Jump to content

Browser getting hijacked-HELP Please!


robvac3
 Share

Recommended Posts

Hello,

When I start IE it often hangs as if there is some process running in the background. When IE does open, and I start navigating through websites, I often get advertising pages popping up with a news or walmart website that contains a dialog box that prevents me from closing the window. I often have to close IE from task manager.

Occasionally, an application called Whitesmoke gets loaded. I'll uninstall the app via control panel, and MalwareBytes goes after remaing files. This has happened twice.

Please help!

Malwarebytes log:

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 5554

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

1/19/2011 10:38:21 AM

mbam-log-2011-01-19 (10-38-21).txt

Scan type: Quick scan

Objects scanned: 205849

Time elapsed: 5 minute(s), 2 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

DDS.txt file

DDS (Ver_10-10-10.03) - NTFS_AMD64

Run by Rob at 11:32:23.93 on Wed 01/19/2011

Internet Explorer: 8.0.7600.16385

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3838.2269 [GMT -7:00]

============== Running Processes ===============

C:\Windows\system32\wininit.exe

C:\Program Files (x86)\AVG\AVG9\avgchsva.exe

C:\Program Files (x86)\AVG\AVG9\avgrsa.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe

C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe

C:\Windows\system32\svchost.exe -k HsfXAudioService

C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe

C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

C:\Windows\System32\tcpsvcs.exe

C:\Windows\System32\snmp.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe

C:\Program Files (x86)\AVG\AVG9\avgnsa.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\AVG\AVG9\avgemc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files (x86)\PayPal Payment Request Wizard\QB US edition\OEHook.exe

C:\Program Files\Apoint2K\ApMsgFwd.exe

C:\Program Files\Apoint2K\HidFind.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\sppsvc.exe

C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files (x86)\Microsoft Streets & Trips 2010\StreetsOlkShim.exe

C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Rob\Desktop\dds.scr

C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv52_series&r=2736100995b6l03c0z1h5a4751t295

uStart Page = hxxp://www.google.com/

mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv52_series&r=2736091095b6l03c0z1h5a4751t295

mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv52_series&r=2736091095b6l03c0z1h5a4751t295

uInternet Settings,ProxyServer = http=127.0.0.1:5555

uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized

mRun: [intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup

mRun: [<NO NAME>]

mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"

dRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe -update activex

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\PayPal Payment Request Wizard\QB US edition\OEHook.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

Trusted Zone: real.com\rhap-app-4-0

Trusted Zone: real.com\rhapreg

DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab

DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll

Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

mRun-x64: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe

mRun-x64: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

mRun-x64: [Acer ePower Management] C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe

mRun-x64: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

AppInit_DLLs-X64: avgrssta.dll

Hosts: 127.0.0.1 www.spywareinfo.com

============= SERVICES / DRIVERS ===============

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-11-12 52856]

R1 AvgLdx64;AVG Free AVI Loader Driver x64;C:\Windows\System32\drivers\avgldx64.sys [2010-9-21 269904]

R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-21 35536]

R1 AvgTdiA;AVG Free Network Redirector x64;C:\Windows\System32\drivers\avgtdia.sys [2010-9-21 317520]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-9-21 203264]

R2 avg9emc;AVG Free E-mail Scanner;C:\Program Files (x86)\AVG\AVG9\avgemc.exe [2010-9-21 921952]

R2 avg9wd;AVG Free WatchDog;C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2010-9-21 308136]

R2 ePowerSvc;Acer ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2010-9-21 844320]

R2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 27136]

R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-8-20 62720]

R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2009-8-14 240160]

R3 CAXHWAZL;CAXHWAZL;C:\Windows\System32\drivers\CAXHWAZL.sys [2010-9-21 292864]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-6-20 317480]

R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-9-21 34872]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-22 135664]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-10-26 517448]

S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\System32\drivers\netr28x.sys [2009-6-10 620544]

S3 PTDUBus;PANTECH UM175 Composite Device Driver ;C:\Windows\System32\drivers\PTDUBus.sys [2010-9-25 70672]

S3 PTDUMdm;PANTECH UM175 Drivers;C:\Windows\System32\drivers\PTDUMdm.sys [2010-9-25 173456]

