Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vista Anti-Spyware 2011


  • This topic is locked This topic is locked
5 replies to this topic

#1 KayleighCakes

KayleighCakes

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:46 PM

Posted 20 April 2011 - 07:35 PM

I googled it (of course) and this log was the first. It sounded like the problem, so I tried it. I was able to download both programs fine, they ran fine (other than the program RKill did not find anything to close) and I'm still being bombarded with messages from Vista Anti-Spyware 2011 telling me my computer is unsafe, blah blah. It's obnoxious.

There was one other site on how to remove this but I didn't trust the source... hope you understand. And I hope I'm not just being a complete idiot and messing something up on the other removal guide. I don't know, the messages aren't the same as the example ones in the guide (If it's necessary, I can screencap the notifications I receive though I don't know how that'd be helpful)so I thought perhaps this is a different strain or a different virus entirely. I have no idea. :(

About the virus itself - it doesn't prevent me from doing anything, it's just a ridiculous amount of pop up's from Vista Anti-Spyware 2011 telling me 'your computer is unsafe!' and coming up with 29 files that are 'infected' and notifying me of 'security holes' in my computer. The first pop up looked legitimately like Control Panel > Security > Security Center ... Oh. In fact, I just visited my Security Center from my Control Panel and it IS the virus. It's telling me my firewall and maleware protection are off and when I click 'Turn On' it prompts me to 'upgrade to full version.' So... yeah, it's relatively the same as the name changing rogue, just slight differences here and there which are apparently enough to keep me from removing it (or I'm an idiot). :(

.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Kayleigh at 20:09:14.36 on Wed 04/20/2011
Internet Explorer: 8.0.6001.19048
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.6108.2751 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Norton 360 *Disabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton 360 *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe
C:\Windows\system32\lxducoms.exe
C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduMsdMon.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Dell Support Center\gs_agent\dsc.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Java\jre6\bin\jucheck.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\system32\Wacom_Tablet.exe
C:\Windows\system32\WTablet\Wacom_TabletUser.exe
C:\Windows\system32\Wacom_Tablet.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\SysWOW64\PSIService.exe
C:\Windows\system32\wuauclt.exe
c:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Kayleigh\AppData\Local\tfr.exe
C:\Program Files (x86)\internet explorer\iexplore.exe
C:\Program Files (x86)\internet explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_ActiveX.exe
C:\Program Files (x86)\internet explorer\iexplore.exe
C:\Program Files (x86)\internet explorer\iexplore.exe
C:\Users\Kayleigh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ETEP4H3U\dds[1].scr
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
mWinlogon: Userinit=userinit.exe,
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
TB: {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No File
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_ActiveX.exe -update activex
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [PWRISOVM.EXE] "C:\Program Files (x86)\PowerISO\PWRISOVM.EXE"
mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
mRunOnce: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent
StartupFolder: C:\Users\Kayleigh\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\Users\Kayleigh\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files\Dell\DellDock\DellDock.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\CoIEPlg.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No File
TB-X64: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
mRun-x64: [lxdumon.exe] "C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe"
mRun-x64: [lxduamon] "C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduamon.exe"
mRun-x64: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray64.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Kayleigh\AppData\Roaming\Mozilla\Firefox\Profiles\1ol6uhup.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com/
FF - prefs.js: network.proxy.type - 0
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Norton Toolbar: {7BA52691-1876-45ce-9EE6-54BCB3B04BBC} - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-10-7 53488]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\0308000.029\SymEFA64.sys [2010-1-28 402992]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-3-1 505176]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-12-8 280408]
R1 BHDrvx64;Symantec Heuristics Driver;C:\Windows\System32\drivers\N360x64\0308000.029\BHDrvx64.sys [2010-1-28 334384]
R1 ccHP;Symantec Hash Provider;C:\Windows\System32\drivers\N360x64\0308000.029\cchpx64.sys [2010-1-28 583296]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20101015.003\IDSviA64.sys [2010-10-13 476720]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe [2009-10-7 89600]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-12-8 22360]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-12-8 64344]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-12-8 42184]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
R2 lxdu_device;lxdu_device;C:\Windows\system32\lxducoms.exe -service --> C:\Windows\system32\lxducoms.exe -service [?]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe [2010-1-28 117640]
R2 TabletServiceWacom;TabletServiceWacom;C:\Windows\System32\Wacom_Tablet.exe [2011-4-15 1908520]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2009-10-7 172160]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-10-7 252928]
R3 NETw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw5v64.sys [2009-10-7 4735488]
R3 OA008Ufd;Creative Camera OA008 Upper Filter Driver;C:\Windows\System32\drivers\OA008Ufd.sys [2009-3-6 159840]
R3 OA008Vid;Creative Camera OA008 Function Driver;C:\Windows\System32\drivers\OA008Vid.sys [2009-5-6 313696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-6-13 132656]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 SYMNDISV;Symantec Network Filter Driver;C:\Windows\System32\drivers\N360x64\0308000.029\symndisv.sys [2010-1-28 56880]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-12-3 89920]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2011-04-20 04:35:25 -------- d-----w- C:\Users\Kayleigh\AppData\Roaming\Malwarebytes
2011-04-20 04:35:17 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-04-20 04:35:16 -------- d-----w- C:\PROGRA~3\Malwarebytes
2011-04-20 04:35:13 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-04-20 04:35:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-04-16 02:18:18 -------- d-----w- C:\Windows\MSSecurityNS
2011-04-16 02:18:18 -------- d-----w- C:\Windows\MSSecurityNi
2011-04-16 02:08:44 -------- d-----w- C:\Program Files (x86)\Corel
2011-04-16 02:08:44 -------- d-----w- C:\PROGRA~3\Corel
2011-04-16 01:50:11 -------- d-----w- C:\PROGRA~3\AppData
2011-04-16 01:49:29 -------- d-----w- C:\Users\Kayleigh\AppData\Roaming\WTablet
2011-04-16 01:49:18 3960616 ------w- C:\Windows\System32\WacomTablet.cpl
2011-04-16 01:48:31 12976 ----a-w- C:\Windows\System32\drivers\WacomVKHid.sys
2011-04-16 01:47:29 14640 ----a-w- C:\Windows\System32\drivers\wacomvhid.sys
2011-04-16 01:47:29 12848 ----a-w- C:\Windows\System32\drivers\wacommousefilter.sys
2011-04-16 01:47:23 -------- d-----w- C:\Windows\System32\WTablet
2011-04-16 01:47:21 181544 ------w- C:\Windows\SysWow64\Wintab32.dll
2011-04-16 01:47:19 164648 ------w- C:\Windows\System32\Wacom_Tablet.dll
2011-04-16 01:47:19 128296 ------w- C:\Windows\SysWow64\Wacom_Tablet.dll
2011-04-16 01:47:18 1908520 ------w- C:\Windows\System32\Wacom_Tablet.exe
2011-04-16 01:47:10 -------- d-----w- C:\Program Files (x86)\Tablet
2011-04-14 16:10:55 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2011-04-14 16:05:22 28672 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-04-14 16:05:22 25088 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-04-14 16:05:22 117760 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-03-23 14:11:39 1149440 ----a-w- C:\Windows\System32\FntCache.dll
2011-03-23 14:11:38 479744 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-03-23 14:11:38 288768 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-03-23 14:11:38 1555968 ----a-w- C:\Windows\System32\DWrite.dll
2011-03-23 14:11:38 1068544 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-03-23 02:54:52 -------- d-----w- C:\Program Files\SAMSUNG
2011-03-23 02:54:45 -------- d-----w- C:\PROGRA~3\Samsung
.
==================== Find3M ====================
.
2011-03-10 17:18:03 1360384 ----a-w- C:\Windows\System32\mfc42u.dll
2011-03-10 17:18:02 1398784 ----a-w- C:\Windows\System32\mfc42.dll
2011-03-10 17:03:51 1162240 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-03-10 17:03:51 1136640 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-03-03 16:02:50 975872 ----a-w- C:\Windows\System32\inetcomm.dll
2011-03-03 15:42:03 739328 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-03-03 13:46:31 2762240 ----a-w- C:\Windows\System32\win32k.sys
2011-02-24 16:38:07 991104 ----a-w- C:\Windows\System32\winresume.efi
2011-02-24 16:38:07 979840 ----a-w- C:\Windows\System32\winresume.exe
2011-02-24 16:37:57 1076608 ----a-w- C:\Windows\System32\winload.efi
2011-02-24 16:37:57 1063296 ----a-w- C:\Windows\System32\winload.exe
2011-02-24 16:37:53 20864 ----a-w- C:\Windows\System32\kdusb.dll
2011-02-24 16:37:53 18816 ----a-w- C:\Windows\System32\kd1394.dll
2011-02-24 16:37:53 17792 ----a-w- C:\Windows\System32\kdcom.dll
2011-02-23 15:04:21 40648 ----a-w- C:\Windows\avastSS.scr
2011-02-23 14:57:01 505176 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-02-23 14:55:05 64344 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-02-22 06:50:39 1147904 ----a-w- C:\Windows\System32\wininet.dll
2011-02-22 06:46:49 56832 ----a-w- C:\Windows\System32\licmgr10.dll
2011-02-22 06:46:34 1538560 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-02-22 06:46:20 132096 ----a-w- C:\Windows\System32\iesysprep.dll
2011-02-22 06:46:19 77312 ----a-w- C:\Windows\System32\iesetup.dll
2011-02-22 06:21:28 916480 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-02-22 06:17:08 43520 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2011-02-22 06:16:53 1469440 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-02-22 06:16:40 71680 ----a-w- C:\Windows\SysWow64\iesetup.dll
2011-02-22 06:16:40 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2011-02-22 05:56:46 479232 ----a-w- C:\Windows\System32\html.iec
2011-02-22 05:20:39 385024 ----a-w- C:\Windows\SysWow64\html.iec
2011-02-22 05:15:51 162816 ----a-w- C:\Windows\System32\ieUnatt.exe
2011-02-22 05:14:35 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-02-22 04:43:54 133632 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2011-02-22 04:42:38 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-02-18 14:18:15 450560 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-02-18 14:17:59 176128 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-02-18 14:17:57 145920 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-02-18 14:16:30 274432 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-02-18 14:16:29 135680 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-02-18 14:16:27 106496 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-02-17 07:21:33 613376 ----a-w- C:\Windows\System32\vbscript.dll
2011-02-17 06:23:50 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-02-16 16:37:47 48128 ----a-w- C:\Windows\System32\atmlib.dll
2011-02-16 16:16:37 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-02-16 14:15:24 367616 ----a-w- C:\Windows\System32\atmfd.dll
2011-02-16 14:02:23 292864 ----a-w- C:\Windows\SysWow64\atmfd.dll
.
============= FINISH: 20:12:00.71 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:06:46 PM

