Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

HijackThis log =( - got a normal HJT log

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: HijackThis log =( - got a normal HJT log

Unread postby strelet007 » August 1st, 2010, 2:57 pm

Hey Jack&Jill,

I'm having the same problem with Rootkit Unhooker even after running FixPolicies. I go to the report tab, uncheck everything you list, and nothing happens but it uses 25% processing power. Since this is a quad core system, I suppose that could mean its using 100% of one of the cores. I did notice that it switches from the Report tab to the Stealth Code tab.

Nothing is listed there and I can still look around the menus and highlight the table headers like "Address" and "Size". I can't switch tabs.
strelet007
Regular Member
 
Posts: 37
Joined: July 20th, 2010, 1:46 pm
Advertisement
Register to Remove

Re: HijackThis log =( - got a normal HJT log

Unread postby Jack&Jill » August 1st, 2010, 8:26 pm

Hello strelet007 :),

I think there is some misunderstanding on the Rookit Unhooker instructions. Please read carefully.

You are suppose to make sure these are ticked:
  • Drivers
  • Stealth Code
  • Files
  • Code Hooks


Those that need to be unchecked are only the first three, which include SSDT, Shadow SSDT and Processes.

I did notice that it switches from the Report tab to the Stealth Code tab.
It's normal.

When running, do you see that it is scanning some files? The bottom of the program window usually show some progress. You cannot switch tab when it is scanning. It might be taking longer than usual for your machine due to malware infection. Lets make sure we do the Rootkit Unhooker scan right first before we try something else.
User avatar
Jack&Jill
MRU Emeritus
MRU Emeritus
 
Posts: 2284
Joined: August 19th, 2008, 5:37 am
Location: South East Asia

Re: HijackThis log =( - got a normal HJT log

Unread postby strelet007 » August 3rd, 2010, 2:48 pm

Hey Jack&Jill,

I've left the program running for 24 hours now. I haven't been able to see any files scanning and there hasn't been a prompt for choosing a drive to scan.

I guess I mis-worded what I said earlier. I do have only those 4 checked.

I'd be willing to try a different version of the program if its possible theres some sort of uncommon compatibility with my machine.
strelet007
Regular Member
 
Posts: 37
Joined: July 20th, 2010, 1:46 pm

Re: HijackThis log =( - got a normal HJT log

Unread postby Jack&Jill » August 3rd, 2010, 8:52 pm

Hello strelet007 :),

Did you run it as Administrator as what I have indicated before the FixPolicies step? You will need to do so for all the tools that I ask you to run.

For Windows Vista or Windows 7, please use right click and select Run as administrator instead of double click to run all the tools I ask you to, or they may not work properly.

If you have done so and the result is the same, you may skip the Rootkit Unhooker step and proceed below. If you have not done so, please retry Rootkit Unhooker first and come back with the results, then only continue below.

--------------------

Check some files with OTL
  • Double click on OTL.exe to run it.
  • Make sure all the None options is checked (ticked). There are eight of them.
  • Copy and paste the following into the white box under Custom Scans/Fixes:
    Code: Select all
    %SYSTEMDRIVE%\*.*
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav 
    %systemroot%\system32\drivers\*.sys /md5 
    %systemroot%\system32\user32.dll /md5
    %systemroot%\system32\ws2_32.dll /md5
    %systemroot%\system32\ws2help.dll /md5
    
    DRIVERS32
    MSCONFIG
    NETSVCS
    SAFEBOOTMINIMAL
    SAFEBOOTNETWORK
  • Click on Run Scan at the top left hand corner. This might take a while.
  • When done, the OTL.txt file will open. Please post back the contents of this log.

--------------------

Please download RootRepeal from one of the links below and save it to your desktop.

Link 1
Link 2
Link 3

Scan with RootRepeal
  • Extract RootRepeal.exe from the zip file to your desktop.
  • Double click on RootRepeal.exe to run it.
  • Click on the Report tab at the bottom right of the program window and then press the Scan button.
  • In the Select Scan dialog, check (tick) all the options available and click OK.
  • Select the main system drive, usually C:\, and click OK to start the scan. Please wait for it to finish.
  • Once done, a log in Notepad will open. Please post the contents of the log, also saved at C:\RootRepeal report mm-dd-yy (hh-mm-ss).txt.

--------------------

Please post back:
1. Rookit Unhooker log, if available
2. OTL log
3. RootRepeal result
User avatar
Jack&Jill
MRU Emeritus
MRU Emeritus
 
Posts: 2284
Joined: August 19th, 2008, 5:37 am
Location: South East Asia

Re: HijackThis log =( - got a normal HJT log

Unread postby strelet007 » August 4th, 2010, 10:17 pm

Hi Jack&Jill,

I was still unable to have any success with Rootkit Unhooker.

Here's the OTL.log:


OTL logfile created on: 8/4/2010 8:07:10 PM - Run 4
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Roaa\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 80.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 147.20 Gb Free Space | 31.60% Space Free | Partition Type: NTFS
Drive D: | 581.94 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 465.76 Gb Total Space | 465.65 Gb Free Space | 99.98% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DEELING-PC
Current User Name: Roaa
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - msh263.drv File not found

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Launchy.lnk - C:\Program Files\Launchy\Launchy.exe - ()
MsConfig - StartUpFolder: C:^Users^Roaa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip - C:\Users\Roaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip - File not found
MsConfig - StartUpReg: DAEMON Tools Pro Agent - hkey= - key= - C:\Program Files\DAEMON Tools Pro\DTProAgent.exe File not found
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: OneCareUI - hkey= - key= - C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe File not found
MsConfig - StartUpReg: RGSC - hkey= - key= - C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe File not found
MsConfig - StartUpReg: Steam - hkey= - key= - C:\Program Files\Steam\Steam.exe (Valve Corporation)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: VirtualCloneDrive - hkey= - key= - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
MsConfig - State: "startup" - 2
MsConfig - State: "services" - 0

