Jump to content

My dds/attach and gmer


makr28

Recommended Posts

I ran the gmer one twice. The 1st time right when it was near the end of the scan my computer restarted and the 2nd time at the beginning of the scan my computer decided to shut down and showed a blue screen telling me to delete recent installations because there was a problem that caused the shut down.

________________________________________________________________________________

____________________

DDS (Ver_10-10-10.03) - NTFSx86

Run by Mackenzie Revoyr at 17:13:12.93 on Sat 10/16/2010

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.512 [GMT -7:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\DVDRAMSV.exe

C:\WINDOWS\System32\GEARSec.exe

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe

C:\Documents and Settings\Mackenzie Revoyr\My Documents\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2077543

uSearch Page = ${URL_SEARCHPAGE}

uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uWindow Title = Windows Internet Explorer provided by Live Nation

mSearch Page = ${URL_SEARCHPAGE}

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = *.local

mSearchAssistant = hxxp://www.google.com/ie

uURLSearchHooks: BearShare MediaBar: {d3dee18f-db64-4beb-9ff1-e1f0a5033e4a} - c:\program files\bearshare applications\bearshare mediabar\MediaBar.dll

uURLSearchHooks: N/A: {0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2} - c:\program files\asksbar\srchastt\2.bin\A2SRCHAS.DLL

uURLSearchHooks: ToggleEN Toolbar: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - c:\program files\toggleen\tbTog0.dll

mURLSearchHooks: N/A: {0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2} - c:\program files\asksbar\srchastt\2.bin\A2SRCHAS.DLL

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: ToggleEN Toolbar: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - c:\program files\toggleen\tbTog0.dll

BHO: Ask Search Assistant BHO: {0579b4b1-0293-4d73-b02d-5ebb0ba0f0a2} - c:\program files\asksbar\srchastt\2.bin\A2SRCHAS.DLL

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll

BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

BHO: 1 (0x1) - No File

BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll

BHO: {da8587a6-4363-4850-8196-94f2a08efba9} - c:\windows\system32\ssqpo.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: XBTP02634 Class: {f97da966-f09d-4cab-bf29-75a0026986ea} - c:\progra~1\bearsh~1\bearsh~2\MediaBar.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: BearShare MediaBar: {d3dee18f-db64-4beb-9ff1-e1f0a5033e4a} - c:\program files\bearshare applications\bearshare mediabar\MediaBar.dll

TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

TB: ToggleEN Toolbar: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - c:\program files\toggleen\tbTog0.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [AdobeUpdater] "c:\program files\common files\adobe\updater5\AdobeUpdater.exe"

uRun: [installIQUpdater] "c:\program files\w3i\installiqupdater\InstallIQUpdater.exe" /silent /autorun

mRun: [Microsoft Works Update Detection] c:\program files\common files\microsoft shared\works shared\WkUFind.exe

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

dRun: [Qgulijegoz] rundll32.exe "c:\windows\cscltp.dll",Startup

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

uPolicies-system: EnableProfileQuota = 1 (0x1)

IE: &Search

IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

Trusted Zone: amaena.com

Trusted Zone: antimalwareguard.com

Trusted Zone: antispyexpert.com

Trusted Zone: avsystemcare.com

Trusted Zone: gomyhit.com

Trusted Zone: imageservr.com

Trusted Zone: imagesrvr.com

Trusted Zone: onerateld.com

Trusted Zone: safetydownload.com

Trusted Zone: spyguardpro.com

Trusted Zone: storageguardsoft.com

Trusted Zone: trustedantivirus.com

Trusted Zone: virusremover2008.com

Trusted Zone: virusschlacht.com

Trusted Zone: amaena.com

Trusted Zone: antimalwareguard.com

Trusted Zone: antispyexpert.com

Trusted Zone: avsystemcare.com

Trusted Zone: gomyhit.com

Trusted Zone: imageservr.com

Trusted Zone: imagesrvr.com

Trusted Zone: musicmatch.com\online

Trusted Zone: onerateld.com

Trusted Zone: safetydownload.com

Trusted Zone: spyguardpro.com

Trusted Zone: storageguardsoft.com

Trusted Zone: trustedantivirus.com

Trusted Zone: virusremover2008.com

Trusted Zone: virusschlacht.com

DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab

DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab

DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab

DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://games.myspace.com/Gameshell/GameHost/1.0/OberonGameHost.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} - hxxp://www.instantaction.com/download/iaplayer.cab

DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://myspace.oberon-media.com/gameshell/games/channel--110343720/lc--en/room--d72ea4fc-130b-4179-a8a7-81ec233e6560/online/zuma_new/en/popcaploader_v10.cab

Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} -

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: {9714A10A-FBC6-4427-BA95-8409A403D1EF} - No File

LSA: Authentication Packages = msv1_0 c:\windows\system32\ssqpo.dll

LSA: Notification Packages = scecli c:\windows\system32\toyedofi.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\macken~1\applic~1\mozilla\firefox\profiles\cq2ppjk9.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/?fr=fptb-w3i

FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=LMW4&o=16794&locale=en_US&q=

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBook.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBookDB.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpNeoLogger.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSaturn.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSeymour.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartSelect.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartWebPrinting.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSWPOperation.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPLogging.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTC.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTL.dll

FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXREStub.dll

FF - plugin: c:\documents and settings\mackenzie revoyr\application data\move networks\plugins\npqmp071503000010.dll

FF - plugin: c:\progra~1\mi1933~1\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\plugins\nphpclipbook.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - truec:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

============= SERVICES / DRIVERS ===============

R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2004-12-13 165488]

R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2009-9-26 819600]

R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2009-9-23 447832]

R3 sftfs;sftfs;c:\program files\microsoft application virtualization client\drivers\SftFSXP.sys [2009-9-23 543064]

R3 sftplay;sftplay;c:\program files\microsoft application virtualization client\drivers\sftplayxp.sys [2009-9-23 190312]

R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirxp.sys [2009-9-23 21864]

R3 sftvol;sftvol;c:\program files\microsoft application virtualization client\drivers\SftVolXP.sys [2009-9-23 14680]

R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2009-9-23 203608]

S0 yhgcdplf;yhgcdplf;c:\windows\system32\drivers\xacsbvif.sys --> c:\windows\system32\drivers\xacsbvif.sys [?]

S1 cpnatpwj;cpnatpwj;\??\c:\windows\system32\drivers\cpnatpwj.sys --> c:\windows\system32\drivers\cpnatpwj.sys [?]

S1 demnougl;demnougl;\??\c:\windows\system32\drivers\demnougl.sys --> c:\windows\system32\drivers\demnougl.sys [?]

S1 hzceiang;hzceiang;\??\c:\windows\system32\drivers\hzceiang.sys --> c:\windows\system32\drivers\hzceiang.sys [?]

S2 gupdate1ca4fb5e7268d3e;Google Update Service (gupdate1ca4fb5e7268d3e);c:\program files\google\update\GoogleUpdate.exe [2009-10-17 133104]

S3 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2004-12-13 198256]

S3 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\ccPwdSvc.exe [2004-12-13 79472]

S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2009-9-26 4639136]

S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys [2006-3-27 167808]

S3 samhid;samhid;c:\windows\system32\drivers\Samhid.sys [2008-3-10 7548]

S3 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-6-9 822424]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2008-7-10 47128]

S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\microsoft visual studio 8\common7\ide\remote debugger\x86\msvsmon.exe [2005-9-23 2799808]

S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [2008-7-10 242712]

S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2008-7-10 369688]

=============== Created Last 30 ================

2010-10-16 23:34:01 411368 ----a-w- c:\windows\system32\deployJava1.dll

2010-10-16 23:34:01 411368 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll

2010-10-16 23:32:53 73728 ----a-w- c:\windows\system32\javacpl.cpl

2010-10-13 05:00:11 47104 ---ha-w- c:\windows\system32\cidawwin.dll

2010-10-11 06:06:28 -------- d-----w- c:\docume~1\alluse~1\applic~1\Norton

2010-10-11 06:06:19 -------- d-----w- c:\docume~1\alluse~1\applic~1\NortonInstaller

2010-10-10 23:42:53 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-10-10 23:42:49 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-10-10 17:29:44 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys

2010-10-10 17:29:44 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys

2010-10-10 17:29:44 133616 ------w- c:\windows\system32\pxafs.dll

2010-10-10 17:12:01 -------- d-----w- c:\program files\W3i

2010-10-10 07:48:07 -------- d-----w- c:\windows\system32\wbem\repository\FS

2010-10-10 07:48:07 -------- d-----w- c:\windows\system32\wbem\Repository

2010-10-10 07:44:31 -------- d-----w- c:\program files\iTunes

2010-10-10 07:44:31 -------- d-----w- c:\program files\iPod

2010-10-10 07:38:02 -------- d-----w- c:\program files\HTML Help Workshop

2010-10-10 07:38:02 -------- d-----w- c:\program files\common files\Merge Modules