S3 PTDUVsp;PANTECH UM175 Diagnostic Port;C:\Windows\System32\drivers\PTDUVsp.sys [2010-9-25 173456]

S3 PTDUWFLT;PTDUWWAN Filter Driver;C:\Windows\System32\drivers\PTDUWFLT.sys [2010-9-25 12688]

S3 PTDUWWAN;PANTECH UM175 WWAN Driver;C:\Windows\System32\drivers\PTDUWWAN.sys [2010-9-25 141840]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2009-8-14 216064]

S3 Ser2ph;Microsoft USB GPS driver;C:\Windows\System32\drivers\ser2ph64.sys [2009-5-19 89600]

S3 Ser2rs;Radioshack USB to Serial Driver;C:\Windows\System32\drivers\ser2rs64.sys [2010-9-22 90112]

S3 SMSIVZAM5X64;SMSIVZAM5X64 NDIS Protocol Driver;C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS [2009-5-25 43032]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-9-23 1255736]

=============== Created Last 30 ================

2011-01-13 10:02:06 -------- d-----w- C:\4af8b507e5a78e3e13187c

2010-12-27 14:48:16 0 ----a-w- C:\Windows\SysWow64\lsp56CF.tmp

2010-12-26 18:26:36 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard

2010-12-26 18:26:07 -------- d-----w- C:\Program Files (x86)\LeapFrog

2010-12-26 18:26:07 -------- d-----w- C:\PROGRA~3\Leapfrog

2010-12-25 21:50:03 -------- d-----w- C:\Program Files (x86)\Search Toolbar

2010-12-25 21:49:56 -------- d-----w- C:\Program Files\ZalmanFrisbee

2010-12-25 15:44:36 -------- d-----r- C:\Program Files (x86)\Skype

==================== Find3M ====================

2011-01-13 06:15:22 256 ----a-w- C:\Windows\SysWow64\pool.bin

2010-12-21 01:08:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2010-11-04 06:35:53 1194496 ----a-w- C:\Windows\System32\wininet.dll

2010-11-04 06:31:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll

2010-11-04 05:52:17 978944 ----a-w- C:\Windows\SysWow64\wininet.dll

2010-11-04 05:48:36 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2010-11-04 05:16:14 482816 ----a-w- C:\Windows\System32\html.iec

2010-11-04 04:41:26 386048 ----a-w- C:\Windows\SysWow64\html.iec

2010-11-04 04:35:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2010-11-04 04:08:54 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2010-11-02 05:18:59 662528 ----a-w- C:\Windows\System32\XpsPrint.dll

2010-11-02 05:18:59 229888 ----a-w- C:\Windows\System32\XpsRasterService.dll

2010-11-02 05:18:58 470016 ----a-w- C:\Windows\System32\XpsGdiConverter.dll

2010-11-02 05:18:17 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll

2010-11-02 05:17:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll

2010-11-02 05:17:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll

2010-11-02 05:16:53 1114624 ----a-w- C:\Windows\System32\schedsvc.dll

2010-11-02 05:12:53 1133568 ----a-w- C:\Windows\System32\FntCache.dll

2010-11-02 05:12:25 1540608 ----a-w- C:\Windows\System32\DWrite.dll

2010-11-02 05:12:08 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll

2010-11-02 05:12:07 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll

2010-11-02 05:12:06 902656 ----a-w- C:\Windows\System32\d2d1.dll

2010-11-02 05:12:06 197120 ----a-w- C:\Windows\System32\d3d10_1.dll

2010-11-02 05:10:47 464384 ----a-w- C:\Windows\System32\taskeng.exe

2010-11-02 05:10:32 285696 ----a-w- C:\Windows\System32\schtasks.exe

2010-11-02 04:59:08 144384 ----a-w- C:\Windows\System32\cdd.dll

2010-11-02 04:41:36 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll

2010-11-02 04:41:36 283648 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll

2010-11-02 04:41:36 135168 ----a-w- C:\Windows\SysWow64\XpsRasterService.dll

2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll

2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll

2010-11-02 04:35:51 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll

2010-11-02 04:35:35 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll

2010-11-02 04:35:34 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll

2010-11-02 04:35:34 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll

2010-11-02 04:35:34 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll

2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe

2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe

2010-10-27 05:06:22 2048 ----a-w- C:\Windows\System32\tzres.dll

2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

============= FINISH: 11:34:30.89 ===============

Thank you!

