shortmicheal Posted June 27, 2011 ID:446122 Share Posted June 27, 2011 OK had something nasty called "Clean This" when I powered on this 32bit Vista laptop. Changed settings to allow computer to startup. Found and deleted a program called gog.exe. Downloaded MBAM. Started scan. Scan stopped. Clicked MBAM icon, it gave me error "Window cannot access the specified devise, path, or file. you may not have appropriate permissions.". As per instructions from goldhound I followed all those instructions to get MBAM to scan, none of which worked. I have tried downloading Avira with almost the exact same results, program installs but will crash or stop running when trying to scan. Did Defogger and DDS/GMER. Same results. Program installs and starts scan but crashes to desktop after only a few seconds and gave permissions error when i tried to open from icon on desktop afterwards. Tried ComboFix, downloaded and renamed on desktop. started scan but ran for 3 hours with no results. Please help. I have included Attach.zip for DDS/GMER results Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 30, 2011 ID:447301 Share Posted June 30, 2011 Hello shortmichael and welcome to Malwarebytes! I am D-FRED-BROWN and I will be helping you. Please print or save this topic: it will make it easier for you to follow the instructions and complete all of the necessary steps. -------------Avira AntiVir Rescue System is a Linux-based application that allows accessing computers that cannot be booted anymore.Download The Avira AntiVir Rescue System from here. Just double-click on the rescue system package to burn it to a CD/DVD. Then please use that CD/DVD with Avira Rescue System to boot your computer. At the boot option please press the number 1 on your keyboard to 1 Boot AntiVir Rescue System (default) and press Enter or just wait.You will then see the graphical interface of Rescue CD loading modules and mounting devices. The default language is German, but you can change it to English anytime by clicking on the English flag on the lower-left side of the screen. Under Configuration, please select Scan all files, Try to repair infected files and Rename files if they cannot be removed?.Then please go back to Virus scanner and click Start scanneren.The Avira AntiVir Rescue System wil nowrepair a damaged system,rescue data,scan the system for virus infections.After you have run the Avira Rescue CD, please let me know how your system is running. Then, we'll move on to the next step . Link to post Share on other sites More sharing options...
shortmicheal Posted June 30, 2011 Author ID:447519 Share Posted June 30, 2011 I have not noticed any changes. unistalled MBAM, reinstalled, changed name of install file and exe file. it started to scan then crashed to desktop, and then gave me the same permissions error. I am so lost! Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 30, 2011 ID:447532 Share Posted June 30, 2011 Please download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool: http://www.bleepingcomputer.com/combofix/how-to-use-combofix***IMPORTANT: save ComboFix to your Desktop*** Do NOT run it yet.----------Please reboot to Safe Mode (tap the F8 key just before Windows starts to load and select the Safe Mode option from the menu).----------Locate ComboFix.exe on your Desktop.* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Please go here to see a list of programs that should be disabled.**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall** Please include the C:\ComboFix.txt in your next reply for further review.Also, please let me know if any problems still remain. Link to post Share on other sites More sharing options...
shortmicheal Posted June 30, 2011 Author ID:447649 Share Posted June 30, 2011 ComboFix has been scanning for 2.5 hours now and it seems as if it is frozen. Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 30, 2011 ID:447651 Share Posted June 30, 2011 Okay, force reboot the computer (hold the power button for 8 seconds, then restart).Forget about ComboFix for now...Can you please burn and run the Avira Rescue CD? Link to post Share on other sites More sharing options...
shortmicheal Posted June 30, 2011 Author ID:447652 Share Posted June 30, 2011 btw I did not mouseclick combofix's window but it does seems to have stalled and I uninstalled anything the bleepingcomputer.com suggested would cause problems. Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 30, 2011 ID:447653 Share Posted June 30, 2011 Okay, try downloading and burning the Avira Rescue CD Link to post Share on other sites More sharing options...
shortmicheal Posted June 30, 2011 Author ID:447654 Share Posted June 30, 2011 I did burn and run the rescue CD and it ran its course for an hour and a half it found 8 files and renamed them but I still am having issues Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted June 30, 2011 ID:447655 Share Posted June 30, 2011 Let's try this :Download the latest version of Kaspersky Virus Removal ToolClose all other applications and double-click and run the installer.When the Kaspersky Virus Removal Tool starts, to the right of Security Level click Recommended, and select Settings.In the window that opens (Autoscan), in the Scope tab place a checkmark to the left of Parse email formats. Click the Additional tab and click to place a checkmark to the left of Deep scan, and click OK. Select all the scanable items except for CD-ROM drives and click the Start scan button.If malware is detected, place a checkmark in the Apply to all box, and click the Delete button (or Disinfect if the button is active).After the scan finishes, if any threat remains in the Scan window (Red exclamation point), click the Neutralize all buttonIn the window that opens, place a checkmark in the Apply to all box, and click the Delete button (or Disinfect if the button is active).If advised that a special disinfection procedure is required which demands system reboot: click the Ok button to close the window.In the Scan window click the Reports button and select Save to file.Name the report AVPT.txt, and save it to the Desktop.Close AVPTool.You will be prompted if you want to uninstall the program; click Yes.You will then be prompted that to complete the uninstallation, the computer must be restarted. Select Yes to restart the system.Copy and paste the first part of the report (Detected) that you saved in your next reply. Link to post Share on other sites More sharing options...
shortmicheal Posted July 1, 2011 Author ID:447686 Share Posted July 1, 2011 OK this scans but when it finds something it only gives me the option to delete it and and when i press delete the program crashes and i have to double click install file to get it going again. But when it I start scan it finds the same file and the process repeats i press delete and virus scanner crashes Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted July 1, 2011 ID:447688 Share Posted July 1, 2011 Try running in Safe Mode:Please reboot to Safe Mode (tap the F8 key just before Windows starts to load and select the Safe Mode option from the menu).Locate the Kaspersky Virus Removal tool and run it. Let me know if that helps Link to post Share on other sites More sharing options...
