Jump to content

RaandJ04

Members
  • Posts

    6
  • Joined

  • Last visited

Everything posted by RaandJ04

  1. When I try that it says that it refers to a location which is currently unavailable.
  2. Ok so I was able to fix the proxy settings with your help and run the ESET scan and I will post the results below. I did not run the OTL fix as suggested because I am not able to find Bitcomet Helper to uninstall the program. Also after the ESET scan completed I went to the log found under program files and there was nothing there but this ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK There were no other txt documents. Any suggestions in regard to this would be helpful thank you again!
  3. Here are the results from Microsoft's Malicious Software Removal Tool: --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v3.10, August 2010 Started On Tue Aug 24 13:38:55 2010 WARNING: Security policy doesn't allow for all actions MSRT may require.->Scan ERROR: resource process://pid:2044 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:1324 (code 0x00000057 (87)) -> Sysclean ERROR: Internal error, code = 80508015 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Tue Aug 24 13:39:59 2010 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v3.11, September 2010 Started On Wed Sep 15 03:01:45 2010 WARNING: Security policy doesn't allow for all actions MSRT may require.->Scan ERROR: resource process://pid:6004 (code 0x00000005 (5)) Engine internal result code = 80508015 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Wed Sep 15 03:03:03 2010 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v3.12, October 2010 Started On Wed Oct 13 03:01:03 2010 WARNING: Security policy doesn't allow for all actions MSRT may require.->Scan ERROR: resource process://pid:4944 (code 0x00000005 (5)) Engine internal result code = 80508015 Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Wed Oct 13 03:02:16 2010 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v3.13, November 2010 Started On Mon Nov 15 13:35:26 2010 Microsoft Windows Malicious Software Removal Tool Finished On Mon Nov 15 13:35:48 2010 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v3.13, November 2010 Started On Mon Nov 15 13:36:51 2010 Extended Scan Results ---------------- ->Scan ERROR: resource process://pid:4832 (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\hiberfil.sys (code 0x00000020 (32)) ->Scan ERROR: resource file://C:\pagefile.sys (code 0x00000020 (32)) ->Scan ERROR: resource file://C:\System Volume Information\{0b9f4188-ed02-11df-8e2c-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{0b9f418c-ed02-11df-8e2c-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{0b9f431b-ed02-11df-8e2c-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{0b9f4425-ed02-11df-8e2c-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{4339f4f2-ee8c-11df-8434-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{7ead7ce7-eaa8-11df-892f-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{7ead7ceb-eaa8-11df-892f-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{83b23b07-ecf3-11df-8bde-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{83b23b0b-ecf3-11df-8bde-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{83b23b17-ecf3-11df-8bde-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{989ce0af-ec68-11df-a1ff-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{989ce1ee-ec68-11df-a1ff-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{9d08c12b-de1b-11df-948e-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{9d08c38a-de1b-11df-948e-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{9d08c459-de1b-11df-948e-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{b9a814a7-ecee-11df-9f9a-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{b9a814ab-ecee-11df-9f9a-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{b9a814b7-ecee-11df-9f9a-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{b9d51b08-ee7a-11df-96be-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{bb44b717-cc62-11df-844c-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{bb44b7ce-cc62-11df-844c-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{bb44b837-cc62-11df-844c-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{bb44b875-cc62-11df-844c-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{bb44b987-cc62-11df-844c-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{bb44baee-cc62-11df-844c-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{c65b3092-d69a-11df-a375-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{c65b3236-d69a-11df-a375-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{cbcdb287-eea8-11df-9ea0-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{e4e11fad-e19a-11df-a664-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{e4e1207f-e19a-11df-a664-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{e823f0b9-ecea-11df-a5d7-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{e823f0c0-ecea-11df-a5d7-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{f0abfa91-edf1-11df-89c9-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{f0abfa9d-edf1-11df-89c9-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{f0abfaa1-edf1-11df-89c9-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{f0abfc05-edf1-11df-89c9-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{f6dd6647-e446-11df-9359-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{f6dd67b0-e446-11df-9359-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\System Volume Information\{f6dd6886-e446-11df-9359-001bb95d64da}{3808876b-c176-4e48-b7ae-04046e6cc752} (code 0x00000005 (5)) No infection found as part of the extended scan Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Mon Nov 15 17:18:23 2010 Return code: 0 (0x0)
  4. Thanks for the quick responses! I was unable to run the ESET scan it tells me that my proxy settings are not configured? These are the results of the other scans that you requested I will do this in two posts. Thanks again! OTL OTL logfile created on: 11/15/2010 1:26:35 PM - Run 3 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Rachel\Desktop 64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 72.00% Memory free 8.00 Gb Paging File | 7.00 Gb Available in Paging File | 84.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 455.94 Gb Total Space | 160.80 Gb Free Space | 35.27% Space Free | Partition Type: NTFS Drive D: | 9.82 Gb Total Space | 9.19 Gb Free Space | 93.56% Space Free | Partition Type: NTFS Drive L: | 931.51 Gb Total Space | 260.67 Gb Free Space | 27.98% Space Free | Partition Type: NTFS Computer Name: RACHEL-PC | User Name: Rachel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Rachel\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.) PRC - C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe () PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe (Logitech Inc.) PRC - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () PRC - C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe () PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\Rachel\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (LVPrcS64) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (Browser Defender Update Service) -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.) SRV - (sdCoreService) -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe (PC Tools) SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (sdAuxService) -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe (PC Tools) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (pbfilter) -- C:\Program Files\PeerBlock\pbfilter.sys File not found DRV:64bit: - (PCTCore) -- C:\Windows\SysNative\drivers\PCTCore64.sys (PC Tools) DRV:64bit: - (pctEFA) -- C:\Windows\SysNative\drivers\pctEFA64.sys (PC Tools) DRV:64bit: - (pctDS) -- C:\Windows\SysNative\drivers\pctDS64.sys (PC Tools) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.) DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.) DRV:64bit: - (LVUVC64) Logitech QuickCam S5500(UVC) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.) DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.) DRV:64bit: - (LVPr2Mon) -- C:\Windows\SysNative\drivers\LVPr2M64.sys () DRV:64bit: - (LVPr2M64) -- C:\Windows\SysNative\drivers\LVPr2M64.sys () DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.) DRV:64bit: - (SrvHsfPCI) -- C:\Windows\SysNative\drivers\VSTBS26.SYS (Conexant Systems, Inc.) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (xcbdaNtscV) ViXS Tuner Card (NTSC) -- C:\Windows\SysNative\drivers\xcbdaVx64.sys (ViXS Systems Inc.) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.) DRV - (mcdbus) -- C:\Windows\SysWOW64\drivers\mcdbus.sys (MagicISO, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 A2 7F F7 BE 52 CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.com" FF - prefs.js..extensions.enabledItems: {8CD0D324-2880-455F-8583-523DA80014C4}:1.9.1 FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:2.0.6 FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=LMW2&o=16046&locale=en_US&q=" FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 50370 FF - prefs.js..network.proxy.type: 4 FF - HKLM\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools Security\BDT\Firefox\ [2010/09/04 21:13:40 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/27 19:38:00 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/10/27 19:38:00 | 000,000,000 | ---D | M] [2010/03/17 11:49:48 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\Mozilla\Extensions [2010/03/17 11:49:48 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org [2010/10/27 18:36:52 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\q9wiu194.default\extensions [2010/03/17 12:17:58 | 000,002,425 | ---- | M] () -- C:\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\q9wiu194.default\searchplugins\askcom.xml [2010/09/12 16:14:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Users\Rachel\Desktop\BitComet\tools\BitCometBHO_1.3.7.16.dll File not found O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O3 - HKLM\..\Toolbar: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com) O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.) O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe () O4 - HKCU..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe File not found O4 - Startup: C:\Users\Rachel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files\Logitech\Logitech WebCam Software\eReg.exe (Leader Technologies/Logitech) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: &D&ownload &with BitComet - C:\Users\Rachel\Desktop\BitComet.exe (www.BitComet.com) O8:64bit: - Extra context menu item: &D&ownload all video with BitComet - C:\Users\Rachel\Desktop\BitComet.exe (www.BitComet.com) O8:64bit: - Extra context menu item: &D&ownload all with BitComet - C:\Users\Rachel\Desktop\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &D&ownload &with BitComet - C:\Users\Rachel\Desktop\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Users\Rachel\Desktop\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &D&ownload all with BitComet - C:\Users\Rachel\Desktop\BitComet.exe (www.BitComet.com) O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Users\Rachel\Desktop\BitComet\tools\BitCometBHO_1.3.7.16.dll File not found O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12 O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2007/07/03 15:55:19 | 000,000,024 | ---- | M] () - C:\autoexec.txt -- [ NTFS ] O32 - AutoRun File - [2008/08/18 14:27:08 | 000,000,809 | ---- | M] () - L:\Autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2009/09/20 18:19:31 | 000,000,067 | ---- | M] () - L:\Autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/11/14 16:51:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2010/11/14 16:26:32 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Rachel\Desktop\OTL.exe [2010/11/12 12:55:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2010/11/10 12:53:06 | 000,000,000 | ---D | C] -- C:\Windows\pss [2010/11/01 15:20:15 | 000,000,000 | ---D | C] -- C:\gPotato [2010/11/01 15:17:13 | 000,000,000 | ---D | C] -- C:\Users\Rachel\AppData\Local\PMB Files [2010/11/01 15:17:12 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2010/11/01 15:16:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2010/10/26 12:22:01 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2010/10/26 12:22:01 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2010/10/26 12:22:01 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll [2010/10/26 12:22:01 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax [2010/10/26 12:22:01 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2010/10/26 12:22:01 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax [2010/10/26 12:22:01 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2010/10/26 12:21:56 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2010/10/23 13:56:34 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2010/10/17 15:44:49 | 000,000,000 | ---D | C] -- C:\Users\Rachel\AppData\Roaming\CometPlayer [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/11/15 13:26:58 | 000,013,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010/11/15 13:26:58 | 000,013,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010/11/15 13:19:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/11/15 13:19:35 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys [2010/11/15 13:18:08 | 000,000,020 | ---- | M] () -- C:\Users\Rachel\defogger_reenable [2010/11/15 09:31:35 | 000,003,584 | ---- | M] () -- C:\Users\Rachel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/11/14 19:35:52 | 000,000,104 | ---- | M] () -- C:\Users\Rachel\Desktop\Control Panel - Shortcut.lnk [2010/11/14 16:26:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Rachel\Desktop\OTL.exe [2010/11/14 14:09:45 | 000,022,390 | ---- | M] () -- C:\Users\Rachel\Documents\hersh5.jpg [2010/11/14 14:07:16 | 000,029,840 | ---- | M] () -- C:\Users\Rachel\Documents\hersh1.jpg [2010/11/12 15:39:59 | 000,011,916 | ---- | M] () -- C:\Users\Rachel\Documents\What principles from the classical school continue to characterize modern thought on crime.docx [2010/11/12 12:55:24 | 000,002,093 | ---- | M] () -- C:\Users\Rachel\Desktop\HijackThis.lnk [2010/11/10 12:26:12 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010/11/10 12:26:12 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010/11/10 12:26:11 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010/11/09 19:31:36 | 000,003,736 | ---- | M] () -- C:\Users\Rachel\Desktop\BitComet.xml [2010/11/09 19:31:26 | 000,006,571 | ---- | M] () -- C:\Users\Rachel\Desktop\Downloads.xml [2010/11/09 16:10:48 | 000,006,571 | ---- | M] () -- C:\Users\Rachel\Desktop\Downloads.xml.bak [2010/11/08 11:08:22 | 000,060,416 | ---- | M] () -- C:\Users\Rachel\Documents\LearningTeamCharterCriminology.doc [2010/11/07 15:52:40 | 000,001,029 | ---- | M] () -- C:\Users\Rachel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk [2010/11/03 10:44:32 | 000,010,892 | ---- | M] () -- C:\Users\Rachel\Documents\coverletter.docx [2010/11/02 20:37:34 | 000,001,628 | ---- | M] () -- C:\Users\Rachel\Desktop\AikaOnline.lnk [2010/11/01 15:20:06 | 470,233,249 | ---- | M] () -- C:\Users\Rachel\Desktop\Aika_AshesOfBetrayal.exe [2010/10/27 19:36:10 | 000,010,245 | ---- | M] () -- C:\Users\Rachel\Documents\CJAsta.docx [2010/10/26 12:21:50 | 001,197,970 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB [2010/10/17 15:44:51 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\Comet Player.lnk [2010/10/17 15:44:51 | 000,000,991 | ---- | M] () -- C:\Users\Public\Desktop\MpcStar.lnk [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/11/15 13:18:08 | 000,000,020 | ---- | C] () -- C:\Users\Rachel\defogger_reenable [2010/11/15 09:31:34 | 000,003,584 | ---- | C] () -- C:\Users\Rachel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/11/14 19:35:52 | 000,000,104 | ---- | C] () -- C:\Users\Rachel\Desktop\Control Panel - Shortcut.lnk [2010/11/14 14:16:46 | 000,022,390 | ---- | C] () -- C:\Users\Rachel\Documents\hersh5.jpg [2010/11/14 14:16:30 | 000,029,840 | ---- | C] () -- C:\Users\Rachel\Documents\hersh1.jpg [2010/11/12 12:55:24 | 000,002,093 | ---- | C] () -- C:\Users\Rachel\Desktop\HijackThis.lnk [2010/11/11 19:14:04 | 000,011,916 | ---- | C] () -- C:\Users\Rachel\Documents\What principles from the classical school continue to characterize modern thought on crime.docx [2010/11/08 11:08:22 | 000,060,416 | ---- | C] () -- C:\Users\Rachel\Documents\LearningTeamCharterCriminology.doc [2010/11/01 15:23:13 | 000,001,628 | ---- | C] () -- C:\Users\Rachel\Desktop\AikaOnline.lnk [2010/11/01 15:17:22 | 470,233,249 | ---- | C] () -- C:\Users\Rachel\Desktop\Aika_AshesOfBetrayal.exe [2010/10/27 19:36:09 | 000,010,245 | ---- | C] () -- C:\Users\Rachel\Documents\CJAsta.docx [2010/10/22 15:34:40 | 000,001,029 | ---- | C] () -- C:\Users\Rachel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk [2010/10/17 15:44:51 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\Comet Player.lnk [2010/09/04 21:13:39 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll [2010/04/19 18:36:58 | 000,000,007 | ---- | C] () -- C:\Windows\treeskp.sys [2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 160 bytes -> C:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:430C6D84 < End of report > TDSSKiller 2010/11/15 13:29:41.0478 TDSS rootkit removing tool 2.4.7.0 Nov 8 2010 10:52:22 2010/11/15 13:29:41.0478 ================================================================================ 2010/11/15 13:29:41.0478 SystemInfo: 2010/11/15 13:29:41.0478 2010/11/15 13:29:41.0478 OS Version: 6.1.7600 ServicePack: 0.0 2010/11/15 13:29:41.0478 Product type: Workstation 2010/11/15 13:29:41.0478 ComputerName: RACHEL-PC 2010/11/15 13:29:41.0478 UserName: Rachel 2010/11/15 13:29:41.0478 Windows directory: C:\Windows 2010/11/15 13:29:41.0478 System windows directory: C:\Windows 2010/11/15 13:29:41.0478 Running under WOW64 2010/11/15 13:29:41.0478 Processor architecture: Intel x64 2010/11/15 13:29:41.0478 Number of processors: 2 2010/11/15 13:29:41.0478 Page size: 0x1000 2010/11/15 13:29:41.0478 Boot type: Normal boot 2010/11/15 13:29:41.0478 ================================================================================ 2010/11/15 13:29:41.0478 Utility is running under WOW64 2010/11/15 13:29:41.0853 Initialize success 2010/11/15 13:29:44.0130 ================================================================================ 2010/11/15 13:29:44.0130 Scan started 2010/11/15 13:29:44.0130 Mode: Manual; 2010/11/15 13:29:44.0130 ================================================================================ 2010/11/15 13:29:45.0129 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 2010/11/15 13:29:45.0176 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 2010/11/15 13:29:45.0207 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 2010/11/15 13:29:45.0254 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 2010/11/15 13:29:45.0285 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 2010/11/15 13:29:45.0316 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 2010/11/15 13:29:45.0363 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys 2010/11/15 13:29:45.0394 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 2010/11/15 13:29:45.0441 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 2010/11/15 13:29:45.0488 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 2010/11/15 13:29:45.0534 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 2010/11/15 13:29:45.0550 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 2010/11/15 13:29:45.0581 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys 2010/11/15 13:29:45.0628 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 2010/11/15 13:29:45.0659 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys 2010/11/15 13:29:45.0675 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 2010/11/15 13:29:45.0737 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 2010/11/15 13:29:45.0753 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 2010/11/15 13:29:45.0784 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 2010/11/15 13:29:45.0815 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 2010/11/15 13:29:45.0862 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 2010/11/15 13:29:45.0924 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 2010/11/15 13:29:45.0956 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 2010/11/15 13:29:46.0002 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 2010/11/15 13:29:46.0034 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys 2010/11/15 13:29:46.0049 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2010/11/15 13:29:46.0080 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2010/11/15 13:29:46.0127 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 2010/11/15 13:29:46.0143 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 2010/11/15 13:29:46.0158 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 2010/11/15 13:29:46.0174 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 2010/11/15 13:29:46.0205 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 2010/11/15 13:29:46.0252 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 2010/11/15 13:29:46.0283 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 2010/11/15 13:29:46.0299 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 2010/11/15 13:29:46.0361 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 2010/11/15 13:29:46.0408 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 2010/11/15 13:29:46.0424 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 2010/11/15 13:29:46.0439 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys 2010/11/15 13:29:46.0470 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 2010/11/15 13:29:46.0502 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 2010/11/15 13:29:46.0533 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 2010/11/15 13:29:46.0580 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys 2010/11/15 13:29:46.0642 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys 2010/11/15 13:29:46.0673 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 2010/11/15 13:29:46.0689 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 2010/11/15 13:29:46.0736 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 2010/11/15 13:29:46.0798 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys 2010/11/15 13:29:46.0907 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 2010/11/15 13:29:47.0032 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 2010/11/15 13:29:47.0079 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 2010/11/15 13:29:47.0126 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 2010/11/15 13:29:47.0157 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 2010/11/15 13:29:47.0188 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 2010/11/15 13:29:47.0219 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 2010/11/15 13:29:47.0235 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 2010/11/15 13:29:47.0266 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 2010/11/15 13:29:47.0297 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 2010/11/15 13:29:47.0328 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 2010/11/15 13:29:47.0360 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 2010/11/15 13:29:47.0391 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 2010/11/15 13:29:47.0422 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 2010/11/15 13:29:47.0484 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2010/11/15 13:29:47.0531 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 2010/11/15 13:29:47.0594 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 2010/11/15 13:29:47.0640 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 2010/11/15 13:29:47.0656 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 2010/11/15 13:29:47.0687 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 2010/11/15 13:29:47.0718 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 2010/11/15 13:29:47.0765 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 2010/11/15 13:29:47.0812 