Jump to content

mingum

Members
 View Profile  See their activity

  • Posts

    19

  • Joined

  • Last visited

 Content Type 

Everything posted by mingum

  1. mingum
    This worked. I think I am fixed. Thank you so much Larry Tate.
  2. mingum
    It seems good, thanks. The program that is being blocked from running at startup is Malewarebytes Anti-Malware! I have to manually start it.
  3. mingum
    Hi You guys are helping me with my laptop that has a bad trojan (still working it out) so in the meantime I thought it would be a good idea to run your mbam software on my desktop computer. It found a "trojan.agent" and removed the exe file for my Quicken, which of course has very sensitive information in the main file. I had to reinstall quicken and I've run mbam again and it says it's clean but my question is -- not really understanding what this trojan means and what are the implications of this? Is there a possibility that all my personal data has been hacked? Do you have advice on what to do? Also if I want to buy your software for 3 computers in my house is there a discount or do I have to buy it 3 times?
  4. mingum
    Oh sorry. And now we are on page 2 to further confuse me! Here it is Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 4:24:06 PM, on 6/19/2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.18005) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\System32\WLTRAY.EXE C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files\Dell V305\dldtmon.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\AVG\AVG10\avgtray.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Dell Remote Access\ezi_ra.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Dell V305\dldtMsdMon.exe C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\AIM\aim.exe C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Max\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Max\Downloads\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/1 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [dldtmon.exe] "C:\Program Files\Dell V305\dldtmon.exe" O4 - HKLM\..\Run: [dldtamon] "C:\Program Files\Dell V305\dldtamon.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYAMABLAE0AQwAtAEUAOQBWAFUAVwAtAEUAVwAwAFYAQQAtAFUAVQAzAFgATAAtAEYARQBXADkANwA"&"inst=NwA3AC0ANAAyADcANgA1ADcANAAzADYALQBCAEEAKwAxAC0ASwBWADMAKwA3AC0AWABMACsAMQAtAEYAUAA5ACsANgAtAEIAQQBSADkARwArADEALQBUAEIAOQArADIALQBGAEwAKwA5AC0AWABPADMANgArADEALQBGADkATQA3AEMAKwA1AC0ARgA5AE0AMQAwAEIAKwAxAC0AWABPADkAKwAxAC0ARgA5AE0AMgArADEA"&"prod=90"&"ver=9.0.894 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Dell Remote Access.lnk = ? O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: dldtCATSCustConnectService - Unknown owner - C:\Windows\system32\spool\DRIVERS\W32X86\3\\dldtserv.exe O23 - Service: dldt_device - - C:\Windows\system32\dldtcoms.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe O23 - Service: Advanced Networking Service (hnmsvc) - Dell Inc. - c:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: SoftThinks Agent Service (SftService) - Unknown owner - C:\Windows\sminst\sftservice.EXE (file missing) O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE -- End of file - 9631 bytes
  5. mingum
    I think my trojan/virus whatever it is is still here, just got another Malwarebytes pop up-found a malicious website, we put it in quarantine. Maybe it's just the software working it's stuff, or there is something still trying to screw with me? Here is the hijack this log . DDS (Ver_2011-06-12.02) - NTFSx86 Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_23 Run by Max at 14:31:56 on 2011-06-19 Microsoft
  6. mingum
    Something tells me this log is screwy because I ran it while I was reinstalling AVG and it was scanning at the same time. Do I need to run DDS again, w/o avg?
  7. mingum
    Ok here it is . DDS (Ver_2011-06-12.02) - NTFSx86 Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_23 Run by Max at 14:31:56 on 2011-06-19 Microsoft
  8. mingum
    Ok that seemed to work and everything appears to be ok. Thanks so much for your quick help. However there is still one thing happening, not sure if it's a related issue - on startup there is a message that Windows has blocked some programs. When I right click the icon it says I can view the blocked programs, but honestly, there is so much info there I have no idea what I'm looking for. Is this related or something completely different? Thanks.
  9. mingum
    Defogger didn't enable, here is the log defogger_enable by jpshortstuff (23.02.10.1) Log created at 13:30 on 19/06/2011 (Max) Parsing file... -=E.O.F=-
  10. mingum
    Hi thanks for your help. Before I do all these next things, I still see the "Windows New updates available" icon on the taskbar, and also on startup it says that some programs are being blocked. When I uninstall all of this and run these programs will all that go away? Thanks.
