Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DDS FILE & ROOT REPEAL - After Affects of Antivirus 2009


  • This topic is locked This topic is locked
2 replies to this topic

#1 sdigital

sdigital

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:47 PM

Posted 09 December 2009 - 08:31 PM

DDS (Ver_09-12-01.01) - NTFSx86
Run by Stephen at 20:27:58.50 on Wed 12/09/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3319.2128 [GMT -5:00]

AV: avast! antivirus 4.8.1368 [VPS 091209-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:WINDOWSsystem32svchost -k DcomLaunch
svchost.exe
C:WINDOWSSystem32svchost.exe -k netsvcs
C:WINDOWSsystem32svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
svchost.exe
C:WINDOWScsasvc.exe
C:WINDOWScsifcsvc.exe
C:Program FilesCitrixGoToMyPCg2svc.exe
C:Program FilesCitrixGoToMyPCg2comm.exe
C:Program FilesIntelIntel Matrix Storage ManagerIaantmon.exe
C:WINDOWSsystem32inetsrvinetinfo.exe
C:Program FilesJavajre6binjqs.exe
C:WINDOWSSystem32svchost.exe -k HPZ12
C:WINDOWSSystem32svchost.exe -k HPZ12
C:Program FilesCommon FilesIntuitQuickBooksQBCFMonitorService.exe
C:Program FilesCitrixGoToMyPCg2pre.exe
C:Program FilesSpyware DoctorpctsAuxs.exe
C:Program FilesSpyware DoctorpctsSvc.exe
C:Program FilesCitrixGoToMyPCg2tray.exe
C:WINDOWSSystem32tcpsvcs.exe
C:Program FilesSling MediaSlingAgentSlingAgentService.exe
C:WINDOWSSystem32snmp.exe
C:WINDOWSsystem32svchost.exe -k imgsvc
C:WINDOWSsystem32SearchIndexer.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesGoogleUpdateGoogleUpdate.exe
C:Program FilesSpyware DoctorpctsTray.exe
C:WINDOWSExplorer.EXE
C:Program FilesIntelIntel Matrix Storage ManagerIaanotif.exe
C:WINDOWSsystem32igfxtray.exe
C:WINDOWSsystem32igfxpers.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:WINDOWSsystem32igfxsrvc.exe
C:PROGRA~1AWSWEATHE~1Weather.exe
C:Program FilesMicrosoft ActiveSyncwcescomm.exe
C:Program FilesSkypePhoneSkype.exe
C:WINDOWSsystem32ctfmon.exe
C:PROGRA~1MI3AA1~1rapimgr.exe
C:Program FilesInfinite Mind LCeyeQARLaunch.exe
C:Program FilesTrilliantrillian.exe
C:DOCUME~1StephenLOCALS~1TempConnectBGDL.exe
C:Program FilesSkypePlugin ManagerSkypePM.exe
C:Program FilesAzureusAzureus.exe
C:MVSARELIEFAR.EXE
C:WinCSIUT08utw08.exe
C:WINCSIUT08UTWAPP.EXE
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Documents and SettingsStephenDesktopdds.scr

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = <local>
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:program filesadobeacrobat 8.0acrobatAcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:program filesadobeacrobat 8.0acrobatAcroIEFavClient.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:program filesadobeacrobat 8.0acrobatAcroIEFavClient.dll
uRun: [Weather] c:progra~1awsweathe~1Weather.exe 1
uRun: [H/PC Connection Agent] "c:program filesmicrosoft activesyncwcescomm.exe"
uRun: [Skype] "c:program filesskypephoneSkype.exe" /nosplash /minimized
uRun: [ctfmon.exe] c:windowssystem32ctfmon.exe
mRun: [GoToMyPC] "c:program filescitrixgotomypcg2svc.exe" -logon
mRun: [IAAnotif] "c:program filesintelintel matrix storage managerIaanotif.exe"
mRun: [IgfxTray] c:windowssystem32igfxtray.exe
mRun: [HotKeysCmds] c:windowssystem32hkcmd.exe
mRun: [Persistence] c:windowssystem32igfxpers.exe
mRun: [avast!] c:progra~1alwils~1avast4ashDisp.exe
mRun: [ISTray] "c:program filesspyware doctorpctsTray.exe"
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:docume~1stephenstartm~1programsstartuptrillian.lnk - c:program filestrilliantrillian.exe
StartupFolder: c:docume~1alluse~1startm~1programsstartupadobea~2.lnk - c:program filesadobeacrobat 8.0acrobatAdobeCollabSync.exe
StartupFolder: c:docume~1alluse~1startm~1programsstartupcsconn~1.lnk - c:wincsitoolsConnectBGDL.exe
StartupFolder: c:docume~1alluse~1startm~1programsstartupminiey~1.lnk - c:program filesinfinite mind lceyeqARLaunch.exe
StartupFolder: c:documents and settingsall usersstart menuprogramsstartupsubdrive.bat
uPolicies-explorer: NoWindowsUpdate = 0 (0x0)
uPolicies-system: NoDispAppearancePage = 0 (0x0)
uPolicies-system: NoColorChoice = 0 (0x0)
uPolicies-system: NoSizeChoice = 0 (0x0)
uPolicies-system: NoVisualStyleChoice = 0 (0x0)
uPolicies-system: NoDispSettingsPage = 0 (0x0)
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:progra~1micros~2office12ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:progra~1mi3aa1~1INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:progra~1micros~2office12REFIEBAR.DLL
DPF: Microsoft XML Parser for Java - file://c:windowsjavaclassesxmldso.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/common/asusTek_sys_ctrl.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - hxxp://download.ebay.com/turbo_lister/US/install.cab
DPF: {298BFFEE-662D-11D5-ADAF-00E0810232D7} - hxxps://simulcast.manheim.com/simulcast/lib/LiveSound.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.4.0/jinstall-1_4_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:program filesintuitquickbooks 2009HelpAsyncPluggableProtocol.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:progra~1common~1skypeSKYPE4~1.DLL
Notify: !SASWinLogon - c:program filessuperantispywareSASWINLO.dll
Notify: GoToMyPC - c:program filescitrixgotomypcG2WinLogon.dll
Notify: igfxcui - igfxdev.dll
Notify: WRNotifier - WRLogonNTF.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:windowssystem32WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:program fileswindows desktop searchMSNLNamespaceMgr.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:program filessuperantispywareSASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:docume~1stephenapplic~1mozillafirefoxprofilesid4hstjo.default
FF - prefs.js: browser.startup.homepage - hxxp://webmail.sdigital.net/
FF - plugin: c:program filesgooglegoogle earthpluginnpgeplugin.dll
FF - plugin: c:program filesgooglegoogle updater2.4.1536.6592npCIDetect13.dll
FF - plugin: c:program filesgoogleupdate1.2.183.13npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:windowsmicrosoft.netframeworkv3.5windows

presentation foundationdotnetassistantextension
FF - HiddenExtension: XULRunner: {13060C38-F990-4C8B-A1DB-AC1A83FAE4C4} - c:documents and settingsstephenlocal settingsapplication

data{13060C38-F990-4C8B-A1DB-AC1A83FAE4C4}
FF - HiddenExtension: Java Console: No Registry Reference - c:program filesmozilla firefoxextensions{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:program filesmozilla firefoxextensions{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:program filesmozilla firefoxextensions{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:program filesmozilla firefoxextensions{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R0 PCTCore;PCTools KDS;c:windowssystem32driversPCTCore.sys [2009-12-7 207280]
R0 TfFsMon;TfFsMon;c:windowssystem32driversTfFsMon.sys [2009-12-7 51984]
R0 TfSysMon;TfSysMon;c:windowssystem32driversTfSysMon.sys [2009-12-7 59664]
R1 aswSP;avast! Self Protection;c:windowssystem32driversaswSP.sys [2009-11-11 114768]
R1 SASDIFSV;SASDIFSV;c:program filessuperantispywaresasdifsv.sys [2009-11-23 9968]
R1 SASKUTIL;SASKUTIL;c:program filessuperantispywareSASKUTIL.SYS [2009-11-23 74480]
R2 aswFsBlk;aswFsBlk;c:windowssystem32driversaswFsBlk.sys [2009-11-11 20560]
R2 avast! Antivirus;avast! Antivirus;c:program filesalwil softwareavast4ashServ.exe [2009-11-11 138680]
R2 CSAPrintService;Creative Solutions Accounting Print Service;c:windowscsasvc.exe [2006-1-7 360506]
R2 sdAuxService;PC Tools Auxiliary Service;c:program filesspyware doctorpctsAuxs.exe [2009-12-7 358600]
R2 sdCoreService;PC Tools Security Service;c:program filesspyware doctorpctsSvc.exe [2009-12-7 1141200]
R2 SlingAgentService;SlingAgentService;c:program filessling mediaslingagentSlingAgentService.exe [2009-4-27 93960]
R2 WinRT;WinRT;c:windowssystem32driversWINRT.SYS [2008-4-14 99360]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:windowssystem32driversl151x86.sys [2008-12-13 37376]
R3 avast! Mail Scanner;avast! Mail Scanner;c:program filesalwil softwareavast4ashMaiSv.exe [2009-11-11 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:program filesalwil softwareavast4ashWebSv.exe [2009-11-11 352920]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:windowssystem32driversIntcHdmi.sys [2008-12-13 105984]
S2 Browser Defender Update Service;Browser Defender Update Service;c:program filesspyware doctorbdtBDTUpdateService.exe [2009-12-7 112592]
S2 BT848;BtCap, WDM Video Capture;c:windowssystem32driversBT848.sys [2003-6-10 266180]
S2 BTTUNER;BtTuner, WDM TvTuner;c:windowssystem32driversbttuner.sys [2003-6-10 18944]
S2 BTXBAR;BtXBar, WDM Crossbar;c:windowssystem32driversbtxbar.sys [2003-6-10 13308]
S2 USBRADIO;D-Link USB Radio driver;c:windowssystem32driversUSBRADIO.sys [2003-1-21 48384]
S3 ES1370;Creative AudioPCI (ES1370), SB PCI 64/128 (WDM);c:windowssystem32driverses1370mp.sys [2008-6-9 37120]
S3 motccgp;Motorola USB Composite Device Driver;c:windowssystem32driversmotccgp.sys [2009-5-7 18176]
S3 motccgpfl;MotCcgpFlService;c:windowssystem32driversmotccgpfl.sys [2009-5-7 7680]
S3 MotDev;Motorola Inc. USB Device;c:windowssystem32driversmotodrv.sys [2009-5-7 42112]
S3 NPF;Netgroup Packet Filter;c:windowssystem32driversnpf.sys [2005-8-2 32512]
S3 perm2;perm2;c:windowssystem32driversperm2.sys [2003-10-13 27904]
S3 PRSUSB;Sony Reader;c:windowssystem32driversPRSUSB.sys [2006-8-16 18944]
S3 SASENUM;SASENUM;c:program filessuperantispywareSASENUM.SYS [2009-11-23 7408]
S3 SunkFilt6;Alcor Micro Corp - 6360;??c:windowssystem32driverssunkfilt6.sys --> c:windowssystem32driverssunkfilt6.sys [?]
S3 SunkFilt62;Alcor Micro Corp - 6362;c:windowssystem32driverssunkfilt62.sys [2004-7-23 46536]
S3 TfNetMon;TfNetMon;c:windowssystem32driversTfNetMon.sys [2009-12-7 33552]
S4 gupdate1c987ec8e8206cc;Google Update Service (gupdate1c987ec8e8206cc);c:program filesgoogleupdateGoogleUpdate.exe [2009-2-5 133104]
S4 pctgntdi;pctgntdi;c:windowssystem32driverspctgntdi.sys [2009-12-7 229304]
S4 pctplsg;pctplsg;c:windowssystem32driverspctplsg.sys [2009-12-7 70408]

============== File Associations ===============

regfile=regedit.exe "%1" %*

=============== Created Last 30 ================

2009-12-09 20:23:39 0 d-sh--w- c:documents and settingsstephenPrivacIE
2009-12-09 20:23:38 0 d-sh--w- c:documents and settingsstephenIECompatCache
2009-12-08 03:40:06 0 d-----w- c:program filesCCleaner
2009-12-08 02:55:33 0 d-----w- c:program filesExterminate It!
2009-12-08 01:59:55 59664 --s---w- c:windowssystem32driversTfSysMon.sys
2009-12-08 01:59:55 51984 --s---w- c:windowssystem32driversTfFsMon.sys
2009-12-08 01:59:55 33552 --s---w- c:windowssystem32driversTfNetMon.sys
2009-12-08 01:43:07 882 ----a-w- c:windowsRegSDImport.xml
2009-12-08 01:43:07 880 ----a-w- c:windowsRegISSImport.xml
2009-12-08 01:43:07 767952 ----a-w- c:windowsBDTSupport.dll
2009-12-08 01:43:07 149456 ----a-w- c:windowsSGDetectionTool.dll
2009-12-08 01:43:07 131 ----a-w- c:windowsIDB.zip
2009-12-08 01:43:06 165840 ----a-w- c:windowsPCTBDRes.dll
2009-12-08 01:43:06 1636304 ----a-w- c:windowsPCTBDCore.dll
2009-12-08 01:43:06 1152470 ----a-w- c:windowsUDB.zip
2009-12-08 01:42:58 7387 ----a-w- c:windowssystem32driverspctgntdi.cat
2009-12-08 01:42:58 229304 ----a-w- c:windowssystem32driverspctgntdi.sys
2009-12-08 01:42:54 87784 ----a-w- c:windowssystem32driversPCTAppEvent.sys
2009-12-08 01:42:54 7412 ----a-w- c:windowssystem32driversPCTAppEvent.cat
2009-12-08 01:42:54 7383 ----a-w- c:windowssystem32driverspctcore.cat
2009-12-08 01:42:54 207280 ----a-w- c:windowssystem32driversPCTCore.sys
2009-12-08 01:42:48 7383 ----a-w- c:windowssystem32driverspctplsg.cat
2009-12-08 01:42:48 70408 ----a-w- c:windowssystem32driverspctplsg.sys
2009-12-08 01:42:42 0 d-----w- c:program filesSpyware Doctor
2009-12-08 01:42:42 0 d-----w- c:program filescommon filesPC Tools
2009-12-08 01:42:42 0 d-----w- c:docume~1alluse~1applic~1PC Tools
2009-12-07 22:10:54 0 d-----w- c:docume~1alluse~1applic~1SUPERAntiSpyware.com
2009-12-07 22:10:45 0 d-----w- c:program filesSUPERAntiSpyware
2009-12-07 22:10:45 0 d-----w- c:docume~1stephenapplic~1SUPERAntiSpyware.com
2009-12-07 17:33:08 0 d-----w- c:program filescommon filesHP
2009-12-07 17:32:19 59928 ----a-w- c:windowssystem32fxcompchannel.dll
2009-12-07 17:31:24 751 ----a-w- c:windowshpntwksetup.ini
2009-12-07 17:30:38 838 ------w- c:windowshppmdl07.dat
2009-12-07 17:30:38 145639 ----a-w- c:windowshppins07.dat
2009-12-07 17:30:34 876544 ----a-w- c:windowssystem32hpxp2727.dll
2009-12-07 17:30:34 733184 ----a-w- c:windowssystem32hpptsp02.dll
2009-12-07 17:30:34 450560 ----a-w- c:windowssystem32hppasc07.dll
2009-12-07 17:30:34 327680 ----a-w- c:windowssystem32hppcpr07.dll
2009-12-07 17:30:32 685 ----a-w- c:windowssystem32hppapr07.dat
2009-12-05 16:55:28 0 d-----w- c:program filesTransMac
2009-11-13 03:32:37 0 d-----w- c:docume~1stephenapplic~1Auslogics
2009-11-13 03:32:35 0 d-----w- c:program filesAuslogics
2009-11-13 03:29:28 153631 -c--a-w- c:windowssystem32dllcacheel90xnd5.sys
2009-11-13 03:29:28 153631 ----a-w- c:windowssystem32driversel90xnd5.sys
2009-11-11 00:01:55 0 d-----w- c:program filescommon filessupportsoft
2009-11-10 23:58:52 0 d-----w- c:program filesIntuit
2009-11-10 23:57:38 95 ----a-w- c:windowsQBChanUtil_Trigger.ini
2009-11-10 23:57:38 0 d-----w- c:docume~1alluse~1applic~1SQL Anywhere 10

==================== Find3M ====================

3427-09-26 03:40:30 50468 ----a-w- c:windowsfontsDICOTME_.TTF
2009-12-08 00:50:03 4224 ----a-w- c:windowssystem32driversbeep.sys
2009-12-03 21:14:06 38224 ----a-w- c:windowssystem32driversmbamswissarmy.sys
2009-12-03 21:13:56 19160 ----a-w- c:windowssystem32driversmbam.sys
2009-10-29 07:45:38 916480 ----a-w- c:windowssystem32wininet.dll
2009-10-21 05:38:36 75776 ----a-w- c:windowssystem32strmfilt.dll
2009-10-21 05:38:36 25088 ----a-w- c:windowssystem32httpapi.dll
2009-10-20 22:38:25 4045528 ----a-w- C:mbam-setup.exe
2009-10-20 16:20:16 265728 ----a-w- c:windowssystem32drivershttp.sys
2009-10-13 10:30:16 270336 ----a-w- c:windowssystem32oakley.dll
2009-10-12 13:38:19 149504 ----a-w- c:windowssystem32rastls.dll
2009-10-12 13:38:18 79872 ----a-w- c:windowssystem32raschap.dll
2009-10-11 09:17:27 411368 ----a-w- c:windowssystem32deploytk.dll
2009-09-29 21:51:26 17045 ----a-w- c:windowssystem32pupakijug.dll
2009-09-29 21:51:26 16436 ----a-w- c:docume~1stephenapplic~1esobe.pif
2009-09-29 21:51:26 14098 ----a-w- c:windowsatykyhixas.exe
2009-09-29 21:51:26 12819 ----a-w- c:program filescommon filesegacywur.bin
2009-09-11 14:18:39 136192 ----a-w- c:windowssystem32msv1_0.dll
2006-06-23 06:48:54 32768 ----a-r- c:windowsinfUpdateUSB.exe

============= FINISH: 20:28:25.60 ===============


Root Repeal:

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/12/09 20:29
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: 1394BUS.SYS
Image Path: C:WINDOWSsystem32DRIVERS1394BUS.SYS
Address: 0xBA0C8000 Size: 57344 File Visible: - Signed: -
Status: -

Name: Aavmker4.SYS
Image Path: C:WINDOWSSystem32DriversAavmker4.SYS
Address: 0x96BCD000 Size: 19520 File Visible: - Signed: -
Status: -

Name: ACPI.sys
Image Path: ACPI.sys
Address: 0xB9F59000 Size: 187776 File Visible: - Signed: -
Status: -

Name: ACPI_HAL
Image Path: DriverACPI_HAL
Address: 0x804D7000 Size: 2150400 File Visible: - Signed: -
Status: -

Name: afd.sys
Image Path: C:WINDOWSSystem32driversafd.sys
Address: 0x95C5C000 Size: 138496 File Visible: - Signed: -
Status: -

Name: agp440.sys
Image Path: agp440.sys
Address: 0xBA128000 Size: 42368 File Visible: - Signed: -
Status: -

Name: arp1394.sys
Image Path: C:WINDOWSsystem32DRIVERSarp1394.sys
Address: 0xB9530000 Size: 60800 File Visible: - Signed: -
Status: -

Name: ASACPI.sys
Image Path: C:WINDOWSsystem32DRIVERSASACPI.sys
Address: 0xBA5F6000 Size: 5152 File Visible: - Signed: -
Status: -

Name: aslm75.sys
Image Path: C:WINDOWSsystem32driversaslm75.sys
Address: 0x9629F000 Size: 3488 File Visible: - Signed: -
Status: -

Name: Aspi32.SYS
Image Path: C:WINDOWSSystem32DriversAspi32.SYS
Address: 0x95905000 Size: 16096 File Visible: - Signed: -
Status: -

Name: aswFsBlk.sys
Image Path: C:WINDOWSsystem32DRIVERSaswFsBlk.sys
Address: 0x9630D000 Size: 32768 File Visible: - Signed: -
Status: -

Name: aswMon2.SYS
Image Path: C:WINDOWSSystem32DriversaswMon2.SYS
Address: 0x959D9000 Size: 87424 File Visible: - Signed: -
Status: -

Name: aswRdr.SYS
Image Path: C:WINDOWSSystem32DriversaswRdr.SYS
Address: 0x9521F000 Size: 15104 File Visible: - Signed: -
Status: -

Name: aswSP.SYS
Image Path: C:WINDOWSSystem32DriversaswSP.SYS
Address: 0x95ADB000 Size: 135168 File Visible: - Signed: -
Status: -

Name: aswTdi.SYS
Image Path: C:WINDOWSSystem32DriversaswTdi.SYS
Address: 0x96CA1000 Size: 39104 File Visible: - Signed: -
Status: -

Name: atapi.sys
Image Path: atapi.sys
Address: 0xB9EEB000 Size: 96512 File Visible: - Signed: -
Status: -

Name: ATMFD.DLL
Image Path: C:WINDOWSSystem32ATMFD.DLL
Address: 0xBFFA0000 Size: 286720 File Visible: - Signed: -
Status: -

Name: audstub.sys
Image Path: C:WINDOWSSystem32DRIVERSaudstub.sys
Address: 0xBA6BA000 Size: 3072 File Visible: - Signed: -
Status: -

Name: BATTC.SYS
Image Path: C:WINDOWSsystem32DRIVERSBATTC.SYS
Address: 0xBA4C0000 Size: 16384 File Visible: - Signed: -
Status: -

Name: Beep.SYS
Image Path: C:WINDOWSSystem32DriversBeep.SYS
Address: 0x983CC000 Size: 4224 File Visible: - Signed: -
Status: -

Name: BOOTVID.dll
Image Path: C:WINDOWSsystem32BOOTVID.dll
Address: 0xBA4B8000 Size: 12288 File Visible: - Signed: -
Status: -

Name: Cdfs.SYS
Image Path: C:WINDOWSSystem32DriversCdfs.SYS
Address: 0xA708A000 Size: 63744 File Visible: - Signed: -
Status: -

Name: cdrom.sys
Image Path: C:WINDOWSSystem32DRIVERScdrom.sys
Address: 0xB8EAF000 Size: 62976 File Visible: - Signed: -
Status: -

Name: CLASSPNP.SYS
Image Path: C:WINDOWSSystem32DRIVERSCLASSPNP.SYS
Address: 0xBA108000 Size: 53248 File Visible: - Signed: -
Status: -

Name: cmdide.sys
Image Path: cmdide.sys
Address: 0xBA5AC000 Size: 6656 File Visible: - Signed: -
Status: -

Name: compbatt.sys
Image Path: compbatt.sys
Address: 0xBA4BC000 Size: 10240 File Visible: - Signed: -
Status: -

Name: disk.sys
Image Path: disk.sys
Address: 0xBA0F8000 Size: 36352 File Visible: - Signed: -
Status: -

Name: dmio.sys
Image Path: dmio.sys
Address: 0xB9F03000 Size: 153344 File Visible: - Signed: -
Status: -

Name: dmload.sys
Image Path: dmload.sys
Address: 0xBA5B0000 Size: 5888 File Visible: - Signed: -
Status: -

Name: drmk.sys
Image Path: C:WINDOWSsystem32driversdrmk.sys
Address: 0xA746B000 Size: 61440 File Visible: - Signed: -
Status: -

Name: dump_iaStor.sys
Image Path: C:WINDOWSSystem32Driversdump_iaStor.sys
Address: 0x959EF000 Size: 819200 File Visible: No Signed: -
Status: -

Name: Dxapi.sys
Image Path: C:WINDOWSSystem32driversDxapi.sys
Address: 0x95EC4000 Size: 12288 File Visible: - Signed: -
Status: -

Name: dxg.sys
Image Path: C:WINDOWSSystem32driversdxg.sys
Address: 0xBF000000 Size: 73728 File Visible: - Signed: -
Status: -

Name: dxgthk.sys
Image Path: C:WINDOWSSystem32driversdxgthk.sys
Address: 0x9634A000 Size: 4096 File Visible: - Signed: -
Status: -

Name: el90xnd5.sys
Image Path: C:WINDOWSsystem32DRIVERSel90xnd5.sys
Address: 0xB84B9000 Size: 153600 File Visible: - Signed: -
Status: -

Name: Fastfat.SYS
Image Path: C:WINDOWSSystem32DriversFastfat.SYS
Address: 0x95AB7000 Size: 143744 File Visible: - Signed: -
Status: -

Name: fdc.sys
Image Path: C:WINDOWSsystem32DRIVERSfdc.sys
Address: 0xBA488000 Size: 27392 File Visible: - Signed: -
Status: -

Name: Fips.SYS
Image Path: C:WINDOWSSystem32DriversFips.SYS
Address: 0x96C61000 Size: 44544 File Visible: - Signed: -
Status: -

Name: flpydisk.sys
Image Path: C:WINDOWSSystem32DRIVERSflpydisk.sys
Address: 0x97281000 Size: 20480 File Visible: - Signed: -
Status: -

Name: fltmgr.sys
Image Path: fltmgr.sys
Address: 0xB9F87000 Size: 129792 File Visible: - Signed: -
Status: -

Name: Fs_Rec.SYS
Image Path: C:WINDOWSSystem32DriversFs_Rec.SYS
Address: 0x983CE000 Size: 7936 File Visible: - Signed: -
Status: -

Name: ftdisk.sys
Image Path: ftdisk.sys
Address: 0xB9F29000 Size: 125056 File Visible: - Signed: -
Status: -

Name: hal.dll
Image Path: C:WINDOWSsystem32hal.dll
Address: 0x806E4000 Size: 134400 File Visible: - Signed: -
Status: -

Name: HDAudBus.sys
Image Path: C:WINDOWSsystem32DRIVERSHDAudBus.sys
Address: 0xB84DF000 Size: 163840 File Visible: - Signed: -
Status: -

Name: HIDCLASS.SYS
Image Path: C:WINDOWSSystem32DRIVERSHIDCLASS.SYS
Address: 0x96C51000 Size: 36864 File Visible: - Signed: -
Status: -

Name: HIDPARSE.SYS
Image Path: C:WINDOWSsystem32DRIVERSHIDPARSE.SYS
Address: 0x96BF5000 Size: 28672 File Visible: - Signed: -
Status: -

Name: hidusb.sys
Image Path: C:WINDOWSSystem32DRIVERShidusb.sys
Address: 0x96B75000 Size: 10368 File Visible: - Signed: -
Status: -

Name: HTTP.sys
Image Path: C:WINDOWSSystem32DriversHTTP.sys
Address: 0x94A71000 Size: 265728 File Visible: - Signed: -
Status: -

Name: iaStor.sys
Image Path: iaStor.sys
Address: 0xB9E23000 Size: 819200 File Visible: - Signed: -
Status: -

Name: igxpdv32.DLL
Image Path: C:WINDOWSSystem32igxpdv32.DLL
Address: 0xBF04F000 Size: 1671168 File Visible: - Signed: -
Status: -

Name: igxpdx32.DLL
Image Path: C:WINDOWSSystem32igxpdx32.DLL
Address: 0xBF1E7000 Size: 2699264 File Visible: - Signed: -
Status: -

Name: igxpgd32.dll
Image Path: C:WINDOWSSystem32igxpgd32.dll
Address: 0xBF024000 Size: 176128 File Visible: - Signed: -
Status: -

Name: igxpmp32.sys
Image Path: C:WINDOWSsystem32DRIVERSigxpmp32.sys
Address: 0xB853F000 Size: 5854688 File Visible: - Signed: -
Status: -

Name: igxprd32.dll
Image Path: C:WINDOWSSystem32igxprd32.dll
Address: 0xBF012000 Size: 73728 File Visible: - Signed: -
Status: -

Name: imapi.sys
Image Path: C:WINDOWSSystem32DRIVERSimapi.sys
Address: 0xB8EBF000 Size: 42112 File Visible: - Signed: -
Status: -

Name: IntcHdmi.sys
Image Path: C:WINDOWSsystem32driversIntcHdmi.sys
Address: 0xA5275000 Size: 126976 File Visible: - Signed: -
Status: -

Name: intelide.sys
Image Path: intelide.sys
Address: 0xBA5AE000 Size: 5504 File Visible: - Signed: -
Status: -

Name: intelppm.sys
Image Path: C:WINDOWSsystem32DRIVERSintelppm.sys
Address: 0xB94F0000 Size: 36352 File Visible: - Signed: -
Status: -

Name: ipnat.sys
Image Path: C:WINDOWSsystem32DRIVERSipnat.sys
Address: 0x95CCE000 Size: 152832 File Visible: - Signed: -
Status: -

Name: ipsec.sys
Image Path: C:WINDOWSSystem32DRIVERSipsec.sys
Address: 0x95D4D000 Size: 75264 File Visible: - Signed: -
Status: -

Name: isapnp.sys
Image Path: isapnp.sys
Address: 0xBA0A8000 Size: 37248 File Visible: - Signed: -
Status: -

Name: kbdclass.sys
Image Path: C:WINDOWSSystem32DRIVERSkbdclass.sys
Address: 0xBA490000 Size: 24576 File Visible: - Signed: -
Status: -

Name: kbdhid.sys
Image Path: C:WINDOWSsystem32DRIVERSkbdhid.sys
Address: 0x96913000 Size: 14592 File Visible: - Signed: -
Status: -

Name: KDCOM.DLL
Image Path: C:WINDOWSsystem32KDCOM.DLL
Address: 0xBA5A8000 Size: 8192 File Visible: - Signed: -
Status: -

Name: kmixer.sys
Image Path: C:WINDOWSsystem32driverskmixer.sys
Address: 0x930C0000 Size: 172416 File Visible: - Signed: -
Status: -

Name: ks.sys
Image Path: C:WINDOWSSystem32DRIVERSks.sys
Address: 0xB8496000 Size: 143360 File Visible: - Signed: -
Status: -

Name: KSecDD.sys
Image Path: KSecDD.sys
Address: 0xB9DA1000 Size: 92928 File Visible: - Signed: -
Status: -

Name: l151x86.sys
Image Path: C:WINDOWSsystem32DRIVERSl151x86.sys
Address: 0xB8EEF000 Size: 57344 File Visible: - Signed: -
Status: -

Name: mnmdd.SYS
Image Path: C:WINDOWSSystem32Driversmnmdd.SYS
Address: 0x983CA000 Size: 4224 File Visible: - Signed: -
Status: -

Name: mouclass.sys
Image Path: C:WINDOWSSystem32DRIVERSmouclass.sys
Address: 0xBA498000 Size: 23040 File Visible: - Signed: -
Status: -

Name: mouhid.sys
Image Path: C:WINDOWSSystem32DRIVERSmouhid.sys
Address: 0x96907000 Size: 12160 File Visible: - Signed: -
Status: -

Name: MountMgr.sys
Image Path: MountMgr.sys
Address: 0xBA0D8000 Size: 42368 File Visible: - Signed: -
Status: -

Name: mrxdav.sys
Image Path: C:WINDOWSSystem32DRIVERSmrxdav.sys
Address: 0x95894000 Size: 180608 File Visible: - Signed: -
Status: -

Name: mrxsmb.sys
Image Path: C:WINDOWSSystem32DRIVERSmrxsmb.sys
Address: 0x95AFC000 Size: 455296 File Visible: - Signed: -
Status: -

Name: Msfs.SYS
Image Path: C:WINDOWSSystem32DriversMsfs.SYS
Address: 0x96BE5000 Size: 19072 File Visible: - Signed: -
Status: -

Name: msgpc.sys
Image Path: C:WINDOWSSystem32DRIVERSmsgpc.sys
Address: 0x96CB1000 Size: 35072 File Visible: - Signed: -
Status: -

Name: mssmbios.sys
Image Path: C:WINDOWSSystem32DRIVERSmssmbios.sys
Address: 0xB8AF1000 Size: 15488 File Visible: - Signed: -
Status: -

Name: Mup.sys
Image Path: Mup.sys
Address: 0xB9CBA000 Size: 105344 File Visible: - Signed: -
Status: -

Name: NDIS.sys
Image Path: NDIS.sys
Address: 0xB9CD4000 Size: 182656 File Visible: - Signed: -
Status: -

Name: ndistapi.sys
Image Path: C:WINDOWSSystem32DRIVERSndistapi.sys
Address: 0xB9C76000 Size: 10112 File Visible: - Signed: -
Status: -

Name: ndisuio.sys
Image Path: C:WINDOWSSystem32DRIVERSndisuio.sys
Address: 0xB9C8E000 Size: 14592 File Visible: - Signed: -
Status: -

Name: ndiswan.sys
Image Path: C:WINDOWSSystem32DRIVERSndiswan.sys
Address: 0xB847F000 Size: 91520 File Visible: - Signed: -
Status: -

Name: NDProxy.SYS
Image Path: C:WINDOWSSystem32DriversNDProxy.SYS
Address: 0xBA318000 Size: 40576 File Visible: - Signed: -
Status: -

Name: netbios.sys
Image Path: C:WINDOWSSystem32DRIVERSnetbios.sys
Address: 0x96C81000 Size: 34688 File Visible: - Signed: -
Status: -

Name: netbt.sys
Image Path: C:WINDOWSSystem32DRIVERSnetbt.sys
Address: 0x95C7E000 Size: 162816 File Visible: - Signed: -
Status: -

Name: nic1394.sys
Image Path: C:WINDOWSsystem32DRIVERSnic1394.sys
Address: 0xBA178000 Size: 61824 File Visible: - Signed: -
Status: -

Name: Npfs.SYS
Image Path: C:WINDOWSSystem32DriversNpfs.SYS
Address: 0x96BDD000 Size: 30848 File Visible: - Signed: -
Status: -

Name: Ntfs.sys
Image Path: Ntfs.sys
Address: 0xB9D01000 Size: 574976 File Visible: - Signed: -
Status: -

Name: ntkrnlpa.exe
Image Path: C:WINDOWSsystem32ntkrnlpa.exe
Address: 0x804D7000 Size: 2150400 File Visible: - Signed: -
Status: -

Name: Null.SYS
Image Path: C:WINDOWSSystem32DriversNull.SYS
Address: 0x967ED000 Size: 2944 File Visible: - Signed: -
Status: -

Name: ohci1394.sys
Image Path: ohci1394.sys
Address: 0xBA0B8000 Size: 61696 File Visible: - Signed: -
Status: -

Name: PartMgr.sys
Image Path: PartMgr.sys
Address: 0xBA330000 Size: 19712 File Visible: - Signed: -
Status: -

Name: pci.sys
Image Path: pci.sys
Address: 0xB9F48000 Size: 68224 File Visible: - Signed: -
Status: -

Name: pciide.sys
Image Path: pciide.sys
Address: 0xBA670000 Size: 3328 File Visible: - Signed: -
Status: -

Name: PCIIDEX.SYS
Image Path: C:WINDOWSsystem32DRIVERSPCIIDEX.SYS
Address: 0xBA328000 Size: 28672 File Visible: - Signed: -
Status: -

Name: PCTCore.sys
Image Path: PCTCore.sys
Address: 0xB9DDA000 Size: 225280 File Visible: - Signed: -
Status: -

Name: PnpManager
Image Path: DriverPnpManager
Address: 0x804D7000 Size: 2150400 File Visible: - Signed: -
Status: -

Name: portcls.sys
Image Path: C:WINDOWSsystem32driversportcls.sys
Address: 0xA5294000 Size: 147456 File Visible: - Signed: -
Status: -

Name: ptilink.sys
Image Path: C:WINDOWSSystem32DRIVERSptilink.sys
Address: 0xBA4A8000 Size: 17792 File Visible: - Signed: -
Status: -

Name: PxHelp20.sys
Image Path: PxHelp20.sys
Address: 0xBA118000 Size: 35712 File Visible: - Signed: -
Status: -

Name: rasacd.sys
Image Path: C:WINDOWSSystem32DRIVERSrasacd.sys
Address: 0x96B95000 Size: 8832 File Visible: - Signed: -
Status: -

Name: rasl2tp.sys
Image Path: C:WINDOWSSystem32DRIVERSrasl2tp.sys
Address: 0xB8E8F000 Size: 51328 File Visible: - Signed: -
Status: -

Name: raspppoe.sys
Image Path: C:WINDOWSSystem32DRIVERSraspppoe.sys
Address: 0xB8E7F000 Size: 41472 File Visible: - Signed: -
Status: -

Name: raspptp.sys
Image Path: C:WINDOWSSystem32DRIVERSraspptp.sys
Address: 0xB8E6F000 Size: 48384 File Visible: - Signed: -
Status: -

Name: raspti.sys
Image Path: C:WINDOWSSystem32DRIVERSraspti.sys
Address: 0xBA4B0000 Size: 16512 File Visible: - Signed: -
Status: -

Name: RAW
Image Path: FileSystemRAW
Address: 0x804D7000 Size: 2150400 File Visible: - Signed: -
Status: -

Name: rdbss.sys
Image Path: C:WINDOWSSystem32DRIVERSrdbss.sys
Address: 0x95B6C000 Size: 175744 File Visible: - Signed: -
Status: -

Name: RDPCDD.sys
Image Path: C:WINDOWSSystem32DRIVERSRDPCDD.sys
Address: 0x983C8000 Size: 4224 File Visible: - Signed: -
Status: -

Name: rdpdr.sys
Image Path: C:WINDOWSSystem32DRIVERSrdpdr.sys
Address: 0xB844F000 Size: 196224 File Visible: - Signed: -
Status: -

Name: RDPWD.SYS
Image Path: C:WINDOWSSystem32DriversRDPWD.SYS
Address: 0x94F80000 Size: 139520 File Visible: - Signed: -
Status: -

Name: redbook.sys
Image Path: C:WINDOWSSystem32DRIVERSredbook.sys
Address: 0xB8E9F000 Size: 57600 File Visible: - Signed: -
Status: -

Name: RimSerial.sys
Image Path: C:WINDOWSsystem32DRIVERSRimSerial.sys
Address: 0xBA350000 Size: 26496 File Visible: - Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:WINDOWSsystem32driversrootrepeal.sys
Address: 0x937AB000 Size: 49152 File Visible: No Signed: -
Status: -

Name: RtkHDAud.sys
Image Path: C:WINDOWSsystem32driversRtkHDAud.sys
Address: 0xA52B8000 Size: 4796416 File Visible: - Signed: -
Status: -

Name: SASDIFSV.SYS
Image Path: C:Program FilesSUPERAntiSpywareSASDIFSV.SYS
Address: 0x96BD5000 Size: 24576 File Visible: - Signed: -
Status: -

Name: SASKUTIL.sys
Image Path: C:Program FilesSUPERAntiSpywareSASKUTIL.sys
Address: 0x95B97000 Size: 151552 File Visible: - Signed: -
Status: -

Name: serenum.sys
Image Path: C:WINDOWSsystem32DRIVERSserenum.sys
Address: 0xB9C82000 Size: 15744 File Visible: - Signed: -
Status: -

Name: serial.sys
Image Path: C:WINDOWSsystem32DRIVERSserial.sys
Address: 0xB8EDF000 Size: 64512 File Visible: - Signed: -
Status: -

Name: sr.sys
Image Path: sr.sys
Address: 0xB9E11000 Size: 73472 File Visible: - Signed: -
Status: -

Name: srv.sys
Image Path: C:WINDOWSSystem32DRIVERSsrv.sys
Address: 0x9578B000 Size: 333952 File Visible: - Signed: -
Status: -

Name: swenum.sys
Image Path: C:WINDOWSSystem32DRIVERSswenum.sys
Address: 0xBA5FA000 Size: 4352 File Visible: - Signed: -
Status: -

Name: sysaudio.sys
Image Path: C:WINDOWSsystem32driverssysaudio.sys
Address: 0xBA2E8000 Size: 60800 File Visible: - Signed: -
Status: -

Name: tcpip.sys
Image Path: C:WINDOWSSystem32DRIVERStcpip.sys
Address: 0x95CF4000 Size: 361600 File Visible: - Signed: -
Status: -

Name: TDI.SYS
Image Path: C:WINDOWSSystem32DRIVERSTDI.SYS
Address: 0xBA4A0000 Size: 20480 File Visible: - Signed: -
Status: -

Name: TDTCP.SYS
Image Path: C:WINDOWSSystem32DriversTDTCP.SYS
Address: 0xBA3B8000 Size: 21760 File Visible: - Signed: -
Status: -

Name: termdd.sys
Image Path: C:WINDOWSSystem32DRIVERStermdd.sys
Address: 0xB8E5F000 Size: 40704 File Visible: - Signed: -
Status: -

Name: TfFsMon.sys
Image Path: TfFsMon.sys
Address: 0xB9DB8000 Size: 69632 File Visible: - Signed: -
Status: -

Name: TfSysMon.sys
Image Path: TfSysMon.sys
Address: 0xB9DC9000 Size: 69632 File Visible: - Signed: -
Status: -

Name: update.sys
Image Path: C:WINDOWSSystem32DRIVERSupdate.sys
Address: 0xB83F1000 Size: 384768 File Visible: - Signed: -
Status: -

Name: usbccgp.sys
Image Path: C:WINDOWSsystem32DRIVERSusbccgp.sys
Address: 0x96BBD000 Size: 32128 File Visible: - Signed: -
Status: -

Name: USBD.SYS
Image Path: C:WINDOWSsystem32DRIVERSUSBD.SYS
Address: 0xBA5F8000 Size: 8192 File Visible: - Signed: -
Status: -

Name: usbehci.sys
Image Path: C:WINDOWSsystem32DRIVERSusbehci.sys
Address: 0xBA480000 Size: 30208 File Visible: - Signed: -
Status: -

Name: usbhub.sys
Image Path: C:WINDOWSsystem32DRIVERSusbhub.sys
Address: 0xA747B000 Size: 59520 File Visible: - Signed: -
Status: -

Name: USBPORT.SYS
Image Path: C:WINDOWSsystem32DRIVERSUSBPORT.SYS
Address: 0xB8507000 Size: 147456 File Visible: - Signed: -
Status: -

Name: usbscan.sys
Image Path: C:WINDOWSsystem32DRIVERSusbscan.sys
Address: 0xB9C7A000 Size: 15104 File Visible: - Signed: -
Status: -

Name: USBSTOR.SYS
Image Path: C:WINDOWSsystem32DRIVERSUSBSTOR.SYS
Address: 0x9632D000 Size: 26368 File Visible: - Signed: -
Status: -

Name: usbuhci.sys
Image Path: C:WINDOWSsystem32DRIVERSusbuhci.sys
Address: 0xBA478000 Size: 20608 File Visible: - Signed: -
Status: -

Name: vga.sys
Image Path: C:WINDOWSSystem32driversvga.sys
Address: 0x96BED000 Size: 20992 File Visible: - Signed: -
Status: -

Name: VIDEOPRT.SYS
Image Path: C:WINDOWSsystem32DRIVERSVIDEOPRT.SYS
Address: 0xB852B000 Size: 81920 File Visible: - Signed: -
Status: -

Name: VolSnap.sys
Image Path: VolSnap.sys
Address: 0xBA0E8000 Size: 52352 File Visible: - Signed: -
Status: -

Name: wanarp.sys
Image Path: C:WINDOWSSystem32DRIVERSwanarp.sys
Address: 0x96C91000 Size: 34560 File Visible: - Signed: -
Status: -

Name: watchdog.sys
Image Path: C:WINDOWSSystem32watchdog.sys
Address: 0x9631D000 Size: 20480 File Visible: - Signed: -
Status: -

Name: wdmaud.sys
Image Path: C:WINDOWSsystem32driverswdmaud.sys
Address: 0x94D63000 Size: 83072 File Visible: - Signed: -
Status: -

Name: Win32k
Image Path: DriverWin32k
Address: 0xBF800000 Size: 1851392 File Visible: - Signed: -
Status: -

Name: win32k.sys
Image Path: C:WINDOWSSystem32win32k.sys
Address: 0xBF800000 Size: 1851392 File Visible: - Signed: -
Status: -

Name: WinRT.SYS
Image Path: C:WINDOWSSystem32DriversWinRT.SYS
Address: 0x9587D000 Size: 93344 File Visible: - Signed: -
Status: -

Name: WMILIB.SYS
Image Path: C:WINDOWSsystem32DRIVERSWMILIB.SYS
Address: 0xBA5AA000 Size: 8192 File Visible: - Signed: -
Status: -

Name: WMIxWDM
Image Path: DriverWMIxWDM
Address: 0x804D7000 Size: 2150400 File Visible: - Signed: -
Status: -

Name: WudfPf.sys
Image Path: WudfPf.sys
Address: 0xB9D8E000 Size: 76544 File Visible: - Signed: -
Status: -

My Problem:

I had gotten that Antivirus 2009, I got rid of it but now everytime I load up IE or FF, it comes up with a Connect To: dialog box and its usually some site sucha as msnportal.112.207.net, it keeps popping up a dialog box to login. I have to cancel out of it several times in order to access a webpage or any web based program.

I have used MalwareBytes, SuperAntiSpyware, MSCONFIG, PC Doctor, nothing works, HEEEEEELLLP!!

Merged posts. ~ OB

Edited by Orange Blossom, 09 December 2009 - 10:44 PM.


BC AdBot (Login to Remove)

 


#2 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:47 PM

Posted 21 December 2009 - 10:46 PM

Hi,

My name is Extremeboy (or EB for short), and I will be helping you with your log.

We apologize for the delay of response.

If you still require assistance we would like to see the current condition of your system so please post a new set of DDS Logs as well as a RootRepeal log and a description of any remaining problems or symptoms you may still have please.

If for any reason you did not post a DDS log or RootRepeal log please refer to this page and in step #6 and Step #7 for further instructions on downloading and running DDS & RootRepeal. If you have any problems just let me know in your next reply or simply post a Hijackthis log.


For your next reply I would like to see:
-The DDS logs
---DDS.txt and Attach logs
-RootRepeal logs
-Description of any remaining problems you may still have.


Thanks again and we apologize for the delay.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#3 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:47 PM

Posted 26 December 2009 - 09:37 AM

Hello.

Due to Lack of feedback, this topic is now Closed

If you need this topic reopened, please Send Me a Message. In your message please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users