Posted 20 April 2011 - 08:23 PM

Hello KayleighCakes,
  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

  • Finally, please reply using the Posted Image button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.


1.
I do not recommend that you have more than one anti virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please go to add/remove in the control panel and remove either avast! Antivirus or Norton 360.

If you decide to remove Norton, please use the Norton Removal Tool

Uninstall Norton




  • Download the Norton Removal Tool to your desktop.
  • On the Windows desktop, double-click the Norton Removal Tool icon.
  • Follow the on-screen instructions.
    Note:Your computer may be restarted more than once, and you may be asked to repeat some steps after the computer restarts
Norton should now be removed from your PC.


For illustrated instructions please refer to here:
http://service1.symantec.com/Support/tsgeninfo.nsf/docid/2005033108162039


2.
We need to disable your Windows Defender Real-time Protection as it may interfere with the fixes that we need to make.
  • Open Windows Defender.
  • Click on Tools, General Settings.
  • Scroll down and uncheck Turn on real-time protection (recommended).
  • After you uncheck this, click on the Save button and close Windows Defender.
After all of the fixes are complete it is very important that you enable Real-time Protection again.


3.
Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

4.
Install Recovery Console and Run ComboFix

This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

Download Combofix from any of the links below, and save it to your desktop.

Link 1
Link 2
  • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
  • Close any open windows, including this one.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • If you did not have it installed, you will see the prompt below. Choose YES.
  • Posted Image
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    Posted Image
  • Click on Yes, to continue scanning for malware.
  • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running.
ComboFix will restart your computer if malware is found; allow it to do so.


Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.


Things to include in your next reply::
TdssKiller log
Combofix.txt
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 KayleighCakes

