Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Please help!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Please help!

Unread postby turtledove » August 25th, 2010, 1:55 pm

Good Day gtmaster303,

I am checking with my colleagues as to what would be best going forward. Thank you for letting me know you are out of town, and about the crashing.
Can you tell me what the Blue Screen says please?

Thanks

turtledove
User avatar
turtledove
Retired Graduate
 
Posts: 4398
Joined: February 13th, 2006, 3:26 am
Location: California
Advertisement
Register to Remove

Re: Please help!

Unread postby gtmaster303 » August 25th, 2010, 3:19 pm

hxxp://lpgen.info/mylpgen/registry-erro ... r0?c=camp3
(should i keep posting these sites?)

the blue screen literally comes up for a couple seconds and the the computer automatically shuts off and starts up again. I don't have any time to read what it says. i can try taking a picture of the screen and uploading that here, but i don't have access to a camera at the moment...
gtmaster303
Regular Member
 
Posts: 34
Joined: August 15th, 2010, 3:25 pm

Re: Please help!

Unread postby turtledove » August 25th, 2010, 3:38 pm

Good Day gtmaster303,

No need for more links right now.
See if when you select F8 if there is an option for no automatic restart when errors occur like a blue screen.
This may also be available in Boot options menu, usually entered by using Del key when system boots; your boot up screen should specify which key you should press. Don't change any options in there, just let me know if it is in boot options if it is not in F8 options.

As always ask if you are unsure.

turtledove
User avatar
turtledove
Retired Graduate
 
Posts: 4398
Joined: February 13th, 2006, 3:26 am
Location: California

Re: Please help!

Unread postby gtmaster303 » August 25th, 2010, 9:16 pm

Technical Information:
STOP: 0x0000008E (0xC0000005, 0x81E46D95, 0xBF6A9A54, 0x00000000)
gtmaster303
Regular Member
 
Posts: 34
Joined: August 15th, 2010, 3:25 pm

Re: Please help!

Unread postby turtledove » August 25th, 2010, 9:38 pm

Good evening gtmaster,

Thank you. I shall be back with more by Thursday evening at the latest.

turtledove
User avatar
turtledove
Retired Graduate
 
Posts: 4398
Joined: February 13th, 2006, 3:26 am
Location: California

Re: Please help!

Unread postby gtmaster303 » August 25th, 2010, 10:18 pm

I've been trying to keep up as well as i can with your responses.
Thanks for the lightning fast replies
gtmaster303
Regular Member
 
Posts: 34
Joined: August 15th, 2010, 3:25 pm

Re: Please help!

Unread postby turtledove » August 26th, 2010, 1:05 pm

Good Day gtmaster303,
You're welcome. :)


**Please printout or copy these instructions to notepad for reference.
In Vista, Right Click the exe and select Run as Administrator.

Technical Information:
STOP: 0x0000008E (0xC0000005, 0x81E46D95, 0xBF6A9A54, 0x00000000)

This could be indicating a memory module going bad or not properly seated on the Motherboard.

MBRCheck

    Please download MBRCheck.exe and save it to your desktop.
  • Right click on MBRCheck.exe and select " Run as administrator " to run it.
  • A window similar to this should open on your desktop:

Image

  • If you are prompted with options, enter N at the prompt and press Enter
  • Press Enter again.
  • A log will open on your Desktop ...... MBRCheck_mm.dd.yy_hh.mm.ss.txt (where mm.dd.yy_hh.mm.ss are the date and time the scan was run)
  • Please post the contents of the log in your next reply.


Please download TDSSKiller.zip and extract (unzip) it to your Desktop.
  • Right click on TDSSKiller.exe and select " Run as administrator " to run it.
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • To find the log go to Start > Computer > C:
  • Post the contents of that log in your next reply please.
  • DO NOT TRY TO FIX ANYTHING AT THIS POINT



Post
Any problems running the scans
MBRCheck_mm.dd.yy_hh.mm.ss.txt
Report from TDSSKiller
Do you have a Recovery partition and/or Installation Discs for Vista

Thank you

turtledove
User avatar
turtledove
Retired Graduate
 
Posts: 4398
Joined: February 13th, 2006, 3:26 am
Location: California

Re: Please help!