  11. mingum
    Here is my new log ComboFix 11-06-17.04 - Max 06/19/2011 12:46:48.3.2 - x86 Microsoft
  12. mingum
    Hi While Combofix was running I had a message that "pev.exe has stopped working" and I clicked on "close program" and immediately regreted it. Here is my new log ComboFix 11-06-17.04 - Max 06/19/2011 12:06:53.2.2 - x86 Microsoft
  13. mingum
    Hi The weird "Windows Update" icon is still appearing in the taskbar. I had to uninstall AVG to run Combofix, so please tell me when I can reinstall it. After a reboot, there is still the message "Windows is blocking some startup programs" and I'm not sure if I should click on it to see what it is. There is an icon on the tray with a slash through it. Here is my log ComboFix 11-06-17.04 - Max 06/19/2011 10:41:32.1.2 - x86 Microsoft
  14. mingum
    Thank you thank you. The google searches appear to be fixed. However the icon saying that there are Windows updates available is still there, and I don't think it;s real, the icon is skinny and it kept popping up, so I suspected that it was the cause (or effect) of the virus/trojan. Also there is a popup when the computer is started says "Windows has blocked some programs. Click here to view." I'm afraid to click on it, because that started happening at the same time as this other stuff and I'm not sure if it's a real message or a fake trojan message. Here is my TDSSKiller log. I'm unclear if there was another log I was supposed to post. 2011/06/19 09:21:25.0956 12868 TDSS rootkit removing tool 2.5.5.0 Jun 16 2011 15:25:15 2011/06/19 09:21:26.0744 12868 ================================================================================ 2011/06/19 09:21:26.0744 12868 SystemInfo: 2011/06/19 09:21:26.0744 12868 2011/06/19 09:21:26.0744 12868 OS Version: 6.0.6002 ServicePack: 2.0 2011/06/19 09:21:26.0744 12868 Product type: Workstation 2011/06/19 09:21:26.0744 12868 ComputerName: MAX-PC 2011/06/19 09:21:26.0744 12868 UserName: Max 2011/06/19 09:21:26.0744 12868 Windows directory: C:\Windows 2011/06/19 09:21:26.0744 12868 System windows directory: C:\Windows 2011/06/19 09:21:26.0744 12868 Processor architecture: Intel x86 2011/06/19 09:21:26.0744 12868 Number of processors: 2 2011/06/19 09:21:26.0744 12868 Page size: 0x1000 2011/06/19 09:21:26.0744 12868 Boot type: Normal boot 2011/06/19 09:21:26.0744 12868 ================================================================================ 2011/06/19 09:21:27.0970 12868 Initialize success 2011/06/19 09:21:30.0352 13904 ================================================================================ 2011/06/19 09:21:30.0352 13904 Scan started 2011/06/19 09:21:30.0352 13904 Mode: Manual; 2011/06/19 09:21:30.0352 13904 ================================================================================ 2011/06/19 09:21:33.0039 13904 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2011/06/19 09:21:33.0118 13904 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 2011/06/19 09:21:33.0173 13904 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 2011/06/19 09:21:33.0236 13904 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 2011/06/19 09:21:33.0298 13904 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 2011/06/19 09:21:33.0485 13904 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 2011/06/19 09:21:33.0601 13904 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 2011/06/19 09:21:33.0654 13904 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2011/06/19 09:21:33.0730 13904 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 2011/06/19 09:21:33.0769 13904 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 2011/06/19 09:21:33.0808 13904 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 2011/06/19 09:21:33.0845 13904 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 2011/06/19 09:21:33.0882 13904 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 2011/06/19 09:21:33.0936 13904 ApfiltrService (b83f9da84f7079451c1c6a4a2f140920) C:\Windows\system32\DRIVERS\Apfiltr.sys 2011/06/19 09:21:34.0041 13904 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 2011/06/19 09:21:34.0115 13904 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 2011/06/19 09:21:34.0164 13904 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/06/19 09:21:34.0206 13904 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 2011/06/19 09:21:34.0444 13904 atikmdag (47dcf5d78c395159d72c65c25129fc44) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/06/19 09:21:34.0723 13904 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\Windows\System32\Drivers\avgldx86.sys 2011/06/19 09:21:34.0784 13904 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\Windows\System32\Drivers\avgmfx86.sys 2011/06/19 09:21:34.0830 13904 AvgTdiX (9a7a93388f503a34e7339ae7f9997449) C:\Windows\System32\Drivers\avgtdix.sys 2011/06/19 09:21:34.0893 13904 BCM42RLY (423c7b87e886ac93d22936ea82665f83) C:\Windows\system32\drivers\BCM42RLY.sys 2011/06/19 09:21:34.0970 13904 BCM43XX (41a70777e892c3dea606758366566a77) C:\Windows\system32\DRIVERS\bcmwl6.sys 2011/06/19 09:21:35.0057 13904 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2011/06/19 09:21:35.0115 13904 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 2011/06/19 09:21:35.0186 13904 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 2011/06/19 09:21:35.0226 13904 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2011/06/19 09:21:35.0254 13904 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2011/06/19 09:21:35.0345 13904 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2011/06/19 09:21:35.0422 13904 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2011/06/19 