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MsMpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: OneCareMP - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MsMpSvc - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: OneCareMP - Service
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/09/18 15:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2010/05/31 00:59:54 | 000,000,000 | ---- | M] () -- C:\BnetLog.txt
[2009/04/11 00:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008/08/28 13:11:41 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 15:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/03/10 19:20:52 | 000,799,352 | ---- | M] () -- C:\D2XP_IX86_112a_113c.mpq
[2007/04/02 15:10:52 | 000,045,126 | ---- | M] () -- C:\Dolby.ico
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 09:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 09:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 09:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 09:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2010/08/04 15:40:16 | 3483,996,160 | -HS- | M] () -- C:\hiberfil.sys
[2008/08/27 21:43:23 | 000,000,086 | ---- | M] () -- C:\IMSM.log
[2007/11/07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2007/11/07 09:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 09:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 09:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 09:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 09:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 09:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 09:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 09:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 09:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2010/08/04 15:40:14 | 3797,651,456 | -HS- | M] () -- C:\pagefile.sys
[2010/02/13 11:10:07 | 000,277,024 | ---- | M] () -- C:\SearchParty.log
[2008/08/27 21:46:03 | 000,000,172 | ---- | M] () -- C:\SigmaTel.log
[2007/11/07 09:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 09:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 09:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/04/11 00:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009/04/11 00:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008/01/20 21:16:46 | 017,956,864 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/20 21:16:31 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/20 21:16:46 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 04:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 04:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\drivers\*.sys /md5 >
[2008/01/20 20:21:30 | 000,053,376 | ---- | M] (Microsoft Corporation) MD5=0349BE02F329F4F48F1D48097FD65974 -- C:\Windows\System32\drivers\1394bus.sys
[2009/04/11 00:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) MD5=82B296AE1892FE3DBEE00C9CF92F8AC7 -- C:\Windows\System32\drivers\acpi.sys
[2008/01/20 20:21:29 | 000,422,968 | ---- | M] (Adaptec, Inc.) MD5=04F0FCAC69C7C71A3AC4EB97FAFC8303 -- C:\Windows\System32\drivers\adp94xx.sys
[2008/01/20 20:21:33 | 000,300,600 | ---- | M] (Adaptec, Inc.) MD5=60505E0041F7751BDBB80F88BF45C2CE -- C:\Windows\System32\drivers\adpahci.sys
[2008/01/20 20:21:34 | 000,101,432 | ---- | M] (Adaptec, Inc.) MD5=8A42779B02AEC986EAB64ECFC98F8BD7 -- C:\Windows\System32\drivers\adpu160m.sys
[2008/01/20 20:21:35 | 000,149,560 | ---- | M] (Adaptec, Inc.) MD5=241C9E37F8CE45EF51C3DE27515CA4E5 -- C:\Windows\System32\drivers\adpu320.sys
[2005/02/23 15:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) MD5=A7B8A3A79D35215D798A300DF49ED23F -- C:\Windows\System32\drivers\afc.sys
[2009/04/10 22:47:03 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=A201207363AA900ABF1A388468688570 -- C:\Windows\System32\drivers\afd.sys
[2008/01/20 20:21:09 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/20 20:21:09 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) MD5=9EAEF5FC9B8E351AFA7E78A6FAE91F91 -- C:\Windows\System32\drivers\aliide.sys
[2008/01/20 20:21:09 | 000,057,400 | ---- | M] (Microsoft Corporation) MD5=C47344BC706E5F0B9DCE369516661578 -- C:\Windows\System32\drivers\AMDAGP.SYS
[2008/01/20 20:21:09 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=9B78A39A4C173FDBC1321E0DD659B34C -- C:\Windows\System32\drivers\amdide.sys
[2008/01/20 20:21:09 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=18F29B49AD23ECEE3D2A826C725C8D48 -- C:\Windows\System32\drivers\amdk7.sys
[2008/01/20 20:21:09 | 000,044,032 | ---- | M] (Microsoft Corporation) MD5=93AE7F7DD54AB986A6F1A1B37BE7442D -- C:\Windows\System32\drivers\amdk8.sys
[2008/01/20 20:21:32 | 000,079,416 | ---- | M] (Adaptec, Inc.) MD5=5D2888182FB46632511ACEE92FDAD522 -- C:\Windows\System32\drivers\arc.sys
[2008/01/20 20:21:32 | 000,079,928 | ---- | M] (Adaptec, Inc.) MD5=5E2A321BD7C8B3624E41FDEC3E244945 -- C:\Windows\System32\drivers\arcsas.sys
[2008/01/20 20:22:12 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=53B202ABEE6455406254444303E87BE1 -- C:\Windows\System32\drivers\asyncmac.sys
[2009/04/11 00:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 00:32:42 | 000,109,032 | ---- | M] (Microsoft Corporation) MD5=64B0052340B8EC28FA8A56B708AE71CC -- C:\Windows\System32\drivers\ataport.sys
[2008/01/20 20:21:09 | 000,028,216 | ---- | M] (Microsoft Corporation) MD5=2B8A5A8879238C3BA9A89A8E3AC4E45D -- C:\Windows\System32\drivers\battc.sys
[2008/01/20 20:21:40 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=9F5F8F2318DFA3974A6F6A5602733929 -- C:\Windows\System32\drivers\bdasup.sys
[2008/01/20 20:21:53 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys
[2008/01/20 20:21:10 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=D4DF28447741FD3D953526E33A617397 -- C:\Windows\System32\drivers\blbdrive.sys
[2008/01/20 20:22:00 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=74B442B2BE1260B7588C136177CEAC66 -- C:\Windows\System32\drivers\bowser.sys
[2006/11/02 02:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) MD5=9F9ACC7F7CCDE8A15C282D3F88B43309 -- C:\Windows\System32\drivers\BrFiltLo.sys
[2006/11/02 02:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) MD5=56801AD62213A41F6497F96DEE83755A -- C:\Windows\System32\drivers\BrFiltUp.sys
[2009/04/10 23:42:55 | 000,093,696 | ---- | M] (Microsoft Corporation) MD5=B1564976D98E91FC764D5DC28A0297DA -- C:\Windows\System32\drivers\bridge.sys
[2006/11/02 02:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) MD5=B304E75CFF293029EDDF094246747113 -- C:\Windows\System32\drivers\BrSerId.sys
[2006/11/02 02:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) MD5=203F0B1E73ADADBBB7B7B1FABD901F6B -- C:\Windows\System32\drivers\BrSerWdm.sys
[2006/11/02 02:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) MD5=BD456606156BA17E60A04E18016AE54B -- C:\Windows\System32\drivers\BrUsbMdm.sys
[2006/11/02 02:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) MD5=AF72ED54503F717A43268B3CC5FAEC2E -- C:\Windows\System32\drivers\BrUsbSer.sys
[2006/11/02 02:55:23 | 000,039,936 | ---- | M] (Microsoft Corporation) MD5=AD07C1EC6665B8B35741AB91200C6B68 -- C:\Windows\System32\drivers\bthmodem.sys
