Jump to content

Can't get rid of trojans and viruses


blfc
 Share

Recommended Posts

My husband noticed a webpage wouldn't let him navigate away last weekend and re-directed him and then the next day when I logged in I had the System Tool screen complete with HUGE fake virus scans and a redirect to try to get me to "buy" fake software... I downloaded Malwarebytes Pro and it found the System Tool, along with Trojan.Agent, Trojan.Hiloti and a few other problems. The scans now are clean, but my computer is still freezing even with only Windows Task Manager open and the CPU jumps to 100% with no other programs open. Can you tell me if I have gotten rid of the malware? I followed the instructions on your site and have the scans recommended. I tried looking through the registry, but have never done that before and am afraid of deleting something important by mistake.

Help! Thanks.

Here is the DDS text:

DS (Ver_10-12-12.02) - NTFSx86

Run by Lauren at 20:38:32.27 on Mon 02/14/2011

Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_16

Microsoft

DDS Attach.zip

Link to post
Share on other sites

Hello blfc! Welcome to Malwarebytes' Anti-Malware Forums!

My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following:

  • The process of cleaning your system may take some time, so please be patient.
  • Follow my instructions step by step if there is a problem somewhere, stop and tell me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • If you don't know or can't understand something please ask.
  • Do not install or uninstall any software or hardware, while work on.
  • Keep me informed about any changes.

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, choose it.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • Click the Report button and copy/paste the contents of it into your next reply.

Note:It will also create a log in the C:\ directory.

In your next reply, please post these log(s):

  1. TDSSKiller log
  2. a new fresh DDS log only

Link to post
Share on other sites

Please post your logs, don't attach them.

Sorry. Here they are:

2011/02/15 08:41:06.0668 0456 TDSS rootkit removing tool 2.4.17.0 Feb 10 2011 11:07:20

2011/02/15 08:41:06.0980 0456 ================================================================================

2011/02/15 08:41:06.0980 0456 SystemInfo:

2011/02/15 08:41:06.0980 0456

2011/02/15 08:41:06.0980 0456 OS Version: 6.0.6002 ServicePack: 2.0

2011/02/15 08:41:06.0980 0456 Product type: Workstation

2011/02/15 08:41:06.0980 0456 ComputerName: LAUREN-PC

2011/02/15 08:41:06.0980 0456 UserName: Lauren

2011/02/15 08:41:06.0980 0456 Windows directory: C:\Windows

2011/02/15 08:41:06.0980 0456 System windows directory: C:\Windows

2011/02/15 08:41:06.0980 0456 Processor architecture: Intel x86

2011/02/15 08:41:06.0980 0456 Number of processors: 2

2011/02/15 08:41:06.0980 0456 Page size: 0x1000

2011/02/15 08:41:06.0980 0456 Boot type: Safe boot with network

2011/02/15 08:41:06.0980 0456 ================================================================================

2011/02/15 08:41:07.0463 0456 Initialize success

2011/02/15 08:41:11.0410 0340 ================================================================================

2011/02/15 08:41:11.0410 0340 Scan started

2011/02/15 08:41:11.0410 0340 Mode: Manual;

2011/02/15 08:41:11.0410 0340 ================================================================================

2011/02/15 08:41:11.0831 0340 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

2011/02/15 08:41:12.0019 0340 ADIHdAudAddService (a51ea92451897824c5c7474a160af773) C:\Windows\system32\drivers\ADIHdAud.sys

2011/02/15 08:41:12.0143 0340 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys

2011/02/15 08:41:12.0206 0340 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys

2011/02/15 08:41:12.0284 0340 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys

2011/02/15 08:41:12.0331 0340 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys

2011/02/15 08:41:12.0471 0340 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys

2011/02/15 08:41:12.0565 0340 agp440 (198636e76971ebc96404547ec0fd5e75) C:\Windows\system32\drivers\agp440.sys

2011/02/15 08:41:12.0627 0340 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

2011/02/15 08:41:12.0705 0340 aliide (c20f9bce0956a7e3deaa6848ee1f1682) C:\Windows\system32\drivers\aliide.sys

2011/02/15 08:41:12.0752 0340 amdagp (2363abc8989a14fd7247ca6f4e89d397) C:\Windows\system32\drivers\amdagp.sys

2011/02/15 08:41:12.0814 0340 amdide (bee39c63d6259f795d110fe89fd9f056) C:\Windows\system32\drivers\amdide.sys

2011/02/15 08:41:12.0877 0340 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys

2011/02/15 08:41:12.0923 0340 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys

2011/02/15 08:41:13.0001 0340 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys

2011/02/15 08:41:13.0064 0340 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys

2011/02/15 08:41:13.0126 0340 aswFsBlk (cba53c5e29ae0a0ce76f9a2be3a40d9e) C:\Windows\system32\drivers\aswFsBlk.sys

2011/02/15 08:41:13.0220 0340 aswMonFlt (317f85fb68a3be507e9ccede5e6d9ee0) C:\Windows\system32\drivers\aswMonFlt.sys

2011/02/15 08:41:13.0282 0340 aswRdr (b6e8c5874377a42756c282fac2e20836) C:\Windows\system32\drivers\aswRdr.sys

2011/02/15 08:41:13.0376 0340 aswSP (b93a553c9b0f14263c8f016a44c3258c) C:\Windows\system32\drivers\aswSP.sys

2011/02/15 08:41:13.0469 0340 aswTdi (1408421505257846eb336feeef33352d) C:\Windows\system32\drivers\aswTdi.sys

2011/02/15 08:41:13.0547 0340 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

2011/02/15 08:41:13.0625 0340 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

2011/02/15 08:41:13.0735 0340 athr (ab0e8983beb0b036485e0e97e23b69ad) C:\Windows\system32\DRIVERS\athr.sys

2011/02/15 08:41:14.0000 0340 b57nd60x (8e287eb3a52fd30c999482c576f4a61b) C:\Windows\system32\DRIVERS\b57nd60x.sys

2011/02/15 08:41:14.0125 0340 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

2011/02/15 08:41:14.0327 0340 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys

2011/02/15 08:41:14.0390 0340 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

2011/02/15 08:41:14.0452 0340 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

2011/02/15 08:41:14.0499 0340 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

2011/02/15 08:41:14.0561 0340 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

2011/02/15 08:41:14.0593 0340 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

2011/02/15 08:41:14.0639 0340 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

2011/02/15 08:41:14.0702 0340 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

2011/02/15 08:41:14.0827 0340 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

2011/02/15 08:41:14.0920 0340 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

2011/02/15 08:41:14.0983 0340 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys

2011/02/15 08:41:15.0076 0340 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

2011/02/15 08:41:15.0154 0340 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

2011/02/15 08:41:15.0217 0340 cmdide (4fdf23b1124b36c2cfd0f675f950ae1b) C:\Windows\system32\drivers\cmdide.sys

2011/02/15 08:41:15.0310 0340 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

2011/02/15 08:41:15.0341 0340 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys

2011/02/15 08:41:15.0388 0340 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys

2011/02/15 08:41:15.0529 0340 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys

2011/02/15 08:41:15.0622 0340 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

2011/02/15 08:41:15.0731 0340 DLABMFSM (475024f44e0b0ff2e89b0b7450c51e9a) C:\Windows\system32\DLA\DLABMFSM.SYS

2011/02/15 08:41:15.0794 0340 DLABOIOM (d418a2c037f0367af8ceb955f8162219) C:\Windows\system32\DLA\DLABOIOM.SYS

2011/02/15 08:41:15.0856 0340 DLACDBHM (5230cdb7e715f3a3b4a882e254cdd35d) C:\Windows\system32\Drivers\DLACDBHM.SYS

2011/02/15 08:41:15.0965 0340 DLADResM (c696b47b36c278a349b433b206e4b105) C:\Windows\system32\DLA\DLADResM.SYS

2011/02/15 08:41:16.0028 0340 DLAIFS_M (97e1cc730f1f931c5232013432584334) C:\Windows\system32\DLA\DLAIFS_M.SYS

2011/02/15 08:41:16.0090 0340 DLAOPIOM (d98be003d85c0251a3db5851a29c6ba8) C:\Windows\system32\DLA\DLAOPIOM.SYS

2011/02/15 08:41:16.0121 0340 DLAPoolM (3821ad5aa0ac0f05625923cfcc0c0fbb) C:\Windows\system32\DLA\DLAPoolM.SYS

2011/02/15 08:41:16.0168 0340 DLARTL_M (77fe51f0f8d86804cb81f6ef6bfb86dd) C:\Windows\system32\Drivers\DLARTL_M.SYS

2011/02/15 08:41:16.0215 0340 DLAUDFAM (0fdd55d09da1657fc28ebc015f5f45d6) C:\Windows\system32\DLA\DLAUDFAM.SYS

2011/02/15 08:41:16.0246 0340 DLAUDF_M (147bc35eba264118988f5c5580860336) C:\Windows\system32\DLA\DLAUDF_M.SYS

2011/02/15 08:41:16.0340 0340 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

2011/02/15 08:41:16.0371 0340 DRVMCDB (83106585494d5eb96f59187200c144bd) C:\Windows\system32\Drivers\DRVMCDB.SYS

2011/02/15 08:41:16.0402 0340 DRVNDDM (ffc371525aa55d1bae18715ebcb8797c) C:\Windows\system32\Drivers\DRVNDDM.SYS

2011/02/15 08:41:16.0496 0340 DXGKrnl (fb85f7f69e9b109820409243f578cc4d) C:\Windows\System32\drivers\dxgkrnl.sys

2011/02/15 08:41:16.0558 0340 e1express (e4563be48ef4e8d8ad3edd92bb01ad9a) C:\Windows\system32\DRIVERS\e1e6032.sys

2011/02/15 08:41:16.0652 0340 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys

2011/02/15 08:41:16.0777 0340 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

2011/02/15 08:41:16.0870 0340 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys

2011/02/15 08:41:17.0026 0340 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

2011/02/15 08:41:17.0089 0340 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

2011/02/15 08:41:17.0135 0340 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys

2011/02/15 08:41:17.0245 0340 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

2011/02/15 08:41:17.0307 0340 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

2011/02/15 08:41:17.0369 0340 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys

2011/02/15 08:41:17.0463 0340 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

2011/02/15 08:41:17.0541 0340 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

2011/02/15 08:41:17.0588 0340 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys

2011/02/15 08:41:17.0666 0340 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

2011/02/15 08:41:17.0728 0340 grmnusb (d956358054e99e6ffac69cd87e893a89) C:\Windows\system32\drivers\grmnusb.sys

2011/02/15 08:41:17.0791 0340 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

2011/02/15 08:41:17.0884 0340 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

2011/02/15 08:41:17.0947 0340 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

2011/02/15 08:41:17.0978 0340 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

2011/02/15 08:41:18.0056 0340 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

2011/02/15 08:41:18.0103 0340 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys

2011/02/15 08:41:18.0181 0340 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS

2011/02/15 08:41:18.0259 0340 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys

2011/02/15 08:41:18.0352 0340 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys

2011/02/15 08:41:18.0430 0340 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

2011/02/15 08:41:18.0493 0340 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys

2011/02/15 08:41:18.0586 0340 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

2011/02/15 08:41:18.0695 0340 ialm (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys

2011/02/15 08:41:18.0820 0340 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys

2011/02/15 08:41:18.0867 0340 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys

2011/02/15 08:41:18.0929 0340 IBMPMDRV (931af21653dd91cd85270a2b31f87eeb) C:\Windows\system32\DRIVERS\ibmpmdrv.sys

2011/02/15 08:41:19.0117 0340 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys

2011/02/15 08:41:19.0163 0340 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

2011/02/15 08:41:19.0241 0340 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

2011/02/15 08:41:19.0304 0340 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

2011/02/15 08:41:19.0397 0340 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2011/02/15 08:41:19.0460 0340 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys

2011/02/15 08:41:19.0522 0340 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

2011/02/15 08:41:19.0600 0340 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

2011/02/15 08:41:19.0647 0340 isapnp (ce2997a0c3b0049a3188c4f0c7a04bc9) C:\Windows\system32\drivers\isapnp.sys

2011/02/15 08:41:19.0709 0340 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

2011/02/15 08:41:19.0756 0340 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

2011/02/15 08:41:19.0803 0340 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

2011/02/15 08:41:19.0881 0340 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

2011/02/15 08:41:19.0912 0340 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys

2011/02/15 08:41:19.0990 0340 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys

2011/02/15 08:41:20.0099 0340 Lbd (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\Windows\system32\DRIVERS\Lbd.sys

2011/02/15 08:41:20.0193 0340 lenovo.smi (63de2c8974f5d528fbc3d6978fd8ad6a) C:\Windows\system32\DRIVERS\smiif32.sys

2011/02/15 08:41:20.0287 0340 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

2011/02/15 08:41:20.0333 0340 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys

2011/02/15 08:41:20.0365 0340 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys

2011/02/15 08:41:20.0396 0340 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys

2011/02/15 08:41:20.0458 0340 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

2011/02/15 08:41:20.0552 0340 MBAMProtector (836e0e09ca9869be7eb39ef2cf3602c7) C:\Windows\system32\drivers\mbam.sys

2011/02/15 08:41:20.0630 0340 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys

2011/02/15 08:41:20.0692 0340 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys

2011/02/15 08:41:20.0786 0340 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

2011/02/15 08:41:20.0879 0340 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

2011/02/15 08:41:20.0942 0340 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

2011/02/15 08:41:20.0989 0340 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

2011/02/15 08:41:21.0051 0340 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

2011/02/15 08:41:21.0098 0340 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys

2011/02/15 08:41:21.0191 0340 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

2011/02/15 08:41:21.0285 0340 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

2011/02/15 08:41:21.0363 0340 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

2011/02/15 08:41:21.0441 0340 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys

2011/02/15 08:41:21.0519 0340 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2011/02/15 08:41:21.0566 0340 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2011/02/15 08:41:21.0597 0340 msahci (a7df0c3adb40919f91b2917fbe07a370) C:\Windows\system32\drivers\msahci.sys

2011/02/15 08:41:21.0659 0340 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys

2011/02/15 08:41:21.0753 0340 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

2011/02/15 08:41:21.0847 0340 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

2011/02/15 08:41:21.0940 0340 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

2011/02/15 08:41:22.0003 0340 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

2011/02/15 08:41:22.0081 0340 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

2011/02/15 08:41:22.0143 0340 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

2011/02/15 08:41:22.0190 0340 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

2011/02/15 08:41:22.0252 0340 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

2011/02/15 08:41:22.0330 0340 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

2011/02/15 08:41:22.0439 0340 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

2011/02/15 08:41:22.0533 0340 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

2011/02/15 08:41:22.0627 0340 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

2011/02/15 08:41:22.0705 0340 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

2011/02/15 08:41:22.0798 0340 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

2011/02/15 08:41:22.0876 0340 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

2011/02/15 08:41:22.0970 0340 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

2011/02/15 08:41:23.0048 0340 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

2011/02/15 08:41:23.0141 0340 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

2011/02/15 08:41:23.0219 0340 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

2011/02/15 08:41:23.0266 0340 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

2011/02/15 08:41:23.0375 0340 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

2011/02/15 08:41:23.0453 0340 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

2011/02/15 08:41:23.0516 0340 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

2011/02/15 08:41:23.0547 0340 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys

2011/02/15 08:41:23.0594 0340 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys

2011/02/15 08:41:23.0625 0340 nv_agp (925eb9e53eca4473a2d156a02b7418e3) C:\Windows\system32\drivers\nv_agp.sys

2011/02/15 08:41:23.0781 0340 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

2011/02/15 08:41:23.0859 0340 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\DRIVERS\parport.sys

2011/02/15 08:41:23.0937 0340 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

2011/02/15 08:41:23.0984 0340 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\DRIVERS\parvdm.sys

2011/02/15 08:41:24.0046 0340 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

2011/02/15 08:41:24.0093 0340 pciide (6889e46da655916e493537032d7ef095) C:\Windows\system32\drivers\pciide.sys

2011/02/15 08:41:24.0171 0340 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys

2011/02/15 08:41:24.0249 0340 PCTINDIS5 (351bd8c80b2c411ea5a122fcfed4d7c8) C:\Windows\system32\PCTINDIS5.SYS

2011/02/15 08:41:24.0327 0340 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

2011/02/15 08:41:24.0499 0340 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

2011/02/15 08:41:24.0561 0340 PROCDD (1d80309fed4babf8ea9e7b84a394348b) C:\Windows\system32\DRIVERS\PROCDD.SYS

2011/02/15 08:41:24.0608 0340 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys

2011/02/15 08:41:24.0686 0340 psadd (aac08defb15aaab00b30341c716efa35) C:\Windows\system32\DRIVERS\psadd.sys

2011/02/15 08:41:24.0764 0340 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

2011/02/15 08:41:24.0842 0340 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys

2011/02/15 08:41:24.0920 0340 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys

2011/02/15 08:41:25.0013 0340 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

2011/02/15 08:41:25.0091 0340 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

2011/02/15 08:41:25.0154 0340 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

2011/02/15 08:41:25.0232 0340 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

2011/02/15 08:41:25.0310 0340 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

2011/02/15 08:41:25.0372 0340 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

2011/02/15 08:41:25.0450 0340 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

2011/02/15 08:41:25.0544 0340 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

2011/02/15 08:41:25.0606 0340 rdpdr (87ee019fe9fbff071d76ccf9ec794646) C:\Windows\system32\drivers\rdpdr.sys

2011/02/15 08:41:25.0653 0340 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

2011/02/15 08:41:25.0715 0340 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

2011/02/15 08:41:25.0825 0340 rimmptsk (c35ca13d3627ebd9dd12a23ce781bc3d) C:\Windows\system32\DRIVERS\rimmptsk.sys

2011/02/15 08:41:25.0887 0340 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\DRIVERS\rimsptsk.sys

2011/02/15 08:41:25.0965 0340 RimVSerPort (12a2fd77e334b223531f1e2918480d49) C:\Windows\system32\DRIVERS\RimSerial.sys

2011/02/15 08:41:26.0012 0340 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\DRIVERS\rixdptsk.sys

2011/02/15 08:41:26.0090 0340 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys

2011/02/15 08:41:26.0183 0340 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

2011/02/15 08:41:26.0261 0340 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

2011/02/15 08:41:26.0355 0340 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys

2011/02/15 08:41:26.0417 0340 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

2011/02/15 08:41:26.0464 0340 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys

2011/02/15 08:41:26.0527 0340 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\DRIVERS\serial.sys

2011/02/15 08:41:26.0589 0340 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

2011/02/15 08:41:26.0683 0340 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys

2011/02/15 08:41:26.0714 0340 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys

2011/02/15 08:41:26.0761 0340 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys

2011/02/15 08:41:26.0823 0340 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys

2011/02/15 08:41:26.0932 0340 Shockprf (e22ef09693396bfeda7edc47b6c16e26) C:\Windows\system32\DRIVERS\Apsx86.sys

2011/02/15 08:41:26.0963 0340 sisagp (e5773c4cff310d00a59db01ef4074135) C:\Windows\system32\drivers\sisagp.sys

2011/02/15 08:41:27.0010 0340 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys

2011/02/15 08:41:27.0041 0340 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys

2011/02/15 08:41:27.0119 0340 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

2011/02/15 08:41:27.0478 0340 SNP2UVC (537cd54295cdbcc4dcffe95e234387ae) C:\Windows\system32\DRIVERS\snp2uvc.sys

2011/02/15 08:41:27.0806 0340 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

2011/02/15 08:41:27.0884 0340 SQTECH9051 (2a2a3630f0c4771319b90d1b63c4b999) C:\Windows\system32\Drivers\Capt9051.sys

2011/02/15 08:41:27.0946 0340 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys

2011/02/15 08:41:28.0024 0340 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys

2011/02/15 08:41:28.0071 0340 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys

2011/02/15 08:41:28.0196 0340 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

2011/02/15 08:41:28.0258 0340 SWNC8U51 (4748c3fbd786aa84852f0acc416c932a) C:\Windows\system32\DRIVERS\swnc8u51.sys

2011/02/15 08:41:28.0352 0340 SWUMX51 (574a712e3015a7e092756db3d1982107) C:\Windows\system32\DRIVERS\swumx51.sys

2011/02/15 08:41:28.0414 0340 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

2011/02/15 08:41:28.0445 0340 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

2011/02/15 08:41:28.0477 0340 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

2011/02/15 08:41:28.0555 0340 SynTP (934f7de26ae5354e08c85adff3a7f27b) C:\Windows\system32\DRIVERS\SynTP.sys

2011/02/15 08:41:28.0679 0340 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys

2011/02/15 08:41:28.0742 0340 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys

2011/02/15 08:41:28.0820 0340 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

2011/02/15 08:41:28.0898 0340 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

2011/02/15 08:41:28.0945 0340 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

2011/02/15 08:41:29.0023 0340 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

2011/02/15 08:41:29.0101 0340 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

2011/02/15 08:41:29.0210 0340 TPDIGIMN (a44928f04032d49a6c2e151f869fb152) C:\Windows\system32\DRIVERS\ApsHM86.sys

2011/02/15 08:41:29.0272 0340 TPM (cb258c2f726f1be73c507022be33ebb3) C:\Windows\system32\drivers\tpm.sys

2011/02/15 08:41:29.0381 0340 TPPWRIF (1bd5719ef160e0ab739cd0ff3ba5e298) C:\Windows\system32\drivers\Tppwr32v.sys

2011/02/15 08:41:29.0475 0340 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

2011/02/15 08:41:29.0553 0340 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

2011/02/15 08:41:29.0631 0340 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

2011/02/15 08:41:29.0725 0340 tvtfilter (49258a02a1e8d304ed88b0f1c56b1738) C:\Windows\system32\DRIVERS\tvtfilter.sys

2011/02/15 08:41:29.0787 0340 TVTI2C (8ab24d4b7da715c2c80455137910e792) C:\Windows\system32\DRIVERS\Tvti2c.sys

2011/02/15 08:41:29.0865 0340 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys

2011/02/15 08:41:29.0912 0340 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

2011/02/15 08:41:30.0005 0340 uliagpkx (5895ef4d0f1424392ee6439250e25677) C:\Windows\system32\drivers\uliagpkx.sys

2011/02/15 08:41:30.0052 0340 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys

2011/02/15 08:41:30.0099 0340 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

2011/02/15 08:41:30.0130 0340 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

2011/02/15 08:41:30.0208 0340 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

2011/02/15 08:41:30.0302 0340 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

2011/02/15 08:41:30.0364 0340 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

2011/02/15 08:41:30.0442 0340 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

2011/02/15 08:41:30.0536 0340 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

2011/02/15 08:41:30.0614 0340 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys

2011/02/15 08:41:30.0645 0340 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

2011/02/15 08:41:30.0692 0340 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

2011/02/15 08:41:30.0739 0340 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2011/02/15 08:41:30.0801 0340 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

2011/02/15 08:41:30.0848 0340 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys

2011/02/15 08:41:30.0910 0340 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys

2011/02/15 08:41:30.0988 0340 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

2011/02/15 08:41:31.0019 0340 viaagp (66e64d5cbeb047c90e65f0962483a5b2) C:\Windows\system32\drivers\viaagp.sys

2011/02/15 08:41:31.0066 0340 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys

2011/02/15 08:41:31.0097 0340 viaide (99f3e24f50b4e9282ca5edc684d012ed) C:\Windows\system32\drivers\viaide.sys

2011/02/15 08:41:31.0175 0340 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

2011/02/15 08:41:31.0253 0340 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

2011/02/15 08:41:31.0347 0340 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

2011/02/15 08:41:31.0394 0340 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys

2011/02/15 08:41:31.0456 0340 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

2011/02/15 08:41:31.0534 0340 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2011/02/15 08:41:31.0550 0340 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2011/02/15 08:41:31.0597 0340 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys

2011/02/15 08:41:31.0690 0340 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

2011/02/15 08:41:31.0831 0340 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys

2011/02/15 08:41:31.0971 0340 WinUSB (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.sys

2011/02/15 08:41:32.0033 0340 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

2011/02/15 08:41:32.0143 0340 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys

2011/02/15 08:41:32.0205 0340 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

2011/02/15 08:41:32.0314 0340 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys

2011/02/15 08:41:32.0408 0340 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys

2011/02/15 08:41:32.0486 0340 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys

2011/02/15 08:41:32.0595 0340 ================================================================================

2011/02/15 08:41:32.0595 0340 Scan finished

2011/02/15 08:41:32.0595 0340 ================================================================================

New DDS:

DDS (Ver_10-12-12.02) - NTFSx86 NETWORK

Run by Lauren at 8:46:12.25 on Tue 02/15/2011

Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_16

Microsoft

Link to post
Share on other sites

Step 1

Please disable Ad-Watch module, part of Ad-Aware:

http://www.bleepingcomputer.com/forums/topic114351.html/page__view__findpost__p__649847

Step 2

  • Launch Malwarebytes' Anti-Malware
  • Go to Update" tab and select Check for Updates.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click [bF0-Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, please post these log(s):

  1. Malwarebytes' Anti-Malware log
  2. a new fresh DDS log only

Link to post
Share on other sites

I am in safe mode still, but I am assuming that does not matter. Does this mean I am finally clear? Thank you so much for your help!!

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 5768

Windows 6.0.6002 Service Pack 2 (Safe Mode)

Internet Explorer 7.0.6002.18005

2/15/2011 10:14:50 AM

mbam-log-2011-02-15 (10-14-50).txt

Scan type: Quick scan

Objects scanned: 149633

Time elapsed: 3 minute(s), 4 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

New DDS:

DDS (Ver_10-12-12.02) - NTFSx86 NETWORK

Run by Lauren at 10:18:05.72 on Tue 02/15/2011

Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_16

Microsoft

Link to post
Share on other sites

Please use regular mode for the last steps.

Sorry for the delay.

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 5768

Windows 6.0.6002 Service Pack 2

Internet Explorer 7.0.6002.18005

2/15/2011 11:07:59 AM

mbam-log-2011-02-15 (11-07-59).txt

Scan type: Quick scan

Objects scanned: 153273

Time elapsed: 8 minute(s), 40 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

New DDS

DDS (Ver_10-12-12.02) - NTFSx86

Run by Lauren at 13:38:37.35 on Tue 02/15/2011

Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_16

Microsoft

Link to post
Share on other sites

Thanks! :rolleyes:

**Note: If you need more detailed information, please visit the web page of ComboFix in BleepingComputer. **

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper.

Please download ComboFix from

Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**

  1. If you are using Firefox, make sure that your download settings are as follows:
    • Open Tools -> Options -> Main tab
    • Set to Always ask me where to Save the files.

[*]During the download, rename Combofix to Combo-Fix as follows:

CF_download_FF.gif

CF_download_rename.gif

[*]It is important you rename Combofix during the download, but not after.

[*]Please do not rename Combofix to other names, but only to the one indicated.

[*]Close any open browsers.

[*]Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

-----------------------------------------------------------

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause unpredictable results.
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

    ----------------------------------------------------


  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

  • Double click on combo-Fix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\Combo-Fix.txt for further review.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

Link to post
Share on other sites

Open Notepad and copy and paste the text in the code box below into it:

File::
c:\program files\temp995.bat
c:\users\Lauren\AppData\Local\Qyiwevinuyozewah.bin

Folder::
c:\programdata\nIcAfKm08514

Save the file to your desktop and name it CFScript.txt

Then drag the CFScript.txt into the ComboFix.exe as shown in the screenshot below.

CFScriptB-4.gif

This will start ComboFix again. It may ask to reboot. Post the contents of Combofix.txt in your next reply.

Note: These instructions and script were created specifically for this user. If you are not this user, do NOT follow these instructions or use this script as it could damage the workings of your system.

Link to post
Share on other sites

ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however may need to disable your current installed Anti-Virus, how to do so can be read here.

  • Please go here then click on: EOLS1.gif
  • Select the option YES, I accept the Terms of Use then click on: EOLS2.gif
  • When prompted allow the Add-On/Active X to install.
  • Now click on Advanced Settings and select the following:

    • Remove found threats
    • Scan archives
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology

[*]Now click on: EOLS3.gif

[*]The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.

When completed the Online Scan will begin automatically.

[*]Do not touch either the Mouse or keyboard during the scan otherwise it may stall.

[*]When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!

[*]Now click on: EOLS4.gif

[*]Use notepad to open the logfile located at C:\Program FilesFw-ESETw-EsetOnlineScanner\log.txt.

[*]Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

Link to post
Share on other sites

The log did not open after I clicked "finish" so I followed the file path and this is the only log I found:

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6419

# api_version=3.0.2

# EOSSerial=d0298479f8867c4c912d6f36221e1fad

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2011-02-17 12:25:04

# local_time=2011-02-16 07:25:04 (-0500, Eastern Standard Time)

# country="United States"

# lang=1033

# osver=6.0.6002 NT Service Pack 2

# compatibility_mode=768 16777215 100 0 0 0 0 0

# compatibility_mode=5892 16776638 100 100 0 134492974 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=195457

# found=3

# cleaned=3

# scan_time=16858

C:\Users\Lauren\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\601d500c-32edd0b9 multiple threats (deleted - quarantined) 00000000000000000000000000000000 C

C:\Users\Lauren\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\c72034e-33988582 multiple threats (deleted - quarantined) 00000000000000000000000000000000 C

C:\Users\Lauren\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\3a5b5f9a-75d08a81 multiple threats (deleted - quarantined) 00000000000000000000000000000000 C

the quarantine folder was not deleted and has 7 files in it. Should I delete them?

Link to post
Share on other sites

My computer seems to be running a lot better- the CPU usage is much lower (only jumps to 60% instead of 100 before with nothing running) and it hasn't frozen or hung up yet. I tried to re-launch Ad-aware and it crashes and tries to send an error report every time. I am not sure if that is a problem with Ad-Aware itself - I could uninstall it and reinstall it and see if that fixes it. Does this mean my machine is clean?

THANK YOU SO VERY VERY much for your help. Does the paypal link go straight to you or does it go into a general fund for the forum?

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.