firlos Posted February 7, 2011 ID:385238 Share Posted February 7, 2011 I got the windisk virus or what have you the other day and i was able to get rid of that but i still have my google search results being hijacked and internet explorer is always running with two copies and i get random sound clips and ads playing on my computer please help me, here are the logs you asked for.DDS lOGDDS (Ver_10-12-12.02) - NTFSx86 Run by Rick at 15:35:27.20 on Sun 02/06/2011Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_23Microsoft Link to post Share on other sites More sharing options...
firlos Posted February 7, 2011 Author ID:385256 Share Posted February 7, 2011 here is avira logAvira AntiVir PersonalReport file date: Sunday, February 06, 2011 13:53Scanning for 2457918 virus strains and unwanted programs.The program is running as an unrestricted full version.Online services are available:Licensee : Avira AntiVir Personal - FREE AntivirusSerial number : 0000149996-ADJIE-0000001Platform : Windows VistaWindows version : (Service Pack 2) [6.0.6002]Boot mode : Normally bootedUsername : RickComputer name : KNOBLESSVersion information:BUILD.DAT : 10.0.0.611 31824 Bytes 1/14/2011 13:42:00AVSCAN.EXE : 10.0.3.5 435368 Bytes 1/10/2011 22:23:31AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 20:57:04LUKE.DLL : 10.0.3.2 104296 Bytes 1/10/2011 22:23:40LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 07:40:49VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 17:05:36VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 22:23:50VBASE002.VDF : 7.11.0.1 2048 Bytes 12/14/2010 22:23:50VBASE003.VDF : 7.11.0.2 2048 Bytes 12/14/2010 22:23:50VBASE004.VDF : 7.11.0.3 2048 Bytes 12/14/2010 22:23:50VBASE005.VDF : 7.11.0.4 2048 Bytes 12/14/2010 22:23:50VBASE006.VDF : 7.11.0.5 2048 Bytes 12/14/2010 22:23:50VBASE007.VDF : 7.11.0.6 2048 Bytes 12/14/2010 22:23:50VBASE008.VDF : 7.11.0.7 2048 Bytes 12/14/2010 22:23:50VBASE009.VDF : 7.11.0.8 2048 Bytes 12/14/2010 22:23:50VBASE010.VDF : 7.11.0.9 2048 Bytes 12/14/2010 22:23:50VBASE011.VDF : 7.11.0.10 2048 Bytes 12/14/2010 22:23:50VBASE012.VDF : 7.11.0.11 2048 Bytes 12/14/2010 22:23:50VBASE013.VDF : 7.11.0.52 128000 Bytes 12/16/2010 23:54:35VBASE014.VDF : 7.11.0.91 226816 Bytes 12/20/2010 01:12:47VBASE015.VDF : 7.11.0.122 136192 Bytes 12/21/2010 03:09:26VBASE016.VDF : 7.11.0.156 122880 Bytes 12/24/2010 17:41:13VBASE017.VDF : 7.11.0.185 146944 Bytes 12/27/2010 22:39:57VBASE018.VDF : 7.11.0.228 132608 Bytes 12/30/2010 00:23:58VBASE019.VDF : 7.11.1.5 148480 Bytes 1/3/2011 01:45:39VBASE020.VDF : 7.11.1.37 156672 Bytes 1/7/2011 17:30:06VBASE021.VDF : 7.11.1.65 140800 Bytes 1/10/2011 21:12:43VBASE022.VDF : 7.11.1.87 225280 Bytes 1/11/2011 22:47:36VBASE023.VDF : 7.11.1.124 125440 Bytes 1/14/2011 21:37:03VBASE024.VDF : 7.11.1.155 132096 Bytes 1/17/2011 21:37:05VBASE025.VDF : 7.11.1.189 451072 Bytes 1/20/2011 21:37:13VBASE026.VDF : 7.11.1.230 138752 Bytes 1/24/2011 21:37:15VBASE027.VDF : 7.11.2.12 164352 Bytes 1/27/2011 21:37:15VBASE028.VDF : 7.11.2.43 178176 Bytes 2/1/2011 21:37:16VBASE029.VDF : 7.11.2.78 206336 Bytes 2/4/2011 21:37:17VBASE030.VDF : 7.11.2.79 2048 Bytes 2/4/2011 21:37:17VBASE031.VDF : 7.11.2.83 18944 Bytes 2/6/2011 21:37:17Engineversion : 8.2.4.162 AEVDF.DLL : 8.1.2.1 106868 Bytes 1/10/2011 22:23:26AESCRIPT.DLL : 8.1.3.53 1282427 Bytes 2/6/2011 21:37:41AESCN.DLL : 8.1.7.2 127349 Bytes 1/10/2011 22:23:26AESBX.DLL : 8.1.3.2 254324 Bytes 1/10/2011 22:23:26AERDL.DLL : 8.1.9.2 635252 Bytes 1/10/2011 22:23:25AEPACK.DLL : 8.2.4.9 512374 Bytes 2/6/2011 21:37:39AEOFFICE.DLL : 8.1.1.16 205179 Bytes 2/6/2011 21:37:35AEHEUR.DLL : 8.1.2.73 3207541 Bytes 2/6/2011 21:37:33AEHELP.DLL : 8.1.16.1 246134 Bytes 2/6/2011 21:37:21AEGEN.DLL : 8.1.5.2 397683 Bytes 2/6/2011 21:37:20AEEMU.DLL : 8.1.3.0 393589 Bytes 1/10/2011 22:23:18AECORE.DLL : 8.1.19.2 196983 Bytes 2/6/2011 21:37:18AEBB.DLL : 8.1.1.0 53618 Bytes 1/10/2011 22:23:18AVWINLL.DLL : 10.0.0.0 19304 Bytes 1/10/2011 22:23:32AVPREF.DLL : 10.0.0.0 44904 Bytes 1/10/2011 22:23:30AVREP.DLL : 10.0.0.8 62209 Bytes 6/17/2010 22:27:13AVREG.DLL : 10.0.3.2 53096 Bytes 1/10/2011 22:23:31AVSCPLR.DLL : 10.0.3.2 84328 Bytes 1/10/2011 22:23:31AVARKT.DLL : 10.0.22.6 231784 Bytes 1/10/2011 22:23:27AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1/10/2011 