Robert

Attach.zip

Link to post
Share on other sites

welcome.gif

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

You might want to print these instructions out.

I suggest you do this:

I've been seeing some Java infections lately.

Go here and follow the instructions to clear your Java Cache

http://www.java.com/en/download/help/plugin_cache.xml

Next:

Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.

Please download ATF Cleaner by Atribune.

Download - ATF Cleaner

Link to post
Share on other sites

welcome.gif

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

You might want to print these instructions out.

I suggest you do this:

I've been seeing some Java infections lately.

Go here and follow the instructions to clear your Java Cache

http://www.java.com/en/download/help/plugin_cache.xml

Next:

Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.

Please download ATF Cleaner by Atribune.

Download - ATF Cleaner

Link to post
Share on other sites

Glad that worked.

Let me know how it's doing.

Hi,

Well, did a little more browsing this morning, and got my "congratulations, You won a Wal Mart gift Card" pop-up and new browser window. Also, when I click on a new tab from an open browser window, I intermittantly get the new tab windo to open, but it stays in processing mode. Meaning, the little spinning icon indicating that the window is opening just hangs there, and the new tab window never opens.

The only way I can close my browser when it hangs its to close the process in task manager. Often I will see more ieExplorer processes running in there than I have open. Makes me fearful that there is stuff running in the background.

Thank you.

Robert

Link to post
Share on other sites

Please download GooredFix from one of the locations below and save it to your Desktop

Download Mirror #1

Download Mirror #2

  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • It doesn't take long to run, once it is finished move onto the next step

Next:

Note: if the Cure option is not there, please select 'Skip'.

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    TDSSKillermain.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
    TDSSKillerSuspicious.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

please post the contents of that log TDSSKiller log.

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites

Please download GooredFix from one of the locations below and save it to your Desktop

Download Mirror #1

Download Mirror #2

  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • It doesn't take long to run, once it is finished move onto the next step

Next:

Note: if the Cure option is not there, please select 'Skip'.

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    TDSSKillermain.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
    TDSSKillerSuspicious.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

please post the contents of that log TDSSKiller log.

Also please describe how your computer behaves at the moment.

Hello,

I ran the applications you suggested, and each ran fine. The TDSSKiller found a rootkit problem, for which I chose cure. I pasted the text below.

BTW, my PC is running Windows 7. I browsed a bunch of websites with no apparent issues. I will continue to use my PC and let you know again how its running.

Thanks,

Robert

2011/01/22 14:24:06.0848 TDSS rootkit removing tool 2.4.14.0 Jan 18 2011 09:33:51

2011/01/22 14:24:06.0848 ================================================================================

2011/01/22 14:24:06.0848 SystemInfo:

2011/01/22 14:24:06.0848

2011/01/22 14:24:06.0848 OS Version: 6.1.7600 ServicePack: 0.0

2011/01/22 14:24:06.0848 Product type: Workstation

2011/01/22 14:24:06.0849 ComputerName: ROB-PC7

2011/01/22 14:24:06.0849 UserName: Rob

2011/01/22 14:24:06.0850 Windows directory: C:\Windows

2011/01/22 14:24:06.0850 System windows directory: C:\Windows

2011/01/22 14:24:06.0850 Running under WOW64

2011/01/22 14:24:06.0850 Processor architecture: Intel x64

2011/01/22 14:24:06.0850 Number of processors: 2

2011/01/22 14:24:06.0850 Page size: 0x1000

2011/01/22 14:24:06.0850 Boot type: Normal boot

2011/01/22 14:24:06.0850 ================================================================================

2011/01/22 14:24:06.0851 Utility is running under WOW64

2011/01/22 14:24:07.0144 Initialize success

2011/01/22 14:24:11.0504 ================================================================================

2011/01/22 14:24:11.0505 Scan started

2011/01/22 14:24:11.0505 Mode: Manual;

2011/01/22 14:24:11.0505 ================================================================================

2011/01/22 14:24:12.0891 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

2011/01/22 14:24:13.0062 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

2011/01/22 14:24:13.0187 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

2011/01/22 14:24:13.0261 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

2011/01/22 14:24:13.0401 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

2011/01/22 14:24:13.0553 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

2011/01/22 14:24:13.0821 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys

2011/01/22 14:24:14.0011 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

2011/01/22 14:24:14.0148 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

2011/01/22 14:24:14.0271 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

2011/01/22 14:24:14.0328 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

2011/01/22 14:24:14.0444 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

2011/01/22 14:24:14.0548 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys

2011/01/22 14:24:14.0661 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

2011/01/22 14:24:14.0713 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys

2011/01/22 14:24:14.0799 ApfiltrService (9815014f3e30357168da272088c6f12f) C:\Windows\system32\DRIVERS\Apfiltr.sys

2011/01/22 14:24:14.0958 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

2011/01/22 14:24:15.0035 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

2011/01/22 14:24:15.0121 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

2011/01/22 14:24:15.0182 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

2011/01/22 14:24:15.0376 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

2011/01/22 14:24:15.0510 athr (5d4529ac4156e16bedb01441ae0cf984) C:\Windows\system32\DRIVERS\athrx.sys

2011/01/22 14:24:15.0689 AtiHdmiService (38467ff83c2b4265d51f418812a91e3c) C:\Windows\system32\drivers\AtiHdmi.sys

2011/01/22 14:24:15.0891 atikmdag (c5758bf1dfd762a5b17041ff061b7750) C:\Windows\system32\DRIVERS\atikmdag.sys

2011/01/22 14:24:16.0169 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys

2011/01/22 14:24:16.0290 AvgLdx64 (b447db072bf939db9e07bef2adf4ecbd) C:\Windows\system32\Drivers\avgldx64.sys

2011/01/22 14:24:16.0376 AvgMfx64 (405baabbb48f9176e220020b1a77c47b) C:\Windows\system32\Drivers\avgmfx64.sys

2011/01/22 14:24:16.0441 AvgTdiA (ce90aec358a809e7bce6bb0f1da84622) C:\Windows\system32\Drivers\avgtdia.sys

2011/01/22 14:24:16.0566 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

2011/01/22 14:24:16.0702 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

2011/01/22 14:24:16.0884 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys

2011/01/22 14:24:17.0029 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

2011/01/22 14:24:17.0194 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

2011/01/22 14:24:17.0242 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys

2011/01/22 14:24:17.0348 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

2011/01/22 14:24:17.0399 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

2011/01/22 14:24:17.0445 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

2011/01/22 14:24:17.0556 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

2011/01/22 14:24:17.0599 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

2011/01/22 14:24:17.0707 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

2011/01/22 14:24:17.0764 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

2011/01/22 14:24:17.0923 CAXHWAZL (d1787e11c6a0078ddeaf8cf3ee2ab293) C:\Windows\system32\DRIVERS\CAXHWAZL.sys

2011/01/22 14:24:17.0979 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

2011/01/22 14:24:18.0138 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

2011/01/22 14:24:18.0261 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

2011/01/22 14:24:18.0314 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

2011/01/22 14:24:18.0464 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

2011/01/22 14:24:18.0495 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

2011/01/22 14:24:18.0536 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys

2011/01/22 14:24:18.0692 CnxtHdAudService (20f3f8674d7dee5d90a352b775d5d5ba) C:\Windows\system32\drivers\CHDRT64.sys

2011/01/22 14:24:18.0805 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

2011/01/22 14:24:18.0871 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

2011/01/22 14:24:18.0970 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

2011/01/22 14:24:19.0115 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys

2011/01/22 14:24:19.0168 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

2011/01/22 14:24:19.0291 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

2011/01/22 14:24:19.0457 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

2011/01/22 14:24:19.0534 DXGKrnl (24ce1ecf9d0ae0301775b07f5fea175b) C:\Windows\System32\drivers\dxgkrnl.sys

2011/01/22 14:24:19.0704 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

2011/01/22 14:24:19.0939 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

2011/01/22 14:24:20.0049 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

2011/01/22 14:24:20.0125 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

2011/01/22 14:24:20.0240 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

2011/01/22 14:24:20.0315 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

2011/01/22 14:24:20.0446 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

2011/01/22 14:24:20.0488 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

2011/01/22 14:24:20.0515 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

2011/01/22 14:24:20.0630 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

2011/01/22 14:24:20.0722 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

2011/01/22 14:24:20.0812 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

2011/01/22 14:24:20.0898 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

2011/01/22 14:24:21.0007 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

2011/01/22 14:24:21.0186 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

2011/01/22 14:24:21.0241 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

2011/01/22 14:24:21.0383 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

2011/01/22 14:24:21.0417 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

2011/01/22 14:24:21.0444 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

2011/01/22 14:24:21.0545 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

2011/01/22 14:24:21.0687 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

2011/01/22 14:24:21.0767 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

2011/01/22 14:24:21.0886 HSF_DPV (26c5d00321937e49b6bc91029947d094) C:\Windows\system32\DRIVERS\CAX_DPV.sys

2011/01/22 14:24:22.0009 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

2011/01/22 14:24:22.0116 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

2011/01/22 14:24:22.0257 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

2011/01/22 14:24:22.0319 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys

2011/01/22 14:24:22.0616 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys

2011/01/22 14:24:22.0894 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

2011/01/22 14:24:22.0942 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

2011/01/22 14:24:22.0986 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

2011/01/22 14:24:23.0093 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2011/01/22 14:24:23.0149 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

2011/01/22 14:24:23.0264 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

2011/01/22 14:24:23.0385 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

2011/01/22 14:24:23.0443 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

2011/01/22 14:24:23.0544 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

2011/01/22 14:24:23.0600 k57nd60a (249ee2d26cb1530f3bede0ac8b9e3099) C:\Windows\system32\DRIVERS\k57nd60a.sys

2011/01/22 14:24:23.0714 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

2011/01/22 14:24:23.0767 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

2011/01/22 14:24:23.0877 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys

2011/01/22 14:24:23.0963 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys

2011/01/22 14:24:24.0091 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

2011/01/22 14:24:24.0231 L1E (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys

2011/01/22 14:24:24.0467 LHidFilt (97caaa9fd47af67e590552c34ce2d9b1) C:\Windows\system32\DRIVERS\LHidFilt.Sys

2011/01/22 14:24:24.0659 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

2011/01/22 14:24:24.0780 LMouFilt (1a3c49b3edba8f8faf49ad5679813321) C:\Windows\system32\DRIVERS\LMouFilt.Sys

2011/01/22 14:24:24.0872 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

2011/01/22 14:24:24.0996 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

2011/01/22 14:24:25.0046 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

2011/01/22 14:24:25.0141 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

2011/01/22 14:24:25.0194 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

2011/01/22 14:24:25.0304 LUsbFilt (d67f18191c0ced7212d771190f032158) C:\Windows\system32\Drivers\LUsbFilt.Sys

2011/01/22 14:24:25.0399 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys

2011/01/22 14:24:25.0511 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

2011/01/22 14:24:25.0558 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

2011/01/22 14:24:25.0668 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

2011/01/22 14:24:25.0719 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

2011/01/22 14:24:25.0845 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

2011/01/22 14:24:26.0015 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

2011/01/22 14:24:26.0054 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

2011/01/22 14:24:26.0158 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

2011/01/22 14:24:26.0207 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

2011/01/22 14:24:26.0263 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

2011/01/22 14:24:26.0367 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys

2011/01/22 14:24:26.0414 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2011/01/22 14:24:26.0470 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2011/01/22 14:24:26.0600 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

2011/01/22 14:24:26.0643 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

2011/01/22 14:24:26.0779 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

2011/01/22 14:24:26.0826 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

2011/01/22 14:24:26.0936 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

2011/01/22 14:24:27.0060 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

2011/01/22 14:24:27.0099 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

2011/01/22 14:24:27.0137 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

2011/01/22 14:24:27.0175 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

2011/01/22 14:24:27.0273 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

2011/01/22 14:24:27.0325 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

2011/01/22 14:24:27.0372 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

2011/01/22 14:24:27.0477 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

2011/01/22 14:24:27.0541 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

2011/01/22 14:24:27.0667 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

2011/01/22 14:24:27.0781 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

2011/01/22 14:24:27.0841 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

2011/01/22 14:24:27.0931 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

2011/01/22 14:24:27.0979 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

2011/01/22 14:24:28.0021 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

2011/01/22 14:24:28.0124 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

2011/01/22 14:24:28.0163 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

2011/01/22 14:24:28.0312 netr28x (b72bb9496a126fcfc7fc5945ded9b411) C:\Windows\system32\DRIVERS\netr28x.sys

