Jump to content
kentuckycuz

Search Redirection - MB or AVG will not update

Recommended Posts

It's not letting me run that at all. An error box pops up and says "Sorry, but unhandled exception has occurred Program will be terminated ..." and it created an error log that says:

Exception code : 0xC0000005

Instruction address : 0x00402EAA

Attempt to read at address : 0xFFFFFFFF

Share this post


Link to post
Share on other sites

Okay, let's try this tool ;):

Download the latest version of Kaspersky Virus Removal Tool

  • Close all other applications and double-click and run the installer.
  • When the Kaspersky Virus Removal Tool starts, to the right of Security Level click Recommended, and select Settings.
  • In the window that opens (Autoscan), in the Scope tab place a checkmark to the left of Parse email formats.
  • Click the Additional tab and click to place a checkmark to the left of Deep scan, and click OK.
  • Select all the scanable items except for CD-ROM drives and click the Start scan button.
    6zvqld.gif
  • If malware is detected, place a checkmark in the Apply to all box, and click the Delete button (or Disinfect if the button is active).
  • After the scan finishes, if any threat remains in the Scan window (Red exclamation point), click the Neutralize all button
  • In the window that opens, place a checkmark in the Apply to all box, and click the Delete button (or Disinfect if the button is active).
  • If advised that a special disinfection procedure is required which demands system reboot: click the Ok button to close the window.
  • In the Scan window click the Reports button and select Save to file.
  • Name the report AVPT.txt, and save it to the Desktop.
  • Close AVPTool.
  • You will be prompted if you want to uninstall the program; click Yes.
  • You will then be prompted that to complete the uninstallation, the computer must be restarted. Select Yes to restart the system.
  • Copy and paste the first part of the report (Detected) that you saved in your next reply.

Share this post


Link to post
Share on other sites

It's taking forever to download ... at 10% now. Just wanted to let you know. You've been so patient :)

Share this post


Link to post
Share on other sites

Sounds good ;)

You've been so patient :)

Thank you, you as well :)

I will probably call it a day here pretty soon. I'll check back first thing in the morning and we'll take it from there :)

Share this post


Link to post
Share on other sites

Oh my, it got all the way up to 95% (after over an hour) and then a windows media player box popped up! It was a black screen that had "episode 16" or maybe 161 or something like that on it. I closed it and then a box came up saying that it couldn't complete the download b/c the server had timed out. Phooey. I'll try to download it again tomorrow :blink:

Share this post


Link to post
Share on other sites

That's odd. :blink:

Anyways, let me know if you get it running ;)

Share this post


Link to post
Share on other sites

I finally got it downloaded this morning but there were 2 google windows that popped up during the download. Just from nowhere! It's running now. It's at 14% after 35 minutes ... uggg!! I'll post when it's finished but it'll be awhile.

Share this post


Link to post
Share on other sites

Yeah it can take a while. Thank you for letting me know ;)

Share this post


Link to post
Share on other sites

Okay, got that finished .. only took over 4 hours :P This is all I got:

Autoscan: completed 3 minutes ago (events: 2, objects: 642844, time: 04:22:50)

7/3/2011 4:29:37 PM Task completed

7/3/2011 12:06:47 PM Task started

Share this post


Link to post
Share on other sites

There should be more to the log than that ;)

Share this post


Link to post
Share on other sites

Nope, that's all I got. I wasn't sitting right in front of it when it finished so I don't know if anything popped up and then went away. Also, I'm back on my computer b/c it won't let me go onto the Internet on my son's. It'll open an Internet Explorer window and then close it and a box will come up saying that iexplore.exe cannot start b/c it is infected with w32/blaster/worm and it's trying to get me to activate Security Protection in order to fix it. One time it said skypenames2.exe instead of iexplore.exe

Share this post


Link to post
Share on other sites

It keeps popping up windows now that the computer is infected and wants me to activate he "program" to get rid of the infections. Also, there's an icon on the desktop now that looks like a deputy shield and just says "Malware Protection" on it. I'm pretty sure it wasn't there before

Share this post


Link to post
Share on other sites

Sorry for all the postings but it won't let me run notepad now either. I just went to look at some of the "results" of the stuff I've been doing and it won't let me.

Share this post


Link to post
Share on other sites

Sorry for the delay - was out purchasing fireworks :D

Please Launch Malwarebytes' Anti-Malware.

  • Please click Check for Updates to see if any updates are found. If so, please allow MBAM to download and install them.
  • Once the program has loaded, select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a location you will remember.
  • Copy and Paste that log into your next reply.

Note:

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.

Click OK for either of the prompts and let MBAM proceed with the disinfection process.

If asked to restart the computer, please do so immediately.

--------

Please include the new MBAM log in your next reply ;)

Share this post


Link to post
Share on other sites

I can't. It won't let me go online or anything. I did a few things on my own (sorry, I'm one of those stubborn women lol). I restarted and logged on in safe mode which it's letting me online this way. I am running ESET Online Scanner now and it's picked up 4 Win32/Kryptik.PVP trojan files so far and it's almost done. Should I continue with that or try to go to MB? It got really bad and reverted back to how it was yesterday when I started. Doing the ESET scan helped then, that's why I did it again. I'll have to keep it in safe mode to go online though b/c it's not letting me open notepad, go online, open programs or anything otherwise.

