Jump to content

help, infected with Internet Security 2011, and can't get rid of it all


ragt20

Recommended Posts

Hi guys, hopefully you can help in getting rid of this problem.

Can't get any anti malware program to run, even malwarebytes, soon runs for a few mins then disappears and when I try to restart I get the following error message :

Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item.

This happens for every thing I have tried so far, even in safe mode. If I uninstall the program reinstall it, it lets me run it, but again after a few mins the program disappear.

The only thing that doesn't crash like this is AVG, although it detects a few threats, it doesn't do anything about them.

DDS Log is below, as requested, and attach file uploaded, unfortunately can't run GMER, as it disappears like all the other anti spyware software I've tried.

DDS (Ver_10-12-12.02) - NTFSx86

Run by CALLUM at 20:57:56.44 on 23/01/2011

Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_23

============== Running Processes ===============

============== Pseudo HJT Report ===============

uWindow Title = Internet Explorer provided by Dell

mDefault_Page_URL = hxxp://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=3071221

uInternet Settings,ProxyOverride = *.local

mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll

BHO: VidToMP3.com Toolbar: {bbf89fda-07f1-4ad3-86b1-0de425ee8097} - c:\program files\vidtomp3tb\vidtomp3Dx.dll

BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll

TB: VidToMP3.com Toolbar: {bbf89fda-07f1-4ad3-86b1-0de425ee8097} - c:\program files\vidtomp3tb\vidtomp3Dx.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll

uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [ECenter] c:\dell\e-center\EULALauncher.exe

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe

mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [PMX Daemon] ICO.EXE

mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s

mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [<NO NAME>]

mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"

mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"

mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe

mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\bumptop.lnk - c:\program files\bumptop\BumpTop.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\windows\installer\{7f0c4457-8e64-491b-8d7b-991504365d1e}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

LSP: mswsock.dll

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - c:\program files\tiscali\tiscali internet\dlls\tiscalifilter.dll

Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg10\toolbar\IEToolbar.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll

AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\callum\appdata\roaming\mozilla\firefox\profiles\7nvdavy6.default\

FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll

FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll

FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll

FF - plugin: c:\program files\java\jre1.6.0\bin\npjpi160.dll

FF - plugin: c:\program files\microsoft\office live\npOLW.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npclntax_ClickPotatoLiteSA.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\avg\avg10\Firefox

FF - Ext: AVG Security Toolbar em:version=6.011.025.001 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - c:\program files\avg\avg10\toolbar\firefox\avg@igeared

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: YouTube to MP3: youtube2mp3@mondayx.de - %profile%\extensions\youtube2mp3@mondayx.de

FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}

============= SERVICES / DRIVERS ===============

=============== Created Last 30 ================

2011-01-23 18:38:41 -------- d-----w- c:\program files\Spybot - Search & Destroy2

2011-01-23 18:22:56 -------- d-----w- c:\program files\Spybot - Search & Destroy

2011-01-23 18:12:28 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-01-23 18:12:28 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll

2011-01-23 13:13:46 -------- d-----w- c:\users\callum\appdata\local\AVG Security Toolbar

2011-01-23 12:42:17 -------- d-----w- c:\users\callum\appdata\roaming\AVG10

2011-01-23 01:33:57 -------- d--h--w- C:\$AVG

2011-01-23 00:59:42 -------- d--h--w- c:\progra~2\Common Files

2011-01-23 00:59:07 -------- d-----w- c:\progra~2\AVG Security Toolbar

2011-01-23 00:57:00 -------- d-----w- c:\windows\system32\drivers\AVG

2011-01-23 00:57:00 -------- d-----w- c:\progra~2\AVG10

2011-01-23 00:55:06 -------- d-----w- c:\program files\AVG

2011-01-23 00:46:37 -------- d-----w- c:\progra~2\MFAData

2011-01-23 00:32:15 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2011-01-22 23:58:45 -------- d-----w- c:\program files\Lavasoft

2011-01-22 23:09:01 -------- d-----w- c:\program files\CCleaner

2011-01-22 21:58:18 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{d71999e0-40f6-43cb-bdb9-ebf1dd85b268}\mpengine.dll

2011-01-22 21:43:15 48000 ----a-w- c:\windows\system32\drivers\vbma92a1.sys

2011-01-20 06:22:19 -------- d-----w- c:\progra~2\1328B

2011-01-20 00:55:24 -------- d-----w- c:\program files\old

2011-01-20 00:55:24 -------- d-----w- c:\progra~2\Spybot - Search & Destroy

2011-01-19 22:21:47 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2011-01-19 16:36:06 -------- d-----w- c:\users\callum\appdata\roaming\SUPERAntiSpyware.com

2011-01-19 16:36:06 -------- d-----w- c:\progra~2\SUPERAntiSpyware.com

2011-01-19 16:05:16 -------- d-----w- c:\progra~2\Hitman Pro

2011-01-19 15:28:03 -------- d--h--w- c:\windows\PIF

2011-01-19 13:45:16 -------- d-----w- c:\users\callum\appdata\roaming\Malwarebytes

2011-01-19 13:45:05 -------- d-----w- c:\progra~2\Malwarebytes

2011-01-19 13:41:48 -------- d-----w- C:\downloads

2011-01-17 18:01:42 409600 ----a-w- c:\windows\system32\odbc32.dll

2011-01-17 18:01:41 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll

2011-01-17 18:01:40 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll

2011-01-17 18:01:40 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll

2011-01-17 18:01:40 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll

2011-01-17 18:01:39 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll

2011-01-17 18:01:23 1169408 ----a-w- c:\windows\system32\sdclt.exe

2011-01-11 18:13:57 -------- d-----w- c:\users\callum\appdata\roaming\Spotify

2011-01-11 18:13:57 -------- d-----w- c:\users\callum\appdata\local\Spotify

2011-01-11 18:13:53 -------- d-----w- c:\program files\Spotify

==================== Find3M ====================

2010-11-06 11:10:29 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll

2010-11-06 11:10:13 357376 ----a-w- c:\windows\system32\taskschd.dll

2010-11-06 11:10:13 270336 ----a-w- c:\windows\system32\taskcomp.dll

2010-11-06 11:09:57 603648 ----a-w- c:\windows\system32\schedsvc.dll

2010-11-05 00:53:47 171520 ----a-w- c:\windows\system32\taskeng.exe

2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll

2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec

2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2010-10-28 15:02:24 34304 ----a-w- c:\windows\system32\atmlib.dll

2010-10-28 13:03:07 292352 ----a-w- c:\windows\system32\atmfd.dll

2010-10-28 12:56:58 2048 ----a-w- c:\windows\system32\tzres.dll

============= FINISH: 21:01:49.92 ===============

hopefully you guys can help me get rid of this.

Thanks

G

Attach.zip

Link to post
Share on other sites

  • Replies 111
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Posted Images

Hello ragt20! Welcome to Malwarebytes' Anti-Malware Forums!

My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following:

  • The process of cleaning your system may take some time, so please be patient.
  • Follow my instructions step by step if there is a problem somewhere, stop and tell me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • If you don't know or can't understand something please ask.
  • Do not install or uninstall any software or hardware, while work on.
  • Keep me informed about any changes.

Step 1

Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click and choose Run as Admin

You only need to get one of them to run, not all of them.

  1. rkill.exe
  2. rkill.com
  3. rkill.scr
  4. rkill.pif
  5. WiNlOgOn.exe
  6. uSeRiNiT.exe

Please post the log in your next reply.

Note: The log can be found at the root of your installed hard drive entitled rkill.log

Step 2

  • Launch Malwarebytes' Anti-Malware
  • Go to "Update" tab and select "Check for Updates". If an update is found, it will download and install the latest version.
  • Go to "Scanner" tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

In your next reply, please include these log(s):

  1. RKill log
  2. Malwarebytes' Anti-Malware log
  3. a new fresh DDS log only

Link to post
Share on other sites

Hi Borislav,

thanks for your help...

logs as requested.

