------------------------------
931 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
931 GB \\.\PhysicalDrive1 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
465 GB \\.\PhysicalDrive2 RE: Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A

Done!

**Shadefyre** · 06-06-2011

The GMER log has been attached as a .zip file, as it was too long to put in a post and too large a .txt to add as an attachment.

**Shadefyre** · 06-06-2011

DDS Log #1 [DDS.txt]

DDS (Ver_2011-06-03.01) - NTFSx86
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_24
Run by Administrator at 16:48:57 on 2011-06-06
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1375 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TVersity\Media Server\MediaServer.exe
C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
C:\WINDOWS\system32\vmnat.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\iPScan5x.EXE
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system\HsMgr.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ASUS Xonar DG Audio\Customapp\Program\ASUSAUDIOCENTER.EXE
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\ASUS Xonar DG Audio\Customapp\Program\MXMon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
G:\FRAPSD\FRAPS.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\WINDOWS\system32\wuauclt.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.ask.com?o=15179&l=dis
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} -
uURLSearchHooks: ZoneAlarm Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - c:\program files\zonealarm\tbZone.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: ZoneAlarm Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - c:\program files\zonealarm\tbZone.dll
BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\Tru stCheckerIEPlugin.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~4\office14\URLREDIR.DLL
BHO: Ask Toolbar BHO: {d4027c7f-154a-4066-a1ad-4243d8127440} - Ask Toolbar
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: ZoneAlarm Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - c:\program files\zonealarm\tbZone.dll
TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\Tru stCheckerIEPlugin.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} -
uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe"
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [Creative Detector] "c:\program files\creative\mediasource\detector\CTDetect.exe" /R
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Fraps] g:\frapsd\FRAPS.EXE
mRun: [UnlockerAssistant] c:\program files\unlocker\UnlockerAssistant.exe -H
mRun: [Six Engine] "c:\program files\asus\epu-6 engine\SixEngine.exe" -r
mRun: [P17Helper] Rundll32 P17.dll,P17Helper
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [ISW] "c:\program files\checkpoint\zaforcefield\ForceField.exe" /icon="hidden"
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [ATICustomerCare] "c:\program files\ati\aticustomercare\ATICustomerCare.exe"
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.e xe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.ex e" -launchedbylogin
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [CTSysVol] c:\program files\creative\sbaudigy\surround mixer\CTSysVol.exe /r
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [iPScan5x] c:\windows\iPScan5x.EXE
mRun: [tsnpstd3] c:\windows\tsnpstd3.exe
mRun: [snpstd3] c:\windows\vsnpstd3.exe
mRun: [vmware-tray] "c:\program files\vmware\vmware workstation\vmware-tray.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [VolPanel] "c:\program files\creative\volume panel\VolPanlu.exe" /r
mRun: [CTAPR2] "c:\program files\creative\sound blaster x-fi go\console launcher\CTAPR2.exe" /r
mRun: [Creative KSRun Persistence Module] RunDll32 KSRun.dll,RunDLLEntry
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Cmaudio8788] RunDll32 cmicnfgp.cpl,CMICtrlWnd
mRun: [Cmaudio8788GX] c:\windows\system\HsMgr.exe Envoke
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\mag icd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
uPolicies-explorer: NoResolveTrack = 1 (0x1)
uPolicies-explorer: NoInstrumentation = 1 (0x1)
uPolicies-explorer: RestrictRun = 0 (0x0)
mPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-explorer: RestrictRun = 0 (0x0)
dPolicies-explorer: NoResolveTrack = 1 (0x1)
dPolicies-explorer: NoInstrumentation = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office14\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15116/CTPID.cab
TCP: DhcpNameServer = 192.168.1.1 192.168.2.1
TCP: Interfaces\{C7DC2861-DBD1-4DD1-AD52-7BB02B295549} : DhcpNameServer = 192.168.1.1 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\bslpqpfe.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=PF&o=15176&locale=en_ US&apn_uid=FA85C448-2E99-4A29-A136-9730AE6C410D&apn_ptnrs=RW&apn_sauid=C6470BF2-8EE1-44DC-82EB-507B7E30FEE2&apn_dtid=YYYYYYYYCA&q=
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\bslpqpfe.default\ext ensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\winnt_x86-msvc\components\WeaveCrypto.dll
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\bslpqpfe.default\ext ensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\components\RadioWMPCoreGecko19.dll
FF - component: c:\program files\checkpoint\zaforcefield\trustchecker\compone nts\TrustCheckerMozillaPlugin.dll
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - plugin: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\bslpqpfe.default\ext ensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - plugin: c:\progra~1\micros~4\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~4\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npF FApi.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Ant Video Downloader: anttoolbar@ant.com - %profile%\extensions\anttoolbar@ant.com
FF - Ext: FoxyProxy Standard: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung
FF - Ext: FoxyProxy Basic: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung
FF - Ext: Firefox Sync: {340c2bbc-ce74-4362-90b5-7c26312808ef} - %profile%\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}
FF - Ext: ZoneAlarm Community Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - %profile%\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF - Ext: Black Steel: {e2c58150-9d72-11dd-ad8b-0800200c9a66} - %profile%\extensions\{e2c58150-9d72-11dd-ad8b-0800200c9a66}
FF - Ext: Simpler Black: {e971b650-6098-11da-8cd6-0800200c9a66} - %profile%\extensions\{e971b650-6098-11da-8cd6-0800200c9a66}
FF - Ext: ZoneAlarm Security Engine: {FFB96CC1-7EB3-449D-B827-DB661701C6BB} - c:\program files\checkpoint\zaforcefield\TrustChecker
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
.
============= SERVICES / DRIVERS ===============
.
R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.s ys [2008-6-23 137728]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.s ys [2011-3-2 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-10-15 307928]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2010-7-12 532224]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswF sBlk.sys [2010-10-15 19544]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-15 42184]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2010-5-26 26352]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2010-5-26 493032]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2010-8-4 583640]
R2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [2010-9-21 70704]
R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\common files\vmware\usb\vmware-usbarbitrator.exe [2010-9-21 539184]
R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
R3 cmudaxp;ASUS Xonar DG Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [2011-3-20 1498624]
S3 cpuz132;cpuz132;\??\c:\docume~1\admini~1\locals~1\ temp\cpuz132\cpuz132_x32.sys --> c:\docume~1\admini~1\locals~1\temp\cpuz132\cpuz132 _x32.sys [?]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2011-2-8 79360]
S3 ksaud;Creative USB Audio Driver;c:\windows\system32\drivers\ksaud.sys [2008-12-1 772992]
S3 ksaudfl;ksaudfl;c:\windows\system32\drivers\ksaudf l.sys [2008-10-24 1830912]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EX E [2010-1-9 4640000]
S3 p17filt;p17filt;c:\windows\system32\drivers\p17fil t.sys [2006-3-20 1452032]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
.
=============== Created Last 30 ================
.
2011-06-02 02:01:52 334384 ----a-w- c:\windows\system32\vmnetdhcp.exe
2011-06-02 02:01:49 404016 ----a-w- c:\windows\system32\vmnat.exe
2011-06-02 02:01:48 26288 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys
2011-06-02 02:01:46 760368 ----a-w- c:\windows\system32\vnetlib.dll
2011-06-02 02:01:43 24624 ----a-w- c:\windows\system32\drivers\VMkbd.sys
2011-05-30 21:48:21 -------- d-----w- c:\program files\Return to Castle Wolfenstein
2011-05-30 01:20:35 -------- d-----w- c:\program files\PowerQuest
2011-05-27 08:22:15 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-24 20:30:53 -------- d-----w- c:\program files\common files\DirectX
2011-05-24 19:55:46 -------- d-----w- c:\documents and settings\administrator\application data\Command & Conquer 3 Tiberium Wars
.
==================== Find3M ====================
.
2011-05-29 13:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 13:11:20 22712 -c--a-w- c:\windows\system32\drivers\mbam.sys
2011-05-10 12:10:59 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:03:54 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-04-06 20:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 20:20:16 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2011-04-06 20:20:16 197920 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 20:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-02 00:27:50 17444864 ----a-w- c:\windows\system32\atioglxx.dll
2011-04-02 00:21:06 24064 ----a-w- c:\windows\system32\ativcoxx.dll
2011-04-02 00:21:05 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2011-04-02 00:21:03 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2011-04-02 00:21:02 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-04-02 00:21:00 64512 ----a-w- c:\windows\system32\atimpc32.dll
2011-04-02 00:21:00 64512 ----a-w- c:\windows\system32\amdpcom32.dll
2011-03-30 19:04:58 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-03-30 19:04:58 109144 ----a-w- c:\windows\system32\OpenAL32.dll
.
============= FINISH: 16:49:51.90 ===============