shortmicheal Posted July 1, 2011 Author ID:447689 Share Posted July 1, 2011 I was running in safe mode Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted July 1, 2011 ID:447696 Share Posted July 1, 2011 Can you please download and run the following programs in Safe Mode:------Please download to your Desktop:TDSSKiller.zip from here and extract it (right click on it => "Extract here").>>> TDSSKiller: Double-click on TDSSKiller.exe to run the application.Click on the Start Scan button and wait for the scan and disinfection process to be over.If an infected file is detected, the default action will be Cure, click on Continue If a suspicious file is detected, the default action will be Skip, click on Continue If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.In your next reply, please include the following (you may need to use two posts to get it all in):TDSSKiller_log.txthow the PC is running now?------Please download maxhandle.exe by noahdfear to your desktopDouble click and run the applicationAn active internet connection is required so that maxhandle.exe may download a tool from SysInternals (every time it is run).Log is saved to c:\maxhandle.txtIf Max++ is not found Nothing found! is echoed to the screen - no log is produced.Please post the results for my review------If you are successful, please include the TDSSKiller report and the maxhande log (if one is created). Link to post Share on other sites More sharing options...
shortmicheal Posted July 1, 2011 Author ID:447697 Share Posted July 1, 2011 ok i changed it to prompt when scan completes to solve the previous issue Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted July 1, 2011 ID:447698 Share Posted July 1, 2011 Okay, sounds good . Link to post Share on other sites More sharing options...
shortmicheal Posted July 1, 2011 Author ID:447703 Share Posted July 1, 2011 2011/06/30 20:09:15.0998 0816 TDSS rootkit removing tool 2.5.8.0 Jun 28 2011 19:12:162011/06/30 20:09:16.0513 0816 ================================================================================2011/06/30 20:09:16.0513 0816 SystemInfo:2011/06/30 20:09:16.0513 0816 2011/06/30 20:09:16.0513 0816 OS Version: 6.0.6000 ServicePack: 0.02011/06/30 20:09:16.0513 0816 Product type: Workstation2011/06/30 20:09:16.0513 0816 ComputerName: JOSHKIM-PC2011/06/30 20:09:16.0513 0816 UserName: ADMIN2011/06/30 20:09:16.0513 0816 Windows directory: C:\Windows2011/06/30 20:09:16.0513 0816 System windows directory: C:\Windows2011/06/30 20:09:16.0513 0816 Processor architecture: Intel x862011/06/30 20:09:16.0513 0816 Number of processors: 22011/06/30 20:09:16.0513 0816 Page size: 0x10002011/06/30 20:09:16.0513 0816 Boot type: Safe boot with network2011/06/30 20:09:16.0513 0816 ================================================================================2011/06/30 20:09:17.0480 0816 Initialize success2011/06/30 20:09:21.0629 1260 ================================================================================2011/06/30 20:09:21.0629 1260 Scan started2011/06/30 20:09:21.0629 1260 Mode: Manual; 2011/06/30 20:09:21.0629 1260 ================================================================================2011/06/30 20:09:22.0659 1260 02572941 (7dd41b7ac1fbb1dbf20bb1f4e4fbe58c) C:\Windows\system32\DRIVERS\02572941.sys2011/06/30 20:09:22.0721 1260 02572942 (a305fad3719c5db0c13d1c2bfd08a04d) C:\Windows\system32\DRIVERS\02572942.sys2011/06/30 20:09:22.0799 1260 08268421 (7dd41b7ac1fbb1dbf20bb1f4e4fbe58c) C:\Windows\system32\DRIVERS\08268421.sys2011/06/30 20:09:22.0831 1260 08268422 (a305fad3719c5db0c13d1c2bfd08a04d) C:\Windows\system32\DRIVERS\08268422.sys2011/06/30 20:09:22.0955 1260 1265954242 (8f48c643f4b17f850a2ed7f1fc9df916) C:\Windows\system32\drivers\1265954242.sys2011/06/30 20:09:22.0955 1260 Suspicious file (NoAccess): C:\Windows\system32\drivers\1265954242.sys. md5: 8f48c643f4b17f850a2ed7f1fc9df9162011/06/30 20:09:22.0971 1260 1265954242 - detected LockedFile.Multi.Generic (1)2011/06/30 20:09:23.0018 1260 17532381 (7dd41b7ac1fbb1dbf20bb1f4e4fbe58c) C:\Windows\system32\DRIVERS\17532381.sys2011/06/30 20:09:23.0096 1260 17532382 (a305fad3719c5db0c13d1c2bfd08a04d) C:\Windows\system32\DRIVERS\17532382.sys2011/06/30 20:09:23.0236 1260 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys2011/06/30 20:09:23.0314 1260 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys2011/06/30 20:09:23.0408 1260 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys2011/06/30 20:09:23.0470 1260 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys2011/06/30 20:09:23.0517 1260 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys2011/06/30 20:09:23.0642 1260 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys2011/06/30 20:09:23.0720 1260 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys2011/06/30 20:09:23.0782 1260 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys2011/06/30 20:09:23.0813 1260 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys2011/06/30 20:09:23.0860 1260 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys2011/06/30 20:09:23.0907 1260 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys2011/06/30 20:09:24.0001 1260 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys2011/06/30 20:09:24.0032 1260 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys2011/06/30 20:09:24.0172 1260 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys2011/06/30 20:09:24.0203 1260 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys2011/06/30 20:09:24.0250 1260 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys2011/06/30 20:09:24.0297 1260 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys2011/06/30 20:09:24.0453 1260 BCM43XV (746f59822a5187510471fc46889b8cc9) C:\Windows\system32\DRIVERS\bcmwl6.sys2011/06/30 20:09:24.0500 1260 BCM43XX (746f59822a5187510471fc46889b8cc9) C:\Windows\system32\DRIVERS\bcmwl6.sys2011/06/30 20:09:24.0593 1260 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys2011/06/30 20:09:24.0703 1260 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys2011/06/30 20:09:24.0812 1260 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys2011/06/30 20:09:24.0843 1260 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys2011/06/30 20:09:24.0905 1260 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys2011/06/30 20:09:24.0999 1260 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys2011/06/30 20:09:25.0030 1260 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys2011/06/30 20:09:25.0061 1260 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys2011/06/30 20:09:25.0124 1260 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys2011/06/30 20:09:25.0373 1260 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys2011/06/30 20:09:25.0451 1260 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys2011/06/30 20:09:25.0498 1260 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys2011/06/30 20:09:25.0592 1260 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys2011/06/30 20:09:25.0654 1260 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys2011/06/30 20:09:25.0701 1260 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys2011/06/30 20:09:25.0779 1260 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys2011/06/30 20:09:25.0841 1260 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys2011/06/30 20:09:25.0873 1260 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys2011/06/30 20:09:25.0951 1260 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys2011/06/30 20:09:26.0060 1260 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys2011/06/30 20:09:26.0153 1260 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys2011/06/30 20:09:26.0216 1260 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys2011/06/30 20:09:26.0341 1260 E100B (c0b00e55cf82d122d25983c7a6a53dea) C:\Windows\system32\DRIVERS\e100b325.sys2011/06/30 20:09:26.0372 1260 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys2011/06/30 20:09:26.0481 1260 eabfiltr (e88b0cfcecf745211bba87f44f85d0dd) C:\Windows\system32\DRIVERS\eabfiltr.sys2011/06/30 20:09:26.0559 1260 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys2011/06/30 20:09:26.0715 1260 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys2011/06/30 20:09:26.0855 1260 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys2011/06/30 20:09:26.0902 1260 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys2011/06/30 20:09:27.0027 1260 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys2011/06/30 20:09:27.0058 1260 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys2011/06/30 20:09:27.0105 1260 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys2011/06/30 20:09:27.0136 1260 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys2011/06/30 20:09:27.0183 1260 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys2011/06/30 20:09:27.0308 1260 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys2011/06/30 20:09:27.0370 1260 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys2011/06/30 20:09:27.0495 1260 HBtnKey (de15777902a5d9121857d155873a1d1b) C:\Windows\system32\DRIVERS\cpqbttn.sys2011/06/30 20:09:27.0573 1260 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys2011/06/30 20:09:27.0682 1260 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys2011/06/30 20:09:27.0729 1260 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys2011/06/30 20:09:27.0776 1260 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys2011/06/30 20:09:27.0901 1260 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys2011/06/30 20:09:27.0979 1260 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys2011/06/30 20:09:28.0103 1260 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS2011/06/30 20:09:28.0150 1260 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS2011/06/30 20:09:28.0306 1260 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys2011/06/30 20:09:28.0400 1260 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys2011/06/30 20:09:28.0493 1260 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys2011/06/30 20:09:28.0649 1260 ialm (1b954f2bcb244596da704dc8c7729930) C:\Windows\system32\DRIVERS\igdkmd32.sys2011/06/30 20:09:28.0837 1260 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\DRIVERS\iaStor.sys2011/06/30 20:09:28.0883 1260 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys2011/06/30 20:09:29.0039 1260 igfx (1b954f2bcb244596da704dc8c7729930) C:\Windows\system32\DRIVERS\igdkmd32.sys2011/06/30 20:09:29.0149 1260 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys2011/06/30 20:09:29.0258 1260 IntcAzAudAddService (8d7eb1fd498fd0a34c95a298685ec1c7) C:\Windows\system32\drivers\RTKVHDA.sys2011/06/30 20:09:29.0429 1260 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys2011/06/30 20:09:29.0476 1260 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys2011/06/30 20:09:29.0601 1260 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys2011/06/30 20:09:29.0663 1260 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys2011/06/30 20:09:29.0679 1260 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys2011/06/30 20:09:29.0726 1260 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys2011/06/30 20:09:29.0757 1260 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys2011/06/30 20:09:29.0804 1260 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys2011/06/30 20:09:29.0835 1260 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys2011/06/30 20:09:29.0929 1260 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys2011/06/30 20:09:29.0975 1260 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys2011/06/30 20:09:30.0007 1260 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys2011/06/30 20:09:30.0085 1260 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys2011/06/30 20:09:30.0241 1260 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys2011/06/30 20:09:30.0303 1260 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys2011/06/30 20:09:30.0350 1260 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys2011/06/30 20:09:30.0397 1260 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys2011/06/30 20:09:30.0490 1260 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys2011/06/30 20:09:30.0599 1260 MBAMProtector (3d2c13377763eeac0ca6fb46f57217ed) C:\Windows\system32\drivers\mbam.sys2011/06/30 20:09:30.0693 1260 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys2011/06/30 20:09:30.0755 1260 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys2011/06/30 20:09:30.0818 1260 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys2011/06/30 20:09:30.0880 1260 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys2011/06/30 20:09:30.0927 1260 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys2011/06/30 20:09:30.0958 1260 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys2011/06/30 20:09:31.0052 1260 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys2011/06/30 20:09:31.0099 1260 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys2011/06/30 20:09:31.0130 1260 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys2011/06/30 20:09:31.0208 1260 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys2011/06/30 20:09:31.0286 1260 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys2011/06/30 20:09:31.0333 1260 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys2011/06/30 20:09:31.0348 1260 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys2011/06/30 20:09:31.0411 1260 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys2011/06/30 20:09:31.0473 1260 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys2011/06/30 20:09:31.0551 1260 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys2011/06/30 20:09:31.0598 1260 msisadrv (2c3f1983cd3629573cb9e9658247847a) C:\Windows\system32\drivers\msisadrv.sys2011/06/30 20:09:31.0707 1260 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys2011/06/30 20:09:31.0754 1260 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys2011/06/30 20:09:31.0785 1260 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys2011/06/30 20:09:31.0816 1260 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys2011/06/30 20:09:31.0910 1260 mssmbios (1f6f7159c75e4b27d138b5225808860f) C:\Windows\system32\DRIVERS\mssmbios.sys2011/06/30 20:09:31.0957 1260 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys2011/06/30 20:09:31.0972 1260 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys2011/06/30 20:09:32.0097 1260 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys2011/06/30 20:09:32.0175 1260 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys2011/06/30 20:09:32.0269 1260 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys2011/06/30 20:09:32.0331 1260 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys2011/06/30 20:09:32.0362 1260 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys2011/06/30 20:09:32.0393 1260 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys2011/06/30 20:09:32.0440 1260 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys2011/06/30 20:09:32.0534 1260 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys2011/06/30 20:09:32.0596 1260 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys2011/06/30 20:09:32.0627 1260 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys2011/06/30 20:09:32.0721 1260 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys2011/06/30 20:09:32.0846 1260 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys2011/06/30 20:09:32.0893 1260 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys2011/06/30 20:09:32.0908 1260 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys2011/06/30 20:09:32.0971 1260 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys2011/06/30 20:09:33.0064 1260 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys2011/06/30 20:09:33.0205 1260 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys2011/06/30 20:09:33.0345 1260 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys2011/06/30 20:09:33.0407 1260 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys2011/06/30 20:09:33.0470 1260 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys2011/06/30 20:09:33.0548 1260 pci (5bedd5e1416da009c4f24adf8da13773) C:\Windows\system32\drivers\pci.sys2011/06/30 20:09:33.0626 1260 pciide (caba65e9c41cd2900d4c92d4f825c5f8) C:\Windows\system32\DRIVERS\pciide.sys2011/06/30 20:09:33.0688 1260 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys2011/06/30 20:09:33.0797 1260 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys2011/06/30 20:09:34.0000 1260 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys2011/06/30 20:09:34.0063 1260 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys2011/06/30 20:09:34.0141 1260 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys2011/06/30 20:09:34.0234 1260 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys2011/06/30 20:09:34.0343 1260 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys2011/06/30 20:09:34.0468 1260 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys2011/06/30 20:09:34.0515 1260 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys2011/06/30 20:09:34.0531 1260 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys2011/06/30 20:09:34.0577 1260 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys2011/06/30 20:09:34.0702 1260 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys2011/06/30 20:09:34.0765 1260 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys2011/06/30 20:09:34.0796 1260 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys2011/06/30 20:09:34.0843 1260 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys2011/06/30 20:09:34.0952 1260 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys2011/06/30 20:09:34.0983 1260 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys2011/06/30 20:09:35.0077 1260 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys2011/06/30 20:09:35.0170 1260 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys2011/06/30 20:09:35.0201 1260 rismxdp (c663af77e2f4eabf8eb08b388d2f1f36) C:\Windows\system32\DRIVERS\rixdptsk.sys2011/06/30 20:09:35.0279 1260 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys2011/06/30 20:09:35.0342 1260 RTL8169 (71b7026d61293c1e91145bdad11c53bf) C:\Windows\system32\DRIVERS\Rtlh86.sys2011/06/30 20:09:35.0451 1260 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys2011/06/30 20:09:35.0513 1260 sdbus (7b3973cc28b8aa3e9e2e5d53e720e2c9) C:\Windows\system32\DRIVERS\sdbus.sys2011/06/30 20:09:35.0560 1260 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys2011/06/30 20:09:35.0607 1260 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys2011/06/30 20:09:35.0716 1260 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys2011/06/30 20:09:35.0763 1260 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys2011/06/30 20:09:35.0825 1260 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\DRIVERS\sffdisk.sys2011/06/30 20:09:35.0935 1260 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys2011/06/30 20:09:36.0122 1260 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\DRIVERS\sffp_sd.sys2011/06/30 20:09:36.0262 1260 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys2011/06/30 20:09:36.0309 1260 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys2011/06/30 20:09:36.0340 1260 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys2011/06/30 20:09:36.0371 1260 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys2011/06/30 20:09:36.0496 1260 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys2011/06/30 20:09:36.0574 1260 smserial (3850aba97b31094f93bcbe94d6abbe22) C:\Windows\system32\DRIVERS\smserial.sys2011/06/30 20:09:36.0730 1260 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys2011/06/30 20:09:36.0793 1260 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys2011/06/30 20:09:36.0902 1260 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys2011/06/30 20:09:36.0949 1260 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys2011/06/30 20:09:37.0042 1260 swenum (92894dd7fdd62af808b1409b73af9c73) C:\Windows\system32\DRIVERS\swenum.sys2011/06/30 20:09:37.0136 1260 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys2011/06/30 20:09:37.0167 1260 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys2011/06/30 20:09:37.0214 1260 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys2011/06/30 20:09:37.0292 1260 SynTP (8327106d1c93e9a7b98e63b9fcc24bb7) C:\Windows\system32\DRIVERS\SynTP.sys2011/06/30 20:09:37.0448 1260 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys2011/06/30 20:09:37.0588 1260 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys2011/06/30 20:09:37.0697 1260 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys2011/06/30 20:09:37.0744 1260 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys2011/06/30 20:09:37.0791 1260 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys2011/06/30 20:09:37.0853 1260 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys2011/06/30 20:09:37.0963 1260 TermDD (85908da29af0ab835048107ad2ad07d1) C:\Windows\system32\DRIVERS\termdd.sys2011/06/30 20:09:38.0056 1260 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys2011/06/30 20:09:38.0103 1260 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys2011/06/30 20:09:38.0212 1260 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys2011/06/30 20:09:38.0259 1260 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys2011/06/30 20:09:38.0306 1260 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys2011/06/30 20:09:38.0368 1260 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys2011/06/30 20:09:38.0462 1260 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys2011/06/30 20:09:38.0524 1260 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys2011/06/30 20:09:38.0571 1260 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys2011/06/30 20:09:38.0665 1260 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys2011/06/30 20:09:38.0758 1260 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys2011/06/30 20:09:38.0883 1260 usbaudio (f6bf998ae33e3fb6c7d27f0560f1173f) C:\Windows\system32\drivers\usbaudio.sys2011/06/30 20:09:38.0930 1260 usbccgp (ed74360cbb08d69decd0588464a199a8) C:\Windows\system32\DRIVERS\usbccgp.sys2011/06/30 20:09:38.0977 1260 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys2011/06/30 20:09:39.0070 1260 usbehci (518fe49c2cb56623ded9c35fa6cbea35) C:\Windows\system32\DRIVERS\usbehci.sys2011/06/30 20:09:39.0117 1260 usbhub (cc01a1353aa160504d6814a554d6b4be) C:\Windows\system32\DRIVERS\usbhub.sys2011/06/30 20:09:39.0164 1260 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys2011/06/30 20:09:39.0242 1260 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys2011/06/30 20:09:39.0289 1260 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS2011/06/30 20:09:39.0335 1260 usbuhci (e8043983ee9ee02d60c45b0c6d3675b4) C:\Windows\system32\DRIVERS\usbuhci.sys2011/06/30 20:09:39.0445 1260 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys2011/06/30 20:09:39.0523 1260 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys2011/06/30 20:09:39.0601 1260 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys2011/06/30 20:09:39.0647 1260 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys2011/06/30 20:09:39.0663 1260 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys2011/06/30 20:09:39.0710 1260 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys2011/06/30 20:09:39.0835 1260 volmgr (d9e9490c960624c416fbde080deeb7fe) C:\Windows\system32\drivers\volmgr.sys2011/06/30 20:09:39.0850 1260 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys2011/06/30 20:09:39.0913 1260 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys2011/06/30 20:09:40.0022 1260 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys2011/06/30 20:09:40.0084 1260 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys2011/06/30 20:09:40.0147 1260 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys2011/06/30 20:09:40.0178 1260 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys2011/06/30 20:09:40.0287 1260 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys2011/06/30 20:09:40.0365 1260 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys2011/06/30 20:09:40.0552 1260 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS2011/06/30 20:09:40.0739 1260 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys2011/06/30 20:09:40.0849 1260 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys2011/06/30 20:09:40.0942 1260 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys2011/06/30 20:09:41.0020 1260 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys2011/06/30 20:09:41.0098 1260 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR02011/06/30 20:09:41.0145 1260 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR12011/06/30 20:09:41.0161 1260 Boot (0x1200) (3978cfe1bb5f0845e947a37d1ae158ee) \Device\Harddisk0\DR0\Partition02011/06/30 20:09:41.0192 1260 Boot (0x1200) (3f8595484cfc3f1d07c82c8d8a7612eb) \Device\Harddisk0\DR0\Partition12011/06/30 20:09:41.0207 1260 Boot (0x1200) (c6b6fc3fdbc47fe390ad173542398aab) \Device\Harddisk1\DR1\Partition02011/06/30 20:09:41.0223 1260 ================================================================================2011/06/30 20:09:41.0223 1260 Scan finished2011/06/30 20:09:41.0223 1260 ================================================================================2011/06/30 20:09:41.0254 1180 Detected object count: 12011/06/30 20:09:41.0254 1180 Actual detected object count: 12011/06/30 20:10:01.0909 1180 LockedFile.Multi.Generic(1265954242) - User select action: Skip 2011/06/30 20:10:26.0307 0296 ================================================================================2011/06/30 20:10:26.0307 0296 Scan started2011/06/30 20:10:26.0307 0296 Mode: Manual; 2011/06/30 20:10:26.0307 0296 ================================================================================2011/06/30 20:10:26.0791 0296 02572941 (7dd41b7ac1fbb1dbf20bb1f4e4fbe58c) C:\Windows\system32\DRIVERS\02572941.sys2011/06/30 20:10:26.0869 0296 02572942 (a305fad3719c5db0c13d1c2bfd08a04d) C:\Windows\system32\DRIVERS\02572942.sys2011/06/30 20:10:26.0931 0296 08268421 (7dd41b7ac1fbb1dbf20bb1f4e4fbe58c) C:\Windows\system32\DRIVERS\08268421.sys2011/06/30 20:10:27.0040 0296 08268422 (a305fad3719c5db0c13d1c2bfd08a04d) C:\Windows\system32\DRIVERS\08268422.sys2011/06/30 20:10:27.0103 0296 1265954242 (8f48c643f4b17f850a2ed7f1fc9df916) C:\Windows\system32\drivers\1265954242.sys2011/06/30 20:10:27.0103 0296 Suspicious file (NoAccess): C:\Windows\system32\drivers\1265954242.sys. md5: 8f48c643f4b17f850a2ed7f1fc9df9162011/06/30 20:10:27.0118 0296 1265954242 - detected LockedFile.Multi.Generic (1)2011/06/30 20:10:27.0165 0296 17532381 (7dd41b7ac1fbb1dbf20bb1f4e4fbe58c) C:\Windows\system32\DRIVERS\17532381.sys2011/06/30 20:10:27.0196 0296 17532382 (a305fad3719c5db0c13d1c2bfd08a04d) C:\Windows\system32\DRIVERS\17532382.sys2011/06/30 20:10:27.0337 0296 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys2011/06/30 20:10:27.0383 0296 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys2011/06/30 20:10:27.0461 0296 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys2011/06/30 20:10:27.0508 0296 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys2011/06/30 20:10:27.0539 0296 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys2011/06/30 20:10:27.0602 0296 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys2011/06/30 20:10:27.0633 0296 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys2011/06/30 20:10:27.0727 0296 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys2011/06/30 20:10:27.0773 0296 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys2011/06/30 20:10:27.0805 0296 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys2011/06/30 20:10:27.0820 0296 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys2011/06/30 20:10:27.0867 0296 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys2011/06/30 20:10:27.0961 0296 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys2011/06/30 20:10:28.0007 0296 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys2011/06/30 20:10:28.0039 0296 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys2011/06/30 20:10:28.0070 0296 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys2011/06/30 20:10:28.0117 0296 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys2011/06/30 20:10:28.0210 0296 BCM43XV (746f59822a5187510471fc46889b8cc9) C:\Windows\system32\DRIVERS\bcmwl6.sys2011/06/30 20:10:28.0241 0296 BCM43XX (746f59822a5187510471fc46889b8cc9) C:\Windows\system32\DRIVERS\bcmwl6.sys2011/06/30 20:10:28.0351 0296 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys2011/06/30 20:10:28.0475 0296 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys2011/06/30 20:10:28.0507 0296 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys2011/06/30 20:10:28.0538 0296 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys2011/06/30 20:10:28.0616 0296 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys2011/06/30 20:10:28.0678 0296 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys2011/06/30 20:10:28.0741 0296 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys2011/06/30 20:10:28.0787 0296 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys2011/06/30 20:10:28.0865 0296 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys2011/06/30 20:10:29.0037 0296 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys2011/06/30 20:10:29.0099 0296 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys2011/06/30 20:10:29.0146 0296 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys2011/06/30 20:10:29.0224 0296 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys2011/06/30 20:10:29.0302 0296 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys2011/06/30 20:10:29.0365 0296 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys2011/06/30 20:10:29.0443 0296 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys2011/06/30 20:10:29.0474 0296 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys2011/06/30 20:10:29.0505 0296 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys2011/06/30 20:10:29.0614 0296 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys2011/06/30 20:10:29.0645 0296 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys2011/06/30 20:10:29.0708 0296 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys2011/06/30 20:10:29.0801 0296 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys2011/06/30 20:10:29.0911 0296 E100B (c0b00e55cf82d122d25983c7a6a53dea) C:\Windows\system32\DRIVERS\e100b325.sys2011/06/30 20:10:29.0942 0296 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys2011/06/30 20:10:29.0973 0296 eabfiltr (e88b0cfcecf745211bba87f44f85d0dd) C:\Windows\system32\DRIVERS\eabfiltr.sys2011/06/30 20:10:30.0035 0296 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys2011/06/30 20:10:30.0176 0296 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys2011/06/30 20:10:30.0238 0296 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys2011/06/30 20:10:30.0269 0296 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys2011/06/30 20:10:30.0394 0296 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys2011/06/30 20:10:30.0441 0296 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys2011/06/30 20:10:30.0472 0296 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys2011/06/30 20:10:30.0503 0296 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys2011/06/30 20:10:30.0535 0296 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys2011/06/30 20:10:30.0644 0296 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys2011/06/30 20:10:30.0691 0296 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys2011/06/30 20:10:30.0769 0296 HBtnKey (de15777902a5d9121857d155873a1d1b) C:\Windows\system32\DRIVERS\cpqbttn.sys2011/06/30 20:10:30.0878 0296 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys2011/06/30 20:10:30.0940 0296 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys2011/06/30 20:10:30.0956 0296 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys2011/06/30 20:10:31.0081 0296 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys2011/06/30 20:10:31.0143 0296 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys2011/06/30 20:10:31.0205 0296 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys2011/06/30 20:10:31.0315 0296 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS2011/06/30 20:10:31.0393 0296 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS2011/06/30 20:10:31.0517 0296 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys2011/06/30 20:10:31.0549 0296 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys2011/06/30 20:10:31.0595 0296 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys2011/06/30 20:10:31.0751 0296 ialm (1b954f2bcb244596da704dc8c7729930) C:\Windows\system32\DRIVERS\igdkmd32.sys2011/06/30 20:10:31.0861 0296 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\DRIVERS\iaStor.sys2011/06/30 20:10:31.0923 0296 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys2011/06/30 20:10:32.0032 0296 igfx (1b954f2bcb244596da704dc8c7729930) C:\Windows\system32\DRIVERS\igdkmd32.sys2011/06/30 20:10:32.0157 0296 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys2011/06/30 20:10:32.0266 0296 IntcAzAudAddService (8d7eb1fd498fd0a34c95a298685ec1c7) C:\Windows\system32\drivers\RTKVHDA.sys2011/06/30 20:10:32.0375 0296 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys2011/06/30 20:10:32.0422 0296 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys2011/06/30 20:10:32.0438 0296 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys2011/06/30 20:10:32.0516 0296 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys2011/06/30 20:10:32.0547 0296 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys2011/06/30 20:10:32.0578 0296 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys2011/06/30 20:10:32.0625 0296 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys2011/06/30 20:10:32.0656 0296 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys2011/06/30 20:10:32.0750 0296 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys2011/06/30 20:10:32.0765 0296 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys2011/06/30 20:10:32.0828 0296 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys2011/06/30 20:10:32.0875 0296 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys2011/06/30 20:10:32.0937 0296 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys2011/06/30 20:10:33.0077 0296 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys2011/06/30 20:10:33.0140 0296 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys2011/06/30 20:10:33.0171 0296 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys2011/06/30 20:10:33.0187 0296 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys2011/06/30 20:10:33.0296 0296 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys2011/06/30 20:10:33.0374 0296 MBAMProtector (3d2c13377763eeac0ca6fb46f57217ed) C:\Windows\system32\drivers\mbam.sys2011/06/30 20:10:33.0421 0296 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys2011/06/30 20:10:33.0483 0296 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys2011/06/30 20:10:33.0561 0296 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys2011/06/30 20:10:33.0608 0296 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys2011/06/30 20:10:33.0639 0296 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys2011/06/30 20:10:33.0733 0296 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys2011/06/30 20:10:33.0764 0296 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys2011/06/30 20:10:33.0811 0296 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys2011/06/30 20:10:33.0889 0296 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys2011/06/30 20:10:33.0920 0296 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys2011/06/30 20:10:33.0967 0296 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys2011/06/30 20:10:34.0013 0296 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys2011/06/30 20:10:34.0076 0296 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys2011/06/30 20:10:34.0138 0296 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys2011/06/30 20:10:34.0169 0296 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys2011/06/30 20:10:34.0216 0296 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys2011/06/30 20:10:34.0294 0296 msisadrv (2c3f1983cd3629573cb9e9658247847a) C:\Windows\system32\drivers\msisadrv.sys2011/06/30 20:10:34.0357 0296 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys2011/06/30 20:10:34.0388 0296 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys2011/06/30 20:10:34.0466 0296 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys2011/06/30 20:10:34.0513 0296 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys2011/06/30 20:10:34.0575 0296 mssmbios (1f6f7159c75e4b27d138b5225808860f) C:\Windows\system32\DRIVERS\mssmbios.sys2011/06/30 20:10:34.0669 0296 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys2011/06/30 20:10:34.0715 0296 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys2011/06/30 20:10:34.0778 0296 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys2011/06/30 20:10:34.0871 0296 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys2011/06/30 20:10:34.0918 0296 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys2011/06/30 20:10:34.0965 0296 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys2011/06/30 20:10:35.0027 0296 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys2011/06/30 20:10:35.0059 0296 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys2011/06/30 20:10:35.0105 0296 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys2011/06/30 20:10:35.0168 0296 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys2011/06/30 20:10:35.0230 0296 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys2011/06/30 20:10:35.0308 0296 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys2011/06/30 20:10:35.0402 0296 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys2011/06/30 20:10:35.0527 0296 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys2011/06/30 20:10:35.0542 0296 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys2011/06/30 20:10:35.0589 0296 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys2011/06/30 20:10:35.0620 0296 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys2011/06/30 20:10:35.0714 0296 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys2011/06/30 20:10:35.0807 0296 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys2011/06/30 20:10:35.0854 0296 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys2011/06/30 20:10:35.0885 0296 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys2011/06/30 20:10:36.0010 0296 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys2011/06/30 20:10:36.0073 0296 pci (5bedd5e1416da009c4f24adf8da13773) C:\Windows\system32\drivers\pci.sys2011/06/30 20:10:36.0182 0296 pciide (caba65e9c41cd2900d4c92d4f825c5f8) C:\Windows\system32\DRIVERS\pciide.sys2011/06/30 20:10:36.0229 0296 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys2011/06/30 20:10:36.0275 0296 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys2011/06/30 20:10:36.0463 0296 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys2011/06/30 20:10:36.0525 0296 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys2011/06/30 20:10:36.0603 0296 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys2011/06/30 20:10:36.0697 0296 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys2011/06/30 20:10:36.0775 0296 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys2011/06/30 20:10:36.0899 0296 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys2011/06/30 20:10:36.0946 0296 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys2011/06/30 20:10:36.0962 0296 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys2011/06/30 20:10:37.0024 0296 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys2011/06/30 20:10:37.0133 0296 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys2011/06/30 20:10:37.0180 0296 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys2011/06/30 20:10:37.0211 0296 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys2011/06/30 20:10:37.0258 0296 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys2011/06/30 20:10:37.0367 0296 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys2011/06/30 20:10:37.0414 0296 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys2011/06/30 20:10:37.0477 0296 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys2011/06/30 20:10:37.0492 0296 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys2011/06/30 20:10:37.0586 0296 rismxdp (c663af77e2f4eabf8eb08b388d2f1f36) C:\Windows\system32\DRIVERS\rixdptsk.sys2011/06/30 20:10:37.0648 0296 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys2011/06/30 20:10:37.0695 0296 RTL8169 (71b7026d61293c1e91145bdad11c53bf) C:\Windows\system32\DRIVERS\Rtlh86.sys2011/06/30 20:10:37.0742 0296 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys2011/06/30 20:10:37.0867 0296 sdbus (7b3973cc28b8aa3e9e2e5d53e720e2c9) C:\Windows\system32\DRIVERS\sdbus.sys2011/06/30 20:10:37.0929 0296 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys2011/06/30 20:10:37.0976 0296 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys2011/06/30 20:10:38.0007 0296 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys2011/06/30 20:10:38.0116 0296 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys2011/06/30 20:10:38.0194 0296 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\DRIVERS\sffdisk.sys2011/06/30 20:10:38.0241 0296 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys2011/06/30 20:10:38.0319 0296 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\DRIVERS\sffp_sd.sys2011/06/30 20:10:38.0350 0296 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys2011/06/30 20:10:38.0397 0296 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys2011/06/30 20:10:38.0444 0296 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys2011/06/30 20:10:38.0475 0296 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys2011/06/30 20:10:38.0569 0296 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys2011/06/30 20:10:38.0631 0296 smserial (3850aba97b31094f93bcbe94d6abbe22) C:\Windows\system32\DRIVERS\smserial.sys2011/06/30 20:10:38.0771 0296 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys2011/06/30 20:10:38.0834 0296 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys2011/06/30 20:10:38.0927 0296 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys2011/06/30 20:10:38.0943 0296 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys2011/06/30 20:10:39.0037 0296 swenum (92894dd7fdd62af808b1409b73af9c73) C:\Windows\system32\DRIVERS\swenum.sys2011/06/30 20:10:39.0083 0296 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys2011/06/30 20:10:39.0177 0296 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys2011/06/30 20:10:39.0208 0296 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys2011/06/30 20:10:39.0255 0296 SynTP (8327106d1c93e9a7b98e63b9fcc24bb7) C:\Windows\system32\DRIVERS\SynTP.sys2011/06/30 20:10:39.0364 0296 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys2011/06/30 20:10:39.0489 0296 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys2011/06/30 20:10:39.0614 0296 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys2011/06/30 20:10:39.0645 0296 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys2011/06/30 20:10:39.0707 0296 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys2011/06/30 20:10:39.0770 0296 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys2011/06/30 20:10:39.0863 0296 TermDD (85908da29af0ab835048107ad2ad07d1) C:\Windows\system32\DRIVERS\termdd.sys2011/06/30 20:10:39.0973 0296 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys2011/06/30 20:10:40.0004 0296 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys2011/06/30 20:10:40.0097 0296 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys2011/06/30 20:10:40.0144 0296 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys2011/06/30 20:10:40.0175 0296 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys2011/06/30 20:10:40.0238 0296 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys2011/06/30 20:10:40.0347 0296 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys2011/06/30 20:10:40.0378 0296 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys2011/06/30 20:10:40.0425 0296 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys2011/06/30 20:10:40.0441 0296 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys2011/06/30 20:10:40.0581 0296 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys2011/06/30 20:10:40.0643 0296 usbaudio (f6bf998ae33e3fb6c7d27f0560f1173f) C:\Windows\system32\drivers\usbaudio.sys2011/06/30 20:10:40.0675 0296 usbccgp (ed74360cbb08d69decd0588464a199a8) C:\Windows\system32\DRIVERS\usbccgp.sys2011/06/30 20:10:40.0784 0296 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys2011/06/30 20:10:40.0815 0296 usbehci (518fe49c2cb56623ded9c35fa6cbea35) C:\Windows\system32\DRIVERS\usbehci.sys2011/06/30 20:10:40.0877 0296 usbhub (cc01a1353aa160504d6814a554d6b4be) C:\Windows\system32\DRIVERS\usbhub.sys2011/06/30 20:10:40.0987 0296 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys2011/06/30 20:10:41.0018 0296 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys2011/06/30 20:10:41.0065 0296 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS2011/06/30 20:10:41.0111 0296 usbuhci (e8043983ee9ee02d60c45b0c6d3675b4) C:\Windows\system32\DRIVERS\usbuhci.sys2011/06/30 20:10:41.0221 0296 usbvideo (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys2011/06/30 20:10:41.0283 0296 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys2011/06/30 20:10:41.0299 0296 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys2011/06/30 20:10:41.0392 0296 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys2011/06/30 20:10:41.0423 0296 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys2011/06/30 20:10:41.0470 0296 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys2011/06/30 20:10:41.0501 0296 volmgr (d9e9490c960624c416fbde080deeb7fe) C:\Windows\system32\drivers\volmgr.sys2011/06/30 20:10:41.0579 0296 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys2011/06/30 20:10:41.0642 0296 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys2011/06/30 20:10:41.0689 0296 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys2011/06/30 20:10:41.0751 0296 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys2011/06/30 20:10:41.0845 0296 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys2011/06/30 20:10:41.0860 0296 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys2011/06/30 20:10:41.0907 0296 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys2011/06/30 20:10:41.0969 0296 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys2011/06/30 20:10:42.0110 0296 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS2011/06/30 20:10:42.0281 0296 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys2011/06/30 20:10:42.0391 0296 WpdUsb (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys2011/06/30 20:10:42.0422 0296 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys2011/06/30 20:10:42.0547 0296 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys2011/06/30 20:10:42.0609 0296 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR02011/06/30 20:10:42.0656 0296 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR12011/06/30 20:10:42.0671 0296 Boot (0x1200) (3978cfe1bb5f0845e947a37d1ae158ee) \Device\Harddisk0\DR0\Partition02011/06/30 20:10:42.0703 0296 Boot (0x1200) (3f8595484cfc3f1d07c82c8d8a7612eb) \Device\Harddisk0\DR0\Partition12011/06/30 20:10:42.0734 0296 Boot (0x1200) (c6b6fc3fdbc47fe390ad173542398aab) \Device\Harddisk1\DR1\Partition02011/06/30 20:10:42.0734 0296 ================================================================================2011/06/30 20:10:42.0734 0296 Scan finished2011/06/30 20:10:42.0734 0296 ================================================================================2011/06/30 20:10:42.0765 0820 Detected object count: 12011/06/30 20:10:42.0765 0820 Actual detected object count: 12011/06/30 20:11:08.0614 0820 LockedFile.Multi.Generic(1265954242) - User select action: Skip 2011/06/30 20:11:57.0458 1620 Deinitialize successMax++ found nothing. Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted July 1, 2011 ID:447707 Share Posted July 1, 2011 My apologies for the delay- I'm dealing with nearly 30 different people on 3 different computer help sites, so I may be a little slow in replying at times. Please be patient Please navigate to Start > All Programs > Accessories > Notepad.lnkCopy and paste the following:@echo offnet stop 1265954242del C:\Windows\system32\drivers\1265954242.sysClick on File, then Save As:under File Name, type shortmichael.batunder Save As Type, choose All FilesSave the file to your Desktop.Now, navigate to your Desktop, Right-click on shortmichael.bat, and click Run as Administrator.----------If you are now able to run ComboFix after this, please do, and post the log that it creates in your next reply . Link to post Share on other sites More sharing options...
shortmicheal Posted July 1, 2011 Author ID:447731 Share Posted July 1, 2011 how long should combofix be running its been an hour and a half and the computer is locked up nothing works no mouse nothing. This seems to be a a very nasty little bug. Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted July 1, 2011 ID:447732 Share Posted July 1, 2011 That is very odd. Go ahead and force reboot for now. I will post back later tonight with a new set of instructions. Link to post Share on other sites More sharing options...
shortmicheal Posted July 1, 2011 Author ID:447735 Share Posted July 1, 2011 ok thank you very much I am so glad people like you are willing to help people like me in times of need! Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted July 1, 2011 ID:447741 Share Posted July 1, 2011 ok thank you very much I am so glad people like you are willing to help people like me in times of need! No problem .Please locate a known clean computer.Please visit this website for instructions and download links for the Kaspersky Rescue Disk: http://support.kaspersky.com/viruses/rescuedisk/all?qid=208282163NOTE: You will needs a USB Flash drive, and it will need to be formatted in a FAT16 or FAT32 file system. If you need help with this, please let me know before you proceed with anything.Please let me know if this removes any malware. We need to get your computer in a working state before we try any other cleanup methods . Link to post Share on other sites More sharing options...
shortmicheal Posted July 1, 2011 Author ID:447761 Share Posted July 1, 2011 ok followed all instructions to install iso onto usb flashdrive that had been formated to fat16. says it was loaded sucessfully. changed boot order on infected computer to boot from usb drive. but when it boots it ony show a blinking cursor and a blank screen. I left it there thinking it would change but it did nothing else except blink that cursor. Link to post Share on other sites More sharing options...
D-FRED-BROWN Posted July 1, 2011 ID:447762 Share Posted July 1, 2011 That is odd; try the Rescue CD for a CD/DVD (you may need to change the boot order back)http://support.kaspersky.com/viruses/rescuedisk/all?qid=208282484 Link to post Share on other sites More sharing options...
shortmicheal Posted July 1, 2011 Author ID:447763 Share Posted July 1, 2011 also tried the same thing thing except formated to fat32 did the same thing just blinked a cursor at me Link to post Share on other sites More sharing options...
Recommended Posts