09:21:35.0473 13904 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2011/06/19 09:21:35.0496 13904 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2011/06/19 09:21:35.0544 13904 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2011/06/19 09:21:35.0598 13904 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/06/19 09:21:35.0652 13904 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2011/06/19 09:21:35.0698 13904 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys 2011/06/19 09:21:35.0746 13904 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2011/06/19 09:21:35.0976 13904 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/06/19 09:21:36.0043 13904 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 2011/06/19 09:21:36.0097 13904 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 2011/06/19 09:21:36.0125 13904 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 2011/06/19 09:21:36.0161 13904 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 2011/06/19 09:21:36.0248 13904 CtAudDrv (0f538df1673e5216f3baacb6911d9d0f) C:\Windows\system32\Drivers\CtAudDrv.sys 2011/06/19 09:21:36.0410 13904 CtClsFlt (aa52c0b88c46d5037809d05dd826c61e) C:\Windows\system32\DRIVERS\CtClsFlt.sys 2011/06/19 09:21:36.0464 13904 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 2011/06/19 09:21:36.0594 13904 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2011/06/19 09:21:36.0722 13904 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2011/06/19 09:21:36.0783 13904 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 2011/06/19 09:21:36.0853 13904 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys 2011/06/19 09:21:36.0927 13904 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 2011/06/19 09:21:37.0006 13904 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2011/06/19 09:21:37.0074 13904 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 2011/06/19 09:21:37.0169 13904 ErrDev (f2a80de2d1b7116052c09cb4d4ca1416) C:\Windows\system32\drivers\errdev.sys 2011/06/19 09:21:37.0498 13904 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2011/06/19 09:21:37.0631 13904 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2011/06/19 09:21:37.0843 13904 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 2011/06/19 09:21:37.0926 13904 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2011/06/19 09:21:37.0953 13904 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2011/06/19 09:21:37.0998 13904 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/06/19 09:21:38.0059 13904 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2011/06/19 09:21:38.0125 13904 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2011/06/19 09:21:38.0167 13904 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 2011/06/19 09:21:38.0222 13904 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2011/06/19 09:21:38.0352 13904 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys 2011/06/19 09:21:38.0420 13904 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/06/19 09:21:38.0477 13904 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2011/06/19 09:21:38.0513 13904 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys 2011/06/19 09:21:38.0569 13904 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 2011/06/19 09:21:38.0616 13904 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 2011/06/19 09:21:38.0698 13904 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 2011/06/19 09:21:38.0761 13904 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 2011/06/19 09:21:38.0841 13904 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/06/19 09:21:38.0898 13904 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 2011/06/19 09:21:38.0978 13904 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2011/06/19 09:21:39.0039 13904 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 2011/06/19 09:21:39.0092 13904 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2011/06/19 09:21:39.0141 13904 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/06/19 09:21:39.0202 13904 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 2011/06/19 09:21:39.0233 13904 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2011/06/19 09:21:39.0286 13904 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2011/06/19 09:21:39.0346 13904 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 2011/06/19 09:21:39.0408 13904 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/06/19 09:21:39.0464 13904 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2011/06/19 09:21:39.0519 13904 itecir (8bcd857c7932ad005d5f9c89329da2e1) C:\Windows\system32\DRIVERS\itecir.sys 2011/06/19 09:21:39.0556 13904 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2011/06/19 09:21:39.0779 13904 k57nd60x (2fbf424e4e8d5f320d2f69d9a726de30) C:\Windows\system32\DRIVERS\k57nd60x.sys 2011/06/19 09:21:39.0864 13904 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/06/19 09:21:39.0907 13904 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/06/19 09:21:39.0976 13904 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2011/06/19 09:21:40.0048 13904 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/06/19 09:21:40.0120 13904 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 2011/06/19 09:21:40.0150 13904 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 2011/06/19 09:21:40.0204 13904 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 2011/06/19 09:21:40.0232 13904 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2011/06/19 09:21:40.0310 13904 MBAMProtector (3d2c13377763eeac0ca6fb46f57217ed) C:\Windows\system32\drivers\mbam.sys 2011/06/19 09:21:40.0447 13904 