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 2010/11/15 13:29:47.0859 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 2010/11/15 13:29:47.0890 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 2010/11/15 13:29:47.0921 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 2010/11/15 13:29:48.0046 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys 2010/11/15 13:29:48.0108 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 2010/11/15 13:29:48.0140 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 2010/11/15 13:29:48.0186 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 2010/11/15 13:29:48.0202 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2010/11/15 13:29:48.0233 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 2010/11/15 13:29:48.0264 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 2010/11/15 13:29:48.0327 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 2010/11/15 13:29:48.0342 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 2010/11/15 13:29:48.0374 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 2010/11/15 13:29:48.0389 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 2010/11/15 13:29:48.0420 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 2010/11/15 13:29:48.0436 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys 2010/11/15 13:29:48.0483 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys 2010/11/15 13:29:48.0498 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 2010/11/15 13:29:48.0576 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys 2010/11/15 13:29:48.0608 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys 2010/11/15 13:29:48.0654 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 2010/11/15 13:29:48.0701 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 2010/11/15 13:29:48.0732 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 2010/11/15 13:29:48.0748 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2010/11/15 13:29:48.0779 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2010/11/15 13:29:48.0810 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 2010/11/15 13:29:48.0857 LVPr2M64 (ded333dbdbbcc3555a6e6244522e2f1a) C:\Windows\system32\DRIVERS\LVPr2M64.sys 2010/11/15 13:29:48.0873 LVPr2Mon (ded333dbdbbcc3555a6e6244522e2f1a) C:\Windows\system32\DRIVERS\LVPr2M64.sys 2010/11/15 13:29:48.0935 LVRS64 (986c1cb787a007baa5f74e7d316d7246) C:\Windows\system32\DRIVERS\lvrs64.sys 2010/11/15 13:29:49.0122 LVUVC64 (5747bc465abea2858c5d037252aed84e) C:\Windows\system32\DRIVERS\lvuvc64.sys 2010/11/15 13:29:49.0341 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys 2010/11/15 13:29:49.0372 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 2010/11/15 13:29:49.0403 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 2010/11/15 13:29:49.0450 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 2010/11/15 13:29:49.0481 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 2010/11/15 13:29:49.0528 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 2010/11/15 13:29:49.0559 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 2010/11/15 13:29:49.0575 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 2010/11/15 13:29:49.0606 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 2010/11/15 13:29:49.0622 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 2010/11/15 13:29:49.0668 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 2010/11/15 13:29:49.0700 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys 2010/11/15 13:29:49.0731 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2010/11/15 13:29:49.0778 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2010/11/15 13:29:49.0793 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 2010/11/15 13:29:49.0809 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 2010/11/15 13:29:49.0856 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 2010/11/15 13:29:49.0871 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 2010/11/15 13:29:49.0887 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 2010/11/15 13:29:49.0934 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 2010/11/15 13:29:49.0965 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 2010/11/15 13:29:49.0980 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 2010/11/15 13:29:50.0012 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 2010/11/15 13:29:50.0043 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 2010/11/15 13:29:50.0058 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 2010/11/15 13:29:50.0074 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 2010/11/15 13:29:50.0121 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 2010/11/15 13:29:50.0168 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 2010/11/15 13:29:50.0214 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 2010/11/15 13:29:50.0261 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 2010/11/15 13:29:50.0292 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 2010/11/15 13:29:50.0308 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 2010/11/15 13:29:50.0324 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 2010/11/15 13:29:50.0355 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 2010/11/15 13:29:50.0370 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 2010/11/15 13:29:50.0402 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 2010/11/15 13:29:50.0464 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 2010/11/15 13:29:50.0495 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 2010/11/15 13:29:50.0526 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 2010/11/15 13:29:50.0589 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys 2010/11/15 13:29:50.0651 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 2010/11/15 13:29:50.0932 nvlddmkm (feffc8474be060ea7349a172b9810415) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2010/11/15 13:29:50.0994 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys 2010/11/15 13:29:51.0010 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys 2010/11/15 13:29:51.0057 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 2010/11/15 13:29:51.0104 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 2010/11/15 13:29:51.0150 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 2010/11/15 13:29:51.0182 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 2010/11/15 13:29:51.0291 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 2010/11/15 13:29:51.0322 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 2010/11/15 13:29:51.0369 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 2010/11/15 13:29:51.0416 PCTCore (3db59fe90f3525cd9bf120b726c11800) C:\Windows\system32\drivers\PCTCore64.sys 2010/11/15 13:29:51.0462 pctDS (ff43e3b1687e4e2140de6349ea5c7372) C:\Windows\system32\drivers\pctDS64.sys 2010/11/15 13:29:51.0494 pctEFA (60e9a05852af7e9cb11237c00aee4ccf) C:\Windows\system32\drivers\pctEFA64.sys 2010/11/15 13:29:51.0540 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 2010/11/15 13:29:51.0556 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 2010/11/15 13:29:51.0650 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 2010/11/15 13:29:51.0665 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 2010/11/15 13:29:51.0728 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 2010/11/15 13:29:51.0774 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 2010/11/15 13:29:51.0837 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 2010/11/15 13:29:51.0868 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 2010/11/15 13:29:51.0899 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 2010/11/15 13:29:51.0930 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 2010/11/15 13:29:51.0962 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 2010/11/15 13:29:51.0993 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 2010/11/15 13:29:52.0008 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 2010/11/15 13:29:52.0040 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 2010/11/15 13:29:52.0071 