**Shadefyre** · 06-06-2011

DDS Log #2 [attach.txt]

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-03.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 7/12/2010 3:00:41 PM
System Uptime: 6/6/2011 4:39:43 PM (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5Q-E
Processor: Intel(R) Core(TM)2 Duo CPU E7300 @ 2.66GHz | LGA 775 | 2666/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 146 GiB total, 56.319 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is FIXED (NTFS) - 785 GiB total, 42.138 GiB free.
G: is FIXED (NTFS) - 932 GiB total, 519.964 GiB free.
H: is FIXED (NTFS) - 466 GiB total, 379.209 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Ethernet Controller
Device ID: PCI\VEN_11AB&DEV_4364&SUBSYS_81F81043&REV_12\4&205 15DB1&0&00E5
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_11AB&DEV_4364&SUBSYS_81F81043&REV_12\4&205 15DB1&0&00E5
Service:
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Ethernet Controller
Device ID: PCI\VEN_11AB&DEV_4320&SUBSYS_811A1043&REV_14\4&31B 6CD7&0&10F0
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_11AB&DEV_4320&SUBSYS_811A1043&REV_14\4&31B 6CD7&0&10F0
Service:
.
==== System Restore Points ===================
.
RP92: 4/30/2011 9:33:58 PM - Unsigned driver install
RP93: 5/4/2011 11:02:31 PM - Installed Kane and Lynch: Dead Men.
RP94: 5/4/2011 11:16:58 PM - Installed Rogue Warrior.
RP95: 5/16/2011 4:58:13 AM - Removed Fallout 3
RP96: 5/29/2011 9:20:20 PM - Installed PartitionMagic
RP97: 6/5/2011 1:46:10 AM - System Checkpoint
RP98: 6/6/2011 4:37:58 PM - System Checkpoint
.
==== Installed Programs ======================
.
µTorrent
Adobe Community Help
Adobe Download Manager
Adobe Flash Media Live Encoder 3.1
Adobe Flash Player 10 Plugin
Adobe Media Player
Adobe Photoshop CS5
Adobe Reader 9.4.4
Alien Swarm
American McGee presents Scrapland
Amnesia: The Dark Descent
Amorous Professor Cherry v1.0
Anno 1404
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Arcanum
ASIO4ALL
Ask Toolbar
ASUS Xonar DG Audio
ATI AVIVO Codecs
ATI Catalyst Install Manager
ATI Catalyst Registration
ATI Problem Report Wizard
Audacity 1.2.6
avast! Free Antivirus
Battlefield: Bad Company™ 2
Bionic Commando Rearmed
BioShock
Bonjour
Borderlands
BulletStorm
Call Of Cthulhu DCoTE
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
ccc-utility
CCC Help English
ColdFear
Comical 0.8
Command & Conquer 3
Compact Wireless-G USB Adapter
Counter-Strike: Source
Creative EAX Console
Creative MediaSource
Creative MediaSource 5
Creative WaveStudio 7
Creatures Exodus
Cryostasis (Remove Only)
DAL Scanner
DeathSpank
Definition update for Microsoft Office 2010 (KB982726)
Deus Ex
Divinity II - DKS
Doom 3
DUNGEONS
Duty Calls
EPU-6 Engine
ESET Online Scanner v3
Fallout Mod Manager 0.11.9
Fallout Mod Manager 0.13.21
Fallout New Vegas
Far Cry 2
Flotilla v1.3
Fort Zombie
Fraps (remove only)
From Dusk Till Dawn
Front Mission Evolved (2010)
FUEL
Gemini Rue version 1.0
Grotesque-Tactics 1.0.0.4
GUN (TM)
Half-Life
Half-Life Uplink
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
HydraVision
iTunes
Java Auto Updater
Java(TM) 6 Update 24
Jurassic Park Operation Genesis
K-Lite Mega Codec Pack 6.5.0
Kane and Lynch: Dead Men
Killing Floor
Landwirtschafts Simulator 2011
Left 4 Dead
Left 4 Dead 2
Left 4 Dead 2 Add-on Support
Machinarium
MagicDisc 2.7.106
Magicka
Majesty 2: The Fantasy Kingdom Sim
Malwarebytes' Anti-Malware version 1.51.0.1200
marvell 61xx
Max Payne
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Crimson Skies
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Halo
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Software Update for Web Folders (English) 14
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft WSE 3.0 Runtime
Microsoft XNA Framework Redistributable 3.0
Microsoft XNA Framework Redistributable 3.1
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
mkv2vob
Modding Genesis Community Expansion Pack
Morrowind
Morrowind AnimKit 2.1 (remove only)
Mozilla Firefox (3.6.17)
MSI Star Cam 370i
MSVCRT
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6.0 Parser (KB925673)
Need for Speed(TM) Hot Pursuit
Nero 7 Essentials
NVIDIA PhysX
Octodad
Oddworld The Oddboxx
OpenAL
PartitionMagic
PDF Settings CS5
Penumbra Episode 1
Penumbra Requiem
PFConfig 1.0.296
PFPortChecker 1.0.39
Planescape - Torment
PowerISO
PowerQuest PartitionMagic 8.0
Project64 1.6
PunkBuster Services
Puzzle Agent - The Mystery of Scoggins
Puzzle Quest 2
QuickTime
Radium Vista Pack v1
realMYST Interactive 3D Edition
Realtek High Definition Audio Driver
Recettear: An Item Shop's Tale
Registry Mechanic 9.0
RocketDock 1.3.5
Rogue Warrior
S.T.A.L.K.E.R.: Call of Pripyat
S.T.A.L.K.E.R.: Clear Sky
SeaTools for Windows
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Word 2010 (KB2345000)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2183461)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360131)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
Serious Sam HD: The First Encounter
Serious Sam HD: The Second Encounter
Sid Meier's Civilization 4
Sid Meier's Civilization 4 - Beyond the Sword
Sid Meier's Civilization 4 - Warlords
Sins of a Solar Empire Trinity
Skype Toolbars
Skype™ 5.1
Sniper Ghost Warrior
Sony Ericsson DRM Packager 1.35
Sound Blaster Audigy
Sound Blaster X-Fi Go!
SoundMAX
SplitMediaLabs VH Screen Capture Driver (x86)
StarCraft II
Stranded II 1.0.0.1
Stubbs the Zombie in Rebel Without a Pulse
Sudeki
Syberia 1 1.00
System Requirements Lab
System Shock2
Team Fortress 2
The Chronicles of Riddick: Assault on Dark Athena
The Last Express
The Sims™ 3
The Suffering (remove only)
The Thing
The Void
the white chamber: definitive edition 1.7
Trespasser
TVersity Codec Pack 1.4
TVersity Media Server 1.9.2
Ubisoft Game Launcher
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft OneNote 2010 (KB2288640)
Update for Microsoft Outlook Social Connector (KB2289116)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Vampire - The Masquerade Bloodlines
VC 9.0 Runtime
VDMSound 2.0.4
Vegas Pro 9.0
Venetica
VLC media player 1.1.4
VMware Workstation
Volume Panel
WebFldrs XP
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
Windows Driver Package - MSI MSI Star Cam 370i (04/22/2008 1.0.0.0)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Presentation Foundation
WinRAR archiver
X-COM: Terror from the Deep
X-COM: UFO Defense
XML Paper Specification Shared Components Pack 1.0
YUME MIRU KUSURI
Yume Nikki 0.10 English
Zombie Shooter 2 v 1.0
ZoneAlarm
ZoneAlarm Toolbar
.
==== Event Viewer Messages From Past Week ========
.
6/5/2011 4:53:34 PM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer MACINTOSH-2 that believes that it is the master browser for the domain on transport NetBT_Tcpip_{C7DC2861-DBD1-4D. The master browser is stopping or an election is being forced.
6/5/2011 3:58:45 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
.
==== End Of File ===========================

**broni** · 07-06-2011

All logs look rather clean to me.

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
Click the "Scan" button to start scan:

On completion of the scan click "Save log", save it to your desktop and post in your next reply:

================================================== ======

Please download Rootkit Unhooker from one of the following links and save it to your desktop.

Link 1 (.exe file)
Link 2 (zipped file)
Link 3 (.rar file)

In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can downlaod, install and use the free 7-zip utility.

Double-click on RKUnhookerLE.exe to start the program.
Vista/Windows 7 users right-click and select Run As Administrator.
Click the Report tab, then click Scan.
Check Drivers, Stealth, and uncheck the rest.
Click OK.
Wait until it's finished and then go to File > Save Report.
Save the report to your Desktop.
Copy and paste the contents of the report into your next reply.

-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".

**Shadefyre** · 07-06-2011

aswMBR version 0.9.5.256 Copyright(c) 2011 AVAST Software
Run date: 2011-06-06 20:16:30
-----------------------------
20:16:30.640 OS Version: Windows 5.1.2600 Service Pack 3
20:16:30.640 Number of processors: 2 586 0x1706
20:16:30.640 ComputerName: ALPHAZERO UserName:
20:16:31.062 Initialize success
20:20:47.796 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
20:20:47.796 Disk 0 Vendor: ST31000528AS CC38 Size: 953869MB BusType: 3
20:20:47.796 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-12
20:20:47.796 Disk 1 Vendor: ST31000528AS CC37 Size: 953869MB BusType: 3
20:20:47.796 Disk 0 MBR read error 0
20:20:47.812 Disk 0 MBR scan
20:20:47.812 Disk 0 unknown MBR code
20:20:47.812 MBR BIOS signature not found 0
20:20:47.812 Disk 0 scanning sectors +1953504000
20:20:47.812 Disk 0 scanning C:\WINDOWS\system32\drivers
20:20:51.703 Service scanning
20:20:52.843 Disk 0 trace - called modules:
20:20:52.859 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spbw.sys >>UNKNOWN [0x8a640938]<<
20:20:52.859 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a570ab8]
20:20:52.859 3 CLASSPNP.SYS[f7657fd7] -> nt!IofCallDriver -> \Device\00000081[0x8a5d3f18]
20:20:52.875 5 ACPI.sys[f74a3620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a5d2d98]
20:20:52.875 Scan finished successfully
20:20:59.062 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\MBR.dat"
20:20:59.078 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\aswMBR.txt"

**Shadefyre** · 07-06-2011

RkU Version: 3.8.389.593, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #2
==============================================
>Drivers
==============================================
0xB8F4C000 C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 6889472 bytes (ATI Technologies Inc., ATI Radeon WindowsNT Miniport Driver)
0xBF25C000 C:\WINDOWS\System32\ati3duag.dll 4149248 bytes (ATI Technologies Inc. , ati3duag.dll)
0xBF9C7000 C:\WINDOWS\System32\ativvaxx.dll 2682880 bytes (Advanced Micro Devices, Inc. , Radeon Video Acceleration Universal Driver)
0x804D7000 C:\WINDOWS\system32\ntoskrnl.exe 2265088 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2265088 bytes
0x804D7000 RAW 2265088 bytes
0x804D7000 WMIxWDM 2265088 bytes
0xB8CC8000 C:\WINDOWS\system32\drivers\cmudaxp.sys 2101248 bytes (C-Media Inc, C-Media Audio WDM Driver)
0xBF800000 Win32k 1863680 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1863680 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xF74E3000 PCI_PNP3752 995328 bytes
0xF74E3000 spbw.sys 995328 bytes
0xF74E3000 sptd 995328 bytes
0xBF060000 C:\WINDOWS\System32\ati2cqag.dll 851968 bytes (ATI Technologies Inc., Central Memory Manager / Queue Server Module)
0xA8030000 C:\WINDOWS\system32\Drivers\vmx86.sys 847872 bytes (VMware, Inc., VMware kernel driver)
0xBF130000 C:\WINDOWS\System32\atikvmag.dll 716800 bytes (ATI Technologies Inc., Virtual Command And Memory Manager)
0xF7B29000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xAB9EC000 C:\WINDOWS\System32\vsdatant.sys 528384 bytes (Check Point Software Technologies LTD, ZoneAlarm Firewalling Driver)
0xBF1DF000 C:\WINDOWS\System32\atiok3x2.dll 512000 bytes (Advanced Micro Devices, Inc., Ring 0 x2 component)
0xAB811000 C:\WINDOWS\System32\Drivers\aswSnx.SYS 458752 bytes (AVAST Software, avast! Virtualization Driver)
0xAB907000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xAC59F000 C:\WINDOWS\system32\drivers\Senfilt.sys 393216 bytes (Sensaura, Sensaura WDM 3D Audio Driver)
0xB8BD1000 C:\WINDOWS\system32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xABB0B000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xA7ECD000 C:\WINDOWS\system32\DRIVERS\srv.sys 360448 bytes (Microsoft Corporation, Server driver)
0xAC617000 C:\WINDOWS\system32\drivers\ADIHdAud.sys 352256 bytes (Analog Devices, Inc., High Definition Audio Function Driver)
0xBF012000 C:\WINDOWS\System32\ati2dvag.dll 319488 bytes (ATI Technologies Inc., ATI Radeon WindowsNT Display Driver)
0xAB8A9000 C:\WINDOWS\System32\Drivers\aswSP.SYS 303104 bytes (AVAST Software, avast! self protection module)
0xBFFA0000 C:\WINDOWS\System32\ATMFD.DLL 286720 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xA7FED000 C:\WINDOWS\system32\DRIVERS\atksgt.sys 274432 bytes
0xA7964000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xAB248000 C:\WINDOWS\system32\DRIVERS\rt73.sys 245760 bytes (Ralink Technology, Corp., Ralink 802.11 USB Wireless Adapter Driver)
0xF7A1C000 mv61xx.sys 208896 bytes (Marvell Semiconductor, Inc., Marvell Thor and Odin Windows Driver)
0xB8C4C000 C:\WINDOWS\system32\DRIVERS\rdpdr.sys 196608 bytes (Microsoft Corporation, Microsoft RDP Device redirector)
0xF749D000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xF7AFC000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xA80FF000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 180224 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xA8245000 C:\WINDOWS\system32\drivers\kmixer.sys 176128 bytes (Microsoft Corporation, Kernel Mode Audio Mixer)
0xAB977000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xB8F10000 C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 163840 bytes (Windows (R) Server 2003 DDK provider, High Definition Audio Bus Driver v1.0a)
0xABABD000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xF7832000 dmio.sys 155648 bytes (Microsoft Corp., Veritas Software, NT Disk Manager I/O Driver)
0xABAE5000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xA6A56000 C:\WINDOWS\System32\Drivers\Fastfat.SYS 147456 bytes (Microsoft Corporation, Fast FAT File System Driver)
0xB8CA4000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xB8EEC000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xB8EC9000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xAB9CA000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x80700000 ACPI_HAL 134528 bytes
0x80700000 C:\WINDOWS\system32\hal.dll 134528 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xF794F000 fltMgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xF7858000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xB8C2F000 C:\WINDOWS\system32\DRIVERS\mcdbus.sys 118784 bytes (MagicISO, Inc., MagicISO SCSI Host Controller)
0xAC7B9000 C:\WINDOWS\system32\drivers\AtiHdmi.sys 114688 bytes (ATI Technologies, Inc., ATI High Definition Audio Function Driver)
0xF7AE2000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xAC5FF000 C:\WINDOWS\system32\drivers\AEAudio.sys 98304 bytes (Andrea Electronics Corporation, Audio Noise Filtering Driver (32-bit))
0xF796F000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xF74CB000 C:\WINDOWS\System32\Drivers\SCSIPORT.SYS 98304 bytes (Microsoft Corporation, SCSI Port Driver)
0xA85F0000 C:\WINDOWS\System32\Drivers\aswMon2.SYS 94208 bytes (AVAST Software, avast! File System Filter Driver for Windows XP)
0xF7BB6000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xB8C8D000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xA8293000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xB8F38000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xABB64000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xF7BCD000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xF748C000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xB8C7C000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xABCA7000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xB9A2E000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xB99FE000 C:\WINDOWS\system32\DRIVERS\nic1394.sys 65536 bytes (Microsoft Corporation, IEEE1394 Ndis Miniport and Call Manager)
0xF75F7000 ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0xBA6F0000 C:\WINDOWS\system32\DRIVERS\rspndr.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0xB99EE000 C:\WINDOWS\system32\DRIVERS\serial.sys 65536 bytes (Microsoft Corporation, Serial Device Driver)
0xA8568000 C:\WINDOWS\system32\Drivers\vmci.sys 65536 bytes (VMware, Inc., VMware kernel driver)
0xF76F7000 C:\WINDOWS\system32\DRIVERS\arp1394.sys 61440 bytes (Microsoft Corporation, IP/1394 Arp Client)
0xB9A0E000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xB9A1E000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xA8420000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xB960E000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xF7607000 C:\WINDOWS\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0xF7657000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xB99DE000 C:\WINDOWS\system32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver)
0xBA760000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF7637000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xBA740000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xA7BA5000 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\aswMBR.sys 45056 bytes
0xF746C000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xB9A3E000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xF7627000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xBA750000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xF76D7000 C:\WINDOWS\System32\Drivers\aswTdi.SYS 40960 bytes (AVAST Software, avast! TDI Filter Driver)
0xA8598000 C:\WINDOWS\system32\drivers\hcmon.sys 40960 bytes (VMware, Inc., VMware USB monitor)
0xF7617000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xB966E000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xBA720000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xA69F3000 C:\WINDOWS\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
0xF7647000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xF744C000 C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS 36864 bytes (Microsoft Corporation, Hid Class Library)
0xB9A4E000 C:\WINDOWS\system32\DRIVERS\intelppm.sys 36864 bytes (Microsoft Corporation, Processor Device Driver)
0xBA730000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xF747C000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xF76E7000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xF778F000 C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys 32768 bytes (Check Point Software Technologies, ZoneAlarm ForceField)
0xF771F000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF7757000 C:\WINDOWS\System32\Drivers\SCDEmu.SYS 32768 bytes (PowerISO Computing, Inc., PowerISO Virtual Drive)
0xF779F000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xF7767000 C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xF77FF000 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mbr.sys 28672 bytes
0xF7707000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xABA9D000 C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 28672 bytes (Microsoft Corporation, USB Mass Storage Class Driver)
0xAB6A5000 C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys 28672 bytes (VMware, Inc., VMware bridge driver (32-bit))
0xF7787000 C:\WINDOWS\System32\Drivers\Aavmker4.SYS 24576 bytes (AVAST Software, avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP)
0xF77A7000 C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0xF77AF000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xF77D7000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xF7797000 C:\WINDOWS\system32\DRIVERS\usbuhci.sys 24576 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0xF7817000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xAB6AD000 C:\WINDOWS\system32\DRIVERS\AegisP.sys 20480 bytes (Meetinghouse Data Communications, IEEE 802.1X Protocol Driver)
0xF774F000 C:\WINDOWS\System32\Drivers\aswRdr.SYS 20480 bytes (AVAST Software, avast! TDI RDR Driver)
0xB979A000 C:\WINDOWS\system32\DRIVERS\lirsgt.sys 20480 bytes
0xF781F000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xF770F000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xF77C7000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF77CF000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel(R) mini-port/call-manager driver)
0xF77BF000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xF77B7000 C:\WINDOWS\system32\drivers\VMkbd.sys 20480 bytes (VMware, Inc., VMware keyboard filter driver (32-bit))
0xF77F7000 C:\WINDOWS\system32\drivers\vmnetuserif.sys 20480 bytes (VMware, Inc., VMware network application interface driver (32-bit))
0xABA8D000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xA8394000 C:\WINDOWS\System32\Drivers\Aspi32.SYS 16384 bytes (Adaptec, ASPI for WIN32 Kernel Driver)
0xA7B0D000 C:\WINDOWS\system32\GTNDIS5.SYS 16384 bytes (Printing Communications Assoc., Inc. (PCAUSA), PCAUSA NDIS 5.0 Protocol Driver)
0xB9C9C000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xAB7D9000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xBA7A8000 C:\WINDOWS\system32\DRIVERS\serenum.sys 16384 bytes (Microsoft Corporation, Serial Port Enumerator)
0xABB87000 C:\WINDOWS\System32\Drivers\aswFsBlk.SYS 12288 bytes (AVAST Software, avast! File System Access Blocking Driver)
0xF7897000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xAB4E3000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xABB93000 C:\WINDOWS\system32\DRIVERS\hidusb.sys 12288 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xAB589000 C:\WINDOWS\system32\DRIVERS\mouhid.sys 12288 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xBA7A4000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xB8BCD000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xB9C94000 C:\WINDOWS\system32\DRIVERS\VMNET.SYS 12288 bytes (VMware, Inc., VMware virtual network driver (32-bit))
0xB9C98000 C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys 12288 bytes (VMware, Inc., VMware virtual network adapter driver (32-bit))
0xB8BB1000 C:\WINDOWS\System32\drivers\ws2ifsl.sys 12288 bytes (Microsoft Corporation, Winsock2 IFS Layer)
0xF79B5000 C:\WINDOWS\system32\DRIVERS\ASACPI.sys 8192 bytes (-, ATK0110 ACPI Utility)
0xF79A1000 C:\WINDOWS\system32\drivers\AsIO.sys 8192 bytes
0xF79E7000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xF798B000 dmload.sys 8192 bytes (Microsoft Corp., Veritas Software., NT Disk Manager Startup Driver)
0xF79E5000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF7987000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xF79E9000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF79EB000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xAB3F9000 C:\WINDOWS\system32\drivers\splitter.sys 8192 bytes (Microsoft Corporation, Microsoft Kernel Audio Splitter)
0xF79B7000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xF79D1000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF7989000 C:\WINDOWS\System32\Drivers\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xF7AC0000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xB9CB2000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xF7A65000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF7A4F000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0xAC30F000 C:\WINDOWS\System32\Drivers\PQNTDrv.SYS 4096 bytes (PowerQuest Corporation, PowerQuest Boot Mode Driver.)
0x8A68E1F8 unknown_irp_handler 3592 bytes
0x885511F8 unknown_irp_handler 3592 bytes
0x8A6901F8 unknown_irp_handler 3592 bytes
0x8A1B71F8 unknown_irp_handler 3592 bytes
0x8A6201F8 unknown_irp_handler 3592 bytes
0x898CC1F8 unknown_irp_handler 3592 bytes
0x8A1A01F8 unknown_irp_handler 3592 bytes
0x8A68F1F8 unknown_irp_handler 3592 bytes
0x8A22D1F8 unknown_irp_handler 3592 bytes
0x896F61F8 unknown_irp_handler 3592 bytes
0x8A1C2500 unknown_irp_handler 2816 bytes
0x896BC500 unknown_irp_handler 2816 bytes
==============================================
>Stealth
==============================================
WARNING: Virus alike driver modification [ndisip.sys]
WARNING: Virus alike driver modification [ndistapi.sys]
WARNING: Virus alike driver modification [AtiHdmi.sys]
WARNING: Virus alike driver modification [AsInsHelp32.sys]
WARNING: Virus alike driver modification [sffp_mmc.sys]
WARNING: Virus alike driver modification [snpstd3.sys]
WARNING: Virus alike driver modification [ASUSHWIO.SYS]
WARNING: Virus alike driver modification [hidusb.sys]
WARNING: Virus alike driver modification [dxapi.sys]
WARNING: Virus alike driver modification [mup.sys]
WARNING: Virus alike driver modification [slip.sys]
WARNING: Virus alike driver modification [sffp_sd.sys]
WARNING: Virus alike driver modification [irenum.sys]
WARNING: Virus alike driver modification [bdasup.sys]
WARNING: Virus alike driver modification [sfloppy.sys]
WARNING: Virus alike driver modification [imagedrv.sys]
WARNING: Virus alike driver modification [acpiec.sys]
WARNING: Virus alike driver modification [mcdbus.sys]
WARNING: Virus alike driver modification [cpqdap01.sys]
WARNING: Virus alike driver modification [AsInsHelp64.sys]
WARNING: Virus alike driver modification [sffdisk.sys]
WARNING: Virus alike driver modification [pcmcia.sys]
WARNING: Virus alike driver modification [nikedrv.sys]
WARNING: Virus alike driver modification [rio8drv.sys]
WARNING: Virus alike driver modification [riodrv.sys]
WARNING: Virus alike driver modification [ws2ifsl.sys]
WARNING: Virus alike driver modification [tdpipe.sys]
WARNING: Virus alike driver modification [fsvga.sys]
WARNING: Virus alike driver modification [mouhid.sys]
WARNING: Virus alike driver modification [tunmp.sys]
WARNING: Virus alike driver modification [AsIO.sys]
WARNING: Virus alike driver modification [nwlnkflt.sys]
WARNING: Virus alike driver modification [ftdisk.sys]
WARNING: Virus alike driver modification [usb8023.sys]
WARNING: Virus alike driver modification [fltMgr.sys]
WARNING: Virus alike driver modification [imagesrv.sys]
WARNING: Virus alike driver modification [mv61xx.sys]
WARNING: Virus alike driver modification [PnkBstrK.sys]
WARNING: Virus alike driver modification [afd.sys]
WARNING: Virus alike driver modification [cbidf2k.sys]
WARNING: Virus alike driver modification [rdpwd.sys]
WARNING: Virus alike driver modification [ks.sys]
WARNING: Virus alike driver modification [diskdump.sys]
WARNING: Virus alike driver modification [asyncmac.sys]
WARNING: Virus alike driver modification [fastfat.sys]
WARNING: Virus alike driver modification [usbport.sys]
WARNING: Virus alike driver modification [hdaudbus.sys]
WARNING: Virus alike driver modification [p17filt.sys]
WARNING: Virus alike driver modification [ndisuio.sys]
WARNING: Virus alike driver modification [smclib.sys]
WARNING: Virus alike driver modification [streamip.sys]
WARNING: Virus alike driver modification [tape.sys]
WARNING: Virus alike driver modification [mpe.sys]
WARNING: Virus alike driver modification [ipnat.sys]
WARNING: Virus alike driver modification [dmio.sys]
WARNING: Virus alike driver modification [mssmbios.sys]
WARNING: Virus alike driver modification [serenum.sys]
WARNING: Virus alike driver modification [usbintel.sys]
WARNING: Virus alike driver modification [netbt.sys]
WARNING: Virus alike driver modification [nwrdr.sys]
WARNING: Virus alike driver modification [ccdecode.sys]
WARNING: Virus alike driver modification [raspti.sys]
WARNING: Virus alike driver modification [aspi32.sys]
WARNING: Virus alike driver modification [kmixer.sys]
WARNING: Virus alike driver modification [rdbss.sys]
WARNING: Virus alike driver modification [ptilink.sys]
WARNING: Virus alike driver modification [mrxdav.sys]
WARNING: Virus alike driver modification [bcm42rly.sys]
WARNING: Virus alike driver modification [ndis.sys]
WARNING: Virus alike driver modification [cdaudio.sys]
WARNING: Virus alike driver modification [wstcodec.sys]
WARNING: Virus alike driver modification [acpi.sys]
WARNING: Virus alike driver modification [msfs.sys]
WARNING: Virus alike driver modification [tdi.sys]
WARNING: Virus alike driver modification [rdpdr.sys]
WARNING: Virus alike driver modification [partmgr.sys]
WARNING: Virus alike driver modification [RMCast.sys]
WARNING: Virus alike driver modification [flpydisk.sys]
WARNING: Virus alike driver modification [secdrv.sys]
WARNING: Virus alike driver modification [usbuhci.sys]
WARNING: Virus alike driver modification [AegisP.sys]
WARNING: Virus alike driver modification [ipinip.sys]
WARNING: Virus alike driver modification [vga.sys]
WARNING: Virus alike driver modification [tsbvcap.sys]
WARNING: Virus alike driver modification [tdtcp.sys]
WARNING: Virus alike driver modification [tcpip6.sys]
WARNING: Virus alike driver modification [mbam.sys]
WARNING: Virus alike driver modification [mouclass.sys]
WARNING: Virus alike driver modification [rt73.sys]
WARNING: Virus alike driver modification [kbdclass.sys]
WARNING: Virus alike driver modification [hidparse.sys]
WARNING: Virus alike driver modification [pciidex.sys]
WARNING: Virus alike driver modification [sonydcam.sys]
WARNING: Virus alike driver modification [usbcamd.sys]
WARNING: Virus alike driver modification [usbcamd2.sys]
WARNING: Virus alike driver modification [lirsgt.sys]
WARNING: Virus alike driver modification [cinemst2.sys]
WARNING: Virus alike driver modification [USBSTOR.SYS]
WARNING: Virus alike driver modification [http.sys]
WARNING: Virus alike driver modification [GEARAspiWDM.sys]
WARNING: Virus alike driver modification [bthport.sys]
WARNING: Virus alike driver modification [fdc.sys]
WARNING: Virus alike driver modification [atksgt.sys]
WARNING: Virus alike driver modification [modem.sys]
WARNING: Virus alike driver modification [usbehci.sys]
WARNING: Virus alike driver modification [rndismp.sys]
WARNING: Virus alike driver modification [npfs.sys]
WARNING: Virus alike driver modification [atmepvc.sys]
WARNING: Virus alike driver modification [usbccgp.sys]
WARNING: Virus alike driver modification [nwlnkfwd.sys]
WARNING: Virus alike driver modification [ipfltdrv.sys]
WARNING: Virus alike driver modification [scdemu.sys]
WARNING: Virus alike driver modification [ADIHdAud.sys]
WARNING: Virus alike driver modification [rawwan.sys]
WARNING: Virus alike driver modification [wanarp.sys]
WARNING: Virus alike driver modification [netbios.sys]
WARNING: Virus alike driver modification [msgpc.sys]
WARNING: Virus alike driver modification [atmuni.sys]
WARNING: Virus alike driver modification [srv.sys]
WARNING: Virus alike driver modification [processr.sys]
WARNING: Virus alike driver modification [tcpip.sys]
WARNING: Virus alike driver modification [disk.sys]
WARNING: Virus alike driver modification [intelppm.sys]
WARNING: Virus alike driver modification [ip6fw.sys]
WARNING: Virus alike driver modification [crusoe.sys]
WARNING: Virus alike driver modification [hidclass.sys]
WARNING: Virus alike driver modification [RtHDMI.sys]
WARNING: Virus alike driver modification [isapnp.sys]
WARNING: Virus alike driver modification [amdk6.sys]
WARNING: Virus alike driver modification [amdk7.sys]
WARNING: Virus alike driver modification [update.sys]
WARNING: Virus alike driver modification [wpdusb.sys]
WARNING: Virus alike driver modification [senfilt.sys]
WARNING: Virus alike driver modification [nmnt.sys]
WARNING: Virus alike driver modification [ndproxy.sys]
WARNING: Virus alike driver modification [termdd.sys]
WARNING: Virus alike driver modification [raspppoe.sys]
WARNING: Virus alike driver modification [imapi.sys]
WARNING: Virus alike driver modification [beep.sys]
WARNING: Virus alike driver modification [mnmdd.sys]
WARNING: Virus alike driver modification [rdpcdd.sys]
WARNING: Virus alike driver modification [mountmgr.sys]
WARNING: Virus alike driver modification [p3.sys]
WARNING: Virus alike driver modification [swenum.sys]
WARNING: Virus alike driver modification [wmilib.sys]
WARNING: Virus alike driver modification [fips.sys]
WARNING: Virus alike driver modification [mrxsmb.sys]
WARNING: Virus alike driver modification [usbd.sys]
WARNING: Virus alike driver modification [raspptp.sys]
WARNING: Virus alike driver modification [classpnp.sys]
WARNING: Virus alike driver modification [MSPQM.sys]
WARNING: Virus alike driver modification [rasl2tp.sys]
WARNING: Virus alike driver modification [tosdvd.sys]
WARNING: Virus alike driver modification [msdv.sys]
WARNING: Virus alike driver modification [volsnap.sys]
WARNING: Virus alike driver modification [i8042prt.sys]
WARNING: Virus alike driver modification [DMusic.sys]
WARNING: Virus alike driver modification [1394bus.sys]
WARNING: Virus alike driver modification [MSPCLOCK.sys]
WARNING: Virus alike driver modification [mstee.sys]
WARNING: Virus alike driver modification [atmlane.sys]
WARNING: Virus alike driver modification [nwlnkspx.sys]
WARNING: Virus alike driver modification [swmidi.sys]
WARNING: Virus alike driver modification [redbook.sys]
WARNING: Virus alike driver modification [ntfs.sys]
WARNING: Virus alike driver modification [ASACPI.sys]
WARNING: Virus alike driver modification [vdmindvd.sys]
WARNING: Virus alike driver modification [dmload.sys]
WARNING: Virus alike driver modification [rootmdm.sys]
WARNING: Virus alike driver modification [usbhub.sys]
WARNING: Virus alike driver modification [atmarpc.sys]
WARNING: Virus alike driver modification [USBAUDIO.sys]
WARNING: Virus alike driver modification [arp1394.sys]
WARNING: Virus alike driver modification [sysaudio.sys]
WARNING: Virus alike driver modification [nic1394.sys]
WARNING: Virus alike driver modification [ohci1394.sys]
WARNING: Virus alike driver modification [splitter.sys]
WARNING: File locked for read access [C:\WINDOWS\system32\drivers\sptd.sys]
WARNING: Virus alike driver modification [rspndr.sys]
WARNING: Virus alike driver modification [cdrom.sys]
WARNING: Virus alike driver modification [nwlnknb.sys]
WARNING: Virus alike driver modification [cdfs.sys]
WARNING: Virus alike driver modification [mf.sys]
WARNING: Virus alike driver modification [enum1394.sys]
WARNING: Virus alike driver modification [serial.sys]
WARNING: Virus alike driver modification [stcp2v30.sys]
WARNING: Virus alike driver modification [udfs.sys]
WARNING: Virus alike driver modification [parvdm.sys]
WARNING: Virus alike driver modification [pci.sys]
WARNING: Virus alike driver modification [psched.sys]
WARNING: Virus alike driver modification [vmci.sys]
WARNING: Virus alike driver modification [bridge.sys]
WARNING: Virus alike driver modification [sr.sys]
WARNING: Virus alike driver modification [ipsec.sys]
WARNING: Virus alike driver modification [MSKSSRV.sys]
WARNING: Virus alike driver modification [mcd.sys]
WARNING: Virus alike driver modification [WudfPf.sys]
WARNING: Virus alike driver modification [sdbus.sys]
WARNING: Virus alike driver modification [fs_rec.sys]
WARNING: Virus alike driver modification [dmboot.sys]
WARNING: Virus alike driver modification [parport.sys]
WARNING: Virus alike driver modification [videoprt.sys]
WARNING: Virus alike driver modification [WudfRd.sys]
WARNING: Virus alike driver modification [wdmaud.sys]
WARNING: Virus alike driver modification [nabtsfec.sys]
WARNING: Virus alike driver modification [vmx86.sys]
WARNING: Virus alike driver modification [rasacd.sys]
WARNING: Virus alike driver modification [nwlnkipx.sys]
WARNING: Virus alike driver modification [ndiswan.sys]
WARNING: Virus alike driver modification [mqac.sys]
WARNING: Virus alike driver modification [ksecdd.sys]
WARNING: Virus alike driver modification [aeaudio.sys]
WARNING: Virus alike driver modification [scsiport.sys]
WARNING: Virus alike driver modification [atapi.sys]

**broni** · 07-06-2011

Download TDSSKiller and save it to your desktop.

Extract (unzip) its contents to your desktop.
Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

Numerous Small Problems Likely Resulting From Malware Infections

Numerous Small Problems Likely Resulting From Malware Infections

Similar Threads

Malware problems

Problems resulting from downloading latest Vopt defragmenter version

Problems resulting from downloading latest Vopt defragmenter version

Numerous Connection Problems

Errors/Problems in VXD Voltrack causing me numerous crashes.