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 2011/06/19 09:21:40.0507 13904 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 2011/06/19 09:21:40.0558 13904 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2011/06/19 09:21:40.0595 13904 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2011/06/19 09:21:40.0626 13904 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2011/06/19 09:21:40.0677 13904 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 2011/06/19 09:21:40.0708 13904 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2011/06/19 09:21:40.0745 13904 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 2011/06/19 09:21:40.0789 13904 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2011/06/19 09:21:40.0826 13904 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2011/06/19 09:21:40.0868 13904 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2011/06/19 09:21:40.0924 13904 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/06/19 09:21:40.0975 13904 mrxsmb10 (d4a3c7c580c4ccb5c06f2ada933ad507) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/06/19 09:21:41.0027 13904 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/06/19 09:21:41.0246 13904 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys 2011/06/19 09:21:41.0277 13904 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 2011/06/19 09:21:41.0322 13904 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2011/06/19 09:21:41.0415 13904 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2011/06/19 09:21:41.0456 13904 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2011/06/19 09:21:41.0536 13904 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/06/19 09:21:41.0555 13904 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2011/06/19 09:21:41.0627 13904 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2011/06/19 09:21:41.0697 13904 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/06/19 09:21:41.0735 13904 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2011/06/19 09:21:41.0775 13904 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2011/06/19 09:21:41.0830 13904 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2011/06/19 09:21:41.0893 13904 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2011/06/19 09:21:41.0935 13904 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/06/19 09:21:41.0956 13904 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/06/19 09:21:42.0005 13904 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/06/19 09:21:42.0094 13904 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2011/06/19 09:21:42.0155 13904 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2011/06/19 09:21:42.0225 13904 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2011/06/19 09:21:42.0300 13904 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2011/06/19 09:21:42.0351 13904 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2011/06/19 09:21:42.0385 13904 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2011/06/19 09:21:42.0491 13904 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2011/06/19 09:21:42.0559 13904 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2011/06/19 09:21:42.0602 13904 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2011/06/19 09:21:42.0657 13904 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 2011/06/19 09:21:42.0697 13904 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 2011/06/19 09:21:42.0770 13904 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 2011/06/19 09:21:42.0875 13904 OA001Ufd (9f4a5990f326f91f4d2fcdd869b15ff4) C:\Windows\system32\DRIVERS\OA001Ufd.sys 2011/06/19 09:21:42.0908 13904 OA001Vid (fc893946db8c49d0a1504373dd491b65) C:\Windows\system32\DRIVERS\OA001Vid.sys 2011/06/19 09:21:42.0974 13904 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/06/19 09:21:43.0052 13904 Packet (9d80e0be979c3edaf2863f23b88f4de6) C:\Windows\system32\DRIVERS\packet.sys 2011/06/19 09:21:43.0091 13904 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2011/06/19 09:21:43.0133 13904 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2011/06/19 09:21:43.0162 13904 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2011/06/19 09:21:43.0302 13904 PCD5SRVC{3F6A8B78-EC003E00-05040104} (42ede7d217325ff56cb8a9983cd7f73b) C:\PROGRA~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms 2011/06/19 09:21:43.0431 13904 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2011/06/19 09:21:43.0512 13904 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys 2011/06/19 09:21:43.0546 13904 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2011/06/19 09:21:43.0640 13904 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2011/06/19 09:21:43.0763 13904 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2011/06/19 09:21:43.0808 13904 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 2011/06/19 09:21:43.0877 13904 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2011/06/19 09:21:43.0938 13904 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys 2011/06/19 09:21:44.0010 13904 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 2011/06/19 09:21:44.0075 13904 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2011/06/19 09:21:44.0122 13904 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2011/06/19 09:21:44.0269 13904 R300 (47dcf5d78c395159d72c65c25129fc44) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/06/19 09:21:44.0329 13904 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2011/06/19 09:21:44.0358 13904 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/06/19 09:21:44.0407 13904 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/06/19 