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 2010/11/15 13:29:52.0086 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 2010/11/15 13:29:52.0133 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys 2010/11/15 13:29:52.0149 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 2010/11/15 13:29:52.0164 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 2010/11/15 13:29:52.0196 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 2010/11/15 13:29:52.0211 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 2010/11/15 13:29:52.0258 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 2010/11/15 13:29:52.0305 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys 2010/11/15 13:29:52.0336 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 2010/11/15 13:29:52.0367 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 2010/11/15 13:29:52.0398 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2010/11/15 13:29:52.0445 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 2010/11/15 13:29:52.0461 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 2010/11/15 13:29:52.0492 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 2010/11/15 13:29:52.0539 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 2010/11/15 13:29:52.0554 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 2010/11/15 13:29:52.0570 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys 2010/11/15 13:29:52.0601 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 2010/11/15 13:29:52.0632 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2010/11/15 13:29:52.0648 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 2010/11/15 13:29:52.0679 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 2010/11/15 13:29:52.0726 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 2010/11/15 13:29:52.0851 sptd (602884696850c86434530790b110e8eb) C:\Windows\System32\Drivers\sptd.sys 2010/11/15 13:29:52.0929 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys 2010/11/15 13:29:52.0991 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys 2010/11/15 13:29:53.0054 SrvHsfPCI (93132c69394a99d992095d8cfe464801) C:\Windows\system32\DRIVERS\VSTBS26.SYS 2010/11/15 13:29:53.0210 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 2010/11/15 13:29:53.0303 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 2010/11/15 13:29:53.0366 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys 2010/11/15 13:29:53.0428 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 2010/11/15 13:29:53.0490 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys 2010/11/15 13:29:53.0522 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys 2010/11/15 13:29:53.0537 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 2010/11/15 13:29:53.0631 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys 2010/11/15 13:29:53.0709 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys 2010/11/15 13:29:53.0740 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 2010/11/15 13:29:53.0771 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 2010/11/15 13:29:53.0802 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 2010/11/15 13:29:53.0834 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 2010/11/15 13:29:53.0849 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 2010/11/15 13:29:53.0896 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 2010/11/15 13:29:53.0943 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 2010/11/15 13:29:53.0958 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 2010/11/15 13:29:53.0990 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 2010/11/15 13:29:54.0036 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 2010/11/15 13:29:54.0068 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 2010/11/15 13:29:54.0083 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 2010/11/15 13:29:54.0161 USBAAPL64 (cd03479f2da26500b203ed075c146a7a) C:\Windows\system32\Drivers\usbaapl64.sys 2010/11/15 13:29:54.0208 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys 2010/11/15 13:29:54.0255 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys 2010/11/15 13:29:54.0286 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 2010/11/15 13:29:54.0317 usbehci (df9f9afc9aaabd8ed47975d44e38169a) C:\Windows\system32\DRIVERS\usbehci.sys 2010/11/15 13:29:54.0348 usbhub (372a91bc3c6603080a793880b0873785) C:\Windows\system32\DRIVERS\usbhub.sys 2010/11/15 13:29:54.0364 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys 2010/11/15 13:29:54.0395 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 2010/11/15 13:29:54.0411 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2010/11/15 13:29:54.0442 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys 2010/11/15 13:29:54.0473 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 2010/11/15 13:29:54.0504 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 2010/11/15 13:29:54.0520 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 2010/11/15 13:29:54.0551 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 2010/11/15 13:29:54.0582 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 2010/11/15 13:29:54.0629 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys 2010/11/15 13:29:54.0645 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys 2010/11/15 13:29:54.0676 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 2010/11/15 13:29:54.0692 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 2010/11/15 13:29:54.0723 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 2010/11/15 13:29:54.0754 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 2010/11/15 13:29:54.0770 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 2010/11/15 13:29:54.0816 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 2010/11/15 13:29:54.0848 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2010/11/15 13:29:54.0848 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2010/11/15 13:29:54.0894 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 2010/11/15 13:29:54.0941 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 2010/11/15 13:29:55.0066 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 2010/11/15 13:29:55.0097 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 2010/11/15 13:29:55.0191 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 2010/11/15 13:29:55.0206 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 2010/11/15 13:29:55.0269 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 2010/11/15 13:29:55.0300 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 2010/11/15 13:29:55.0347 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 2010/11/15 13:29:55.0550 xcbdaNtscV (6caf33678521eb2ae97fe808f19e25ca) C:\Windows\system32\DRIVERS\xcbdaVx64.sys 2010/11/15 13:29:55.0612 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys 2010/11/15 13:29:55.0659 ================================================================================ 2010/11/15 13:29:55.0659 Scan finished 2010/11/15 13:29:55.0659 ================================================================================