2010-10-10 07:38:02 -------- d-----w- c:\program files\common files\Business Objects

2010-10-10 07:38:02 -------- d-----w- c:\program files\CE Remote Tools

2010-10-10 07:38:02 -------- d-----w- c:\docume~1\alluse~1\applic~1\PreEmptive Solutions

2010-10-10 07:33:10 -------- d-----w- c:\program files\Microsoft Device Emulator

2010-10-10 07:32:11 -------- d-----w- c:\documents and settings\all users\Microsoft

2010-10-10 07:31:00 -------- d-----w- c:\program files\Microsoft Application Virtualization Client

2010-10-10 07:10:30 -------- d-----w- c:\program files\Bonjour

2010-10-10 07:07:06 -------- d-----w- c:\program files\Norton Ghost

2010-10-10 07:06:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-10-08 04:31:27 -------- d-----w- c:\program files\Trend Micro

2010-10-08 04:30:31 53248 ----a-w- c:\windows\system32\gearsec.exe

2010-10-06 05:30:53 -------- d-----w- c:\docume~1\macken~1\locals~1\applic~1\AskToolbar

2010-10-06 04:26:03 -------- d-----w- c:\program files\iPod(3)

2010-10-06 04:25:45 -------- d-----w- c:\program files\iTunes(3)

2010-10-06 04:13:00 -------- d-----w- c:\program files\Bonjour(2)

2010-10-06 03:50:57 -------- d-----w- c:\program files\Ask.com

2010-10-03 19:36:09 -------- d-----w- c:\docume~1\macken~1\applic~1\OpenOffice.org

2010-10-03 19:30:17 -------- d-----w- c:\program files\OpenOffice.org 3

2010-10-03 19:24:22 -------- d-----w- c:\docume~1\macken~1\applic~1\alot

2010-10-03 17:57:07 -------- d-----w- c:\docume~1\alluse~1\applic~1\NOS(2)

2010-10-03 00:21:45 4781992 ----a-w- c:\program files\common files\microsoft shared\virtualization handler\CVHSHARED.DLL

2010-10-03 00:21:45 379808 ----a-w- c:\program files\common files\microsoft shared\virtualization handler\CVHBS.EXE

2010-10-03 00:21:44 126328 ----a-w- c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPC.DLL

2010-10-03 00:21:43 561056 ----a-w- c:\program files\common files\microsoft shared\virtualization handler\en-us\CVHIntl.dll

2010-09-26 00:42:07 80896 ----a-w- c:\program files\common files\microsoft shared\help 8\microsoft document explorer 2005\install.res.1033.dll

2010-09-26 00:42:06 609472 ----a-w- c:\program files\common files\microsoft shared\help 8\microsoft document explorer 2005\install.exe

2010-09-18 05:33:35 0 ----a-w- c:\windows\system32\sho296.tmp

==================== Find3M ====================

2010-09-09 05:52:46 0 ----a-w- c:\windows\system32\sho252.tmp

2010-09-08 18:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2010-09-08 18:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts

============= FINISH: 17:29:32.62 ===============

Attach.zip

Link to post
Share on other sites

post-32477-1261866970.gif

Open IE8 and remove these from your Trusted Zones:

Trusted Zone: amaena.com

Trusted Zone: antimalwareguard.com

Trusted Zone: antispyexpert.com

Trusted Zone: avsystemcare.com

Trusted Zone: gomyhit.com

Trusted Zone: imageservr.com

Trusted Zone: imagesrvr.com

Trusted Zone: onerateld.com

Trusted Zone: safetydownload.com

Trusted Zone: spyguardpro.com

Trusted Zone: storageguardsoft.com

Trusted Zone: trustedantivirus.com

Trusted Zone: virusremover2008.com

Trusted Zone: virusschlacht.com

Trusted Zone: amaena.com

Trusted Zone: antimalwareguard.com

Trusted Zone: antispyexpert.com

Trusted Zone: avsystemcare.com

Trusted Zone: gomyhit.com

Trusted Zone: imageservr.com

Trusted Zone: imagesrvr.com

Trusted Zone: musicmatch.com\online

Trusted Zone: onerateld.com

Trusted Zone: safetydownload.com

Trusted Zone: spyguardpro.com

Trusted Zone: storageguardsoft.com

Trusted Zone: trustedantivirus.com

Trusted Zone: virusremover2008.com

Trusted Zone: virusschlacht.com

Reboot

Also please describe how your computer behaves at the moment.