22:23:28SQLITE3.DLL : 3.6.19.0 355688 Bytes 6/17/2010 22:27:22AVSMTP.DLL : 10.0.0.17 63848 Bytes 1/10/2011 22:23:31NETNT.DLL : 10.0.0.0 11624 Bytes 6/17/2010 22:27:21RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 21:10:20RCTEXT.DLL : 10.0.58.0 97128 Bytes 1/10/2011 22:23:52Configuration settings for the scan:Jobname.............................: Complete system scanConfiguration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avpLogging.............................: lowPrimary action......................: interactiveSecondary action....................: ignoreScan master boot sector.............: onScan boot sector....................: onBoot sectors........................: C:, D:, Process scan........................: onExtended process scan...............: onScan registry.......................: onSearch for rootkits.................: onIntegrity checking of system files..: offScan all files......................: All filesScan archives.......................: onRecursion depth.....................: 20Smart extensions....................: onMacro heuristic.....................: onFile heuristic......................: mediumDeviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR,Start of the scan: Sunday, February 06, 2011 13:53Starting search for hidden objects.HKEY_USERS\S-1-5-21-2539157648-3851442491-571201555-1000\Software\Microsoft\Internet Explorer\Recovery\Active\{1c4af410-323d-11e0-9c87-001c238e6203} [NOTE] The registry entry is invisible.c:\windows\explorer.exec:\windows\explorer.exe [NOTE] The process is not visible.The scan of running processes will be startedScan process 'iexplore.exe' - '103' Module(s) have been scannedScan process 'iexplore.exe' - '75' Module(s) have been scannedScan process 'SearchFilterHost.exe' - '32' Module(s) have been scannedScan process 'SearchProtocolHost.exe' - '51' Module(s) have been scannedScan process 'svchost.exe' - '30' Module(s) have been scannedScan process 'vssvc.exe' - '49' Module(s) have been scannedScan process 'avscan.exe' - '71' Module(s) have been scannedScan process 'avcenter.exe' - '96' Module(s) have been scannedScan process 'explorer.exe' - '150' Module(s) have been scannedScan process 'Taskmgr.exe' - '35' Module(s) have been scannedScan process 'avgnt.exe' - '62' Module(s) have been scannedScan process 'sched.exe' - '56' Module(s) have been scannedScan process 'avshadow.exe' - '33' Module(s) have been scannedScan process 'avguard.exe' - '65' Module(s) have been scannedScan process 'CLI.exe' - '97' Module(s) have been scannedScan process 'iPodService.exe' - '30' Module(s) have been scannedScan process 'firefox.exe' - '113' Module(s) have been scannedScan process 'wmpnetwk.exe' - '64' Module(s) have been scannedScan process 'CLI.EXE' - '133' Module(s) have been scannedScan process 'wmpnscfg.exe' - '29' Module(s) have been scannedScan process 'DLG.exe' - '22' Module(s) have been scannedScan process 'iTunesHelper.exe' - '74' Module(s) have been scannedScan process 'jusched.exe' - '22' Module(s) have been scannedScan process 'HpqSRmon.exe' - '28' Module(s) have been scannedScan process 'hpwuSchd2.exe' - '16' Module(s) have been scannedScan process 'sttray.exe' - '37' Module(s) have been scannedScan process 'PDVDDXSrv.exe' - '41' Module(s) have been scannedScan process 'WLTRAY.EXE' - '42' Module(s) have been scannedScan process 'SynTPEnh.exe' - '27' Module(s) have been scannedScan process 'MSASCui.exe' - '39' Module(s) have been scannedScan process 'GoogleCrashHandler.exe' - '26' Module(s) have been scannedScan process 'Dwm.exe' - '32' Module(s) have been scannedScan process 'taskeng.exe' - '80' Module(s) have been scannedScan process 'svchost.exe' - '41' Module(s) have been scannedScan process 'taskeng.exe' - '49' Module(s) have been scannedScan process 'SDWinSec.exe' - '47' Module(s) have been scannedScan process 'xaudio.exe' - '14' Module(s) have been scannedScan process 'SearchIndexer.exe' - '62' Module(s) have been scannedScan process 'svchost.exe' - '29' Module(s) have been scannedScan process 'svchost.exe' - '46' Module(s) have been scannedScan process 'RoxWatch9.exe' - '58' Module(s) have been scannedScan process 'svchost.exe' - '42' Module(s) have been scannedScan process 