1. Rkill

This log file is located at C:\rkill.log.

Please post this only if requested to by the person helping you.

Otherwise you can close this log when you wish.

Rkill was run on 23/01/2011 at 22:00:40.

Operating System: Windows Vista Home Premium

Processes terminated by Rkill or while it was running:

\\.\globalroot\Device\svchost.exe\svchost.exe

Rkill completed on 23/01/2011 at 22:00:53.

2. MBAM.

Sorry but again MBAM just disappeared after running for a few seconds. even though I did manage to update it.

3. DDS Log new

DDS (Ver_10-12-12.02) - NTFSx86

Run by CALLUM at 22:05:26.87 on 23/01/2011

Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_23

============== Running Processes ===============

============== Pseudo HJT Report ===============

uWindow Title = Internet Explorer provided by Dell

mDefault_Page_URL = hxxp://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=3071221

uInternet Settings,ProxyOverride = *.local

mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll

BHO: VidToMP3.com Toolbar: {bbf89fda-07f1-4ad3-86b1-0de425ee8097} - c:\program files\vidtomp3tb\vidtomp3Dx.dll

BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll

TB: VidToMP3.com Toolbar: {bbf89fda-07f1-4ad3-86b1-0de425ee8097} - c:\program files\vidtomp3tb\vidtomp3Dx.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll

uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [ECenter] c:\dell\e-center\EULALauncher.exe

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe

mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [PMX Daemon] ICO.EXE

mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s

mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [<NO NAME>]

mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"

mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"

mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe

mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe

mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\bumptop.lnk - c:\program files\bumptop\BumpTop.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\windows\installer\{7f0c4457-8e64-491b-8d7b-991504365d1e}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

LSP: mswsock.dll

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - c:\program files\tiscali\tiscali internet\dlls\tiscalifilter.dll

Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg10\toolbar\IEToolbar.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll

AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\callum\appdata\roaming\mozilla\firefox\profiles\7nvdavy6.default\

FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll

FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll

FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll

FF - plugin: c:\program files\java\jre1.6.0\bin\npjpi160.dll

FF - plugin: c:\program files\microsoft\office live\npOLW.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npclntax_ClickPotatoLiteSA.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\avg\avg10\Firefox

FF - Ext: AVG Security Toolbar em:version=6.011.025.001 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - c:\program files\avg\avg10\toolbar\firefox\avg@igeared

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: YouTube to MP3: youtube2mp3@mondayx.de - %profile%\extensions\youtube2mp3@mondayx.de

FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}

============= SERVICES / DRIVERS ===============

=============== Created Last 30 ================

2011-01-23 22:03:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-01-23 22:03:20 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-01-23 22:03:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-01-23 18:38:41 -------- d-----w- c:\program files\Spybot - Search & Destroy2

2011-01-23 18:22:56 -------- d-----w- c:\program files\Spybot - Search & Destroy

2011-01-23 18:12:28 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-01-23 18:12:28 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll

2011-01-23 13:13:46 -------- d-----w- c:\users\callum\appdata\local\AVG Security Toolbar

2011-01-23 12:42:17 -------- d-----w- c:\users\callum\appdata\roaming\AVG10

2011-01-23 01:33:57 -------- d--h--w- C:\$AVG

2011-01-23 00:59:42 -------- d--h--w- c:\progra~2\Common Files

2011-01-23 00:59:07 -------- d-----w- c:\progra~2\AVG Security Toolbar

2011-01-23 00:57:00 -------- d-----w- c:\windows\system32\drivers\AVG

2011-01-23 00:57:00 -------- d-----w- c:\progra~2\AVG10

2011-01-23 00:55:06 -------- d-----w- c:\program files\AVG

2011-01-23 00:46:37 -------- d-----w- c:\progra~2\MFAData

2011-01-23 00:32:15 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2011-01-22 23:58:45 -------- d-----w- c:\program files\Lavasoft

2011-01-22 23:09:01 -------- d-----w- c:\program files\CCleaner

2011-01-22 21:58:18 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{d71999e0-40f6-43cb-bdb9-ebf1dd85b268}\mpengine.dll

2011-01-22 21:43:15 48000 ----a-w- c:\windows\system32\drivers\vbma92a1.sys

2011-01-20 06:22:19 -------- d-----w- c:\progra~2\1328B

2011-01-20 00:55:24 -------- d-----w- c:\program files\old

2011-01-20 00:55:24 -------- d-----w- c:\progra~2\Spybot - Search & Destroy

2011-01-19 22:21:47 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2011-01-19 16:36:06 -------- d-----w- c:\users\callum\appdata\roaming\SUPERAntiSpyware.com

2011-01-19 16:36:06 -------- d-----w- c:\progra~2\SUPERAntiSpyware.com

2011-01-19 16:05:16 -------- d-----w- c:\progra~2\Hitman Pro

2011-01-19 15:28:03 -------- d--h--w- c:\windows\PIF

2011-01-19 13:45:16 -------- d-----w- c:\users\callum\appdata\roaming\Malwarebytes

2011-01-19 13:45:05 -------- d-----w- c:\progra~2\Malwarebytes

2011-01-19 13:41:48 -------- d-----w- C:\downloads

2011-01-17 18:01:42 409600 ----a-w- c:\windows\system32\odbc32.dll

2011-01-17 18:01:41 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll

2011-01-17 18:01:40 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll

2011-01-17 18:01:40 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll

2011-01-17 18:01:40 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll

2011-01-17 18:01:39 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll

2011-01-17 18:01:23 1169408 ----a-w- c:\windows\system32\sdclt.exe

2011-01-11 18:13:57 -------- d-----w- c:\users\callum\appdata\roaming\Spotify

2011-01-11 18:13:57 -------- d-----w- c:\users\callum\appdata\local\Spotify

2011-01-11 18:13:53 -------- d-----w- c:\program files\Spotify

==================== Find3M ====================

2010-11-06 11:10:29 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll

2010-11-06 11:10:13 357376 ----a-w- c:\windows\system32\taskschd.dll

2010-11-06 11:10:13 270336 ----a-w- c:\windows\system32\taskcomp.dll

2010-11-06 11:09:57 603648 ----a-w- c:\windows\system32\schedsvc.dll

2010-11-05 00:53:47 171520 ----a-w- c:\windows\system32\taskeng.exe

2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll

2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec

2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2010-10-28 15:02:24 34304 ----a-w- c:\windows\system32\atmlib.dll

2010-10-28 13:03:07 292352 ----a-w- c:\windows\system32\atmfd.dll

2010-10-28 12:56:58 2048 ----a-w- c:\windows\system32\tzres.dll

============= FINISH: 22:14:09.52 ===============

Attach.zip

Link to post
Share on other sites

  1. Please download the following program: Inherit (from sUBs)
  2. Copy Inherit.exe to C:\Program Files\Malwarebytes' Anti-Malware
  3. Drag and drop mbam.exe into Inherit.exe
  4. You will then receive an OK message from Inherit.exe and then press OK

Next,

  • Launch Malwarebytes' Anti-Malware
  • Go to "Update" tab and select "Check for Updates". If an update is found, it will download and install the latest version.
  • Go to "Scanner" tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Link to post
Share on other sites

  1. Please download the following program: Inherit (from sUBs)
  2. Copy Inherit.exe to C:\Program Files\Malwarebytes' Anti-Malware
  3. Drag and drop mbam.exe into Inherit.exe
  4. You will then receive an OK message from Inherit.exe and then press OK

Next,

  • Launch Malwarebytes' Anti-Malware
  • Go to "Update" tab and select "Check for Updates". If an update is found, it will download and install the latest version.
  • Go to "Scanner" tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

did as above, but again same problem malwarebytes disappears after running for less than 30 secs

Link to post
Share on other sites

**Note: If you need more detailed information, please visit the web page of ComboFix in BleepingComputer. **

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper.