Please don't attach the scans / logs, use "copy/paste".

Link to post
Share on other sites

Ok I did what you said. Also I ran that gmer thing a third tme and it worked so here it is. I a only attached the attach file rather than copy/paste because the instructions that brought me here told me to like it told me to do with the gmer thing but i'll copy and paste it then. Thanks for any help.

GMER 1.0.15.15319 - http://www.gmer.net

Rootkit scan 2010-10-17 17:42:41

Windows 5.1.2600 Service Pack 3

Running: u1bkoy5z.exe; Driver: C:\DOCUME~1\MACKEN~1\LOCALS~1\Temp\pwtdqpow.sys

---- Kernel code sections - GMER 1.0.15 ----

init C:\WINDOWS\system32\drivers\senfilt.sys entry point in "init" section [0xF6539F80]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\firefox.exe[2192] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 0154000A

.text C:\Program Files\Mozilla Firefox\firefox.exe[2192] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 0155000A

.text C:\Program Files\Mozilla Firefox\firefox.exe[2192] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 0153000C

.text C:\Program Files\Mozilla Firefox\firefox.exe[2192] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

.text C:\WINDOWS\System32\svchost.exe[2816] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00CB000A

.text C:\WINDOWS\System32\svchost.exe[2816] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00CC000A

.text C:\WINDOWS\System32\svchost.exe[2816] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00CA000C

.text C:\WINDOWS\System32\svchost.exe[2816] ole32.dll!CoCreateInstance 7750057E 5 Bytes JMP 00D8000A

.text C:\WINDOWS\Explorer.EXE[3048] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00ED000A

.text C:\WINDOWS\Explorer.EXE[3048] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00EF000A

.text C:\WINDOWS\Explorer.EXE[3048] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00EC000C

.text C:\Program Files\Mozilla Firefox\plugin-container.exe[3688] USER32.dll!TrackPopupMenu 7E46531E 5 Bytes JMP 103FDDE0 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs SymSnap.sys (StorageCraft Volume Snap-Shot/StorageCraft)

Device \FileSystem\Udfs \UdfsCdRom DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

Device \FileSystem\meiudf \MeiUDF_Disk DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

Device \FileSystem\meiudf \MeiUDF_CdRom DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

Device \FileSystem\Udfs \UdfsDisk DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 SymSnap.sys (StorageCraft Volume Snap-Shot/StorageCraft)

AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 SymSnap.sys (StorageCraft Volume Snap-Shot/StorageCraft)

AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 SymSnap.sys (StorageCraft Volume Snap-Shot/StorageCraft)

Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort0 87306ABF

Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort1 87306ABF

Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP1T0L0-e 87306ABF

AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume4 SymSnap.sys (StorageCraft Volume Snap-Shot/StorageCraft)

Device \FileSystem\Fastfat \Fat B1A47D20

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

---- Files - GMER 1.0.15 ----

File C:\Documents and Settings\Mackenzie Revoyr\My Documents\My Music\Unknown Artist\Unknown Album (7-30-2006 9-06-01 PM)\Unknown Album (11-17-2007 8-38-09 PM)\Unknown Album (11-17-2007 8-38-12 PM)\Unknown Album (11-17-2007 8-38-16 PM)\UNKNOW~1\Unknown Album (11-17-2007 8-38-18 PM)\18 18 18 18 18 18 18 Track 18.wma 3208749 bytes

File C:\Documents and Settings\Mackenzie Revoyr\My Documents\My Music\Unknown Artist\Unknown Album (7-30-2006 9-06-01 PM)\Unknown Album (11-17-2007 8-38-09 PM)\Unknown Album (11-17-2007 8-38-12 PM)\Unknown Album (11-17-2007 8-38-16 PM)\UNKNOW~1\Unknown Album (11-17-2007 8-38-18 PM)\19 19 19 19 Track 19.wma 3770493 bytes

File C:\Documents and Settings\Mackenzie Revoyr\My Documents\My Music\Unknown Artist\Unknown Album (7-30-2006 9-06-01 PM)\Unknown Album (11-17-2007 8-38-09 PM)\Unknown Album (11-17-2007 8-38-12 PM)\Unknown Album (11-17-2007 8-38-16 PM)\UNKNOW~1\Unknown Album (11-17-2007 8-38-18 PM)\desktop.ini 43 bytes

---- EOF - GMER 1.0.15 ----

Here's the problem . . . Number one thing is that I get redirected whenever i click on a link in any search engine and new tabs open up and go to random sites. number two is visual studio just-in-time debugger error pops up constantly. sometimes it stops me from being able to open up the control panel or my documents and sometimes it stops firefox or internet explore to open up. It does these things until I shut down my computer. Another thing is that sometimes it will freeze while its trying to shut down or start up.