09:21:44.0458 13904 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2011/06/19 09:21:44.0530 13904 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2011/06/19 09:21:44.0582 13904 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/06/19 09:21:44.0698 13904 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 2011/06/19 09:21:44.0756 13904 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2011/06/19 09:21:44.0801 13904 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2011/06/19 09:21:44.0901 13904 rimmptsk (c2ef513bbe069f0d4ee0938a76f975d3) C:\Windows\system32\DRIVERS\rimmptsk.sys 2011/06/19 09:21:44.0951 13904 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys 2011/06/19 09:21:45.0033 13904 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys 2011/06/19 09:21:45.0110 13904 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2011/06/19 09:21:45.0154 13904 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2011/06/19 09:21:45.0251 13904 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys 2011/06/19 09:21:45.0290 13904 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/06/19 09:21:45.0390 13904 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2011/06/19 09:21:45.0447 13904 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2011/06/19 09:21:45.0470 13904 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2011/06/19 09:21:45.0558 13904 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 2011/06/19 09:21:45.0587 13904 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 2011/06/19 09:21:45.0631 13904 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 2011/06/19 09:21:45.0663 13904 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2011/06/19 09:21:45.0882 13904 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 2011/06/19 09:21:45.0923 13904 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 2011/06/19 09:21:45.0965 13904 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 2011/06/19 09:21:46.0028 13904 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 2011/06/19 09:21:46.0070 13904 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2011/06/19 09:21:46.0138 13904 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 2011/06/19 09:21:46.0224 13904 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 2011/06/19 09:21:46.0516 13904 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 2011/06/19 09:21:46.0625 13904 STHDA (c4be9c3af8af6f2e4cdd22fcabf77a1b) C:\Windows\system32\DRIVERS\stwrt.sys 2011/06/19 09:21:46.0713 13904 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2011/06/19 09:21:46.0761 13904 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2011/06/19 09:21:46.0807 13904 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2011/06/19 09:21:46.0856 13904 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2011/06/19 09:21:47.0211 13904 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys 2011/06/19 09:21:47.0280 13904 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys 2011/06/19 09:21:47.0373 13904 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 2011/06/19 09:21:47.0515 13904 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2011/06/19 09:21:47.0720 13904 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2011/06/19 09:21:47.0757 13904 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2011/06/19 09:21:47.0841 13904 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2011/06/19 09:21:47.0911 13904 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/06/19 09:21:47.0947 13904 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2011/06/19 09:21:48.0185 13904 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 2011/06/19 09:21:48.0272 13904 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 2011/06/19 09:21:48.0362 13904 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2011/06/19 09:21:48.0419 13904 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 2011/06/19 09:21:48.0456 13904 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 2011/06/19 09:21:48.0749 13904 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2011/06/19 09:21:48.0889 13904 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2011/06/19 09:21:48.0957 13904 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2011/06/19 09:21:49.0010 13904 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys 2011/06/19 09:21:49.0127 13904 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/06/19 09:21:49.0167 13904 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2011/06/19 09:21:49.0220 13904 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/06/19 09:21:49.0259 13904 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2011/06/19 09:21:49.0289 13904 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2011/06/19 09:21:49.0432 13904 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 2011/06/19 09:21:49.0662 13904 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 2011/06/19 09:21:49.0709 13904 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/06/19 09:21:49.0785 13904 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/06/19 09:21:49.0868 13904 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/06/19 09:21:49.0940 13904 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2011/06/19 09:21:50.0019 13904 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 2011/06/19 09:21:50.0092 13904 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 2011/06/19 09:21:50.0407 13904 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 2011/06/19 09:21:50.0729 13904 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2011/06/19 09:21:50.0771 13904 