[2008/01/20 20:21:58 | 000,070,144 | ---- | M] (Microsoft Corporation) MD5=7ADD03E75BEB9E6DD102C3081D29840A -- C:\Windows\System32\drivers\cdfs.sys
[2007/02/02 03:00:00 | 000,009,336 | ---- | M] (Sonic Solutions) MD5=837EEF65AF62D4E8A37C41D3879F7274 -- C:\Windows\System32\drivers\cdr4_xp.sys
[2007/02/02 03:00:00 | 000,009,464 | ---- | M] (Sonic Solutions) MD5=579DA2F9F5401F55DAE2CF8779D61DFC -- C:\Windows\System32\drivers\cdralw2k.sys
[2009/04/10 22:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2008/01/20 20:21:34 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=E5D4133F37219DBCFE102BC61072589D -- C:\Windows\System32\drivers\circlass.sys
[2009/04/11 00:32:43 | 000,125,928 | ---- | M] (Microsoft Corporation) MD5=0767B09C74D935A590B4879D14463B64 -- C:\Windows\System32\drivers\Classpnp.sys
[2008/01/20 20:21:09 | 000,019,000 | ---- | M] (CMD Technology, Inc.) MD5=0CA25E686A4928484E9FDABD168AB629 -- C:\Windows\System32\drivers\cmdide.sys
[2008/01/20 20:21:09 | 000,020,792 | ---- | M] (Microsoft Corporation) MD5=6AFEF0B60FA25DE07C0968983EE4F60A -- C:\Windows\System32\drivers\compbatt.sys
[2009/04/11 00:32:30 | 000,035,304 | ---- | M] (Microsoft Corporation) MD5=36975327EF03949CC378AB01E316B574 -- C:\Windows\System32\drivers\crashdmp.sys
[2008/01/20 20:21:30 | 000,024,632 | ---- | M] (Microsoft Corporation) MD5=741E9DFF4F42D2D8477D0FC1DC0DF871 -- C:\Windows\System32\drivers\crcdisk.sys
[2008/01/20 20:21:09 | 000,040,960 | ---- | M] (Microsoft Corporation) MD5=1F07BECDCA750766A96CDA811BA86410 -- C:\Windows\System32\drivers\crusoe.sys
[2009/04/10 22:14:52 | 000,351,744 | ---- | M] (Microsoft Corporation) MD5=9BDB2E89BE8D0EF37B1F25C3D3FC192C -- C:\Windows\System32\drivers\csc.sys
[2009/01/15 10:15:26 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=6B62F5F9A987D08F67FC1302E4B67AED -- C:\Windows\System32\drivers\dc3d.sys
[2009/04/10 22:14:12 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=218D8AE46C88E82014F5D73D0236D9B2 -- C:\Windows\System32\drivers\dfsc.sys
[2009/04/11 00:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\drivers\disk.sys
[2009/04/10 22:39:11 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=494075282E23D838F43A4C9FB7143959 -- C:\Windows\System32\drivers\Diskdump.sys
[2006/11/02 03:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) MD5=AE1FDF7BF7BB6C6A70F67699D880592A -- C:\Windows\System32\drivers\djsvs.sys
[2008/01/20 20:21:28 | 000,130,048 | ---- | M] (Microsoft Corporation) MD5=7BE5A3C671A2CB56E94403BFC2020A0D -- C:\Windows\System32\drivers\drmk.sys
[2008/01/20 20:21:28 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=97FEF831AB90BEE128C9AF390E243F80 -- C:\Windows\System32\drivers\drmkaud.sys
[2009/04/11 00:32:29 | 000,027,624 | ---- | M] (Microsoft Corporation) MD5=C67EBF9C05531C406E1E079FF669A2E6 -- C:\Windows\System32\drivers\Dumpata.sys
[2008/01/20 20:23:41 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=7680C2C92271A3E156A816C9FE9AE01C -- C:\Windows\System32\drivers\dumpfve.sys
[2008/01/20 20:22:31 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=EAAAFEF04FBB45665C9576E525D45A12 -- C:\Windows\System32\drivers\dxapi.sys
[2009/04/10 22:23:23 | 000,076,288 | ---- | M] (Microsoft Corporation) MD5=C8D5369BFE193B5FB53337DCE77CE314 -- C:\Windows\System32\drivers\dxg.sys
[2009/09/24 19:27:25 | 000,634,880 | ---- | M] (Microsoft Corporation) MD5=5C7E2097B91D689DED7A6FF90F0F3A25 -- C:\Windows\System32\drivers\dxgkrnl.sys
[2007/09/26 02:35:38 | 000,228,224 | ---- | M] (Intel Corporation) MD5=04944F4FC4F0477185F5D26AE0DDB90E -- C:\Windows\System32\drivers\e1e6032.sys
[2008/01/20 20:21:33 | 000,118,784 | ---- | M] (Intel Corporation) MD5=5425F74AC0C1DBD96A1E04F17D63F94C -- C:\Windows\System32\drivers\E1G60I32.sys
[2009/04/11 00:32:43 | 000,141,288 | ---- | M] (Microsoft Corporation) MD5=7F64EA048DCFAC7ACF8B4D7B4E6FE371 -- C:\Windows\System32\drivers\ecache.sys
[2009/12/17 16:25:12 | 000,026,024 | ---- | M] (Elaborate Bytes AG) MD5=44996A2ADDD2DB7454F2CA40B67D8941 -- C:\Windows\System32\drivers\ElbyCDIO.sys
[2008/01/20 20:21:30 | 000,342,584 | ---- | M] (Emulex) MD5=23B62471681A124889978F6295B3F4C6 -- C:\Windows\System32\drivers\elxstor.sys
[2008/01/20 20:21:09 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=3DB974F3935483555D7148663F726C61 -- C:\Windows\System32\drivers\errdev.sys
[2009/04/10 22:13:53 | 000,136,704 | ---- | M] (Microsoft Corporation) MD5=22B408651F9123527BCEE54B4F6C5CAE -- C:\Windows\System32\drivers\exfat.sys
[2009/04/10 22:13:52 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=1E9B9A70D332103C52995E957DC09EF8 -- C:\Windows\System32\drivers\fastfat.sys
[2008/01/20 20:21:28 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=AFE1E8B9782A0DD7FB46BBD88E43F89A -- C:\Windows\System32\drivers\fdc.sys
[2008/01/20 20:22:11 | 000,058,936 | ---- | M] (Microsoft Corporation) MD5=A8C0139A884861E3AAE9CFE73B208A9F -- C:\Windows\System32\drivers\fileinfo.sys
[2008/01/20 20:22:31 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=0AE429A696AECBC5970E3CF2C62635AE -- C:\Windows\System32\drivers\filetrace.sys
[2008/01/20 20:21:28 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=85B7CF99D532820495D68D747FDA9EBD -- C:\Windows\System32\drivers\flpydisk.sys
[2009/04/11 00:32:46 | 000,190,424 | ---- | M] (Microsoft Corporation) MD5=01334F9EA68E6877C4EF05D3EA8ABB05 -- C:\Windows\System32\drivers\fltMgr.sys
[2008/01/20 20:22:14 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=65EA8B77B5851854F0C55C43FA51A198 -- C:\Windows\System32\drivers\fs_rec.sys
[2009/04/11 00:32:43 | 000,143,848 | ---- | M] (Microsoft Corporation) MD5=FECF4C2E42440A8D132BF94EEE3C3FC9 -- C:\Windows\System32\drivers\fvevol.sys
[2009/04/11 00:32:43 | 000,099,816 | ---- | M] (Microsoft Corporation) MD5=73594DBC99E22958150192EE99BC48CE -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2008/01/20 20:21:30 | 000,061,496 | ---- | M] (Microsoft Corporation) MD5=34582A6E6573D54A07ECE5FE24A126B5 -- C:\Windows\System32\drivers\GAGP30KX.SYS
[2009/05/18 15:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) MD5=8182FF89C65E4D38B2DE4BB0FB18564E -- C:\Windows\System32\drivers\GEARAspiWDM.sys
[2009/04/10 22:42:42 | 000,561,152 | ---- | M] (Microsoft Corporation) MD5=062452B7FFD68C8C042A6261FE8DFF4A -- C:\Windows\System32\drivers\hdaudbus.sys
[2006/11/02 01:36:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=CB04C744BE0A61B1D648FAED182C3B59 -- C:\Windows\System32\drivers\HdAudio.sys
[2007/05/11 20:00:14 | 000,045,056 | ---- | M] (Intel Corporation) MD5=C865D1F6D03595DF213DC3C67E4E4C58 -- C:\Windows\System32\drivers\HECI.sys
[2006/11/02 02:55:22 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=1338520E78D90154ED6BE8F84DE5FCEB -- C:\Windows\System32\drivers\hidbth.sys
[2009/04/10 22:42:48 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=5961CADB7CAD938368D2028725EF771D -- C:\Windows\System32\drivers\hidclass.sys
[2006/11/02 02:55:01 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=FF3160C3A2445128C5A6D9B076DA519E -- C:\Windows\System32\drivers\hidir.sys
[2008/01/20 20:21:34 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=175444D3A01CA45D0E1C5DC5F48DF7CD -- C:\Windows\System32\drivers\hidparse.sys