'java.exe' - '58' Module(s) have been scannedScan process 'svchost.exe' - '24' Module(s) have been scannedScan process 'svchost.exe' - '24' Module(s) have been scannedScan process 'LinksysUpdater.exe' - '41' Module(s) have been scannedScan process 'svchost.exe' - '35' Module(s) have been scannedScan process 'mDNSResponder.exe' - '33' Module(s) have been scannedScan process 'AppleMobileDeviceService.exe' - '47' Module(s) have been scannedScan process 'svchost.exe' - '57' Module(s) have been scannedScan process 'spoolsv.exe' - '83' Module(s) have been scannedScan process 'bcmwltry.exe' - '66' Module(s) have been scannedScan process 'WLTRYSVC.EXE' - '15' Module(s) have been scannedScan process 'svchost.exe' - '94' Module(s) have been scannedScan process 'Ati2evxx.exe' - '31' Module(s) have been scannedScan process 'svchost.exe' - '82' Module(s) have been scannedScan process 'SLsvc.exe' - '26' Module(s) have been scannedScan process 'svchost.exe' - '39' Module(s) have been scannedScan process 'svchost.exe' - '147' Module(s) have been scannedScan process 'svchost.exe' - '114' Module(s) have been scannedScan process 'svchost.exe' - '64' Module(s) have been scannedScan process 'Ati2evxx.exe' - '26' Module(s) have been scannedScan process 'svchost.exe' - '50' Module(s) have been scannedScan process 'svchost.exe' - '40' Module(s) have been scannedScan process 'svchost.exe' - '72' Module(s) have been scannedScan process 'lsm.exe' - '22' Module(s) have been scannedScan process 'winlogon.exe' - '30' Module(s) have been scannedScan process 'lsass.exe' - '60' Module(s) have been scannedScan process 'services.exe' - '35' Module(s) have been scannedScan process 'csrss.exe' - '14' Module(s) have been scannedScan process 'wininit.exe' - '26' Module(s) have been scannedScan process 'csrss.exe' - '14' Module(s) have been scannedScan process 'smss.exe' - '2' Module(s) have been scannedStarting master boot sector scan:Master boot sector HD0 [iNFO] No virus was found!Start scanning boot sectors:Boot sector 'C:\' [iNFO] No virus was found!Boot sector 'D:\' [iNFO] No virus was found!Starting to scan executable files (registry).The registry was scanned ( '1788' files ).Starting the file scan:Begin scan in 'C:\' <OS>C:\Users\Rick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OMVOHRKF\f_7[1].js [DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virusC:\Users\Rick\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\14de97d8-416e87b6[0] Archive type: ZIP [DETECTION] Contains recognition pattern of the JAVA/Applet.K Java virus--> prev/monoid.class [DETECTION] Contains recognition pattern of the JAVA/Applet.K Java virusC:\Users\Rick\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\6874292c-128388fe[0] Archive type: ZIP [DETECTION] Contains recognition pattern of the JAVA/Applet.K Java virus--> prev/monoid.class [DETECTION] Contains recognition pattern of the JAVA/Applet.K Java virusBegin scan in 'D:\' <Stuff>Beginning disinfection:C:\Users\Rick\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\6874292c-128388fe [DETECTION] Contains recognition pattern of the JAVA/Applet.K Java virus [NOTE] The file was moved to the quarantine directory under the name '48008b4f.qua'.C:\Users\Rick\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\14de97d8-416e87b6 [DETECTION] Contains recognition pattern of the JAVA/Applet.K Java virus [NOTE] The file was moved to the quarantine directory under the name '50a2a4ed.qua'.C:\Users\Rick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OMVOHRKF\f_7[1].js [DETECTION] Contains recognition pattern of the HTML/Infected.WebPage.Gen HTML script virus [NOTE] The file was moved to the quarantine directory under the name '02c8e1e8.qua'.End of the scan: Sunday, February 06, 2011 15:33Used time: 1:38:46 Hour(s)The scan has been done completely. 24984 Scanned directories 439553 Files were scanned 3 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 files were deleted 0 Viruses and unwanted programs were repaired 3 Files were moved to quarantine 0 Files were renamed 0 Files cannot be scanned 439550 Files not concerned 6049 Archives were scanned 0 Warnings 3 Notes 371177 Objects were scanned with rootkit scan 2 Hidden objects were found Link to post Share on other sites More sharing options...