Please download ComboFix from

Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**

  1. If you are using Firefox, make sure that your download settings are as follows:
    • Open Tools -> Options -> Main tab
    • Set to Always ask me where to Save the files.

[*]During the download, rename Combofix to Combo-Fix as follows:

CF_download_FF.gif

CF_download_rename.gif

[*]It is important you rename Combofix during the download, but not after.

[*]Please do not rename Combofix to other names, but only to the one indicated.

[*]Close any open browsers.

[*]Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

-----------------------------------------------------------

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause unpredictable results.
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

    -----------------------------------------------------------


  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

-----------------------------------------------------------

[*]Double click on combo-Fix.exe & follow the prompts.

[*]When finished, it will produce a report for you.

[*]Please post the C:\Combo-Fix.txt for further review.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

Link to post
Share on other sites

no worries fully understand its gonna take time to remove this thing...

followed your instructions as above, and nothing happens when I run Combofix.

after disabling software as requested, I double clicked on the Combofix icon on the desktop, little box with combofix appears with status bar showing like something installing, when the bar gets to maximum it disappears, and nothing has happened since, for the last 10-15mins, unless its scanning in the background?

Link to post
Share on other sites

Hi Borislav,

unfortunately as I feared Combofix hasn't done anything, as mentioned in my earlier replies after installing and running Combofix, it goes through the part where it installs something then disappears, there are no prompts to follow, it didn't create a .txt file, and watching the networking icon, didn't even disable the internet connection as it should have done..

Link to post
Share on other sites

  • Download OTL (by OldTimer):
    1. OTL.exe
    2. OTL.com
    3. OTL.scr

    [*]Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.

    [*]When the window appears, underneath Output at the top change it to Minimal Output.

    [*]Under the Standard Registry box change it to All.

    [*]Check the boxes beside LOP Check and Purity Check.

    [*]Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Link to post
Share on other sites

this thing don't wanna get beat....

followed your insturctions for OTL, within 5 secs of hitting run scan, it disappeared, no .txt files created, but now if I try to click on OTL again, I get the following message :

Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item.

and have noticed a little picture of what looks like two people appear on the OTL icon, which wasn't there when OTL was saved on the desktop..

Link to post
Share on other sites

new DDS log...

DDS (Ver_10-12-12.02) - NTFSx86

Run by CALLUM at 20:44:33.65 on 24/01/2011

Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_23

============== Running Processes ===============

============== Pseudo HJT Report ===============

uWindow Title = Internet Explorer provided by Dell

mDefault_Page_URL = hxxp://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=3071221

uInternet Settings,ProxyOverride = *.local

mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll

BHO: VidToMP3.com Toolbar: {bbf89fda-07f1-4ad3-86b1-0de425ee8097} - c:\program files\vidtomp3tb\vidtomp3Dx.dll

BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll

TB: VidToMP3.com Toolbar: {bbf89fda-07f1-4ad3-86b1-0de425ee8097} - c:\program files\vidtomp3tb\vidtomp3Dx.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll

uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [ECenter] c:\dell\e-center\EULALauncher.exe

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe

mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [PMX Daemon] ICO.EXE

mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s

mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [<NO NAME>]

mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"

mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"

mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe

mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\bumptop.lnk - c:\program files\bumptop\BumpTop.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\windows\installer\{7f0c4457-8e64-491b-8d7b-991504365d1e}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

LSP: mswsock.dll

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - c:\program files\tiscali\tiscali internet\dlls\tiscalifilter.dll

Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg10\toolbar\IEToolbar.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\callum\appdata\roaming\mozilla\firefox\profiles\7nvdavy6.default\

FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll

FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll

FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll

FF - plugin: c:\program files\java\jre1.6.0\bin\npjpi160.dll

FF - plugin: c:\program files\microsoft\office live\npOLW.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npclntax_ClickPotatoLiteSA.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\avg\avg10\Firefox

FF - Ext: AVG Security Toolbar em:version=6.011.025.001 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - c:\program files\avg\avg10\toolbar\firefox\avg@igeared

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: YouTube to MP3: youtube2mp3@mondayx.de - %profile%\extensions\youtube2mp3@mondayx.de

FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}

============= SERVICES / DRIVERS ===============

=============== Created Last 30 ================

2011-01-23 22:29:22 719873 ----a-w- c:\users\callum\rkill.exe

2011-01-23 22:03:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-01-23 22:03:20 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-01-23 22:03:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-01-23 18:38:41 -------- d-----w- c:\program files\Spybot - Search & Destroy2

2011-01-23 18:22:56 -------- d-----w- c:\program files\Spybot - Search & Destroy

2011-01-23 18:12:28 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-01-23 18:12:28 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll

2011-01-23 13:13:46 -------- d-----w- c:\users\callum\appdata\local\AVG Security Toolbar

2011-01-23 12:42:17 -------- d-----w- c:\users\callum\appdata\roaming\AVG10

2011-01-23 01:33:57 -------- d--h--w- C:\$AVG

2011-01-23 00:59:42 -------- d--h--w- c:\progra~2\Common Files

2011-01-23 00:59:07 -------- d-----w- c:\progra~2\AVG Security Toolbar

2011-01-23 00:57:00 -------- d-----w- c:\windows\system32\drivers\AVG

2011-01-23 00:57:00 -------- d-----w- c:\progra~2\AVG10

2011-01-23 00:55:06 -------- d-----w- c:\program files\AVG

2011-01-23 00:46:37 -------- d-----w- c:\progra~2\MFAData

2011-01-23 00:32:15 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2011-01-22 23:58:45 -------- d-----w- c:\program files\Lavasoft

2011-01-22 23:09:01 -------- d-----w- c:\program files\CCleaner

2011-01-22 21:58:18 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{d71999e0-40f6-43cb-bdb9-ebf1dd85b268}\mpengine.dll

2011-01-22 21:43:15 48000 ----a-w- c:\windows\system32\drivers\vbma92a1.sys

2011-01-20 06:22:19 -------- d-----w- c:\progra~2\1328B

2011-01-20 00:55:24 -------- d-----w- c:\program files\old

2011-01-20 00:55:24 -------- d-----w- c:\progra~2\Spybot - Search & Destroy

2011-01-19 22:21:47 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2011-01-19 16:36:06 -------- d-----w- c:\users\callum\appdata\roaming\SUPERAntiSpyware.com

2011-01-19 16:36:06 -------- d-----w- c:\progra~2\SUPERAntiSpyware.com

2011-01-19 16:05:16 -------- d-----w- c:\progra~2\Hitman Pro

2011-01-19 15:28:03 -------- d--h--w- c:\windows\PIF

2011-01-19 13:45:16 -------- d-----w- c:\users\callum\appdata\roaming\Malwarebytes

2011-01-19 13:45:05 -------- d-----w- c:\progra~2\Malwarebytes

2011-01-19 13:41:48 -------- d-----w- C:\downloads

2011-01-17 18:01:42 409600 ----a-w- c:\windows\system32\odbc32.dll

2011-01-17 18:01:41 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll

2011-01-17 18:01:40 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll

2011-01-17 18:01:40 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll

2011-01-17 18:01:40 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll

2011-01-17 18:01:39 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll

2011-01-17 18:01:23 1169408 ----a-w- c:\windows\system32\sdclt.exe

2011-01-11 18:13:57 -------- d-----w- c:\users\callum\appdata\roaming\Spotify

2011-01-11 18:13:57 -------- d-----w- c:\users\callum\appdata\local\Spotify

2011-01-11 18:13:53 -------- d-----w- c:\program files\Spotify

==================== Find3M ====================

2010-11-06 11:10:29 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll

2010-11-06 11:10:13 357376 ----a-w- c:\windows\system32\taskschd.dll

2010-11-06 11:10:13 270336 ----a-w- c:\windows\system32\taskcomp.dll

2010-11-06 11:09:57 603648 ----a-w- c:\windows\system32\schedsvc.dll

2010-11-05 00:53:47 171520 ----a-w- c:\windows\system32\taskeng.exe

2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll

2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec

2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2010-10-28 15:02:24 34304 ----a-w- c:\windows\system32\atmlib.dll

2010-10-28 13:03:07 292352 ----a-w- c:\windows\system32\atmfd.dll

2010-10-28 12:56:58 2048 ----a-w- c:\windows\system32\tzres.dll

============= FINISH: 20:45:21.51 ===============

Link to post
Share on other sites

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, choose it.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • Click the Report button and copy/paste the contents of it into your next reply

Note:It will also create a log in the C:\ directory.