  5. Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 5116 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 11/14/2010 3:57:35 PM mbam-log-2010-11-14 (15-57-35).txt Scan type: Quick scan Objects scanned: 144465 Time elapsed: 2 minute(s), 43 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++ DSS rootkit removing tool 2.4.7.0 Nov 8 2010 10:52:22 2010/11/14 16:39:04.0630 ================================================================================ 2010/11/14 16:39:04.0630 SystemInfo: 2010/11/14 16:39:04.0630 2010/11/14 16:39:04.0630 OS Version: 6.1.7600 ServicePack: 0.0 2010/11/14 16:39:04.0630 Product type: Workstation 2010/11/14 16:39:04.0631 ComputerName: RACHEL-PC 2010/11/14 16:39:04.0631 UserName: Rachel 2010/11/14 16:39:04.0631 Windows directory: C:\Windows 2010/11/14 16:39:04.0631 System windows directory: C:\Windows 2010/11/14 16:39:04.0631 Running under WOW64 2010/11/14 16:39:04.0631 Processor architecture: Intel x64 2010/11/14 16:39:04.0631 Number of processors: 2 2010/11/14 16:39:04.0631 Page size: 0x1000 2010/11/14 16:39:04.0631 Boot type: Normal boot 2010/11/14 16:39:04.0631 ================================================================================ 2010/11/14 16:39:04.0634 Utility is running under WOW64 2010/11/14 16:39:05.0086 Initialize success 2010/11/14 16:39:06.0590 ================================================================================ 2010/11/14 16:39:06.0591 Scan started 2010/11/14 16:39:06.0591 Mode: Manual; 2010/11/14 16:39:06.0591 ================================================================================ 2010/11/14 16:39:07.0645 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 2010/11/14 16:39:07.0663 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 2010/11/14 16:39:07.0689 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 2010/11/14 16:39:07.0744 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 2010/11/14 16:39:07.0777 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 2010/11/14 16:39:07.0814 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 2010/11/14 16:39:07.0885 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys 2010/11/14 16:39:07.0908 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 2010/11/14 16:39:07.0939 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 2010/11/14 16:39:07.0958 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 2010/11/14 16:39:08.0006 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 2010/11/14 16:39:08.0027 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 2010/11/14 16:39:08.0053 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys 2010/11/14 16:39:08.0082 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 2010/11/14 16:39:08.0101 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys 2010/11/14 16:39:08.0119 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 2010/11/14 16:39:08.0205 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 2010/11/14 16:39:08.0228 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 2010/11/14 16:39:08.0279 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 2010/11/14 16:39:08.0294 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 2010/11/14 16:39:08.0343 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 2010/11/14 16:39:08.0375 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 2010/11/14 16:39:08.0427 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 2010/11/14 16:39:08.0488 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 2010/11/14 16:39:08.0520 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys 2010/11/14 16:39:08.0547 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2010/11/14 16:39:08.0572 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2010/11/14 16:39:08.0628 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 2010/11/14 16:39:08.0649 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 2010/11/14 16:39:08.0663 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 2010/11/14 16:39:08.0678 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 2010/11/14 16:39:08.0710 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 2010/11/14 16:39:08.0736 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 2010/11/14 16:39:08.0783 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 2010/11/14 16:39:08.0802 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 2010/11/14 16:39:08.0849 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 2010/11/14 16:39:08.0897 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 2010/11/14 16:39:08.0925 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 2010/11/14 16:39:08.0945 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys 2010/11/14 16:39:08.0961 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 2010/11/14 16:39:08.0981 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 2010/11/14 16:39:09.0009 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 2010/11/14 16:39:09.0076 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys 2010/11/14 16:39:09.0143 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys 2010/11/14 16:39:09.0166 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 2010/11/14 16:39:09.0216 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 2010/11/14 16:39:09.0284 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 2010/11/14 16:39:09.0359 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys 2010/11/14 16:39:09.0471 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 2010/11/14 16:39:09.0528 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 2010/11/14 16:39:09.0550 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 2010/11/14 16:39:09.0590 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 2010/11/14 16:39:09.0625 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 2010/11/14 16:39:09.0655 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 2010/11/14 16:39:09.0705 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 2010/11/14 16:39:09.0724 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 2010/11/14 16:39:09.0750 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 2010/11/14 16:39:09.0782 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 2010/11/14 16:39:09.0810 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 2010/11/14 16:39:09.0834 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 2010/11/14 16:39:09.0874 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 2010/11/14 16:39:09.0898 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 2010/11/14 16:39:09.0965 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2010/11/14 16:39:10.0018 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 2010/11/14 16:39:10.0092 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 2010/11/14 16:39:10.0148 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 2010/11/14 16:39:10.0178 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 2010/11/14 16:39:10.0201 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 2010/11/14 16:39:10.0231 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 2010/11/14 16:39:10.0281 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 2010/11/14 16:39:10.0313 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 2010/11/14 16:39:10.0379 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 2010/11/14 16:39:10.0471 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 2010/11/14 16:39:10.0550 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 2010/11/14 16:39:10.0616 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys 2010/11/14 16:39:10.0668 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 2010/11/14 16:39:10.0726 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 2010/11/14 16:39:10.0762 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 2010/11/14 16:39:10.0790 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2010/11/14 16:39:10.0816 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 2010/11/14 16:39:10.0848 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 2010/11/14 16:39:10.0923 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 2010/11/14 16:39:10.0952 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 2010/11/14 16:39:10.0984 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 2010/11/14 16:39:11.0007 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 2010/11/14 16:39:11.0048 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 2010/11/14 16:39:11.0072 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys 2010/11/14 16:39:11.0117 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys 2010/11/14 16:39:11.0137 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 2010/11/14 16:39:11.0216 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys 2010/11/14 16:39:11.0273 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys 2010/11/14 16:39:11.0332 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 2010/11/14 16:39:11.0401 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 2010/11/14 16:39:11.0424 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 2010/11/14 16:39:11.0445 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2010/11/14 16:39:11.0469 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2010/11/14 16:39:11.0496 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 2010/11/14 16:39:11.0560 LVPr2M64 (ded333dbdbbcc3555a6e6244522e2f1a) C:\Windows\system32\DRIVERS\LVPr2M64.sys 2010/11/14 16:39:11.0595 LVPr2Mon (ded333dbdbbcc3555a6e6244522e2f1a) C:\Windows\system32\DRIVERS\LVPr2M64.sys 2010/11/14 16:39:11.0691 LVRS64 (986c1cb787a007baa5f74e7d316d7246) C:\Windows\system32\DRIVERS\lvrs64.sys 2010/11/14 16:39:11.0890 LVUVC64 (5747bc465abea2858c5d037252aed84e) C:\Windows\system32\DRIVERS\lvuvc64.sys 2010/11/14 16:39:11.0983 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys 2010/11/14 16:39:12.0010 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 2010/11/14 16:39:12.0035 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 2010/11/14 16:39:12.0094 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 2010/11/14 16:39:12.0146 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 2010/11/14 16:39:12.0196 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 2010/11/14 16:39:12.0248 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 2010/11/14 16:39:12.0268 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 2010/11/14 16:39:12.0297 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 2010/11/14 16:39:12.0317 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 2010/11/14 16:39:12.0352 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 2010/11/14 16:39:12.0392 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys 2010/11/14 16:39:12.0417 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2010/11/14 16:39:12.0454 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2010/11/14 16:39:12.0466 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 2010/11/14 16:39:12.0494 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 2010/11/14 16:39:12.0534 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 2010/11/14 16:39:12.0553 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 2010/11/14 16:39:12.0576 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 2010/11/14 16:39:12.0632 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 2010/11/14 16:39:12.0698 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 2010/11/14 16:39:12.0736 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 2010/11/14 16:39:12.0765 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 2010/11/14 16:39:12.0806 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 2010/11/14 16:39:12.0849 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 2010/11/14 16:39:12.0870 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 2010/11/14 16:39:12.0930 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 2010/11/14 16:39:12.0989 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 2010/11/14 16:39:13.0087 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 2010/11/14 16:39:13.0145 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 2010/11/14 16:39:13.0187 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 2010/11/14 16:39:13.0231 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 2010/11/14 16:39:13.0246 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 2010/11/14 16:39:13.0276 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 2010/11/14 16:39:13.0322 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 2010/11/14 16:39:13.0346 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 2010/11/14 16:39:13.0411 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 2010/11/14 16:39:13.0458 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 2010/11/14 16:39:13.0479 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 2010/11/14 16:39:13.0530 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys 2010/11/14 16:39:13.0552 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 2010/11/14 16:39:13.0847 nvlddmkm (feffc8474be060ea7349a172b9810415) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2010/11/14 16:39:13.0929 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys 2010/11/14 16:39:13.0948 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys 2010/11/14 16:39:14.0008 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 2010/11/14 16:39:14.0047 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 2010/11/14 16:39:14.0114 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 2010/11/14 16:39:14.0132 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 2010/11/14 16:39:14.0253 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 2010/11/14 16:39:14.0285 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 2010/11/14 16:39:14.0320 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 2010/11/14 16:39:14.0386 PCTCore (3db59fe90f3525cd9bf120b726c11800) C:\Windows\system32\drivers\PCTCore64.sys 2010/11/14 16:39:14.0422 pctDS (ff43e3b1687e4e2140de6349ea5c7372) C:\Windows\system32\drivers\pctDS64.sys 2010/11/14 16:39:14.0462 pctEFA (60e9a05852af7e9cb11237c00aee4ccf) C:\Windows\system32\drivers\pctEFA64.sys 2010/11/14 16:39:14.0486 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 2010/11/14 16:39:14.0505 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 2010/11/14 16:39:14.0612 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 2010/11/14 16:39:14.0627 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 2010/11/14 16:39:14.0687 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 2010/11/14 16:39:14.0739 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 2010/11/14 16:39:14.0771 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 2010/11/14 16:39:14.0796 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 2010/11/14 16:39:14.0823 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 2010/11/14 16:39:14.0880 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 2010/11/14 16:39:14.0928 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 2010/11/14 16:39:14.0980 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 2010/11/14 16:39:15.0026 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 2010/11/14 16:39:15.0056 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 2010/11/14 16:39:15.0078 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 2010/11/14 16:39:15.0100 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 2010/11/14 16:39:15.0149 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys 2010/11/14 16:39:15.0169 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 2010/11/14 16:39:15.0186 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 2010/11/14 16:39:15.0214 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 2010/11/14 16:39:15.0231 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 2010/11/14 16:39:15.0295 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 2010/11/14 16:39:15.0332 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys 2010/11/14 16:39:15.0361 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 2010/11/14 16:39:15.0387 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 2010/11/14 16:39:15.0426 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2010/11/14 16:39:15.0453 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 2010/11/14 16:39:15.0497 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 2010/11/14 16:39:15.0523 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 2010/11/14 16:39:15.0572 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 2010/11/14 16:39:15.0638 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 2010/11/14 16:39:15.0675 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys 2010/11/14 16:39:15.0717 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 2010/11/14 16:39:15.0762 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2010/11/14 16:39:15.0783 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 2010/11/14 16:39:15.0827 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 2010/11/14 16:39:15.0892 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 2010/11/14 16:39:16.0005 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys 2010/11/14 16:39:16.0006 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb 2010/11/14 16:39:16.0011 sptd - detected Locked file (1) 2010/11/14 16:39:16.0063 