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2011/06/19 09:21:50.0900 13904 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 2011/06/19 09:21:50.0948 13904 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 2011/06/19 09:21:51.0074 13904 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2011/06/19 09:21:51.0167 13904 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/06/19 09:21:51.0183 13904 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2011/06/19 09:21:51.0222 13904 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 2011/06/19 09:21:51.0259 13904 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2011/06/19 09:21:51.0416 13904 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/06/19 09:21:51.0653 13904 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 2011/06/19 09:21:51.0732 13904 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/06/19 09:21:51.0796 13904 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys 2011/06/19 09:21:51.0846 13904 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/06/19 09:21:51.0900 13904 MBR (0x1B8) (04d4350ae5fb6fc2ad3e7c26b1323c68) \Device\Harddisk0\DR0 2011/06/19 09:21:51.0907 13904 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0) 2011/06/19 09:21:51.0907 13904 ================================================================================ 2011/06/19 09:21:51.0907 13904 Scan finished 2011/06/19 09:21:51.0907 13904 ================================================================================ 2011/06/19 09:21:51.0920 13896 Detected object count: 1 2011/06/19 09:21:51.0920 13896 Actual detected object count: 1 2011/06/19 09:22:04.0900 13896 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot 2011/06/19 09:22:04.0900 13896 \Device\Harddisk0\DR0 - ok 2011/06/19 09:22:04.0901 13896 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure 2011/06/19 09:22:23.0021 6256 Deinitialize success
  15. mingum
    Hi Sorry for starting a new thread, I screwed up the first one by not understanding the instructions so I'm starting fresh. My computer cannot access the internet via google searches, redirects me to sites that are blocked by the software. Windows is also blocking some programs on startup. Also, I think the culprit is a fake Windows update screen that keeps popping up, and is currently sitting on my taskbar. I get the periodic message that a potentially malicious site was blocked followed by a bunch of isp numbers. And, finally, the computer keeps freezing in between each task and if I work in safe mode with networking I start getting new attacks detected by AVG. I cannot seem to complete the final step of running the GMER, i keep getting to the blue screen, twice, even after a fresh reboot. Thank you for your help. Here are my files, as requested Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Database version: 6874 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 6/17/2011 8:51:11 AM mbam-log-2011-06-17 (08-51-11).txt Scan type: Quick scan Objects scanned: 157095 Time elapsed: 8 minute(s), 10 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) defogger_disable.log DDS.txt Attach.txt
  16. mingum
    Ugh I just read further and I see my problem. The reason I can't find the files is that the programs didn't complete and I froze before the logs were done so I didn't have the chance to save them properly. I think what I need to do to not screw up my thread is for you to delete this one and I'll start a clean one with the logs of everything once I have been able to figure out how to run them all to completion or give up and explain that I couldn't get them to run. Sorry for my newbie confusion.
  17. mingum
    Hi I'm typing on another computer because the infected one keeps freezing up. I'm in the process of running the various recommended programs and downloads, but I have to reboot between each thing because I freeze. What is happening: hijacked my internet so all google searches link to something that is blocked by malware software. I am pretty sure the culprit is a fake windows update, which still appears in my taskbar at the bottom and occasionally pops up saying I have a Windows update. I can't go into safe mode because new infections creep through. Some of the filenames I wrote down from the various scans were trojan.fake.slgen and vpmpvbr.exe My first question is - the faq's say not to post consecutively because it ruins the string. However, to get all these logs posted I have to do them one at a time because I have to reboot after each download and running of the recommended program. I can't put the logs from this other computer because I don't know how to network the 2 computers together so I can get the files on this one (plus I'm afraid at this point to give access between the two). Please advise how to handle the above so I don't wreck the thread.
  18. mingum
    Oh ok, thanks for the help. I will follow all those instructions.
  19. mingum
    Hi I had some malware and your software successfully helped get rid of it. However, now, everytime I do a google search and try to click through from the google results, I get blocked, it says "blocked access to a potentially malicious website." This happens on search results that are youtube and wikipedia, so it appears that something is trying to redirect my computer from what looks like a legitimate website result search on google to something that is being blocked by your software (and rightly so). When i run the scan from both your software and AVG it doesn't find anything malicious to remove. Something is clearly wrong and I don't know what to do next. Any advice?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.