Hope you got some good firework!!! :)

Share this post


Link to post
Share on other sites

Sure, go ahead with the ESET Online Scanner. Post the log that it finds please ;)

Share this post


Link to post
Share on other sites

It didn't give me a log file! I don't know how I missed it b/c I know it usually gives one. Could it be b/c I'm in safe mode? Anyway, it found and deleted 4 files that all read:

variants of win32/kryptik.pvp trojan files

Share this post


Link to post
Share on other sites

Should be at C:\Program Files\EsetOnlineScanner\log.txt

Share this post


Link to post
Share on other sites

Thanks! I got it:

ESETSmartInstaller@High as CAB hook log:

OnlineScanner64.ocx - registred OK

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.7600.16385 (win7_rtm.090713-1255)

# OnlineScanner.ocx=1.0.0.6427

# api_version=3.0.2

# EOSSerial=d82560e3cd3ec14d8e90c66727b2fa93

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-07-04 01:47:30

# local_time=2011-07-03 09:47:30 (-0500, Eastern Daylight Time)

# country="United States"

# lang=1033

# osver=6.1.7600 NT

# compatibility_mode=5893 16776574 100 94 96144 61285672 0 0

# compatibility_mode=8192 67108863 100 0 92619 92619 0 0

# scanned=124019

# found=4

# cleaned=4

# scan_time=1828

C:\Users\Derek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\540U2APR\info[1].exe a variant of Win32/Kryptik.PVP trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\Derek\AppData\Local\Temp\9EFC.tmp a variant of Win32/Kryptik.PVP trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\Derek\AppData\Local\Temp\A8FC.tmp a variant of Win32/Kryptik.PVP trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Users\Derek\AppData\Roaming\defender.exe a variant of Win32/Kryptik.PVP trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

Share this post


Link to post
Share on other sites

Go ahead and run ComboFix.exe once more. If you're asked to update it, go ahead and let it update itself ;)

Please post the new C:\ComboFix.txt in your next reply :)

Share this post


Link to post
Share on other sites

Umm try Normal Mode. If you're unable to do it in Normal Mode (or it crashes during) do it in Safe Mode.

Share this post


Link to post
Share on other sites

Here's the Combo Log. BTW, while it was running, an internet window popped up with an ad site.

ComboFix 11-07-02.02 - Derek 07/03/2011 22:14:27.3.2 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4056.2909 [GMT -4:00]

Running from: c:\users\Derek\Desktop\ComboFix.exe

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((( Files Created from 2011-06-04 to 2011-07-04 )))))))))))))))))))))))))))))))

.

.

2011-07-04 02:39 . 2011-07-04 02:39 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-07-03 15:59 . 2011-07-03 15:59 -------- d-----w- c:\programdata\Kaspersky Lab

2011-07-03 04:09 . 2011-07-03 04:11 35712 ----a-w- c:\windows\SysWow64\drivers\BlackBox.sys

2011-07-03 04:00 . 2010-10-12 16:56 220024 ----a-w- c:\windows\sigcheck.exe

2011-07-03 03:27 . 2011-07-03 03:50 -------- d-----w- c:\windows\maxdrive

2011-07-03 03:07 . 2011-05-24 11:21 404992 ----a-w- c:\windows\system32\umpnpmgr.dll

2011-07-03 03:07 . 2011-05-24 10:34 64512 ----a-w- c:\windows\SysWow64\devobj.dll

2011-07-03 03:07 . 2011-05-24 10:34 44544 ----a-w- c:\windows\SysWow64\devrtl.dll

2011-07-03 03:07 . 2011-05-24 10:34 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll

2011-07-03 03:07 . 2011-05-24 10:32 252928 ----a-w- c:\windows\SysWow64\drvinst.exe

2011-07-03 00:41 . 2011-01-17 14:50 333176 ----a-w- c:\windows\Listdlls.exe

2011-07-03 00:41 . 2011-05-17 16:48 423288 ----a-w- c:\windows\handle.exe

2011-07-02 23:35 . 2011-07-02 23:35 -------- d-----w- c:\programdata\Malwarebytes

2011-07-02 23:34 . 2011-07-03 00:16 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-07-01 23:33 . 2011-07-01 23:33 -------- d-----w- c:\program files (x86)\ESET

2011-06-18 00:05 . 2011-05-28 03:07 3133952 ----a-w- c:\windows\system32\win32k.sys

2011-06-17 23:31 . 2011-04-29 05:47 1110528 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll

2011-06-17 23:31 . 2011-04-29 05:08 759296 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll

2011-06-17 23:30 . 2011-05-04 02:51 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2011-06-17 23:30 . 2011-05-04 02:51 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-06-17 23:30 . 2011-05-04 02:51 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys

2011-06-17 23:06 . 2011-05-03 05:21 976896 ----a-w- c:\windows\system32\inetcomm.dll

2011-06-17 23:06 . 2011-05-03 04:50 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll

2011-06-17 23:00 . 2011-04-27 02:57 102400 ----a-w- c:\windows\system32\drivers\dfsc.sys

2011-06-17 22:48 . 2011-04-25 05:32 1896832 ----a-w- c:\windows\system32\drivers\tcpip.sys

2011-06-17 22:48 . 2011-04-25 02:44 499712 ----a-w- c:\windows\system32\drivers\afd.sys

2011-06-17 22:33 . 2011-01-17 06:17 197120 ----a-w- c:\windows\system32\d3d10_1.dll

2011-06-17 22:33 . 2011-01-17 05:38 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll

2011-06-17 22:33 . 2011-04-29 03:13 461312 ----a-w- c:\windows\system32\drivers\srv.sys

2011-06-17 22:33 . 2011-04-29 03:12 399872 ----a-w- c:\windows\system32\drivers\srv2.sys

2011-06-17 22:33 . 2011-04-29 03:12 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys

2011-06-17 22:27 . 2010-12-18 06:13 861184 ----a-w- c:\windows\system32\oleaut32.dll

2011-06-17 22:27 . 2010-12-18 05:31 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-05-05 23:16 . 2010-08-07 18:56 317520 ----a-w- c:\windows\system32\drivers\avgtdia.sys

2011-04-22 20:18 . 2011-05-25 00:53 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys

2011-04-09 06:58 . 2011-05-17 21:25 142336 ----a-w- c:\windows\system32\poqexec.exe

2011-04-09 06:45 . 2011-05-12 03:05 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-04-09 06:13 . 2011-05-12 03:05 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2011-04-09 06:13 . 2011-05-12 03:05 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2011-04-09 05:56 . 2011-05-17 21:25 123904 ----a-w- c:\windows\SysWow64\poqexec.exe

.

.

((((((((((((((((((((((((((((( SnapShot@2011-07-02_22.30.53 )))))))))))))))))))))))))))))))))))))))))

.

- 2009-07-14 00:13 . 2009-07-14 01:14 86528 c:\windows\SysWOW64\SearchFilterHost.exe

+ 2011-07-03 03:10 . 2011-05-04 04:52 86528 c:\windows\SysWOW64\SearchFilterHost.exe

+ 2011-07-03 03:10 . 2011-05-04 04:52 59392 c:\windows\SysWOW64\msscntrs.dll

- 2009-07-14 00:12 . 2009-07-14 01:15 59392 c:\windows\SysWOW64\msscntrs.dll

+ 2009-07-14 04:54 . 2011-07-04 02:05 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 04:54 . 2011-07-02 21:20 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:54 . 2011-07-04 02:05 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2011-07-02 21:20 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2011-07-04 02:05 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:54 . 2011-07-02 21:20 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-07-26 20:30 . 2011-07-04 02:04 36446 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2011-07-04 02:04 37474 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

- 2009-07-14 00:29 . 2009-07-14 01:41 75264 c:\windows\system32\msscntrs.dll

+ 2011-07-03 03:10 . 2011-05-04 05:28 75264 c:\windows\system32\msscntrs.dll

+ 2010-08-03 19:58 . 2011-07-03 23:34 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-08-03 19:58 . 2011-07-02 21:42 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-08-03 19:58 . 2011-07-02 21:42 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2010-08-03 19:58 . 2011-07-03 23:34 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2011-07-03 23:34 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:54 . 2011-07-02 21:42 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-08-03 20:15 . 2011-07-04 02:02 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-08-03 20:15 . 2011-07-02 21:17 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:46 . 2011-07-03 23:37 78720 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat

- 2011-07-01 21:36 . 2011-07-02 21:21 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat

+ 2011-07-01 21:36 . 2011-07-04 02:03 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat

+ 2011-07-01 21:36 . 2011-07-04 02:03 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat

- 2011-07-01 21:36 . 2011-07-02 21:21 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat

+ 2011-07-01 21:36 . 2011-07-04 02:03 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat

- 2011-07-01 21:36 . 2011-07-02 21:21 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat

+ 2010-08-03 20:15 . 2011-07-04 02:03 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2010-08-03 20:15 . 2011-07-02 21:21 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2010-08-03 20:15 . 2011-07-04 02:02 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2010-08-03 20:15 . 2011-07-02 21:17 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-08-03 20:15 . 2011-07-04 02:03 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-08-03 20:15 . 2011-07-01 21:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-08-03 20:15 . 2011-07-04 02:03 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2010-08-03 20:15 . 2011-07-01 21:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2011-07-03 07:47 . 2009-07-14 01:45 22096 c:\windows\maxdrive\wimmount.sys

+ 2011-07-03 03:50 . 2002-09-18 11:38 82944 c:\windows\maxdrive\sed.exe

+ 2010-08-03 20:15 . 2011-07-04 02:04 9846 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-379511473-3534282781-3527409737-1001_UserData.bin

+ 2010-07-26 20:27 . 2011-07-04 01:07 2190 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat

- 2010-07-26 20:27 . 2011-06-29 07:16 2190 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat

- 2011-07-02 21:17 . 2011-07-02 21:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2011-07-04 02:02 . 2011-07-04 02:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2011-07-04 02:02 . 2011-07-04 02:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2011-07-02 21:17 . 2011-07-02 21:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2011-07-03 03:10 . 2011-05-04 04:52 164352 c:\windows\SysWOW64\SearchProtocolHost.exe

- 2009-07-14 00:14 . 2009-07-14 01:14 164352 c:\windows\SysWOW64\SearchProtocolHost.exe

+ 2011-07-03 03:10 . 2011-05-04 04:52 428032 c:\windows\SysWOW64\SearchIndexer.exe

- 2009-07-14 00:14 . 2009-07-14 01:14 428032 c:\windows\SysWOW64\SearchIndexer.exe

- 2009-07-14 00:13 . 2009-07-14 01:15 666624 c:\windows\SysWOW64\mssvp.dll

+ 2011-07-03 03:10 . 2011-05-04 04:52 666624 c:\windows\SysWOW64\mssvp.dll

+ 2011-07-03 03:10 . 2011-05-04 04:52 197120 c:\windows\SysWOW64\mssphtb.dll

- 2009-07-14 00:14 . 2009-07-14 01:15 197120 c:\windows\SysWOW64\mssphtb.dll

+ 2011-07-03 03:10 . 2011-05-04 04:52 337408 c:\windows\SysWOW64\mssph.dll

- 2009-07-14 00:13 . 2009-07-14 01:15 337408 c:\windows\SysWOW64\mssph.dll

+ 2010-08-03 20:06 . 2011-07-03 02:54 292252 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin

- 2009-07-14 00:30 . 2009-07-14 01:39 249856 c:\windows\system32\SearchProtocolHost.exe

+ 2011-07-03 03:10 . 2011-05-04 05:24 249856 c:\windows\system32\SearchProtocolHost.exe

+ 2011-07-03 03:10 . 2011-05-04 05:24 593408 c:\windows\system32\SearchIndexer.exe

- 2009-07-14 00:32 . 2009-07-14 01:39 593408 c:\windows\system32\SearchIndexer.exe

- 2009-07-14 00:29 . 2009-07-14 01:39 113664 c:\windows\system32\SearchFilterHost.exe

+ 2011-07-03 03:10 . 2011-05-04 05:24 113664 c:\windows\system32\SearchFilterHost.exe

+ 2009-07-14 02:36 . 2011-07-04 02:07 574914 c:\windows\system32\perfc009.dat

- 2009-07-14 00:30 . 2009-07-14 01:41 779264 c:\windows\system32\mssvp.dll

+ 2011-07-03 03:10 . 2011-05-04 05:28 779264 c:\windows\system32\mssvp.dll

- 2009-07-14 00:32 . 2009-07-14 01:41 288256 c:\windows\system32\mssphtb.dll

+ 2011-07-03 03:10 . 2011-05-04 05:28 288256 c:\windows\system32\mssphtb.dll

+ 2011-07-03 03:10 . 2011-05-04 05:28 491520 c:\windows\system32\mssph.dll

- 2009-07-14 00:30 . 2009-07-14 01:41 491520 c:\windows\system32\mssph.dll

+ 2009-07-14 04:45 . 2011-07-03 20:37 421208 c:\windows\system32\FNTCACHE.DAT

- 2009-07-14 04:45 . 2011-06-21 21:10 421208 c:\windows\system32\FNTCACHE.DAT

+ 2009-07-14 05:01 . 2011-07-04 01:07 394824 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2009-07-14 05:01 . 2011-06-29 07:16 394824 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2011-07-03 03:10 . 2011-05-04 04:53 1553920 c:\windows\SysWOW64\tquery.dll

+ 2011-07-03 03:10 . 2011-05-04 04:52 1401856 c:\windows\SysWOW64\mssrch.dll

- 2009-07-14 00:13 . 2009-07-14 01:15 1401856 c:\windows\SysWOW64\mssrch.dll

+ 2011-07-03 03:10 . 2011-05-04 05:30 2326016 c:\windows\system32\tquery.dll

+ 2009-07-14 02:36 . 2011-07-04 02:07 1975026 c:\windows\system32\perfh009.dat

- 2009-07-14 00:35 . 2009-07-14 01:41 2228224 c:\windows\system32\mssrch.dll

+ 2011-07-03 03:10 . 2011-05-04 05:28 2228224 c:\windows\system32\mssrch.dll

- 2009-07-14 04:45 . 2011-07-01 22:40 3802522 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

+ 2009-07-14 04:45 . 2011-07-03 20:40 3802522 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

+ 2011-07-03 03:50 . 2009-12-12 02:48 1041920 c:\windows\maxdrive\pevFind.exe

+ 2009-07-14 02:34 . 2011-07-03 23:44 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat

- 2009-07-14 02:34 . 2011-07-02 21:37 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-12-29 140520]

"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]

"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-10-15 498160]

"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"bncsaui.exe"="c:\program files (x86)\Bradford Networks\Persistent Agent\bncsaui.exe" [2010-02-23 2625248]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-12-13 421160]

.

c:\users\Derek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-15 1324384]

LimeWire On Startup.lnk - c:\program files (x86)\LimeWire\LimeWire.exe [2010-7-29 503808]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-15 1324384]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 BlackBox;BlackBox SR2; [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [2009-03-03 89600]

S2 BNPagent;Bradford Persistent Agent Service;c:\program files (x86)\Bradford Networks\Persistent Agent\bndaemon.exe [2010-02-23 3026656]

S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]

S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]

.

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-01-18 368640]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-02-26 487424]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-06-30 165912]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-06-30 385560]

"Persistence"="c:\windows\system32\igfxpers.exe" [2009-06-30 365080]

"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]

"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

TCP: DhcpNameServer = 192.168.254.254

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

Completion time: 2011-07-03 22:57:31

ComboFix-quarantined-files.txt 2011-07-04 02:57

ComboFix2.txt 2011-07-03 01:44

ComboFix3.txt 2011-07-02 22:48

.

Pre-Run: 269,021,732,864 bytes free

Post-Run: 269,026,963,456 bytes free

.

- - End Of File - - 604F46020B7C6B7724EB40A0305DAB41

Share this post


Link to post
Share on other sites

Let's run the following tools:

Download and run a new copy of TDSSKiller:

Please download to your Desktop:

  • TDSSKiller.zip from here and extract it (right click on it => "Extract here").

>>> TDSSKiller: Double-click on TDSSKiller.exe to run the application.

  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue tdsskiller2.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue tdsskiller3.png
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

In your next reply, please include the following (you may need to use two posts to get it all in):

  • TDSSKiller_log.txt

how the PC is running now?

-------

Please print out these instructions or copy them to a Notepad file for an easier reading and download MBRCheck by a_d_13 to your Desktop from one of these locations:

http://ad13.geekstogo.com/MBRCheck.exe

http://download.bleepingcomputer.com/rootrepeal/MBRCheck.exe

http://www.kernelmode.info/MBRCheck.exe

Close all opened programs/ windows and double-click on MBRCheck.exe.

It will produce a log file saved automatically on your Desktop as "MBRCheck_[Date]_[Time].txt".

Press the "Enter" key to close the MBRCheck window and post the contents of the log file.

Share this post


Link to post
Share on other sites

I'm stuck! I ran the TDSSKiller (I'll include below) and then ran the MBRCheck. It said that it found a non-standard or infected MBR and it's asking me if I want to 1) Dump the MBR of a physical disk to file, 2) Restore the MBR of a physical disk with a standard boot code, or 3) Exit. Which one do I do?

2011/07/03 23:53:29.0059 4756 TDSS rootkit removing tool 2.5.8.0 Jun 28 2011 19:12:16

2011/07/03 23:53:31.0071 4756 ================================================================================

2011/07/03 23:53:31.0071 4756 SystemInfo:

2011/07/03 23:53:31.0071 4756

2011/07/03 23:53:31.0071 4756 OS Version: 6.1.7600 ServicePack: 0.0

2011/07/03 23:53:31.0071 4756 Product type: Workstation

2011/07/03 23:53:31.0071 4756 ComputerName: DEREK-PC

2011/07/03 23:53:31.0071 4756 UserName: Derek

2011/07/03 23:53:31.0071 4756 Windows directory: C:\Windows

2011/07/03 23:53:31.0071 4756 System windows directory: C:\Windows

2011/07/03 23:53:31.0071 4756 Running under WOW64

2011/07/03 23:53:31.0071 4756 Processor architecture: Intel x64

2011/07/03 23:53:31.0071 4756 Number of processors: 2

2011/07/03 23:53:31.0071 4756 Page size: 0x1000

2011/07/03 23:53:31.0071 4756 Boot type: Normal boot

2011/07/03 23:53:31.0071 4756 ================================================================================

2011/07/03 23:53:31.0383 4756 Initialize success

2011/07/03 23:53:39.0027 5232 ================================================================================

2011/07/03 23:53:39.0027 5232 Scan started

2011/07/03 23:53:39.0027 5232 Mode: Manual;

2011/07/03 23:53:39.0027 5232 ================================================================================

2011/07/03 23:53:39.0901 5232 1394ohci (69aa89a20dee08bfa650aab6ce37bd10) C:\Windows\system32\DRIVERS\1394ohci.sys

2011/07/03 23:53:40.0228 5232 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

2011/07/03 23:53:40.0400 5232 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

2011/07/03 23:53:40.0556 5232 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

2011/07/03 23:53:40.0712 5232 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

2011/07/03 23:53:40.0868 5232 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

2011/07/03 23:53:41.0055 5232 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys

2011/07/03 23:53:41.0227 5232 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

2011/07/03 23:53:41.0398 5232 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

2011/07/03 23:53:41.0554 5232 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

2011/07/03 23:53:41.0710 5232 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

2011/07/03 23:53:41.0851 5232 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

2011/07/03 23:53:41.0991 5232 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

2011/07/03 23:53:42.0147 5232 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

2011/07/03 23:53:42.0288 5232 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

2011/07/03 23:53:42.0475 5232 ApfiltrService (9b0b7fde049cb283fabe5877a49f2611) C:\Windows\system32\DRIVERS\Apfiltr.sys

2011/07/03 23:53:42.0631 5232 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

2011/07/03 23:53:42.0834 5232 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

2011/07/03 23:53:42.0990 5232 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

2011/07/03 23:53:43.0130 5232 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

2011/07/03 23:53:43.0270 5232 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

2011/07/03 23:53:43.0504 5232 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

2011/07/03 23:53:43.0645 5232 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

2011/07/03 23:53:43.0816 5232 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys

2011/07/03 23:53:44.0019 5232 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys

2011/07/03 23:53:44.0238 5232 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

2011/07/03 23:53:44.0581 5232 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

2011/07/03 23:53:44.0768 5232 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

2011/07/03 23:53:44.0924 5232 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

2011/07/03 23:53:45.0064 5232 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

2011/07/03 23:53:45.0220 5232 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

2011/07/03 23:53:45.0376 5232 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

2011/07/03 23:53:45.0532 5232 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

2011/07/03 23:53:45.0673 5232 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

2011/07/03 23:53:45.0844 5232 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys

2011/07/03 23:53:46.0000 5232 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

2011/07/03 23:53:46.0156 5232 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

2011/07/03 23:53:46.0312 5232 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\Windows\system32\Drivers\BTHport.sys

2011/07/03 23:53:46.0500 5232 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\Windows\system32\Drivers\BTHUSB.sys

2011/07/03 23:53:46.0640 5232 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys

2011/07/03 23:53:46.0827 5232 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\DRIVERS\btwavdt.sys

2011/07/03 23:53:47.0014 5232 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys

2011/07/03 23:53:47.0170 5232 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys

2011/07/03 23:53:47.0498 5232 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

2011/07/03 23:53:47.0654 5232 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

2011/07/03 23:53:47.0841 5232 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

2011/07/03 23:53:47.0966 5232 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

2011/07/03 23:53:48.0216 5232 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

2011/07/03 23:53:48.0340 5232 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

2011/07/03 23:53:48.0481 5232 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys

2011/07/03 23:53:48.0652 5232 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

2011/07/03 23:53:48.0808 5232 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

2011/07/03 23:53:48.0964 5232 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

2011/07/03 23:53:49.0136 5232 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys

2011/07/03 23:53:49.0308 5232 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

2011/07/03 23:53:49.0479 5232 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

2011/07/03 23:53:49.0635 5232 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

2011/07/03 23:53:49.0854 5232 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

2011/07/03 23:53:50.0041 5232 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

2011/07/03 23:53:50.0212 5232 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

2011/07/03 23:53:50.0400 5232 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

2011/07/03 23:53:50.0446 5232 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

2011/07/03 23:53:50.0602 5232 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

2011/07/03 23:53:50.0649 5232 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

2011/07/03 23:53:50.0821 5232 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

2011/07/03 23:53:50.0883 5232 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

2011/07/03 23:53:50.0914 5232 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

2011/07/03 23:53:51.0024 5232 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

2011/07/03 23:53:51.0133 5232 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

2011/07/03 23:53:51.0320 5232 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

2011/07/03 23:53:51.0351 5232 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

2011/07/03 23:53:51.0523 5232 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

2011/07/03 23:53:51.0663 5232 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

2011/07/03 23:53:51.0804 5232 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

2011/07/03 23:53:51.0928 5232 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

2011/07/03 23:53:52.0006 5232 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

2011/07/03 23:53:52.0147 5232 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

2011/07/03 23:53:52.0318 5232 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

2011/07/03 23:53:52.0365 5232 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

2011/07/03 23:53:52.0521 5232 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

2011/07/03 23:53:52.0677 5232 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

2011/07/03 23:53:52.0849 5232 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

2011/07/03 23:53:52.0989 5232 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

2011/07/03 23:53:53.0130 5232 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

2011/07/03 23:53:53.0286 5232 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys

2011/07/03 23:53:53.0442 5232 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

2011/07/03 23:53:53.0707 5232 igfx (babd5f9b2bcc82ce556a0baf1ae208a7) C:\Windows\system32\DRIVERS\igdkmd64.sys

2011/07/03 23:53:53.0863 5232 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

2011/07/03 23:53:53.0925 5232 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

2011/07/03 23:53:53.0972 5232 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

2011/07/03 23:53:54.0081 5232 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2011/07/03 23:53:54.0159 5232 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

2011/07/03 23:53:54.0175 5232 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

2011/07/03 23:53:54.0300 5232 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

2011/07/03 23:53:54.0347 5232 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

2011/07/03 23:53:54.0378 5232 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

2011/07/03 23:53:54.0487 5232 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

2011/07/03 23:53:54.0565 5232 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

2011/07/03 23:53:54.0674 5232 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys

2011/07/03 23:53:54.0768 5232 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys

2011/07/03 23:53:54.0908 5232 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

2011/07/03 23:53:55.0080 5232 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

2011/07/03 23:53:55.0220 5232 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

2011/07/03 23:53:55.0298 5232 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

2011/07/03 23:53:55.0407 5232 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

2011/07/03 23:53:55.0454 5232 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

2011/07/03 23:53:55.0610 5232 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

2011/07/03 23:53:55.0719 5232 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

2011/07/03 23:53:55.0766 5232 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

2011/07/03 23:53:55.0891 5232 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

2011/07/03 23:53:56.0047 5232 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

2011/07/03 23:53:56.0172 5232 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

2011/07/03 23:53:56.0359 5232 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

2011/07/03 23:53:56.0406 5232 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

2011/07/03 23:53:56.0468 5232 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

2011/07/03 23:53:56.0531 5232 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

2011/07/03 23:53:56.0640 5232 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

2011/07/03 23:53:56.0718 5232 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

2011/07/03 23:53:56.0780 5232 mrxsmb10 (a8c2d7673c8a010569390c826a0efaf4) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2011/07/03 23:53:56.0827 5232 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2011/07/03 23:53:56.0952 5232 msahci (bccf16d5fb1109162380e3e28dc9e4e5) C:\Windows\system32\DRIVERS\msahci.sys

2011/07/03 23:53:56.0999 5232 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

2011/07/03 23:53:57.0045 5232 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

2011/07/03 23:53:57.0077 5232 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

2011/07/03 23:53:57.0170 5232 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

2011/07/03 23:53:57.0342 5232 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

2011/07/03 23:53:57.0467 5232 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

2011/07/03 23:53:57.0482 5232 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

2011/07/03 23:53:57.0529 5232 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

2011/07/03 23:53:57.0560 5232 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

2011/07/03 23:53:57.0669 5232 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

2011/07/03 23:53:57.0732 5232 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

2011/07/03 23:53:57.0872 5232 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

2011/07/03 23:53:58.0044 5232 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

2011/07/03 23:53:58.0262 5232 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

2011/07/03 23:53:58.0403 5232 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

2011/07/03 23:53:58.0543 5232 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

2011/07/03 23:53:58.0637 5232 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

2011/07/03 23:53:58.0683 5232 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

2011/07/03 23:53:58.0715 5232 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

2011/07/03 23:53:58.0871 5232 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

2011/07/03 23:53:58.0917 5232 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

2011/07/03 23:53:59.0105 5232 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

2011/07/03 23:53:59.0276 5232 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

2011/07/03 23:53:59.0323 5232 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

2011/07/03 23:53:59.0448 5232 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

2011/07/03 23:53:59.0495 5232 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

2011/07/03 23:53:59.0604 5232 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

2011/07/03 23:53:59.0651 5232 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

2011/07/03 23:53:59.0744 5232 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

2011/07/03 23:53:59.0791 5232 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

2011/07/03 23:53:59.0869 5232 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

2011/07/03 23:53:59.0900 5232 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

2011/07/03 23:53:59.0978 5232 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

2011/07/03 23:54:00.0009 5232 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

2011/07/03 23:54:00.0041 5232 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

2011/07/03 23:54:00.0103 5232 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

2011/07/03 23:54:00.0165 5232 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

2011/07/03 23:54:00.0306 5232 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

2011/07/03 23:54:00.0446 5232 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

2011/07/03 23:54:00.0618 5232 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

2011/07/03 23:54:00.0680 5232 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys

2011/07/03 23:54:00.0805 5232 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

2011/07/03 23:54:00.0852 5232 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

2011/07/03 23:54:00.0883 5232 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

2011/07/03 23:54:00.0899 5232 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

2011/07/03 23:54:01.0023 5232 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

2011/07/03 23:54:01.0179 5232 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

2011/07/03 23:54:01.0289 5232 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

2011/07/03 23:54:01.0351 5232 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

2011/07/03 23:54:01.0413 5232 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

2011/07/03 23:54:01.0445 5232 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

2011/07/03 23:54:01.0476 5232 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

2011/07/03 23:54:01.0585 5232 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

2011/07/03 23:54:01.0647 5232 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

2011/07/03 23:54:01.0679 5232 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

2011/07/03 23:54:01.0788 5232 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

2011/07/03 23:54:01.0850 5232 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

2011/07/03 23:54:02.0037 5232 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

2011/07/03 23:54:02.0193 5232 RSUSBSTOR (4a25dc970c58104602ed274dacafd784) C:\Windows\system32\Drivers\RtsUStor.sys

2011/07/03 23:54:02.0349 5232 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

2011/07/03 23:54:02.0412 5232 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

2011/07/03 23:54:02.0552 5232 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

2011/07/03 23:54:02.0677 5232 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

2011/07/03 23:54:02.0833 5232 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

2011/07/03 23:54:02.0880 5232 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

2011/07/03 23:54:02.0989 5232 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

2011/07/03 23:54:03.0083 5232 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

2011/07/03 23:54:03.0129 5232 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys

2011/07/03 23:54:03.0161 5232 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

2011/07/03 23:54:03.0270 5232 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

2011/07/03 23:54:03.0317 5232 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

2011/07/03 23:54:03.0457 5232 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

2011/07/03 23:54:03.0597 5232 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

2011/07/03 23:54:03.0769 5232 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

2011/07/03 23:54:03.0816 5232 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

2011/07/03 23:54:03.0863 5232 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

2011/07/03 23:54:04.0034 5232 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

2011/07/03 23:54:04.0112 5232 STHDA (f3f6c17f70eba268cdbe4f9704e3eac5) C:\Windows\system32\DRIVERS\stwrt64.sys

2011/07/03 23:54:04.0268 5232 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

2011/07/03 23:54:04.0487 5232 Tcpip (61dc720bb065d607d5823f13d2a64321) C:\Windows\system32\drivers\tcpip.sys

2011/07/03 23:54:04.0643 5232 TCPIP6 (61dc720bb065d607d5823f13d2a64321) C:\Windows\system32\DRIVERS\tcpip.sys

2011/07/03 23:54:04.0736 5232 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

2011/07/03 23:54:04.0845 5232 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

2011/07/03 23:54:04.0892 5232 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

2011/07/03 23:54:05.0001 5232 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

2011/07/03 23:54:05.0064 5232 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

2011/07/03 23:54:05.0220 5232 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

2011/07/03 23:54:05.0391 5232 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

2011/07/03 23:54:05.0438 5232 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

2011/07/03 23:54:05.0501 5232 udfs (31ba4a33afab6a69ea092b18017f737f) C:\Windows\system32\DRIVERS\udfs.sys

2011/07/03 23:54:05.0688 5232 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

2011/07/03 23:54:05.0797 5232 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

2011/07/03 23:54:05.0844 5232 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

2011/07/03 23:54:06.0000 5232 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys

2011/07/03 23:54:06.0047 5232 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys

2011/07/03 23:54:06.0109 5232 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

2011/07/03 23:54:06.0171 5232 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\DRIVERS\usbehci.sys

2011/07/03 23:54:06.0281 5232 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys

2011/07/03 23:54:06.0327 5232 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys

2011/07/03 23:54:06.0374 5232 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

2011/07/03 23:54:06.0499 5232 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2011/07/03 23:54:06.0561 5232 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\DRIVERS\usbuhci.sys

2011/07/03 23:54:06.0608 5232 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys

2011/07/03 23:54:06.0749 5232 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

2011/07/03 23:54:06.0920 5232 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

2011/07/03 23:54:06.0967 5232 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

2011/07/03 23:54:06.0998 5232 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

2011/07/03 23:54:07.0045 5232 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

2011/07/03 23:54:07.0139 5232 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

2011/07/03 23:54:07.0263 5232 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

2011/07/03 23:54:07.0373 5232 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

2011/07/03 23:54:07.0544 5232 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

2011/07/03 23:54:07.0653 5232 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

2011/07/03 23:54:07.0700 5232 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

2011/07/03 23:54:07.0825 5232 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

2011/07/03 23:54:07.0872 5232 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

2011/07/03 23:54:07.0997 5232 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

2011/07/03 23:54:08.0012 5232 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

2011/07/03 23:54:08.0168 5232 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

2011/07/03 23:54:08.0231 5232 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

2011/07/03 23:54:08.0449 5232 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

2011/07/03 23:54:08.0480 5232 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

2011/07/03 23:54:08.0699 5232 WinUsb (4d52c872018af7e18d078978dcc3f6f2) C:\Windows\system32\DRIVERS\WinUsb.sys

2011/07/03 23:54:08.0792 5232 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

2011/07/03 23:54:08.0917 5232 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

2011/07/03 23:54:09.0057 5232 WudfPf (c63907207b837a5c05cf6d1606aa0008) C:\Windows\system32\drivers\WudfPf.sys

2011/07/03 23:54:09.0213 5232 WUDFRd (d885a873d733020f8b9b9ff4b1666158) C:\Windows\system32\DRIVERS\WUDFRd.sys

2011/07/03 23:54:09.0385 5232 yukonw7 (79d9ce9614c955dd31aa2556b4014662) C:\Windows\system32\DRIVERS\yk62x64.sys

2011/07/03 23:54:09.0463 5232 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

2011/07/03 23:54:09.0494 5232 Boot (0x1200) (e8f714ab086d6d2acf05a14a1dd2905e) \Device\Harddisk0\DR0\Partition0

2011/07/03 23:54:09.0525 5232 Boot (0x1200) (fb3a7b278b2ed1ae331ec6ef26b78ee7) \Device\Harddisk0\DR0\Partition1

2011/07/03 23:54:09.0541 5232 ================================================================================

2011/07/03 23:54:09.0541 5232 Scan finished

2011/07/03 23:54:09.0541 5232 ================================================================================

2011/07/03 23:54:09.0557 5860 Detected object count: 0

2011/07/03 23:54:09.0557 5860 Actual detected object count: 0

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.