Unread postby gtmaster303 » August 26th, 2010, 10:45 pm

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: Quanta
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Pavilion dv6700 Notebook PC
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 147):
0x81E0B000 \SystemRoot\system32\ntkrnlpa.exe
0x821C4000 \SystemRoot\system32\hal.dll
0x80404000 \SystemRoot\system32\kdcom.dll
0x8040B000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x8047B000 \SystemRoot\system32\PSHED.dll
0x8048C000 \SystemRoot\system32\BOOTVID.dll
0x80494000 \SystemRoot\system32\CLFS.SYS
0x804D5000 \SystemRoot\system32\CI.dll
0x80603000 \SystemRoot\system32\drivers\Wdf01000.sys
0x80674000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x80682000 \SystemRoot\system32\drivers\acpi.sys
0x806C8000 \SystemRoot\system32\drivers\WMILIB.SYS
0x806D1000 \SystemRoot\system32\drivers\msisadrv.sys
0x806D9000 \SystemRoot\system32\drivers\pci.sys
0x80700000 \SystemRoot\System32\drivers\partmgr.sys
0x8070F000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x80712000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x8071C000 \SystemRoot\system32\drivers\volmgr.sys
0x8072B000 \SystemRoot\System32\drivers\volmgrx.sys
0x80775000 \SystemRoot\system32\drivers\intelide.sys
0x8077C000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x8078A000 \SystemRoot\System32\drivers\mountmgr.sys
0x89E0F000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x89ED7000 \SystemRoot\system32\drivers\atapi.sys
0x89EDF000 \SystemRoot\system32\drivers\ataport.SYS
0x89EFD000 \SystemRoot\system32\drivers\msahci.sys
0x89F07000 \SystemRoot\system32\drivers\fltmgr.sys
0x89F39000 \SystemRoot\system32\drivers\fileinfo.sys
0x89F49000 \SystemRoot\System32\Drivers\ksecdd.sys
0x8A008000 \SystemRoot\system32\drivers\ndis.sys
0x8A113000 \SystemRoot\system32\drivers\msrpc.sys
0x8A13E000 \SystemRoot\system32\drivers\NETIO.SYS
0x8A205000 \SystemRoot\System32\drivers\tcpip.sys
0x8A2EF000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8A40B000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8A51B000 \SystemRoot\system32\drivers\volsnap.sys
0x8A554000 \SystemRoot\System32\Drivers\spldr.sys
0x8A55C000 \SystemRoot\System32\Drivers\mup.sys
0x8A56B000 \SystemRoot\System32\drivers\ecache.sys
0x8A592000 \SystemRoot\system32\drivers\disk.sys
0x8A5A3000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x8A5C4000 \SystemRoot\system32\drivers\crcdisk.sys
0x8A5DA000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8A5E5000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8A5EE000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8A5F2000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8A3D2000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8E20A000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x8EB09000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8EBAA000 \SystemRoot\System32\drivers\watchdog.sys
0x8EBB6000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8EBC1000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8A3E1000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8EC03000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8EE02000 \SystemRoot\system32\DRIVERS\NETw5v32.sys
0x8F218000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
0x8F234000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x8F244000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x8F252000 \SystemRoot\system32\DRIVERS\sdbus.sys
0x8F26C000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0x8F27B000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0x8F28F000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0x8F2E0000 \SystemRoot\system32\DRIVERS\HpqRemHid.sys
0x8F2E2000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x8F2F2000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x8F2F9000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8F30C000 \SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
0x8F311000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8F31C000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x8F34B000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8F34D000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8F358000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8F370000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8F39F000 \SystemRoot\system32\DRIVERS\storport.sys
0x8F3E0000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8EC90000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8F3EB000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8ECA7000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8ECCA000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8ECD9000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8ECED000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8ED02000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8F3F6000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8ED12000 \SystemRoot\system32\DRIVERS\ks.sys
0x8ED3C000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8ED46000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8ED53000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8ED88000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x8ED91000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8F605000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x8EDA2000 \SystemRoot\system32\drivers\portcls.sys
0x8EDCF000 \SystemRoot\system32\drivers\drmk.sys
0x8F80E000 \SystemRoot\system32\DRIVERS\smserial.sys
0x8F8FF000 \SystemRoot\system32\drivers\modem.sys
0x8F90C000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x8F915000 \SystemRoot\System32\Drivers\Null.SYS
0x8F91C000 \SystemRoot\System32\Drivers\Beep.SYS
0x8F923000 \SystemRoot\System32\drivers\vga.sys
0x8F92F000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8F950000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8F958000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8F960000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8F96B000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8F979000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x8F982000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8F998000 \SystemRoot\system32\DRIVERS\smb.sys
0x8F9AC000 \SystemRoot\System32\Drivers\avgtdix.sys
0x8A179000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8A1AB000 \SystemRoot\system32\drivers\afd.sys
0x8F9E6000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8F800000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8F7E5000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x89FBA000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8EDF4000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8079A000 \SystemRoot\System32\Drivers\dfsc.sys
0x8F7F8000 \SystemRoot\System32\Drivers\avgmfx86.sys
0x807B1000 \SystemRoot\System32\Drivers\avgldx86.sys
0x807E5000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x805B5000 \SystemRoot\System32\Drivers\usbvideo.sys
0x8A5CD000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8A30A000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x97870000 \SystemRoot\System32\win32k.sys
0x8E200000 \SystemRoot\System32\drivers\Dxapi.sys
0x8A3F0000 \SystemRoot\system32\DRIVERS\monitor.sys
0x97A90000 \SystemRoot\System32\TSDDD.dll
0x97AB0000 \SystemRoot\System32\cdd.dll
0x805D6000 \SystemRoot\system32\drivers\luafv.sys
0xABA01000 \SystemRoot\system32\drivers\spsys.sys
0xABAB1000 \SystemRoot\system32\DRIVERS\lltdio.sys
0xABAC1000 \SystemRoot\system32\DRIVERS\nwifi.sys
0xABAEB000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xABAF5000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xABB08000 \SystemRoot\system32\drivers\HTTP.sys
0xABB75000 \SystemRoot\System32\DRIVERS\srvnet.sys
0xABB92000 \SystemRoot\system32\DRIVERS\bowser.sys
0xABBAB000 \SystemRoot\System32\drivers\mpsdrv.sys
0xABBC0000 \SystemRoot\system32\drivers\mrxdav.sys
0xABBE1000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xACA0E000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xACA47000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xACA5F000 \SystemRoot\System32\DRIVERS\srv2.sys
0xACA86000 \SystemRoot\System32\DRIVERS\srv.sys
0xACAEC000 \SystemRoot\system32\drivers\peauth.sys
0xACBCA000 \SystemRoot\System32\Drivers\secdrv.SYS
0xACBD4000 \SystemRoot\System32\drivers\tcpipreg.sys
0xACBE0000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x77790000 \WINDOWS\System32\ntdll.dll