[2009/04/10 22:42:48 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=CCA4B519B17E23A00B826C55716809CC -- C:\Windows\System32\drivers\hidusb.sys
[2008/01/20 20:21:34 | 000,040,504 | ---- | M] (Hewlett-Packard Company) MD5=16EE7B23A009E00D835CDB79574A91A6 -- C:\Windows\System32\drivers\HpCISSs.sys
[2010/02/20 14:53:34 | 000,411,648 | ---- | M] (Microsoft Corporation) MD5=F870AA3E254628EBEAFE754108D664DE -- C:\Windows\System32\drivers\http.sys
[2008/01/20 20:21:11 | 000,019,000 | ---- | M] (Microsoft Corporation) MD5=95BD3EA81EBE6B8CACAFDB6CDAB3586C -- C:\Windows\System32\drivers\i2omgmt.sys
[2008/01/20 20:21:11 | 000,030,264 | ---- | M] (Microsoft Corporation) MD5=C6B032D69650985468160FC9937CF5B4 -- C:\Windows\System32\drivers\i2omp.sys
[2008/01/20 20:21:28 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\drivers\i8042prt.sys
[2007/09/26 02:34:32 | 000,099,728 | ---- | M] (Intel Corporation) MD5=8986487C0B039DAA252C8B57B8C9F2C1 -- C:\Windows\System32\drivers\iANSW60.sys
[2007/03/21 12:58:56 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\drivers\iaStor.sys
[2008/01/20 20:21:31 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 03:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) MD5=2D077BF86E843F901D8DB709C95B49A5 -- C:\Windows\System32\drivers\iirsp.sys
[2008/01/20 20:21:09 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=83AA759F3189E6370C30DE5DC5590718 -- C:\Windows\System32\drivers\intelide.sys
[2008/01/20 20:21:09 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=224191001E78C89DFA78924C3EA595FF -- C:\Windows\System32\drivers\intelppm.sys
[2008/01/20 20:22:53 | 000,047,616 | ---- | M] (Microsoft Corporation) MD5=62C265C38769B864CB25B4BCF62DF6C3 -- C:\Windows\System32\drivers\ipfltdrv.sys
[2008/01/20 20:21:30 | 000,064,512 | ---- | M] (Microsoft Corporation) MD5=B25AAF203552B7B3491139D582B39AD1 -- C:\Windows\System32\drivers\IPMIDrv.sys
[2008/01/20 20:22:35 | 000,100,864 | ---- | M] (Microsoft Corporation) MD5=8793643A67B42CEC66490B2A0CF92D68 -- C:\Windows\System32\drivers\ipnat.sys
[2007/03/09 17:04:42 | 000,031,072 | ---- | M] (Intel Corporation ) MD5=8E7726BA6E6C4CD81BAA6C8D8C0099F3 -- C:\Windows\System32\drivers\iqvw32.sys
[2008/01/20 20:22:42 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=E50A95179211B12946F7E035D60AF560 -- C:\Windows\System32\drivers\irda.sys
[2008/01/20 20:22:01 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=109C0DFB82C3632FBD11949B73AEEAC9 -- C:\Windows\System32\drivers\irenum.sys
[2008/01/20 20:21:09 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\drivers\isapnp.sys
[2006/11/02 03:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) MD5=BCED60D16156E428F8DF8CF27B0DF150 -- C:\Windows\System32\drivers\iteatapi.sys
[2006/11/02 03:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) MD5=06FA654504A498C30ADCA8BEC4E87E7E -- C:\Windows\System32\drivers\iteraid.sys
[2008/01/20 20:21:31 | 000,035,384 | ---- | M] (Microsoft Corporation) MD5=37605E0A8CF00CBBA538E753E4344C6E -- C:\Windows\System32\drivers\kbdclass.sys
[2009/04/10 22:38:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=EDE59EC70E25C24581ADD1FBEC7325F7 -- C:\Windows\System32\drivers\kbdhid.sys
[2009/04/10 22:38:49 | 000,149,504 | ---- | M] (Microsoft Corporation) MD5=EF73C1E29FBE7B0FD0274BF4394E346A -- C:\Windows\System32\drivers\ks.sys
[2009/06/15 17:15:25 | 000,439,864 | ---- | M] (Microsoft Corporation) MD5=86165728AF9BF72D6442A894FDFB4F8B -- C:\Windows\System32\drivers\ksecdd.sys
[2008/01/20 20:22:45 | 000,047,104 | ---- | M] (Microsoft Corporation) MD5=D1C5883087A0C3F1344D9D55A44901F6 -- C:\Windows\System32\drivers\lltdio.sys
[2008/01/20 20:21:31 | 000,096,312 | ---- | M] (LSI Logic) MD5=C7E15E82879BF3235B559563D4185365 -- C:\Windows\System32\drivers\lsi_fc.sys
[2008/01/20 20:21:33 | 000,089,656 | ---- | M] (LSI Logic) MD5=EE01EBAE8C9BF0FA072E0FF68718920A -- C:\Windows\System32\drivers\lsi_sas.sys
[2008/01/20 20:21:31 | 000,096,312 | ---- | M] (LSI Logic) MD5=912A04696E9CA30146A62AFA1463DD5C -- C:\Windows\System32\drivers\lsi_scsi.sys
[2008/01/20 20:22:45 | 000,084,480 | ---- | M] (Microsoft Corporation) MD5=8F5C7426567798E62A3B3614965D62CC -- C:\Windows\System32\drivers\luafv.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) MD5=67B48A903430C6D4FB58CBACA1866601 -- C:\Windows\System32\drivers\mbam.sys
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) MD5=C7DD7D9739785BD3A6B8499EEC1DEE7E -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2008/01/20 20:22:55 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B271EC02E71271A2DA28B3B7BC4E4F15 -- C:\Windows\System32\drivers\mcd.sys
[2008/01/20 20:21:35 | 000,031,288 | ---- | M] (LSI Corporation) MD5=0001CE609D66632FA17B84705F658879 -- C:\Windows\System32\drivers\megasas.sys
[2008/01/20 20:21:35 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) MD5=C252F32CD9A49DBFC25ECF26EBD51A99 -- C:\Windows\System32\drivers\MegaSR.sys
[2008/01/20 20:23:05 | 000,031,744 | ---- | M] (Microsoft Corporation) MD5=E13B5EA0F51BA5B1512EC671393D09BA -- C:\Windows\System32\drivers\modem.sys
[2008/01/20 20:21:30 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=0A9BB33B56E294F686ABB7C1E4E2D8A8 -- C:\Windows\System32\drivers\monitor.sys
[2008/01/20 20:21:28 | 000,034,360 | ---- | M] (Microsoft Corporation) MD5=5BF6A1326A335C5298477754A506D263 -- C:\Windows\System32\drivers\mouclass.sys
[2008/01/20 20:21:28 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=93B8D4869E12CFBE663915502900876F -- C:\Windows\System32\drivers\mouhid.sys
[2008/01/20 20:21:53 | 000,057,400 | ---- | M] (Microsoft Corporation) MD5=BDAFC88AA6B92F7842416EA6A48E1600 -- C:\Windows\System32\drivers\mountmgr.sys
[2008/01/20 20:21:28 | 000,105,016 | ---- | M] (Microsoft Corporation) MD5=511D011289755DD9F9A7579FB0B064E6 -- C:\Windows\System32\drivers\mpio.sys
[2010/03/25 21:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=AEB186AFFF5D9CFED823C15D846AAC3B -- C:\Windows\System32\drivers\MpNWMon.sys
[2008/01/20 20:22:55 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=22241FEBA9B2DEFA669C8CB0A8DD7D2E -- C:\Windows\System32\drivers\mpsdrv.sys
[2006/11/02 03:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) MD5=4FBBB70D30FD20EC51F80061703B001E -- C:\Windows\System32\drivers\Mraid35x.sys
[2009/04/10 22:14:40 | 000,114,688 | ---- | M] (Microsoft Corporation) MD5=82CEA0395524AACFEB58BA1448E8325C -- C:\Windows\System32\drivers\mrxdav.sys
[2010/02/23 05:10:13 | 000,106,496 | ---- | M] (Microsoft Corporation) MD5=454341E652BDF5E01B0F2140232B073E -- C:\Windows\System32\drivers\mrxsmb.sys
[2010/02/23 05:10:19 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=2A4901AFF069944FA945ED5BBF4DCDE3 -- C:\Windows\System32\drivers\mrxsmb10.sys
[2010/02/23 05:10:13 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=28B3F1AB44BDD4432C041581412F17D9 -- C:\Windows\System32\drivers\mrxsmb20.sys
[2008/01/20 20:21:09 | 000,028,728 | ---- | M] (Microsoft Corporation) MD5=28023E86F17001F7CD9B15A5BC9AE07D -- C:\Windows\System32\drivers\msahci.sys
[2008/01/20 20:21:29 | 000,094,776 | ---- | M] (Microsoft Corporation) MD5=4468B0F385A86ECDDAF8D3CA662EC0E7 -- C:\Windows\System32\drivers\msdsm.sys