Maniac Posted February 7, 2011 ID:385396 Share Posted February 7, 2011 Hello firlos! Welcome to Malwarebytes' Anti-Malware Forums!My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following: The process of cleaning your system may take some time, so please be patient.Follow my instructions step by step if there is a problem somewhere, stop and tell me.Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.Instructions that I give are for your system only!If you don't know or can't understand something please ask. Do not install or uninstall any software or hardware, while work on.Keep me informed about any changes.Your database version of MBAM is 5671, but the current is 5701 , so please:[*]Launch Malwarebytes' Anti-Malware[*]Go to Update" tab and select Check for Updates. If an update is found, it will download and install the latest version. If you already Link to post Share on other sites More sharing options...
firlos Posted February 7, 2011 Author ID:385571 Share Posted February 7, 2011 still infected here is logMalwarebytes' Anti-Malware 1.50.1.1100www.malwarebytes.orgDatabase version: 5703Windows 6.0.6002 Service Pack 2Internet Explorer 8.0.6001.189992/7/2011 10:36:17 AMmbam-log-2011-02-07 (10-36-17).txtScan type: Quick scanObjects scanned: 155842Time elapsed: 9 minute(s), 2 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 1Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 4Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:HKEY_CURRENT_USER\SOFTWARE\ineufbr1v (Malware.Trace) -> Quarantined and deleted successfully.Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:c:\Users\Rick\AppData\Local\Temp\e12fd82f.exe (Trojan.Downloader) -> Quarantined and deleted successfully.c:\Users\Rick\AppData\Local\Temp\Low\0.04394918551638349.exe (Trojan.Downloader) -> Quarantined and deleted successfully.c:\Users\Rick\AppData\Local\Temp\Low\1dcc0093.exe (Trojan.Downloader) -> Quarantined and deleted successfully.c:\Users\Rick\AppData\Local\Temp\Low\skmewwwln\vymjqeksjmo.exe (Trojan.Downloader) -> Quarantined and deleted successfully. Link to post Share on other sites More sharing options...
Maniac Posted February 7, 2011 ID:385573 Share Posted February 7, 2011 Please post a new fresh DDS log file with Attach.txt . Link to post Share on other sites More sharing options...
firlos Posted February 7, 2011 Author ID:385665 Share Posted February 7, 2011 DDS (Ver_10-12-12.02)Microsoft Link to post Share on other sites More sharing options...
Maniac Posted February 7, 2011 ID:385668 Share Posted February 7, 2011 This is Attach.txt , what about DDS.txt ? Link to post Share on other sites More sharing options...
firlos Posted February 7, 2011 Author ID:385671 Share Posted February 7, 2011 DDS (Ver_10-12-12.02) - NTFSx86 Run by Rick at 14:13:20.60 on Mon 02/07/2011Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_03Microsoft Link to post Share on other sites More sharing options...
Maniac Posted February 8, 2011 ID:385942 Share Posted February 8, 2011 Download TDSSKiller and save it to your Desktop.Extract its contents to your desktop.Once extracted, open the TDSSKiller folder and doubleclick on -TDSSKiller.exe to run the application, then on Start Scan.If an infected file is detected, the default action will be Cure, click on Continue.If a suspicious file is detected, the default action will be Skip, choose it.It may ask you to reboot the computer to complete the process. Click on Reboot Now.Click the Report button and copy/paste the contents of it into your next reply.Note:It will also create a log in the C:\ directory. Link to post Share on other sites More sharing options...
firlos Posted February 8, 2011 Author ID:386083 Share Posted February 8, 2011 for some reason it will not let me run the program i run it it asks me if want to continue then nothing Link to post Share on other sites More sharing options...
Maniac Posted February 8, 2011 ID:386085 Share Posted February 8, 2011 Reboot and try again. Link to post Share on other sites More sharing options...
firlos Posted February 8, 2011 Author ID:386088 Share Posted February 8, 2011 no that didnt work either could something be blocking it like avira or that cd emulation blocker? Link to post Share on other sites More sharing options...
Maniac Posted February 8, 2011 ID:386090 Share Posted February 8, 2011 No, it couldn't.**Note: If you need more detailed information, please visit the web page of ComboFix in BleepingComputer. **Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate. Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete. Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper. Please download ComboFix from Here or Here to your Desktop. **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop** If you are using Firefox, make sure that your download settings are as follows: Open Tools -> Options -> Main tab Set to Always ask me where to Save the files. [*]During the download, rename Combofix to Combo-Fix as follows: [*]It is important you rename Combofix during the download, but not after. [*]Please do not rename Combofix to other names, but only to the one indicated. [*]Close any open browsers. [*]Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. ----------------------------------------------------------- Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause unpredictable results. Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask. ----------------------------------------------------------- Close any open browsers. WARNING: Combofix will disconnect your machine from the Internet as soon as it starts Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished. If there is no internet connection after running Combofix, then restart your computer to restore back your connection. ----------------------------------------------------------- [*]Double click on combo-Fix.exe & follow the prompts. [*]When finished, it will produce a report for you. [*]Please post the C:\Combo-Fix.txt for further review. **Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall** Link to post Share on other sites More sharing options...
firlos Posted February 8, 2011 Author ID:386119 Share Posted February 8, 2011 ComboFix 11-02-08.01 - Rick 02/08/2011 10:32:00.1.2 - x86Microsoft Link to post Share on other sites More sharing options...
Maniac Posted February 8, 2011 ID:386120 Share Posted February 8, 2011 Thanks!Please try to re-run TDSSKiller. Link to post Share on other sites More sharing options...
firlos Posted February 8, 2011 Author ID:386126 Share Posted February 8, 2011 no thank you!2011/02/08 10:58:17.0591 4000 TDSS rootkit removing tool 2.4.16.0 Feb 1 2011 10:34:032011/02/08 10:58:17.0810 4000 ================================================================================2011/02/08 10:58:17.0810 4000 SystemInfo:2011/02/08 10:58:17.0810 4000 2011/02/08 10:58:17.0810 4000 OS Version: 6.0.6002 ServicePack: 2.02011/02/08 10:58:17.0810 4000 Product type: Workstation2011/02/08 10:58:17.0810 4000 ComputerName: KNOBLESS2011/02/08 10:58:17.0810 4000 UserName: Rick2011/02/08 10:58:17.0810 4000 Windows directory: C:\Windows2011/02/08 10:58:17.0810 4000 System windows directory: C:\Windows2011/02/08 10:58:17.0810 4000 Processor architecture: Intel x862011/02/08 10:58:17.0810 4000 Number of processors: 22011/02/08 10:58:17.0810 4000 Page size: 0x10002011/02/08 10:58:17.0810 4000 Boot type: Normal boot2011/02/08 10:58:17.0810 4000 ================================================================================2011/02/08 10:58:18.0732 4000 Initialize success2011/02/08 10:58:26.0904 0740 ================================================================================2011/02/08 10:58:26.0904 0740 Scan started2011/02/08 10:58:26.0904 0740 Mode: Manual; 2011/02/08 10:58:26.0904 0740 ================================================================================2011/02/08 10:58:28.0404 0740 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys2011/02/08 10:58:28.0482 0740 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys2011/02/08 10:58:28.0544 0740 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys2011/02/08 10:58:28.0654 0740 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys2011/02/08 10:58:28.0700 0740 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys2011/02/08 10:58:28.0794 0740 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys2011/02/08 10:58:28.0935 0740 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys2011/02/08 10:58:29.0013 0740 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys2011/02/08 10:58:29.0060 0740 aliide (5c42a992e68724d2cd3ddb4fc3b0409f) C:\Windows\system32\drivers\aliide.sys2011/02/08 10:58:29.0091 0740 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys2011/02/08 10:58:29.0122 0740 amdide (849dfacdde533da5d1810f0caf84eb19) C:\Windows\system32\drivers\amdide.sys2011/02/08 10:58:29.0247 0740 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys2011/02/08 10:58:29.0294 0740 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys2011/02/08 10:58:29.0482 0740 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys2011/02/08 10:58:29.0529 0740 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys2011/02/08 10:58:29.0607 0740 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys2011/02/08 10:58:29.0716 0740 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys2011/02/08 10:58:29.0810 0740 AtiPcie (a356e45e8432432c06981ea63a1e0fe8) C:\Windows\system32\DRIVERS\AtiPcie.sys2011/02/08 10:58:29.0888 0740 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys2011/02/08 10:58:29.0997 0740 avipbb (da39805e2bad99d37fce9477dd94e7f2) C:\Windows\system32\DRIVERS\avipbb.sys2011/02/08 10:58:30.0075 0740 BCM43XX (509f672686af40f95859fde67108449b) C:\Windows\system32\DRIVERS\bcmwl6.sys2011/02/08 10:58:30.0122 0740 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\Windows\system32\DRIVERS\bcm4sbxp.sys2011/02/08 10:58:30.0263 0740 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys2011/02/08 10:58:30.0388 0740 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys2011/02/08 10:58:30.0497 0740 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys2011/02/08 10:58:30.0529 0740 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys2011/02/08 10:58:30.0591 0740 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys2011/02/08 10:58:30.0622 0740 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys2011/02/08 10:58:30.0669 0740 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys2011/02/08 10:58:30.0794 0740 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys2011/02/08 10:58:30.0825 0740 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys2011/02/08 10:58:31.0044 0740 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys2011/02/08 10:58:31.0122 0740 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys2011/02/08 10:58:31.0169 0740 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys2011/02/08 10:58:31.0232 0740 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys2011/02/08 10:58:31.0372 0740 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys2011/02/08 10:58:31.0419 0740 cmdide (de11a06e187756ecb86cfa82dac40ff7) C:\Windows\system32\drivers\cmdide.sys2011/02/08 10:58:31.0450 0740 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys2011/02/08 10:58:31.0482 0740 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys2011/02/08 10:58:31.0529 0740 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys2011/02/08 10:58:31.0622 0740 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys2011/02/08 10:58:31.0763 0740 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys2011/02/08 10:58:31.0872 0740 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys2011/02/08 10:58:31.0904 0740 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys2011/02/08 10:58:31.0950 0740 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys2011/02/08 10:58:32.0075 0740 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys2011/02/08 10:58:32.0154 0740 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys2011/02/08 10:58:32.0216 0740 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\dsunidrv.sys2011/02/08 10:58:32.0279 0740 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys2011/02/08 10:58:32.0435 0740 e1express (7505290504c8e2d172fa378cc0497bcc) C:\Windows\system32\DRIVERS\e1e6032.sys2011/02/08 10:58:32.0482 0740 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys2011/02/08 10:58:32.0560 0740 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys2011/02/08 10:58:32.0685 0740 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys2011/02/08 10:58:32.0794 0740 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys2011/02/08 10:58:32.0872 0740 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys2011/02/08 10:58:32.0919 0740 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys2011/02/08 10:58:33.0029 0740 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys2011/02/08 10:58:33.0091 0740 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys2011/02/08 10:58:33.0138 0740 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys2011/02/08 10:58:33.0200 0740 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys2011/02/08 10:58:33.0294 0740 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys2011/02/08 10:58:33.0341 0740 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys2011/02/08 10:58:33.0404 0740 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys2011/02/08 10:58:33.0747 0740 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys2011/02/08 10:58:33.0825 0740 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys2011/02/08 10:58:33.0872 0740 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys2011/02/08 10:58:33.0904 0740 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys2011/02/08 10:58:34.0029 0740 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys2011/02/08 10:58:34.0060 0740 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys2011/02/08 10:58:34.0185 0740 HSF_DPV (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys2011/02/08 10:58:34.0310 0740 HSXHWAZL (31f949d452201f2f0af0c88d7db512cd) C:\Windows\system32\DRIVERS\HSXHWAZL.sys2011/02/08 10:58:34.0372 0740 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys2011/02/08 10:58:34.0419 0740 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys2011/02/08 10:58:34.0544 0740 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys2011/02/08 10:58:34.0591 0740 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys2011/02/08 10:58:34.0638 0740 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys2011/02/08 10:58:34.0700 0740 intelide (1b16626beae3a52e611fc681cd796f86) C:\Windows\system32\drivers\intelide.sys2011/02/08 10:58:34.0747 0740 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys2011/02/08 10:58:34.0857 0740 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys2011/02/08 10:58:34.0919 0740 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys2011/02/08 10:58:34.0966 0740 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys2011/02/08 10:58:35.0029 0740 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys2011/02/08 10:58:35.0075 0740 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys2011/02/08 10:58:35.0200 0740 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys2011/02/08 10:58:35.0232 0740 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys2011/02/08 10:58:35.0263 0740 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys2011/02/08 10:58:35.0310 0740 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys2011/02/08 10:58:35.0372 0740 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\DRIVERS\kbdhid.sys2011/02/08 10:58:35.0529 0740 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys2011/02/08 10:58:35.0700 0740 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys2011/02/08 10:58:35.0779 0740 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys2011/02/08 10:58:35.0810 0740 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys2011/02/08 10:58:35.0857 0740 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys2011/02/08 10:58:35.0919 0740 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys2011/02/08 10:58:35.0997 0740 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys2011/02/08 10:58:36.0060 0740 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys2011/02/08 10:58:36.0122 0740 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys2011/02/08 10:58:36.0185 0740 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys2011/02/08 10:58:36.0247 0740 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys2011/02/08 10:58:36.0294 0740 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys2011/02/08 10:58:36.0357 0740 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys2011/02/08 10:58:36.0419 0740 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys2011/02/08 10:58:36.0466 0740 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys2011/02/08 10:58:36.0544 0740 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys2011/02/08 10:58:36.0622 0740 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys2011/02/08 10:58:36.0669 0740 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys2011/02/08 10:58:36.0700 0740 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys2011/02/08 10:58:36.0779 0740 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys2011/02/08 10:58:36.0857 0740 msahci (0d1c042188ffe61a702a9df5944de5ba) C:\Windows\system32\drivers\msahci.sys2011/02/08 10:58:36.0888 0740 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys2011/02/08 10:58:36.0966 0740 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys2011/02/08 10:58:37.0013 0740 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys2011/02/08 10:58:37.0107 0740 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys2011/02/08 10:58:37.0200 0740 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys2011/02/08 10:58:37.0247 0740 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys2011/02/08 10:58:37.0310 0740 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys2011/02/08 10:58:37.0388 0740 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys2011/02/08 10:58:37.0419 0740 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys2011/02/08 10:58:37.0497 0740 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys2011/02/08 10:58:37.0560 0740 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys2011/02/08 10:58:37.0669 0740 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys2011/02/08 10:58:37.0763 0740 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys2011/02/08 10:58:37.0810 0740 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys2011/02/08 10:58:37.0872 0740 