Processes (total 51):
0 System Idle Process
4 System
492 C:\WINDOWS\System32\smss.exe
624 csrss.exe
668 C:\WINDOWS\System32\wininit.exe
676 csrss.exe
688 C:\Program Files\AVG\AVG9\avgchsvx.exe
696 C:\Program Files\AVG\AVG9\avgrsx.exe
732 C:\WINDOWS\System32\services.exe
744 C:\WINDOWS\System32\lsass.exe
752 C:\WINDOWS\System32\lsm.exe
776 C:\WINDOWS\System32\winlogon.exe
820 C:\Program Files\AVG\AVG9\avgcsrvx.exe
1016 C:\WINDOWS\System32\svchost.exe
1248 C:\WINDOWS\System32\svchost.exe
1360 C:\WINDOWS\System32\svchost.exe
1384 C:\WINDOWS\System32\svchost.exe
1420 C:\WINDOWS\System32\svchost.exe
1488 C:\WINDOWS\System32\audiodg.exe
1536 C:\WINDOWS\System32\svchost.exe
1564 C:\WINDOWS\System32\SLsvc.exe
1608 C:\WINDOWS\System32\svchost.exe
1716 C:\WINDOWS\System32\svchost.exe
1912 C:\WINDOWS\System32\taskeng.exe
1920 C:\WINDOWS\System32\spoolsv.exe
1956 C:\WINDOWS\System32\svchost.exe
1992 C:\WINDOWS\System32\rundll32.exe
592 C:\Program Files\AVG\AVG9\avgwdsvc.exe
860 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
900 C:\WINDOWS\System32\svchost.exe
904 C:\WINDOWS\System32\svchost.exe
2084 C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
2136 C:\WINDOWS\System32\svchost.exe
2196 C:\WINDOWS\System32\SearchIndexer.exe
2428 C:\Program Files\AVG\AVG9\avgnsx.exe
3068 C:\WINDOWS\System32\taskeng.exe
3252 C:\WINDOWS\System32\dwm.exe
3288 C:\WINDOWS\explorer.exe
3416 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3436 C:\Program Files\AVG\AVG9\avgtray.exe
3460 C:\WINDOWS\System32\igfxtray.exe
3468 C:\WINDOWS\System32\hkcmd.exe
3480 C:\WINDOWS\System32\igfxpers.exe
3492 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\taskmgr.exe
3572 C:\WINDOWS\System32\igfxsrvc.exe
3916 C:\Program Files\Mozilla Firefox\firefox.exe
3308 C:\Program Files\Windows Media Player\wmpnscfg.exe
2764 C:\Program Files\Windows Media Player\wmpnetwk.exe
3396 C:\WINDOWS\System32\SearchProtocolHost.exe
3996 C:\WINDOWS\System32\SearchFilterHost.exe
3404 C:\Users\Neil\Downloads\MBRCheck(2).exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`5dd00000 (NTFS)

PhysicalDrive0 Model Number: ST9320320AS, Rev: SD56

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 461B0B91DED4C2481D3FB27369B08E0DDCE2F7F9


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!





2010/08/26 22:38:29.0161 TDSS rootkit removing tool 2.4.1.2 Aug 16 2010 09:46:23
2010/08/26 22:38:29.0161 ================================================================================
2010/08/26 22:38:29.0161 SystemInfo:
2010/08/26 22:38:29.0161
2010/08/26 22:38:29.0161 OS Version: 6.0.6002 ServicePack: 2.0
2010/08/26 22:38:29.0161 Product type: Workstation
2010/08/26 22:38:29.0161 ComputerName: NEIL-PC
2010/08/26 22:38:29.0161 UserName: Neil
2010/08/26 22:38:29.0161 Windows directory: C:\Windows
2010/08/26 22:38:29.0161 System windows directory: C:\Windows
2010/08/26 22:38:29.0161 Processor architecture: Intel x86
2010/08/26 22:38:29.0161 Number of processors: 2
2010/08/26 22:38:29.0161 Page size: 0x1000
2010/08/26 22:38:29.0161 Boot type: Normal boot
2010/08/26 22:38:29.0161 ================================================================================
2010/08/26 22:38:29.0613 Initialize success
2010/08/26 22:38:46.0851 ================================================================================
2010/08/26 22:38:46.0851 Scan started
2010/08/26 22:38:46.0851 Mode: Manual;
2010/08/26 22:38:46.0851 ================================================================================
2010/08/26 22:38:49.0004 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2010/08/26 22:38:50.0424 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2010/08/26 22:38:52.0155 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2010/08/26 22:38:53.0902 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2010/08/26 22:38:55.0119 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2010/08/26 22:38:56.0601 AFD (fe7973819e28d620c64079cd47c0419e) C:\Windows\system32\drivers\afd.sys
2010/08/26 22:38:56.0601 Suspicious file (Forged): C:\Windows\system32\drivers\afd.sys. Real md5: fe7973819e28d620c64079cd47c0419e, Fake md5: a201207363aa900abf1a388468688570
2010/08/26 22:38:56.0617 AFD - detected Rootkit.Win32.TDSS.tdl3 (0)
2010/08/26 22:38:58.0005 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2010/08/26 22:38:58.0894 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2010/08/26 22:39:00.0018 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2010/08/26 22:39:00.0938 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2010/08/26 22:39:02.0202 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2010/08/26 22:39:03.0013 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2010/08/26 22:39:04.0588 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
2010/08/26 22:39:05.0571 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2010/08/26 22:39:06.0772 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2010/08/26 22:39:07.0490 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/08/26 22:39:08.0488 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2010/08/26 22:39:09.0565 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\Windows\System32\Drivers\avgldx86.sys
2010/08/26 22:39:09.0892 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\Windows\System32\Drivers\avgmfx86.sys
2010/08/26 22:39:09.0970 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\Windows\System32\Drivers\avgtdix.sys
2010/08/26 22:39:10.0204 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
2010/08/26 22:39:10.0282 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2010/08/26 22:39:10.0345 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2010/08/26 22:39:10.0392 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2010/08/26 22:39:10.0438 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2010/08/26 22:39:10.0470 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2010/08/26 22:39:10.0516 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2010/08/26 22:39:10.0548 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2010/08/26 22:39:10.0626 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2010/08/26 22:39:10.0657 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2010/08/26 22:39:10.0704 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2010/08/26 22:39:10.0782 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2010/08/26 22:39:10.0860 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2010/08/26 22:39:10.0906 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2010/08/26 22:39:10.0969 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2010/08/26 22:39:11.0062 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/08/26 22:39:11.0109 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2010/08/26 22:39:11.0203 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2010/08/26 22:39:11.0218 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2010/08/26 22:39:11.0265 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2010/08/26 22:39:11.0374 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2010/08/26 22:39:11.0484 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2010/08/26 22:39:11.0671 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2010/08/26 22:39:11.0796 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
2010/08/26 22:39:12.0061 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2010/08/26 22:39:12.0170 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2010/08/26 22:39:12.0264 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2010/08/26 22:39:12.0310 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2010/08/26 22:39:12.0482 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2010/08/26 22:39:12.0560 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2010/08/26 22:39:12.0638 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2010/08/26 22:39:12.0685 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2010/08/26 22:39:12.0716 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2010/08/26 22:39:12.0747 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/08/26 22:39:12.0810 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2010/08/26 22:39:12.0888 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2010/08/26 22:39:12.0934 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2010/08/26 22:39:13.0012 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2010/08/26 22:39:13.0090 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/08/26 22:39:13.0137 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2010/08/26 22:39:13.0168 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2010/08/26 22:39:13.0200 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
2010/08/26 22:39:13.0278 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2010/08/26 22:39:13.0356 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
2010/08/26 22:39:13.0418 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys
2010/08/26 22:39:13.0512 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2010/08/26 22:39:13.0574 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
2010/08/26 22:39:13.0683 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2010/08/26 22:39:13.0746 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2010/08/26 22:39:13.0808 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/08/26 22:39:13.0902 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys
2010/08/26 22:39:13.0964 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2010/08/26 22:39:14.0401 igfx (a9221d13d8f1f772010ee293ba9baeb7) C:\Windows\system32\DRIVERS\igdkmd32.sys
2010/08/26 22:39:14.0947 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2010/08/26 22:39:15.0430 IntcAzAudAddService (2967e9c168cb5e0108a8a243ae179bad) C:\Windows\system32\drivers\RTKVHDA.sys
2010/08/26 22:39:15.0789 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2010/08/26 22:39:16.0070 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2010/08/26 22:39:16.0210 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/08/26 22:39:16.0288 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2010/08/26 22:39:16.0304 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2010/08/26 22:39:16.0351 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2010/08/26 22:39:16.0460 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2010/08/26 22:39:16.0600 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/08/26 22:39:16.0678 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2010/08/26 22:39:16.0741 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2010/08/26 22:39:16.0803 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/08/26 22:39:16.0959 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/08/26 22:39:17.0053 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2010/08/26 22:39:17.0209 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2010/08/26 22:39:17.0271 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2010/08/26 22:39:17.0318 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2010/08/26 22:39:17.0396 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2010/08/26 22:39:17.0427 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2010/08/26 22:39:17.0474 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2010/08/26 22:39:17.0521 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2010/08/26 22:39:17.0568 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2010/08/26 22:39:17.0614 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2010/08/26 22:39:17.0630 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2010/08/26 22:39:17.0677 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\drivers\mouhid.sys
2010/08/26 22:39:17.0724 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2010/08/26 22:39:17.0786 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2010/08/26 22:39:17.0833 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2010/08/26 22:39:17.0880 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2010/08/26 22:39:17.0942 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2010/08/26 22:39:18.0020 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/08/26 22:39:18.0051 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/08/26 22:39:18.0098 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/08/26 22:39:18.0192 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2010/08/26 22:39:18.0223 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2010/08/26 22:39:18.0254 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2010/08/26 22:39:18.0301 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2010/08/26 22:39:18.0379 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2010/08/26 22:39:18.0613 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/08/26 22:39:18.0644 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2010/08/26 22:39:18.0691 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2010/08/26 22:39:18.0738 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/08/26 22:39:18.0769 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2010/08/26 22:39:18.0816 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2010/08/26 22:39:18.0925 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2010/08/26 22:39:19.0018 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2010/08/26 22:39:19.0081 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/08/26 22:39:19.0112 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/08/26 22:39:19.0206 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/08/26 22:39:19.0237 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2010/08/26 22:39:19.0252 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2010/08/26 22:39:19.0330 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2010/08/26 22:39:19.0471 NETw4v32 (25acccfc33dd448b9d3037c5e439e830) C:\Windows\system32\DRIVERS\NETw4v32.sys
2010/08/26 22:39:19.0752 NETw5v32 (054ba4a208c7aaf4f787e4f5466755e6) C:\Windows\system32\DRIVERS\NETw5v32.sys
2010/08/26 22:39:19.0876 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2010/08/26 22:39:19.0986 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\Windows\system32\drivers\ccdcmb.sys
2010/08/26 22:39:20.0220 nmwcdc (3859c69a77793180548802dac9f34a38) C:\Windows\system32\drivers\ccdcmbo.sys
2010/08/26 22:39:20.0298 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2010/08/26 22:39:20.0360 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2010/08/26 22:39:20.0844 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2010/08/26 22:39:22.0513 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2010/08/26 22:39:23.0106 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2010/08/26 22:39:23.0308 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys
2010/08/26 22:39:23.0402 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2010/08/26 22:39:23.0464 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2010/08/26 22:39:23.0652 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2010/08/26 22:39:24.0104 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/08/26 22:39:24.0213 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2010/08/26 22:39:24.0728 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2010/08/26 22:39:24.0806 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2010/08/26 22:39:24.0993 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2010/08/26 22:39:25.0102 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2010/08/26 22:39:25.0227 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2010/08/26 22:39:25.0321 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2010/08/26 22:39:25.0508 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2010/08/26 22:39:26.0054 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2010/08/26 22:39:26.0148 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2010/08/26 22:39:26.0241 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2010/08/26 22:39:26.0335 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2010/08/26 22:39:26.0413 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2010/08/26 22:39:26.0444 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2010/08/26 22:39:26.0491 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2010/08/26 22:39:26.0600 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/08/26 22:39:26.0725 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/08/26 22:39:26.0787 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2010/08/26 22:39:26.0850 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2010/08/26 22:39:26.0928 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/08/26 22:39:26.0974 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2010/08/26 22:39:27.0006 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2010/08/26 22:39:27.0130 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2010/08/26 22:39:27.0271 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
2010/08/26 22:39:27.0302 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
2010/08/26 22:39:27.0333 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
2010/08/26 22:39:27.0427 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2010/08/26 22:39:27.0489 RTL8169 (9a929308a64183d3d9dccbb6df4badae) C:\Windows\system32\DRIVERS\Rtlh86.sys
2010/08/26 22:39:27.0598 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2010/08/26 22:39:27.0786 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
2010/08/26 22:39:27.0832 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2010/08/26 22:39:27.0895 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2010/08/26 22:39:27.0926 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2010/08/26 22:39:27.0973 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2010/08/26 22:39:28.0051 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/08/26 22:39:28.0129 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2010/08/26 22:39:28.0191 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/08/26 22:39:28.0238 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2010/08/26 22:39:28.0300 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2010/08/26 22:39:28.0332 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2010/08/26 22:39:28.0378 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2010/08/26 22:39:28.0456 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2010/08/26 22:39:28.0550 smserial (63b3b77bdb67ee674771c0e6fb96da9e) C:\Windows\system32\DRIVERS\smserial.sys
2010/08/26 22:39:28.0722 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2010/08/26 22:39:28.0878 srv (96a5e2c642af8f591a7366429809506b) C:\Windows\system32\DRIVERS\srv.sys
2010/08/26 22:39:29.0002 srv2 (71da2d64880c97e5ffc3c81761632751) C:\Windows\system32\DRIVERS\srv2.sys
2010/08/26 22:39:29.0143 srvnet (0c5ab1892ae0fa504218db094bf6d041) C:\Windows\system32\DRIVERS\srvnet.sys
2010/08/26 22:39:29.0252 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2010/08/26 22:39:29.0314 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2010/08/26 22:39:29.0502 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2010/08/26 22:39:29.0626 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2010/08/26 22:39:29.0720 SynTP (bf7aa84d5af0faa0978c840e63b17dbf) C:\Windows\system32\DRIVERS\SynTP.sys
2010/08/26 22:39:29.0970 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2010/08/26 22:39:30.0640 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2010/08/26 22:39:31.0764 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2010/08/26 22:39:32.0434 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2010/08/26 22:39:32.0778 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2010/08/26 22:39:32.0934 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2010/08/26 22:39:33.0183 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2010/08/26 22:39:33.0480 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/08/26 22:39:33.0620 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2010/08/26 22:39:33.0792 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2010/08/26 22:39:33.0932 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2010/08/26 22:39:34.0010 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2010/08/26 22:39:34.0072 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2010/08/26 22:39:34.0150 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2010/08/26 22:39:34.0166 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2010/08/26 22:39:34.0244 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2010/08/26 22:39:34.0275 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2010/08/26 22:39:34.0353 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
2010/08/26 22:39:34.0494 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/08/26 22:39:34.0634 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2010/08/26 22:39:34.0806 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2010/08/26 22:39:34.0884 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2010/08/26 22:39:35.0024 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
2010/08/26 22:39:35.0164 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2010/08/26 22:39:35.0258 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\drivers\usbser.sys
2010/08/26 22:39:35.0492 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
2010/08/26 22:39:35.0820 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/08/26 22:39:36.0459 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/08/26 22:39:36.0600 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2010/08/26 22:39:36.0724 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/08/26 22:39:36.0849 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2010/08/26 22:39:36.0990 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2010/08/26 22:39:37.0021 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2010/08/26 22:39:37.0052 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2010/08/26 22:39:37.0099 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2010/08/26 22:39:37.0146 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2010/08/26 22:39:37.0255 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2010/08/26 22:39:37.0348 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2010/08/26 22:39:37.0504 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2010/08/26 22:39:37.0551 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/08/26 22:39:37.0582 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/08/26 22:39:37.0629 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2010/08/26 22:39:37.0972 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2010/08/26 22:39:38.0503 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
2010/08/26 22:39:39.0501 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/08/26 22:39:40.0063 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2010/08/26 22:39:40.0344 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2010/08/26 22:39:40.0936 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/08/26 22:39:40.0983 ================================================================================
2010/08/26 22:39:40.0983 Scan finished
2010/08/26 22:39:40.0983 ================================================================================
2010/08/26 22:39:40.0999 Detected object count: 1
2010/08/26 22:41:13.0694 Rootkit.Win32.TDSS.tdl3(AFD) - User select action: Skip

I do have recovery discs that will bring the computer back to factory settings, but no recovery partitions.
gtmaster303
Regular Member
 
Posts: 34
Joined: August 15th, 2010, 3:25 pm

Re: Please help!

Unread postby turtledove » August 27th, 2010, 12:14 am

Good evening gtmaster303,

Thank you for the logs and disc information.
Will be back as soon as possible.

turtledove
User avatar
turtledove
Retired Graduate
 
Posts: 4398
Joined: February 13th, 2006, 3:26 am
Location: California

Re: Please help!

Unread postby turtledove » August 27th, 2010, 4:28 pm

Good Day gtmaster,

Please Copy or Print out these instructions.
Vista: Right Click and Select Run as Administrator for each tool/scan.



One or more of the identified infections is a Backdoor Trojan/Rootkit.

This could allow hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately, accept for online scans/posting here for now. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the Rootkit has been identified and may be killed, because of it's backdoor functionality, your PC could be compromised and there is no way to be sure that your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of infection, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. "If you would like to continue, then follow the steps below, otherwise please let me know"

**Do to this laptop being from HP, you may need to restore the laptop to its original factory state with their assistance or go to a local repair shop. First , check with HP as they made the machine.**


TDSSKiller Step 2
  • First go to Start > Computer > C: and delete the TDSSKiller log that was created there.
  • Next double click on TDSSKiller.exe to launch it.
  • Click on Start Scan, the scan will run.
  • When the scan has finished Ensure Cure ( the default) is selected... then click Continue > Reboot now.
  • When finished re-booting, a log of the cleanup will be found at C:\TDSSKiller.2.4.1.2_DD.MM.YYYY_HH.MM.SS_log.txt.
  • To find the log go to Start > Computer > C:
  • Post the contents of that log in your next reply please.



Partition Information
Please try the following, let me know if there is a partition you did not make, but done by HP.
Go to Start->Right Click on Computer->Select Manage->OK the Prompt for permission/Elevation-->Under Storage Category select Disc Management
Let it finish.
Let me know how many drives show there as Hard Drives/Partitions of one Drive.



Post
New C:\TDSSKiller.2.4.1.2_DD.MM.YYYY_HH.MM.SS_log.txt
C:\ComboFix.txt Disregard please
Is there more than one Partition or a hidden partition?
Did you make the Recovery Discs with this computer, or did you order them?
Any problems and how your system is running now

Thank you,

turtledove
Last edited by turtledove on August 29th, 2010, 1:03 am, edited 1 time in total.
User avatar
turtledove
Retired Graduate
 
Posts: 4398
Joined: February 13th, 2006, 3:26 am
Location: California

Re: Please help!

Unread postby gtmaster303 » August 27th, 2010, 6:39 pm

2010/08/27 18:27:19.0155 TDSS rootkit removing tool 2.4.1.2 Aug 16 2010 09:46:23
2010/08/27 18:27:19.0155 ================================================================================
2010/08/27 18:27:19.0155 SystemInfo:
2010/08/27 18:27:19.0155
2010/08/27 18:27:19.0155 OS Version: 6.0.6002 ServicePack: 2.0
2010/08/27 18:27:19.0156 Product type: Workstation
2010/08/27 18:27:19.0156 ComputerName: NEIL-PC
2010/08/27 18:27:19.0156 UserName: Neil
2010/08/27 18:27:19.0156 Windows directory: C:\Windows
2010/08/27 18:27:19.0156 System windows directory: C:\Windows
2010/08/27 18:27:19.0156 Processor architecture: Intel x86
2010/08/27 18:27:19.0156 Number of processors: 2
2010/08/27 18:27:19.0156 Page size: 0x1000
2010/08/27 18:27:19.0156 Boot type: Normal boot
2010/08/27 18:27:19.0156 ================================================================================
2010/08/27 18:27:19.0495 Initialize success
2010/08/27 18:27:23.0969 ================================================================================
2010/08/27 18:27:23.0969 Scan started
2010/08/27 18:27:23.0969 Mode: Manual;
2010/08/27 18:27:23.0969 ================================================================================
2010/08/27 18:27:24.0781 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2010/08/27 18:27:24.0854 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2010/08/27 18:27:24.0896 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2010/08/27 18:27:24.0932 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2010/08/27 18:27:24.0971 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2010/08/27 18:27:25.0098 AFD (fe7973819e28d620c64079cd47c0419e) C:\Windows\system32\drivers\afd.sys
2010/08/27 18:27:25.0099 Suspicious file (Forged): C:\Windows\system32\drivers\afd.sys. Real md5: fe7973819e28d620c64079cd47c0419e, Fake md5: a201207363aa900abf1a388468688570
2010/08/27 18:27:25.0106 AFD - detected Rootkit.Win32.TDSS.tdl3 (0)
2010/08/27 18:27:25.0232 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2010/08/27 18:27:25.0297 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2010/08/27 18:27:25.0354 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2010/08/27 18:27:25.0398 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2010/08/27 18:27:25.0441 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2010/08/27 18:27:25.0471 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2010/08/27 18:27:25.0503 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
2010/08/27 18:27:25.0643 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2010/08/27 18:27:25.0676 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2010/08/27 18:27:25.0762 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/08/27 18:27:25.0824 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2010/08/27 18:27:26.0093 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\Windows\System32\Drivers\avgldx86.sys
2010/08/27 18:27:26.0147 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\Windows\System32\Drivers\avgmfx86.sys
2010/08/27 18:27:26.0212 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\Windows\System32\Drivers\avgtdix.sys
2010/08/27 18:27:26.0335 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
2010/08/27 18:27:26.0401 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2010/08/27 18:27:26.0459 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2010/08/27 18:27:26.0509 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2010/08/27 18:27:26.0641 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2010/08/27 18:27:26.0678 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2010/08/27 18:27:26.0750 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2010/08/27 18:27:26.0788 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2010/08/27 18:27:26.0822 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2010/08/27 18:27:26.0851 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2010/08/27 18:27:26.0910 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2010/08/27 18:27:26.0989 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2010/08/27 18:27:27.0078 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2010/08/27 18:27:27.0130 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2010/08/27 18:27:27.0195 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2010/08/27 18:27:27.0311 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/08/27 18:27:27.0354 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2010/08/27 18:27:27.0424 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2010/08/27 18:27:27.0465 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2010/08/27 18:27:27.0506 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2010/08/27 18:27:27.0679 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2010/08/27 18:27:27.0766 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2010/08/27 18:27:27.0889 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2010/08/27 18:27:27.0973 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
2010/08/27 18:27:28.0054 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2010/08/27 18:27:28.0175 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2010/08/27 18:27:28.0266 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2010/08/27 18:27:28.0319 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2010/08/27 18:27:28.0436 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2010/08/27 18:27:28.0514 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2010/08/27 18:27:28.0669 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2010/08/27 18:27:28.0709 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2010/08/27 18:27:28.0748 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2010/08/27 18:27:28.0776 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/08/27 18:27:28.0841 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2010/08/27 18:27:28.0929 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2010/08/27 18:27:28.0966 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2010/08/27 18:27:29.0051 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2010/08/27 18:27:29.0129 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/08/27 18:27:29.0179 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2010/08/27 18:27:29.0207 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2010/08/27 18:27:29.0251 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
2010/08/27 18:27:29.0320 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2010/08/27 18:27:29.0378 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
2010/08/27 18:27:29.0437 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys
2010/08/27 18:27:29.0622 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2010/08/27 18:27:29.0694 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
2010/08/27 18:27:29.0799 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2010/08/27 18:27:29.0886 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2010/08/27 18:27:29.0948 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/08/27 18:27:30.0034 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys
2010/08/27 18:27:30.0066 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2010/08/27 18:27:30.0253 igfx (a9221d13d8f1f772010ee293ba9baeb7) C:\Windows\system32\DRIVERS\igdkmd32.sys
2010/08/27 18:27:30.0416 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2010/08/27 18:27:30.0532 IntcAzAudAddService (2967e9c168cb5e0108a8a243ae179bad) C:\Windows\system32\drivers\RTKVHDA.sys
2010/08/27 18:27:30.0922 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2010/08/27 18:27:30.0955 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2010/08/27 18:27:31.0032 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/08/27 18:27:31.0107 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2010/08/27 18:27:31.0147 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2010/08/27 18:27:31.0188 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2010/08/27 18:27:31.0229 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2010/08/27 18:27:31.0287 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/08/27 18:27:31.0332 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2010/08/27 18:27:31.0364 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2010/08/27 18:27:31.0410 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/08/27 18:27:31.0485 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/08/27 18:27:31.0616 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2010/08/27 18:27:31.0761 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2010/08/27 18:27:31.0917 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2010/08/27 18:27:31.0968 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2010/08/27 18:27:32.0038 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2010/08/27 18:27:32.0067 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2010/08/27 18:27:32.0117 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2010/08/27 18:27:32.0207 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2010/08/27 18:27:32.0253 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2010/08/27 18:27:32.0278 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2010/08/27 18:27:32.0305 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2010/08/27 18:27:32.0350 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\drivers\mouhid.sys
2010/08/27 18:27:32.0390 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2010/08/27 18:27:32.0450 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2010/08/27 18:27:32.0497 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2010/08/27 18:27:32.0599 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2010/08/27 18:27:32.0669 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2010/08/27 18:27:32.0744 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/08/27 18:27:32.0783 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/08/27 18:27:32.0857 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/08/27 18:27:32.0943 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2010/08/27 18:27:32.0984 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2010/08/27 18:27:33.0051 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2010/08/27 18:27:33.0131 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2010/08/27 18:27:33.0233 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2010/08/27 18:27:33.0313 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/08/27 18:27:33.0341 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2010/08/27 18:27:33.0398 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2010/08/27 18:27:33.0465 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/08/27 18:27:33.0499 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2010/08/27 18:27:33.0609 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2010/08/27 18:27:33.0715 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2010/08/27 18:27:33.0860 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2010/08/27 18:27:33.0932 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/08/27 18:27:33.0956 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/08/27 18:27:34.0112 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/08/27 18:27:34.0158 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2010/08/27 18:27:34.0193 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2010/08/27 18:27:34.0261 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2010/08/27 18:27:34.0414 NETw4v32 (25acccfc33dd448b9d3037c5e439e830) C:\Windows\system32\DRIVERS\NETw4v32.sys