[2008/01/20 20:21:58 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=A9927F4A46B816C92F461ACB90CF8515 -- C:\Windows\System32\drivers\msfs.sys
[2008/01/20 20:21:09 | 000,016,440 | ---- | M] (Microsoft Corporation) MD5=0F400E306F385C56317357D6DEA56F62 -- C:\Windows\System32\drivers\msisadrv.sys
[2009/04/11 00:32:46 | 000,180,712 | ---- | M] (Microsoft Corporation) MD5=232FA340531D940AAC623B121A595034 -- C:\Windows\System32\drivers\msiscsi.sys
[2008/01/20 20:23:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=D8C63D34D9C9E56C059E24EC7185CC07 -- C:\Windows\System32\drivers\mskssrv.sys
[2008/01/20 20:23:00 | 000,005,888 | ---- | M] (Microsoft Corporation) MD5=1D373C90D62DDB641D50E55B9E78D65E -- C:\Windows\System32\drivers\mspclock.sys
[2008/01/20 20:23:00 | 000,005,504 | ---- | M] (Microsoft Corporation) MD5=B572DA05BF4E098D4BBA3A4734FB505B -- C:\Windows\System32\drivers\mspqm.sys
[2009/04/11 00:32:46 | 000,161,752 | ---- | M] (Microsoft Corporation) MD5=B49456D70555DE905C311BCDA6EC6ADB -- C:\Windows\System32\drivers\msrpc.sys
[2008/01/20 20:21:09 | 000,031,288 | ---- | M] (Microsoft Corporation) MD5=E384487CB84BE41D09711C30CA79646C -- C:\Windows\System32\drivers\mssmbios.sys
[2008/01/20 20:23:00 | 000,006,016 | ---- | M] (Microsoft Corporation) MD5=7199C1EEC1E4993CAF96B8C0A26BD58A -- C:\Windows\System32\drivers\mstee.sys
[2009/04/11 00:32:31 | 000,048,104 | ---- | M] (Microsoft Corporation) MD5=6A57B5733D4CB702C8EA4542E836B96C -- C:\Windows\System32\drivers\mup.sys
[2009/04/11 00:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2008/01/20 20:22:34 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=0E186E90404980569FB449BA7519AE61 -- C:\Windows\System32\drivers\ndistapi.sys
[2008/01/20 20:23:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D6973AA34C4D5D76C0430B181C3CD389 -- C:\Windows\System32\drivers\ndisuio.sys
[2009/04/10 22:46:32 | 000,121,344 | ---- | M] (Microsoft Corporation) MD5=818F648618AE34F729FDB47EC68345C3 -- C:\Windows\System32\drivers\ndiswan.sys
[2008/01/20 20:22:34 | 000,049,664 | ---- | M] (Microsoft Corporation) MD5=71DAB552B41936358F3B541AE5997FB3 -- C:\Windows\System32\drivers\ndproxy.sys
[2008/01/20 20:22:30 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=BCD093A5A6777CF626434568DC7DBA78 -- C:\Windows\System32\drivers\netbios.sys
[2009/04/10 22:45:37 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=ECD64230A59CBD93C85F1CD1CAB9F3F6 -- C:\Windows\System32\drivers\netbt.sys
[2009/04/11 00:32:46 | 000,223,208 | ---- | M] (Microsoft Corporation) MD5=063EE4D3CB88A14EAB9901875CEE98B1 -- C:\Windows\System32\drivers\netio.sys
[2006/11/02 03:50:19 | 000,045,160 | ---- | M] (IBM Corporation) MD5=2E7FB731D4790A1BC6270ACCEFACB36E -- C:\Windows\System32\drivers\nfrd960.sys
[2007/11/06 14:22:06 | 000,034,064 | ---- | M] (CACE Technologies) MD5=6623E51595C0076755C29C00846C4EB2 -- C:\Windows\System32\drivers\npf.sys
[2009/04/10 22:14:01 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=D36F239D7CCE1931598E8FB90A0DBC26 -- C:\Windows\System32\drivers\npfs.sys
[2008/01/20 20:22:55 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=609773E344A97410CE4EBF74A8914FCF -- C:\Windows\System32\drivers\nsiproxy.sys
[2009/04/11 00:32:49 | 001,083,880 | ---- | M] (Microsoft Corporation) MD5=6A4A98CEE84CF9E99564510DDA4BAA47 -- C:\Windows\System32\drivers\ntfs.sys
[2006/11/02 01:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) MD5=E875C093AEC0C978A90F30C9E0DFBB72 -- C:\Windows\System32\drivers\ntrigdigi.sys
[2008/01/20 20:21:57 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=C5DBBCDA07D780BDA9B685DF333BB41E -- C:\Windows\System32\drivers\null.sys
[2010/04/03 16:55:31 | 011,573,800 | ---- | M] (NVIDIA Corporation) MD5=C8CB6135884CBC2A10225C4C3CEF0F95 -- C:\Windows\System32\drivers\nvlddmkm.sys
[2008/01/20 20:21:29 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008/01/20 20:21:29 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/20 20:21:09 | 000,109,112 | ---- | M] (Microsoft Corporation) MD5=18BBDF913916B71BD54575BDB6EEAC0B -- C:\Windows\System32\drivers\NV_AGP.SYS
[2009/04/10 22:43:28 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=85C44FDFF9CF7E72A40DCB7EC06A4416 -- C:\Windows\System32\drivers\nwifi.sys
[2009/04/10 22:43:04 | 000,062,208 | ---- | M] (Microsoft Corporation) MD5=6F310E890D46E246E0E261A63D9B36B4 -- C:\Windows\System32\drivers\ohci1394.sys
[2005/06/08 09:57:00 | 000,589,184 | ---- | M] (Omnivision Technologies, Inc.) MD5=34F468B9700DC2A9A2266048AAF5E00A -- C:\Windows\System32\drivers\ov531.sys
[2007/04/10 11:08:46 | 000,596,480 | ---- | M] (Omnivision Technologies, Inc.) MD5=6443C9BAE93B58D67CAAFDEA224796E9 -- C:\Windows\System32\drivers\ov550i.sys
[2009/04/10 22:45:51 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=99514FAA8DF93D34B5589187DB3AA0BA -- C:\Windows\System32\drivers\pacer.sys
[2006/11/02 02:51:30 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=0FA9B5055484649D63C303FE404E5F4D -- C:\Windows\System32\drivers\parport.sys
[2009/04/11 00:32:31 | 000,054,248 | ---- | M] (Microsoft Corporation) MD5=57389FA59A36D96B3EB09D0CB91E9CDC -- C:\Windows\System32\drivers\partmgr.sys
[2006/11/02 02:51:23 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4F9A6A8A31413180D0FCB279AD5D8112 -- C:\Windows\System32\drivers\parvdm.sys
[2009/04/11 00:32:55 | 000,149,480 | ---- | M] (Microsoft Corporation) MD5=941DC1D19E7E8620F40BBC206981EFDB -- C:\Windows\System32\drivers\pci.sys
[2009/04/11 00:32:49 | 000,014,312 | ---- | M] (Microsoft Corporation) MD5=1636D43F10416AEB483BC6001097B26C -- C:\Windows\System32\drivers\pciide.sys
[2009/04/11 00:32:52 | 000,043,496 | ---- | M] (Microsoft Corporation) MD5=6429D10C5D149AC9EB2D95052A390CFF -- C:\Windows\System32\drivers\pciidex.sys
[2006/11/02 03:51:12 | 000,167,528 | ---- | M] (Microsoft Corporation) MD5=E6F3FB1B86AA519E7698AD05E58B04E5 -- C:\Windows\System32\drivers\pcmcia.sys
[2006/11/02 03:04:35 | 000,878,080 | ---- | M] (Microsoft Corporation) MD5=6349F6ED9C623B44B52EA3C63C831A92 -- C:\Windows\System32\drivers\PEAuth.sys
[2010/05/31 00:25:13 | 000,139,128 | ---- | M] () MD5=10BE25C04613B70D8CE1F412E14D9454 -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/04/10 22:42:50 | 000,167,936 | ---- | M] (Microsoft Corporation) MD5=218286724EC530FF252648369E05B090 -- C:\Windows\System32\drivers\portcls.sys
[2008/01/20 20:21:09 | 000,040,960 | ---- | M] (Microsoft Corporation) MD5=2027293619DD0F047C584CF2E7DF4FFD -- C:\Windows\System32\drivers\processr.sys
[2008/11/20 13:19:06 | 000,043,872 | ---- | M] (Sonic Solutions) MD5=49452BFCEC22F36A7A9B9C2181BC3042 -- C:\Windows\System32\drivers\pxhelp20.sys
[2008/01/20 20:21:33 | 001,122,360 | ---- | M] (QLogic Corporation) MD5=0A6DB55AFB7820C99AA1F3A1D270F4F6 -- C:\Windows\System32\drivers\ql2300.sys
[2006/11/02 03:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) MD5=81A7E5C076E59995D54BC1ED3A16E60B -- C:\Windows\System32\drivers\ql40xx.sys
[2008/01/20 20:21:40 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=9F5E0E1926014D17486901C88ECA2DB7 -- C:\Windows\System32\drivers\qwavedrv.sys