2011/01/22 14:24:28.0442 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

2011/01/22 14:24:28.0497 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

2011/01/22 14:24:28.0535 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

2011/01/22 14:24:28.0675 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys

2011/01/22 14:24:28.0813 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys

2011/01/22 14:24:28.0865 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

2011/01/22 14:24:28.0978 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys

2011/01/22 14:24:29.0015 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys

2011/01/22 14:24:29.0117 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

2011/01/22 14:24:29.0245 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

2011/01/22 14:24:29.0324 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

2011/01/22 14:24:29.0410 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

2011/01/22 14:24:29.0459 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

2011/01/22 14:24:29.0495 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

2011/01/22 14:24:29.0598 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

2011/01/22 14:24:29.0644 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

2011/01/22 14:24:29.0686 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

2011/01/22 14:24:29.0862 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

2011/01/22 14:24:29.0900 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

2011/01/22 14:24:30.0033 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

2011/01/22 14:24:30.0106 PTDUBus (bccea08c45bea866ffd2af32d23611b5) C:\Windows\system32\DRIVERS\PTDUBus.sys

2011/01/22 14:24:30.0267 PTDUMdm (f94a0753921e97cebb9002682097149a) C:\Windows\system32\DRIVERS\PTDUMdm.sys

2011/01/22 14:24:30.0353 PTDUVsp (ac70cdae9e26d26ef6f41c3c23087aae) C:\Windows\system32\DRIVERS\PTDUVsp.sys

2011/01/22 14:24:30.0413 PTDUWFLT (1d2bd34a8e5c9efd75085af598a7d9b4) C:\Windows\system32\DRIVERS\PTDUWFLT.sys

2011/01/22 14:24:30.0566 PTDUWWAN (3d47d2ae93fdf671c3c997b2fac4e13f) C:\Windows\system32\DRIVERS\PTDUWWAN.sys

2011/01/22 14:24:30.0674 PxHlpa64 (a6bf0a9b5a30d743623ca0d3be35df05) C:\Windows\system32\Drivers\PxHlpa64.sys

2011/01/22 14:24:30.0818 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

2011/01/22 14:24:30.0960 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

2011/01/22 14:24:31.0013 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

2011/01/22 14:24:31.0063 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

2011/01/22 14:24:31.0166 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

2011/01/22 14:24:31.0231 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

2011/01/22 14:24:31.0349 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

2011/01/22 14:24:31.0392 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

2011/01/22 14:24:31.0438 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

2011/01/22 14:24:31.0550 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

2011/01/22 14:24:31.0594 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

2011/01/22 14:24:31.0651 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

2011/01/22 14:24:31.0749 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

2011/01/22 14:24:31.0799 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

2011/01/22 14:24:31.0859 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

2011/01/22 14:24:31.0992 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys

2011/01/22 14:24:32.0151 RimVSerPort (0de22421179d5a8440b68517ddf2b051) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys

2011/01/22 14:24:32.0274 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys

2011/01/22 14:24:32.0442 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

2011/01/22 14:24:32.0513 RSUSBSTOR (2db8116d52b19216812c4e6d5d837810) C:\Windows\System32\Drivers\RtsUStor.sys

2011/01/22 14:24:32.0687 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

2011/01/22 14:24:32.0826 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

2011/01/22 14:24:32.0915 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

2011/01/22 14:24:33.0051 Ser2ph (de3135e7ed559fc1c1b92aa7ba52ccdb) C:\Windows\system32\DRIVERS\ser2ph64.sys

2011/01/22 14:24:33.0130 Ser2rs (487fe5ca3b50cf31989298108f192a73) C:\Windows\system32\DRIVERS\ser2rs64.sys

2011/01/22 14:24:33.0237 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

2011/01/22 14:24:33.0295 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

2011/01/22 14:24:33.0405 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

2011/01/22 14:24:33.0478 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

2011/01/22 14:24:33.0500 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

2011/01/22 14:24:33.0522 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys

2011/01/22 14:24:33.0619 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

2011/01/22 14:24:33.0755 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

2011/01/22 14:24:33.0805 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

2011/01/22 14:24:33.0918 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

2011/01/22 14:24:34.0024 SMSIVZAM5X64 (b5d3c24e4ea8e6d4850e83dad8c510d4) C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS

2011/01/22 14:24:34.0150 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

2011/01/22 14:24:34.0253 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys

2011/01/22 14:24:34.0373 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys

2011/01/22 14:24:34.0460 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS

2011/01/22 14:24:34.0610 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS

2011/01/22 14:24:34.0750 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

2011/01/22 14:24:34.0873 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys

2011/01/22 14:24:34.0934 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

2011/01/22 14:24:35.0033 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

2011/01/22 14:24:35.0237 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys

2011/01/22 14:24:35.0415 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys

2011/01/22 14:24:35.0541 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

2011/01/22 14:24:35.0596 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

2011/01/22 14:24:35.0636 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

2011/01/22 14:24:35.0740 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

2011/01/22 14:24:35.0778 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

2011/01/22 14:24:35.0930 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

2011/01/22 14:24:35.0978 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

2011/01/22 14:24:36.0106 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

2011/01/22 14:24:36.0175 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys

2011/01/22 14:24:36.0287 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

2011/01/22 14:24:36.0372 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

2011/01/22 14:24:36.0480 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

2011/01/22 14:24:36.0524 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

2011/01/22 14:24:36.0576 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys

2011/01/22 14:24:36.0712 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

2011/01/22 14:24:36.0753 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys

2011/01/22 14:24:36.0885 usbfilter (6648c6d7323a2ce0c4776c36cefbcb14) C:\Windows\system32\DRIVERS\usbfilter.sys

2011/01/22 14:24:36.0991 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys

2011/01/22 14:24:37.0094 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys

2011/01/22 14:24:37.0136 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

2011/01/22 14:24:37.0162 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2011/01/22 14:24:37.0254 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys

2011/01/22 14:24:37.0319 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys

2011/01/22 14:24:37.0469 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

2011/01/22 14:24:37.0543 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

2011/01/22 14:24:37.0624 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

2011/01/22 14:24:37.0675 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

2011/01/22 14:24:37.0723 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

2011/01/22 14:24:37.0810 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

2011/01/22 14:24:37.0868 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

2011/01/22 14:24:37.0910 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

2011/01/22 14:24:37.0998 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

2011/01/22 14:24:38.0057 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

2011/01/22 14:24:38.0136 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

2011/01/22 14:24:38.0179 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

2011/01/22 14:24:38.0251 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

2011/01/22 14:24:38.0299 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

2011/01/22 14:24:38.0320 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

2011/01/22 14:24:38.0479 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

2011/01/22 14:24:38.0553 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

2011/01/22 14:24:38.0740 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

2011/01/22 14:24:38.0795 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

2011/01/22 14:24:38.0857 winachsf (a6ea7a3fc4b00f48535b506db1e86efd) C:\Windows\system32\DRIVERS\CAX_CNXT.sys

2011/01/22 14:24:39.0044 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys

2011/01/22 14:24:39.0186 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

2011/01/22 14:24:39.0276 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

2011/01/22 14:24:39.0397 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

2011/01/22 14:24:39.0467 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

2011/01/22 14:24:39.0606 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys

2011/01/22 14:24:39.0764 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)

2011/01/22 14:24:39.0771 ================================================================================

2011/01/22 14:24:39.0771 Scan finished

2011/01/22 14:24:39.0771 ================================================================================

2011/01/22 14:24:39.0793 Detected object count: 1

2011/01/22 14:24:53.0138 \HardDisk0 - will be cured after reboot

2011/01/22 14:24:53.0139 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure

2011/01/22 14:25:15.0439 Deinitialize success

Link to post
Share on other sites

If you used DeFogger

To re-enable your Emulation drivers, double click DeFogger to run the tool.

  • The application window will appear
  • Click the Re-enable button to re-enable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger will now ask to reboot the machine - click OK

IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_enable which will appear on your desktop.

Your Emulation drivers are now re-enabled.

How to Create a System Restore Point in Windows 7

http://www.sevenforums.com/tutorials/697-s...int-create.html

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.