2010/08/27 18:27:34.0736 NETw5v32 (054ba4a208c7aaf4f787e4f5466755e6) C:\Windows\system32\DRIVERS\NETw5v32.sys
2010/08/27 18:27:34.0957 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2010/08/27 18:27:35.0338 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\Windows\system32\drivers\ccdcmb.sys
2010/08/27 18:27:35.0661 nmwcdc (3859c69a77793180548802dac9f34a38) C:\Windows\system32\drivers\ccdcmbo.sys
2010/08/27 18:27:36.0030 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2010/08/27 18:27:36.0384 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2010/08/27 18:27:36.0519 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2010/08/27 18:27:36.0673 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2010/08/27 18:27:36.0737 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2010/08/27 18:27:36.0821 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys
2010/08/27 18:27:36.0884 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2010/08/27 18:27:37.0005 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2010/08/27 18:27:37.0081 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2010/08/27 18:27:37.0281 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/08/27 18:27:37.0376 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2010/08/27 18:27:37.0445 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2010/08/27 18:27:37.0492 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2010/08/27 18:27:37.0646 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2010/08/27 18:27:37.0695 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2010/08/27 18:27:37.0744 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2010/08/27 18:27:37.0799 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2010/08/27 18:27:37.0900 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2010/08/27 18:27:38.0036 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2010/08/27 18:27:38.0092 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2010/08/27 18:27:38.0236 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2010/08/27 18:27:38.0328 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2010/08/27 18:27:38.0398 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2010/08/27 18:27:38.0443 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2010/08/27 18:27:38.0477 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2010/08/27 18:27:38.0517 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/08/27 18:27:38.0647 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/08/27 18:27:38.0723 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2010/08/27 18:27:38.0793 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2010/08/27 18:27:38.0927 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/08/27 18:27:38.0970 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2010/08/27 18:27:39.0002 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2010/08/27 18:27:39.0096 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2010/08/27 18:27:39.0210 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
2010/08/27 18:27:39.0282 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
2010/08/27 18:27:39.0318 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
2010/08/27 18:27:39.0369 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2010/08/27 18:27:39.0467 RTL8169 (9a929308a64183d3d9dccbb6df4badae) C:\Windows\system32\DRIVERS\Rtlh86.sys
2010/08/27 18:27:39.0511 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2010/08/27 18:27:39.0659 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
2010/08/27 18:27:39.0702 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2010/08/27 18:27:39.0757 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2010/08/27 18:27:39.0875 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2010/08/27 18:27:39.0978 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2010/08/27 18:27:40.0092 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/08/27 18:27:40.0126 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2010/08/27 18:27:40.0196 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/08/27 18:27:40.0217 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2010/08/27 18:27:40.0274 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2010/08/27 18:27:40.0308 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2010/08/27 18:27:40.0358 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2010/08/27 18:27:40.0440 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2010/08/27 18:27:40.0534 smserial (63b3b77bdb67ee674771c0e6fb96da9e) C:\Windows\system32\DRIVERS\smserial.sys
2010/08/27 18:27:40.0675 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2010/08/27 18:27:40.0808 srv (96a5e2c642af8f591a7366429809506b) C:\Windows\system32\DRIVERS\srv.sys
2010/08/27 18:27:40.0856 srv2 (71da2d64880c97e5ffc3c81761632751) C:\Windows\system32\DRIVERS\srv2.sys
2010/08/27 18:27:40.0890 srvnet (0c5ab1892ae0fa504218db094bf6d041) C:\Windows\system32\DRIVERS\srvnet.sys
2010/08/27 18:27:40.0966 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2010/08/27 18:27:41.0017 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2010/08/27 18:27:41.0100 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2010/08/27 18:27:41.0136 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2010/08/27 18:27:41.0183 SynTP (bf7aa84d5af0faa0978c840e63b17dbf) C:\Windows\system32\DRIVERS\SynTP.sys
2010/08/27 18:27:41.0303 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2010/08/27 18:27:41.0381 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2010/08/27 18:27:41.0461 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2010/08/27 18:27:41.0499 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2010/08/27 18:27:41.0633 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2010/08/27 18:27:41.0708 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2010/08/27 18:27:41.0783 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2010/08/27 18:27:41.0934 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/08/27 18:27:41.0990 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2010/08/27 18:27:42.0042 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2010/08/27 18:27:42.0086 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2010/08/27 18:27:42.0169 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2010/08/27 18:27:42.0247 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2010/08/27 18:27:42.0276 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2010/08/27 18:27:42.0351 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2010/08/27 18:27:42.0388 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2010/08/27 18:27:42.0422 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2010/08/27 18:27:42.0503 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
2010/08/27 18:27:42.0646 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/08/27 18:27:42.0697 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2010/08/27 18:27:42.0794 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2010/08/27 18:27:42.0895 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2010/08/27 18:27:42.0952 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
2010/08/27 18:27:42.0994 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2010/08/27 18:27:43.0056 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\drivers\usbser.sys
2010/08/27 18:27:43.0118 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
2010/08/27 18:27:43.0199 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/08/27 18:27:43.0237 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/08/27 18:27:43.0302 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2010/08/27 18:27:43.0358 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/08/27 18:27:43.0402 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2010/08/27 18:27:43.0468 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2010/08/27 18:27:43.0499 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2010/08/27 18:27:43.0531 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2010/08/27 18:27:43.0623 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2010/08/27 18:27:43.0694 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2010/08/27 18:27:43.0782 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2010/08/27 18:27:43.0878 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2010/08/27 18:27:43.0954 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2010/08/27 18:27:43.0997 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/08/27 18:27:44.0036 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/08/27 18:27:44.0075 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2010/08/27 18:27:44.0145 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2010/08/27 18:27:44.0253 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
2010/08/27 18:27:44.0362 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/08/27 18:27:44.0449 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2010/08/27 18:27:44.0510 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2010/08/27 18:27:44.0636 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/08/27 18:27:44.0694 ================================================================================
2010/08/27 18:27:44.0694 Scan finished
2010/08/27 18:27:44.0694 ================================================================================
2010/08/27 18:27:44.0708 Detected object count: 1
2010/08/27 18:28:00.0377 AFD (fe7973819e28d620c64079cd47c0419e) C:\Windows\system32\drivers\afd.sys
2010/08/27 18:28:00.0379 Suspicious file (Forged): C:\Windows\system32\drivers\afd.sys. Real md5: fe7973819e28d620c64079cd47c0419e, Fake md5: a201207363aa900abf1a388468688570
2010/08/27 18:28:09.0420 Backup copy not found, trying to cure infected file..
2010/08/27 18:28:09.0421 Cure success, using it..
2010/08/27 18:28:09.0433 C:\Windows\system32\drivers\afd.sys - will be cured after reboot
2010/08/27 18:28:09.0433 Rootkit.Win32.TDSS.tdl3(AFD) - User select action: Cure
2010/08/27 18:29:06.0127 Deinitialize success