[2008/01/20 20:22:29 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\System32\drivers\rasacd.sys
[2008/01/20 20:23:02 | 000,076,288 | ---- | M] (Microsoft Corporation) MD5=A214ADBAF4CB47DD2728859EF31F26B0 -- C:\Windows\System32\drivers\rasl2tp.sys
[2009/04/10 22:46:30 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=509A98DD18AF4375E1FC40BC175F1DEF -- C:\Windows\System32\drivers\raspppoe.sys
[2008/01/20 20:23:02 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=ECFFFAEC0C1ECD8DBC77F39070EA1DB1 -- C:\Windows\System32\drivers\raspptp.sys
[2009/04/10 22:46:40 | 000,069,120 | ---- | M] (Microsoft Corporation) MD5=2005F4A1E05FA09389AC85840F0A9E4D -- C:\Windows\System32\drivers\rassstp.sys
[2009/04/10 22:14:29 | 000,225,280 | ---- | M] (Microsoft Corporation) MD5=B14C9D5B9ADD2F84F70570BBBFAA7935 -- C:\Windows\System32\drivers\rdbss.sys
[2008/01/20 20:22:14 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=89E59BE9A564262A3FB6C4F4F1CD9899 -- C:\Windows\System32\drivers\RDPCDD.sys
[2009/04/10 22:52:34 | 000,248,320 | ---- | M] (Microsoft Corporation) MD5=943B18305EAE3935598A9B4A3D560B4C -- C:\Windows\System32\drivers\rdpdr.sys
[2008/01/20 20:22:59 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=9D91FE5286F748862ECFFA05F8A0710C -- C:\Windows\System32\drivers\RDPENCDD.sys
[2009/04/10 22:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=30BFBDFB7F95559EDE971F9DDB9A00BA -- C:\Windows\System32\drivers\rdpwd.sys
[2009/04/10 22:45:24 | 000,113,664 | ---- | M] (Microsoft Corporation) MD5=EEC7EE5675294B03E88AA868540007C1 -- C:\Windows\System32\drivers\rmcast.sys
[2009/04/10 22:46:07 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=D9225D107E40D0FA5C5069446759C8E9 -- C:\Windows\System32\drivers\RNDISMP.sys
[2008/01/20 20:22:59 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=75E8A6BFA7374ABA833AE92BF41AE4E6 -- C:\Windows\System32\drivers\rootmdm.sys
[2008/01/20 20:22:45 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=9C508F4074A39E8B4B31D27198146FAD -- C:\Windows\System32\drivers\rspndr.sys
[2006/11/02 03:50:16 | 000,076,392 | ---- | M] (Microsoft Corporation) MD5=3CE8F073A557E172B330109436984E30 -- C:\Windows\System32\drivers\sbp2port.sys
[2008/01/20 20:22:01 | 000,142,904 | ---- | M] (Microsoft Corporation) MD5=6F5CA34AE885645ACF8A20D564DB976C -- C:\Windows\System32\drivers\scsiport.sys
[2006/11/02 00:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) MD5=90A3935D05B494A5A39D37E71F09A677 -- C:\Windows\System32\drivers\secdrv.sys
[2008/01/20 20:21:10 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=CE9EC966638EF0B10B864DDEDF62A099 -- C:\Windows\System32\drivers\serenum.sys
[2008/01/20 20:21:10 | 000,083,456 | ---- | M] (Microsoft Corporation) MD5=6D663022DB3E7058907784AE14B69898 -- C:\Windows\System32\drivers\serial.sys
[2008/01/20 20:21:28 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=8AF3D28A879BF75DB53A0EE7A4289624 -- C:\Windows\System32\drivers\sermouse.sys
[2008/01/20 20:21:31 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=3EFA810BDCA87F6ECC24F9832243FE86 -- C:\Windows\System32\drivers\sffdisk.sys
[2008/01/20 20:21:31 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=E95D451F7EA3E583AEC75F3B3EE42DC5 -- C:\Windows\System32\drivers\sffp_mmc.sys
[2008/01/20 20:21:31 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=3D0EA348784B7AC9EA9BD9F317980979 -- C:\Windows\System32\drivers\sffp_sd.sys
[2006/11/02 02:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\drivers\sfloppy.sys
[2008/01/20 20:21:09 | 000,055,864 | ---- | M] (Microsoft Corporation) MD5=1D76624A09A054F682D746B924E2DBC3 -- C:\Windows\System32\drivers\SISAGP.SYS
[2008/01/20 20:21:34 | 000,041,016 | ---- | M] (Microsoft Corporation) MD5=43CB7AA756C7DB280D01DA9B676CFDE2 -- C:\Windows\System32\drivers\sisraid2.sys
[2008/01/20 20:21:34 | 000,074,808 | ---- | M] (Silicon Integrated Systems) MD5=A99C6C8B0BAA970D8AA59DDC50B57F94 -- C:\Windows\System32\drivers\sisraid4.sys
[2009/04/10 22:45:22 | 000,066,560 | ---- | M] (Microsoft Corporation) MD5=7B75299A4D201D6A6533603D6914AB04 -- C:\Windows\System32\drivers\smb.sys
[2008/01/20 20:23:02 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=A7D7EA1771D2ED6F39A8063E79B6C3E8 -- C:\Windows\System32\drivers\smclib.sys
[2008/01/20 20:22:19 | 000,021,048 | ---- | M] (Microsoft Corporation) MD5=7AEBDEEF071FE28B0EEF2CDD69102BFF -- C:\Windows\System32\drivers\spldr.sys
[2009/04/10 20:52:40 | 000,684,032 | ---- | M] (Microsoft Corporation) MD5=A7F8BAD9590ADDC425B4003E94780DFA -- C:\Windows\System32\drivers\spsys.sys
[2009/11/06 21:24:16 | 000,685,816 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys
[2009/12/11 05:43:30 | 000,302,080 | ---- | M] (Microsoft Corporation) MD5=0DEBAFCC0E3591FCA34F077CAB62F7F7 -- C:\Windows\System32\drivers\srv.sys
[2009/09/14 03:29:50 | 000,144,896 | ---- | M] (Microsoft Corporation) MD5=6B6F3658E0A58C6C50C5F7FBDF3DF633 -- C:\Windows\System32\drivers\srv2.sys
[2009/12/11 05:43:11 | 000,098,816 | ---- | M] (Microsoft Corporation) MD5=0C5AB1892AE0FA504218DB094BF6D041 -- C:\Windows\System32\drivers\srvnet.sys
[2009/04/11 00:32:54 | 000,122,344 | ---- | M] (Microsoft Corporation) MD5=47E55AFE1ED1D5AFF09690DB226F4A7A -- C:\Windows\System32\drivers\Storport.sys
[2009/04/10 22:42:47 | 000,052,992 | ---- | M] (Microsoft Corporation) MD5=70A92E46A2F459CDEDE3CA558CB26B6A -- C:\Windows\System32\drivers\stream.sys
[2007/09/26 02:33:58 | 000,323,584 | ---- | M] (SigmaTel, Inc.) MD5=EA6204726AC084FECE5086DB72A12FDB -- C:\Windows\System32\drivers\stwrt.sys
[2008/01/20 20:21:09 | 000,015,288 | ---- | M] (Microsoft Corporation) MD5=7BA58ECF0C0A9A69D44B3DCA62BECF56 -- C:\Windows\System32\drivers\swenum.sys
[2006/11/02 03:50:05 | 000,035,944 | ---- | M] (LSI Logic) MD5=192AA3AC01DF071B541094F251DEED10 -- C:\Windows\System32\drivers\symc8xx.sys
[2006/11/02 03:49:56 | 000,031,848 | ---- | M] (LSI Logic) MD5=8C8EB8C76736EBAF3B13B633B2E64125 -- C:\Windows\System32\drivers\sym_hi.sys
[2006/11/02 03:50:03 | 000,034,920 | ---- | M] (LSI Logic) MD5=8072AF52B5FD103BBBA387A1E49F62CB -- C:\Windows\System32\drivers\sym_u3.sys
[2008/01/20 20:22:53 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=1239FD18895040D97B7CDBC19BC2075E -- C:\Windows\System32\drivers\tape.sys
[2010/02/18 08:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\System32\drivers\tcpip.sys
[2009/12/08 11:26:18 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=608C345A255D82A6289C2D468EB41FD7 -- C:\Windows\System32\drivers\tcpipreg.sys
[2008/01/20 20:22:12 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=77937EFF009AC696B90E09F671F9D0A4 -- C:\Windows\System32\drivers\tdi.sys
[2008/01/20 20:22:16 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\System32\drivers\tdpipe.sys
[2008/01/20 20:22:16 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\System32\drivers\tdtcp.sys
[2009/04/10 22:45:56 | 000,072,192 | ---- | M] (Microsoft Corporation) MD5=76B06EB8A01FC8624D699E7045303E54 -- C:\Windows\System32\drivers\tdx.sys
[2009/04/11 00:32:52 | 000,053,224 | ---- | M] (Microsoft Corporation) MD5=3CAD38910468EAB9A6479E2F01DB43C7 -- C:\Windows\System32\drivers\termdd.sys
