Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google link redirect (not always) to qwplayerdownload.com


  • This topic is locked This topic is locked
6 replies to this topic

#1 Jon18567

Jon18567

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:55 AM

Posted 11 February 2011 - 04:21 PM

I have tried Spybot, Malwarebytes, Super Antimalware, TDSSKiller, GMER, they couldn't find any malware. i also tried to run ComboFix but it crashes all the time.

I am using Win7 Pro 64bit, please help !

Edited by Jon18567, 12 February 2011 - 12:18 AM.


BC AdBot (Login to Remove)

 


#2 Jon18567

Jon18567
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:55 AM

Posted 12 February 2011 - 12:18 AM

Hi, I just ran the latest TDSSKiller again, and it found nothing, here's the log:

2011/02/11 20:36:19.0729 1360 TDSS rootkit removing tool 2.4.17.0 Feb 10 2011 11:07:20
2011/02/11 20:36:20.0150 1360 ================================================================================
2011/02/11 20:36:20.0150 1360 SystemInfo:
2011/02/11 20:36:20.0150 1360
2011/02/11 20:36:20.0150 1360 OS Version: 6.1.7600 ServicePack: 0.0
2011/02/11 20:36:20.0150 1360 Product type: Workstation
2011/02/11 20:36:20.0150 1360 ComputerName: JON1379-THINK
2011/02/11 20:36:20.0150 1360 UserName: Chillee
2011/02/11 20:36:20.0150 1360 Windows directory: C:\Windows
2011/02/11 20:36:20.0150 1360 System windows directory: C:\Windows
2011/02/11 20:36:20.0150 1360 Running under WOW64
2011/02/11 20:36:20.0150 1360 Processor architecture: Intel x64
2011/02/11 20:36:20.0150 1360 Number of processors: 2
2011/02/11 20:36:20.0150 1360 Page size: 0x1000
2011/02/11 20:36:20.0150 1360 Boot type: Normal boot
2011/02/11 20:36:20.0150 1360 ================================================================================
2011/02/11 20:36:21.0133 1360 Initialize success
2011/02/11 20:36:24.0862 1988 ================================================================================
2011/02/11 20:36:24.0862 1988 Scan started
2011/02/11 20:36:24.0862 1988 Mode: Manual;
2011/02/11 20:36:24.0862 1988 ================================================================================
2011/02/11 20:36:26.0141 1988 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/02/11 20:36:26.0219 1988 5U877 (7d497701bda1267ad5f86350925d2f10) C:\Windows\system32\DRIVERS\5U877.sys
2011/02/11 20:36:26.0328 1988 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/02/11 20:36:26.0375 1988 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/02/11 20:36:26.0515 1988 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/02/11 20:36:26.0656 1988 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/02/11 20:36:26.0702 1988 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/02/11 20:36:26.0812 1988 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2011/02/11 20:36:26.0905 1988 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/02/11 20:36:26.0968 1988 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/02/11 20:36:27.0030 1988 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/02/11 20:36:27.0061 1988 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/02/11 20:36:27.0124 1988 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/02/11 20:36:27.0202 1988 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
2011/02/11 20:36:27.0248 1988 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/02/11 20:36:27.0342 1988 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
2011/02/11 20:36:27.0404 1988 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/02/11 20:36:27.0592 1988 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/02/11 20:36:27.0654 1988 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/02/11 20:36:27.0763 1988 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/02/11 20:36:27.0810 1988 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/02/11 20:36:27.0919 1988 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/02/11 20:36:28.0044 1988 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/02/11 20:36:28.0106 1988 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/02/11 20:36:28.0216 1988 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/02/11 20:36:28.0247 1988 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
2011/02/11 20:36:28.0278 1988 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/02/11 20:36:28.0340 1988 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/02/11 20:36:28.0387 1988 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/02/11 20:36:28.0418 1988 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/02/11 20:36:28.0496 1988 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/02/11 20:36:28.0512 1988 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/02/11 20:36:28.0574 1988 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/02/11 20:36:28.0668 1988 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/02/11 20:36:28.0730 1988 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
2011/02/11 20:36:28.0777 1988 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\Windows\system32\Drivers\BTHport.sys
2011/02/11 20:36:28.0871 1988 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\Windows\system32\Drivers\BTHUSB.sys
2011/02/11 20:36:28.0933 1988 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/02/11 20:36:29.0027 1988 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/02/11 20:36:29.0105 1988 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/02/11 20:36:29.0183 1988 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/02/11 20:36:29.0323 1988 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/02/11 20:36:29.0354 1988 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/02/11 20:36:29.0386 1988 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/02/11 20:36:29.0526 1988 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/02/11 20:36:29.0573 1988 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/02/11 20:36:29.0682 1988 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/02/11 20:36:29.0744 1988 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
2011/02/11 20:36:29.0900 1988 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2011/02/11 20:36:29.0932 1988 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/02/11 20:36:30.0025 1988 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/02/11 20:36:30.0103 1988 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