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys 2010/11/14 16:39:16.0112 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys 2010/11/14 16:39:16.0170 SrvHsfPCI (93132c69394a99d992095d8cfe464801) C:\Windows\system32\DRIVERS\VSTBS26.SYS 2010/11/14 16:39:16.0219 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 2010/11/14 16:39:16.0260 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 2010/11/14 16:39:16.0303 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys 2010/11/14 16:39:16.0371 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 2010/11/14 16:39:16.0429 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys 2010/11/14 16:39:16.0458 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys 2010/11/14 16:39:16.0476 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 2010/11/14 16:39:16.0582 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys 2010/11/14 16:39:16.0670 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys 2010/11/14 16:39:16.0711 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 2010/11/14 16:39:16.0739 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 2010/11/14 16:39:16.0759 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 2010/11/14 16:39:16.0783 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 2010/11/14 16:39:16.0805 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 2010/11/14 16:39:16.0848 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 2010/11/14 16:39:16.0900 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 2010/11/14 16:39:16.0926 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 2010/11/14 16:39:16.0951 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 2010/11/14 16:39:16.0984 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 2010/11/14 16:39:17.0032 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 2010/11/14 16:39:17.0054 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 2010/11/14 16:39:17.0114 USBAAPL64 (cd03479f2da26500b203ed075c146a7a) C:\Windows\system32\Drivers\usbaapl64.sys 2010/11/14 16:39:17.0155 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys 2010/11/14 16:39:17.0207 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys 2010/11/14 16:39:17.0266 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 2010/11/14 16:39:17.0290 usbehci (df9f9afc9aaabd8ed47975d44e38169a) C:\Windows\system32\DRIVERS\usbehci.sys 2010/11/14 16:39:17.0320 usbhub (372a91bc3c6603080a793880b0873785) C:\Windows\system32\DRIVERS\usbhub.sys 2010/11/14 16:39:17.0349 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys 2010/11/14 16:39:17.0371 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 2010/11/14 16:39:17.0397 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2010/11/14 16:39:17.0420 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys 2010/11/14 16:39:17.0449 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 2010/11/14 16:39:17.0479 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 2010/11/14 16:39:17.0501 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 2010/11/14 16:39:17.0528 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 2010/11/14 16:39:17.0554 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 2010/11/14 16:39:17.0596 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys 2010/11/14 16:39:17.0618 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys 2010/11/14 16:39:17.0645 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 2010/11/14 16:39:17.0668 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 2010/11/14 16:39:17.0686 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 2010/11/14 16:39:17.0715 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 2010/11/14 16:39:17.0740 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 2010/11/14 16:39:17.0781 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 2010/11/14 16:39:17.0832 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2010/11/14 16:39:17.0856 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2010/11/14 16:39:17.0898 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 2010/11/14 16:39:17.0942 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 2010/11/14 16:39:18.0009 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 2010/11/14 16:39:18.0031 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 2010/11/14 16:39:18.0132 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 2010/11/14 16:39:18.0185 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 2010/11/14 16:39:18.0253 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 2010/11/14 16:39:18.0300 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 2010/11/14 16:39:18.0351 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 2010/11/14 16:39:18.0516 xcbdaNtscV (6caf33678521eb2ae97fe808f19e25ca) C:\Windows\system32\DRIVERS\xcbdaVx64.sys 2010/11/14 16:39:18.0577 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys 2010/11/14 16:39:18.0685 ================================================================================ 2010/11/14 16:39:18.0685 Scan finished 2010/11/14 16:39:18.0685 ================================================================================ 2010/11/14 16:39:18.0696 Detected object count: 1 2010/11/14 16:39:21.0039 Locked file(sptd) - User select action: Skip ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++ OTL logfile created on: 11/14/2010 4:27:45 PM - Run 2 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Rachel\Desktop 64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 70.00% Memory free 8.00 Gb Paging File | 6.00 Gb Available in Paging File | 78.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 455.94 Gb Total Space | 160.82 Gb Free Space | 35.27% Space Free | Partition Type: NTFS Drive D: | 9.82 Gb Total Space | 9.19 Gb Free Space | 93.56% Space Free | Partition Type: NTFS Drive F: | 119.78 Mb Total Space | 119.50 Mb Free Space | 99.77% Space Free | Partition Type: FAT Drive L: | 931.51 Gb Total Space | 260.67 Gb Free Space | 27.98% Space Free | Partition Type: NTFS Computer Name: RACHEL-PC | User Name: Rachel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Rachel\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\MpcStar\mpcstar.exe () PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.) PRC - C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe () PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe (Logitech Inc.) PRC - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () PRC - C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe () PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\Rachel\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++++++++++++++++
  6. Hi! A couple of days ago my browser (Firefox) started saying that it could not connect because of a proxy problem. I figured that whatever virus I had was changing my proxy settings and so ran Malwarebytes. It did remove two viruses entitled Backdoor.Bot but of course it reinstalls whenever I restart my computer and the process starts again. I read some web pages and looked at some problems others were having in these forums unfortuantely there is no process running that I can see to disable. I also tried running in Safe Mode with Networking and ran Malwarebytes again, the results of which I will post underneath this intro. Any help that can be given would be greatly appreciated. Thank so much in advance! Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4602 Windows 6.1.7600 (Safe Mode) Internet Explorer 8.0.7600.16385 11/12/2010 1:36:38 PM mbam-log-2010-11-12 (13-36-38).txt Scan type: Full scan (C:\|) Objects scanned: 383659 Time elapsed: 1 hour(s), 1 minute(s), 8 second(s) Memory Processes Infected: 1 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 2 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: C:\Users\Rachel\AppData\Roaming\Microsoft\svchost.exe (Backdoor.Bot) -> Unloaded process successfully. Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost (Backdoor.Bot) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Users\Rachel\AppData\Roaming\Microsoft\svchost.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.