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys2011/02/08 10:58:37.0935 0740 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys2011/02/08 10:58:38.0029 0740 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys2011/02/08 10:58:38.0075 0740 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys2011/02/08 10:58:38.0169 0740 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys2011/02/08 10:58:38.0216 0740 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys2011/02/08 10:58:38.0310 0740 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys2011/02/08 10:58:38.0419 0740 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys2011/02/08 10:58:38.0529 0740 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys2011/02/08 10:58:38.0607 0740 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys2011/02/08 10:58:38.0638 0740 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys2011/02/08 10:58:38.0685 0740 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys2011/02/08 10:58:38.0716 0740 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys2011/02/08 10:58:38.0888 0740 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys2011/02/08 10:58:38.0950 0740 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys2011/02/08 10:58:38.0997 0740 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys2011/02/08 10:58:39.0029 0740 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys2011/02/08 10:58:39.0138 0740 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys2011/02/08 10:58:39.0200 0740 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys2011/02/08 10:58:39.0263 0740 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys2011/02/08 10:58:39.0325 0740 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys2011/02/08 10:58:39.0544 0740 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys2011/02/08 10:58:39.0607 0740 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys2011/02/08 10:58:39.0685 0740 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys2011/02/08 10:58:39.0810 0740 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys2011/02/08 10:58:39.0904 0740 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys2011/02/08 10:58:39.0966 0740 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys2011/02/08 10:58:40.0029 0740 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys2011/02/08 10:58:40.0185 0740 R300 (554685122b4f973e21d66c2baaf29543) C:\Windows\system32\DRIVERS\atikmdag.sys2011/02/08 10:58:40.0341 0740 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys2011/02/08 10:58:40.0404 0740 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys2011/02/08 10:58:40.0466 0740 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys2011/02/08 10:58:40.0513 0740 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys2011/02/08 10:58:40.0575 0740 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys2011/02/08 10:58:40.0685 0740 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys2011/02/08 10:58:40.0747 0740 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys2011/02/08 10:58:40.0779 0740 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys2011/02/08 10:58:40.0841 0740 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys2011/02/08 10:58:40.0919 0740 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\Windows\system32\DRIVERS\rimmptsk.sys2011/02/08 10:58:40.0982 0740 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\Windows\system32\drivers\rimsptsk.sys2011/02/08 10:58:41.0044 0740 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\Windows\system32\drivers\rixdptsk.sys2011/02/08 10:58:41.0138 0740 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys2011/02/08 10:58:41.0185 0740 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys2011/02/08 10:58:41.0310 0740 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys2011/02/08 10:58:41.0372 0740 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys2011/02/08 10:58:41.0419 0740 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys2011/02/08 10:58:41.0482 0740 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys2011/02/08 10:58:41.0529 0740 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys2011/02/08 10:58:41.0622 0740 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys2011/02/08 10:58:41.0685 0740 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys2011/02/08 10:58:41.0732 0740 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys2011/02/08 10:58:41.0779 0740 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys2011/02/08 10:58:41.0825 0740 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys2011/02/08 10:58:41.0857 0740 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys2011/02/08 10:58:41.0935 0740 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys2011/02/08 10:58:42.0029 0740 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys2011/02/08 10:58:42.0107 0740 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys2011/02/08 10:58:42.0169 0740 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys2011/02/08 10:58:42.0247 0740 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys2011/02/08 10:58:42.0294 0740 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys2011/02/08 10:58:42.0372 0740 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys2011/02/08 10:58:42.0466 0740 STHDA (9cea131b5eb0ea653f6b3ea80b54956d) C:\Windows\system32\drivers\stwrt.sys2011/02/08 10:58:42.0575 0740 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys2011/02/08 10:58:42.0638 0740 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys2011/02/08 10:58:42.0716 0740 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys2011/02/08 10:58:42.0747 0740 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys2011/02/08 10:58:42.0779 0740 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys2011/02/08 10:58:42.0904 0740 SynTP (1f5192248a364d4ab68db063d18a2139) C:\Windows\system32\DRIVERS\SynTP.sys2011/02/08 10:58:43.0013 0740 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys2011/02/08 10:58:43.0075 0740 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys2011/02/08 10:58:43.0138 0740 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys2011/02/08 10:58:43.0232 0740 