2011/02/11 20:36:30.0134 1988 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/02/11 20:36:30.0197 1988 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/02/11 20:36:30.0259 1988 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/02/11 20:36:30.0322 1988 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
2011/02/11 20:36:30.0509 1988 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/02/11 20:36:30.0743 1988 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/02/11 20:36:30.0821 1988 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/02/11 20:36:30.0868 1988 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/02/11 20:36:30.0899 1988 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/02/11 20:36:30.0992 1988 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/02/11 20:36:31.0039 1988 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/02/11 20:36:31.0055 1988 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/02/11 20:36:31.0133 1988 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/02/11 20:36:31.0180 1988 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/02/11 20:36:31.0211 1988 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/02/11 20:36:31.0289 1988 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/02/11 20:36:31.0336 1988 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/02/11 20:36:31.0367 1988 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/02/11 20:36:31.0445 1988 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/02/11 20:36:31.0492 1988 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/02/11 20:36:31.0538 1988 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/02/11 20:36:31.0648 1988 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/02/11 20:36:31.0679 1988 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/02/11 20:36:31.0710 1988 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/02/11 20:36:31.0741 1988 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/02/11 20:36:31.0866 1988 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/02/11 20:36:31.0944 1988 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/02/11 20:36:32.0006 1988 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/02/11 20:36:32.0084 1988 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/02/11 20:36:32.0147 1988 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/02/11 20:36:32.0209 1988 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys
2011/02/11 20:36:32.0272 1988 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/02/11 20:36:32.0334 1988 IBMPMDRV (b8e7ca64fff8b71636dea3a845cc23e5) C:\Windows\system32\DRIVERS\ibmpmdrv.sys
2011/02/11 20:36:32.0584 1988 igfx (dfeaf0a1d98d397035012c8e28d1520f) C:\Windows\system32\DRIVERS\igdkmd64.sys
2011/02/11 20:36:32.0833 1988 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/02/11 20:36:32.0942 1988 IntcAzAudAddService (3111a658416dc464ba1e48e3b2169952) C:\Windows\system32\drivers\RTKVHD64.sys
2011/02/11 20:36:33.0052 1988 IntcHdmiAddService (d485d3bd3e2179aa86853a182f70699f) C:\Windows\system32\drivers\IntcHdmi.sys
2011/02/11 20:36:33.0098 1988 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/02/11 20:36:33.0161 1988 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/02/11 20:36:33.0223 1988 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/02/11 20:36:33.0254 1988 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/02/11 20:36:33.0286 1988 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/02/11 20:36:33.0332 1988 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/02/11 20:36:33.0395 1988 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/02/11 20:36:33.0426 1988 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/02/11 20:36:33.0473 1988 JMCR (80a1de467adf200390134d63e359937a) C:\Windows\system32\DRIVERS\jmcr.sys
2011/02/11 20:36:33.0551 1988 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/02/11 20:36:33.0582 1988 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/02/11 20:36:33.0644 1988 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/02/11 20:36:33.0660 1988 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2011/02/11 20:36:33.0769 1988 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/02/11 20:36:33.0847 1988 lenovo.smi (5acff5823634bc2c4ebf559c3b33e18e) C:\Windows\system32\DRIVERS\smiifx64.sys
2011/02/11 20:36:33.0925 1988 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/02/11 20:36:33.0988 1988 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/02/11 20:36:34.0003 1988 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/02/11 20:36:34.0019 1988 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/02/11 20:36:34.0050 1988 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/02/11 20:36:34.0128 1988 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/02/11 20:36:34.0159 1988 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/02/11 20:36:34.0190 1988 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/02/11 20:36:34.0237 1988 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/02/11 20:36:34.0315 1988 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/02/11 20:36:34.0378 1988 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/02/11 20:36:34.0456 1988 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/02/11 20:36:34.0502 1988 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/02/11 20:36:34.0565 1988 MpFilter (e6ba8e5a4a871899e23d64573ef58ee9) C:\Windows\system32\DRIVERS\MpFilter.sys
2011/02/11 20:36:34.0643 1988 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/02/11 20:36:34.0705 1988 MpNWMon (98b09a4f2c462441030b83a80a3f6fb3) C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/02/11 20:36:34.0721 1988 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/02/11 20:36:34.0768 1988 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/02/11 20:36:34.0846 1988 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/02/11 20:36:34.0892 1988 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/02/11 20:36:34.0924 1988 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/02/11 20:36:34.0986 1988 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/02/11 20:36:35.0017 1988 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/02/11 20:36:35.0080 1988 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/02/11 20:36:35.0111 1988 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/02/11 20:36:35.0173 1988 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/02/11 20:36:35.0220 1988 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/02/11 20:36:35.0267 1988 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/02/11 20:36:35.0314 1988 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/02/11 20:36:35.0360 1988 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/02/11 20:36:35.0407 1988 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/02/11 20:36:35.0438 1988 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/02/11 20:36:35.0485 1988 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/02/11 20:36:35.0532 1988 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/02/11 20:36:35.0610 1988 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/02/11 20:36:35.0704 1988 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/02/11 20:36:35.0813 1988 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/02/11 20:36:35.0844 1988 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/02/11 20:36:35.0891 1988 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/02/11 20:36:35.0922 1988 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/02/11 20:36:35.0984 1988 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/02/11 20:36:36.0047 1988 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/02/11 20:36:36.0094 1988 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/02/11 20:36:36.0374 1988 NETw5s64 (4d85a450edef10c38882182753a49aae) C:\Windows\system32\DRIVERS\NETw5s64.sys
2011/02/11 20:36:36.0764 1988 netw5v64 (705283c02177809ca9fa7cc58a4f1e77) C:\Windows\system32\DRIVERS\netw5v64.sys
2011/02/11 20:36:36.0998 1988 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/02/11 20:36:37.0045 1988 NisDrv (3713e8452b88d3e0be095e06b6fbc776) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
2011/02/11 20:36:37.0139 1988 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/02/11 20:36:37.0170 1988 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/02/11 20:36:37.0232 1988 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
2011/02/11 20:36:37.0326 1988 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/02/11 20:36:37.0357 1988 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/02/11 20:36:37.0388 1988 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
2011/02/11 20:36:37.0466 1988 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/02/11 20:36:37.0498 1988 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/02/11 20:36:37.0622 1988 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/02/11 20:36:37.0638 1988 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/02/11 20:36:37.0747 1988 PCDSRVC{127174DC-C366ED8B-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\pc-doctor\pcdsrvc_x64.pkms
2011/02/11 20:36:37.0841 1988 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/02/11 20:36:37.0872 1988 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2011/02/11 20:36:37.0903 1988 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/02/11 20:36:37.0950 1988 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/02/11 20:36:38.0012 1988 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/02/11 20:36:38.0200 1988 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/02/11 20:36:38.0231 1988 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/02/11 20:36:38.0293 1988 psadd (515a7c5a0886fcc60901916785efd549) C:\Windows\system32\DRIVERS\psadd.sys
2011/02/11 20:36:38.0371 1988 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/02/11 20:36:38.0418 1988 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
2011/02/11 20:36:38.0480 1988 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/02/11 20:36:38.0574 1988 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/02/11 20:36:38.0621 1988 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/02/11 20:36:38.0621 1988 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/02/11 20:36:38.0683 1988 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/02/11 20:36:38.0746 1988 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/02/11 20:36:38.0777 1988 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/02/11 20:36:38.0824 1988 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/02/11 20:36:38.0839 1988 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/02/11 20:36:38.0902 1988 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/02/11 20:36:38.0933 1988 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/02/11 20:36:38.0964 1988 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
2011/02/11 20:36:38.0995 1988 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/02/11 20:36:39.0011 1988 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/02/11 20:36:39.0089 1988 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/02/11 20:36:39.0151 1988 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2011/02/11 20:36:39.0198 1988 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/02/11 20:36:39.0338 1988 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/02/11 20:36:39.0385 1988 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys
2011/02/11 20:36:39.0416 1988 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
2011/02/11 20:36:39.0494 1988 SASDIFSV (99df79c258b3342b6c8a5f802998de56) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
2011/02/11 20:36:39.0510 1988 SASKUTIL (2859c35c0651e8eb0d86d48e740388f2) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
2011/02/11 20:36:39.0604 1988 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/02/11 20:36:39.0682 1988 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/02/11 20:36:39.0728 1988 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\Windows\system32\drivers\sdbus.sys
2011/02/11 20:36:39.0869 1988 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/02/11 20:36:39.0916 1988 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/02/11 20:36:39.0947 1988 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/02/11 20:36:40.0025 1988 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/02/11 20:36:40.0087 1988 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/02/11 20:36:40.0103 1988 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/02/11 20:36:40.0150 1988 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys
2011/02/11 20:36:40.0196 1988 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/02/11 20:36:40.0243 1988 Shockprf (5a5346931ce61ea85f8338f7a03131f7) C:\Windows\system32\DRIVERS\Apsx64.sys
2011/02/11 20:36:40.0290 1988 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/02/11 20:36:40.0321 1988 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/02/11 20:36:40.0399 1988 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/02/11 20:36:40.0462 1988 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/02/11 20:36:40.0540 1988 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys
2011/02/11 20:36:40.0680 1988 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys
2011/02/11 20:36:40.0867 1988 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
2011/02/11 20:36:41.0054 1988 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
2011/02/11 20:36:41.0320 1988 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
2011/02/11 20:36:41.0538 1988 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys
2011/02/11 20:36:41.0725 1988 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/02/11 20:36:42.0006 1988 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
2011/02/11 20:36:42.0193 1988 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
2011/02/11 20:36:42.0349 1988 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/02/11 20:36:42.0708 1988 SynTP (868dfb220a18312a12cef01ba9ac069b) C:\Windows\system32\DRIVERS\SynTP.sys
2011/02/11 20:36:43.0036 1988 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
2011/02/11 20:36:43.0410 1988 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/02/11 20:36:43.0550 1988 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/02/11 20:36:43.0582 1988 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/02/11 20:36:43.0613 1988 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/02/11 20:36:43.0660 1988 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/02/11 20:36:43.0784 1988 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/02/11 20:36:44.0143 1988 TPDIGIMN (7e25f9ae51daac0791df1eb949a58dbe) C:\Windows\system32\DRIVERS\ApsHM64.sys
2011/02/11 20:36:44.0330 1988 TPM (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys
2011/02/11 20:36:44.0424 1988 TPPWRIF (2c067e01d6bbccc88b233b868e210907) C:\Windows\system32\drivers\Tppwr64v.sys
2011/02/11 20:36:44.0502 1988 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/02/11 20:36:44.0596 1988 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/02/11 20:36:44.0627 1988 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/02/11 20:36:44.0658 1988 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/02/11 20:36:44.0736 1988 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/02/11 20:36:44.0798 1988 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/02/11 20:36:44.0830 1988 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/02/11 20:36:44.0876 1988 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/02/11 20:36:44.0970 1988 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/02/11 20:36:45.0032 1988 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
2011/02/11 20:36:45.0126 1988 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
2011/02/11 20:36:45.0516 1988 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/02/11 20:36:46.0982 1988 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/02/11 20:36:47.0731 1988 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/02/11 20:36:48.0886 1988 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/02/11 20:36:49.0229 1988 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/02/11 20:36:49.0790 1988 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
2011/02/11 20:36:51.0101 1988 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/02/11 20:36:51.0631 1988 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/02/11 20:36:52.0973 1988 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/02/11 20:36:54.0330 1988 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/02/11 20:36:55.0906 1988 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/02/11 20:36:57.0450 1988 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
2011/02/11 20:36:59.0041 1988 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
2011/02/11 20:36:59.0931 1988 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/02/11 20:37:01.0116 1988 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/02/11 20:37:01.0366 1988 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/02/11 20:37:01.0678 1988 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/02/11 20:37:01.0881 1988 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/02/11 20:37:02.0707 1988 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/02/11 20:37:03.0643 1988 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/02/11 20:37:03.0940 1988 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/02/11 20:37:04.0174 1988 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/02/11 20:37:04.0798 1988 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/02/11 20:37:04.0923 1988 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/02/11 20:37:05.0110 1988 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/02/11 20:37:05.0188 1988 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/02/11 20:37:05.0531 1988 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/02/11 20:37:05.0765 1988 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/02/11 20:37:05.0952 1988 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/02/11 20:37:06.0857 1988 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/02/11 20:37:06.0966 1988 ================================================================================
2011/02/11 20:37:06.0966 1988 Scan finished
2011/02/11 20:37:06.0966 1988 ================================================================================
2011/02/11 20:38:26.0121 3212 Deinitialize success




Should I run GMER and post the log here ?

Edited by Jon18567, 12 February 2011 - 12:59 AM.


#3 Jon18567

Jon18567
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:55 AM

Posted 12 February 2011 - 03:02 AM

I downloaded GMER from gmer.net, and under Rookit/Malware, the check box is only avaliable for "Services" "Registry" "Files" and "ADS",

"System" down to "Libraries" are all greyd out, is this because i am using 64bit Win 7 or a symptom of infection ?

#4 Jon18567

Jon18567
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:55 AM

Posted 12 February 2011 - 05:00 AM

latest DDs log


DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by Chillee at 1:33:39.69 on Sat 02/12/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23
Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.3933.2363 [GMT -8:00]

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\TpShocks.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\DDNI\DIBS\DDNIService.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\ViiKiiDesktopPlugin\ViiKiiDesktopPlugin.exe
C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe
C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\Program Files (x86)\Lenovo\System Update\SUService.exe
C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Downloads\software\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.bing.com/?pc=ZUGO&form=ZGAPHP
uDefault_Page_URL = hxxp://lenovo.msn.com
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Chillee\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [Google Update] "C:\Users\Chillee\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [VeohPlugin] "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
mRun: [Message Center Plus] C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe /start
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
mRun: [IdeaNotesUser] C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
StartupFolder: C:\Users\Chillee\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
StartupFolder: C:\Users\Chillee\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VIIKII~1.LNK - C:\Program Files (x86)\ViiKiiDesktopPlugin\ViiKiiDesktopPlugin.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download all by FlashGet3 - C:\Users\Chillee\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - C:\Users\Chillee\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
LSA: Notification Packages = scecli ACGina
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
mRun-x64: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
mRun-x64: [TpShocks] TpShocks.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
mRun-x64: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

================= FIREFOX ===================

FF - ProfilePath - C:\Users\Chillee\AppData\Roaming\Mozilla\Firefox\Profiles\lgtmp41k.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=ZUGO&form=ZGAADF&q=
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - component: C:\Users\Chillee\AppData\Roaming\Mozilla\Firefox\Profiles\lgtmp41k.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\components\FlashGetXPI.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\plugins\nphpclipbook.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npclntax_ClickPotatoLiteSA.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Chillee\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Users\Chillee\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Chillee\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: XULRunner: {BAD1FCA0-FD72-49C2-A1F2-E39DE1CE536F} - C:\Users\Chillee\AppData\Local\{BAD1FCA0-FD72-49C2-A1F2-E39DE1CE536F}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: flashget3 Extension: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A} - %profile%\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}

============= SERVICES / DRIVERS ===============

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-7-14 55856]
R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2009-6-29 23592]
R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\System32\drivers\smiifx64.sys [2009-7-16 15400]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2010-3-25 188928]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]
R2 DDNIMSGService;DDNIMSGService;C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe [2010-7-20 171872]
R2 DDNIService;DDNIService;C:\Program Files (x86)\DDNI\DIBS\DDNIService.exe [2010-7-23 163680]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-8-14 1153368]
R3 5U877;USB Video Device;C:\Windows\System32\drivers\5U877.sys [2010-7-14 161024]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2009-8-20 138752]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2009-6-7 143320]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2010-3-25 40832]
R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2009-9-15 6952960]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 72064]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680]
R4 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2009-8-19 62320]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-8-4 362992]
S2 RoxLiveShare10;LiveShare P2P Server 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2009-8-4 309744]
S2 RoxWatch10;Roxio Hard Drive Watcher 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2009-8-4 166384]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-12-19 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw5v64.sys [2010-7-14 5435904]
S3 PCDSRVC{127174DC-C366ED8B-06020101}_0;PCDSRVC{127174DC-C366ED8B-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\PC-Doctor\pcdsrvc_x64.pkms [2010-12-9 25072]
S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2010-7-14 75040]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-8-4 313840]
S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-8-4 1124848]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-7-16 1255736]

=============== Created Last 30 ================

2011-02-12 06:00:03 7844688 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{E9ECB941-FA80-4F53-A93E-FE4201171375}\mpengine.dll
2011-02-11 19:58:26 -------- d-----w- C:\Users\Chillee\AppData\Roaming\SUPERAntiSpyware.com
2011-02-11 19:58:26 -------- d-----w- C:\PROGRA~3\SUPERAntiSpyware.com
2011-02-11 19:57:48 -------- d-----w- C:\PROGRA~3\!SASCORE
2011-02-11 19:57:45 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2011-02-10 17:27:25 -------- d-----w- C:\Users\Chillee\AppData\Roaming\ZoomBrowser EX
2011-02-10 17:26:06 -------- d-----w- C:\PROGRA~3\ZoomBrowser
2011-02-10 17:25:51 -------- d-----w- C:\Program Files (x86)\Canon
2011-02-10 17:13:13 -------- d-----w- C:\Program Files (x86)\Common Files\Canon
2011-02-10 13:14:48 -------- d-----w- C:\Users\Chillee\AppData\Roaming\Local
2011-02-10 13:14:06 -------- d-----w- C:\Program Files\DivX
2011-02-10 13:13:40 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
2011-02-10 13:08:19 -------- d-----w- C:\Program Files (x86)\DivX
2011-02-10 13:07:02 -------- d-----w- C:\PROGRA~3\DivX
2011-02-10 08:49:17 -------- d-----w- C:\New folder
2011-02-10 08:49:09 -------- d-----w- C:\SuperMeatBoy
2011-02-10 01:36:18 -------- d-----w- C:\Adobe CS5
2011-02-10 00:34:10 19528 ----a-w- C:\Windows\System32\drivers\hitmanpro35.sys
2011-02-09 23:04:42 714752 ----a-w- C:\Windows\System32\kerberos.dll
2011-02-09 23:04:41 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll
2011-02-09 20:18:16 3127808 ----a-w- C:\Windows\System32\win32k.sys
2011-02-09 20:16:44 612352 ----a-w- C:\Windows\System32\vbscript.dll
2011-02-09 20:16:44 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-02-09 20:14:49 214016 ----a-w- C:\Windows\System32\winsrv.dll
2011-02-09 13:51:39 -------- d-----w- C:\Users\Chillee\AppData\Roaming\Malwarebytes
2011-02-09 13:51:27 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-02-09 13:51:26 -------- d-----w- C:\PROGRA~3\Malwarebytes
2011-02-09 13:51:23 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-02-09 13:51:23 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-02-09 13:20:59 238936 ----a-w- C:\Windows\SysWow64\xactengine3_5.dll
2011-02-09 13:15:34 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-02-09 13:07:05 -------- d--h--w- C:\Windows\msdownld.tmp
2011-02-09 13:06:57 -------- d-----w- C:\Windows\SysWow64\directx
2011-02-06 10:05:33 -------- d-----w- C:\Program Files (x86)\VideoLAN
2011-01-30 22:57:00 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2011-01-29 19:16:04 601424 ------w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{C8425584-D061-4079-9AA0-6080481B933E}\gapaengine.dll
2011-01-29 19:02:20 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2011-01-29 19:02:05 7844688 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-01-29 19:01:45 -------- d-----w- C:\Program Files\Microsoft Security Client
2011-01-29 19:01:20 374664 ----a-w- C:\Windows\System32\drivers\netio.sys
2011-01-29 09:12:03 -------- d-----w- C:\Program Files (x86)\uTorrent
2011-01-29 09:11:26 -------- d-----w- C:\Users\Chillee\AppData\Roaming\uTorrent
2011-01-27 16:34:47 -------- d-----w- C:\Photos
2011-01-26 10:45:35 737072 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2011-01-26 10:35:02 4277016 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2011-01-26 10:11:24 -------- d-----w- C:\Windows\FLV Player
2011-01-26 10:03:50 42776 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-01-26 10:03:40 539968 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-01-25 11:30:28 106496 ----a-r- C:\Users\Chillee\AppData\Roaming\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\NewShortcut311_0951773981FA4AB2BC21B7DCEC95892A.exe
2011-01-25 11:30:28 106496 ----a-r- C:\Users\Chillee\AppData\Roaming\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\NewShortcut31_2F252077BA3F4362913955273A708467.exe
2011-01-25 11:30:28 106496 ----a-r- C:\Users\Chillee\AppData\Roaming\Microsoft\Installer\{3CA54984-A14B-42FE-9FF1-7EA90151D725}\NewShortcut1_EDD4ABB1C1B34A9D84CE33FBFB5D3639.exe
2011-01-25 11:19:06 -------- d-s---w- C:\Downloads
2011-01-25 11:18:05 -------- d-----w- C:\Users\Chillee\AppData\Roaming\FlashGet
2011-01-25 11:18:05 -------- d-----w- C:\Users\Chillee\AppData\Roaming\BITS
2011-01-25 11:17:54 -------- d-----w- C:\Users\Chillee\AppData\Roaming\FlashGetBHO
2011-01-25 11:17:51 -------- d-----w- C:\Program Files (x86)\FlashGet Network
2011-01-25 10:37:07 -------- d-----w- C:\Users\Chillee\dwhelper
2011-01-22 07:03:14 -------- d-----w- C:\Program Files (x86)\Quick Web Player
2011-01-22 04:12:04 14336 ----a-w- C:\Windows\System32\drivers\sffp_sd.sys
2011-01-22 04:12:04 109056 ----a-w- C:\Windows\System32\drivers\sdbus.sys
2011-01-22 03:52:46 -------- d-----w- C:\PROGRA~3\PC-Doctor for Windows
2011-01-22 03:44:19 -------- d-----w- C:\Windows\System32\appmgmt
2011-01-22 03:39:58 -------- d-----w- C:\Users\Chillee\AppData\Roaming\Update

==================== Find3M ====================

2011-01-26 06:53:10 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2011-01-26 06:53:10 265088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2011-01-26 06:31:20 144384 ----a-w- C:\Windows\System32\cdd.dll
2011-01-07 08:06:50 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-01-07 07:27:11 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-01-07 05:49:20 366080 ----a-w- C:\Windows\System32\atmfd.dll
2011-01-07 05:33:11 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2010-12-21 06:16:27 97280 ----a-w- C:\Windows\System32\wscsvc.dll
2010-12-21 06:16:27 62976 ----a-w- C:\Windows\System32\wscapi.dll
2010-12-21 06:16:14 442880 ----a-w- C:\Windows\System32\winhttp.dll
2010-12-21 06:16:14 1197056 ----a-w- C:\Windows\System32\wininet.dll
2010-12-21 06:16:09 258048 ----a-w- C:\Windows\System32\WebClnt.dll
2010-12-21 06:15:55 264192 ----a-w- C:\Windows\System32\upnp.dll
2010-12-21 06:15:31 15360 ----a-w- C:\Windows\System32\slwga.dll
2010-12-21 06:13:03 2003968 ----a-w- C:\Windows\System32\msxml6.dll
2010-12-21 06:13:03 1880576 ----a-w- C:\Windows\System32\msxml3.dll
2010-12-21 06:10:22 100864 ----a-w- C:\Windows\System32\davclnt.dll
2010-12-21 05:38:24 51200 ----a-w- C:\Windows\SysWow64\wscapi.dll
2010-12-21 05:38:22 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-12-21 05:38:22 350720 ----a-w- C:\Windows\SysWow64\winhttp.dll
2010-12-21 05:38:21 204800 ----a-w- C:\Windows\SysWow64\WebClnt.dll
2010-12-21 05:38:19 204288 ----a-w- C:\Windows\SysWow64\upnp.dll
2010-12-21 05:38:16 14336 ----a-w- C:\Windows\SysWow64\slwga.dll
2010-12-21 05:36:17 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2010-12-21 05:36:16 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2010-12-21 05:34:12 80384 ----a-w- C:\Windows\SysWow64\davclnt.dll
2010-12-18 06:11:41 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-12-18 05:29:40 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-12-18 04:55:03 482816 ----a-w- C:\Windows\System32\html.iec
2010-12-18 04:20:55 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-12-18 04:13:40 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-12-18 03:47:59 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

============= FINISH: 1:34:01.14 ===============

#5 Jon18567

Jon18567
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:55 AM

Posted 12 February 2011 - 05:06 AM

How come I don't see the attachment upload button, i want to upload the Attach.txt file generated from DDS.scr

Thanks

#6 Jon18567

Jon18567
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:55 AM

Posted 12 February 2011 - 07:42 AM

I crated a new thread in the log forum. Admin please feel free to delete this thread.

#7 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,949 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:01:55 PM

Posted 12 February 2011 - 04:03 PM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/topic379069.html you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

To avoid confusion, I am closing this topic and shall later delete it. Good luck with your log.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users