Thanks a lot for any help you can give me

Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4875

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

10/18/2010 8:20:40 PM

mbam-log-2010-10-18 (20-20-40).txt

Scan type: Full scan (C:\|D:\|)

Objects scanned: 284693

Time elapsed: 2 hour(s), 16 minute(s), 2 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 4

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Documents and Settings\NetworkService\Application Data\hotfix.exe (Rogue.FakeMSEA) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP182\A0110186.dll (Trojan.DNSChanger) -> Not selected for removal.

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP182\A0110187.sys (Trojan.DNSChanger) -> Not selected for removal.

C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP183\A0120239.dll (Trojan.Hiloti) -> Not selected for removal.

Clicking on links still redirects me and random tabs will pop up. I haven't seen the Just-in-time-debugger thing yet, so I don't know if it will still come up.

Link to post
Share on other sites

Please download GooredFix from one of the locations below and save it to your Desktop

Download Mirror #1

Download Mirror #2

  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • It doesn't take long to run, once it is finished move onto the next step

Download TDSSKiller and save it to your Desktop.

  • Make sure all other windows are closed and to let it run uninterrupted.
  • Extract the file and run it.
  • Once completed it will create a log in your C:\ drive called TDSSKiller_* (* denotes version & date)
  • Reboot your machine and see if the infection is gone
  • Please post the contents of that log TDSSKiller and GooredFix log.

Please DO NOT attach the results. Use Copy/Paste and post them here.

Link to post
Share on other sites

Thank you so much, I don't see any of those problems happening now and waited a while to reply just in case. So again thanks.

GooredFix by jpshortstuff (03.07.10.1)

Log created at 17:35 on 19/10/2010 (Mackenzie Revoyr)

Firefox version 3.6.10 (en-US)

========== GooredScan ==========

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\

{972ce4c6-7e08-4474-a285-3208198ce6fd} [06:44 11/10/2010]

{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} [23:26 15/12/2008]

{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [23:34 16/10/2010]

C:\Documents and Settings\Mackenzie Revoyr\Application Data\Mozilla\Firefox\Profiles\cq2ppjk9.default\extensions\

toolbar@ask.com [03:50 06/10/2010]

{20a82645-c095-46ed-80e3-08825760534b} [04:31 28/12/2009]

{635abd67-4fe9-1b23-4f01-e679fa7484c1} [21:21 09/04/2010]

{E2883E8F-472F-4fb0-9522-AC9BF37916A7}(2) [03:44 05/10/2010]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [03:17 07/05/2009]

"smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [03:19 26/04/2010]

"jqs@sun.com"="C:\Program Files\Java\jre6\lib\deploy\jqs\ff" [23:33 16/10/2010]

-=E.O.F=-

2010/10/19 17:38:03.0015 TDSS rootkit removing tool 2.4.4.0 Oct 4 2010 09:06:59

2010/10/19 17:38:03.0015 ================================================================================

2010/10/19 17:38:03.0015 SystemInfo:

2010/10/19 17:38:03.0015

2010/10/19 17:38:03.0015 OS Version: 5.1.2600 ServicePack: 3.0

2010/10/19 17:38:03.0015 Product type: Workstation

2010/10/19 17:38:03.0015 ComputerName: KENZIE

2010/10/19 17:38:03.0015 UserName: Mackenzie Revoyr

2010/10/19 17:38:03.0015 Windows directory: C:\WINDOWS

2010/10/19 17:38:03.0015 System windows directory: C:\WINDOWS

2010/10/19 17:38:03.0015 Processor architecture: Intel x86

2010/10/19 17:38:03.0015 Number of processors: 1

2010/10/19 17:38:03.0015 Page size: 0x1000

2010/10/19 17:38:03.0015 Boot type: Normal boot

2010/10/19 17:38:03.0015 ================================================================================

2010/10/19 17:38:03.0328 Initialize success

2010/10/19 17:38:04.0656 ================================================================================

2010/10/19 17:38:04.0656 Scan started

2010/10/19 17:38:04.0656 Mode: Manual;

2010/10/19 17:38:04.0656 ================================================================================

2010/10/19 17:38:05.0906 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

2010/10/19 17:38:05.0984 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

2010/10/19 17:38:06.0046 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

2010/10/19 17:38:06.0109 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

2010/10/19 17:38:06.0187 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

2010/10/19 17:38:06.0296 AegisP (30bb1bde595ca65fd5549462080d94e5) C:\WINDOWS\system32\DRIVERS\AegisP.sys

2010/10/19 17:38:06.0406 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys

2010/10/19 17:38:06.0468 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

2010/10/19 17:38:06.0531 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

2010/10/19 17:38:06.0609 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

2010/10/19 17:38:06.0671 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

2010/10/19 17:38:06.0750 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

2010/10/19 17:38:06.0828 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

2010/10/19 17:38:06.0890 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

2010/10/19 17:38:06.0968 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

2010/10/19 17:38:07.0015 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

2010/10/19 17:38:07.0078 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

2010/10/19 17:38:07.0125 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

2010/10/19 17:38:07.0187 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

2010/10/19 17:38:07.0296 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys

2010/10/19 17:38:07.0375 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

2010/10/19 17:38:07.0484 atapi (3efa5c1ac27e5da994299e400bb0638d) C:\WINDOWS\system32\DRIVERS\atapi.sys

2010/10/19 17:38:07.0640 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

2010/10/19 17:38:07.0718 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

2010/10/19 17:38:07.0765 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

2010/10/19 17:38:07.0875 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

2010/10/19 17:38:07.0921 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

2010/10/19 17:38:08.0000 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

2010/10/19 17:38:08.0078 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

2010/10/19 17:38:08.0140 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

2010/10/19 17:38:08.0234 cdrbsdrv (351735695e9ead93de6af85d8beb1ca8) C:\WINDOWS\system32\drivers\cdrbsdrv.sys

2010/10/19 17:38:08.0281 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

2010/10/19 17:38:08.0406 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys

2010/10/19 17:38:08.0531 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

2010/10/19 17:38:08.0640 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

2010/10/19 17:38:08.0703 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

2010/10/19 17:38:08.0796 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

2010/10/19 17:38:08.0968 DLABOIOM (e2d0de31442390c35e3163c87cb6a9eb) C:\WINDOWS\system32\DLA\DLABOIOM.SYS

2010/10/19 17:38:09.0015 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS

2010/10/19 17:38:09.0187 DLADResN (83545593e297f50a8e2524b4c071a153) C:\WINDOWS\system32\DLA\DLADResN.SYS

2010/10/19 17:38:09.0296 DLAIFS_M (96e01d901cdc98c7817155cc057001bf) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS

2010/10/19 17:38:09.0390 DLAOPIOM (0a60a39cc5e767980a31ca5d7238dfa9) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS

2010/10/19 17:38:09.0453 DLAPoolM (9fe2b72558fc808357f427fd83314375) C:\WINDOWS\system32\DLA\DLAPoolM.SYS

2010/10/19 17:38:09.0531 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS

2010/10/19 17:38:09.0656 DLAUDFAM (f08e1dafac457893399e03430a6a1397) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS

2010/10/19 17:38:09.0750 DLAUDF_M (e7d105ed1e694449d444a9933df8e060) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS

2010/10/19 17:38:09.0859 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

2010/10/19 17:38:09.0953 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

2010/10/19 17:38:10.0015 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

2010/10/19 17:38:10.0093 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

2010/10/19 17:38:10.0156 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

2010/10/19 17:38:10.0203 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

2010/10/19 17:38:10.0312 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS

2010/10/19 17:38:10.0359 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS

2010/10/19 17:38:10.0625 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys

2010/10/19 17:38:10.0781 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys

2010/10/19 17:38:10.0828 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys

2010/10/19 17:38:10.0921 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

2010/10/19 17:38:11.0031 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

2010/10/19 17:38:11.0109 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

2010/10/19 17:38:11.0187 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

2010/10/19 17:38:11.0312 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

2010/10/19 17:38:11.0359 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

2010/10/19 17:38:11.0421 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

2010/10/19 17:38:11.0546 GearAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

2010/10/19 17:38:11.0625 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

2010/10/19 17:38:11.0718 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

2010/10/19 17:38:11.0812 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

2010/10/19 17:38:11.0937 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys

2010/10/19 17:38:12.0031 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

2010/10/19 17:38:12.0125 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys

2010/10/19 17:38:12.0250 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys

2010/10/19 17:38:12.0312 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

2010/10/19 17:38:12.0453 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

2010/10/19 17:38:12.0546 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

2010/10/19 17:38:12.0609 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

2010/10/19 17:38:12.0671 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

2010/10/19 17:38:12.0750 ialm (0294a30b302ca71a2c26e582dda93486) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

2010/10/19 17:38:12.0843 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

2010/10/19 17:38:12.0921 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

2010/10/19 17:38:12.0984 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

2010/10/19 17:38:13.0046 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

2010/10/19 17:38:13.0125 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

2010/10/19 17:38:13.0187 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

2010/10/19 17:38:13.0250 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

2010/10/19 17:38:13.0328 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

2010/10/19 17:38:13.0406 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

2010/10/19 17:38:13.0468 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

2010/10/19 17:38:13.0515 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

2010/10/19 17:38:13.0609 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

2010/10/19 17:38:13.0656 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

2010/10/19 17:38:13.0718 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

2010/10/19 17:38:13.0828 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

2010/10/19 17:38:13.0968 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

2010/10/19 17:38:14.0078 meiudf (8298785f3be8ab9798875d85b7a7a901) C:\WINDOWS\system32\Drivers\meiudf.sys

2010/10/19 17:38:14.0109 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

2010/10/19 17:38:14.0156 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

2010/10/19 17:38:14.0187 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys

2010/10/19 17:38:14.0218 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

2010/10/19 17:38:14.0312 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

2010/10/19 17:38:14.0375 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

2010/10/19 17:38:14.0421 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

2010/10/19 17:38:14.0468 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

2010/10/19 17:38:14.0609 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

2010/10/19 17:38:14.0703 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

2010/10/19 17:38:14.0765 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

2010/10/19 17:38:14.0812 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

2010/10/19 17:38:14.0859 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

2010/10/19 17:38:14.0968 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

2010/10/19 17:38:15.0031 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys

2010/10/19 17:38:15.0125 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

2010/10/19 17:38:15.0171 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

2010/10/19 17:38:15.0218 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

2010/10/19 17:38:15.0265 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

2010/10/19 17:38:15.0312 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys

2010/10/19 17:38:15.0359 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

2010/10/19 17:38:15.0421 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

2010/10/19 17:38:15.0531 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

2010/10/19 17:38:15.0578 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

2010/10/19 17:38:15.0671 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

2010/10/19 17:38:15.0765 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

2010/10/19 17:38:15.0843 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

2010/10/19 17:38:15.0875 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

2010/10/19 17:38:15.0953 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

2010/10/19 17:38:16.0000 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

2010/10/19 17:38:16.0046 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

2010/10/19 17:38:16.0109 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

2010/10/19 17:38:16.0187 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

2010/10/19 17:38:16.0234 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

2010/10/19 17:38:16.0703 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

2010/10/19 17:38:16.0765 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

2010/10/19 17:38:16.0859 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

2010/10/19 17:38:16.0937 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

2010/10/19 17:38:16.0984 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

2010/10/19 17:38:17.0125 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys

2010/10/19 17:38:17.0171 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

2010/10/19 17:38:17.0218 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

2010/10/19 17:38:17.0296 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

2010/10/19 17:38:17.0343 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

2010/10/19 17:38:17.0390 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

2010/10/19 17:38:17.0437 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

2010/10/19 17:38:17.0484 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

2010/10/19 17:38:17.0531 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

2010/10/19 17:38:17.0593 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

2010/10/19 17:38:17.0687 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

2010/10/19 17:38:17.0734 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

2010/10/19 17:38:17.0796 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

2010/10/19 17:38:17.0859 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys

2010/10/19 17:38:17.0937 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

2010/10/19 17:38:18.0093 RsFx0102 (fedd2710b75be3ecf078adace790c423) C:\WINDOWS\system32\DRIVERS\RsFx0102.sys

2010/10/19 17:38:18.0203 RTLWUSB (691db86b09e13ca5d3e8881141738cc5) C:\WINDOWS\system32\DRIVERS\wg111v2.sys

2010/10/19 17:38:18.0296 samhid (71cec3f79b3e921d417cb8e541fff10a) C:\WINDOWS\system32\drivers\samhid.sys

2010/10/19 17:38:18.0453 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

2010/10/19 17:38:18.0531 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys

2010/10/19 17:38:18.0609 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

2010/10/19 17:38:18.0671 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

2010/10/19 17:38:18.0765 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

2010/10/19 17:38:18.0953 sftfs (21fd68e11d15ac0c4b3a0846e39be565) C:\Program Files\Microsoft Application Virtualization Client\drivers\sftfsXP.sys

2010/10/19 17:38:19.0046 sftplay (38fd811e7f58250916548031bd9308d0) C:\Program Files\Microsoft Application Virtualization Client\drivers\sftplayXP.sys

2010/10/19 17:38:19.0187 Sftredir (1f13f3c7907588d017299b008eeed06c) C:\WINDOWS\system32\DRIVERS\Sftredirxp.sys

2010/10/19 17:38:19.0328 sftvol (634274439e8701799f6fce42933cdb06) C:\Program Files\Microsoft Application Virtualization Client\drivers\sftvolXP.sys

2010/10/19 17:38:19.0500 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys

2010/10/19 17:38:19.0578 smwdm (0066ff77aeb4ae70066f7e94d5a6d866) C:\WINDOWS\system32\drivers\smwdm.sys

2010/10/19 17:38:19.0671 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

2010/10/19 17:38:19.0734 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

2010/10/19 17:38:19.0812 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\System32\Drivers\sptd.sys

2010/10/19 17:38:19.0890 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

2010/10/19 17:38:20.0000 Srv (da852e3e0bf1cea75d756f9866241e57) C:\WINDOWS\system32\DRIVERS\srv.sys

2010/10/19 17:38:20.0062 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

2010/10/19 17:38:20.0156 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

2010/10/19 17:38:20.0296 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

2010/10/19 17:38:20.0343 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

2010/10/19 17:38:20.0406 symlcbrd (5220576ee29bea7c18dff9ecabf18bbc) C:\WINDOWS\system32\drivers\symlcbrd.sys

2010/10/19 17:38:20.0468 SymSnap (3ce7bf283c3e43d6be0191423482069d) C:\WINDOWS\system32\drivers\SymSnap.sys

2010/10/19 17:38:20.0531 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

2010/10/19 17:38:20.0593 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

2010/10/19 17:38:20.0656 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

2010/10/19 17:38:20.0796 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

2010/10/19 17:38:20.0859 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

2010/10/19 17:38:20.0906 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

2010/10/19 17:38:20.0984 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

2010/10/19 17:38:21.0109 TIEHDUSB (a1124ebc672aa3ae1b327096c1dcc346) C:\WINDOWS\system32\drivers\tiehdusb.sys

2010/10/19 17:38:21.0156 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys

2010/10/19 17:38:21.0218 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

2010/10/19 17:38:21.0265 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

2010/10/19 17:38:21.0390 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

2010/10/19 17:38:21.0546 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys

2010/10/19 17:38:21.0656 usbbus (d9f3bb7c292f194f3b053ce295754eb8) C:\WINDOWS\system32\DRIVERS\lgusbbus.sys

2010/10/19 17:38:21.0718 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

2010/10/19 17:38:21.0843 UsbDiag (c4f77da649f99fad116ea585376fc164) C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys

2010/10/19 17:38:21.0953 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

2010/10/19 17:38:22.0000 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

2010/10/19 17:38:22.0109 USBModem (c0613ce45e617bc671de8ebb1b30d175) C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys

2010/10/19 17:38:22.0156 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

2010/10/19 17:38:22.0203 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

2010/10/19 17:38:22.0250 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

2010/10/19 17:38:22.0312 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

2010/10/19 17:38:22.0421 V2IMount (618796b1d9a98da9cf71b2894ae18ef2) C:\WINDOWS\system32\drivers\V2IMount.sys

2010/10/19 17:38:22.0468 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

2010/10/19 17:38:22.0593 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

2010/10/19 17:38:22.0750 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

2010/10/19 17:38:22.0796 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

2010/10/19 17:38:22.0890 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

2010/10/19 17:38:22.0984 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys

2010/10/19 17:38:23.0093 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

2010/10/19 17:38:23.0187 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

2010/10/19 17:38:23.0390 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys

2010/10/19 17:38:23.0515 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

2010/10/19 17:38:23.0609 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

2010/10/19 17:38:23.0781 \HardDisk0\MBR - detected Rootkit.Win32.TDSS.tdl4 (0)

2010/10/19 17:38:23.0781 ================================================================================

2010/10/19 17:38:23.0781 Scan finished

2010/10/19 17:38:23.0781 ================================================================================

2010/10/19 17:38:23.0796 Detected object count: 1

2010/10/19 17:38:34.0531 \HardDisk0\MBR - will be cured after reboot

2010/10/19 17:38:34.0531 Rootkit.Win32.TDSS.tdl4(\HardDisk0\MBR) - User select action: Cure

2010/10/19 17:38:37.0531 Deinitialize success

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.