KayleighCakes
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:46 PM

Posted 20 April 2011 - 09:28 PM

2011/04/20 21:43:10.0216 3664 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/20 21:43:10.0403 3664 ================================================================================
2011/04/20 21:43:10.0403 3664 SystemInfo:
2011/04/20 21:43:10.0403 3664
2011/04/20 21:43:10.0403 3664 OS Version: 6.0.6002 ServicePack: 2.0
2011/04/20 21:43:10.0403 3664 Product type: Workstation
2011/04/20 21:43:10.0403 3664 ComputerName: KAYLEIGH-PC
2011/04/20 21:43:10.0403 3664 UserName: Kayleigh
2011/04/20 21:43:10.0403 3664 Windows directory: C:\Windows
2011/04/20 21:43:10.0403 3664 System windows directory: C:\Windows
2011/04/20 21:43:10.0403 3664 Running under WOW64
2011/04/20 21:43:10.0403 3664 Processor architecture: Intel x64
2011/04/20 21:43:10.0403 3664 Number of processors: 2
2011/04/20 21:43:10.0403 3664 Page size: 0x1000
2011/04/20 21:43:10.0403 3664 Boot type: Normal boot
2011/04/20 21:43:10.0403 3664 ================================================================================
2011/04/20 21:43:10.0809 3664 Initialize success
2011/04/20 21:43:19.0966 4044 ================================================================================
2011/04/20 21:43:19.0966 4044 Scan started
2011/04/20 21:43:19.0966 4044 Mode: Manual;
2011/04/20 21:43:19.0966 4044 ================================================================================
2011/04/20 21:43:21.0355 4044 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
2011/04/20 21:43:21.0448 4044 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
2011/04/20 21:43:21.0511 4044 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
2011/04/20 21:43:21.0526 4044 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
2011/04/20 21:43:21.0557 4044 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
2011/04/20 21:43:21.0635 4044 AFD (12415ccfd3e7cec55b5184e67b039fe4) C:\Windows\system32\drivers\afd.sys
2011/04/20 21:43:21.0682 4044 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
2011/04/20 21:43:21.0713 4044 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
2011/04/20 21:43:21.0729 4044 aliide (9544c2c55541c0c6bfd7b489d0e7d430) C:\Windows\system32\drivers\aliide.sys
2011/04/20 21:43:21.0745 4044 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
2011/04/20 21:43:21.0776 4044 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
2011/04/20 21:43:21.0807 4044 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
2011/04/20 21:43:21.0823 4044 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
2011/04/20 21:43:21.0869 4044 aswFsBlk (f810e3ea3d1f3c3ba26f2f4719bdca4f) C:\Windows\system32\drivers\aswFsBlk.sys
2011/04/20 21:43:21.0901 4044 aswMonFlt (3687fd9cedf56d3b9f18923f4e14f3f9) C:\Windows\system32\drivers\aswMonFlt.sys
2011/04/20 21:43:21.0916 4044 aswRdr (e99e48596b35e5d5240104bcd61b3471) C:\Windows\system32\drivers\aswRdr.sys
2011/04/20 21:43:21.0963 4044 aswSnx (84ad8fb3fd2efa52d8599a0028bbb6fe) C:\Windows\system32\drivers\aswSnx.sys
2011/04/20 21:43:21.0994 4044 aswSP (8cba6cc5dca9e3829f1792bf98f06901) C:\Windows\system32\drivers\aswSP.sys
2011/04/20 21:43:22.0025 4044 aswTdi (184248f2ded7b1641c7f3b30381baa2a) C:\Windows\system32\drivers\aswTdi.sys
2011/04/20 21:43:22.0057 4044 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/04/20 21:43:22.0072 4044 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
2011/04/20 21:43:22.0213 4044 atikmdag (cef278088637401f07a0064b0b900a32) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/04/20 21:43:22.0400 4044 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
2011/04/20 21:43:22.0431 4044 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
2011/04/20 21:43:22.0462 4044 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
2011/04/20 21:43:22.0493 4044 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
2011/04/20 21:43:22.0525 4044 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
2011/04/20 21:43:22.0540 4044 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
2011/04/20 21:43:22.0571 4044 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
2011/04/20 21:43:22.0587 4044 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
2011/04/20 21:43:22.0603 4044 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
2011/04/20 21:43:22.0649 4044 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
2011/04/20 21:43:22.0681 4044 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
2011/04/20 21:43:22.0727 4044 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
2011/04/20 21:43:22.0774 4044 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
2011/04/20 21:43:22.0837 4044 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/04/20 21:43:22.0868 4044 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
2011/04/20 21:43:22.0899 4044 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
2011/04/20 21:43:22.0915 4044 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
2011/04/20 21:43:22.0977 4044 CtClsFlt (0d260d60fc1302e482850bb8f432d8d5) C:\Windows\system32\DRIVERS\CtClsFlt.sys
2011/04/20 21:43:23.0039 4044 DfsC (36cd31121f228e7e79bae60aa45764c6) C:\Windows\system32\Drivers\dfsc.sys
2011/04/20 21:43:23.0102 4044 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
2011/04/20 21:43:23.0164 4044 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
2011/04/20 21:43:23.0211 4044 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
2011/04/20 21:43:23.0289 4044 e1express (17d40652ef3e55eeae187a89df40965a) C:\Windows\system32\DRIVERS\e1e6032e.sys
2011/04/20 21:43:23.0320 4044 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
2011/04/20 21:43:23.0367 4044 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
2011/04/20 21:43:23.0445 4044 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
2011/04/20 21:43:23.0476 4044 ErrDev (991fab6aa066e1214efb5b496fb7959a) C:\Windows\system32\drivers\errdev.sys
2011/04/20 21:43:23.0601 4044 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
2011/04/20 21:43:23.0648 4044 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
2011/04/20 21:43:23.0679 4044 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
2011/04/20 21:43:23.0710 4044 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
2011/04/20 21:43:23.0757 4044 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
2011/04/20 21:43:23.0788 4044 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/04/20 21:43:23.0835 4044 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
2011/04/20 21:43:23.0866 4044 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
2011/04/20 21:43:23.0913 4044 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
2011/04/20 21:43:23.0975 4044 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/04/20 21:43:24.0038 4044 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
2011/04/20 21:43:24.0100 4044 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/04/20 21:43:24.0147 4044 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
2011/04/20 21:43:24.0163 4044 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
2011/04/20 21:43:24.0209 4044 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
2011/04/20 21:43:24.0225 4044 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
2011/04/20 21:43:24.0272 4044 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
2011/04/20 21:43:24.0319 4044 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
2011/04/20 21:43:24.0350 4044 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/04/20 21:43:24.0381 4044 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
2011/04/20 21:43:24.0412 4044 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
2011/04/20 21:43:24.0443 4044 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
2011/04/20 21:43:24.0475 4044 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
2011/04/20 21:43:24.0537 4044 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/04/20 21:43:24.0568 4044 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
2011/04/20 21:43:24.0599 4044 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
2011/04/20 21:43:24.0615 4044 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
2011/04/20 21:43:24.0662 4044 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
2011/04/20 21:43:24.0709 4044 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/04/20 21:43:24.0724 4044 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
2011/04/20 21:43:24.0755 4044 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
2011/04/20 21:43:24.0818 4044 k57nd60a (eb5c7891b9e6e4a1a4428f2160b12b53) C:\Windows\system32\DRIVERS\k57nd60a.sys
2011/04/20 21:43:24.0849 4044 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/04/20 21:43:24.0911 4044 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/04/20 21:43:25.0005 4044 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys
2011/04/20 21:43:25.0052 4044 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
2011/04/20 21:43:25.0114 4044 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
2011/04/20 21:43:25.0161 4044 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
2011/04/20 21:43:25.0177 4044 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
2011/04/20 21:43:25.0223 4044 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
2011/04/20 21:43:25.0255 4044 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
2011/04/20 21:43:25.0317 4044 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
2011/04/20 21:43:25.0364 4044 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
2011/04/20 21:43:25.0395 4044 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
2011/04/20 21:43:25.0426 4044 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
2011/04/20 21:43:25.0442 4044 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
2011/04/20 21:43:25.0473 4044 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
2011/04/20 21:43:25.0504 4044 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
2011/04/20 21:43:25.0535 4044 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
2011/04/20 21:43:25.0582 4044 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
2011/04/20 21:43:25.0613 4044 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
2011/04/20 21:43:25.0645 4044 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
2011/04/20 21:43:25.0691 4044 mrxsmb (dc434b4769e18da09ce1b7755d4c64e9) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/04/20 21:43:25.0723 4044 mrxsmb10 (64713fcfe3de8881d62f8f3f2f794241) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/04/20 21:43:25.0738 4044 mrxsmb20 (0005c599a2abf767a815afcd32e523e3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/04/20 21:43:25.0816 4044 msahci (aa459f2ab3ab603c357ff117cae3d818) C:\Windows\system32\drivers\msahci.sys
2011/04/20 21:43:25.0832 4044 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
2011/04/20 21:43:25.0879 4044 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
2011/04/20 21:43:25.0910 4044 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
2011/04/20 21:43:25.0957 4044 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
2011/04/20 21:43:25.0988 4044 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/04/20 21:43:26.0003 4044 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
2011/04/20 21:43:26.0035 4044 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
2011/04/20 21:43:26.0081 4044 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/04/20 21:43:26.0097 4044 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
2011/04/20 21:43:26.0128 4044 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
2011/04/20 21:43:26.0175 4044 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
2011/04/20 21:43:26.0222 4044 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
2011/04/20 21:43:26.0456 4044 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/04/20 21:43:26.0518 4044 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/04/20 21:43:26.0549 4044 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/04/20 21:43:26.0581 4044 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
2011/04/20 21:43:26.0612 4044 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
2011/04/20 21:43:26.0659 4044 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
2011/04/20 21:43:26.0846 4044 NETw5v64 (f17eda58c8c5b1a4f873b322729168ff) C:\Windows\system32\DRIVERS\NETw5v64.sys
2011/04/20 21:43:27.0002 4044 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
2011/04/20 21:43:27.0033 4044 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
2011/04/20 21:43:27.0080 4044 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
2011/04/20 21:43:27.0158 4044 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
2011/04/20 21:43:27.0220 4044 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
2011/04/20 21:43:27.0267 4044 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
2011/04/20 21:43:27.0283 4044 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
2011/04/20 21:43:27.0329 4044 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
2011/04/20 21:43:27.0407 4044 OA008Ufd (404b0121ae1a75d9a63b6934eb07c258) C:\Windows\system32\DRIVERS\OA008Ufd.sys
2011/04/20 21:43:27.0439 4044 OA008Vid (126885007e8f601861165fc77c93f1be) C:\Windows\system32\DRIVERS\OA008Vid.sys
2011/04/20 21:43:27.0501 4044 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/04/20 21:43:27.0548 4044 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
2011/04/20 21:43:27.0579 4044 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
2011/04/20 21:43:27.0595 4044 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
2011/04/20 21:43:27.0626 4044 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
2011/04/20 21:43:27.0657 4044 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
2011/04/20 21:43:27.0704 4044 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
2011/04/20 21:43:27.0813 4044 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
2011/04/20 21:43:27.0829 4044 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
2011/04/20 21:43:27.0922 4044 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
2011/04/20 21:43:27.0953 4044 PxHlpa64 (46851bc18322da70f3f2299a1007c479) C:\Windows\system32\Drivers\PxHlpa64.sys
2011/04/20 21:43:28.0016 4044 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
2011/04/20 21:43:28.0063 4044 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
2011/04/20 21:43:28.0078 4044 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
2011/04/20 21:43:28.0234 4044 R300 (cef278088637401f07a0064b0b900a32) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/04/20 21:43:28.0265 4044 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
2011/04/20 21:43:28.0297 4044 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/04/20 21:43:28.0343 4044 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/04/20 21:43:28.0375 4044 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
2011/04/20 21:43:28.0406 4044 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
2011/04/20 21:43:28.0453 4044 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/04/20 21:43:28.0484 4044 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
2011/04/20 21:43:28.0499 4044 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
2011/04/20 21:43:28.0531 4044 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
2011/04/20 21:43:28.0609 4044 rimmptsk (d13d70fac45fc1df69f88559b1f72f0a) C:\Windows\system32\DRIVERS\rimmpx64.sys
2011/04/20 21:43:28.0624 4044 rimsptsk (bb9edc55b0b8cb4fcd713428820e0776) C:\Windows\system32\DRIVERS\rimspx64.sys
2011/04/20 21:43:28.0640 4044 rismxdp (481c3fdeacaae04b74c58288dbc91df9) C:\Windows\system32\DRIVERS\rixdpx64.sys
2011/04/20 21:43:28.0671 4044 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
2011/04/20 21:43:28.0702 4044 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
2011/04/20 21:43:28.0780 4044 SCDEmu (07237c66e05da6778e9f3cb67fa00736) C:\Windows\system32\drivers\SCDEmu.sys
2011/04/20 21:43:28.0827 4044 sdbus (be100bc2be2513314c717bb2c4cfff10) C:\Windows\system32\DRIVERS\sdbus.sys
2011/04/20 21:43:28.0858 4044 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/04/20 21:43:28.0905 4044 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
2011/04/20 21:43:28.0952 4044 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
2011/04/20 21:43:28.0983 4044 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
2011/04/20 21:43:29.0030 4044 sffdisk (3a19c899bcf0ea24cfec2038e6a489db) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/04/20 21:43:29.0045 4044 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
2011/04/20 21:43:29.0061 4044 sffp_sd (fdca63a2eee528585eb66ceac183ec22) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/04/20 21:43:29.0092 4044 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
2011/04/20 21:43:29.0108 4044 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
2011/04/20 21:43:29.0139 4044 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
2011/04/20 21:43:29.0186 4044 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
2011/04/20 21:43:29.0233 4044 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
2011/04/20 21:43:29.0279 4044 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
2011/04/20 21:43:29.0326 4044 srv2 (fa36d119249bf27bc4c0079734e1f33b) C:\Windows\system32\DRIVERS\srv2.sys
2011/04/20 21:43:29.0342 4044 srvnet (cfe7bc92d52c7e79427545909a0182f8) C:\Windows\system32\DRIVERS\srvnet.sys
2011/04/20 21:43:29.0420 4044 STHDA (ba16447226abfd342e130d2f24f73d32) C:\Windows\system32\DRIVERS\stwrt64.sys
2011/04/20 21:43:29.0482 4044 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
2011/04/20 21:43:29.0513 4044 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
2011/04/20 21:43:29.0545 4044 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
2011/04/20 21:43:29.0560 4044 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
2011/04/20 21:43:29.0607 4044 SynTP (79a93ec9d224b1f43c0e2f023d61dca3) C:\Windows\system32\DRIVERS\SynTP.sys
2011/04/20 21:43:29.0701 4044 Tcpip (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\drivers\tcpip.sys
2011/04/20 21:43:29.0779 4044 Tcpip6 (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\DRIVERS\tcpip.sys
2011/04/20 21:43:29.0810 4044 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
2011/04/20 21:43:29.0872 4044 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
2011/04/20 21:43:29.0903 4044 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
2011/04/20 21:43:29.0935 4044 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
2011/04/20 21:43:29.0981 4044 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
2011/04/20 21:43:30.0044 4044 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/04/20 21:43:30.0106 4044 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
2011/04/20 21:43:30.0137 4044 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
2011/04/20 21:43:30.0169 4044 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
2011/04/20 21:43:30.0215 4044 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
2011/04/20 21:43:30.0262 4044 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
2011/04/20 21:43:30.0309 4044 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
2011/04/20 21:43:30.0325 4044 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
2011/04/20 21:43:30.0356 4044 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
2011/04/20 21:43:30.0371 4044 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
2011/04/20 21:43:30.0434 4044 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/04/20 21:43:30.0449 4044 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
2011/04/20 21:43:30.0481 4044 usbehci (b1c7edb07f61bdee587831b440fc7656) C:\Windows\system32\DRIVERS\usbehci.sys
2011/04/20 21:43:30.0527 4044 usbhub (697c45d6cea9ad978f90636be7c93229) C:\Windows\system32\DRIVERS\usbhub.sys
2011/04/20 21:43:30.0559 4044 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
2011/04/20 21:43:30.0605 4044 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
2011/04/20 21:43:30.0668 4044 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
2011/04/20 21:43:30.0699 4044 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/04/20 21:43:30.0746 4044 usbuhci (c8d88a2a3587a8424b4b17a6f7eb67fa) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/04/20 21:43:30.0793 4044 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
2011/04/20 21:43:30.0855 4044 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/04/20 21:43:30.0886 4044 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
2011/04/20 21:43:30.0917 4044 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
2011/04/20 21:43:30.0949 4044 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
2011/04/20 21:43:30.0995 4044 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
2011/04/20 21:43:31.0042 4044 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
2011/04/20 21:43:31.0089 4044 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
2011/04/20 21:43:31.0167 4044 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys
2011/04/20 21:43:31.0183 4044 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
2011/04/20 21:43:31.0245 4044 wacomvhid (9d45e06348c6703fba2064ac149aabda) C:\Windows\system32\DRIVERS\wacomvhid.sys
2011/04/20 21:43:31.0292 4044 WacomVKHid (8b4255329edfba3ecfbd0714476fad38) C:\Windows\system32\DRIVERS\WacomVKHid.sys
2011/04/20 21:43:31.0339 4044 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/20 21:43:31.0354 4044 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/20 21:43:31.0401 4044 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
2011/04/20 21:43:31.0510 4044 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
2011/04/20 21:43:31.0713 4044 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/04/20 21:43:31.0807 4044 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/04/20 21:43:31.0838 4044 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
2011/04/20 21:43:31.0978 4044 ================================================================================
2011/04/20 21:43:31.0978 4044 Scan finished
2011/04/20 21:43:31.0978 4044 ================================================================================
2011/04/20 21:44:14.0785 4688 ================================================================================
2011/04/20 21:44:14.0785 4688 Scan started
2011/04/20 21:44:14.0785 4688 Mode: Manual;
2011/04/20 21:44:14.0785 4688 ================================================================================
2011/04/20 21:44:15.0299 4688 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
2011/04/20 21:44:15.0362 4688 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
2011/04/20 21:44:15.0393 4688 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
2011/04/20 21:44:15.0409 4688 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
2011/04/20 21:44:15.0440 4688 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
2011/04/20 21:44:15.0487 4688 AFD (12415ccfd3e7cec55b5184e67b039fe4) C:\Windows\system32\drivers\afd.sys
2011/04/20 21:44:15.0518 4688 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
2011/04/20 21:44:15.0549 4688 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
2011/04/20 21:44:15.0580 4688 aliide (9544c2c55541c0c6bfd7b489d0e7d430) C:\Windows\system32\drivers\aliide.sys
2011/04/20 21:44:15.0596 4688 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
2011/04/20 21:44:15.0611 4688 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
2011/04/20 21:44:15.0627 4688 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
2011/04/20 21:44:15.0658 4688 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
2011/04/20 21:44:15.0689 4688 aswFsBlk (f810e3ea3d1f3c3ba26f2f4719bdca4f) C:\Windows\system32\drivers\aswFsBlk.sys
2011/04/20 21:44:15.0721 4688 aswMonFlt (3687fd9cedf56d3b9f18923f4e14f3f9) C:\Windows\system32\drivers\aswMonFlt.sys
2011/04/20 21:44:15.0752 4688 aswRdr (e99e48596b35e5d5240104bcd61b3471) C:\Windows\system32\drivers\aswRdr.sys
2011/04/20 21:44:15.0799 4688 aswSnx (84ad8fb3fd2efa52d8599a0028bbb6fe) C:\Windows\system32\drivers\aswSnx.sys
2011/04/20 21:44:15.0830 4688 aswSP (8cba6cc5dca9e3829f1792bf98f06901) C:\Windows\system32\drivers\aswSP.sys
2011/04/20 21:44:15.0877 4688 aswTdi (184248f2ded7b1641c7f3b30381baa2a) C:\Windows\system32\drivers\aswTdi.sys
2011/04/20 21:44:15.0908 4688 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/04/20 21:44:15.0923 4688 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
2011/04/20 21:44:16.0064 4688 atikmdag (cef278088637401f07a0064b0b900a32) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/04/20 21:44:16.0142 4688 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
2011/04/20 21:44:16.0173 4688 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
2011/04/20 21:44:16.0204 4688 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
2011/04/20 21:44:16.0235 4688 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
2011/04/20 21:44:16.0267 4688 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
2011/04/20 21:44:16.0282 4688 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
2011/04/20 21:44:16.0298 4688 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
2011/04/20 21:44:16.0313 4688 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
2011/04/20 21:44:16.0329 4688 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
2011/04/20 21:44:16.0360 4688 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
2011/04/20 21:44:16.0391 4688 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
2011/04/20 21:44:16.0423 4688 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
2011/04/20 21:44:16.0469 4688 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
2011/04/20 21:44:16.0516 4688 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/04/20 21:44:16.0547 4688 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
2011/04/20 21:44:16.0563 4688 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
2011/04/20 21:44:16.0579 4688 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
2011/04/20 21:44:16.0625 4688 CtClsFlt (0d260d60fc1302e482850bb8f432d8d5) C:\Windows\system32\DRIVERS\CtClsFlt.sys
2011/04/20 21:44:16.0672 4688 DfsC (36cd31121f228e7e79bae60aa45764c6) C:\Windows\system32\Drivers\dfsc.sys
2011/04/20 21:44:16.0719 4688 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
2011/04/20 21:44:16.0781 4688 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
2011/04/20 21:44:16.0828 4688 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
2011/04/20 21:44:16.0859 4688 e1express (17d40652ef3e55eeae187a89df40965a) C:\Windows\system32\DRIVERS\e1e6032e.sys
2011/04/20 21:44:16.0906 4688 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
2011/04/20 21:44:16.0953 4688 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
2011/04/20 21:44:17.0015 4688 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
2011/04/20 21:44:17.0047 4688 ErrDev (991fab6aa066e1214efb5b496fb7959a) C:\Windows\system32\drivers\errdev.sys
2011/04/20 21:44:17.0109 4688 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
2011/04/20 21:44:17.0140 4688 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
2011/04/20 21:44:17.0156 4688 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
2011/04/20 21:44:17.0187 4688 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
2011/04/20 21:44:17.0218 4688 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
2011/04/20 21:44:17.0249 4688 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/04/20 21:44:17.0281 4688 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
2011/04/20 21:44:17.0327 4688 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
2011/04/20 21:44:17.0359 4688 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
2011/04/20 21:44:17.0405 4688 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/04/20 21:44:17.0452 4688 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
2011/04/20 21:44:17.0499 4688 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/04/20 21:44:17.0530 4688 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
2011/04/20 21:44:17.0546 4688 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
2011/04/20 21:44:17.0577 4688 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
2011/04/20 21:44:17.0593 4688 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
2011/04/20 21:44:17.0639 4688 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
2011/04/20 21:44:17.0671 4688 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
2011/04/20 21:44:17.0702 4688 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/04/20 21:44:17.0733 4688 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
2011/04/20 21:44:17.0749 4688 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
2011/04/20 21:44:17.0780 4688 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
2011/04/20 21:44:17.0811 4688 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
2011/04/20 21:44:17.0889 4688 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/04/20 21:44:17.0920 4688 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
2011/04/20 21:44:17.0951 4688 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
2011/04/20 21:44:17.0983 4688 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
2011/04/20 21:44:18.0014 4688 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
2011/04/20 21:44:18.0045 4688 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/04/20 21:44:18.0061 4688 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
2011/04/20 21:44:18.0076 4688 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
2011/04/20 21:44:18.0107 4688 k57nd60a (eb5c7891b9e6e4a1a4428f2160b12b53) C:\Windows\system32\DRIVERS\k57nd60a.sys
2011/04/20 21:44:18.0139 4688 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/04/20 21:44:18.0185 4688 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/04/20 21:44:18.0248 4688 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys
2011/04/20 21:44:18.0263 4688 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
2011/04/20 21:44:18.0310 4688 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
2011/04/20 21:44:18.0357 4688 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
2011/04/20 21:44:18.0373 4688 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
2011/04/20 21:44:18.0404 4688 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
2011/04/20 21:44:18.0435 4688 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
2011/04/20 21:44:18.0451 4688 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
2011/04/20 21:44:18.0497 4688 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
2011/04/20 21:44:18.0529 4688 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
2011/04/20 21:44:18.0560 4688 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
2011/04/20 21:44:18.0575 4688 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
2011/04/20 21:44:18.0591 4688 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
2011/04/20 21:44:18.0607 4688 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
2011/04/20 21:44:18.0638 4688 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
2011/04/20 21:44:18.0685 4688 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
2011/04/20 21:44:18.0700 4688 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
2011/04/20 21:44:18.0731 4688 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
2011/04/20 21:44:18.0778 4688 mrxsmb (dc434b4769e18da09ce1b7755d4c64e9) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/04/20 21:44:18.0809 4688 mrxsmb10 (64713fcfe3de8881d62f8f3f2f794241) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/04/20 21:44:18.0841 4688 mrxsmb20 (0005c599a2abf767a815afcd32e523e3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/04/20 21:44:18.0887 4688 msahci (aa459f2ab3ab603c357ff117cae3d818) C:\Windows\system32\drivers\msahci.sys
2011/04/20 21:44:18.0919 4688 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
2011/04/20 21:44:18.0965 4688 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
2011/04/20 21:44:18.0997 4688 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
2011/04/20 21:44:19.0028 4688 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
2011/04/20 21:44:19.0059 4688 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/04/20 21:44:19.0090 4688 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
2011/04/20 21:44:19.0137 4688 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
2011/04/20 21:44:19.0153 4688 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/04/20 21:44:19.0184 4688 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
2011/04/20 21:44:19.0215 4688 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
2011/04/20 21:44:19.0262 4688 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
2011/04/20 21:44:19.0309 4688 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
2011/04/20 21:44:19.0355 4688 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/04/20 21:44:19.0371 4688 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/04/20 21:44:19.0402 4688 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/04/20 21:44:19.0433 4688 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
2011/04/20 21:44:19.0449 4688 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
2011/04/20 21:44:19.0480 4688 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
2011/04/20 21:44:19.0636 4688 NETw5v64 (f17eda58c8c5b1a4f873b322729168ff) C:\Windows\system32\DRIVERS\NETw5v64.sys
2011/04/20 21:44:19.0683 4688 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
2011/04/20 21:44:19.0714 4688 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
2011/04/20 21:44:19.0745 4688 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
2011/04/20 21:44:19.0808 4688 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
2011/04/20 21:44:19.0823 4688 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
2011/04/20 21:44:19.0870 4688 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
2011/04/20 21:44:19.0886 4688 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
2011/04/20 21:44:19.0917 4688 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
2011/04/20 21:44:19.0979 4688 OA008Ufd (404b0121ae1a75d9a63b6934eb07c258) C:\Windows\system32\DRIVERS\OA008Ufd.sys
2011/04/20 21:44:20.0011 4688 OA008Vid (126885007e8f601861165fc77c93f1be) C:\Windows\system32\DRIVERS\OA008Vid.sys
2011/04/20 21:44:20.0057 4688 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/04/20 21:44:20.0104 4688 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
2011/04/20 21:44:20.0135 4688 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
2011/04/20 21:44:20.0167 4688 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
2011/04/20 21:44:20.0182 4688 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
2011/04/20 21:44:20.0213 4688 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
2011/04/20 21:44:20.0245 4688 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
2011/04/20 21:44:20.0338 4688 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
2011/04/20 21:44:20.0369 4688 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
2011/04/20 21:44:20.0416 4688 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
2011/04/20 21:44:20.0447 4688 PxHlpa64 (46851bc18322da70f3f2299a1007c479) C:\Windows\system32\Drivers\PxHlpa64.sys
2011/04/20 21:44:20.0494 4688 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
2011/04/20 21:44:20.0510 4688 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
2011/04/20 21:44:20.0541 4688 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
2011/04/20 21:44:20.0681 4688 R300 (cef278088637401f07a0064b0b900a32) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/04/20 21:44:20.0728 4688 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
2011/04/20 21:44:20.0759 4688 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/04/20 21:44:20.0791 4688 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/04/20 21:44:20.0822 4688 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
2011/04/20 21:44:20.0884 4688 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
2011/04/20 21:44:20.0900 4688 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/04/20 21:44:20.0947 4688 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
2011/04/20 21:44:20.0962 4688 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
2011/04/20 21:44:21.0009 4688 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
2011/04/20 21:44:21.0056 4688 rimmptsk (d13d70fac45fc1df69f88559b1f72f0a) C:\Windows\system32\DRIVERS\rimmpx64.sys
2011/04/20 21:44:21.0071 4688 rimsptsk (bb9edc55b0b8cb4fcd713428820e0776) C:\Windows\system32\DRIVERS\rimspx64.sys
2011/04/20 21:44:21.0087 4688 rismxdp (481c3fdeacaae04b74c58288dbc91df9) C:\Windows\system32\DRIVERS\rixdpx64.sys
2011/04/20 21:44:21.0118 4688 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
2011/04/20 21:44:21.0149 4688 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
2011/04/20 21:44:21.0196 4688 SCDEmu (07237c66e05da6778e9f3cb67fa00736) C:\Windows\system32\drivers\SCDEmu.sys
2011/04/20 21:44:21.0243 4688 sdbus (be100bc2be2513314c717bb2c4cfff10) C:\Windows\system32\DRIVERS\sdbus.sys
2011/04/20 21:44:21.0274 4688 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/04/20 21:44:21.0305 4688 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
2011/04/20 21:44:21.0337 4688 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
2011/04/20 21:44:21.0368 4688 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
2011/04/20 21:44:21.0430 4688 sffdisk (3a19c899bcf0ea24cfec2038e6a489db) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/04/20 21:44:21.0461 4688 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
2011/04/20 21:44:21.0477 4688 sffp_sd (fdca63a2eee528585eb66ceac183ec22) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/04/20 21:44:21.0493 4688 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
2011/04/20 21:44:21.0508 4688 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
2011/04/20 21:44:21.0539 4688 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
2011/04/20 21:44:21.0586 4688 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
2011/04/20 21:44:21.0633 4688 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
2011/04/20 21:44:21.0695 4688 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
2011/04/20 21:44:21.0727 4688 srv2 (fa36d119249bf27bc4c0079734e1f33b) C:\Windows\system32\DRIVERS\srv2.sys
2011/04/20 21:44:21.0742 4688 srvnet (cfe7bc92d52c7e79427545909a0182f8) C:\Windows\system32\DRIVERS\srvnet.sys
2011/04/20 21:44:21.0805 4688 STHDA (ba16447226abfd342e130d2f24f73d32) C:\Windows\system32\DRIVERS\stwrt64.sys
2011/04/20 21:44:21.0836 4688 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
2011/04/20 21:44:21.0883 4688 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
2011/04/20 21:44:21.0945 4688 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
2011/04/20 21:44:21.0961 4688 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
2011/04/20 21:44:22.0007 4688 SynTP (79a93ec9d224b1f43c0e2f023d61dca3) C:\Windows\system32\DRIVERS\SynTP.sys
2011/04/20 21:44:22.0085 4688 Tcpip (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\drivers\tcpip.sys
2011/04/20 21:44:22.0148 4688 Tcpip6 (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\DRIVERS\tcpip.sys
2011/04/20 21:44:22.0179 4688 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
2011/04/20 21:44:22.0210 4688 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
2011/04/20 21:44:22.0241 4688 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
2011/04/20 21:44:22.0273 4688 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
2011/04/20 21:44:22.0319 4688 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
2011/04/20 21:44:22.0366 4688 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/04/20 21:44:22.0413 4688 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
2011/04/20 21:44:22.0444 4688 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
2011/04/20 21:44:22.0475 4688 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
2011/04/20 21:44:22.0522 4688 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
2011/04/20 21:44:22.0569 4688 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
2011/04/20 21:44:22.0616 4688 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
2011/04/20 21:44:22.0631 4688 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
2011/04/20 21:44:22.0647 4688 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
2011/04/20 21:44:22.0678 4688 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
2011/04/20 21:44:22.0725 4688 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/04/20 21:44:22.0741 4688 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
2011/04/20 21:44:22.0772 4688 usbehci (b1c7edb07f61bdee587831b440fc7656) C:\Windows\system32\DRIVERS\usbehci.sys
2011/04/20 21:44:22.0803 4688 usbhub (697c45d6cea9ad978f90636be7c93229) C:\Windows\system32\DRIVERS\usbhub.sys
2011/04/20 21:44:22.0850 4688 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
2011/04/20 21:44:22.0881 4688 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
2011/04/20 21:44:22.0943 4688 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
2011/04/20 21:44:23.0006 4688 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/04/20 21:44:23.0037 4688 usbuhci (c8d88a2a3587a8424b4b17a6f7eb67fa) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/04/20 21:44:23.0084 4688 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
2011/04/20 21:44:23.0115 4688 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/04/20 21:44:23.0162 4688 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
2011/04/20 21:44:23.0193 4688 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
2011/04/20 21:44:23.0209 4688 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
2011/04/20 21:44:23.0255 4688 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
2011/04/20 21:44:23.0287 4688 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
2011/04/20 21:44:23.0318 4688 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
2011/04/20 21:44:23.0396 4688 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys
2011/04/20 21:44:23.0411 4688 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
2011/04/20 21:44:23.0458 4688 wacomvhid (9d45e06348c6703fba2064ac149aabda) C:\Windows\system32\DRIVERS\wacomvhid.sys
2011/04/20 21:44:23.0489 4688 WacomVKHid (8b4255329edfba3ecfbd0714476fad38) C:\Windows\system32\DRIVERS\WacomVKHid.sys
2011/04/20 21:44:23.0536 4688 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/20 21:44:23.0552 4688 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/20 21:44:23.0583 4688 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
2011/04/20 21:44:23.0630 4688 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
2011/04/20 21:44:23.0723 4688 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/04/20 21:44:23.0786 4688 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/04/20 21:44:23.0817 4688 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
2011/04/20 21:44:23.0911 4688 ================================================================================
2011/04/20 21:44:23.0911 4688 Scan finished
2011/04/20 21:44:23.0911 4688 ================================================================================
2011/04/20 21:44:27.0951 4372 Deinitialize success






ComboFix 11-04-20.01 - Kayleigh 04/20/2011 21:54:44.1.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.6108.4342 [GMT -4:00]
Running from: c:\users\Kayleigh\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\Kayleigh\AppData\Roaming\DataSafeDotNet.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-03-21 to 2011-04-21 )))))))))))))))))))))))))))))))
.
.
2011-04-21 02:00 . 2011-04-21 02:00 -------- d-----w- c:\users\Kayleigh\AppData\Local\temp
2011-04-21 02:00 . 2011-04-21 02:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-20 04:35 . 2011-04-20 04:35 -------- d-----w- c:\users\Kayleigh\AppData\Roaming\Malwarebytes
2011-04-20 04:35 . 2010-12-20 22:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-04-20 04:35 . 2011-04-20 04:35 -------- d-----w- c:\programdata\Malwarebytes
2011-04-20 04:35 . 2011-04-20 04:35 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-04-20 04:35 . 2010-12-20 22:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-16 02:18 . 2011-04-16 02:18 -------- d-----w- c:\windows\MSSecurityNS
2011-04-16 02:18 . 2011-04-16 02:18 -------- d-----w- c:\windows\MSSecurityNi
2011-04-16 02:08 . 2011-04-16 02:08 -------- d-----w- c:\programdata\Corel
2011-04-16 02:08 . 2011-04-16 02:08 -------- d-----w- c:\program files (x86)\Corel
2011-04-16 01:49 . 2011-04-21 01:36 -------- d-----w- c:\users\Kayleigh\AppData\Roaming\WTablet
2011-04-16 01:49 . 2007-09-07 18:31 3960616 ------w- c:\windows\system32\WacomTablet.cpl
2011-04-16 01:48 . 2007-02-16 00:11 12976 ----a-w- c:\windows\system32\drivers\WacomVKHid.sys
2011-04-16 01:47 . 2011-04-16 01:49 -------- d-----w- c:\windows\LastGood.Tmp
2011-04-16 01:47 . 2007-02-16 19:12 12848 ----a-w- c:\windows\system32\drivers\wacommousefilter.sys
2011-04-16 01:47 . 2007-02-16 18:30 14640 ----a-w- c:\windows\system32\drivers\wacomvhid.sys
2011-04-16 01:47 . 2011-04-16 01:47 -------- d-----w- c:\windows\system32\WTablet
2011-04-16 01:47 . 2007-09-07 18:20 181544 ------w- c:\windows\SysWow64\Wintab32.dll
2011-04-16 01:47 . 2007-09-07 18:33 128296 ------w- c:\windows\SysWow64\Wacom_Tablet.dll
2011-04-16 01:47 . 2007-09-07 18:33 164648 ------w- c:\windows\system32\Wacom_Tablet.dll
2011-04-16 01:47 . 2007-09-07 18:40 1908520 ------w- c:\windows\system32\Wacom_Tablet.exe
2011-04-16 01:47 . 2011-04-16 01:48 -------- d-----w- c:\program files (x86)\Tablet
2011-04-14 16:10 . 2011-02-18 14:16 274432 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-14 16:05 . 2011-03-02 16:12 117760 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-04-14 16:05 . 2009-05-04 10:21 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-04-14 16:05 . 2009-05-04 09:59 25088 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-03-23 14:11 . 2011-02-22 13:53 1149440 ----a-w- c:\windows\system32\FntCache.dll
2011-03-23 14:11 . 2011-02-22 14:47 479744 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-03-23 14:11 . 2011-02-22 14:13 288768 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-03-23 14:11 . 2011-02-22 13:53 1555968 ----a-w- c:\windows\system32\DWrite.dll
2011-03-23 14:11 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-03-23 02:54 . 2011-03-23 02:54 -------- d-----w- c:\program files\SAMSUNG
2011-03-23 02:54 . 2011-03-23 02:54 -------- d-----w- c:\programdata\Samsung
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-19 19:44 . 2011-03-19 19:44 53248 ----a-r- c:\users\Kayleigh\AppData\Roaming\Microsoft\Installer\{74B65337-CCF1-4664-A7FC-954A288A4C72}\ARPPRODUCTICON.exe
2011-02-23 15:04 . 2010-12-08 18:44 40648 ----a-w- c:\windows\avastSS.scr
2011-02-23 15:04 . 2010-12-08 18:44 190016 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-02-23 15:04 . 2011-01-25 05:06 238968 ----a-w- c:\windows\system32\aswBoot.exe
2011-02-23 14:57 . 2010-12-08 18:44 280408 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-02-23 14:57 . 2011-03-01 14:22 505176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-02-23 14:55 . 2010-12-08 18:44 53592 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-02-23 14:55 . 2010-12-08 18:44 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-02-23 14:55 . 2010-12-08 18:44 64344 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-02-23 14:54 . 2010-12-08 18:45 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2009-10-14 2920632]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2008-12-03 3882312]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2010-10-11 14940040]
"HLBackupScheduler"="c:\program files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe" [2010-12-08 5247624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe" [2009-10-07 148888]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-07-07 1779952]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-04-24 250192]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-02-05 128232]
"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2009-11-09 180224]
.
c:\users\Kayleigh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
S2 lxdu_device;lxdu_device;c:\windows\system32\lxducoms.exe [2008-05-23 1040552]
S2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
S3 NETw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw5v64.sys [x]
S3 OA008Ufd;Creative Camera OA008 Upper Filter Driver;c:\windows\system32\DRIVERS\OA008Ufd.sys [x]
S3 OA008Vid;Creative Camera OA008 Function Driver;c:\windows\system32\DRIVERS\OA008Vid.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - KLMD25
*Deregistered* - klmd25
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-21 c:\windows\Tasks\Norton Security Scan for Kayleigh.job
- c:\program files (x86)\Norton Security Scan\Engine\2.7.0.52\Nss.exe [2010-01-22 14:06]
.
2011-04-20 c:\windows\Tasks\User_Feed_Synchronization-{3BB57CB2-7233-44D3-9F3B-158008570077}.job
- c:\windows\system32\msfeedssync.exe [2011-04-14 04:43]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [X]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-11-25 1657128]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2008-09-26 2041112]
"lxdumon.exe"="c:\program files (x86)\Lexmark 5600-6600 Series\lxdumon.exe" [2008-09-10 676520]
"lxduamon"="c:\program files (x86)\Lexmark 5600-6600 Series\lxduamon.exe" [2008-09-10 16040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
FF - ProfilePath - c:\users\Kayleigh\AppData\Roaming\Mozilla\Firefox\Profiles\1ol6uhup.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com/
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe
WebBrowser-{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - (no file)
HKLM-Run-SysTrayApp - %ProgramFiles%\IDT\WDM\sttray64.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-XviDDec - c:\windows\system32\UninstXviDDec.exe
AddRemove-_{53A908D4-99C6-469B-BC13-F4189F260742} - c:\program files (x86)\Corel\Corel Painter Essentials 4\MSILauncher {53A908D4-99C6-469B-BC13-F4189F260742}
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
Completion time: 2011-04-20 22:02:41
ComboFix-quarantined-files.txt 2011-04-21 02:02
.
Pre-Run: 58,344,845,312 bytes free
Post-Run: 58,335,068,160 bytes free
.
Current=1 Default=1 Failed=0 LastKnownGood=11 Sets=1,2,3,4,5,6,7,8,9,11
- - End Of File - - 8D6311D1D3F7F61EAAB6CBFDDE913D1D





I used my computer for about twenty minutes and haven't been bothered by it and my Security Center says everything is on and running. I'm going to say it's been removed.

#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:06:46 PM

Posted 21 April 2011 - 03:50 PM

Hello,


Glad to hear your machine is running better. Let run a couple of other scanners just to make sure no leftovers.


1.
Please download Malwarebytes' Anti-Malware (v1.50) and save it to your desktop.
Download Link 1
Download Link 2Malwarebytes' may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes' when done.
Note: If Malwarebytes' encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes' from removing all the malware.

2.
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image

3.
Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Microsoft: ‘Unprecedented Wave of Java Exploitation’
Drive-by Trojan preying on out-of-date Java installations
Ghosts of Java Haunt UsersPlease follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Select your Platform: "Windows" (32-bit) or "Windows x64" (64-bit).
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "I agree to the Java SE...License Agreement".
  • Click Continue and the page will refresh.
  • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u24-windows-i586.exe to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
-- Starting with Java 6u10, the uninstaller incorporated in each new release uses Enhanced Auto update to automatically remove the previous version when updating to a later update release. It will not remove older versions, so they will need to be removed manually.
-- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.


Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

Things to include in your next reply::
MBAM log
Eset log
A new DDS log
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:06:46 PM

Posted 23 April 2011 - 10:40 AM

Hello.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 3-5 days the topic will need to be closed.

Thanks for understanding :)

With Regards,
fireman4it

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:06:46 PM

Posted 26 April 2011 - 06:33 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users