Link to post
Share on other sites

2011/01/24 20:56:11.0153 TDSS rootkit removing tool 2.4.15.0 Jan 22 2011 19:37:53

2011/01/24 20:56:11.0153 ================================================================================

2011/01/24 20:56:11.0153 SystemInfo:

2011/01/24 20:56:11.0153

2011/01/24 20:56:11.0153 OS Version: 6.0.6001 ServicePack: 1.0

2011/01/24 20:56:11.0168 Product type: Workstation

2011/01/24 20:56:11.0168 ComputerName: CALLUM-PC

2011/01/24 20:56:11.0168 UserName: CALLUM

2011/01/24 20:56:11.0168 Windows directory: C:\Windows

2011/01/24 20:56:11.0168 System windows directory: C:\Windows

2011/01/24 20:56:11.0168 Processor architecture: Intel x86

2011/01/24 20:56:11.0168 Number of processors: 2

2011/01/24 20:56:11.0168 Page size: 0x1000

2011/01/24 20:56:11.0168 Boot type: Normal boot

2011/01/24 20:56:11.0168 ================================================================================

2011/01/24 20:56:11.0823 Initialize success

2011/01/24 20:56:17.0829 ================================================================================

2011/01/24 20:56:17.0829 Scan started

2011/01/24 20:56:17.0829 Mode: Manual;

2011/01/24 20:56:17.0829 ================================================================================

2011/01/24 20:56:18.0516 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys

2011/01/24 20:56:18.0719 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys

2011/01/24 20:56:18.0906 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys

2011/01/24 20:56:19.0077 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys

2011/01/24 20:56:19.0233 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys

2011/01/24 20:56:19.0452 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys

2011/01/24 20:56:19.0655 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys

2011/01/24 20:56:19.0826 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

2011/01/24 20:56:20.0013 aliide (dc67a153fdb8105b25d05334b5e1d8e2) C:\Windows\system32\drivers\aliide.sys

2011/01/24 20:56:20.0138 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys

2011/01/24 20:56:20.0216 amdide (835c4c3355088298a5ebd818fa31430f) C:\Windows\system32\drivers\amdide.sys

2011/01/24 20:56:20.0403 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys

2011/01/24 20:56:20.0544 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys

2011/01/24 20:56:20.0762 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys

2011/01/24 20:56:20.0934 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys

2011/01/24 20:56:21.0121 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

2011/01/24 20:56:21.0261 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys

2011/01/24 20:56:21.0495 AVGIDSDriver (5f6c56305ea73760cdafc7604d64bbe0) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys

2011/01/24 20:56:21.0651 AVGIDSEH (20a2d48722cf055c846bdeafa4f733ce) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys

2011/01/24 20:56:21.0776 AVGIDSFilter (0a95333ca80ca8b79d612f3965466cc0) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys

2011/01/24 20:56:21.0839 AVGIDSShim (ab7e4b37126447ffe4fb639901012fb3) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys

2011/01/24 20:56:21.0948 Avgldx86 (5fe5a2c2330c376a1d8dcff8d2680a2d) C:\Windows\system32\DRIVERS\avgldx86.sys

2011/01/24 20:56:22.0104 Avgmfx86 (54f1a9b4c9b540c2d8ac4baa171696b1) C:\Windows\system32\DRIVERS\avgmfx86.sys

2011/01/24 20:56:22.0244 Avgrkx86 (8da3b77993c5f354cc2977b7ea06d03a) C:\Windows\system32\DRIVERS\avgrkx86.sys

2011/01/24 20:56:22.0400 Avgtdix (660788ec46f10ece80274d564fa8b4aa) C:\Windows\system32\DRIVERS\avgtdix.sys

2011/01/24 20:56:22.0603 BCM43XX (746f59822a5187510471fc46889b8cc9) C:\Windows\system32\DRIVERS\bcmwl6.sys

2011/01/24 20:56:22.0775 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\Windows\system32\DRIVERS\bcm4sbxp.sys

2011/01/24 20:56:22.0977 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

2011/01/24 20:56:23.0367 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys

2011/01/24 20:56:23.0539 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

2011/01/24 20:56:23.0679 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

2011/01/24 20:56:23.0867 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

2011/01/24 20:56:24.0023 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

2011/01/24 20:56:24.0194 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

2011/01/24 20:56:24.0319 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

2011/01/24 20:56:24.0506 BthEnum (da7b195275bda7f8fcf79b40e0f45dde) C:\Windows\system32\DRIVERS\BthEnum.sys

2011/01/24 20:56:24.0693 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

2011/01/24 20:56:24.0896 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys

2011/01/24 20:56:25.0083 BTHPORT (73d53f8e90550ba81e2cf44a0873b410) C:\Windows\system32\Drivers\BTHport.sys

2011/01/24 20:56:25.0286 BTHUSB (32045a4bb143bbc5bab1298c4e9e309a) C:\Windows\system32\Drivers\BTHUSB.sys

2011/01/24 20:56:25.0473 btwaudio (4a28e7bd365377d0512b7ef8c7596d2c) C:\Windows\system32\drivers\btwaudio.sys

2011/01/24 20:56:25.0614 btwavdt (5ffde57253d665067b0886612817eb11) C:\Windows\system32\drivers\btwavdt.sys

2011/01/24 20:56:25.0785 btwrchid (ab07dc8b05c31a4f95fc73019be9db15) C:\Windows\system32\DRIVERS\btwrchid.sys

2011/01/24 20:56:25.0973 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

2011/01/24 20:56:26.0191 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys

2011/01/24 20:56:26.0331 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys

2011/01/24 20:56:26.0487 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys

2011/01/24 20:56:26.0753 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

2011/01/24 20:56:26.0877 cmdide (e79cbb2195e965f6e3256e2c1b23fd1c) C:\Windows\system32\drivers\cmdide.sys

2011/01/24 20:56:27.0049 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

2011/01/24 20:56:27.0205 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys

2011/01/24 20:56:27.0345 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys

2011/01/24 20:56:27.0548 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys

2011/01/24 20:56:27.0782 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys

2011/01/24 20:56:27.0985 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

2011/01/24 20:56:28.0094 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys

2011/01/24 20:56:28.0235 e1express (7505290504c8e2d172fa378cc0497bcc) C:\Windows\system32\DRIVERS\e1e6032.sys

2011/01/24 20:56:28.0297 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys

2011/01/24 20:56:28.0469 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys

2011/01/24 20:56:28.0593 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys

2011/01/24 20:56:28.0718 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys

2011/01/24 20:56:28.0781 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys

2011/01/24 20:56:28.0859 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys

2011/01/24 20:56:28.0952 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

2011/01/24 20:56:28.0999 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

2011/01/24 20:56:29.0077 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys

2011/01/24 20:56:29.0155 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys

2011/01/24 20:56:29.0280 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys

2011/01/24 20:56:29.0389 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

2011/01/24 20:56:29.0451 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys

2011/01/24 20:56:29.0561 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys

2011/01/24 20:56:29.0670 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys

2011/01/24 20:56:29.0732 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

2011/01/24 20:56:29.0779 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

2011/01/24 20:56:29.0857 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys

2011/01/24 20:56:29.0997 hitmanpro35 (30b90793a568281bef70fa57dde305a2) C:\Windows\system32\drivers\hitmanpro35.sys

2011/01/24 20:56:30.0060 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys

2011/01/24 20:56:30.0185 HSF_DPV (e9e589c9ab799f52e18f057635a2b362) C:\Windows\system32\DRIVERS\HSX_DPV.sys

2011/01/24 20:56:30.0263 HSXHWAZL (7845d2385f4dc7dfb3ccaf0c2fa4948e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys

2011/01/24 20:56:30.0356 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys

2011/01/24 20:56:30.0419 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys

2011/01/24 20:56:30.0512 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

2011/01/24 20:56:30.0606 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\drivers\iastor.sys

2011/01/24 20:56:30.0684 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys

2011/01/24 20:56:30.0777 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

2011/01/24 20:56:30.0887 intelide (0084046c084d68e494f8cf36bcf08186) C:\Windows\system32\DRIVERS\intelide.sys

2011/01/24 20:56:30.0933 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

2011/01/24 20:56:31.0043 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2011/01/24 20:56:31.0089 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys

2011/01/24 20:56:31.0167 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

2011/01/24 20:56:31.0292 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

2011/01/24 20:56:31.0355 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys

2011/01/24 20:56:31.0417 iScsiPrt (e0305688f179cf488981b47ab9594b68) C:\Windows\system32\DRIVERS\msiscsi.sys

2011/01/24 20:56:31.0479 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

2011/01/24 20:56:31.0511 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

2011/01/24 20:56:31.0573 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

2011/01/24 20:56:31.0635 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys

2011/01/24 20:56:31.0745 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys

2011/01/24 20:56:31.0885 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

2011/01/24 20:56:31.0994 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys

2011/01/24 20:56:32.0057 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys

2011/01/24 20:56:32.0135 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys

2011/01/24 20:56:32.0197 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

2011/01/24 20:56:32.0213 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys

2011/01/24 20:56:32.0259 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys

2011/01/24 20:56:32.0322 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

2011/01/24 20:56:32.0400 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

2011/01/24 20:56:32.0478 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

2011/01/24 20:56:32.0509 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

2011/01/24 20:56:32.0571 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

2011/01/24 20:56:32.0681 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys

2011/01/24 20:56:32.0743 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

2011/01/24 20:56:32.0821 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

2011/01/24 20:56:32.0852 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys

2011/01/24 20:56:32.0930 mrxsmb (7afc42e60432fd1014f5342f2b1b1f74) C:\Windows\system32\DRIVERS\mrxsmb.sys

2011/01/24 20:56:32.0961 mrxsmb10 (8a75752ae17924f65452746674b14b78) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2011/01/24 20:56:33.0008 mrxsmb20 (f4d0f3252e651f02be64984ffa738394) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2011/01/24 20:56:33.0055 msahci (d420bc42a637ac3cc4f411220549c0dc) C:\Windows\system32\drivers\msahci.sys

2011/01/24 20:56:33.0086 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys

2011/01/24 20:56:33.0195 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

2011/01/24 20:56:33.0273 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

2011/01/24 20:56:33.0383 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

2011/01/24 20:56:33.0461 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

2011/01/24 20:56:33.0523 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

2011/01/24 20:56:33.0585 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys

2011/01/24 20:56:33.0632 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

2011/01/24 20:56:33.0710 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

2011/01/24 20:56:33.0773 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys

2011/01/24 20:56:33.0866 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys

2011/01/24 20:56:33.0960 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys

2011/01/24 20:56:34.0069 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

2011/01/24 20:56:34.0147 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

2011/01/24 20:56:34.0241 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys

2011/01/24 20:56:34.0334 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

2011/01/24 20:56:34.0428 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

2011/01/24 20:56:34.0521 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys

2011/01/24 20:56:34.0646 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

2011/01/24 20:56:34.0740 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys

2011/01/24 20:56:34.0802 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

2011/01/24 20:56:34.0927 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys

2011/01/24 20:56:35.0021 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

2011/01/24 20:56:35.0083 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

2011/01/24 20:56:35.0489 nvlddmkm (615024cafe830d0bdccafddac8a23650) C:\Windows\system32\DRIVERS\nvlddmkm.sys

2011/01/24 20:56:35.0785 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys

2011/01/24 20:56:35.0847 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys

2011/01/24 20:56:35.0910 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys

2011/01/24 20:56:36.0050 OEM02Dev (9d20fa5d8875f6063aa5e1c44446f698) C:\Windows\system32\DRIVERS\OEM02Dev.sys

2011/01/24 20:56:36.0081 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys

2011/01/24 20:56:36.0175 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys

2011/01/24 20:56:36.0284 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

2011/01/24 20:56:36.0347 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys

2011/01/24 20:56:36.0393 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

2011/01/24 20:56:36.0471 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys

2011/01/24 20:56:36.0549 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys

2011/01/24 20:56:36.0596 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

2011/01/24 20:56:36.0705 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

2011/01/24 20:56:36.0939 pgfilter (2cf226173b467ab48f89d77e89936951) C:\Program Files\PeerGuardian2\pgfilter.sys

2011/01/24 20:56:37.0064 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

2011/01/24 20:56:37.0111 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys

2011/01/24 20:56:37.0205 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys

2011/01/24 20:56:37.0267 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys

2011/01/24 20:56:37.0376 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys

2011/01/24 20:56:37.0454 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

2011/01/24 20:56:37.0532 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

2011/01/24 20:56:37.0673 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys

2011/01/24 20:56:37.0829 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

2011/01/24 20:56:37.0907 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

2011/01/24 20:56:37.0985 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys

2011/01/24 20:56:38.0031 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys

2011/01/24 20:56:38.0109 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys

2011/01/24 20:56:38.0172 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

2011/01/24 20:56:38.0234 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys

2011/01/24 20:56:38.0281 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

2011/01/24 20:56:38.0343 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys

2011/01/24 20:56:38.0421 RFCOMM (34cc78c06587718c2ad6d3aa83b1f072) C:\Windows\system32\DRIVERS\rfcomm.sys

2011/01/24 20:56:38.0515 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys

2011/01/24 20:56:38.0577 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\DRIVERS\rimsptsk.sys

2011/01/24 20:56:38.0609 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys

2011/01/24 20:56:38.0718 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

2011/01/24 20:56:38.0780 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

2011/01/24 20:56:38.0889 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys

2011/01/24 20:56:38.0967 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

2011/01/24 20:56:39.0045 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

2011/01/24 20:56:39.0108 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

2011/01/24 20:56:39.0217 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

2011/01/24 20:56:39.0295 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys

2011/01/24 20:56:39.0342 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys

2011/01/24 20:56:39.0373 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys

2011/01/24 20:56:39.0404 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

2011/01/24 20:56:39.0482 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys

2011/01/24 20:56:39.0513 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys

2011/01/24 20:56:39.0560 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys

2011/01/24 20:56:39.0638 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys

2011/01/24 20:56:39.0732 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

2011/01/24 20:56:39.0872 srv (5754e8bae40943871d0ab9becbf335e8) C:\Windows\system32\DRIVERS\srv.sys

2011/01/24 20:56:39.0919 srv2 (d47b09ff7d28ee44d728f57c2d1fab86) C:\Windows\system32\DRIVERS\srv2.sys

2011/01/24 20:56:39.0981 srvnet (32d52290341a740881521e118106acd6) C:\Windows\system32\DRIVERS\srvnet.sys

2011/01/24 20:56:40.0059 STHDA (5af135b2e2097d4494b9067ce84e2665) C:\Windows\system32\drivers\stwrt.sys

2011/01/24 20:56:40.0153 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

2011/01/24 20:56:40.0215 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

2011/01/24 20:56:40.0262 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

2011/01/24 20:56:40.0309 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

2011/01/24 20:56:40.0403 SynTP (dd17b63f26430e179ef6bdef5ac735bd) C:\Windows\system32\DRIVERS\SynTP.sys

2011/01/24 20:56:40.0543 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys

2011/01/24 20:56:40.0652 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys

2011/01/24 20:56:40.0715 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys

2011/01/24 20:56:40.0777 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

2011/01/24 20:56:40.0855 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

2011/01/24 20:56:40.0933 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys

2011/01/24 20:56:41.0011 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys

2011/01/24 20:56:41.0105 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

2011/01/24 20:56:41.0183 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

2011/01/24 20:56:41.0214 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys

2011/01/24 20:56:41.0292 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys

2011/01/24 20:56:41.0354 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys

2011/01/24 20:56:41.0401 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys

2011/01/24 20:56:41.0448 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys

2011/01/24 20:56:41.0495 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

2011/01/24 20:56:41.0541 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

2011/01/24 20:56:41.0588 umbus (e2d073c5648d5d3b9c686bec2495560e) C:\Windows\system32\DRIVERS\umbus.sys

2011/01/24 20:56:41.0682 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys

2011/01/24 20:56:41.0744 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

2011/01/24 20:56:41.0791 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

2011/01/24 20:56:41.0869 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys

2011/01/24 20:56:41.0931 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys

2011/01/24 20:56:41.0994 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

2011/01/24 20:56:42.0087 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

2011/01/24 20:56:42.0165 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

2011/01/24 20:56:42.0243 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2011/01/24 20:56:42.0306 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

2011/01/24 20:56:42.0353 Suspicious service (NoAccess): vbma92a1

2011/01/24 20:56:42.0399 vbma92a1 (440bf10ed8877b6f9c80badd8b75a6a3) C:\Windows\system32\drivers\vbma92a1.sys

2011/01/24 20:56:42.0399 Suspicious file (NoAccess): C:\Windows\system32\drivers\vbma92a1.sys. md5: 440bf10ed8877b6f9c80badd8b75a6a3

2011/01/24 20:56:42.0399 vbma92a1 - detected Locked service (1)

2011/01/24 20:56:42.0493 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys

2011/01/24 20:56:42.0540 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

2011/01/24 20:56:42.0587 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys

2011/01/24 20:56:42.0618 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys

2011/01/24 20:56:42.0665 viaide (f3b4762eb85a2aff4999401f14c3262b) C:\Windows\system32\drivers\viaide.sys

2011/01/24 20:56:42.0727 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

2011/01/24 20:56:42.0821 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys

2011/01/24 20:56:42.0899 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys

2011/01/24 20:56:42.0961 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys

2011/01/24 20:56:43.0039 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

2011/01/24 20:56:43.0086 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2011/01/24 20:56:43.0133 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2011/01/24 20:56:43.0211 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys

2011/01/24 20:56:43.0289 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

2011/01/24 20:56:43.0429 winachsf (4daca8f07537d4d7e3534bb99294aa26) C:\Windows\system32\DRIVERS\HSX_CNXT.sys

2011/01/24 20:56:43.0601 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

2011/01/24 20:56:43.0694 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys

2011/01/24 20:56:43.0757 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

2011/01/24 20:56:43.0850 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

2011/01/24 20:56:43.0897 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys

2011/01/24 20:56:44.0006 ================================================================================

2011/01/24 20:56:44.0006 Scan finished

2011/01/24 20:56:44.0006 ================================================================================

2011/01/24 20:56:44.0037 Detected object count: 1

2011/01/24 20:56:57.0422 Locked service(vbma92a1) - User select action: Skip

Link to post
Share on other sites

ok, deleted vbma92a1, and rebooted, below is fresh log..

2011/01/24 21:07:43.0676 TDSS rootkit removing tool 2.4.15.0 Jan 22 2011 19:37:53

2011/01/24 21:07:43.0676 ================================================================================

2011/01/24 21:07:43.0676 SystemInfo:

2011/01/24 21:07:43.0676

2011/01/24 21:07:43.0676 OS Version: 6.0.6001 ServicePack: 1.0

2011/01/24 21:07:43.0676 Product type: Workstation

2011/01/24 21:07:43.0676 ComputerName: CALLUM-PC

2011/01/24 21:07:43.0676 UserName: CALLUM

2011/01/24 21:07:43.0676 Windows directory: C:\Windows

2011/01/24 21:07:43.0676 System windows directory: C:\Windows

2011/01/24 21:07:43.0676 Processor architecture: Intel x86

2011/01/24 21:07:43.0676 Number of processors: 2

2011/01/24 21:07:43.0676 Page size: 0x1000

2011/01/24 21:07:43.0676 Boot type: Normal boot

2011/01/24 21:07:43.0676 ================================================================================

2011/01/24 21:07:44.0066 Initialize success

2011/01/24 21:07:47.0451 ================================================================================

2011/01/24 21:07:47.0451 Scan started

2011/01/24 21:07:47.0451 Mode: Manual;

2011/01/24 21:07:47.0451 ================================================================================

2011/01/24 21:07:47.0966 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys

2011/01/24 21:07:48.0169 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys

2011/01/24 21:07:48.0418 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys

2011/01/24 21:07:48.0590 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys

2011/01/24 21:07:48.0699 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys

2011/01/24 21:07:48.0980 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys

2011/01/24 21:07:49.0183 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys

2011/01/24 21:07:49.0276 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

2011/01/24 21:07:49.0370 aliide (dc67a153fdb8105b25d05334b5e1d8e2) C:\Windows\system32\drivers\aliide.sys

2011/01/24 21:07:49.0463 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys

2011/01/24 21:07:49.0573 amdide (835c4c3355088298a5ebd818fa31430f) C:\Windows\system32\drivers\amdide.sys

2011/01/24 21:07:49.0682 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys

2011/01/24 21:07:49.0760 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys

2011/01/24 21:07:49.0978 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys

2011/01/24 21:07:50.0072 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys

2011/01/24 21:07:50.0228 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

2011/01/24 21:07:50.0306 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys

2011/01/24 21:07:50.0540 AVGIDSDriver (5f6c56305ea73760cdafc7604d64bbe0) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys

2011/01/24 21:07:50.0602 AVGIDSEH (20a2d48722cf055c846bdeafa4f733ce) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys

2011/01/24 21:07:50.0649 AVGIDSFilter (0a95333ca80ca8b79d612f3965466cc0) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys

2011/01/24 21:07:50.0696 AVGIDSShim (ab7e4b37126447ffe4fb639901012fb3) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys

2011/01/24 21:07:50.0774 Avgldx86 (5fe5a2c2330c376a1d8dcff8d2680a2d) C:\Windows\system32\DRIVERS\avgldx86.sys

2011/01/24 21:07:50.0836 Avgmfx86 (54f1a9b4c9b540c2d8ac4baa171696b1) C:\Windows\system32\DRIVERS\avgmfx86.sys

2011/01/24 21:07:50.0867 Avgrkx86 (8da3b77993c5f354cc2977b7ea06d03a) C:\Windows\system32\DRIVERS\avgrkx86.sys

2011/01/24 21:07:50.0945 Avgtdix (660788ec46f10ece80274d564fa8b4aa) C:\Windows\system32\DRIVERS\avgtdix.sys

2011/01/24 21:07:51.0039 BCM43XX (746f59822a5187510471fc46889b8cc9) C:\Windows\system32\DRIVERS\bcmwl6.sys

2011/01/24 21:07:51.0179 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\Windows\system32\DRIVERS\bcm4sbxp.sys

2011/01/24 21:07:51.0304 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

2011/01/24 21:07:51.0491 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys

2011/01/24 21:07:51.0585 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

2011/01/24 21:07:51.0632 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

2011/01/24 21:07:51.0694 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

2011/01/24 21:07:51.0741 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

2011/01/24 21:07:51.0788 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

2011/01/24 21:07:51.0835 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

2011/01/24 21:07:51.0913 BthEnum (da7b195275bda7f8fcf79b40e0f45dde) C:\Windows\system32\DRIVERS\BthEnum.sys

2011/01/24 21:07:51.0975 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

2011/01/24 21:07:52.0069 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys

2011/01/24 21:07:52.0209 BTHPORT (73d53f8e90550ba81e2cf44a0873b410) C:\Windows\system32\Drivers\BTHport.sys

2011/01/24 21:07:52.0287 BTHUSB (32045a4bb143bbc5bab1298c4e9e309a) C:\Windows\system32\Drivers\BTHUSB.sys

2011/01/24 21:07:52.0396 btwaudio (4a28e7bd365377d0512b7ef8c7596d2c) C:\Windows\system32\drivers\btwaudio.sys

2011/01/24 21:07:52.0459 btwavdt (5ffde57253d665067b0886612817eb11) C:\Windows\system32\drivers\btwavdt.sys

2011/01/24 21:07:52.0537 btwrchid (ab07dc8b05c31a4f95fc73019be9db15) C:\Windows\system32\DRIVERS\btwrchid.sys

2011/01/24 21:07:52.0615 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

2011/01/24 21:07:52.0708 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys

2011/01/24 21:07:52.0771 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys

2011/01/24 21:07:52.0849 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys

2011/01/24 21:07:52.0989 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

2011/01/24 21:07:53.0036 cmdide (e79cbb2195e965f6e3256e2c1b23fd1c) C:\Windows\system32\drivers\cmdide.sys

2011/01/24 21:07:53.0192 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

2011/01/24 21:07:53.0223 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys

2011/01/24 21:07:53.0285 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys

2011/01/24 21:07:53.0395 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys

2011/01/24 21:07:53.0519 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys

2011/01/24 21:07:53.0629 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

2011/01/24 21:07:53.0722 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys

2011/01/24 21:07:53.0800 e1express (7505290504c8e2d172fa378cc0497bcc) C:\Windows\system32\DRIVERS\e1e6032.sys

2011/01/24 21:07:53.0878 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys

2011/01/24 21:07:53.0956 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys

2011/01/24 21:07:54.0050 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys

2011/01/24 21:07:54.0206 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys

2011/01/24 21:07:54.0253 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys

2011/01/24 21:07:54.0331 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys

2011/01/24 21:07:54.0393 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

2011/01/24 21:07:54.0440 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

2011/01/24 21:07:54.0487 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys

2011/01/24 21:07:54.0549 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys

2011/01/24 21:07:54.0658 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys

2011/01/24 21:07:54.0736 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

2011/01/24 21:07:54.0783 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys

2011/01/24 21:07:54.0845 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys

2011/01/24 21:07:54.0955 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys

2011/01/24 21:07:55.0017 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

2011/01/24 21:07:55.0048 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

2011/01/24 21:07:55.0126 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys

2011/01/24 21:07:55.0345 hitmanpro35 (30b90793a568281bef70fa57dde305a2) C:\Windows\system32\drivers\hitmanpro35.sys

2011/01/24 21:07:55.0423 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys

2011/01/24 21:07:55.0547 HSF_DPV (e9e589c9ab799f52e18f057635a2b362) C:\Windows\system32\DRIVERS\HSX_DPV.sys

2011/01/24 21:07:55.0610 HSXHWAZL (7845d2385f4dc7dfb3ccaf0c2fa4948e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys

2011/01/24 21:07:55.0688 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys

2011/01/24 21:07:55.0750 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys

2011/01/24 21:07:55.0859 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

2011/01/24 21:07:55.0937 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\drivers\iastor.sys

2011/01/24 21:07:56.0000 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys

2011/01/24 21:07:56.0093 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

2011/01/24 21:07:56.0234 intelide (0084046c084d68e494f8cf36bcf08186) C:\Windows\system32\DRIVERS\intelide.sys

2011/01/24 21:07:56.0296 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

2011/01/24 21:07:56.0405 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2011/01/24 21:07:56.0515 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys

2011/01/24 21:07:56.0608 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

2011/01/24 21:07:56.0717 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

2011/01/24 21:07:56.0780 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys

2011/01/24 21:07:56.0889 iScsiPrt (e0305688f179cf488981b47ab9594b68) C:\Windows\system32\DRIVERS\msiscsi.sys

2011/01/24 21:07:56.0936 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

2011/01/24 21:07:56.0998 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

2011/01/24 21:07:57.0092 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

2011/01/24 21:07:57.0139 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys

2011/01/24 21:07:57.0248 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys

2011/01/24 21:07:57.0388 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

2011/01/24 21:07:57.0482 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys

2011/01/24 21:07:57.0560 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys

2011/01/24 21:07:57.0653 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys

2011/01/24 21:07:57.0716 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

2011/01/24 21:07:57.0763 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys

2011/01/24 21:07:57.0825 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys

2011/01/24 21:07:57.0919 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

2011/01/24 21:07:57.0997 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

2011/01/24 21:07:58.0075 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

2011/01/24 21:07:58.0121 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

2011/01/24 21:07:58.0199 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

2011/01/24 21:07:58.0309 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys

2011/01/24 21:07:58.0387 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

2011/01/24 21:07:58.0449 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

2011/01/24 21:07:58.0527 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys

2011/01/24 21:07:58.0621 mrxsmb (7afc42e60432fd1014f5342f2b1b1f74) C:\Windows\system32\DRIVERS\mrxsmb.sys

2011/01/24 21:07:58.0667 mrxsmb10 (8a75752ae17924f65452746674b14b78) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2011/01/24 21:07:58.0730 mrxsmb20 (f4d0f3252e651f02be64984ffa738394) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2011/01/24 21:07:58.0792 msahci (d420bc42a637ac3cc4f411220549c0dc) C:\Windows\system32\drivers\msahci.sys

2011/01/24 21:07:58.0870 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys

2011/01/24 21:07:58.0979 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

2011/01/24 21:07:59.0042 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

2011/01/24 21:07:59.0167 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

2011/01/24 21:07:59.0245 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

2011/01/24 21:07:59.0338 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

2011/01/24 21:07:59.0401 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys

2011/01/24 21:07:59.0479 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

2011/01/24 21:07:59.0557 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

2011/01/24 21:07:59.0635 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys

2011/01/24 21:07:59.0728 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys

2011/01/24 21:07:59.0853 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys

2011/01/24 21:07:59.0962 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

2011/01/24 21:08:00.0025 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

2011/01/24 21:08:00.0103 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys

2011/01/24 21:08:00.0181 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

2011/01/24 21:08:00.0290 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

2011/01/24 21:08:00.0383 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys

2011/01/24 21:08:00.0493 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

2011/01/24 21:08:00.0586 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys

2011/01/24 21:08:00.0649 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

2011/01/24 21:08:00.0773 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys

2011/01/24 21:08:00.0883 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

2011/01/24 21:08:00.0961 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

2011/01/24 21:08:01.0273 nvlddmkm (615024cafe830d0bdccafddac8a23650) C:\Windows\system32\DRIVERS\nvlddmkm.sys

2011/01/24 21:08:01.0538 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys

2011/01/24 21:08:01.0585 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys

2011/01/24 21:08:01.0616 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys

2011/01/24 21:08:01.0772 OEM02Dev (9d20fa5d8875f6063aa5e1c44446f698) C:\Windows\system32\DRIVERS\OEM02Dev.sys

2011/01/24 21:08:01.0803 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys

2011/01/24 21:08:01.0881 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys

2011/01/24 21:08:02.0021 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

2011/01/24 21:08:02.0084 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys

2011/01/24 21:08:02.0115 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

2011/01/24 21:08:02.0193 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys

2011/01/24 21:08:02.0255 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys

2011/01/24 21:08:02.0333 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

2011/01/24 21:08:02.0443 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

2011/01/24 21:08:02.0677 pgfilter (2cf226173b467ab48f89d77e89936951) C:\Program Files\PeerGuardian2\pgfilter.sys

2011/01/24 21:08:02.0801 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

2011/01/24 21:08:02.0848 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys

2011/01/24 21:08:02.0942 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys

2011/01/24 21:08:03.0004 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys

2011/01/24 21:08:03.0098 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys

2011/01/24 21:08:03.0191 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

2011/01/24 21:08:03.0254 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

2011/01/24 21:08:03.0425 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys

2011/01/24 21:08:03.0597 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

2011/01/24 21:08:03.0675 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

2011/01/24 21:08:03.0753 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys

2011/01/24 21:08:03.0800 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys

2011/01/24 21:08:03.0878 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys

2011/01/24 21:08:03.0956 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

2011/01/24 21:08:04.0003 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys

2011/01/24 21:08:04.0049 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

2011/01/24 21:08:04.0112 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys

2011/01/24 21:08:04.0190 RFCOMM (34cc78c06587718c2ad6d3aa83b1f072) C:\Windows\system32\DRIVERS\rfcomm.sys

2011/01/24 21:08:04.0268 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys

2011/01/24 21:08:04.0330 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\DRIVERS\rimsptsk.sys

2011/01/24 21:08:04.0361 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\DRIVERS\rixdptsk.sys

2011/01/24 21:08:04.0471 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

2011/01/24 21:08:04.0533 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

2011/01/24 21:08:04.0627 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys

2011/01/24 21:08:04.0705 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

2011/01/24 21:08:04.0783 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

2011/01/24 21:08:04.0814 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

2011/01/24 21:08:04.0876 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

2011/01/24 21:08:04.0970 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys

2011/01/24 21:08:05.0017 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys

2011/01/24 21:08:05.0063 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys

2011/01/24 21:08:05.0110 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

2011/01/24 21:08:05.0173 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys

2011/01/24 21:08:05.0251 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys

2011/01/24 21:08:05.0329 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys

2011/01/24 21:08:05.0422 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys

2011/01/24 21:08:05.0516 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

2011/01/24 21:08:05.0656 srv (5754e8bae40943871d0ab9becbf335e8) C:\Windows\system32\DRIVERS\srv.sys

2011/01/24 21:08:05.0734 srv2 (d47b09ff7d28ee44d728f57c2d1fab86) C:\Windows\system32\DRIVERS\srv2.sys

2011/01/24 21:08:05.0812 srvnet (32d52290341a740881521e118106acd6) C:\Windows\system32\DRIVERS\srvnet.sys

2011/01/24 21:08:05.0890 STHDA (5af135b2e2097d4494b9067ce84e2665) C:\Windows\system32\drivers\stwrt.sys

2011/01/24 21:08:05.0984 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

2011/01/24 21:08:06.0077 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

2011/01/24 21:08:06.0109 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

2011/01/24 21:08:06.0155 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

2011/01/24 21:08:06.0249 SynTP (dd17b63f26430e179ef6bdef5ac735bd) C:\Windows\system32\DRIVERS\SynTP.sys

2011/01/24 21:08:06.0405 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys

2011/01/24 21:08:06.0530 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys

2011/01/24 21:08:06.0608 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys

2011/01/24 21:08:06.0670 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

2011/01/24 21:08:06.0717 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

2011/01/24 21:08:06.0779 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys

2011/01/24 21:08:06.0842 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys

2011/01/24 21:08:06.0935 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

2011/01/24 21:08:06.0998 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

2011/01/24 21:08:07.0045 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys

2011/01/24 21:08:07.0107 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys

2011/01/24 21:08:07.0169 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys

2011/01/24 21:08:07.0216 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys

2011/01/24 21:08:07.0279 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys

2011/01/24 21:08:07.0325 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

2011/01/24 21:08:07.0403 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

2011/01/24 21:08:07.0481 umbus (e2d073c5648d5d3b9c686bec2495560e) C:\Windows\system32\DRIVERS\umbus.sys

2011/01/24 21:08:07.0559 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys

2011/01/24 21:08:07.0622 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

2011/01/24 21:08:07.0669 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

2011/01/24 21:08:07.0747 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys

2011/01/24 21:08:07.0825 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys

2011/01/24 21:08:07.0887 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

2011/01/24 21:08:07.0949 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

2011/01/24 21:08:08.0027 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

2011/01/24 21:08:08.0137 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2011/01/24 21:08:08.0215 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

2011/01/24 21:08:08.0261 Suspicious service (NoAccess): vbma92a1

2011/01/24 21:08:08.0324 vbma92a1 (440bf10ed8877b6f9c80badd8b75a6a3) C:\Windows\system32\drivers\vbma92a1.sys

2011/01/24 21:08:08.0324 Suspicious file (NoAccess): C:\Windows\system32\drivers\vbma92a1.sys. md5: 440bf10ed8877b6f9c80badd8b75a6a3

2011/01/24 21:08:08.0339 vbma92a1 - detected Locked service (1)

2011/01/24 21:08:08.0449 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys

2011/01/24 21:08:08.0511 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

2011/01/24 21:08:08.0558 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys

2011/01/24 21:08:08.0589 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys

2011/01/24 21:08:08.0636 viaide (f3b4762eb85a2aff4999401f14c3262b) C:\Windows\system32\drivers\viaide.sys

2011/01/24 21:08:08.0714 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

2011/01/24 21:08:08.0776 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys

2011/01/24 21:08:08.0854 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys

2011/01/24 21:08:08.0917 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys

2011/01/24 21:08:08.0995 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

2011/01/24 21:08:09.0057 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2011/01/24 21:08:09.0104 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2011/01/24 21:08:09.0166 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys

2011/01/24 21:08:09.0260 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

2011/01/24 21:08:09.0416 winachsf (4daca8f07537d4d7e3534bb99294aa26) C:\Windows\system32\DRIVERS\HSX_CNXT.sys

2011/01/24 21:08:09.0634 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

2011/01/24 21:08:09.0743 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys

2011/01/24 21:08:09.0806 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

2011/01/24 21:08:09.0931 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

2011/01/24 21:08:09.0993 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys

2011/01/24 21:08:10.0102 ================================================================================

2011/01/24 21:08:10.0102 Scan finished

2011/01/24 21:08:10.0102 ================================================================================

2011/01/24 21:08:10.0118 Detected object count: 1

2011/01/24 21:08:22.0582 HKLM\SYSTEM\ControlSet001\services\vbma92a1 - will be deleted after reboot

2011/01/24 21:08:22.0629 HKLM\SYSTEM\ControlSet109\services\vbma92a1 - will be deleted after reboot

2011/01/24 21:08:22.0676 C:\Windows\system32\drivers\vbma92a1.sys - will be deleted after reboot

2011/01/24 21:08:22.0676 Locked service(vbma92a1) - User select action: Delete

2011/01/24 21:08:27.0387 Deinitialize success

Link to post
Share on other sites

Please go to C:\Program Files\Malwarebytes' Anti-Malware , rename mbam.exe to firefox.exe and then:

  • Launch Malwarebytes' Anti-Malware
  • Go to "Update" tab and select "Check for Updates". If an update is found, it will download and install the latest version.
  • Go to "Scanner" tab and select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

In your next reply, please include these log(s):

  1. Malwarebytes' Anti-Malware log
  2. a new fresh DDS log only

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.