Jump to content

Recommended Posts

Hi there,

I'm a bit of a novice when it comes to removing viruses. malware, adware etc if my anti-virus, mcafee, malwarebytes or superantiapyware doesnt pick it up and remove it, clean it up for me.

The problem is that not long after buying my laptop a few months ago I picked up a few trojans, a few at least that were picked up by the software above, poss more. I did my best to clean the system up and make sure that there was nothing else on the computer causing problems but unfortunately there is. I've been doing a college project that requires quite a lot of searching for information, quotes, images etc. Obviously because of this I'm not always sure just how safe some of these sites are, especially the google images that I've been clicking on to download and print out to go with my project.

Yesterday I was searching google images trying to find some good pictures of wild heather plants but when I clicked on them I was being redirected to a site that had nothing to do with this. I thought it was a bit suspicious but stupidly carried on. I then searched for images of wild meadow flowers. At first it seemed ok but when I clicked on one I got redirected to a site called "componentsprotector.com," this was a fake anti-virus scan called "My Computer online scan" It did the fake scan but then a pop-up said my files were being downloaded. Not to sure what to think of this, whether they were or not but either way I knew my computer was infected.

The problem is Mcafee picked up nothing on the scan, Malwarebytes picked up 1 Trojan.FakeAlert. This to go along with the already quarantined Trojans in my registry keys and SUPERantispyware picked up 300 odd tracking cookies. When I tried to re-run Malwarebytes it jumped from the 190th odd object to about 29,000 odd and also took at least twice as long as before. This meant it avoided scanning my registry keys. I've tried a few times since with the same results, it always skips the first 29,000 odd objects. I've got a lot of work to do and I need my laptop, internet to do it. Please could someone advise what best to do. Is Malwarebytes infected. Should I re-install it changing the name and .exe name. Please help or advise!!! FRUSTRATED NOVICE!!!

Link to post
Share on other sites

Hello Rustybaw! Welcome to Malwarebytes' Anti-Malware Forums!

My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following:

  • The process of cleaning your system may take some time, so please be patient.
  • Follow my instructions step by step if there is a problem somewhere, stop and tell me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • If you don't know or can't understand something please ask.
  • Do not install or uninstall any software or hardware, while work on.
  • Keep me informed about any changes.

Step 1

[*]Launch Malwarebytes' Anti-Malware

[*]Go to Update" tab and select Check for Updates. If an update is found, it will download and install the latest version. If you already

Link to post
Share on other sites

Hello Rustybaw! Welcome to Malwarebytes' Anti-Malware Forums!

My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following:

  • The process of cleaning your system may take some time, so please be patient.
  • Follow my instructions step by step if there is a problem somewhere, stop and tell me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • If you don't know or can't understand something please ask.
  • Do not install or uninstall any software or hardware, while work on.
  • Keep me informed about any changes.

Step 1

[*]Launch Malwarebytes' Anti-Malware

[*]Go to Update" tab and select Check for Updates. If an update is found, it will download and install the latest version. If you already

Link to post
Share on other sites

Hello Rustybaw! Welcome to Malwarebytes' Anti-Malware Forums!

My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following:

  • The process of cleaning your system may take some time, so please be patient.
  • Follow my instructions step by step if there is a problem somewhere, stop and tell me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • If you don't know or can't understand something please ask.
  • Do not install or uninstall any software or hardware, while work on.
  • Keep me informed about any changes.

Step 1

[*]Launch Malwarebytes' Anti-Malware

[*]Go to Update" tab and select Check for Updates. If an update is found, it will download and install the latest version. If you already

Attach.zip

Link to post
Share on other sites

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on -TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, choose it.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • Click the Report button and copy/paste the contents of it into your next reply

Note:It will also create a log in the C:\ directory.

Link to post
Share on other sites

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on -TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, choose it.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • Click the Report button and copy/paste the contents of it into your next reply

Note:It will also create a log in the C:\ directory.

Here's the report for you.

2011/02/05 13:43:02.0244 2144 TDSS rootkit removing tool 2.4.16.0 Feb 1 2011 10:34:03

2011/02/05 13:43:04.0247 2144 ================================================================================

2011/02/05 13:43:04.0247 2144 SystemInfo:

2011/02/05 13:43:04.0247 2144

2011/02/05 13:43:04.0247 2144 OS Version: 6.1.7600 ServicePack: 0.0

2011/02/05 13:43:04.0247 2144 Product type: Workstation

2011/02/05 13:43:04.0247 2144 ComputerName: RUSSELL-VAIO

2011/02/05 13:43:04.0247 2144 UserName: Russell

2011/02/05 13:43:04.0247 2144 Windows directory: C:\Windows

2011/02/05 13:43:04.0247 2144 System windows directory: C:\Windows

2011/02/05 13:43:04.0247 2144 Running under WOW64

2011/02/05 13:43:04.0247 2144 Processor architecture: Intel x64

2011/02/05 13:43:04.0247 2144 Number of processors: 2

2011/02/05 13:43:04.0247 2144 Page size: 0x1000

2011/02/05 13:43:04.0247 2144 Boot type: Normal boot

2011/02/05 13:43:04.0247 2144 ================================================================================

2011/02/05 13:43:05.0073 2144 Initialize success

2011/02/05 13:44:24.0408 1532 ================================================================================

2011/02/05 13:44:24.0408 1532 Scan started

2011/02/05 13:44:24.0408 1532 Mode: Manual;

2011/02/05 13:44:24.0408 1532 ================================================================================

2011/02/05 13:44:26.0108 1532 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys

2011/02/05 13:44:26.0639 1532 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys

2011/02/05 13:44:27.0138 1532 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys

2011/02/05 13:44:27.0497 1532 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys

2011/02/05 13:44:28.0058 1532 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys

2011/02/05 13:44:28.0401 1532 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys

2011/02/05 13:44:28.0916 1532 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys

2011/02/05 13:44:29.0400 1532 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

2011/02/05 13:44:30.0024 1532 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

2011/02/05 13:44:30.0554 1532 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

2011/02/05 13:44:31.0740 1532 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys

2011/02/05 13:44:32.0801 1532 amdkmdag (d1d06810bf7e21f5763eb06cb7e7262b) C:\Windows\system32\DRIVERS\atipmdag.sys

2011/02/05 13:44:33.0518 1532 amdkmdap (6ba71d6616b56816e57394d77dd1bb6f) C:\Windows\system32\DRIVERS\atikmpag.sys

2011/02/05 13:44:34.0236 1532 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys

2011/02/05 13:44:34.0673 1532 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\Windows\system32\drivers\amdsata.sys

2011/02/05 13:44:35.0359 1532 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys

2011/02/05 13:44:35.0936 1532 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\Windows\system32\drivers\amdxata.sys

2011/02/05 13:44:36.0513 1532 amd_sata (08e8a4172c57abd7693a6915cf1e7a99) C:\Windows\system32\DRIVERS\amd_sata.sys

2011/02/05 13:44:37.0824 1532 amd_xata (9866af4e4ad7f16e810b6c0b8473f9cd) C:\Windows\system32\DRIVERS\amd_xata.sys

2011/02/05 13:44:38.0588 1532 ApfiltrService (2672a9dbaa6a8deea7ec8c7892e32a03) C:\Windows\system32\drivers\Apfiltr.sys

2011/02/05 13:44:39.0150 1532 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

2011/02/05 13:44:39.0805 1532 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys

2011/02/05 13:44:40.0367 1532 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys

2011/02/05 13:44:41.0225 1532 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys

2011/02/05 13:44:41.0911 1532 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

2011/02/05 13:44:42.0847 1532 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

2011/02/05 13:44:43.0845 1532 athr (d6cad7e5b05055bb8226bdcb1644da27) C:\Windows\system32\DRIVERS\athrx.sys

2011/02/05 13:44:44.0735 1532 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\drivers\AtiPcie.sys

2011/02/05 13:44:45.0951 1532 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys

2011/02/05 13:44:46.0763 1532 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

2011/02/05 13:44:47.0636 1532 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

2011/02/05 13:44:49.0040 1532 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys

2011/02/05 13:44:49.0695 1532 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys

2011/02/05 13:44:50.0460 1532 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys

2011/02/05 13:44:51.0177 1532 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys

2011/02/05 13:44:52.0176 1532 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

2011/02/05 13:44:53.0346 1532 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

2011/02/05 13:44:53.0673 1532 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

2011/02/05 13:44:54.0001 1532 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

2011/02/05 13:44:55.0062 1532 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys

2011/02/05 13:44:55.0405 1532 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys

2011/02/05 13:44:55.0764 1532 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

2011/02/05 13:44:56.0279 1532 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\Windows\system32\Drivers\BTHport.sys

2011/02/05 13:44:57.0137 1532 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\Windows\system32\Drivers\BTHUSB.sys

2011/02/05 13:44:57.0683 1532 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys

2011/02/05 13:44:58.0073 1532 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\drivers\btwrchid.sys

2011/02/05 13:44:58.0431 1532 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

2011/02/05 13:44:58.0899 1532 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\drivers\cdrom.sys

2011/02/05 13:44:59.0321 1532 cfwids (e02c9cdb15f13de4eb2ff67660e62317) C:\Windows\system32\drivers\cfwids.sys

2011/02/05 13:44:59.0679 1532 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys

2011/02/05 13:44:59.0929 1532 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

2011/02/05 13:45:00.0569 1532 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys

2011/02/05 13:45:01.0052 1532 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

2011/02/05 13:45:01.0380 1532 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys

2011/02/05 13:45:01.0723 1532 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys

2011/02/05 13:45:02.0051 1532 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys

2011/02/05 13:45:02.0394 1532 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys

2011/02/05 13:45:02.0815 1532 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys

2011/02/05 13:45:03.0143 1532 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

2011/02/05 13:45:03.0501 1532 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys

2011/02/05 13:45:03.0845 1532 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

2011/02/05 13:45:04.0235 1532 DXGKrnl (24ce1ecf9d0ae0301775b07f5fea175b) C:\Windows\System32\drivers\dxgkrnl.sys

2011/02/05 13:45:04.0703 1532 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys

2011/02/05 13:45:05.0155 1532 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys

2011/02/05 13:45:05.0514 1532 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

2011/02/05 13:45:06.0122 1532 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

2011/02/05 13:45:06.0481 1532 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

2011/02/05 13:45:06.0793 1532 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys

2011/02/05 13:45:07.0136 1532 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

2011/02/05 13:45:07.0480 1532 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

2011/02/05 13:45:07.0792 1532 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys

2011/02/05 13:45:08.0150 1532 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

2011/02/05 13:45:08.0525 1532 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

2011/02/05 13:45:08.0852 1532 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys

2011/02/05 13:45:09.0180 1532 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

2011/02/05 13:45:09.0554 1532 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

2011/02/05 13:45:09.0913 1532 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys

2011/02/05 13:45:10.0288 1532 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

2011/02/05 13:45:10.0631 1532 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

2011/02/05 13:45:11.0083 1532 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys

2011/02/05 13:45:12.0019 1532 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys

2011/02/05 13:45:12.0862 1532 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys

2011/02/05 13:45:13.0782 1532 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys

2011/02/05 13:45:14.0843 1532 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\drivers\hidusb.sys

2011/02/05 13:45:16.0403 1532 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys

2011/02/05 13:45:17.0276 1532 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

2011/02/05 13:45:17.0932 1532 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

2011/02/05 13:45:18.0790 1532 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

2011/02/05 13:45:19.0804 1532 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\drivers\iaStorV.sys

2011/02/05 13:45:20.0786 1532 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys

2011/02/05 13:45:22.0019 1532 IntcAzAudAddService (490947a9aff7ca31ef2e08f5776105eb) C:\Windows\system32\drivers\RTKVHD64.sys

2011/02/05 13:45:22.0674 1532 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

2011/02/05 13:45:23.0532 1532 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys

2011/02/05 13:45:24.0468 1532 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2011/02/05 13:45:25.0108 1532 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys

2011/02/05 13:45:25.0810 1532 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

2011/02/05 13:45:26.0870 1532 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

2011/02/05 13:45:27.0697 1532 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

2011/02/05 13:45:28.0540 1532 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys

2011/02/05 13:45:29.0179 1532 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

2011/02/05 13:45:29.0928 1532 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\drivers\kbdhid.sys

2011/02/05 13:45:30.0770 1532 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys

2011/02/05 13:45:31.0441 1532 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys

2011/02/05 13:45:32.0096 1532 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

2011/02/05 13:45:32.0908 1532 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

2011/02/05 13:45:33.0641 1532 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys

2011/02/05 13:45:34.0639 1532 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys

2011/02/05 13:45:35.0575 1532 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys

2011/02/05 13:45:36.0480 1532 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys

2011/02/05 13:45:37.0135 1532 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

2011/02/05 13:45:38.0118 1532 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys

2011/02/05 13:45:38.0836 1532 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys

2011/02/05 13:45:39.0772 1532 mfeapfk (c1556ca9695fcd6bbd23d75d402fd43d) C:\Windows\system32\drivers\mfeapfk.sys

2011/02/05 13:45:40.0661 1532 mfeavfk (8857ee8b49f3338fc1fad476bfcca146) C:\Windows\system32\drivers\mfeavfk.sys

2011/02/05 13:45:41.0893 1532 mfefirek (19c44295f6bf085c83352d48397f7870) C:\Windows\system32\drivers\mfefirek.sys

2011/02/05 13:45:42.0236 1532 mfehidk (5f915e20ab56121c41c6bf9a91a83bda) C:\Windows\system32\drivers\mfehidk.sys

2011/02/05 13:45:42.0580 1532 mfenlfk (23ae332e32ff615ca5e5224c8d91af11) C:\Windows\system32\DRIVERS\mfenlfk.sys

2011/02/05 13:45:43.0547 1532 mferkdet (9c7a9273e345f8d653394b5c542bf86a) C:\Windows\system32\drivers\mferkdet.sys

2011/02/05 13:45:44.0857 1532 mfewfpk (3140b2c56d7119ba314f68fc785683f0) C:\Windows\system32\drivers\mfewfpk.sys

2011/02/05 13:45:46.0168 1532 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

2011/02/05 13:45:46.0745 1532 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

2011/02/05 13:45:47.0462 1532 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys

2011/02/05 13:45:48.0180 1532 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys

2011/02/05 13:45:48.0632 1532 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

2011/02/05 13:45:49.0178 1532 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys

2011/02/05 13:45:49.0678 1532 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

2011/02/05 13:45:50.0099 1532 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

2011/02/05 13:45:50.0567 1532 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys

2011/02/05 13:45:51.0082 1532 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2011/02/05 13:45:51.0534 1532 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2011/02/05 13:45:51.0986 1532 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys

2011/02/05 13:45:52.0532 1532 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys

2011/02/05 13:45:53.0047 1532 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

2011/02/05 13:45:53.0562 1532 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

2011/02/05 13:45:53.0952 1532 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

2011/02/05 13:45:54.0467 1532 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

2011/02/05 13:45:54.0966 1532 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

2011/02/05 13:45:55.0418 1532 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

2011/02/05 13:45:55.0996 1532 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

2011/02/05 13:45:56.0526 1532 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

2011/02/05 13:45:56.0978 1532 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

2011/02/05 13:45:57.0415 1532 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys

2011/02/05 13:45:57.0899 1532 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

2011/02/05 13:45:58.0554 1532 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

2011/02/05 13:45:59.0053 1532 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

2011/02/05 13:45:59.0599 1532 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

2011/02/05 13:46:00.0176 1532 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

2011/02/05 13:46:00.0691 1532 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

2011/02/05 13:46:01.0222 1532 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

2011/02/05 13:46:01.0783 1532 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

2011/02/05 13:46:02.0314 1532 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

2011/02/05 13:46:02.0922 1532 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

2011/02/05 13:46:03.0530 1532 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys

2011/02/05 13:46:04.0092 1532 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

2011/02/05 13:46:04.0654 1532 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

2011/02/05 13:46:05.0168 1532 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys

2011/02/05 13:46:05.0699 1532 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

2011/02/05 13:46:06.0182 1532 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\drivers\nvraid.sys

2011/02/05 13:46:06.0682 1532 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\drivers\nvstor.sys

2011/02/05 13:46:07.0274 1532 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

2011/02/05 13:46:07.0789 1532 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

2011/02/05 13:46:08.0273 1532 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys

2011/02/05 13:46:08.0725 1532 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

2011/02/05 13:46:09.0193 1532 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys

2011/02/05 13:46:09.0630 1532 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

2011/02/05 13:46:10.0067 1532 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys

2011/02/05 13:46:10.0550 1532 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

2011/02/05 13:46:11.0174 1532 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

2011/02/05 13:46:11.0783 1532 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

2011/02/05 13:46:12.0313 1532 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys

2011/02/05 13:46:12.0766 1532 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

2011/02/05 13:46:13.0296 1532 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys

2011/02/05 13:46:13.0873 1532 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys

2011/02/05 13:46:14.0497 1532 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys

2011/02/05 13:46:15.0090 1532 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

2011/02/05 13:46:15.0605 1532 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

2011/02/05 13:46:16.0182 1532 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

2011/02/05 13:46:16.0650 1532 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

2011/02/05 13:46:17.0056 1532 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

2011/02/05 13:46:17.0539 1532 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

2011/02/05 13:46:18.0054 1532 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

2011/02/05 13:46:18.0460 1532 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys

2011/02/05 13:46:18.0928 1532 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

2011/02/05 13:46:19.0645 1532 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

2011/02/05 13:46:20.0113 1532 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

2011/02/05 13:46:20.0690 1532 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

2011/02/05 13:46:21.0236 1532 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

2011/02/05 13:46:21.0720 1532 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

2011/02/05 13:46:22.0250 1532 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

2011/02/05 13:46:22.0781 1532 RSUSBSTOR (5aab4808e8ccae8c2ecda5b791260616) C:\Windows\system32\Drivers\RtsUStor.sys

2011/02/05 13:46:23.0233 1532 RTHDMIAzAudService (d6d381b76056c668679723938f06f16c) C:\Windows\system32\drivers\RtHDMIVX.sys

2011/02/05 13:46:23.0732 1532 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys

2011/02/05 13:46:23.0935 1532 SASDIFSV (99df79c258b3342b6c8a5f802998de56) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

2011/02/05 13:46:23.0998 1532 SASKUTIL (2859c35c0651e8eb0d86d48e740388f2) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

2011/02/05 13:46:24.0434 1532 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys

2011/02/05 13:46:24.0809 1532 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

2011/02/05 13:46:25.0370 1532 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

2011/02/05 13:46:25.0823 1532 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys

2011/02/05 13:46:26.0228 1532 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys

2011/02/05 13:46:26.0665 1532 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys

2011/02/05 13:46:27.0211 1532 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys

2011/02/05 13:46:27.0695 1532 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

2011/02/05 13:46:28.0225 1532 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

2011/02/05 13:46:28.0678 1532 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys

2011/02/05 13:46:29.0177 1532 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys

2011/02/05 13:46:30.0128 1532 Sftfs (72cd52403efc137290cb5a328510ebca) C:\Windows\system32\DRIVERS\Sftfslh.sys

2011/02/05 13:46:30.0628 1532 Sftplay (31a36ef71af36eabcc4b4f8ab8f76465) C:\Windows\system32\DRIVERS\Sftplaylh.sys

2011/02/05 13:46:31.0142 1532 Sftredir (2d969194fcc8eb41ed1d52863bfe7f52) C:\Windows\system32\DRIVERS\Sftredirlh.sys

2011/02/05 13:46:31.0626 1532 Sftvol (08b36d2f63af3ca2248458a4280c0c50) C:\Windows\system32\DRIVERS\Sftvollh.sys

2011/02/05 13:46:32.0110 1532 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys

2011/02/05 13:46:32.0593 1532 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys

2011/02/05 13:46:33.0092 1532 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

2011/02/05 13:46:33.0670 1532 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

2011/02/05 13:46:34.0138 1532 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys

2011/02/05 13:46:34.0668 1532 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys

2011/02/05 13:46:35.0167 1532 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys

2011/02/05 13:46:36.0041 1532 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys

2011/02/05 13:46:36.0587 1532 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

2011/02/05 13:46:37.0102 1532 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys

2011/02/05 13:46:37.0788 1532 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys

2011/02/05 13:46:38.0225 1532 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

2011/02/05 13:46:38.0740 1532 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

2011/02/05 13:46:39.0239 1532 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

2011/02/05 13:46:39.0707 1532 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

2011/02/05 13:46:40.0331 1532 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys

2011/02/05 13:46:40.0783 1532 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

2011/02/05 13:46:41.0345 1532 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

2011/02/05 13:46:41.0860 1532 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys

2011/02/05 13:46:42.0406 1532 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys

2011/02/05 13:46:42.0952 1532 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

2011/02/05 13:46:43.0482 1532 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

2011/02/05 13:46:43.0934 1532 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys

2011/02/05 13:46:44.0387 1532 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys

2011/02/05 13:46:44.0761 1532 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

2011/02/05 13:46:45.0260 1532 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\drivers\usbehci.sys

2011/02/05 13:46:45.0869 1532 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys

2011/02/05 13:46:46.0462 1532 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\drivers\usbhub.sys

2011/02/05 13:46:46.0836 1532 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys

2011/02/05 13:46:47.0335 1532 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

2011/02/05 13:46:47.0772 1532 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

2011/02/05 13:46:48.0209 1532 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2011/02/05 13:46:48.0646 1532 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys

2011/02/05 13:46:49.0114 1532 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys

2011/02/05 13:46:49.0706 1532 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

2011/02/05 13:46:50.0190 1532 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

2011/02/05 13:46:50.0736 1532 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

2011/02/05 13:46:51.0204 1532 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys

2011/02/05 13:46:51.0703 1532 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

2011/02/05 13:46:52.0124 1532 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys

2011/02/05 13:46:52.0608 1532 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

2011/02/05 13:46:53.0201 1532 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys

2011/02/05 13:46:53.0669 1532 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys

2011/02/05 13:46:54.0184 1532 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

2011/02/05 13:46:54.0698 1532 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

2011/02/05 13:46:55.0478 1532 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

2011/02/05 13:46:56.0258 1532 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys

2011/02/05 13:46:57.0226 1532 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

2011/02/05 13:46:57.0257 1532 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

2011/02/05 13:46:57.0772 1532 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys

2011/02/05 13:46:59.0176 1532 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

2011/02/05 13:46:59.0784 1532 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

2011/02/05 13:47:00.0439 1532 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

2011/02/05 13:47:01.0360 1532 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

2011/02/05 13:47:02.0155 1532 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

2011/02/05 13:47:02.0842 1532 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

2011/02/05 13:47:03.0669 1532 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

2011/02/05 13:47:03.0809 1532 ================================================================================

2011/02/05 13:47:03.0809 1532 Scan finished

2011/02/05 13:47:03.0809 1532 ================================================================================

Link to post
Share on other sites

Thanks!

**Note: If you need more detailed information, please visit the web page of ComboFix in BleepingComputer. **

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper.

Please download ComboFix from

Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**

  1. If you are using Firefox, make sure that your download settings are as follows:
    • Open Tools -> Options -> Main tab
    • Set to Always ask me where to Save the files.

[*]During the download, rename Combofix to Combo-Fix as follows:

CF_download_FF.gif

CF_download_rename.gif

[*]It is important you rename Combofix during the download, but not after.

[*]Please do not rename Combofix to other names, but only to the one indicated.

[*]Close any open browsers.

[*]Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

-----------------------------------------------------------

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause unpredictable results.
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

    -----------------------------------------------------------


  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

-----------------------------------------------------------

[*]Double click on combo-Fix.exe & follow the prompts.

[*]When finished, it will produce a report for you.

[*]Please post the C:\Combo-Fix.txt for further review.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

Link to post
Share on other sites

Thanks!

**Note: If you need more detailed information, please visit the web page of ComboFix in BleepingComputer. **

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper.

Please download ComboFix from

Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**

  1. If you are using Firefox, make sure that your download settings are as follows:
    • Open Tools -> Options -> Main tab
    • Set to Always ask me where to Save the files.

[*]During the download, rename Combofix to Combo-Fix as follows:

CF_download_FF.gif

CF_download_rename.gif

[*]It is important you rename Combofix during the download, but not after.

[*]Please do not rename Combofix to other names, but only to the one indicated.

[*]Close any open browsers.

[*]Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

-----------------------------------------------------------

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause unpredictable results.
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

    -----------------------------------------------------------


  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

-----------------------------------------------------------

[*]Double click on combo-Fix.exe & follow the prompts.

[*]When finished, it will produce a report for you.

[*]Please post the C:\Combo-Fix.txt for further review.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

Sorry Borislav, I'm going to have to get back to you towards the end of the week. Need to head off up North for college tomorrow. Thanks for your help so far, I'll post you when I'm back.

Link to post
Share on other sites

No problem :)

Hi Borislav. I'm using google chrome. I Just tried downloading ComboFix to my desktop and change the programs name to Combo-Fix whilst downloading. I wasnt able to change its name before it was downloaded and am not sure how as it downloaded almost instantaneously to the bottom left of my screen. I didnt get the option as to where to save it to so its been saved to computer, local disk C drive.

I am running Mcafee, should I just disable real-time scanning or disable my firewall, anti-spam and site advisor as well ? As for script blocking, I've had a quick look online to see how best to do this but though it best to ask yourself if and what else I would need to do to disable these.

Please advise.

Thanks in advance.

Link to post
Share on other sites

No problem :)

Hello again.

I think I've worked how to change the download options on chrome. I've clicked on the spanner icon then on download options I've ticked the "please prompt me where to save downloads" box. Should I uninstall my previously downloaded version of ComboFix before renaming then downloading again to my desktop ?

As for the second part of my last post, I still need your advice before proceeding.

Thanks Borislav.

Link to post
Share on other sites

No problem :)

I just turned my laptop back on to ask you a question when a pop up for driver software installation appeared with usb composite device and sony visual communication camera now both ready to use ??? I didn't authorise this. Should this have happened automatically ? Not sure if I'm just being paranoid now.

Anyway, my question was should I be running the scans for programs such as ComboFix in safe mode ?

Link to post
Share on other sites

If you had read my instructions carefully you would understand the need to temporarily disable your antivirus software. This is especially true for McAfee.

Before you go, you need a updated version of ComboFix, so delete your copy of ComboFix and download a new fresh one then try to run it.

About the drivers, your Windows should automatically check for available drivers for them.

Link to post
Share on other sites

If you had read my instructions carefully you would understand the need to temporarily disable your antivirus software. This is especially true for McAfee.

Before you go, you need a updated version of ComboFix, so delete your copy of ComboFix and download a new fresh one then try to run it.

About the drivers, your Windows should automatically check for available drivers for them.

Point taken Borislav but I was aware that I would have to disable my antivirus. The problem was more that I wasn't, am not completely sure how to do this. Its Mcafee with real time protection. I know how to turn off real time protection but I'm not sure if this is enough. As I've read just how powerful ComboFix can be and how many problems it can create if not used properly or if I have not taken all the precautions that you advise like disabling my antivirus, script blocking etc. I want to make sure I am following your instructions correctly. As I'm not as advanced or as computer literate as you I thought it safer to check than to go ahead and get it wrong with possibly irreversible effects.

I dont know how to turn off mcafee.

I'm not sure if superantispyware free edition needs any action taken. As far as I was aware its not got real time protection but it is showing as a running process in my task manager.

I dont know what has script blocking or how to turn it off.

I read that my dvd drive can interfere with ComboFix. Is this true ?

How do I uninstall ComboFix so that I can download it again to my desktop ?

Should I disable my firewall ?

Sorry for any confusion Borislav and sorry for being a pest with my questions I just don't want to make any mistakes.

Link to post
Share on other sites

I read that my dvd drive can interfere with ComboFix. Is this true ?

No, it's not.

How do I uninstall ComboFix so that I can download it again to my desktop ?

I already told you:

Before you go, you need a updated version of ComboFix, so delete your copy of ComboFix and download a new fresh one then try to run it.

Manually delete it, you should run CF for the first time before uninstall it.

Should I disable my firewall ?
**Note: If you need more detailed information, please visit the web page of ComboFix in BleepingComputer. **

http://www.bleepingcomputer.com/forums/topic114351.html

Link to post
Share on other sites

No, it's not.

I already told you:

Manually delete it, you should run CF for the first time before uninstall it.

http://www.bleepingcomputer.com/forums/topic114351.html

Hi Borislav.

Sorry if I annoyed you. Computers and viruses are your expertise. I am pretty naive when it comes to this.

BleepingComputer advises what I was only guessing at. Turning off Mcafee realtime protection and disabling the firewall is whats important. Thats fine, I know how to do this.

The more I read about ComboFix though, the more worried I am about running it without someone like yourself to guide me through it.

Please forgive me for my questions, I can see how you might find these tedious especially when you have others to help as well.

If you still think it is best for me to proceed with downloading ComboFix then I will.

Please advise.

Link to post
Share on other sites

Yes, please.

Back again. Been a bit busy. Also been seeking advice on ComboFix as it scares me to death the thought of what this can do.

Will it delete ant programs on my computer or change any of my settings ? Should I set a system restore date or backup my files ?

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.