there are no partitions
recovery discs were made.
i can restore the computer to factory settings, but is my problem really that severe? it seems that the only symptoms i was having were random popups and site redirectings to irrelevant sites. Sometimes the sites would remember what i searched for and open a new tab searching for past searches.

I'm not sure about problems. I can't report as of right now, but so far, so good.
gtmaster303
Regular Member
 
Posts: 34
Joined: August 15th, 2010, 3:25 pm

Re: Please help!

Unread postby turtledove » August 27th, 2010, 11:54 pm

Good evening gtmaster303,

Thank you for the log.

To your question, a Rootkit has infected your system. This makes the computer vulnerable and is possibly in control of whomever got it on your system. It may also bring along other infected items. Only a restore to original factory setup will assure that it is again clean and secure.

We can remove the infection- that is the files our tools can find. It is of concern if you use this computer for anything financial as that information may be obtained by the hacker. We can not guarantee a truly safe system as the articles in my last post explain. It is up to you if you wish to continue cleaning.
Hope this explains the situation for you. Feel free to ask any other questions if you have any regarding this. We will continue cleaning if you prefer. Let me know please.

Thank you,
turtledove
User avatar
turtledove
Retired Graduate
 
Posts: 4398
Joined: February 13th, 2006, 3:26 am
Location: California

Re: Please help!

Unread postby gtmaster303 » August 29th, 2010, 9:03 am

there is more cleaning involved?
can my computer be infected without showing any signs or symptoms?
gtmaster303
Regular Member
 
Posts: 34
Joined: August 15th, 2010, 3:25 pm

Re: Please help!

Unread postby turtledove » August 29th, 2010, 4:51 pm

Good Day gtmaster303,

Answering your question, yes, many infections hide, and the only thing apparent is odd behavior, redirects, or slowness of your system.
Even though we have found the cause, we still need to do a few more things to clean in it up. There are often more files that need found and removed with the type of infection you have. As we do the additional steps what was hidden if any, should now become visible.

**Please copy or print these instructions, as you will need to be off the internet during part of this step.
Vista: Right Click and Select Run as Administrator for each tool/scan.



Back Up registry with ERUNT

  • Please use the following link and download ERUNT to your desktop. HERE
  • Click on the erunt-setup.exe
  • Follow the prompts to install ERUNT
  • Choose language
  • A set up window will pop up. It will ask: Create ERUNT entry in to the Start up folder, answer NO

    Image

  • Backup your registry to the default location

Note: To restore your registry (if needed), go to the folder and start ERDNT.exe


Next

ComboFix
Download ComboFix from one of these locations (DO NOT download ComboFix from anywhere else but one of the provided links):
Link 1
Link 2

**IMPORTANT !!! Save ComboFix.exe to your Desktop**

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
    A guide to do this can be found here
  • Right-click on ComboFix.exe then choose Run as Administrator & follow the prompts
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply
A word of warning: Neither I nor sUBs are responsible for any damage you may cause to your machine by running ComboFix on your own. This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper


**Re enable your Anti Virus/Firewall before reconnecting to the internet**

Post
C:\ComboFix.txt
Any problems
How your system is now


Thank you :)
turtledove
User avatar
turtledove
Retired Graduate
 
Posts: 4398
Joined: February 13th, 2006, 3:26 am
Location: California

Re: Please help!

Unread postby turtledove » August 31st, 2010, 1:04 pm

Hello gtmaster303,

Are you in need of more time or have questions about the above instructions?
Please let me know or this topic will be in need of closing Wednesday afternoon.

Thank you.

turtledove
User avatar
turtledove
Retired Graduate
 
Posts: 4398
Joined: February 13th, 2006, 3:26 am
Location: California
Advertisement
Register to Remove

PreviousNext

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 288 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware