Help to solve problem with vaginaka

Hello. Please, help me.
Avast constantly blocks connection with vaginaka.net.
I used aswMBR.exe and recieved this:

aswMBR version 0.9.6.399 Copyright(c) 2011 AVAST Software
Run date: 2011-06-14 12:14:07
-----------------------------
12:14:07.328 OS Version: Windows 5.1.2600 Service Pack 3
12:14:07.328 Number of processors: 2 586 0xF0D
12:14:07.328 ComputerName: MICROSOF-4EBBB0 UserName: Admin
12:14:07.984 AVAST engine 6.0.1125 defs: 11061301
12:14:07.984 Initialize success
12:14:09.781 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-7
12:14:09.781 Disk 0 Vendor: SAMSUNG_SP2504C VT100-41 Size: 238474MB BusType: 3
12:14:09.781 Disk 0 MBR read error 0
12:14:09.781 Disk 0 MBR scan
12:14:09.781 Disk 0 unknown MBR code
12:14:09.781 MBR BIOS signature not found 0
12:14:09.781 Disk 0 scanning sectors +488376000
12:14:09.781 Disk 0 scanning C:\WINDOWS\system32\drivers
12:14:14.750 Service scanning
12:14:15.515 Disk 0 trace - called modules:
12:14:15.531 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spjj.sys >>UNKNOWN [0x89bb3938]<<
12:14:15.531 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89b24ab8]
12:14:15.531 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\00000074[0x89bf3f18]
12:14:15.562 5 ACPI.sys[f7496620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-7[0x89b66940]
12:14:15.562 AVAST engine scan C:\WINDOWS\system32
12:15:04.625 Scanning: C:\WINDOWS\system32\igfxtray.exe
12:15:04.640 File: C:\WINDOWS\system32\igfxtray.exe **HIDDEN**
12:15:04.640 Scan finished successfully
12:15:21.437 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Admin\Рабочий стол\MBR.dat"
12:15:21.468 The log file has been saved successfully to "C:\Documents and Settings\Admin\Рабочий стол\aswMBR.txt"

What I need to do now?

Hi there Obaldenok and welcome to GeekPolice!

I am Gabethebabe and I will be helping you with this issue. Before we start some general remarks/rules:

• Whilst I´m helping you, please follow my instructions carefully and do not experiment on your own or accept help from other persons.
  
• Feel free to ask questions! Especially if my instructions are not clear. I´m here to help, not confuse you.
  
• I will try and respond quickly, but please understand I do have a real life (job, wife, 3 kids, kinky hobbies).
  
• Stick with me till the end. If your computer starts running better, doesn´t mean it is clean yet!

====================

Time to use ComboFix by sUBs, a powerful tool that you are advised not to run without supervision of a trained malware helper. Please visit this webpage and read the tutorial on using ComboFix very carefully. After that download the tool and save it to your desktop.

Doubleclick ComboFix.exe to run the tool. Please post its log back here.

Hello Gabethebabe,
I did what you said.
Here is output:

ComboFix 11-06-13.04 - Admin 14.06.2011 14:55:50.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1251.7.1049.18.2037.1531 [GMT 4:00]
Running from: c:\documents and settings\Admin\¦рсюўшщ ёЄюы\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Admin\Главное меню\Программы\Автозагрузка\igfxtray.exe
c:\documents and settings\Admin\Application Data\Ykwoi
c:\documents and settings\Admin\Application Data\Ykwoi\wyapa.ela
c:\documents and settings\Admin\Application Data\Ykwoi\wyapa.tmp
c:\windows\system32\Config.cfg
c:\windows\system32\drivers\etc\_hosts
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\Thumbs.db
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Created from 2011-05-14 to 2011-06-14 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-10 12:10 . 2010-08-03 05:58 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2010-08-03 05:58 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:04 . 2010-08-03 05:58 102232 ----a-w- c:\windows\system32\drivers\aswFW.sys
2011-05-10 12:03 . 2010-08-03 05:58 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:03 . 2010-08-03 05:58 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:03 . 2010-08-03 05:58 192984 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2011-05-10 12:02 . 2010-08-03 05:58 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 12:02 . 2010-08-03 05:58 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-05-10 12:02 . 2010-08-03 05:58 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-05-10 11:59 . 2010-08-03 05:58 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2010-08-03 05:58 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-05-10 11:59 . 2010-08-03 05:58 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-12-13 . EC936BB945F789C0B4DAE06397334430 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
.
[-] 2008-12-19 14:09 . 64603B0E082019240B629000DDD114C1 . 1445888 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
.
[-] 2008-12-19 . 4B7E0EBEF4BAD0E08DFB26885EDF5AA7 . 652800 . . [5.82] . . c:\windows\system32\comctl32.dll
[7] 2008-04-15 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[7] 2008-04-15 . FF63BB56C05EA817124D4E18162FCE46 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
.
[-] 2008-12-19 . A46326FFE00FF90CB9A372B94E571438 . 631808 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
.
[-] 2008-12-19 . 9CA2A8437D6C26D64FCD860A94006401 . 884224 . . [7.00.6000.20935] . . c:\windows\system32\wininet.dll
.
[-] 2008-12-19 . E448E5836FEA2DE06AE6EE1D05874B3C . 1926144 . . [6.00.2900.5512] . . c:\windows\explorer.exe
.
[-] 2008-04-15 . 08A0D11FDB65563F695464EC539AB63F . 215552 . . [5.1.2600.5512] . . c:\windows\regedit.exe
.
[-] 2008-12-19 . 9C8FB3912BB3A20E7A9A079960EEC0A2 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
[-] 2008-12-19 . 0DE18690E4223998E471048889F09B8B . 37376 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
.
[-] 2008-12-19 . C5B4D14012A98BFC02CDFA81B8EAD2DB . 2165248 . . [5.1.2600.5657] . . c:\windows\system32\ntkrnlpa.exe
.
.
[-] 2008-12-19 . CFFB5804D6C42B37941F654DF656DDB6 . 2286592 . . [5.1.2600.5657] . . c:\windows\system32\ntoskrnl.exe
.
[-] 2008-12-19 . 6190A47A3C4B2F3D66DC270281C98A29 . 23552 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 19:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VistaIcon"="c:\program files\VistaDriveIcon\VistaDrv.exe" [2008-03-23 132096]
"Sony Ericsson PC Companion"="c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2009-12-08 774144]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-12-19 37376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-05 166424]
"FlashGuard"="c:\program files\Davis Software\FlashGuard\FlashGuard.exe" [2008-02-07 1355776]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-12-19 37376]
"VistaIcon"="c:\program files\VistaDriveIcon\VistaDrv.exe" [2008-03-23 132096]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IE7_011"="shell32" [X]
"ZZZZ2_FirstLogonSetting"="advpack.dll" [2008-12-19 124928]
"IE7_012"="advpack.dll" [2008-12-19 124928]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"UpdatesOverride"=dword:00000001
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [03.08.2010 9:58 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [03.08.2010 9:58 192984]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [06.08.2009 21:17 717296]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [03.08.2010 9:58 102232]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [03.08.2010 9:58 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [03.08.2010 9:58 307928]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [03.08.2010 9:58 19544]
R2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe [03.08.2010 9:58 121000]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [28.10.2009 21:40 222968]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [29.09.2009 8:11 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [29.09.2009 8:11 10496]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [29.09.2009 8:11 12928]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [13.10.2010 22:13 27632]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [16.07.2010 1:08 100736]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\drivers\s1039bus.sys [13.10.2010 21:25 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\drivers\s1039mdfl.sys [13.10.2010 21:25 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\drivers\s1039mdm.sys [13.10.2010 21:25 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1039mgmt.sys [13.10.2010 21:25 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1039nd5.sys [13.10.2010 21:25 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\drivers\s1039obex.sys [13.10.2010 21:25 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1039unic.sys [13.10.2010 21:25 123504]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WUAUSERV
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 08:34]
.
2011-06-14 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-09-28 19:44]
.
.
------- Supplementary Scan -------
.
uStart Page = www.omlet.ru
IE: &Экспорт в Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\6h4b6whj.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.yandex.ru/?clid=40488
FF - prefs.js: keyword.URL - hxxp://yandex.ru/yandsearch?clid=46329&text=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-plugin - c:\program files\plugin.exe
MSConfigStartUp-{6895041B-4C0D-D97C-70A4-CC853B41BE85} - c:\documents and settings\Admin\Application Data\Gabya\afat.exe
AddRemove-Microsoft .NET Framework 2.0 Language Pack - RUS - c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - RUS\install.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-14 15:02
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
C:\## aswSnx private storage
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1088)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\cscui.dll
.
- - - - - - - > 'lsass.exe'(1156)
c:\windows\system32\setupapi.dll
.
- - - - - - - > 'explorer.exe'(1516)
c:\windows\system32\SHDOCVW.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\msi.dll
c:\windows\System32\cscui.dll
c:\windows\system32\credui.dll
c:\windows\system32\MSVCP60.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Completion time: 2011-06-14 15:06:33 - machine was rebooted
ComboFix-quarantined-files.txt 2011-06-14 11:06
.
Pre-Run: 7 221 284 864 байт свободно
Post-Run: 7 748 755 456 байт свободно
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional RU" /execute /fastdetect
.
- - End Of File - - 35A9799781DAD3E70F61A2051C6CF82F

Obaldenok wrote:

c:\documents and settings\Admin\Главное меню\Программы\Автозагрузка\igfxtray.exe

This folder, what is it in English?

====================

• Download TDSSKiller by Kaspersky from here and save it to your desktop
  
• Doubleclick TDSSKiller.exe to run the tool
  
• Click the Start Scan button
  
• After the scan has finished, click the Close button
  
• Click the Report button and copy/paste the contents of it into your next reply
  
• The report can also be found in the root of your Windows drive (most likely C:\).

====================

After that, please repeat the aswMBR scan and post the log.

Hello, Gabethebabe,

thanks a lot for your help.

1. c:\documents and settings\Admin\Главное меню\Программы\Автозагрузка\igfxtray.exe
it is ...\Admin\Main menu\Programmes\Autorun\igfxtray.exe

2. results of Kasperskiy:
011/06/14 23:37:54.0218 1712 TDSS rootkit removing tool 2.5.4.0 Jun 7 2011 17:31:48
2011/06/14 23:37:55.0062 1712 ================================================================================
2011/06/14 23:37:55.0062 1712 SystemInfo:
2011/06/14 23:37:55.0062 1712
2011/06/14 23:37:55.0062 1712 OS Version: 5.1.2600 ServicePack: 3.0
2011/06/14 23:37:55.0062 1712 Product type: Workstation
2011/06/14 23:37:55.0062 1712 ComputerName: MICROSOF-4EBBB0
2011/06/14 23:37:55.0062 1712 UserName: Admin
2011/06/14 23:37:55.0062 1712 Windows directory: C:\WINDOWS
2011/06/14 23:37:55.0062 1712 System windows directory: C:\WINDOWS
2011/06/14 23:37:55.0062 1712 Processor architecture: Intel x86
2011/06/14 23:37:55.0062 1712 Number of processors: 2
2011/06/14 23:37:55.0062 1712 Page size: 0x1000
2011/06/14 23:37:55.0062 1712 Boot type: Normal boot
2011/06/14 23:37:55.0062 1712 ================================================================================
2011/06/14 23:37:56.0046 1712 Initialize success
2011/06/14 23:38:04.0171 1528 ================================================================================
2011/06/14 23:38:04.0171 1528 Scan started
2011/06/14 23:38:04.0171 1528 Mode: Manual;
2011/06/14 23:38:04.0171 1528 ================================================================================
2011/06/14 23:38:04.0390 1528 Aavmker4 (3f6884eff406238d39aaa892218f1df7) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/06/14 23:38:04.0468 1528 ACPI (e28afa761d7ecaa705a00b4a86f68da9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/06/14 23:38:04.0500 1528 ACPIEC (cea8d1da7696acbfc69a3823bcf1c738) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/06/14 23:38:04.0546 1528 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/06/14 23:38:04.0593 1528 AFD (38d7b715504da4741df35e3594fe2099) C:\WINDOWS\System32\drivers\afd.sys
2011/06/14 23:38:04.0703 1528 aswFsBlk (7f08d9c504b015d81a8abd75c80028c5) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/06/14 23:38:04.0718 1528 aswFW (7c561e8e168bcf8d834b7d4a6a40dcbf) C:\WINDOWS\system32\drivers\aswFW.sys
2011/06/14 23:38:04.0734 1528 aswMon2 (c2181ef6b54752273a0759a968c59279) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/06/14 23:38:04.0734 1528 aswNdis (7b948e3657bea62e437bc46ca6ef6012) C:\WINDOWS\system32\DRIVERS\aswNdis.sys
2011/06/14 23:38:04.0750 1528 aswNdis2 (5cb9cc0220a9522b449b56e2260d9020) C:\WINDOWS\system32\drivers\aswNdis2.sys
2011/06/14 23:38:04.0765 1528 aswRdr (ac48bdd4cd5d44af33087c06d6e9511c) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/06/14 23:38:04.0796 1528 aswSnx (b64134316fcd1f20e0f10ef3e65bd522) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/06/14 23:38:04.0812 1528 aswSP (d6788e3211afa9951ed7a4d617f68a4f) C:\WINDOWS\system32\drivers\aswSP.sys
2011/06/14 23:38:04.0828 1528 aswTdi (4d100c45517809439c7b6dd98997fa00) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/06/14 23:38:04.0859 1528 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/06/14 23:38:04.0875 1528 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/06/14 23:38:04.0890 1528 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/06/14 23:38:04.0921 1528 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/06/14 23:38:04.0968 1528 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/06/14 23:38:05.0031 1528 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/06/14 23:38:05.0046 1528 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/06/14 23:38:05.0062 1528 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/06/14 23:38:05.0093 1528 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/06/14 23:38:05.0171 1528 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/06/14 23:38:05.0218 1528 dmboot (d71be7c02b8b147e85456238d0660478) C:\WINDOWS\system32\drivers\dmboot.sys
2011/06/14 23:38:05.0234 1528 dmio (5f25de6f05c986dcc36adaf532c3ce0d) C:\WINDOWS\system32\drivers\dmio.sys
2011/06/14 23:38:05.0250 1528 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/06/14 23:38:05.0281 1528 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/06/14 23:38:05.0312 1528 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/06/14 23:38:05.0343 1528 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/06/14 23:38:05.0359 1528 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/06/14 23:38:05.0375 1528 Fips (1541a3a7a460decd6a2221065794a0de) C:\WINDOWS\system32\drivers\Fips.sys
2011/06/14 23:38:05.0390 1528 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/06/14 23:38:05.0421 1528 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/06/14 23:38:05.0453 1528 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/06/14 23:38:05.0468 1528 Ftdisk (fdd9e4cf0c558f64a58115cb2fc197ac) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/06/14 23:38:05.0500 1528 gdrv (b6bfec7542730e9a376bf2408423d493) C:\WINDOWS\gdrv.sys
2011/06/14 23:38:05.0531 1528 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/06/14 23:38:05.0562 1528 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/06/14 23:38:05.0593 1528 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/06/14 23:38:05.0640 1528 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/06/14 23:38:05.0687 1528 hwdatacard (20330198554b7ddb44403af21d6ae179) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
2011/06/14 23:38:05.0718 1528 hwusbdev (922065957563d851b5a68b95aadac6ad) C:\WINDOWS\system32\DRIVERS\ewusbdev.sys
2011/06/14 23:38:05.0750 1528 i8042prt (f9850bdd47dffd2797e984fe60c8b3b6) C:\WINDOWS\system32\drivers\i8042prt.sys
2011/06/14 23:38:05.0906 1528 ialm (bffa387180121df1e4646c4ced3e16ca) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2011/06/14 23:38:06.0062 1528 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/06/14 23:38:06.0203 1528 IntcAzAudAddService (927cf2be4e57ff55e23759ac0ca57aa3) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/06/14 23:38:06.0265 1528 intelppm (5151dff0faa3cccc38a9de9b4001d09b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/06/14 23:38:06.0296 1528 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/06/14 23:38:06.0328 1528 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/06/14 23:38:06.0328 1528 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/06/14 23:38:06.0359 1528 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/06/14 23:38:06.0406 1528 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/06/14 23:38:06.0437 1528 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/06/14 23:38:06.0484 1528 isapnp (1c93959977cad7168b4c816e8b29fe9b) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/06/14 23:38:06.0531 1528 Kbdclass (2b0018de01bfb628d0a49a301f34b46f) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/06/14 23:38:06.0578 1528 kbdhid (5be693a08508c6fd29b24ecb71dcc727) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/06/14 23:38:06.0593 1528 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/06/14 23:38:06.0625 1528 KSecDD (c6ebf1d6ad71df30db49b8d3287e1368) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/06/14 23:38:06.0687 1528 LgBttPort (4dd47b5af0b24871ebb9efc012a7474e) C:\WINDOWS\system32\DRIVERS\lgbtport.sys
2011/06/14 23:38:06.0703 1528 lgbusenum (1d038ca6c529203087a990e5e97887b4) C:\WINDOWS\system32\DRIVERS\lgbtbus.sys
2011/06/14 23:38:06.0703 1528 LGVMODEM (26f1976a330195d62a6224c76968cf0d) C:\WINDOWS\system32\DRIVERS\lgvmodem.sys
2011/06/14 23:38:06.0750 1528 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/06/14 23:38:06.0765 1528 Modem (5bced2c68331a18534ab8dbae71d93fc) C:\WINDOWS\system32\drivers\Modem.sys
2011/06/14 23:38:06.0781 1528 Mouclass (cbb891fda0c5ec9f557abba86ca5cb76) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/06/14 23:38:06.0796 1528 mouhid (dcf669a6b5682768d3fcf2906453ea97) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/06/14 23:38:06.0812 1528 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/06/14 23:38:06.0843 1528 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/06/14 23:38:06.0890 1528 MRxSmb (fb7dfd15d760ad339837a470f0e780d3) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/06/14 23:38:06.0906 1528 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/06/14 23:38:06.0937 1528 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/06/14 23:38:06.0953 1528 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/06/14 23:38:06.0968 1528 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/06/14 23:38:06.0984 1528 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/06/14 23:38:07.0000 1528 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/06/14 23:38:07.0031 1528 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/06/14 23:38:07.0046 1528 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/06/14 23:38:07.0062 1528 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/06/14 23:38:07.0078 1528 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/06/14 23:38:07.0093 1528 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/06/14 23:38:07.0109 1528 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/06/14 23:38:07.0125 1528 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/06/14 23:38:07.0156 1528 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/06/14 23:38:07.0187 1528 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/06/14 23:38:07.0234 1528 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/06/14 23:38:07.0265 1528 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/06/14 23:38:07.0281 1528 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/06/14 23:38:07.0312 1528 Parport (fa3a44ade1d355be8e29d3b6bf0ba702) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/06/14 23:38:07.0328 1528 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/06/14 23:38:07.0343 1528 ParVdm (f6167f46184c50a9bc2feb87067d1b97) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/06/14 23:38:07.0375 1528 PCI (f9b93d158c4d9f54fbdf1a9c807a1a5a) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/06/14 23:38:07.0390 1528 PCIIde (0d5ea82e0b16fa4c162635fa78e2ddc3) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/06/14 23:38:07.0421 1528 Pcmcia (b266a636c370476f25d307b30894d990) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/06/14 23:38:07.0515 1528 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/06/14 23:38:07.0531 1528 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/06/14 23:38:07.0546 1528 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/06/14 23:38:07.0609 1528 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/06/14 23:38:07.0625 1528 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/06/14 23:38:07.0640 1528 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/06/14 23:38:07.0640 1528 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/06/14 23:38:07.0671 1528 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/06/14 23:38:07.0671 1528 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/06/14 23:38:07.0703 1528 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/06/14 23:38:07.0734 1528 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/06/14 23:38:07.0750 1528 redbook (868c8de05325f3b250f806666de18f0d) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/06/14 23:38:07.0796 1528 rspndr (743d7d59767073a617b1dcc6c546f234) C:\WINDOWS\system32\DRIVERS\rspndr.sys
2011/06/14 23:38:07.0812 1528 RTLE8023xp (839141088ad7ee90f5b441b2d1afd22c) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
2011/06/14 23:38:07.0843 1528 s1039bus (20eb79fd0a13a18b70b6731a1285ca94) C:\WINDOWS\system32\DRIVERS\s1039bus.sys
2011/06/14 23:38:07.0875 1528 s1039mdfl (58780c6c3ad51da84b57d6ae42dc49ca) C:\WINDOWS\system32\DRIVERS\s1039mdfl.sys
2011/06/14 23:38:07.0906 1528 s1039mdm (1ff8b42d1346133a945b52876376ed40) C:\WINDOWS\system32\DRIVERS\s1039mdm.sys
2011/06/14 23:38:07.0937 1528 s1039mgmt (f64c13c549cb4732fe99c771fa35d038) C:\WINDOWS\system32\DRIVERS\s1039mgmt.sys
2011/06/14 23:38:07.0968 1528 s1039nd5 (ec22d9baa464a892c0637982b67292e6) C:\WINDOWS\system32\DRIVERS\s1039nd5.sys
2011/06/14 23:38:08.0000 1528 s1039obex (69e9ce002e7249e61ff2ea1336c71d89) C:\WINDOWS\system32\DRIVERS\s1039obex.sys
2011/06/14 23:38:08.0015 1528 s1039unic (482dfb3721a0de11cc22b439d17c348c) C:\WINDOWS\system32\DRIVERS\s1039unic.sys
2011/06/14 23:38:08.0062 1528 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/06/14 23:38:08.0125 1528 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
2011/06/14 23:38:08.0171 1528 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/06/14 23:38:08.0187 1528 Serial (27645ae9dcc60be467f3c92ddabed1b0) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/06/14 23:38:08.0203 1528 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/06/14 23:38:08.0265 1528 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/06/14 23:38:08.0328 1528 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys
2011/06/14 23:38:08.0328 1528 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
2011/06/14 23:38:08.0328 1528 sptd - detected LockedFile.Multi.Generic (1)
2011/06/14 23:38:08.0343 1528 sr (4a7b3b22c87f0897a68821734afe9528) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/06/14 23:38:08.0375 1528 Srv (9b390283569ea58d43d2586032b892f5) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/06/14 23:38:08.0390 1528 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/06/14 23:38:08.0406 1528 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/06/14 23:38:08.0500 1528 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/06/14 23:38:08.0546 1528 Tcpip (ad978a1b783b5719720cff204b666c8e) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/06/14 23:38:08.0578 1528 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/06/14 23:38:08.0593 1528 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/06/14 23:38:08.0625 1528 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/06/14 23:38:08.0687 1528 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/06/14 23:38:08.0750 1528 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/06/14 23:38:08.0781 1528 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/06/14 23:38:08.0828 1528 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/06/14 23:38:08.0843 1528 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/06/14 23:38:08.0875 1528 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/06/14 23:38:08.0890 1528 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/06/14 23:38:08.0921 1528 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/06/14 23:38:08.0968 1528 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/06/14 23:38:09.0000 1528 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/06/14 23:38:09.0031 1528 VolSnap (a79d899dfd0467c4df29af19902ecd18) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/06/14 23:38:09.0046 1528 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/06/14 23:38:09.0078 1528 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/06/14 23:38:09.0140 1528 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/06/14 23:38:09.0156 1528 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/06/14 23:38:09.0171 1528 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/06/14 23:38:09.0203 1528 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/06/14 23:38:09.0312 1528 ================================================================================
2011/06/14 23:38:09.0312 1528 Scan finished
2011/06/14 23:38:09.0312 1528 ================================================================================
2011/06/14 23:38:09.0312 2280 Detected object count: 1
2011/06/14 23:38:09.0312 2280 Actual detected object count: 1
2011/06/14 23:38:44.0390 2280 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys
2011/06/14 23:38:44.0390 2280 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
2011/06/14 23:38:44.0406 2280 C:\WINDOWS\system32\Drivers\sptd.sys - copied to quarantine
2011/06/14 23:38:44.0406 2280 LockedFile.Multi.Generic(sptd) - User select action: Quarantine


3. results of aswMBR
aswMBR version 0.9.6.399 Copyright(c) 2011 AVAST Software
Run date: 2011-06-14 23:40:43
-----------------------------
23:40:43.906 OS Version: Windows 5.1.2600 Service Pack 3
23:40:43.906 Number of processors: 2 586 0xF0D
23:40:43.906 ComputerName: MICROSOF-4EBBB0 UserName: Admin
23:40:44.515 AVAST engine 6.0.1125 defs: 11061401
23:40:44.515 Initialize success
23:40:59.468 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-7
23:40:59.468 Disk 0 Vendor: SAMSUNG_SP2504C VT100-41 Size: 238474MB BusType: 3
23:40:59.468 Disk 0 MBR read error 0
23:40:59.468 Disk 0 MBR scan
23:40:59.468 Disk 0 unknown MBR code
23:40:59.468 MBR BIOS signature not found 0
23:40:59.468 Disk 0 scanning sectors +488376000
23:40:59.468 Disk 0 scanning C:\WINDOWS\system32\drivers
23:41:03.593 Service scanning
23:41:04.375 Disk 0 trace - called modules:
23:41:04.375 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spjn.sys >>UNKNOWN [0x89bb3938]<<
23:41:04.375 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89c12718]
23:41:04.375 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\00000074[0x89af0f18]
23:41:04.375 5 ACPI.sys[f7496620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-7[0x89bf2940]
23:41:04.375 AVAST engine scan C:\WINDOWS\system32
23:41:54.093 Scan finished successfully
23:42:06.125 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Admin\Рабочий стол\MBR.dat"
23:42:06.140 The log file has been saved successfully to "C:\Documents and Settings\Admin\Рабочий стол\aswMBR.txt"

Do I need to do anything else?

Yes, you still have an infection.

Do you have a Windows XP setup disk? If you do, please proceed with the following:

• Put the Windows XP setup disk in the disk drive, restart the computer and boot from the disk.
  
• In the Welcome to Setup screen, hit R to start the Recovery Console
  
• Select the installation that you want to repair (typically there will be only one)
  
• You will have to enter the Administrator password when prompted (hit Enter if the admin account does not have a password)
  
• At the command prompt type FixMbr and hit Enter.
  
• Type exit and hit Enter to reboot your computer normally (remove the Windows XP setup disk).

NOTE: if you don´t know how to make your computer boot from a disk, check out this page.

====================

If you do not have this disk, try the following:
We are going to use the Recovery Console.

• Please reboot your computer
  
• During startup, a boot menu will appear for about 2 seconds
  
• Choose the option Microsoft Windows Recovery Console by hitting the down arrow key
  
• You will have to enter the Administrator password when prompted.
  
• At the command prompt type FixMbr and hit Enter.
  
• Type exit and hit Enter to reboot your computer normally

====================

After either of these actions, proceed with an aswMBR scan and post the log, please.