[2008/01/20 20:23:10 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=DCF0F056A2E4F52287264F5AB29CF206 -- C:\Windows\System32\drivers\tssecsrv.sys
[2008/01/20 20:22:35 | 000,015,360 | ---- | M] (Microsoft Corporation) MD5=CAECC0120AC49E3D2F758B9169872D38 -- C:\Windows\System32\drivers\TUNMP.SYS
[2010/02/18 05:28:13 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=300DB877AC094FEAB0BE7688C3454A9C -- C:\Windows\System32\drivers\tunnel.sys
[2008/01/20 20:21:30 | 000,059,448 | ---- | M] (Microsoft Corporation) MD5=7D33C4DB2CE363C8518D2DFCF533941F -- C:\Windows\System32\drivers\UAGP35.SYS
[2009/04/10 22:13:59 | 000,226,816 | ---- | M] (Microsoft Corporation) MD5=D9728AF68C4C7693CB100B8441CBDEC6 -- C:\Windows\System32\drivers\udfs.sys
[2008/01/20 20:21:09 | 000,060,984 | ---- | M] (Microsoft Corporation) MD5=B0ACFDC9E4AF279E9116C03E014B2B27 -- C:\Windows\System32\drivers\ULIAGPKX.SYS
[2008/01/20 20:21:28 | 000,238,648 | ---- | M] (ULi Electronics Inc.) MD5=9224BB254F591DE4CA8D572A5F0D635C -- C:\Windows\System32\drivers\uliahci.sys
[2006/11/02 03:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) MD5=8514D0E5CD0534467C5FC61BE94A569F -- C:\Windows\System32\drivers\ulsata.sys
[2008/01/20 20:21:31 | 000,115,816 | ---- | M] (Promise Technology, Inc.) MD5=38C3C6E62B157A6BC46594FADA45C62B -- C:\Windows\System32\drivers\ulsata2.sys
[2008/01/20 20:21:30 | 000,034,816 | ---- | M] (Microsoft Corporation) MD5=32CFF9F809AE9AED85464492BF3E32D2 -- C:\Windows\System32\drivers\umbus.sys
[2008/01/20 20:21:57 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=88BD96A1BAEED33EE8BDF9499C07A841 -- C:\Windows\System32\drivers\umpass.sys
[2009/04/10 22:46:08 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=830D5D8456B822C1247C1E59B4C464FA -- C:\Windows\System32\drivers\usb8023.sys
[2009/03/26 15:23:46 | 000,036,864 | ---- | M] (Apple, Inc.) MD5=026F7F224F088EE11E383BCA448FFF81 -- C:\Windows\System32\drivers\usbaapl.sys
[2009/04/10 22:42:56 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=D06F193F3E9CC3B356DF97F6A43C054A -- C:\Windows\System32\drivers\USBCAMD.sys
[2009/04/10 22:42:56 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=EAE017D3AA298374A1967B96C379C5AB -- C:\Windows\System32\drivers\USBCAMD2.sys
[2008/01/20 20:21:28 | 000,073,216 | ---- | M] (Microsoft Corporation) MD5=CAF811AE4C147FFCD5B51750C7F09142 -- C:\Windows\System32\drivers\usbccgp.sys
[2006/11/02 02:55:09 | 000,068,608 | ---- | M] (Microsoft Corporation) MD5=E9476E6C486E76BC4898074768FB7131 -- C:\Windows\System32\drivers\usbcir.sys
[2008/01/20 20:21:11 | 000,005,888 | ---- | M] (Microsoft Corporation) MD5=790FDAC6D0C762DF9047C3C625A6FF6C -- C:\Windows\System32\drivers\usbd.sys
[2009/04/10 22:42:52 | 000,039,936 | ---- | M] (Microsoft Corporation) MD5=79E96C23A97CE7B8F14D310DA2DB0C9B -- C:\Windows\System32\drivers\usbehci.sys
[2009/04/10 22:43:16 | 000,196,096 | ---- | M] (Microsoft Corporation) MD5=4673BBCB006AF60E7ABDDBE7A130BA42 -- C:\Windows\System32\drivers\usbhub.sys
[2006/11/02 02:55:05 | 000,019,456 | ---- | M] (Microsoft Corporation) MD5=38DBC7DD6CC5A72011F187425384388B -- C:\Windows\System32\drivers\usbohci.sys
[2009/04/10 22:42:57 | 000,226,304 | ---- | M] (Microsoft Corporation) MD5=A1C100A87D981AD0774FBC0B4B82E913 -- C:\Windows\System32\drivers\usbport.sys
[2008/01/20 20:21:30 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\drivers\usbprint.sys
[2008/01/20 20:21:35 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\drivers\usbscan.sys
[2009/04/10 22:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=BE3DA31C191BC222D9AD503C5224F2AD -- C:\Windows\System32\drivers\USBSTOR.SYS
[2008/01/20 20:21:11 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=814D653EFC4D48BE3B04A307ECEFF56F -- C:\Windows\System32\drivers\usbuhci.sys
[2009/08/09 15:25:56 | 000,029,696 | ---- | M] (Elaborate Bytes AG) MD5=94D73B62E458FB56C9CE60AA96D914F9 -- C:\Windows\System32\drivers\VClone.sys
[2008/01/20 20:23:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=2E93AC0A1D8C79D019DB6C51F036636C -- C:\Windows\System32\drivers\vga.sys
[2008/01/20 20:21:11 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=87B06E1F30B749A114F74622D013F8D4 -- C:\Windows\System32\drivers\vgapnp.sys
[2008/01/20 20:21:09 | 000,056,888 | ---- | M] (Microsoft Corporation) MD5=5D7159DEF58A800D5781BA3A879627BC -- C:\Windows\System32\drivers\VIAAGP.SYS
[2008/01/20 20:21:09 | 000,041,472 | ---- | M] (Microsoft Corporation) MD5=C4F3A691B5BAD343E6249BD8C2D45DEE -- C:\Windows\System32\drivers\viac7.sys
[2008/01/20 20:21:09 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) MD5=AADF5587A4063F52C2C3FED7887426FC -- C:\Windows\System32\drivers\viaide.sys
[2008/01/20 20:21:52 | 000,110,080 | ---- | M] (Microsoft Corporation) MD5=C048D2C33D27441A0CDCAAE2651EB03D -- C:\Windows\System32\drivers\videoprt.sys
[2008/01/20 20:21:09 | 000,052,792 | ---- | M] (Microsoft Corporation) MD5=69503668AC66C77C6CD7AF86FBDF8C43 -- C:\Windows\System32\drivers\volmgr.sys
[2009/04/11 00:33:03 | 000,292,840 | ---- | M] (Microsoft Corporation) MD5=23E41B834759917BFD6B9A0D625D0C28 -- C:\Windows\System32\drivers\volmgrx.sys
[2009/04/11 00:32:55 | 000,226,280 | ---- | M] (Microsoft Corporation) MD5=147281C01FCB1DF9252DE2A10D5E7093 -- C:\Windows\System32\drivers\volsnap.sys
[2008/01/20 20:21:32 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) MD5=587253E09325E6BF226B299774B728A9 -- C:\Windows\System32\drivers\vsmraid.sys
[2006/11/02 02:52:52 | 000,020,608 | ---- | M] (Microsoft Corporation) MD5=48DFEE8F1AF7C8235D4E626F0C4FE031 -- C:\Windows\System32\drivers\wacompen.sys
[2008/01/20 20:22:34 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=55201897378CCA7AF8B5EFD874374A26 -- C:\Windows\System32\drivers\wanarp.sys
[2009/04/10 22:22:46 | 000,033,280 | ---- | M] (Microsoft Corporation) MD5=4A5C31E2C1646034E6A60EBA4C747FF6 -- C:\Windows\System32\drivers\watchdog.sys
[2008/01/20 20:21:33 | 000,022,072 | ---- | M] (Microsoft Corporation) MD5=78FE9542363F297B18C027B2D7E7C07F -- C:\Windows\System32\drivers\wd.sys
[2008/01/20 20:21:58 | 000,503,864 | ---- | M] (Microsoft Corporation) MD5=B6F0A7AD6D4BD325FBCD8BAC96CD8D96 -- C:\Windows\System32\drivers\Wdf01000.sys
[2008/01/20 20:21:58 | 000,035,896 | ---- | M] (Microsoft Corporation) MD5=B4FC6DD9167B058E6DBE6CB14ACFA2CB -- C:\Windows\System32\drivers\WdfLdr.sys
[2008/01/20 20:21:09 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=2E7255D172DF0B8283CDFB7B433B864E -- C:\Windows\System32\drivers\wmiacpi.sys
[2008/01/20 20:21:52 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=C546864EED786304762D030FEBF6B411 -- C:\Windows\System32\drivers\wmilib.sys
[2009/09/30 19:01:54 | 000,040,448 | ---- | M] (Microsoft Corporation) MD5=DE9D36F91A4DF3D911626643DEBF11EA -- C:\Windows\System32\drivers\WpdUsb.sys
[2008/01/20 20:22:55 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008/01/20 20:23:09 | 000,051,200 | ---- | M] (Microsoft Corporation) MD5=13B5F255E90624A5BA0441D39CFB6BE2 -- C:\Windows\System32\drivers\WUDFPf.sys
[2008/01/20 20:23:09 | 000,083,328 | ---- | M] (Microsoft Corporation) MD5=AC13CB789D93412106B0FB6C7EB2BCB6 -- C:\Windows\System32\drivers\WUDFRd.sys

< %systemroot%\system32\user32.dll /md5 >
[2009/04/11 00:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2008/01/20 20:22:57 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll

< %systemroot%\system32\ws2help.dll /md5 >
[2006/11/02 03:44:30 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=17C0671BF57057108A6D949510EE42C8 -- C:\Windows\System32\ws2help.dll

< >
< End of report >
strelet007
Regular Member
 
Posts: 37
Joined: July 20th, 2010, 1:46 pm

Re: HijackThis log =( - got a normal HJT log

Unread postby strelet007 » August 5th, 2010, 12:54 am

I've run RootRepeal twice now (ran as admin like other programs), with all options checked and scanning C:/ only. It stops responding on the "Stealth Object" tab. Task manager reports that it is not using any CPU.

I'm leaving it running overnight to see if it proceeds. I'll let you know the results in the morning.

Regardless, thank you for continuing to help me through this. :)
strelet007
Regular Member
 
Posts: 37
Joined: July 20th, 2010, 1:46 pm

Re: HijackThis log =( - got a normal HJT log

Unread postby Jack&Jill » August 5th, 2010, 2:47 am

Hello strelet007 :),

Sometimes, due to the severity of infection or corruption of the system, scans will take longer than usual or may not work. I look forward to get a RootRepeal log.

By the way, do you have the Windows Installation disc? We might need to go towards a repair install if things do not look so promising after a few more diagnosis steps.
User avatar
Jack&Jill
MRU Emeritus
MRU Emeritus
 
Posts: 2284
Joined: August 19th, 2008, 5:37 am
Location: South East Asia

Re: HijackThis log =( - got a normal HJT log

Unread postby strelet007 » August 5th, 2010, 1:30 pm

It doesn't look like RootRepeal is getting anywhere. :(

I do have the installation discs.
strelet007
Regular Member
 
Posts: 37
Joined: July 20th, 2010, 1:46 pm

Re: HijackThis log =( - got a normal HJT log

Unread postby Jack&Jill » August 6th, 2010, 11:05 am

Hello strelet007 :),

I do have the installation discs.
Good. An option we can proceed if we come to a dead end.

--------------------

For Windows Vista or Seven, please use right click and select Run as administrator instead of double click to run all the tools I ask you to, or they may not work properly.

Please download ComboFix© by sUBs from one of the links below and save it to your desktop.

Link 1
Link 2

Do not mouse click on ComboFix while it is running. That may cause it to stall. ComboFix is a powerful tool and must not be used without supervision.

Run ComboFix
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily when running ComboFix. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click on ComboFix.exe and follow the prompts.
  • When finished, a log will be produced as C:\ComboFix.txt. Please post this log in your next reply.
  • If you lose Internet connection after running ComboFix, right click on the network icon at the system tray and select Repair, or you can reboot the computer.
  • Enable back your security softwares as soon as you completed the ComboFix steps.

A detailed step by step tutorial to run ComboFix can be found here if you need help.

--------------------

Please post back:
1. the ComboFix log
User avatar
Jack&Jill
MRU Emeritus
MRU Emeritus
 
Posts: 2284
Joined: August 19th, 2008, 5:37 am
Location: South East Asia

Re: HijackThis log =( - got a normal HJT log

Unread postby Jack&Jill » August 8th, 2010, 9:42 pm

Hello strelet007 :),

I usually close the topic after 3 days without any reply, and it has already been 2 days since my last post. Do you still need help? Any problems following my instructions? Need more time?

If I do not get any response within the next 24 hours, this topic will be closed.
User avatar
Jack&Jill
MRU Emeritus
MRU Emeritus
 
Posts: 2284
Joined: August 19th, 2008, 5:37 am
Location: South East Asia

Re: HijackThis log =( - got a normal HJT log

Unread postby NonSuch » August 10th, 2010, 12:37 am

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove

Previous

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 292 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware