Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Maleware bytes not opening please help


  • Please log in to reply
15 replies to this topic

#1 andyreid

andyreid

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:01 AM

Posted 11 August 2010 - 12:53 PM

Hello, i have a windows 7 and vista dual boot, yeasterday i had a virus , anti maleware doctor and when i tried to open maleware bytes it just did not open, i then removed the virus manually and went on safe mode and ran malwebytes and it worked and i did a full scan and a quick scan, it detected 7 objects and removed them, i then went on windows 7 normally not on safe mode and every time i open malewarebytes it just doesnt open i uninstalled it and re installed it 3 times and still it just dosent open. please help solve my problem Thank You

Edited by Blade Zephon, 11 August 2010 - 03:10 PM.
Moved from Windows 7 to a more appropriate forum. ~BZ


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:01 AM

Posted 11 August 2010 - 03:29 PM

Welcome....

First clean the temp files. TFC by OT
Please download TFC by Old Timer and save it to your desktop.
alternate download link
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.

1. Uninstall Malwarebytes' Anti-Malware using Add/Remove programs in the control panel.
2. Restart your computer (very important).
3. Download and run this utility. Mbam clean
4. It will ask to restart your computer (please allow it to).
5. After the computer restarts, install the latest version from here. http://www.malwarebytes.org/mbam-download.php
Note: You will need to reactivate the program using the license you were sent.
Note: If using Free version, ignore the part about putting in your license key and activating.
Launch the program and set the Protection and Registration.
Then go to the UPDATE tab if not done during installation and check for updates.
Restart the computer again and verify that MBAM is in the task tray and run a Quick Scan and post that log.


If that worked run MBAM and post the log. in any event run SAS>>>
Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.

Edited by boopme, 11 August 2010 - 03:31 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 andyreid

andyreid
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:01 AM

Posted 12 August 2010 - 08:35 AM

Hello before i read the suggestion at the top i did a full computer scan with avg and these were the results

"Scan ""Scan whole computer"" completed."
"Infections;""5"";""5"";""0"""
"Folders selected for scanning:;""Scan whole computer"""
"Scan started:;""12 August 2010, 13:07:58"""
"Scan finished:;""12 August 2010, 14:00:18 (52 minute(s) 20 second(s))"""
"Total object scanned:;""497981"""
"User who launched the scan:;""Krishna"""

Infections
"File;""Infection"";""Result"""
"W:\Windows\Tjutia.exe;""Trojan horse FakeAlert.TS"";""Moved to Virus Vault"""
"C:\Users\Rahul\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\f2b0d73-6e22aa47:\AppleT.class;""Trojan horse Java/Downloader.P"";""Moved to Virus Vault"""
"C:\Users\Rahul\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\f2b0d73-6e22aa47;""Trojan horse Java/Downloader.P"";""Moved to Virus Vault"""
"C:\Users\Krishna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\34eb48b1-70d7750e:\AppleT.class;""Trojan horse Java/Downloader.P"";""Moved to Virus Vault"""
"C:\Users\Krishna\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\34eb48b1-70d7750e;""Trojan horse Java/Downloader.P"";""Moved to Virus Vault"""


also when i go on the virus vault, there are 3 things there, shall i remove them from the virus vault or not
also another problem i am having is that i am not 100% sure if there is a virus or something else on my computer as when i am on firefox and on google and i search things e.g like bbc it goes to search pro and then a white picture saying your request it loading and it takes me on differnet sites like if i search mininclip it took me to www.y3.com why is this and how do i remove it Thank You

#4 andyreid

andyreid
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:01 AM

Posted 12 August 2010 - 09:26 AM

Welcome....

First clean the temp files. TFC by OT
Please download TFC by Old Timer and save it to your desktop.
alternate download linkSave any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
1. Uninstall Malwarebytes' Anti-Malware using Add/Remove programs in the control panel.
2. Restart your computer (very important).
3. Download and run this utility. Mbam clean
4. It will ask to restart your computer (please allow it to).
5. After the computer restarts, install the latest version from here. http://www.malwarebytes.org/mbam-download.php
Note: You will need to reactivate the program using the license you were sent.
Note: If using Free version, ignore the part about putting in your license key and activating.
Launch the program and set the Protection and Registration.
Then go to the UPDATE tab if not done during installation and check for updates.
Restart the computer again and verify that MBAM is in the task tray and run a Quick Scan and post that log.



Hello i have did this but after i finished still no differnce malewarebytes just doesnt open. what shall i do now the program doesnt open

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:01 AM

Posted 12 August 2010 - 10:21 AM

Ok you can empty the vault if you prefer,but anything placed there can no longer harm your PC.

What version of JAVA is running?
Go into Control Panel>Add Remove Programs. Be sure the 'Show Updates' box is checked. Go down the list and tell me what Java applications are installed and their version. (Highlight the program to see this).

Please run McAfee FakeAlert Stinger

You may need to turn off your A/V just for the MBAm scan

Edited by boopme, 12 August 2010 - 10:22 AM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 andyreid

andyreid
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:01 AM

Posted 12 August 2010 - 12:36 PM

here is the picture of java im using windows 7 so i cant show updates

Posted Image

also i cant run that macafee things as the link is dead

also can you help me on the google redirct problem as well thank you

also the java™6 update 18 product version 6.0.180

also i cant open the program maleware bytes there fore cant run the scan

Edited by andyreid, 12 August 2010 - 12:37 PM.


#7 Stor-A11

Stor-A11

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:10:01 AM

Posted 12 August 2010 - 01:07 PM

Please run McAfee FakeAlert Stinger


That link is dead. FakeAlert Stinger.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:01 AM

Posted 12 August 2010 - 02:04 PM

Hello again, Thank you Stor-A11 for posting the new link.
Run Stinger then these.

Please run the tool here How to remove Google Redirects

When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here.

Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.


Java is a bit out of date. Version Number: 6.0 Update 21
Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Look for "JDK 6 Update 21 (JDK or JRE)".
  • Click the "Download JRE" button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "I agree to the Java SE...License Agreement".
  • Click Continue and the page will refresh.
  • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u21-windows-i586-s.exe to install the newest version.
  • If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
-- Starting with Java 6u10, the uninstaller incorporated in each new release uses Enhanced Auto update to automatically remove the previous version when updating to a later update release. It will not remove older versions, so they will need to be removed manually.
-- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.


Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click Ok and reboot your computer.

Edited by boopme, 12 August 2010 - 02:06 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 andyreid

andyreid
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:01 AM

Posted 13 August 2010 - 04:53 AM

hello Thank you for your advice i will try this but the problem is that i am on a dual boot with windows 7 and vista and windows 7 has the problem and thats on my (W) drive
as you said this


When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here.

(be created on your C: drive called ) does that mean my W drive Thank you

also i was searching this forum and i was suprised that many other people have had this google problem aswell why is this ? what sort of virus is it ? and where does it come from and where and how does the anti maleware doctor come from Thank You


hello i cant update jave because i get this message


it works now i am dowlnloading java now

also here is the stinger report

McAfee® Labs Stinger™ Version 10.1.0.728 built on Mar 18 2010

Copyright © 2010 McAfee, Inc. All Rights Reserved.

Virus data file v1000.0000 created on Mar 18 2010.

Ready to scan for 1331 viruses, trojans and variants.



Scan initiated on Fri Aug 13 10:56:41 2010

Number of clean files: 148224


hello i also ran malewarebytes scan quick scan

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4424

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

13/08/2010 11:59:47
mbam-log-2010-08-13 (11-59-47).txt

Scan type: Quick scan
Objects scanned: 133306
Time elapsed: 10 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\ZE18MW23GY (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\10DPP6O2VE (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



the 2 items are in quarantine shall i remove them from quarantine ?

Edited by andyreid, 13 August 2010 - 08:25 AM.


#10 andyreid

andyreid
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:01 AM

Posted 13 August 2010 - 06:04 AM

here is the other report

2010/08/12 18:50:56.0253 TDSS rootkit removing tool 2.4.1.1 Aug 10 2010 14:48:09
2010/08/12 18:50:56.0253 ================================================================================
2010/08/12 18:50:56.0253 SystemInfo:
2010/08/12 18:50:56.0253
2010/08/12 18:50:56.0253 OS Version: 6.1.7600 ServicePack: 0.0
2010/08/12 18:50:56.0253 Product type: Workstation
2010/08/12 18:50:56.0253 ComputerName: BALRAM-PC
2010/08/12 18:50:56.0269 UserName: Krishna
2010/08/12 18:50:56.0269 Windows directory: W:\Windows
2010/08/12 18:50:56.0269 System windows directory: W:\Windows
2010/08/12 18:50:56.0269 Processor architecture: Intel x86
2010/08/12 18:50:56.0269 Number of processors: 2
2010/08/12 18:50:56.0269 Page size: 0x1000
2010/08/12 18:50:56.0269 Boot type: Normal boot
2010/08/12 18:50:56.0269 ================================================================================
2010/08/12 18:51:00.0122 Initialize success
2010/08/12 18:51:04.0630 ================================================================================
2010/08/12 18:51:04.0630 Scan started
2010/08/12 18:51:04.0630 Mode: Manual;
2010/08/12 18:51:04.0630 ================================================================================
2010/08/12 18:51:05.0660 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) W:\Windows\system32\DRIVERS\1394ohci.sys
2010/08/12 18:51:06.0097 ACPI (f0e07d144c8685b8774bc32fc8da4df0) W:\Windows\system32\DRIVERS\ACPI.sys
2010/08/12 18:51:06.0518 AcpiPmi (98d81ca942d19f7d9153b095162ac013) W:\Windows\system32\DRIVERS\acpipmi.sys
2010/08/12 18:51:06.0986 adp94xx (21e785ebd7dc90a06391141aac7892fb) W:\Windows\system32\DRIVERS\adp94xx.sys
2010/08/12 18:51:07.0423 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) W:\Windows\system32\DRIVERS\adpahci.sys
2010/08/12 18:51:07.0875 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) W:\Windows\system32\DRIVERS\adpu320.sys
2010/08/12 18:51:08.0328 AFD (ddc040fdb01ef1712a6b13e52afb104c) W:\Windows\system32\drivers\afd.sys
2010/08/12 18:51:08.0874 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) W:\Windows\system32\DRIVERS\AGRSM.sys
2010/08/12 18:51:09.0295 agp440 (507812c3054c21cef746b6ee3d04dd6e) W:\Windows\system32\DRIVERS\agp440.sys
2010/08/12 18:51:09.0747 aic78xx (8b30250d573a8f6b4bd23195160d8707) W:\Windows\system32\DRIVERS\djsvs.sys
2010/08/12 18:51:10.0200 aliide (0d40bcf52ea90fc7df2aeab6503dea44) W:\Windows\system32\DRIVERS\aliide.sys
2010/08/12 18:51:10.0652 amdagp (3c6600a0696e90a463771c7422e23ab5) W:\Windows\system32\DRIVERS\amdagp.sys
2010/08/12 18:51:11.0073 amdide (cd5914170297126b6266860198d1d4f0) W:\Windows\system32\DRIVERS\amdide.sys
2010/08/12 18:51:11.0510 AmdK8 (00dda200d71bac534bf56a9db5dfd666) W:\Windows\system32\DRIVERS\amdk8.sys
2010/08/12 18:51:11.0947 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) W:\Windows\system32\DRIVERS\amdppm.sys
2010/08/12 18:51:12.0384 amdsata (2101a86c25c154f8314b24ef49d7fbc2) W:\Windows\system32\DRIVERS\amdsata.sys
2010/08/12 18:51:12.0820 amdsbs (ea43af0c423ff267355f74e7a53bdaba) W:\Windows\system32\DRIVERS\amdsbs.sys
2010/08/12 18:51:13.0242 amdxata (b81c2b5616f6420a9941ea093a92b150) W:\Windows\system32\DRIVERS\amdxata.sys
2010/08/12 18:51:13.0710 AppID (feb834c02ce1e84b6a38f953ca067706) W:\Windows\system32\drivers\appid.sys
2010/08/12 18:51:14.0178 arc (2932004f49677bd84dbc72edb754ffb3) W:\Windows\system32\DRIVERS\arc.sys
2010/08/12 18:51:14.0583 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) W:\Windows\system32\DRIVERS\arcsas.sys
2010/08/12 18:51:15.0020 AsyncMac (add2ade1c2b285ab8378d2daaf991481) W:\Windows\system32\DRIVERS\asyncmac.sys
2010/08/12 18:51:15.0457 atapi (338c86357871c167a96ab976519bf59e) W:\Windows\system32\DRIVERS\atapi.sys
2010/08/12 18:51:15.0925 athr (ac4adac154563ab41cc79b0257bc685a) W:\Windows\system32\DRIVERS\athr.sys
2010/08/12 18:51:16.0424 Avgfwfd (26a4640a8f16f8ce39b93329c83bb15a) W:\Windows\system32\DRIVERS\avgfwd6x.sys
2010/08/12 18:51:16.0767 AVGIDSDriverw7x (9e6b5bc75fd68b0d56a6f68a2d967241) W:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSDriver.sys
2010/08/12 18:51:17.0251 AVGIDSErHrw7x (25d906e3419ec2e7813d0627dd054032) W:\Windows\system32\Drivers\AVGIDSwx.sys
2010/08/12 18:51:17.0547 AVGIDSFilterw7x (57b9a71774c9e334dc8ef97657ff18a1) W:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSFilter.sys
2010/08/12 18:51:17.0859 AVGIDSShimw7x (c996c03d160137938a122a951305d645) W:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSShim.sys
2010/08/12 18:51:18.0327 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) W:\Windows\System32\Drivers\avgldx86.sys
2010/08/12 18:51:18.0764 AvgMfx86 (53b3f979930a786a614d29cafe99f645) W:\Windows\System32\Drivers\avgmfx86.sys
2010/08/12 18:51:19.0232 AvgRkx86 (5bbcd8646074a3af4ee9b321d12c2b64) W:\Windows\system32\Drivers\avgrkx86.sys
2010/08/12 18:51:19.0685 AvgTdiX (22e3b793c3e61720f03d3a22351af410) W:\Windows\System32\Drivers\avgtdix.sys
2010/08/12 18:51:20.0137 b06bdrv (1a231abec60fd316ec54c66715543cec) W:\Windows\system32\DRIVERS\bxvbdx.sys
2010/08/12 18:51:20.0605 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) W:\Windows\system32\DRIVERS\b57nd60x.sys
2010/08/12 18:51:21.0073 Beep (505506526a9d467307b3c393dedaf858) W:\Windows\system32\drivers\Beep.sys
2010/08/12 18:51:21.0525 blbdrive (2287078ed48fcfc477b05b20cf38f36f) W:\Windows\system32\DRIVERS\blbdrive.sys
2010/08/12 18:51:21.0947 bowser (fcafaef6798d7b51ff029f99a9898961) W:\Windows\system32\DRIVERS\bowser.sys
2010/08/12 18:51:22.0368 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) W:\Windows\system32\DRIVERS\BrFiltLo.sys
2010/08/12 18:51:22.0789 BrFiltUp (56801ad62213a41f6497f96dee83755a) W:\Windows\system32\DRIVERS\BrFiltUp.sys
2010/08/12 18:51:23.0241 Brserid (845b8ce732e67f3b4133164868c666ea) W:\Windows\System32\Drivers\Brserid.sys
2010/08/12 18:51:23.0678 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) W:\Windows\System32\Drivers\BrSerWdm.sys
2010/08/12 18:51:24.0099 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) W:\Windows\System32\Drivers\BrUsbMdm.sys
2010/08/12 18:51:24.0521 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) W:\Windows\System32\Drivers\BrUsbSer.sys
2010/08/12 18:51:24.0973 BthEnum (2865a5c8e98c70c605f417908cebb3a4) W:\Windows\system32\DRIVERS\BthEnum.sys
2010/08/12 18:51:25.0659 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) W:\Windows\system32\DRIVERS\bthmodem.sys
2010/08/12 18:51:26.0268 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) W:\Windows\system32\DRIVERS\bthpan.sys
2010/08/12 18:51:26.0720 BTHPORT (4a34888e13224678dd062466afec4240) W:\Windows\system32\Drivers\BTHport.sys
2010/08/12 18:51:27.0157 BTHUSB (fa04c63916fa221dbb91fce153d07a55) W:\Windows\system32\Drivers\BTHUSB.sys
2010/08/12 18:51:27.0609 cdfs (77ea11b065e0a8ab902d78145ca51e10) W:\Windows\system32\DRIVERS\cdfs.sys
2010/08/12 18:51:28.0062 cdrom (ba6e70aa0e6091bc39de29477d866a77) W:\Windows\system32\DRIVERS\cdrom.sys
2010/08/12 18:51:28.0514 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) W:\Windows\system32\DRIVERS\circlass.sys
2010/08/12 18:51:28.0857 CLFS (635181e0e9bbf16871bf5380d71db02d) W:\Windows\system32\CLFS.sys
2010/08/12 18:51:29.0325 CmBatt (dea805815e587dad1dd2c502220b5616) W:\Windows\system32\DRIVERS\CmBatt.sys
2010/08/12 18:51:29.0762 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) W:\Windows\system32\DRIVERS\cmdide.sys
2010/08/12 18:51:30.0199 CNG (1b675691ed940766149c93e8f4488d68) W:\Windows\system32\Drivers\cng.sys
2010/08/12 18:51:30.0651 Compbatt (a6023d3823c37043986713f118a89bee) W:\Windows\system32\DRIVERS\compbatt.sys
2010/08/12 18:51:31.0166 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) W:\Windows\system32\DRIVERS\CompositeBus.sys
2010/08/12 18:51:31.0353 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) W:\Program Files\SystemRequirementsLab\cpudrv.sys
2010/08/12 18:51:31.0775 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) W:\Windows\system32\DRIVERS\crcdisk.sys
2010/08/12 18:51:32.0243 CSC (27c9490bdd0ae48911ab8cf1932591ed) W:\Windows\system32\drivers\csc.sys
2010/08/12 18:51:32.0726 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) W:\Windows\system32\Drivers\dfsc.sys
2010/08/12 18:51:33.0163 discache (1a050b0274bfb3890703d490f330c0da) W:\Windows\system32\drivers\discache.sys
2010/08/12 18:51:33.0615 Disk (565003f326f99802e68ca78f2a68e9ff) W:\Windows\system32\DRIVERS\disk.sys
2010/08/12 18:51:34.0068 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) W:\Windows\system32\drivers\drmkaud.sys
2010/08/12 18:51:34.0520 DXGKrnl (39806cfeddcc55e686a49bccd2972f23) W:\Windows\System32\drivers\dxgkrnl.sys
2010/08/12 18:51:35.0066 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) W:\Windows\system32\DRIVERS\evbdx.sys
2010/08/12 18:51:35.0643 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) W:\Windows\system32\DRIVERS\elxstor.sys
2010/08/12 18:51:36.0080 ErrDev (8fc3208352dd3912c94367a206ab3f11) W:\Windows\system32\DRIVERS\errdev.sys
2010/08/12 18:51:36.0548 exfat (2dc9108d74081149cc8b651d3a26207f) W:\Windows\system32\drivers\exfat.sys
2010/08/12 18:51:36.0985 fastfat (7e0ab74553476622fb6ae36f73d97d35) W:\Windows\system32\drivers\fastfat.sys
2010/08/12 18:51:37.0422 fdc (e817a017f82df2a1f8cfdbda29388b29) W:\Windows\system32\DRIVERS\fdc.sys
2010/08/12 18:51:37.0859 FileInfo (6cf00369c97f3cf563be99be983d13d8) W:\Windows\system32\drivers\fileinfo.sys
2010/08/12 18:51:38.0295 Filetrace (42c51dc94c91da21cb9196eb64c45db9) W:\Windows\system32\drivers\filetrace.sys
2010/08/12 18:51:38.0732 flpydisk (87907aa70cb3c56600f1c2fb8841579b) W:\Windows\system32\DRIVERS\flpydisk.sys
2010/08/12 18:51:39.0169 FltMgr (7520ec808e0c35e0ee6f841294316653) W:\Windows\system32\drivers\fltmgr.sys
2010/08/12 18:51:39.0606 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) W:\Windows\system32\drivers\FsDepends.sys
2010/08/12 18:51:40.0011 Fs_Rec (a574b4360e438977038aae4bf60d79a2) W:\Windows\system32\drivers\Fs_Rec.sys
2010/08/12 18:51:40.0479 fvevol (5592f5dba26282d24d2b080eb438a4d7) W:\Windows\system32\DRIVERS\fvevol.sys
2010/08/12 18:51:40.0932 FwLnk (cbc22823628544735625b280665e434e) W:\Windows\system32\DRIVERS\FwLnk.sys
2010/08/12 18:51:41.0369 gagp30kx (65ee0c7a58b65e74ae05637418153938) W:\Windows\system32\DRIVERS\gagp30kx.sys
2010/08/12 18:51:41.0805 hcw85cir (c44e3c2bab6837db337ddee7544736db) W:\Windows\system32\drivers\hcw85cir.sys
2010/08/12 18:51:42.0242 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) W:\Windows\system32\drivers\HdAudio.sys
2010/08/12 18:51:42.0679 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) W:\Windows\system32\DRIVERS\HDAudBus.sys
2010/08/12 18:51:43.0085 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) W:\Windows\system32\DRIVERS\HidBatt.sys
2010/08/12 18:51:43.0506 HidBth (89448f40e6df260c206a193a4683ba78) W:\Windows\system32\DRIVERS\hidbth.sys
2010/08/12 18:51:43.0911 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) W:\Windows\system32\DRIVERS\hidir.sys
2010/08/12 18:51:44.0364 HidUsb (25072fb35ac90b25f9e4e3bacf774102) W:\Windows\system32\DRIVERS\hidusb.sys
2010/08/12 18:51:44.0816 HpSAMD (295fdc419039090eb8b49ffdbb374549) W:\Windows\system32\DRIVERS\HpSAMD.sys
2010/08/12 18:51:45.0269 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) W:\Windows\system32\drivers\HTTP.sys
2010/08/12 18:51:45.0705 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) W:\Windows\system32\drivers\hwpolicy.sys
2010/08/12 18:51:46.0142 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) W:\Windows\system32\DRIVERS\i8042prt.sys
2010/08/12 18:51:46.0595 iaStorV (934af4d7c5f457b9f0743f4299b77b67) W:\Windows\system32\DRIVERS\iaStorV.sys
2010/08/12 18:51:47.0312 igfx (b1a8d4427bd6ee7818cd2e6169535e88) W:\Windows\system32\DRIVERS\igdkmd32.sys
2010/08/12 18:51:47.0796 iirsp (4173ff5708f3236cf25195fecd742915) W:\Windows\system32\DRIVERS\iirsp.sys
2010/08/12 18:51:48.0217 intelide (a0f12f2c9ba6c72f3987ce780e77c130) W:\Windows\system32\DRIVERS\intelide.sys
2010/08/12 18:51:48.0623 intelppm (3b514d27bfc4accb4037bc6685f766e0) W:\Windows\system32\DRIVERS\intelppm.sys
2010/08/12 18:51:49.0059 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) W:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/08/12 18:51:49.0496 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) W:\Windows\system32\DRIVERS\IPMIDrv.sys
2010/08/12 18:51:49.0933 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) W:\Windows\system32\drivers\ipnat.sys
2010/08/12 18:51:50.0339 IRENUM (42996cff20a3084a56017b7902307e9f) W:\Windows\system32\drivers\irenum.sys
2010/08/12 18:51:50.0791 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) W:\Windows\system32\DRIVERS\isapnp.sys
2010/08/12 18:51:51.0197 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) W:\Windows\system32\DRIVERS\msiscsi.sys
2010/08/12 18:51:51.0649 kbdclass (adef52ca1aeae82b50df86b56413107e) W:\Windows\system32\DRIVERS\kbdclass.sys
2010/08/12 18:51:52.0070 kbdhid (3d9f0ebf350edcfd6498057301455964) W:\Windows\system32\DRIVERS\kbdhid.sys
2010/08/12 18:51:52.0491 KSecDD (e36a061ec11b373826905b21be10948f) W:\Windows\system32\Drivers\ksecdd.sys
2010/08/12 18:51:52.0913 KSecPkg (26c046977e85b95036453d7b88ba1820) W:\Windows\system32\Drivers\ksecpkg.sys
2010/08/12 18:51:53.0381 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) W:\Windows\system32\DRIVERS\lltdio.sys
2010/08/12 18:51:53.0849 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) W:\Windows\system32\DRIVERS\lsi_fc.sys
2010/08/12 18:51:54.0270 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) W:\Windows\system32\DRIVERS\lsi_sas.sys
2010/08/12 18:51:54.0707 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) W:\Windows\system32\DRIVERS\lsi_sas2.sys
2010/08/12 18:51:55.0128 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) W:\Windows\system32\DRIVERS\lsi_scsi.sys
2010/08/12 18:51:55.0580 luafv (6703e366cc18d3b6e534f5cf7df39cee) W:\Windows\system32\drivers\luafv.sys
2010/08/12 18:51:56.0001 megasas (0fff5b045293002ab38eb1fd1fc2fb74) W:\Windows\system32\DRIVERS\megasas.sys
2010/08/12 18:51:56.0407 MegaSR (dcbab2920c75f390caf1d29f675d03d6) W:\Windows\system32\DRIVERS\MegaSR.sys
2010/08/12 18:51:56.0859 Modem (f001861e5700ee84e2d4e52c712f4964) W:\Windows\system32\drivers\modem.sys
2010/08/12 18:51:57.0281 monitor (79d10964de86b292320e9dfe02282a23) W:\Windows\system32\DRIVERS\monitor.sys
2010/08/12 18:51:57.0702 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) W:\Windows\system32\DRIVERS\mouclass.sys
2010/08/12 18:51:58.0139 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) W:\Windows\system32\DRIVERS\mouhid.sys
2010/08/12 18:51:58.0575 mountmgr (921c18727c5920d6c0300736646931c2) W:\Windows\system32\drivers\mountmgr.sys
2010/08/12 18:51:58.0997 mpio (2af5997438c55fb79d33d015c30e1974) W:\Windows\system32\DRIVERS\mpio.sys
2010/08/12 18:51:59.0433 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) W:\Windows\system32\drivers\mpsdrv.sys
2010/08/12 18:51:59.0855 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) W:\Windows\system32\drivers\mrxdav.sys
2010/08/12 18:52:00.0276 mrxsmb (f4a054be78af7f410129c4b64b07dc9b) W:\Windows\system32\DRIVERS\mrxsmb.sys
2010/08/12 18:52:00.0728 mrxsmb10 (deffa295bd1895c6ed8e3078412ac60b) W:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/08/12 18:52:01.0165 mrxsmb20 (24d76abe5dcad22f19d105f76fdf0ce1) W:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/08/12 18:52:01.0571 msahci (4326d168944123f38dd3b2d9c37a0b12) W:\Windows\system32\DRIVERS\msahci.sys
2010/08/12 18:52:01.0992 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) W:\Windows\system32\DRIVERS\msdsm.sys
2010/08/12 18:52:02.0429 Msfs (daefb28e3af5a76abcc2c3078c07327f) W:\Windows\system32\drivers\Msfs.sys
2010/08/12 18:52:02.0850 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) W:\Windows\System32\drivers\mshidkmdf.sys
2010/08/12 18:52:03.0271 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) W:\Windows\system32\DRIVERS\msisadrv.sys
2010/08/12 18:52:03.0723 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) W:\Windows\system32\drivers\MSKSSRV.sys
2010/08/12 18:52:04.0160 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) W:\Windows\system32\drivers\MSPCLOCK.sys
2010/08/12 18:52:04.0597 MSPQM (f456e973590d663b1073e9c463b40932) W:\Windows\system32\drivers\MSPQM.sys
2010/08/12 18:52:05.0034 MsRPC (0e008fc4819d238c51d7c93e7b41e560) W:\Windows\system32\drivers\MsRPC.sys
2010/08/12 18:52:05.0471 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) W:\Windows\system32\DRIVERS\mssmbios.sys
2010/08/12 18:52:05.0907 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) W:\Windows\system32\drivers\MSTEE.sys
2010/08/12 18:52:06.0344 MTConfig (33599130f44e1f34631cea241de8ac84) W:\Windows\system32\DRIVERS\MTConfig.sys
2010/08/12 18:52:06.0765 Mup (159fad02f64e6381758c990f753bcc80) W:\Windows\system32\Drivers\mup.sys
2010/08/12 18:52:07.0249 NativeWifiP (26384429fcd85d83746f63e798ab1480) W:\Windows\system32\DRIVERS\nwifi.sys
2010/08/12 18:52:07.0686 NDIS (23759d175a0a9baaf04d05047bc135a8) W:\Windows\system32\drivers\ndis.sys
2010/08/12 18:52:08.0138 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) W:\Windows\system32\DRIVERS\ndiscap.sys
2010/08/12 18:52:08.0575 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) W:\Windows\system32\DRIVERS\ndistapi.sys
2010/08/12 18:52:08.0996 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) W:\Windows\system32\DRIVERS\ndisuio.sys
2010/08/12 18:52:09.0417 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) W:\Windows\system32\DRIVERS\ndiswan.sys
2010/08/12 18:52:09.0839 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) W:\Windows\system32\drivers\NDProxy.sys
2010/08/12 18:52:10.0244 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) W:\Windows\system32\DRIVERS\netbios.sys
2010/08/12 18:52:10.0681 NetBT (dd52a733bf4ca5af84562a5e2f963b91) W:\Windows\system32\DRIVERS\netbt.sys
2010/08/12 18:52:11.0165 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) W:\Windows\system32\DRIVERS\nfrd960.sys
2010/08/12 18:52:11.0601 Npfs (1db262a9f8c087e8153d89bef3d2235f) W:\Windows\system32\drivers\Npfs.sys
2010/08/12 18:52:12.0038 nsiproxy (29f738eb73abca38e09cfa158387b93c) W:\Windows\system32\drivers\nsiproxy.sys
2010/08/12 18:52:12.0038 Suspicious file (Forged): W:\Windows\system32\drivers\nsiproxy.sys. Real md5: 29f738eb73abca38e09cfa158387b93c, Fake md5: e9a0a4d07e53d8fea2bb8387a3293c58
2010/08/12 18:52:12.0038 nsiproxy - detected Rootkit.Win32.TDSS.tdl3 (0)
2010/08/12 18:52:12.0522 Ntfs (3795dcd21f740ee799fb7223234215af) W:\Windows\system32\drivers\Ntfs.sys
2010/08/12 18:52:12.0959 Null (f9756a98d69098dca8945d62858a812c) W:\Windows\system32\drivers\Null.sys
2010/08/12 18:52:13.0380 nvraid (3f3d04b1d08d43c16ea7963954ec768d) W:\Windows\system32\DRIVERS\nvraid.sys
2010/08/12 18:52:13.0817 nvstor (c99f251a5de63c6f129cf71933aced0f) W:\Windows\system32\DRIVERS\nvstor.sys
2010/08/12 18:52:14.0238 nv_agp (5a0983915f02bae73267cc2a041f717d) W:\Windows\system32\DRIVERS\nv_agp.sys
2010/08/12 18:52:14.0675 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) W:\Windows\system32\DRIVERS\ohci1394.sys
2010/08/12 18:52:15.0205 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) W:\Windows\system32\DRIVERS\parport.sys
2010/08/12 18:52:15.0642 partmgr (ff4218952b51de44fe910953a3e686b9) W:\Windows\system32\drivers\partmgr.sys
2010/08/12 18:52:16.0079 Parvdm (eb0a59f29c19b86479d36b35983daadc) W:\Windows\system32\DRIVERS\parvdm.sys
2010/08/12 18:52:16.0500 pci (c858cb77c577780ecc456a892e7e7d0f) W:\Windows\system32\DRIVERS\pci.sys
2010/08/12 18:52:16.0921 pciide (afe86f419014db4e5593f69ffe26ce0a) W:\Windows\system32\DRIVERS\pciide.sys
2010/08/12 18:52:17.0358 pcmcia (f396431b31693e71e8a80687ef523506) W:\Windows\system32\DRIVERS\pcmcia.sys
2010/08/12 18:52:17.0763 pcw (250f6b43d2b613172035c6747aeeb19f) W:\Windows\system32\drivers\pcw.sys
2010/08/12 18:52:18.0200 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) W:\Windows\system32\drivers\peauth.sys
2010/08/12 18:52:18.0731 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) W:\Windows\system32\DRIVERS\raspptp.sys
2010/08/12 18:52:19.0167 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) W:\Windows\system32\DRIVERS\processr.sys
2010/08/12 18:52:19.0620 Psched (6270ccae2a86de6d146529fe55b3246a) W:\Windows\system32\DRIVERS\pacer.sys
2010/08/12 18:52:20.0072 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) W:\Windows\system32\DRIVERS\ql2300.sys
2010/08/12 18:52:20.0509 ql40xx (b4dd51dd25182244b86737dc51af2270) W:\Windows\system32\DRIVERS\ql40xx.sys
2010/08/12 18:52:20.0961 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) W:\Windows\system32\drivers\qwavedrv.sys
2010/08/12 18:52:21.0398 RasAcd (30a81b53c766d0133bb86d234e5556ab) W:\Windows\system32\DRIVERS\rasacd.sys
2010/08/12 18:52:21.0835 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) W:\Windows\system32\DRIVERS\AgileVpn.sys
2010/08/12 18:52:22.0287 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) W:\Windows\system32\DRIVERS\rasl2tp.sys
2010/08/12 18:52:22.0724 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) W:\Windows\system32\DRIVERS\raspppoe.sys
2010/08/12 18:52:23.0161 RasSstp (44101f495a83ea6401d886e7fd70096b) W:\Windows\system32\DRIVERS\rassstp.sys
2010/08/12 18:52:23.0598 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) W:\Windows\system32\DRIVERS\rdbss.sys
2010/08/12 18:52:24.0035 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) W:\Windows\system32\DRIVERS\rdpbus.sys
2010/08/12 18:52:24.0471 RDPCDD (1e016846895b15a99f9a176a05029075) W:\Windows\system32\DRIVERS\RDPCDD.sys
2010/08/12 18:52:24.0893 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) W:\Windows\system32\drivers\rdpdr.sys
2010/08/12 18:52:25.0314 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) W:\Windows\system32\drivers\rdpencdd.sys
2010/08/12 18:52:25.0751 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) W:\Windows\system32\drivers\rdprefmp.sys
2010/08/12 18:52:26.0203 RDPWD (801371ba9782282892d00aadb08ee367) W:\Windows\system32\drivers\RDPWD.sys
2010/08/12 18:52:26.0655 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) W:\Windows\system32\drivers\rdyboost.sys
2010/08/12 18:52:27.0123 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) W:\Windows\system32\DRIVERS\rfcomm.sys
2010/08/12 18:52:27.0607 rspndr (032b0d36ad92b582d869879f5af5b928) W:\Windows\system32\DRIVERS\rspndr.sys
2010/08/12 18:52:28.0059 RTL8167 (06bd46be6141556125f89df738333720) W:\Windows\system32\DRIVERS\Rt86win7.sys
2010/08/12 18:52:28.0481 s3cap (5423d8437051e89dd34749f242c98648) W:\Windows\system32\DRIVERS\vms3cap.sys
2010/08/12 18:52:28.0933 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) W:\Windows\system32\DRIVERS\sbp2port.sys
2010/08/12 18:52:29.0385 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) W:\Windows\system32\DRIVERS\scfilter.sys
2010/08/12 18:52:29.0853 secdrv (90a3935d05b494a5a39d37e71f09a677) W:\Windows\system32\drivers\secdrv.sys
2010/08/12 18:52:30.0321 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) W:\Windows\system32\DRIVERS\serenum.sys
2010/08/12 18:52:30.0758 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) W:\Windows\system32\DRIVERS\serial.sys
2010/08/12 18:52:31.0164 sermouse (79bffb520327ff916a582dfea17aa813) W:\Windows\system32\DRIVERS\sermouse.sys
2010/08/12 18:52:31.0772 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) W:\Windows\system32\DRIVERS\sffdisk.sys
2010/08/12 18:52:32.0443 sffp_mmc (932a68ee27833cfd57c1639d375f2731) W:\Windows\system32\DRIVERS\sffp_mmc.sys
2010/08/12 18:52:32.0864 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) W:\Windows\system32\DRIVERS\sffp_sd.sys
2010/08/12 18:52:33.0285 sfloppy (db96666cc8312ebc45032f30b007a547) W:\Windows\system32\DRIVERS\sfloppy.sys
2010/08/12 18:52:33.0722 sisagp (2565cac0dc9fe0371bdce60832582b2e) W:\Windows\system32\DRIVERS\sisagp.sys
2010/08/12 18:52:34.0159 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) W:\Windows\system32\DRIVERS\SiSRaid2.sys
2010/08/12 18:52:34.0580 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) W:\Windows\system32\DRIVERS\sisraid4.sys
2010/08/12 18:52:35.0017 Smb (3e21c083b8a01cb70ba1f09303010fce) W:\Windows\system32\DRIVERS\smb.sys
2010/08/12 18:52:35.0469 spldr (95cf1ae7527fb70f7816563cbc09d942) W:\Windows\system32\drivers\spldr.sys
2010/08/12 18:52:36.0047 sptd (cdddec541bc3c96f91ecb48759673505) W:\Windows\system32\Drivers\sptd.sys
2010/08/12 18:52:36.0062 Suspicious file (NoAccess): W:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2010/08/12 18:52:36.0078 sptd - detected Locked file (1)
2010/08/12 18:52:36.0515 srv (2ba4ebc7dfba845a1edbe1f75913be33) W:\Windows\system32\DRIVERS\srv.sys
2010/08/12 18:52:36.0951 srv2 (dce7e10feaabd4cae95948b3de5340bb) W:\Windows\system32\DRIVERS\srv2.sys
2010/08/12 18:52:37.0466 srvnet (b5665baa2120b8a54e22e9cd07c05106) W:\Windows\system32\DRIVERS\srvnet.sys
2010/08/12 18:52:37.0903 stexstor (db32d325c192b801df274bfd12a7e72b) W:\Windows\system32\DRIVERS\stexstor.sys
2010/08/12 18:52:38.0340 storflt (957e346ca948668f2496a6ccf6ff82cc) W:\Windows\system32\DRIVERS\vmstorfl.sys
2010/08/12 18:52:38.0777 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) W:\Windows\system32\DRIVERS\storvsc.sys
2010/08/12 18:52:39.0198 swenum (e58c78a848add9610a4db6d214af5224) W:\Windows\system32\DRIVERS\swenum.sys
2010/08/12 18:52:39.0681 SynTP (8bd10dc8809dc69a1c5a795cb10add76) W:\Windows\system32\DRIVERS\SynTP.sys
2010/08/12 18:52:40.0165 Tcpip (2cc3d75488abd3ec628bbb9a4fc84efc) W:\Windows\system32\drivers\tcpip.sys
2010/08/12 18:52:40.0664 TCPIP6 (2cc3d75488abd3ec628bbb9a4fc84efc) W:\Windows\system32\DRIVERS\tcpip.sys
2010/08/12 18:52:41.0085 tcpipreg (e64444523add154f86567c469bc0b17f) W:\Windows\system32\drivers\tcpipreg.sys
2010/08/12 18:52:41.0522 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) W:\Windows\system32\drivers\tdpipe.sys
2010/08/12 18:52:41.0943 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) W:\Windows\system32\drivers\tdtcp.sys
2010/08/12 18:52:42.0380 tdx (cb39e896a2a83702d1737bfd402b3542) W:\Windows\system32\DRIVERS\tdx.sys
2010/08/12 18:52:42.0801 TermDD (c36f41ee20e6999dbf4b0425963268a5) W:\Windows\system32\DRIVERS\termdd.sys
2010/08/12 18:52:43.0285 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) W:\Windows\system32\DRIVERS\tssecsrv.sys
2010/08/12 18:52:43.0597 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) W:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
2010/08/12 18:52:44.0034 tunnel (3e461d890a97f9d4c168f5fda36e1d00) W:\Windows\system32\DRIVERS\tunnel.sys
2010/08/12 18:52:44.0502 TVALZ (fc24015b4052600c324c43e3a79c0664) W:\Windows\system32\DRIVERS\TVALZ_O.SYS
2010/08/12 18:52:44.0939 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) W:\Windows\system32\DRIVERS\uagp35.sys
2010/08/12 18:52:45.0360 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) W:\Windows\system32\DRIVERS\udfs.sys
2010/08/12 18:52:45.0812 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) W:\Windows\system32\DRIVERS\uliagpkx.sys
2010/08/12 18:52:46.0249 umbus (049b3a50b3d646baeeee9eec9b0668dc) W:\Windows\system32\DRIVERS\umbus.sys
2010/08/12 18:52:46.0701 UmPass (7550ad0c6998ba1cb4843e920ee0feac) W:\Windows\system32\DRIVERS\umpass.sys
2010/08/12 18:52:47.0154 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) W:\Windows\system32\DRIVERS\usbccgp.sys
2010/08/12 18:52:47.0591 usbcir (04ec7cec62ec3b6d9354eee93327fc82) W:\Windows\system32\DRIVERS\usbcir.sys
2010/08/12 18:52:47.0996 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) W:\Windows\system32\DRIVERS\usbehci.sys
2010/08/12 18:52:48.0433 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) W:\Windows\system32\DRIVERS\usbhub.sys
2010/08/12 18:52:48.0854 usbohci (a6fb7957ea7afb1165991e54ce934b74) W:\Windows\system32\DRIVERS\usbohci.sys
2010/08/12 18:52:49.0275 usbprint (797d862fe0875e75c7cc4c1ad7b30252) W:\Windows\system32\DRIVERS\usbprint.sys
2010/08/12 18:52:49.0712 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) W:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/08/12 18:52:50.0133 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) W:\Windows\system32\DRIVERS\usbuhci.sys
2010/08/12 18:52:50.0601 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) W:\Windows\system32\DRIVERS\vdrvroot.sys
2010/08/12 18:52:51.0085 vga (17c408214ea61696cec9c66e388b14f3) W:\Windows\system32\DRIVERS\vgapnp.sys
2010/08/12 18:52:51.0491 VgaSave (8e38096ad5c8570a6f1570a61e251561) W:\Windows\System32\drivers\vga.sys
2010/08/12 18:52:51.0927 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) W:\Windows\system32\DRIVERS\vhdmp.sys
2010/08/12 18:52:52.0364 viaagp (c829317a37b4bea8f39735d4b076e923) W:\Windows\system32\DRIVERS\viaagp.sys
2010/08/12 18:52:52.0801 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) W:\Windows\system32\DRIVERS\viac7.sys
2010/08/12 18:52:53.0222 viaide (e43574f6a56a0ee11809b48c09e4fd3c) W:\Windows\system32\DRIVERS\viaide.sys
2010/08/12 18:52:53.0643 vmbus (379b349f65f453d2a6e75ea6b7448e49) W:\Windows\system32\DRIVERS\vmbus.sys
2010/08/12 18:52:54.0080 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) W:\Windows\system32\DRIVERS\VMBusHID.sys
2010/08/12 18:52:54.0486 volmgr (384e5a2aa49934295171e499f86ba6f3) W:\Windows\system32\DRIVERS\volmgr.sys
2010/08/12 18:52:54.0938 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) W:\Windows\system32\drivers\volmgrx.sys
2010/08/12 18:52:55.0391 volsnap (58df9d2481a56edde167e51b334d44fd) W:\Windows\system32\DRIVERS\volsnap.sys
2010/08/12 18:52:55.0843 vsmraid (9dfa0cc2f8855a04816729651175b631) W:\Windows\system32\DRIVERS\vsmraid.sys
2010/08/12 18:52:56.0280 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) W:\Windows\system32\DRIVERS\vwifibus.sys
2010/08/12 18:52:56.0717 vwififlt (7090d3436eeb4e7da3373090a23448f7) W:\Windows\system32\DRIVERS\vwififlt.sys
2010/08/12 18:52:57.0200 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) W:\Windows\system32\DRIVERS\vwifimp.sys
2010/08/12 18:52:57.0653 WacomPen (de3721e89c653aa281428c8a69745d90) W:\Windows\system32\DRIVERS\wacompen.sys
2010/08/12 18:52:58.0089 WANARP (692a712062146e96d28ba0b7d75de31b) W:\Windows\system32\DRIVERS\wanarp.sys
2010/08/12 18:52:58.0105 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) W:\Windows\system32\DRIVERS\wanarp.sys
2010/08/12 18:52:58.0604 Wd (1112a9badacb47b7c0bb0392e3158dff) W:\Windows\system32\DRIVERS\wd.sys
2010/08/12 18:52:59.0041 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) W:\Windows\system32\drivers\Wdf01000.sys
2010/08/12 18:52:59.0571 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) W:\Windows\system32\DRIVERS\wfplwf.sys
2010/08/12 18:52:59.0993 WIMMount (5cf95b35e59e2a38023836fff31be64c) W:\Windows\system32\drivers\wimmount.sys
2010/08/12 18:53:00.0523 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) W:\Windows\system32\DRIVERS\WinUsb.sys
2010/08/12 18:53:00.0991 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) W:\Windows\system32\DRIVERS\wmiacpi.sys
2010/08/12 18:53:01.0459 ws2ifsl (6db3276587b853bf886b69528fdb048c) W:\Windows\system32\drivers\ws2ifsl.sys
2010/08/12 18:53:01.0927 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) W:\Windows\system32\drivers\WudfPf.sys
2010/08/12 18:53:02.0395 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) W:\Windows\system32\DRIVERS\WUDFRd.sys
2010/08/12 18:53:02.0520 ================================================================================
2010/08/12 18:53:02.0520 Scan finished
2010/08/12 18:53:02.0520 ================================================================================
2010/08/12 18:53:02.0535 Detected object count: 2
2010/08/12 18:53:36.0668 nsiproxy (29f738eb73abca38e09cfa158387b93c) W:\Windows\system32\drivers\nsiproxy.sys
2010/08/12 18:53:36.0668 Suspicious file (Forged): W:\Windows\system32\drivers\nsiproxy.sys. Real md5: 29f738eb73abca38e09cfa158387b93c, Fake md5: e9a0a4d07e53d8fea2bb8387a3293c58
2010/08/12 18:53:36.0856 Backup copy found, using it..
2010/08/12 18:53:36.0887 W:\Windows\system32\drivers\nsiproxy.sys - will be cured after reboot
2010/08/12 18:53:36.0887 Rootkit.Win32.TDSS.tdl3(nsiproxy) - User select action: Cure
2010/08/12 18:53:36.0887 Locked file(sptd) - User select action: Skip
2010/08/12 18:53:53.0392 Deinitialize success

#11 andyreid

andyreid
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:01 AM

Posted 13 August 2010 - 06:08 AM

that was the sacn i did yeasteday and here is the one i did

2010/08/13 12:05:15.0368 TDSS rootkit removing tool 2.4.1.1 Aug 10 2010 14:48:09
2010/08/13 12:05:15.0368 ================================================================================
2010/08/13 12:05:15.0368 SystemInfo:
2010/08/13 12:05:15.0368
2010/08/13 12:05:15.0368 OS Version: 6.1.7600 ServicePack: 0.0
2010/08/13 12:05:15.0368 Product type: Workstation
2010/08/13 12:05:15.0368 ComputerName: BALRAM-PC
2010/08/13 12:05:15.0368 UserName: Krishna
2010/08/13 12:05:15.0368 Windows directory: W:\Windows
2010/08/13 12:05:15.0368 System windows directory: W:\Windows
2010/08/13 12:05:15.0368 Processor architecture: Intel x86
2010/08/13 12:05:15.0368 Number of processors: 2
2010/08/13 12:05:15.0368 Page size: 0x1000
2010/08/13 12:05:15.0368 Boot type: Normal boot
2010/08/13 12:05:15.0368 ================================================================================
2010/08/13 12:05:20.0251 Initialize success
2010/08/13 12:05:23.0651 ================================================================================
2010/08/13 12:05:23.0651 Scan started
2010/08/13 12:05:23.0651 Mode: Manual;
2010/08/13 12:05:23.0651 ================================================================================
2010/08/13 12:05:24.0899 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) W:\Windows\system32\DRIVERS\1394ohci.sys
2010/08/13 12:05:25.0445 ACPI (f0e07d144c8685b8774bc32fc8da4df0) W:\Windows\system32\DRIVERS\ACPI.sys
2010/08/13 12:05:25.0945 AcpiPmi (98d81ca942d19f7d9153b095162ac013) W:\Windows\system32\DRIVERS\acpipmi.sys
2010/08/13 12:05:26.0506 adp94xx (21e785ebd7dc90a06391141aac7892fb) W:\Windows\system32\DRIVERS\adp94xx.sys
2010/08/13 12:05:27.0005 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) W:\Windows\system32\DRIVERS\adpahci.sys
2010/08/13 12:05:27.0489 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) W:\Windows\system32\DRIVERS\adpu320.sys
2010/08/13 12:05:28.0035 AFD (ddc040fdb01ef1712a6b13e52afb104c) W:\Windows\system32\drivers\afd.sys
2010/08/13 12:05:28.0581 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) W:\Windows\system32\DRIVERS\AGRSM.sys
2010/08/13 12:05:29.0127 agp440 (507812c3054c21cef746b6ee3d04dd6e) W:\Windows\system32\DRIVERS\agp440.sys
2010/08/13 12:05:29.0642 aic78xx (8b30250d573a8f6b4bd23195160d8707) W:\Windows\system32\DRIVERS\djsvs.sys
2010/08/13 12:05:30.0188 aliide (0d40bcf52ea90fc7df2aeab6503dea44) W:\Windows\system32\DRIVERS\aliide.sys
2010/08/13 12:05:31.0732 amdagp (3c6600a0696e90a463771c7422e23ab5) W:\Windows\system32\DRIVERS\amdagp.sys
2010/08/13 12:05:32.0434 amdide (cd5914170297126b6266860198d1d4f0) W:\Windows\system32\DRIVERS\amdide.sys
2010/08/13 12:05:32.0996 AmdK8 (00dda200d71bac534bf56a9db5dfd666) W:\Windows\system32\DRIVERS\amdk8.sys
2010/08/13 12:05:33.0823 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) W:\Windows\system32\DRIVERS\amdppm.sys
2010/08/13 12:05:34.0322 amdsata (2101a86c25c154f8314b24ef49d7fbc2) W:\Windows\system32\DRIVERS\amdsata.sys
2010/08/13 12:05:34.0821 amdsbs (ea43af0c423ff267355f74e7a53bdaba) W:\Windows\system32\DRIVERS\amdsbs.sys
2010/08/13 12:05:35.0273 amdxata (b81c2b5616f6420a9941ea093a92b150) W:\Windows\system32\DRIVERS\amdxata.sys
2010/08/13 12:05:35.0741 AppID (feb834c02ce1e84b6a38f953ca067706) W:\Windows\system32\drivers\appid.sys
2010/08/13 12:05:36.0241 arc (2932004f49677bd84dbc72edb754ffb3) W:\Windows\system32\DRIVERS\arc.sys
2010/08/13 12:05:36.0755 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) W:\Windows\system32\DRIVERS\arcsas.sys
2010/08/13 12:05:37.0208 AsyncMac (add2ade1c2b285ab8378d2daaf991481) W:\Windows\system32\DRIVERS\asyncmac.sys
2010/08/13 12:05:37.0660 atapi (338c86357871c167a96ab976519bf59e) W:\Windows\system32\DRIVERS\atapi.sys
2010/08/13 12:05:38.0159 athr (ac4adac154563ab41cc79b0257bc685a) W:\Windows\system32\DRIVERS\athr.sys
2010/08/13 12:05:38.0705 Avgfwfd (26a4640a8f16f8ce39b93329c83bb15a) W:\Windows\system32\DRIVERS\avgfwd6x.sys
2010/08/13 12:05:39.0095 AVGIDSDriverw7x (9e6b5bc75fd68b0d56a6f68a2d967241) W:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSDriver.sys
2010/08/13 12:05:39.0595 AVGIDSErHrw7x (25d906e3419ec2e7813d0627dd054032) W:\Windows\system32\Drivers\AVGIDSwx.sys
2010/08/13 12:05:39.0907 AVGIDSFilterw7x (57b9a71774c9e334dc8ef97657ff18a1) W:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSFilter.sys
2010/08/13 12:05:40.0203 AVGIDSShimw7x (c996c03d160137938a122a951305d645) W:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSShim.sys
2010/08/13 12:05:40.0702 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) W:\Windows\System32\Drivers\avgldx86.sys
2010/08/13 12:05:41.0186 AvgMfx86 (53b3f979930a786a614d29cafe99f645) W:\Windows\System32\Drivers\avgmfx86.sys
2010/08/13 12:05:41.0685 AvgRkx86 (5bbcd8646074a3af4ee9b321d12c2b64) W:\Windows\system32\Drivers\avgrkx86.sys
2010/08/13 12:05:42.0153 AvgTdiX (22e3b793c3e61720f03d3a22351af410) W:\Windows\System32\Drivers\avgtdix.sys
2010/08/13 12:05:42.0777 b06bdrv (1a231abec60fd316ec54c66715543cec) W:\Windows\system32\DRIVERS\bxvbdx.sys
2010/08/13 12:05:43.0276 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) W:\Windows\system32\DRIVERS\b57nd60x.sys
2010/08/13 12:05:43.0791 Beep (505506526a9d467307b3c393dedaf858) W:\Windows\system32\drivers\Beep.sys
2010/08/13 12:05:44.0337 blbdrive (2287078ed48fcfc477b05b20cf38f36f) W:\Windows\system32\DRIVERS\blbdrive.sys
2010/08/13 12:05:44.0758 bowser (fcafaef6798d7b51ff029f99a9898961) W:\Windows\system32\DRIVERS\bowser.sys
2010/08/13 12:05:45.0195 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) W:\Windows\system32\DRIVERS\BrFiltLo.sys
2010/08/13 12:05:45.0632 BrFiltUp (56801ad62213a41f6497f96dee83755a) W:\Windows\system32\DRIVERS\BrFiltUp.sys
2010/08/13 12:05:46.0100 Brserid (845b8ce732e67f3b4133164868c666ea) W:\Windows\System32\Drivers\Brserid.sys
2010/08/13 12:05:46.0537 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) W:\Windows\System32\Drivers\BrSerWdm.sys
2010/08/13 12:05:46.0958 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) W:\Windows\System32\Drivers\BrUsbMdm.sys
2010/08/13 12:05:47.0395 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) W:\Windows\System32\Drivers\BrUsbSer.sys
2010/08/13 12:05:48.0549 BthEnum (2865a5c8e98c70c605f417908cebb3a4) W:\Windows\system32\DRIVERS\BthEnum.sys
2010/08/13 12:05:49.0079 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) W:\Windows\system32\DRIVERS\bthmodem.sys
2010/08/13 12:05:49.0532 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) W:\Windows\system32\DRIVERS\bthpan.sys
2010/08/13 12:05:49.0984 BTHPORT (4a34888e13224678dd062466afec4240) W:\Windows\system32\Drivers\BTHport.sys
2010/08/13 12:05:50.0468 BTHUSB (fa04c63916fa221dbb91fce153d07a55) W:\Windows\system32\Drivers\BTHUSB.sys
2010/08/13 12:05:50.0920 cdfs (77ea11b065e0a8ab902d78145ca51e10) W:\Windows\system32\DRIVERS\cdfs.sys
2010/08/13 12:05:51.0373 cdrom (ba6e70aa0e6091bc39de29477d866a77) W:\Windows\system32\DRIVERS\cdrom.sys
2010/08/13 12:05:51.0841 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) W:\Windows\system32\DRIVERS\circlass.sys
2010/08/13 12:05:52.0184 CLFS (635181e0e9bbf16871bf5380d71db02d) W:\Windows\system32\CLFS.sys
2010/08/13 12:05:52.0636 CmBatt (dea805815e587dad1dd2c502220b5616) W:\Windows\system32\DRIVERS\CmBatt.sys
2010/08/13 12:05:53.0089 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) W:\Windows\system32\DRIVERS\cmdide.sys
2010/08/13 12:05:53.0525 CNG (1b675691ed940766149c93e8f4488d68) W:\Windows\system32\Drivers\cng.sys
2010/08/13 12:05:54.0040 Compbatt (a6023d3823c37043986713f118a89bee) W:\Windows\system32\DRIVERS\compbatt.sys
2010/08/13 12:05:54.0493 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) W:\Windows\system32\DRIVERS\CompositeBus.sys
2010/08/13 12:05:54.0680 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) W:\Program Files\SystemRequirementsLab\cpudrv.sys
2010/08/13 12:05:55.0148 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) W:\Windows\system32\DRIVERS\crcdisk.sys
2010/08/13 12:05:55.0616 CSC (27c9490bdd0ae48911ab8cf1932591ed) W:\Windows\system32\drivers\csc.sys
2010/08/13 12:05:56.0115 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) W:\Windows\system32\Drivers\dfsc.sys
2010/08/13 12:05:56.0614 discache (1a050b0274bfb3890703d490f330c0da) W:\Windows\system32\drivers\discache.sys
2010/08/13 12:05:57.0129 Disk (565003f326f99802e68ca78f2a68e9ff) W:\Windows\system32\DRIVERS\disk.sys
2010/08/13 12:05:57.0659 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) W:\Windows\system32\drivers\drmkaud.sys
2010/08/13 12:05:58.0205 DXGKrnl (39806cfeddcc55e686a49bccd2972f23) W:\Windows\System32\drivers\dxgkrnl.sys
2010/08/13 12:05:58.0845 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) W:\Windows\system32\DRIVERS\evbdx.sys
2010/08/13 12:05:59.0360 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) W:\Windows\system32\DRIVERS\elxstor.sys
2010/08/13 12:05:59.0797 ErrDev (8fc3208352dd3912c94367a206ab3f11) W:\Windows\system32\DRIVERS\errdev.sys
2010/08/13 12:06:00.0280 exfat (2dc9108d74081149cc8b651d3a26207f) W:\Windows\system32\drivers\exfat.sys
2010/08/13 12:06:00.0717 fastfat (7e0ab74553476622fb6ae36f73d97d35) W:\Windows\system32\drivers\fastfat.sys
2010/08/13 12:06:01.0169 fdc (e817a017f82df2a1f8cfdbda29388b29) W:\Windows\system32\DRIVERS\fdc.sys
2010/08/13 12:06:01.0622 FileInfo (6cf00369c97f3cf563be99be983d13d8) W:\Windows\system32\drivers\fileinfo.sys
2010/08/13 12:06:02.0090 Filetrace (42c51dc94c91da21cb9196eb64c45db9) W:\Windows\system32\drivers\filetrace.sys
2010/08/13 12:06:02.0511 flpydisk (87907aa70cb3c56600f1c2fb8841579b) W:\Windows\system32\DRIVERS\flpydisk.sys
2010/08/13 12:06:02.0995 FltMgr (7520ec808e0c35e0ee6f841294316653) W:\Windows\system32\drivers\fltmgr.sys
2010/08/13 12:06:03.0463 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) W:\Windows\system32\drivers\FsDepends.sys
2010/08/13 12:06:03.0931 Fs_Rec (a574b4360e438977038aae4bf60d79a2) W:\Windows\system32\drivers\Fs_Rec.sys
2010/08/13 12:06:04.0367 fvevol (5592f5dba26282d24d2b080eb438a4d7) W:\Windows\system32\DRIVERS\fvevol.sys
2010/08/13 12:06:04.0804 FwLnk (cbc22823628544735625b280665e434e) W:\Windows\system32\DRIVERS\FwLnk.sys
2010/08/13 12:06:05.0257 gagp30kx (65ee0c7a58b65e74ae05637418153938) W:\Windows\system32\DRIVERS\gagp30kx.sys
2010/08/13 12:06:05.0709 hcw85cir (c44e3c2bab6837db337ddee7544736db) W:\Windows\system32\drivers\hcw85cir.sys
2010/08/13 12:06:06.0161 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) W:\Windows\system32\drivers\HdAudio.sys
2010/08/13 12:06:06.0614 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) W:\Windows\system32\DRIVERS\HDAudBus.sys
2010/08/13 12:06:07.0066 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) W:\Windows\system32\DRIVERS\HidBatt.sys
2010/08/13 12:06:07.0519 HidBth (89448f40e6df260c206a193a4683ba78) W:\Windows\system32\DRIVERS\hidbth.sys
2010/08/13 12:06:07.0955 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) W:\Windows\system32\DRIVERS\hidir.sys
2010/08/13 12:06:08.0486 HidUsb (25072fb35ac90b25f9e4e3bacf774102) W:\Windows\system32\DRIVERS\hidusb.sys
2010/08/13 12:06:09.0001 HpSAMD (295fdc419039090eb8b49ffdbb374549) W:\Windows\system32\DRIVERS\HpSAMD.sys
2010/08/13 12:06:09.0469 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) W:\Windows\system32\drivers\HTTP.sys
2010/08/13 12:06:09.0921 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) W:\Windows\system32\drivers\hwpolicy.sys
2010/08/13 12:06:10.0436 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) W:\Windows\system32\DRIVERS\i8042prt.sys
2010/08/13 12:06:10.0904 iaStorV (934af4d7c5f457b9f0743f4299b77b67) W:\Windows\system32\DRIVERS\iaStorV.sys
2010/08/13 12:06:11.0731 igfx (b1a8d4427bd6ee7818cd2e6169535e88) W:\Windows\system32\DRIVERS\igdkmd32.sys
2010/08/13 12:06:12.0245 iirsp (4173ff5708f3236cf25195fecd742915) W:\Windows\system32\DRIVERS\iirsp.sys
2010/08/13 12:06:12.0713 intelide (a0f12f2c9ba6c72f3987ce780e77c130) W:\Windows\system32\DRIVERS\intelide.sys
2010/08/13 12:06:13.0150 intelppm (3b514d27bfc4accb4037bc6685f766e0) W:\Windows\system32\DRIVERS\intelppm.sys
2010/08/13 12:06:13.0618 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) W:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/08/13 12:06:14.0133 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) W:\Windows\system32\DRIVERS\IPMIDrv.sys
2010/08/13 12:06:14.0617 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) W:\Windows\system32\drivers\ipnat.sys
2010/08/13 12:06:15.0069 IRENUM (42996cff20a3084a56017b7902307e9f) W:\Windows\system32\drivers\irenum.sys
2010/08/13 12:06:15.0553 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) W:\Windows\system32\DRIVERS\isapnp.sys
2010/08/13 12:06:15.0989 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) W:\Windows\system32\DRIVERS\msiscsi.sys
2010/08/13 12:06:16.0473 kbdclass (adef52ca1aeae82b50df86b56413107e) W:\Windows\system32\DRIVERS\kbdclass.sys
2010/08/13 12:06:16.0941 kbdhid (3d9f0ebf350edcfd6498057301455964) W:\Windows\system32\DRIVERS\kbdhid.sys
2010/08/13 12:06:17.0409 KSecDD (e36a061ec11b373826905b21be10948f) W:\Windows\system32\Drivers\ksecdd.sys
2010/08/13 12:06:17.0877 KSecPkg (26c046977e85b95036453d7b88ba1820) W:\Windows\system32\Drivers\ksecpkg.sys
2010/08/13 12:06:18.0392 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) W:\Windows\system32\DRIVERS\lltdio.sys
2010/08/13 12:06:18.0891 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) W:\Windows\system32\DRIVERS\lsi_fc.sys
2010/08/13 12:06:19.0359 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) W:\Windows\system32\DRIVERS\lsi_sas.sys
2010/08/13 12:06:19.0843 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) W:\Windows\system32\DRIVERS\lsi_sas2.sys
2010/08/13 12:06:20.0326 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) W:\Windows\system32\DRIVERS\lsi_scsi.sys
2010/08/13 12:06:20.0825 luafv (6703e366cc18d3b6e534f5cf7df39cee) W:\Windows\system32\drivers\luafv.sys
2010/08/13 12:06:21.0309 megasas (0fff5b045293002ab38eb1fd1fc2fb74) W:\Windows\system32\DRIVERS\megasas.sys
2010/08/13 12:06:21.0808 MegaSR (dcbab2920c75f390caf1d29f675d03d6) W:\Windows\system32\DRIVERS\MegaSR.sys
2010/08/13 12:06:22.0307 Modem (f001861e5700ee84e2d4e52c712f4964) W:\Windows\system32\drivers\modem.sys
2010/08/13 12:06:22.0760 monitor (79d10964de86b292320e9dfe02282a23) W:\Windows\system32\DRIVERS\monitor.sys
2010/08/13 12:06:23.0228 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) W:\Windows\system32\DRIVERS\mouclass.sys
2010/08/13 12:06:23.0711 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) W:\Windows\system32\DRIVERS\mouhid.sys
2010/08/13 12:06:24.0179 mountmgr (921c18727c5920d6c0300736646931c2) W:\Windows\system32\drivers\mountmgr.sys
2010/08/13 12:06:24.0632 mpio (2af5997438c55fb79d33d015c30e1974) W:\Windows\system32\DRIVERS\mpio.sys
2010/08/13 12:06:25.0115 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) W:\Windows\system32\drivers\mpsdrv.sys
2010/08/13 12:06:25.0583 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) W:\Windows\system32\drivers\mrxdav.sys
2010/08/13 12:06:26.0067 mrxsmb (f4a054be78af7f410129c4b64b07dc9b) W:\Windows\system32\DRIVERS\mrxsmb.sys
2010/08/13 12:06:26.0519 mrxsmb10 (deffa295bd1895c6ed8e3078412ac60b) W:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/08/13 12:06:26.0972 mrxsmb20 (24d76abe5dcad22f19d105f76fdf0ce1) W:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/08/13 12:06:27.0455 msahci (4326d168944123f38dd3b2d9c37a0b12) W:\Windows\system32\DRIVERS\msahci.sys
2010/08/13 12:06:27.0923 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) W:\Windows\system32\DRIVERS\msdsm.sys
2010/08/13 12:06:28.0423 Msfs (daefb28e3af5a76abcc2c3078c07327f) W:\Windows\system32\drivers\Msfs.sys
2010/08/13 12:06:28.0875 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) W:\Windows\System32\drivers\mshidkmdf.sys
2010/08/13 12:06:29.0327 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) W:\Windows\system32\DRIVERS\msisadrv.sys
2010/08/13 12:06:29.0827 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) W:\Windows\system32\drivers\MSKSSRV.sys
2010/08/13 12:06:30.0326 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) W:\Windows\system32\drivers\MSPCLOCK.sys
2010/08/13 12:06:30.0825 MSPQM (f456e973590d663b1073e9c463b40932) W:\Windows\system32\drivers\MSPQM.sys
2010/08/13 12:06:31.0293 MsRPC (0e008fc4819d238c51d7c93e7b41e560) W:\Windows\system32\drivers\MsRPC.sys
2010/08/13 12:06:31.0792 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) W:\Windows\system32\DRIVERS\mssmbios.sys
2010/08/13 12:06:32.0260 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) W:\Windows\system32\drivers\MSTEE.sys
2010/08/13 12:06:32.0744 MTConfig (33599130f44e1f34631cea241de8ac84) W:\Windows\system32\DRIVERS\MTConfig.sys
2010/08/13 12:06:33.0227 Mup (159fad02f64e6381758c990f753bcc80) W:\Windows\system32\Drivers\mup.sys
2010/08/13 12:06:33.0742 NativeWifiP (26384429fcd85d83746f63e798ab1480) W:\Windows\system32\DRIVERS\nwifi.sys
2010/08/13 12:06:34.0241 NDIS (23759d175a0a9baaf04d05047bc135a8) W:\Windows\system32\drivers\ndis.sys
2010/08/13 12:06:34.0756 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) W:\Windows\system32\DRIVERS\ndiscap.sys
2010/08/13 12:06:35.0271 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) W:\Windows\system32\DRIVERS\ndistapi.sys
2010/08/13 12:06:35.0723 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) W:\Windows\system32\DRIVERS\ndisuio.sys
2010/08/13 12:06:36.0285 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) W:\Windows\system32\DRIVERS\ndiswan.sys
2010/08/13 12:06:36.0722 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) W:\Windows\system32\drivers\NDProxy.sys
2010/08/13 12:06:37.0190 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) W:\Windows\system32\DRIVERS\netbios.sys
2010/08/13 12:06:37.0627 NetBT (dd52a733bf4ca5af84562a5e2f963b91) W:\Windows\system32\DRIVERS\netbt.sys
2010/08/13 12:06:38.0188 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) W:\Windows\system32\DRIVERS\nfrd960.sys
2010/08/13 12:06:38.0656 Npfs (1db262a9f8c087e8153d89bef3d2235f) W:\Windows\system32\drivers\Npfs.sys
2010/08/13 12:06:39.0124 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) W:\Windows\system32\drivers\nsiproxy.sys
2010/08/13 12:06:39.0639 Ntfs (3795dcd21f740ee799fb7223234215af) W:\Windows\system32\drivers\Ntfs.sys
2010/08/13 12:06:40.0123 Null (f9756a98d69098dca8945d62858a812c) W:\Windows\system32\drivers\Null.sys
2010/08/13 12:06:40.0575 nvraid (3f3d04b1d08d43c16ea7963954ec768d) W:\Windows\system32\DRIVERS\nvraid.sys
2010/08/13 12:06:41.0402 nvstor (c99f251a5de63c6f129cf71933aced0f) W:\Windows\system32\DRIVERS\nvstor.sys
2010/08/13 12:06:42.0073 nv_agp (5a0983915f02bae73267cc2a041f717d) W:\Windows\system32\DRIVERS\nv_agp.sys
2010/08/13 12:06:42.0572 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) W:\Windows\system32\DRIVERS\ohci1394.sys
2010/08/13 12:06:43.0133 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) W:\Windows\system32\DRIVERS\parport.sys
2010/08/13 12:06:43.0586 partmgr (ff4218952b51de44fe910953a3e686b9) W:\Windows\system32\drivers\partmgr.sys
2010/08/13 12:06:44.0054 Parvdm (eb0a59f29c19b86479d36b35983daadc) W:\Windows\system32\DRIVERS\parvdm.sys
2010/08/13 12:06:44.0553 pci (c858cb77c577780ecc456a892e7e7d0f) W:\Windows\system32\DRIVERS\pci.sys
2010/08/13 12:06:45.0005 pciide (afe86f419014db4e5593f69ffe26ce0a) W:\Windows\system32\DRIVERS\pciide.sys
2010/08/13 12:06:45.0473 pcmcia (f396431b31693e71e8a80687ef523506) W:\Windows\system32\DRIVERS\pcmcia.sys
2010/08/13 12:06:45.0926 pcw (250f6b43d2b613172035c6747aeeb19f) W:\Windows\system32\drivers\pcw.sys
2010/08/13 12:06:46.0378 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) W:\Windows\system32\drivers\peauth.sys
2010/08/13 12:06:46.0971 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) W:\Windows\system32\DRIVERS\raspptp.sys
2010/08/13 12:06:47.0408 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) W:\Windows\system32\DRIVERS\processr.sys
2010/08/13 12:06:47.0891 Psched (6270ccae2a86de6d146529fe55b3246a) W:\Windows\system32\DRIVERS\pacer.sys
2010/08/13 12:06:48.0406 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) W:\Windows\system32\DRIVERS\ql2300.sys
2010/08/13 12:06:48.0999 ql40xx (b4dd51dd25182244b86737dc51af2270) W:\Windows\system32\DRIVERS\ql40xx.sys
2010/08/13 12:06:49.0467 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) W:\Windows\system32\drivers\qwavedrv.sys
2010/08/13 12:06:49.0935 RasAcd (30a81b53c766d0133bb86d234e5556ab) W:\Windows\system32\DRIVERS\rasacd.sys
2010/08/13 12:06:50.0403 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) W:\Windows\system32\DRIVERS\AgileVpn.sys
2010/08/13 12:06:50.0887 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) W:\Windows\system32\DRIVERS\rasl2tp.sys
2010/08/13 12:06:51.0386 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) W:\Windows\system32\DRIVERS\raspppoe.sys
2010/08/13 12:06:51.0869 RasSstp (44101f495a83ea6401d886e7fd70096b) W:\Windows\system32\DRIVERS\rassstp.sys
2010/08/13 12:06:52.0743 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) W:\Windows\system32\DRIVERS\rdbss.sys
2010/08/13 12:06:53.0195 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) W:\Windows\system32\DRIVERS\rdpbus.sys
2010/08/13 12:06:53.0648 RDPCDD (1e016846895b15a99f9a176a05029075) W:\Windows\system32\DRIVERS\RDPCDD.sys
2010/08/13 12:06:54.0100 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) W:\Windows\system32\drivers\rdpdr.sys
2010/08/13 12:06:54.0568 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) W:\Windows\system32\drivers\rdpencdd.sys
2010/08/13 12:06:55.0067 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) W:\Windows\system32\drivers\rdprefmp.sys
2010/08/13 12:06:55.0535 RDPWD (801371ba9782282892d00aadb08ee367) W:\Windows\system32\drivers\RDPWD.sys
2010/08/13 12:06:56.0019 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) W:\Windows\system32\drivers\rdyboost.sys
2010/08/13 12:06:56.0534 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) W:\Windows\system32\DRIVERS\rfcomm.sys
2010/08/13 12:06:57.0033 rspndr (032b0d36ad92b582d869879f5af5b928) W:\Windows\system32\DRIVERS\rspndr.sys
2010/08/13 12:06:57.0517 RTL8167 (06bd46be6141556125f89df738333720) W:\Windows\system32\DRIVERS\Rt86win7.sys
2010/08/13 12:06:58.0016 s3cap (5423d8437051e89dd34749f242c98648) W:\Windows\system32\DRIVERS\vms3cap.sys
2010/08/13 12:06:58.0484 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) W:\Windows\system32\DRIVERS\sbp2port.sys
2010/08/13 12:06:58.0983 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) W:\Windows\system32\DRIVERS\scfilter.sys
2010/08/13 12:06:59.0514 secdrv (90a3935d05b494a5a39d37e71f09a677) W:\Windows\system32\drivers\secdrv.sys
2010/08/13 12:07:00.0028 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) W:\Windows\system32\DRIVERS\serenum.sys
2010/08/13 12:07:00.0481 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) W:\Windows\system32\DRIVERS\serial.sys
2010/08/13 12:07:00.0928 sermouse (79bffb520327ff916a582dfea17aa813) W:\Windows\system32\DRIVERS\sermouse.sys
2010/08/13 12:07:01.0407 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) W:\Windows\system32\DRIVERS\sffdisk.sys
2010/08/13 12:07:01.0844 sffp_mmc (932a68ee27833cfd57c1639d375f2731) W:\Windows\system32\DRIVERS\sffp_mmc.sys
2010/08/13 12:07:02.0281 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) W:\Windows\system32\DRIVERS\sffp_sd.sys
2010/08/13 12:07:02.0749 sfloppy (db96666cc8312ebc45032f30b007a547) W:\Windows\system32\DRIVERS\sfloppy.sys
2010/08/13 12:07:03.0217 sisagp (2565cac0dc9fe0371bdce60832582b2e) W:\Windows\system32\DRIVERS\sisagp.sys
2010/08/13 12:07:03.0700 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) W:\Windows\system32\DRIVERS\SiSRaid2.sys
2010/08/13 12:07:04.0168 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) W:\Windows\system32\DRIVERS\sisraid4.sys
2010/08/13 12:07:04.0808 Smb (3e21c083b8a01cb70ba1f09303010fce) W:\Windows\system32\DRIVERS\smb.sys
2010/08/13 12:07:05.0619 spldr (95cf1ae7527fb70f7816563cbc09d942) W:\Windows\system32\drivers\spldr.sys
2010/08/13 12:07:06.0321 sptd (cdddec541bc3c96f91ecb48759673505) W:\Windows\system32\Drivers\sptd.sys
2010/08/13 12:07:06.0321 Suspicious file (NoAccess): W:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2010/08/13 12:07:06.0337 sptd - detected Locked file (1)
2010/08/13 12:07:06.0820 srv (2ba4ebc7dfba845a1edbe1f75913be33) W:\Windows\system32\DRIVERS\srv.sys
2010/08/13 12:07:07.0304 srv2 (dce7e10feaabd4cae95948b3de5340bb) W:\Windows\system32\DRIVERS\srv2.sys
2010/08/13 12:07:07.0772 srvnet (b5665baa2120b8a54e22e9cd07c05106) W:\Windows\system32\DRIVERS\srvnet.sys
2010/08/13 12:07:08.0256 stexstor (db32d325c192b801df274bfd12a7e72b) W:\Windows\system32\DRIVERS\stexstor.sys
2010/08/13 12:07:08.0724 storflt (957e346ca948668f2496a6ccf6ff82cc) W:\Windows\system32\DRIVERS\vmstorfl.sys
2010/08/13 12:07:09.0207 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) W:\Windows\system32\DRIVERS\storvsc.sys
2010/08/13 12:07:09.0691 swenum (e58c78a848add9610a4db6d214af5224) W:\Windows\system32\DRIVERS\swenum.sys
2010/08/13 12:07:10.0190 SynTP (8bd10dc8809dc69a1c5a795cb10add76) W:\Windows\system32\DRIVERS\SynTP.sys
2010/08/13 12:07:11.0095 Tcpip (2cc3d75488abd3ec628bbb9a4fc84efc) W:\Windows\system32\drivers\tcpip.sys
2010/08/13 12:07:11.0610 TCPIP6 (2cc3d75488abd3ec628bbb9a4fc84efc) W:\Windows\system32\DRIVERS\tcpip.sys
2010/08/13 12:07:12.0078 tcpipreg (e64444523add154f86567c469bc0b17f) W:\Windows\system32\drivers\tcpipreg.sys
2010/08/13 12:07:12.0561 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) W:\Windows\system32\drivers\tdpipe.sys
2010/08/13 12:07:13.0029 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) W:\Windows\system32\drivers\tdtcp.sys
2010/08/13 12:07:13.0482 tdx (cb39e896a2a83702d1737bfd402b3542) W:\Windows\system32\DRIVERS\tdx.sys
2010/08/13 12:07:13.0950 TermDD (c36f41ee20e6999dbf4b0425963268a5) W:\Windows\system32\DRIVERS\termdd.sys
2010/08/13 12:07:14.0433 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) W:\Windows\system32\DRIVERS\tssecsrv.sys
2010/08/13 12:07:14.0745 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) W:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
2010/08/13 12:07:15.0260 tunnel (3e461d890a97f9d4c168f5fda36e1d00) W:\Windows\system32\DRIVERS\tunnel.sys
2010/08/13 12:07:15.0744 TVALZ (fc24015b4052600c324c43e3a79c0664) W:\Windows\system32\DRIVERS\TVALZ_O.SYS
2010/08/13 12:07:16.0196 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) W:\Windows\system32\DRIVERS\uagp35.sys
2010/08/13 12:07:16.0617 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) W:\Windows\system32\DRIVERS\udfs.sys
2010/08/13 12:07:17.0132 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) W:\Windows\system32\DRIVERS\uliagpkx.sys
2010/08/13 12:07:17.0584 umbus (049b3a50b3d646baeeee9eec9b0668dc) W:\Windows\system32\DRIVERS\umbus.sys
2010/08/13 12:07:18.0037 UmPass (7550ad0c6998ba1cb4843e920ee0feac) W:\Windows\system32\DRIVERS\umpass.sys
2010/08/13 12:07:18.0489 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) W:\Windows\system32\DRIVERS\usbccgp.sys
2010/08/13 12:07:18.0973 usbcir (04ec7cec62ec3b6d9354eee93327fc82) W:\Windows\system32\DRIVERS\usbcir.sys
2010/08/13 12:07:19.0410 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) W:\Windows\system32\DRIVERS\usbehci.sys
2010/08/13 12:07:19.0893 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) W:\Windows\system32\DRIVERS\usbhub.sys
2010/08/13 12:07:20.0361 usbohci (a6fb7957ea7afb1165991e54ce934b74) W:\Windows\system32\DRIVERS\usbohci.sys
2010/08/13 12:07:20.0845 usbprint (797d862fe0875e75c7cc4c1ad7b30252) W:\Windows\system32\DRIVERS\usbprint.sys
2010/08/13 12:07:21.0328 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) W:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/08/13 12:07:21.0765 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) W:\Windows\system32\DRIVERS\usbuhci.sys
2010/08/13 12:07:22.0264 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) W:\Windows\system32\DRIVERS\vdrvroot.sys
2010/08/13 12:07:22.0764 vga (17c408214ea61696cec9c66e388b14f3) W:\Windows\system32\DRIVERS\vgapnp.sys
2010/08/13 12:07:23.0216 VgaSave (8e38096ad5c8570a6f1570a61e251561) W:\Windows\System32\drivers\vga.sys
2010/08/13 12:07:23.0684 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) W:\Windows\system32\DRIVERS\vhdmp.sys
2010/08/13 12:07:24.0168 viaagp (c829317a37b4bea8f39735d4b076e923) W:\Windows\system32\DRIVERS\viaagp.sys
2010/08/13 12:07:24.0620 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) W:\Windows\system32\DRIVERS\viac7.sys
2010/08/13 12:07:25.0150 viaide (e43574f6a56a0ee11809b48c09e4fd3c) W:\Windows\system32\DRIVERS\viaide.sys
2010/08/13 12:07:25.0618 vmbus (379b349f65f453d2a6e75ea6b7448e49) W:\Windows\system32\DRIVERS\vmbus.sys
2010/08/13 12:07:26.0086 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) W:\Windows\system32\DRIVERS\VMBusHID.sys
2010/08/13 12:07:26.0539 volmgr (384e5a2aa49934295171e499f86ba6f3) W:\Windows\system32\DRIVERS\volmgr.sys
2010/08/13 12:07:27.0007 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) W:\Windows\system32\drivers\volmgrx.sys
2010/08/13 12:07:27.0475 volsnap (58df9d2481a56edde167e51b334d44fd) W:\Windows\system32\DRIVERS\volsnap.sys
2010/08/13 12:07:27.0927 vsmraid (9dfa0cc2f8855a04816729651175b631) W:\Windows\system32\DRIVERS\vsmraid.sys
2010/08/13 12:07:28.0411 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) W:\Windows\system32\DRIVERS\vwifibus.sys
2010/08/13 12:07:28.0910 vwififlt (7090d3436eeb4e7da3373090a23448f7) W:\Windows\system32\DRIVERS\vwififlt.sys
2010/08/13 12:07:29.0456 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) W:\Windows\system32\DRIVERS\vwifimp.sys
2010/08/13 12:07:29.0924 WacomPen (de3721e89c653aa281428c8a69745d90) W:\Windows\system32\DRIVERS\wacompen.sys
2010/08/13 12:07:30.0392 WANARP (692a712062146e96d28ba0b7d75de31b) W:\Windows\system32\DRIVERS\wanarp.sys
2010/08/13 12:07:30.0408 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) W:\Windows\system32\DRIVERS\wanarp.sys
2010/08/13 12:07:30.0907 Wd (1112a9badacb47b7c0bb0392e3158dff) W:\Windows\system32\DRIVERS\wd.sys
2010/08/13 12:07:31.0390 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) W:\Windows\system32\drivers\Wdf01000.sys
2010/08/13 12:07:31.0921 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) W:\Windows\system32\DRIVERS\wfplwf.sys
2010/08/13 12:07:32.0358 WIMMount (5cf95b35e59e2a38023836fff31be64c) W:\Windows\system32\drivers\wimmount.sys
2010/08/13 12:07:32.0950 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) W:\Windows\system32\DRIVERS\WinUsb.sys
2010/08/13 12:07:33.0403 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) W:\Windows\system32\DRIVERS\wmiacpi.sys
2010/08/13 12:07:33.0902 ws2ifsl (6db3276587b853bf886b69528fdb048c) W:\Windows\system32\drivers\ws2ifsl.sys
2010/08/13 12:07:34.0386 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) W:\Windows\system32\drivers\WudfPf.sys
2010/08/13 12:07:34.0900 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) W:\Windows\system32\DRIVERS\WUDFRd.sys
2010/08/13 12:07:35.0072 ================================================================================
2010/08/13 12:07:35.0072 Scan finished
2010/08/13 12:07:35.0072 ================================================================================
2010/08/13 12:07:35.0088 Detected object count: 1
2010/08/13 12:07:43.0886 Locked file(sptd) - User select action: Skip
2010/08/13 12:07:50.0391 Deinitialize success

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:01 AM

Posted 13 August 2010 - 12:58 PM

You need to select Cure.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 andyreid

andyreid
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:01 AM

Posted 14 August 2010 - 03:50 AM

cure for what?

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:01 AM

Posted 14 August 2010 - 10:08 AM

In the above scan it shows
2010/08/13 12:07:35.0088 Detected object count: 1
2010/08/13 12:07:43.0886 Locked file(sptd) - User select action: Skip

We need to rerun I believe and select Cure.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 andyreid

andyreid
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:01 AM

Posted 15 August 2010 - 05:45 AM

i could not cure the file so i quarantine it

2010/08/15 11:40:14.0856 TDSS rootkit removing tool 2.4.1.1 Aug 10 2010 14:48:09
2010/08/15 11:40:14.0856 ================================================================================
2010/08/15 11:40:14.0856 SystemInfo:
2010/08/15 11:40:14.0856
2010/08/15 11:40:14.0856 OS Version: 6.1.7600 ServicePack: 0.0
2010/08/15 11:40:14.0856 Product type: Workstation
2010/08/15 11:40:14.0856 ComputerName: BALRAM-PC
2010/08/15 11:40:14.0856 UserName: Krishna
2010/08/15 11:40:14.0856 Windows directory: W:\Windows
2010/08/15 11:40:14.0856 System windows directory: W:\Windows
2010/08/15 11:40:14.0856 Processor architecture: Intel x86
2010/08/15 11:40:14.0856 Number of processors: 2
2010/08/15 11:40:14.0856 Page size: 0x1000
2010/08/15 11:40:14.0856 Boot type: Normal boot
2010/08/15 11:40:14.0856 ================================================================================
2010/08/15 11:40:29.0457 Initialize success
2010/08/15 11:40:31.0751 ================================================================================
2010/08/15 11:40:31.0751 Scan started
2010/08/15 11:40:31.0751 Mode: Manual;
2010/08/15 11:40:31.0751 ================================================================================
2010/08/15 11:40:35.0089 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) W:\Windows\system32\DRIVERS\1394ohci.sys
2010/08/15 11:40:35.0978 ACPI (f0e07d144c8685b8774bc32fc8da4df0) W:\Windows\system32\DRIVERS\ACPI.sys
2010/08/15 11:40:36.0945 AcpiPmi (98d81ca942d19f7d9153b095162ac013) W:\Windows\system32\DRIVERS\acpipmi.sys
2010/08/15 11:40:37.0866 adp94xx (21e785ebd7dc90a06391141aac7892fb) W:\Windows\system32\DRIVERS\adp94xx.sys
2010/08/15 11:40:39.0176 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) W:\Windows\system32\DRIVERS\adpahci.sys
2010/08/15 11:40:40.0799 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) W:\Windows\system32\DRIVERS\adpu320.sys
2010/08/15 11:40:41.0641 AFD (ddc040fdb01ef1712a6b13e52afb104c) W:\Windows\system32\drivers\afd.sys
2010/08/15 11:40:42.0686 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) W:\Windows\system32\DRIVERS\AGRSM.sys
2010/08/15 11:40:43.0622 agp440 (507812c3054c21cef746b6ee3d04dd6e) W:\Windows\system32\DRIVERS\agp440.sys
2010/08/15 11:40:44.0745 aic78xx (8b30250d573a8f6b4bd23195160d8707) W:\Windows\system32\DRIVERS\djsvs.sys
2010/08/15 11:40:45.0572 aliide (0d40bcf52ea90fc7df2aeab6503dea44) W:\Windows\system32\DRIVERS\aliide.sys
2010/08/15 11:40:46.0321 amdagp (3c6600a0696e90a463771c7422e23ab5) W:\Windows\system32\DRIVERS\amdagp.sys
2010/08/15 11:40:47.0070 amdide (cd5914170297126b6266860198d1d4f0) W:\Windows\system32\DRIVERS\amdide.sys
2010/08/15 11:40:47.0803 AmdK8 (00dda200d71bac534bf56a9db5dfd666) W:\Windows\system32\DRIVERS\amdk8.sys
2010/08/15 11:40:48.0505 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) W:\Windows\system32\DRIVERS\amdppm.sys
2010/08/15 11:40:49.0238 amdsata (2101a86c25c154f8314b24ef49d7fbc2) W:\Windows\system32\DRIVERS\amdsata.sys
2010/08/15 11:40:50.0112 amdsbs (ea43af0c423ff267355f74e7a53bdaba) W:\Windows\system32\DRIVERS\amdsbs.sys
2010/08/15 11:40:50.0845 amdxata (b81c2b5616f6420a9941ea093a92b150) W:\Windows\system32\DRIVERS\amdxata.sys
2010/08/15 11:40:51.0500 AppID (feb834c02ce1e84b6a38f953ca067706) W:\Windows\system32\drivers\appid.sys
2010/08/15 11:40:52.0171 arc (2932004f49677bd84dbc72edb754ffb3) W:\Windows\system32\DRIVERS\arc.sys
2010/08/15 11:40:52.0779 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) W:\Windows\system32\DRIVERS\arcsas.sys
2010/08/15 11:40:53.0372 AsyncMac (add2ade1c2b285ab8378d2daaf991481) W:\Windows\system32\DRIVERS\asyncmac.sys
2010/08/15 11:40:54.0012 atapi (338c86357871c167a96ab976519bf59e) W:\Windows\system32\DRIVERS\atapi.sys
2010/08/15 11:40:54.0714 athr (ac4adac154563ab41cc79b0257bc685a) W:\Windows\system32\DRIVERS\athr.sys
2010/08/15 11:40:55.0634 Avgfwfd (26a4640a8f16f8ce39b93329c83bb15a) W:\Windows\system32\DRIVERS\avgfwd6x.sys
2010/08/15 11:40:56.0071 AVGIDSDriverw7x (9e6b5bc75fd68b0d56a6f68a2d967241) W:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSDriver.sys
2010/08/15 11:40:56.0679 AVGIDSErHrw7x (25d906e3419ec2e7813d0627dd054032) W:\Windows\system32\Drivers\AVGIDSwx.sys
2010/08/15 11:40:57.0085 AVGIDSFilterw7x (57b9a71774c9e334dc8ef97657ff18a1) W:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSFilter.sys
2010/08/15 11:40:57.0491 AVGIDSShimw7x (c996c03d160137938a122a951305d645) W:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSShim.sys
2010/08/15 11:40:58.0224 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) W:\Windows\System32\Drivers\avgldx86.sys
2010/08/15 11:40:58.0879 AvgMfx86 (53b3f979930a786a614d29cafe99f645) W:\Windows\System32\Drivers\avgmfx86.sys
2010/08/15 11:40:59.0503 AvgRkx86 (5bbcd8646074a3af4ee9b321d12c2b64) W:\Windows\system32\Drivers\avgrkx86.sys
2010/08/15 11:41:00.0143 AvgTdiX (22e3b793c3e61720f03d3a22351af410) W:\Windows\System32\Drivers\avgtdix.sys
2010/08/15 11:41:00.0845 b06bdrv (1a231abec60fd316ec54c66715543cec) W:\Windows\system32\DRIVERS\bxvbdx.sys
2010/08/15 11:41:01.0765 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) W:\Windows\system32\DRIVERS\b57nd60x.sys
2010/08/15 11:41:02.0420 Beep (505506526a9d467307b3c393dedaf858) W:\Windows\system32\drivers\Beep.sys
2010/08/15 11:41:03.0153 blbdrive (2287078ed48fcfc477b05b20cf38f36f) W:\Windows\system32\DRIVERS\blbdrive.sys
2010/08/15 11:41:04.0058 bowser (fcafaef6798d7b51ff029f99a9898961) W:\Windows\system32\DRIVERS\bowser.sys
2010/08/15 11:41:04.0542 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) W:\Windows\system32\DRIVERS\BrFiltLo.sys
2010/08/15 11:41:05.0540 BrFiltUp (56801ad62213a41f6497f96dee83755a) W:\Windows\system32\DRIVERS\BrFiltUp.sys
2010/08/15 11:41:06.0102 Brserid (845b8ce732e67f3b4133164868c666ea) W:\Windows\System32\Drivers\Brserid.sys
2010/08/15 11:41:07.0490 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) W:\Windows\System32\Drivers\BrSerWdm.sys
2010/08/15 11:41:09.0113 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) W:\Windows\System32\Drivers\BrUsbMdm.sys
2010/08/15 11:41:09.0768 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) W:\Windows\System32\Drivers\BrUsbSer.sys
2010/08/15 11:41:10.0345 BthEnum (2865a5c8e98c70c605f417908cebb3a4) W:\Windows\system32\DRIVERS\BthEnum.sys
2010/08/15 11:41:10.0782 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) W:\Windows\system32\DRIVERS\bthmodem.sys
2010/08/15 11:41:11.0624 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) W:\Windows\system32\DRIVERS\bthpan.sys
2010/08/15 11:41:12.0092 BTHPORT (4a34888e13224678dd062466afec4240) W:\Windows\system32\Drivers\BTHport.sys
2010/08/15 11:41:12.0545 BTHUSB (fa04c63916fa221dbb91fce153d07a55) W:\Windows\system32\Drivers\BTHUSB.sys
2010/08/15 11:41:12.0997 cdfs (77ea11b065e0a8ab902d78145ca51e10) W:\Windows\system32\DRIVERS\cdfs.sys
2010/08/15 11:41:13.0449 cdrom (ba6e70aa0e6091bc39de29477d866a77) W:\Windows\system32\DRIVERS\cdrom.sys
2010/08/15 11:41:13.0917 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) W:\Windows\system32\DRIVERS\circlass.sys
2010/08/15 11:41:14.0261 CLFS (635181e0e9bbf16871bf5380d71db02d) W:\Windows\system32\CLFS.sys
2010/08/15 11:41:14.0760 CmBatt (dea805815e587dad1dd2c502220b5616) W:\Windows\system32\DRIVERS\CmBatt.sys
2010/08/15 11:41:15.0212 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) W:\Windows\system32\DRIVERS\cmdide.sys
2010/08/15 11:41:15.0665 CNG (1b675691ed940766149c93e8f4488d68) W:\Windows\system32\Drivers\cng.sys
2010/08/15 11:41:16.0133 Compbatt (a6023d3823c37043986713f118a89bee) W:\Windows\system32\DRIVERS\compbatt.sys
2010/08/15 11:41:16.0601 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) W:\Windows\system32\DRIVERS\CompositeBus.sys
2010/08/15 11:41:16.0788 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) W:\Program Files\SystemRequirementsLab\cpudrv.sys
2010/08/15 11:41:17.0256 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) W:\Windows\system32\DRIVERS\crcdisk.sys
2010/08/15 11:41:17.0739 CSC (27c9490bdd0ae48911ab8cf1932591ed) W:\Windows\system32\drivers\csc.sys
2010/08/15 11:41:18.0239 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) W:\Windows\system32\Drivers\dfsc.sys
2010/08/15 11:41:18.0691 discache (1a050b0274bfb3890703d490f330c0da) W:\Windows\system32\drivers\discache.sys
2010/08/15 11:41:19.0175 Disk (565003f326f99802e68ca78f2a68e9ff) W:\Windows\system32\DRIVERS\disk.sys
2010/08/15 11:41:19.0674 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) W:\Windows\system32\drivers\drmkaud.sys
2010/08/15 11:41:20.0126 DXGKrnl (39806cfeddcc55e686a49bccd2972f23) W:\Windows\System32\drivers\dxgkrnl.sys
2010/08/15 11:41:20.0859 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) W:\Windows\system32\DRIVERS\evbdx.sys
2010/08/15 11:41:21.0390 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) W:\Windows\system32\DRIVERS\elxstor.sys
2010/08/15 11:41:21.0842 ErrDev (8fc3208352dd3912c94367a206ab3f11) W:\Windows\system32\DRIVERS\errdev.sys
2010/08/15 11:41:22.0388 exfat (2dc9108d74081149cc8b651d3a26207f) W:\Windows\system32\drivers\exfat.sys
2010/08/15 11:41:22.0825 fastfat (7e0ab74553476622fb6ae36f73d97d35) W:\Windows\system32\drivers\fastfat.sys
2010/08/15 11:41:23.0355 fdc (e817a017f82df2a1f8cfdbda29388b29) W:\Windows\system32\DRIVERS\fdc.sys
2010/08/15 11:41:23.0823 FileInfo (6cf00369c97f3cf563be99be983d13d8) W:\Windows\system32\drivers\fileinfo.sys
2010/08/15 11:41:24.0260 Filetrace (42c51dc94c91da21cb9196eb64c45db9) W:\Windows\system32\drivers\filetrace.sys
2010/08/15 11:41:24.0744 flpydisk (87907aa70cb3c56600f1c2fb8841579b) W:\Windows\system32\DRIVERS\flpydisk.sys
2010/08/15 11:41:25.0212 FltMgr (7520ec808e0c35e0ee6f841294316653) W:\Windows\system32\drivers\fltmgr.sys
2010/08/15 11:41:25.0680 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) W:\Windows\system32\drivers\FsDepends.sys
2010/08/15 11:41:26.0101 Fs_Rec (a574b4360e438977038aae4bf60d79a2) W:\Windows\system32\drivers\Fs_Rec.sys
2010/08/15 11:41:26.0694 fvevol (5592f5dba26282d24d2b080eb438a4d7) W:\Windows\system32\DRIVERS\fvevol.sys
2010/08/15 11:41:27.0177 FwLnk (cbc22823628544735625b280665e434e) W:\Windows\system32\DRIVERS\FwLnk.sys
2010/08/15 11:41:27.0645 gagp30kx (65ee0c7a58b65e74ae05637418153938) W:\Windows\system32\DRIVERS\gagp30kx.sys
2010/08/15 11:41:28.0129 hcw85cir (c44e3c2bab6837db337ddee7544736db) W:\Windows\system32\drivers\hcw85cir.sys
2010/08/15 11:41:28.0737 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) W:\Windows\system32\drivers\HdAudio.sys
2010/08/15 11:41:29.0190 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) W:\Windows\system32\DRIVERS\HDAudBus.sys
2010/08/15 11:41:29.0642 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) W:\Windows\system32\DRIVERS\HidBatt.sys
2010/08/15 11:41:30.0110 HidBth (89448f40e6df260c206a193a4683ba78) W:\Windows\system32\DRIVERS\hidbth.sys
2010/08/15 11:41:30.0563 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) W:\Windows\system32\DRIVERS\hidir.sys
2010/08/15 11:41:31.0639 HidUsb (25072fb35ac90b25f9e4e3bacf774102) W:\Windows\system32\DRIVERS\hidusb.sys
2010/08/15 11:41:32.0310 HpSAMD (295fdc419039090eb8b49ffdbb374549) W:\Windows\system32\DRIVERS\HpSAMD.sys
2010/08/15 11:41:33.0230 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) W:\Windows\system32\drivers\HTTP.sys
2010/08/15 11:41:34.0041 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) W:\Windows\system32\drivers\hwpolicy.sys
2010/08/15 11:41:35.0009 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) W:\Windows\system32\DRIVERS\i8042prt.sys
2010/08/15 11:41:35.0882 iaStorV (934af4d7c5f457b9f0743f4299b77b67) W:\Windows\system32\DRIVERS\iaStorV.sys
2010/08/15 11:41:37.0817 igfx (b1a8d4427bd6ee7818cd2e6169535e88) W:\Windows\system32\DRIVERS\igdkmd32.sys
2010/08/15 11:41:38.0597 iirsp (4173ff5708f3236cf25195fecd742915) W:\Windows\system32\DRIVERS\iirsp.sys
2010/08/15 11:41:39.0470 intelide (a0f12f2c9ba6c72f3987ce780e77c130) W:\Windows\system32\DRIVERS\intelide.sys
2010/08/15 11:41:40.0048 intelppm (3b514d27bfc4accb4037bc6685f766e0) W:\Windows\system32\DRIVERS\intelppm.sys
2010/08/15 11:41:40.0874 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) W:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/08/15 11:41:41.0576 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) W:\Windows\system32\DRIVERS\IPMIDrv.sys
2010/08/15 11:41:42.0356 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) W:\Windows\system32\drivers\ipnat.sys
2010/08/15 11:41:43.0183 IRENUM (42996cff20a3084a56017b7902307e9f) W:\Windows\system32\drivers\irenum.sys
2010/08/15 11:41:43.0807 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) W:\Windows\system32\DRIVERS\isapnp.sys
2010/08/15 11:41:44.0353 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) W:\Windows\system32\DRIVERS\msiscsi.sys
2010/08/15 11:41:45.0086 kbdclass (adef52ca1aeae82b50df86b56413107e) W:\Windows\system32\DRIVERS\kbdclass.sys
2010/08/15 11:41:45.0710 kbdhid (3d9f0ebf350edcfd6498057301455964) W:\Windows\system32\DRIVERS\kbdhid.sys
2010/08/15 11:41:46.0334 KSecDD (e36a061ec11b373826905b21be10948f) W:\Windows\system32\Drivers\ksecdd.sys
2010/08/15 11:41:47.0099 KSecPkg (26c046977e85b95036453d7b88ba1820) W:\Windows\system32\Drivers\ksecpkg.sys
2010/08/15 11:41:47.0707 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) W:\Windows\system32\DRIVERS\lltdio.sys
2010/08/15 11:41:48.0331 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) W:\Windows\system32\DRIVERS\lsi_fc.sys
2010/08/15 11:41:48.0955 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) W:\Windows\system32\DRIVERS\lsi_sas.sys
2010/08/15 11:41:49.0408 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) W:\Windows\system32\DRIVERS\lsi_sas2.sys
2010/08/15 11:41:49.0891 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) W:\Windows\system32\DRIVERS\lsi_scsi.sys
2010/08/15 11:41:50.0359 luafv (6703e366cc18d3b6e534f5cf7df39cee) W:\Windows\system32\drivers\luafv.sys
2010/08/15 11:41:51.0092 MBAMProtector (67b48a903430c6d4fb58cbaca1866601) W:\Windows\system32\drivers\mbam.sys
2010/08/15 11:41:51.0560 megasas (0fff5b045293002ab38eb1fd1fc2fb74) W:\Windows\system32\DRIVERS\megasas.sys
2010/08/15 11:41:52.0044 MegaSR (dcbab2920c75f390caf1d29f675d03d6) W:\Windows\system32\DRIVERS\MegaSR.sys
2010/08/15 11:41:52.0559 Modem (f001861e5700ee84e2d4e52c712f4964) W:\Windows\system32\drivers\modem.sys
2010/08/15 11:41:53.0011 monitor (79d10964de86b292320e9dfe02282a23) W:\Windows\system32\DRIVERS\monitor.sys
2010/08/15 11:41:53.0448 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) W:\Windows\system32\DRIVERS\mouclass.sys
2010/08/15 11:41:53.0994 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) W:\Windows\system32\DRIVERS\mouhid.sys
2010/08/15 11:41:54.0478 mountmgr (921c18727c5920d6c0300736646931c2) W:\Windows\system32\drivers\mountmgr.sys
2010/08/15 11:41:54.0992 mpio (2af5997438c55fb79d33d015c30e1974) W:\Windows\system32\DRIVERS\mpio.sys
2010/08/15 11:41:55.0476 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) W:\Windows\system32\drivers\mpsdrv.sys
2010/08/15 11:41:56.0006 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) W:\Windows\system32\drivers\mrxdav.sys
2010/08/15 11:41:56.0474 mrxsmb (f4a054be78af7f410129c4b64b07dc9b) W:\Windows\system32\DRIVERS\mrxsmb.sys
2010/08/15 11:41:56.0927 mrxsmb10 (deffa295bd1895c6ed8e3078412ac60b) W:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/08/15 11:41:57.0379 mrxsmb20 (24d76abe5dcad22f19d105f76fdf0ce1) W:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/08/15 11:41:57.0894 msahci (4326d168944123f38dd3b2d9c37a0b12) W:\Windows\system32\DRIVERS\msahci.sys
2010/08/15 11:41:58.0362 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) W:\Windows\system32\DRIVERS\msdsm.sys
2010/08/15 11:41:58.0861 Msfs (daefb28e3af5a76abcc2c3078c07327f) W:\Windows\system32\drivers\Msfs.sys
2010/08/15 11:41:59.0314 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) W:\Windows\System32\drivers\mshidkmdf.sys
2010/08/15 11:41:59.0860 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) W:\Windows\system32\DRIVERS\msisadrv.sys
2010/08/15 11:42:00.0359 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) W:\Windows\system32\drivers\MSKSSRV.sys
2010/08/15 11:42:00.0998 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) W:\Windows\system32\drivers\MSPCLOCK.sys
2010/08/15 11:42:01.0466 MSPQM (f456e973590d663b1073e9c463b40932) W:\Windows\system32\drivers\MSPQM.sys
2010/08/15 11:42:01.0934 MsRPC (0e008fc4819d238c51d7c93e7b41e560) W:\Windows\system32\drivers\MsRPC.sys
2010/08/15 11:42:02.0449 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) W:\Windows\system32\DRIVERS\mssmbios.sys
2010/08/15 11:42:02.0917 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) W:\Windows\system32\drivers\MSTEE.sys
2010/08/15 11:42:03.0416 MTConfig (33599130f44e1f34631cea241de8ac84) W:\Windows\system32\DRIVERS\MTConfig.sys
2010/08/15 11:42:03.0931 Mup (159fad02f64e6381758c990f753bcc80) W:\Windows\system32\Drivers\mup.sys
2010/08/15 11:42:04.0430 NativeWifiP (26384429fcd85d83746f63e798ab1480) W:\Windows\system32\DRIVERS\nwifi.sys
2010/08/15 11:42:04.0976 NDIS (23759d175a0a9baaf04d05047bc135a8) W:\Windows\system32\drivers\ndis.sys
2010/08/15 11:42:05.0444 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) W:\Windows\system32\DRIVERS\ndiscap.sys
2010/08/15 11:42:05.0975 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) W:\Windows\system32\DRIVERS\ndistapi.sys
2010/08/15 11:42:06.0443 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) W:\Windows\system32\DRIVERS\ndisuio.sys
2010/08/15 11:42:07.0129 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) W:\Windows\system32\DRIVERS\ndiswan.sys
2010/08/15 11:42:07.0582 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) W:\Windows\system32\drivers\NDProxy.sys
2010/08/15 11:42:08.0081 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) W:\Windows\system32\DRIVERS\netbios.sys
2010/08/15 11:42:08.0533 NetBT (dd52a733bf4ca5af84562a5e2f963b91) W:\Windows\system32\DRIVERS\netbt.sys
2010/08/15 11:42:09.0220 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) W:\Windows\system32\DRIVERS\nfrd960.sys
2010/08/15 11:42:09.0719 Npfs (1db262a9f8c087e8153d89bef3d2235f) W:\Windows\system32\drivers\Npfs.sys
2010/08/15 11:42:10.0202 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) W:\Windows\system32\drivers\nsiproxy.sys
2010/08/15 11:42:10.0858 Ntfs (3795dcd21f740ee799fb7223234215af) W:\Windows\system32\drivers\Ntfs.sys
2010/08/15 11:42:11.0357 Null (f9756a98d69098dca8945d62858a812c) W:\Windows\system32\drivers\Null.sys
2010/08/15 11:42:11.0825 nvraid (3f3d04b1d08d43c16ea7963954ec768d) W:\Windows\system32\DRIVERS\nvraid.sys
2010/08/15 11:42:12.0340 nvstor (c99f251a5de63c6f129cf71933aced0f) W:\Windows\system32\DRIVERS\nvstor.sys
2010/08/15 11:42:12.0808 nv_agp (5a0983915f02bae73267cc2a041f717d) W:\Windows\system32\DRIVERS\nv_agp.sys
2010/08/15 11:42:13.0291 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) W:\Windows\system32\DRIVERS\ohci1394.sys
2010/08/15 11:42:13.0900 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) W:\Windows\system32\DRIVERS\parport.sys
2010/08/15 11:42:14.0352 partmgr (ff4218952b51de44fe910953a3e686b9) W:\Windows\system32\drivers\partmgr.sys
2010/08/15 11:42:14.0992 Parvdm (eb0a59f29c19b86479d36b35983daadc) W:\Windows\system32\DRIVERS\parvdm.sys
2010/08/15 11:42:15.0460 pci (c858cb77c577780ecc456a892e7e7d0f) W:\Windows\system32\DRIVERS\pci.sys
2010/08/15 11:42:15.0928 pciide (afe86f419014db4e5593f69ffe26ce0a) W:\Windows\system32\DRIVERS\pciide.sys
2010/08/15 11:42:16.0427 pcmcia (f396431b31693e71e8a80687ef523506) W:\Windows\system32\DRIVERS\pcmcia.sys
2010/08/15 11:42:16.0895 pcw (250f6b43d2b613172035c6747aeeb19f) W:\Windows\system32\drivers\pcw.sys
2010/08/15 11:42:17.0410 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) W:\Windows\system32\drivers\peauth.sys
2010/08/15 11:42:17.0956 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) W:\Windows\system32\DRIVERS\raspptp.sys
2010/08/15 11:42:18.0392 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) W:\Windows\system32\DRIVERS\processr.sys
2010/08/15 11:42:18.0938 Psched (6270ccae2a86de6d146529fe55b3246a) W:\Windows\system32\DRIVERS\pacer.sys
2010/08/15 11:42:19.0453 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) W:\Windows\system32\DRIVERS\ql2300.sys
2010/08/15 11:42:19.0921 ql40xx (b4dd51dd25182244b86737dc51af2270) W:\Windows\system32\DRIVERS\ql40xx.sys
2010/08/15 11:42:20.0389 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) W:\Windows\system32\drivers\qwavedrv.sys
2010/08/15 11:42:20.0920 RasAcd (30a81b53c766d0133bb86d234e5556ab) W:\Windows\system32\DRIVERS\rasacd.sys
2010/08/15 11:42:21.0403 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) W:\Windows\system32\DRIVERS\AgileVpn.sys
2010/08/15 11:42:21.0902 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) W:\Windows\system32\DRIVERS\rasl2tp.sys
2010/08/15 11:42:22.0386 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) W:\Windows\system32\DRIVERS\raspppoe.sys
2010/08/15 11:42:22.0963 RasSstp (44101f495a83ea6401d886e7fd70096b) W:\Windows\system32\DRIVERS\rassstp.sys
2010/08/15 11:42:23.0447 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) W:\Windows\system32\DRIVERS\rdbss.sys
2010/08/15 11:42:23.0915 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) W:\Windows\system32\DRIVERS\rdpbus.sys
2010/08/15 11:42:24.0679 RDPCDD (1e016846895b15a99f9a176a05029075) W:\Windows\system32\DRIVERS\RDPCDD.sys
2010/08/15 11:42:25.0724 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) W:\Windows\system32\drivers\rdpdr.sys
2010/08/15 11:42:27.0019 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) W:\Windows\system32\drivers\rdpencdd.sys
2010/08/15 11:42:27.0674 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) W:\Windows\system32\drivers\rdprefmp.sys
2010/08/15 11:42:28.0548 RDPWD (801371ba9782282892d00aadb08ee367) W:\Windows\system32\drivers\RDPWD.sys
2010/08/15 11:42:29.0188 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) W:\Windows\system32\drivers\rdyboost.sys
2010/08/15 11:42:29.0749 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) W:\Windows\system32\DRIVERS\rfcomm.sys
2010/08/15 11:42:30.0295 rspndr (032b0d36ad92b582d869879f5af5b928) W:\Windows\system32\DRIVERS\rspndr.sys
2010/08/15 11:42:30.0826 RTL8167 (06bd46be6141556125f89df738333720) W:\Windows\system32\DRIVERS\Rt86win7.sys
2010/08/15 11:42:31.0294 s3cap (5423d8437051e89dd34749f242c98648) W:\Windows\system32\DRIVERS\vms3cap.sys
2010/08/15 11:42:31.0762 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) W:\Windows\system32\DRIVERS\sbp2port.sys
2010/08/15 11:42:32.0245 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) W:\Windows\system32\DRIVERS\scfilter.sys
2010/08/15 11:42:32.0744 secdrv (90a3935d05b494a5a39d37e71f09a677) W:\Windows\system32\drivers\secdrv.sys
2010/08/15 11:42:33.0212 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) W:\Windows\system32\DRIVERS\serenum.sys
2010/08/15 11:42:33.0868 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) W:\Windows\system32\DRIVERS\serial.sys
2010/08/15 11:42:34.0538 sermouse (79bffb520327ff916a582dfea17aa813) W:\Windows\system32\DRIVERS\sermouse.sys
2010/08/15 11:42:35.0506 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) W:\Windows\system32\DRIVERS\sffdisk.sys
2010/08/15 11:42:36.0223 sffp_mmc (932a68ee27833cfd57c1639d375f2731) W:\Windows\system32\DRIVERS\sffp_mmc.sys
2010/08/15 11:42:37.0066 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) W:\Windows\system32\DRIVERS\sffp_sd.sys
2010/08/15 11:42:37.0674 sfloppy (db96666cc8312ebc45032f30b007a547) W:\Windows\system32\DRIVERS\sfloppy.sys
2010/08/15 11:42:38.0407 sisagp (2565cac0dc9fe0371bdce60832582b2e) W:\Windows\system32\DRIVERS\sisagp.sys
2010/08/15 11:42:39.0094 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) W:\Windows\system32\DRIVERS\SiSRaid2.sys
2010/08/15 11:42:40.0030 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) W:\Windows\system32\DRIVERS\sisraid4.sys
2010/08/15 11:42:40.0747 Smb (3e21c083b8a01cb70ba1f09303010fce) W:\Windows\system32\DRIVERS\smb.sys
2010/08/15 11:42:41.0574 spldr (95cf1ae7527fb70f7816563cbc09d942) W:\Windows\system32\drivers\spldr.sys
2010/08/15 11:42:42.0541 sptd (cdddec541bc3c96f91ecb48759673505) W:\Windows\system32\Drivers\sptd.sys
2010/08/15 11:42:42.0541 Suspicious file (NoAccess): W:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2010/08/15 11:42:42.0557 sptd - detected Locked file (1)
2010/08/15 11:42:43.0274 srv (2ba4ebc7dfba845a1edbe1f75913be33) W:\Windows\system32\DRIVERS\srv.sys
2010/08/15 11:42:43.0898 srv2 (dce7e10feaabd4cae95948b3de5340bb) W:\Windows\system32\DRIVERS\srv2.sys
2010/08/15 11:42:44.0569 srvnet (b5665baa2120b8a54e22e9cd07c05106) W:\Windows\system32\DRIVERS\srvnet.sys
2010/08/15 11:42:45.0162 stexstor (db32d325c192b801df274bfd12a7e72b) W:\Windows\system32\DRIVERS\stexstor.sys
2010/08/15 11:42:45.0942 storflt (957e346ca948668f2496a6ccf6ff82cc) W:\Windows\system32\DRIVERS\vmstorfl.sys
2010/08/15 11:42:46.0862 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) W:\Windows\system32\DRIVERS\storvsc.sys
2010/08/15 11:42:47.0393 swenum (e58c78a848add9610a4db6d214af5224) W:\Windows\system32\DRIVERS\swenum.sys
2010/08/15 11:42:48.0079 SynTP (8bd10dc8809dc69a1c5a795cb10add76) W:\Windows\system32\DRIVERS\SynTP.sys
2010/08/15 11:42:48.0734 Tcpip (2cc3d75488abd3ec628bbb9a4fc84efc) W:\Windows\system32\drivers\tcpip.sys
2010/08/15 11:42:49.0327 TCPIP6 (2cc3d75488abd3ec628bbb9a4fc84efc) W:\Windows\system32\DRIVERS\tcpip.sys
2010/08/15 11:42:49.0936 tcpipreg (e64444523add154f86567c469bc0b17f) W:\Windows\system32\drivers\tcpipreg.sys
2010/08/15 11:42:50.0466 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) W:\Windows\system32\drivers\tdpipe.sys
2010/08/15 11:42:51.0012 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) W:\Windows\system32\drivers\tdtcp.sys
2010/08/15 11:42:51.0480 tdx (cb39e896a2a83702d1737bfd402b3542) W:\Windows\system32\DRIVERS\tdx.sys
2010/08/15 11:42:51.0917 TermDD (c36f41ee20e6999dbf4b0425963268a5) W:\Windows\system32\DRIVERS\termdd.sys
2010/08/15 11:42:52.0432 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) W:\Windows\system32\DRIVERS\tssecsrv.sys
2010/08/15 11:42:52.0728 TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) W:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
2010/08/15 11:42:53.0258 tunnel (3e461d890a97f9d4c168f5fda36e1d00) W:\Windows\system32\DRIVERS\tunnel.sys
2010/08/15 11:42:53.0742 TVALZ (fc24015b4052600c324c43e3a79c0664) W:\Windows\system32\DRIVERS\TVALZ_O.SYS
2010/08/15 11:42:54.0194 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) W:\Windows\system32\DRIVERS\uagp35.sys
2010/08/15 11:42:54.0694 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) W:\Windows\system32\DRIVERS\udfs.sys
2010/08/15 11:42:55.0193 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) W:\Windows\system32\DRIVERS\uliagpkx.sys
2010/08/15 11:42:55.0676 umbus (049b3a50b3d646baeeee9eec9b0668dc) W:\Windows\system32\DRIVERS\umbus.sys
2010/08/15 11:42:56.0176 UmPass (7550ad0c6998ba1cb4843e920ee0feac) W:\Windows\system32\DRIVERS\umpass.sys
2010/08/15 11:42:56.0644 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) W:\Windows\system32\DRIVERS\usbccgp.sys
2010/08/15 11:42:57.0112 usbcir (04ec7cec62ec3b6d9354eee93327fc82) W:\Windows\system32\DRIVERS\usbcir.sys
2010/08/15 11:42:57.0564 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) W:\Windows\system32\DRIVERS\usbehci.sys
2010/08/15 11:42:58.0063 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) W:\Windows\system32\DRIVERS\usbhub.sys
2010/08/15 11:42:58.0516 usbohci (a6fb7957ea7afb1165991e54ce934b74) W:\Windows\system32\DRIVERS\usbohci.sys
2010/08/15 11:42:59.0093 usbprint (797d862fe0875e75c7cc4c1ad7b30252) W:\Windows\system32\DRIVERS\usbprint.sys
2010/08/15 11:42:59.0561 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) W:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/08/15 11:43:00.0013 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) W:\Windows\system32\DRIVERS\usbuhci.sys
2010/08/15 11:43:00.0559 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) W:\Windows\system32\DRIVERS\vdrvroot.sys
2010/08/15 11:43:01.0043 vga (17c408214ea61696cec9c66e388b14f3) W:\Windows\system32\DRIVERS\vgapnp.sys
2010/08/15 11:43:01.0526 VgaSave (8e38096ad5c8570a6f1570a61e251561) W:\Windows\System32\drivers\vga.sys
2010/08/15 11:43:02.0010 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) W:\Windows\system32\DRIVERS\vhdmp.sys
2010/08/15 11:43:02.0478 viaagp (c829317a37b4bea8f39735d4b076e923) W:\Windows\system32\DRIVERS\viaagp.sys
2010/08/15 11:43:02.0930 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) W:\Windows\system32\DRIVERS\viac7.sys
2010/08/15 11:43:03.0398 viaide (e43574f6a56a0ee11809b48c09e4fd3c) W:\Windows\system32\DRIVERS\viaide.sys
2010/08/15 11:43:03.0960 vmbus (379b349f65f453d2a6e75ea6b7448e49) W:\Windows\system32\DRIVERS\vmbus.sys
2010/08/15 11:43:04.0428 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) W:\Windows\system32\DRIVERS\VMBusHID.sys
2010/08/15 11:43:04.0990 volmgr (384e5a2aa49934295171e499f86ba6f3) W:\Windows\system32\DRIVERS\volmgr.sys
2010/08/15 11:43:05.0458 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) W:\Windows\system32\drivers\volmgrx.sys
2010/08/15 11:43:05.0910 volsnap (58df9d2481a56edde167e51b334d44fd) W:\Windows\system32\DRIVERS\volsnap.sys
2010/08/15 11:43:06.0394 vsmraid (9dfa0cc2f8855a04816729651175b631) W:\Windows\system32\DRIVERS\vsmraid.sys
2010/08/15 11:43:06.0877 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) W:\Windows\system32\DRIVERS\vwifibus.sys
2010/08/15 11:43:07.0345 vwififlt (7090d3436eeb4e7da3373090a23448f7) W:\Windows\system32\DRIVERS\vwififlt.sys
2010/08/15 11:43:07.0844 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) W:\Windows\system32\DRIVERS\vwifimp.sys
2010/08/15 11:43:08.0297 WacomPen (de3721e89c653aa281428c8a69745d90) W:\Windows\system32\DRIVERS\wacompen.sys
2010/08/15 11:43:08.0874 WANARP (692a712062146e96d28ba0b7d75de31b) W:\Windows\system32\DRIVERS\wanarp.sys
2010/08/15 11:43:08.0905 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) W:\Windows\system32\DRIVERS\wanarp.sys
2010/08/15 11:43:09.0373 Wd (1112a9badacb47b7c0bb0392e3158dff) W:\Windows\system32\DRIVERS\wd.sys
2010/08/15 11:43:09.0857 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) W:\Windows\system32\drivers\Wdf01000.sys
2010/08/15 11:43:10.0465 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) W:\Windows\system32\DRIVERS\wfplwf.sys
2010/08/15 11:43:11.0245 WIMMount (5cf95b35e59e2a38023836fff31be64c) W:\Windows\system32\drivers\wimmount.sys
2010/08/15 11:43:12.0119 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) W:\Windows\system32\DRIVERS\WinUsb.sys
2010/08/15 11:43:12.0758 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) W:\Windows\system32\DRIVERS\wmiacpi.sys
2010/08/15 11:43:14.0038 ws2ifsl (6db3276587b853bf886b69528fdb048c) W:\Windows\system32\drivers\ws2ifsl.sys
2010/08/15 11:43:14.0786 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) W:\Windows\system32\drivers\WudfPf.sys
2010/08/15 11:43:15.0535 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) W:\Windows\system32\DRIVERS\WUDFRd.sys
2010/08/15 11:43:15.0785 ================================================================================
2010/08/15 11:43:15.0785 Scan finished
2010/08/15 11:43:15.0785 ================================================================================
2010/08/15 11:43:15.0800 Detected object count: 1
2010/08/15 11:43:35.0301 sptd (cdddec541bc3c96f91ecb48759673505) W:\Windows\system32\Drivers\sptd.sys
2010/08/15 11:43:35.0301 Suspicious file (NoAccess): W:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2010/08/15 11:43:35.0316 W:\Windows\system32\Drivers\sptd.sys - quarantined
2010/08/15 11:43:35.0316 Locked file(sptd) - User select action: Quarantine
2010/08/15 11:43:40.0979 Deinitialize success




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users