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys2011/02/08 10:58:43.0263 0740 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys2011/02/08 10:58:43.0310 0740 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys2011/02/08 10:58:43.0372 0740 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys2011/02/08 10:58:43.0482 0740 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys2011/02/08 10:58:43.0575 0740 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys2011/02/08 10:58:43.0622 0740 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys2011/02/08 10:58:43.0669 0740 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys2011/02/08 10:58:43.0747 0740 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys2011/02/08 10:58:43.0841 0740 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys2011/02/08 10:58:43.0888 0740 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys2011/02/08 10:58:43.0950 0740 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys2011/02/08 10:58:44.0013 0740 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys2011/02/08 10:58:44.0075 0740 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys2011/02/08 10:58:44.0169 0740 URC_USBV7 (c7f0148964c5728d4880198dcc10b924) C:\Windows\system32\Drivers\URC_USBV7.sys2011/02/08 10:58:44.0279 0740 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys2011/02/08 10:58:44.0341 0740 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys2011/02/08 10:58:44.0419 0740 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys2011/02/08 10:58:44.0466 0740 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys2011/02/08 10:58:44.0544 0740 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys2011/02/08 10:58:44.0591 0740 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys2011/02/08 10:58:44.0654 0740 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys2011/02/08 10:58:44.0700 0740 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys2011/02/08 10:58:44.0747 0740 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS2011/02/08 10:58:44.0825 0740 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys2011/02/08 10:58:44.0919 0740 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys2011/02/08 10:58:44.0966 0740 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys2011/02/08 10:58:45.0013 0740 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys2011/02/08 10:58:45.0091 0740 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys2011/02/08 10:58:45.0122 0740 viaide (c0ace9d0f5a5ee0b00f58345947a57fc) C:\Windows\system32\drivers\viaide.sys2011/02/08 10:58:45.0185 0740 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys2011/02/08 10:58:45.0247 0740 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys2011/02/08 10:58:45.0357 0740 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys2011/02/08 10:58:45.0482 0740 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys2011/02/08 10:58:45.0544 0740 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys2011/02/08 10:58:45.0591 0740 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys2011/02/08 10:58:45.0622 0740 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys2011/02/08 10:58:45.0669 0740 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys2011/02/08 10:58:45.0794 0740 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys2011/02/08 10:58:45.0935 0740 winachsf (6d2350bb6e77e800fc4be4e5b7a2e89a) C:\Windows\system32\DRIVERS\HSX_CNXT.sys2011/02/08 10:58:46.0060 0740 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys2011/02/08 10:58:46.0216 0740 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys2011/02/08 10:58:46.0279 0740 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys2011/02/08 10:58:46.0357 0740 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys2011/02/08 10:58:46.0419 0740 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys2011/02/08 10:58:46.0497 0740 ================================================================================2011/02/08 10:58:46.0497 0740 Scan finished2011/02/08 10:58:46.0497 0740 ================================================================================ Link to post Share on other sites More sharing options...
Maniac Posted February 8, 2011 ID:386132 Share Posted February 8, 2011 Looks good! How are things running now? Link to post Share on other sites More sharing options...
firlos Posted February 8, 2011 Author ID:386152 Share Posted February 8, 2011 seems to be faster, there was alot of stuff running in processes now there isnt too much also the double iexplore are gone, havnt had any sounds yet and the google hijacking seems to be gone, what do you think i had on my computer? also thank you soo much for helping Link to post Share on other sites More sharing options...
Maniac Posted February 8, 2011 ID:386189 Share Posted February 8, 2011 Glad I could help! what do you think i had on my computer?A lot of things as you see in your MBAM logs. The main problem was TDL4. More information here:http://www.kernelmode.info/forum/viewtopic...=19&start=0Last steps for you:Step 1Go to Start => Run... and copy & paste next command in the field:ComboFix /uninstallThen hit Enter button.This procedure will do the following:Uninstall ComboFixDelete its related folders and filesReset your clock settingsHide file extensionsHide the system/hidden filesResets System Restore againP.S.: Make sure there's a space between ComboFix and /uninstallStep 2Please manually delete DDS, GMER and TDSSKiller.Step 3Keep your software up-to-date:www.bleepingcomputer.com/tutorials/tutorial174.htmlSome malware preventions:http://forums.malwarebytes.org/index.php?showtopic=9365Safe surfing! Link to post Share on other sites More sharing options...
firlos Posted February 8, 2011 Author ID:386304 Share Posted February 8, 2011 what about defogger? Link to post Share on other sites More sharing options...
Maniac Posted February 8, 2011 ID:386310 Share Posted February 8, 2011 Please re-enable it and then manually delete it. Sorry about that! Link to post Share on other sites More sharing options...
LDTate Posted February 21, 2011 ID:391551 Share Posted February 21, 2011 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts