Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I Desperately need help


  • Please log in to reply
13 replies to this topic

#1 B14CKL15T3D

B14CKL15T3D

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:31 AM

Posted 10 May 2011 - 04:17 PM

I have a virus or many viruses on my computer and have no idea how to get them off. It just recently sent a link through my email to people in my contacts that i definitely did not send. My computer is running ridiculously slow. Ive installed and scanned countless virus, male ware, and ad ware remover programs but none of them pick anything up. Google keeps getting redirected and over all its just been a really bad couple of weeks because of this and i really really need help.

Edited by Orange Blossom, 10 May 2011 - 04:23 PM.
Moved from Windows 7 to AII. ~ OB


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:31 AM

Posted 10 May 2011 - 08:27 PM

Hello, are you connected to a router? Is this the only machine connected to it? Wgat is your Antivirus?

Please run this..
Reboot into Safe Mode with Networking
How to start Windows 7 in Safe Mode


>>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.

RKill....

Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.



Next run Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now reboot to Normal and run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Troubleshoot Malwarebytes' Anti-Malware

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 B14CKL15T3D

B14CKL15T3D
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:31 AM

Posted 13 May 2011 - 11:25 AM

I tried to scan with Superanti-Spyware and it finds 2 trojans and 2 adware but before it can finish it crashes and makes me restart the program, can i just continue or do i need to get rid of those viruses?

#4 B14CKL15T3D

B14CKL15T3D
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:31 AM

Posted 13 May 2011 - 12:01 PM

now i have to refresh my youtube video like 5 times because it keeps giving me an error message, ive never had this problem before and the way my computer is running slow is, it takes way too long to start up, mozilla firefox crashes on me a lot and i have to completely restart firefox, and applications take longer to start than they used to.

#5 B14CKL15T3D

B14CKL15T3D
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:31 AM

Posted 13 May 2011 - 12:07 PM

now i cant view any youtube videos, its getting worse i really really need help here

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:31 AM

Posted 13 May 2011 - 01:20 PM

Hello can you run the MBAM tool
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 B14CKL15T3D

B14CKL15T3D
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:31 AM

Posted 13 May 2011 - 08:37 PM

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6570

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

5/13/2011 8:32:33 PM
mbam-log-2011-05-13 (20-32-33).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 498202
Time elapsed: 2 hour(s), 15 minute(s), 49 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)




This is what MBAM gave me. Still having the problems.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:31 AM

Posted 13 May 2011 - 08:41 PM

Let's check for TDSS,, this is quick.

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.5.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. [color=green]In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 B14CKL15T3D

B14CKL15T3D
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:31 AM

Posted 13 May 2011 - 09:33 PM

2011/05/13 21:30:16.0408 3704 TDSS rootkit removing tool 2.5.1.0 May 13 2011 13:20:29
2011/05/13 21:30:16.0970 3704 ================================================================================
2011/05/13 21:30:16.0970 3704 SystemInfo:
2011/05/13 21:30:16.0970 3704
2011/05/13 21:30:16.0970 3704 OS Version: 6.1.7601 ServicePack: 1.0
2011/05/13 21:30:16.0970 3704 Product type: Workstation
2011/05/13 21:30:16.0970 3704 ComputerName: B14CKL15T3D-PC
2011/05/13 21:30:16.0970 3704 UserName: B14CKL15T3D
2011/05/13 21:30:16.0970 3704 Windows directory: C:\windows
2011/05/13 21:30:16.0970 3704 System windows directory: C:\windows
2011/05/13 21:30:16.0970 3704 Running under WOW64
2011/05/13 21:30:16.0970 3704 Processor architecture: Intel x64
2011/05/13 21:30:16.0970 3704 Number of processors: 4
2011/05/13 21:30:16.0970 3704 Page size: 0x1000
2011/05/13 21:30:16.0970 3704 Boot type: Normal boot
2011/05/13 21:30:16.0970 3704 ================================================================================
2011/05/13 21:30:17.0687 3704 Initialize success
2011/05/13 21:30:37.0858 4856 ================================================================================
2011/05/13 21:30:37.0858 4856 Scan started
2011/05/13 21:30:37.0858 4856 Mode: Manual;
2011/05/13 21:30:37.0858 4856 ================================================================================
2011/05/13 21:30:38.0186 4856 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
2011/05/13 21:30:38.0233 4856 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
2011/05/13 21:30:38.0295 4856 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
2011/05/13 21:30:38.0389 4856 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\windows\system32\drivers\adfs.sys
2011/05/13 21:30:38.0467 4856 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
2011/05/13 21:30:38.0576 4856 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
2011/05/13 21:30:38.0607 4856 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
2011/05/13 21:30:38.0716 4856 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\windows\system32\drivers\afd.sys
2011/05/13 21:30:38.0857 4856 AgereSoftModem (c98356d813b581e9c425b42a5d146ce0) C:\windows\system32\DRIVERS\agrsm64.sys
2011/05/13 21:30:38.0981 4856 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
2011/05/13 21:30:39.0044 4856 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
2011/05/13 21:30:39.0137 4856 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
2011/05/13 21:30:39.0215 4856 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
2011/05/13 21:30:39.0231 4856 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
2011/05/13 21:30:39.0340 4856 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
2011/05/13 21:30:39.0387 4856 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
2011/05/13 21:30:39.0496 4856 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
2011/05/13 21:30:39.0559 4856 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
2011/05/13 21:30:39.0683 4856 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
2011/05/13 21:30:39.0730 4856 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
2011/05/13 21:30:39.0777 4856 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
2011/05/13 21:30:39.0871 4856 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
2011/05/13 21:30:39.0964 4856 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
2011/05/13 21:30:40.0058 4856 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
2011/05/13 21:30:40.0120 4856 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
2011/05/13 21:30:40.0229 4856 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
2011/05/13 21:30:40.0292 4856 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
2011/05/13 21:30:40.0385 4856 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
2011/05/13 21:30:40.0417 4856 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
2011/05/13 21:30:40.0448 4856 Bridge (5c2f352a4e961d72518261257aae204b) C:\windows\system32\DRIVERS\bridge.sys
2011/05/13 21:30:40.0463 4856 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\windows\system32\DRIVERS\bridge.sys
2011/05/13 21:30:40.0573 4856 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
2011/05/13 21:30:40.0619 4856 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
2011/05/13 21:30:40.0651 4856 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
2011/05/13 21:30:40.0682 4856 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
2011/05/13 21:30:40.0775 4856 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
2011/05/13 21:30:40.0838 4856 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
2011/05/13 21:30:40.0947 4856 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
2011/05/13 21:30:41.0009 4856 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
2011/05/13 21:30:41.0103 4856 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
2011/05/13 21:30:41.0197 4856 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
2011/05/13 21:30:41.0275 4856 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
2011/05/13 21:30:41.0353 4856 CNG (d5fea92400f12412b3922087c09da6a5) C:\windows\system32\Drivers\cng.sys
2011/05/13 21:30:41.0462 4856 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
2011/05/13 21:30:41.0509 4856 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
2011/05/13 21:30:41.0618 4856 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
2011/05/13 21:30:41.0758 4856 dc3d (76e02db615a03801d698199a2bc4a06a) C:\windows\system32\DRIVERS\dc3d.sys
2011/05/13 21:30:41.0883 4856 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
2011/05/13 21:30:41.0930 4856 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
2011/05/13 21:30:42.0023 4856 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
2011/05/13 21:30:42.0086 4856 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
2011/05/13 21:30:42.0148 4856 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
2011/05/13 21:30:42.0320 4856 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
2011/05/13 21:30:42.0523 4856 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
2011/05/13 21:30:42.0632 4856 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
2011/05/13 21:30:42.0710 4856 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
2011/05/13 21:30:42.0788 4856 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
2011/05/13 21:30:42.0850 4856 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
2011/05/13 21:30:42.0959 4856 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
2011/05/13 21:30:42.0975 4856 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
2011/05/13 21:30:43.0100 4856 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
2011/05/13 21:30:43.0162 4856 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
2011/05/13 21:30:43.0256 4856 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
2011/05/13 21:30:43.0303 4856 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\windows\system32\DRIVERS\fssfltr.sys
2011/05/13 21:30:43.0396 4856 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
2011/05/13 21:30:43.0459 4856 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
2011/05/13 21:30:43.0568 4856 FwLnk (60acb128e64c35c2b4e4aab1b0a5c293) C:\windows\system32\DRIVERS\FwLnk.sys
2011/05/13 21:30:43.0615 4856 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
2011/05/13 21:30:43.0708 4856 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
2011/05/13 21:30:43.0771 4856 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
2011/05/13 21:30:43.0880 4856 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
2011/05/13 21:30:43.0942 4856 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
2011/05/13 21:30:44.0036 4856 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\windows\system32\DRIVERS\HECIx64.sys
2011/05/13 21:30:44.0067 4856 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
2011/05/13 21:30:44.0161 4856 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
2011/05/13 21:30:44.0192 4856 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
2011/05/13 21:30:44.0332 4856 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\drivers\hidusb.sys
2011/05/13 21:30:44.0395 4856 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
2011/05/13 21:30:44.0457 4856 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
2011/05/13 21:30:44.0582 4856 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
2011/05/13 21:30:44.0660 4856 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
2011/05/13 21:30:44.0769 4856 iaStor (631fa8935163b01fc0c02966cb3adb92) C:\windows\system32\DRIVERS\iaStor.sys
2011/05/13 21:30:44.0894 4856 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
2011/05/13 21:30:45.0003 4856 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
2011/05/13 21:30:45.0175 4856 IntcAzAudAddService (450bec18b45bccfdc923e11f856dbda7) C:\windows\system32\drivers\RTKVHD64.sys
2011/05/13 21:30:45.0284 4856 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
2011/05/13 21:30:45.0346 4856 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
2011/05/13 21:30:45.0393 4856 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
2011/05/13 21:30:45.0502 4856 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
2011/05/13 21:30:45.0549 4856 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
2011/05/13 21:30:45.0658 4856 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
2011/05/13 21:30:45.0690 4856 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
2011/05/13 21:30:45.0721 4856 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
2011/05/13 21:30:45.0830 4856 JmtFltr (112809ce3919156c484c5bbe61eeee25) C:\windows\system32\drivers\JmtFltr.sys
2011/05/13 21:30:45.0877 4856 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
2011/05/13 21:30:45.0986 4856 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
2011/05/13 21:30:46.0126 4856 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\windows\system32\Drivers\ksecdd.sys
2011/05/13 21:30:46.0189 4856 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\windows\system32\Drivers\ksecpkg.sys
2011/05/13 21:30:46.0267 4856 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
2011/05/13 21:30:46.0407 4856 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
2011/05/13 21:30:46.0610 4856 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\windows\system32\DRIVERS\lmimirr.sys
2011/05/13 21:30:46.0688 4856 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\windows\system32\drivers\LMIRfsDriver.sys
2011/05/13 21:30:46.0813 4856 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
2011/05/13 21:30:46.0844 4856 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
2011/05/13 21:30:46.0875 4856 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
2011/05/13 21:30:46.0984 4856 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
2011/05/13 21:30:47.0031 4856 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
2011/05/13 21:30:47.0109 4856 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
2011/05/13 21:30:47.0172 4856 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
2011/05/13 21:30:47.0218 4856 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
2011/05/13 21:30:47.0312 4856 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
2011/05/13 21:30:47.0359 4856 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\drivers\mouclass.sys
2011/05/13 21:30:47.0468 4856 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
2011/05/13 21:30:47.0530 4856 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
2011/05/13 21:30:47.0640 4856 MpFilter (e6ba8e5a4a871899e23d64573ef58ee9) C:\windows\system32\DRIVERS\MpFilter.sys
2011/05/13 21:30:47.0686 4856 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
2011/05/13 21:30:47.0796 4856 MpNWMon (98b09a4f2c462441030b83a80a3f6fb3) C:\windows\system32\DRIVERS\MpNWMon.sys
2011/05/13 21:30:47.0827 4856 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
2011/05/13 21:30:47.0936 4856 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
2011/05/13 21:30:47.0983 4856 mrxsmb (c2b4651001a867ff3f8865863b592991) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/05/13 21:30:48.0092 4856 mrxsmb10 (7e79946afc5f799ab62982282be5ac13) C:\windows\system32\DRIVERS\mrxsmb10.sys
2011/05/13 21:30:48.0123 4856 mrxsmb20 (5fb954100cea2bfec6446fbbecaa3f79) C:\windows\system32\DRIVERS\mrxsmb20.sys
2011/05/13 21:30:48.0170 4856 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
2011/05/13 21:30:48.0264 4856 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
2011/05/13 21:30:48.0326 4856 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
2011/05/13 21:30:48.0420 4856 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
2011/05/13 21:30:48.0482 4856 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
2011/05/13 21:30:48.0622 4856 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
2011/05/13 21:30:48.0685 4856 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
2011/05/13 21:30:48.0778 4856 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
2011/05/13 21:30:48.0841 4856 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
2011/05/13 21:30:48.0934 4856 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
2011/05/13 21:30:48.0997 4856 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
2011/05/13 21:30:49.0012 4856 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
2011/05/13 21:30:49.0090 4856 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
2011/05/13 21:30:49.0137 4856 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
2011/05/13 21:30:49.0246 4856 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
2011/05/13 21:30:49.0340 4856 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
2011/05/13 21:30:49.0402 4856 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
2011/05/13 21:30:49.0449 4856 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
2011/05/13 21:30:49.0543 4856 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
2011/05/13 21:30:49.0605 4856 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
2011/05/13 21:30:49.0683 4856 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
2011/05/13 21:30:49.0730 4856 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
2011/05/13 21:30:49.0886 4856 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
2011/05/13 21:30:49.0933 4856 NisDrv (3713e8452b88d3e0be095e06b6fbc776) C:\windows\system32\DRIVERS\NisDrvWFP.sys
2011/05/13 21:30:50.0073 4856 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
2011/05/13 21:30:50.0104 4856 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
2011/05/13 21:30:50.0214 4856 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
2011/05/13 21:30:50.0323 4856 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
2011/05/13 21:30:50.0370 4856 NVHDA (ad37248bd442d41c9a896e53eb8a85ee) C:\windows\system32\drivers\nvhda64v.sys
2011/05/13 21:30:50.0697 4856 nvlddmkm (0433890f7bfc6e781c5fae78c7ff6eb4) C:\windows\system32\DRIVERS\nvlddmkm.sys
2011/05/13 21:30:51.0056 4856 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
2011/05/13 21:30:51.0103 4856 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
2011/05/13 21:30:51.0228 4856 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
2011/05/13 21:30:51.0259 4856 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
2011/05/13 21:30:51.0337 4856 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
2011/05/13 21:30:51.0446 4856 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
2011/05/13 21:30:51.0508 4856 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
2011/05/13 21:30:51.0540 4856 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
2011/05/13 21:30:51.0571 4856 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
2011/05/13 21:30:51.0664 4856 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
2011/05/13 21:30:51.0711 4856 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
2011/05/13 21:30:51.0867 4856 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys
2011/05/13 21:30:51.0961 4856 pnarp (4ff73a83a25d0eead4f5e6c841bb6704) C:\windows\system32\DRIVERS\pnarp.sys
2011/05/13 21:30:52.0086 4856 Point64 (b8d8ec78b0f9ed8e220506181274f3d3) C:\windows\system32\DRIVERS\point64.sys
2011/05/13 21:30:52.0179 4856 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
2011/05/13 21:30:52.0257 4856 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
2011/05/13 21:30:52.0351 4856 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
2011/05/13 21:30:52.0476 4856 purendis (9a68a89f10f283a23afee2a1bfe4bffb) C:\windows\system32\DRIVERS\purendis.sys
2011/05/13 21:30:52.0585 4856 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
2011/05/13 21:30:52.0694 4856 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
2011/05/13 21:30:52.0741 4856 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
2011/05/13 21:30:52.0772 4856 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
2011/05/13 21:30:52.0850 4856 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
2011/05/13 21:30:52.0912 4856 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
2011/05/13 21:30:53.0022 4856 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
2011/05/13 21:30:53.0068 4856 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
2011/05/13 21:30:53.0115 4856 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
2011/05/13 21:30:53.0209 4856 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
2011/05/13 21:30:53.0240 4856 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
2011/05/13 21:30:53.0302 4856 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
2011/05/13 21:30:53.0396 4856 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
2011/05/13 21:30:53.0443 4856 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\windows\system32\drivers\RDPWD.sys
2011/05/13 21:30:53.0568 4856 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
2011/05/13 21:30:53.0646 4856 rimspci (e20b1907fc72a3664ece21e3c20fc63d) C:\windows\system32\DRIVERS\rimspe64.sys
2011/05/13 21:30:53.0724 4856 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\windows\system32\Drivers\RimUsb_AMD64.sys
2011/05/13 21:30:53.0786 4856 risdpcie (7dda2e5cf452dad24b1be704225c18ee) C:\windows\system32\DRIVERS\risdpe64.sys
2011/05/13 21:30:53.0802 4856 rixdpcie (6a1cd4674505e6791390a1ab71da1fbe) C:\windows\system32\DRIVERS\rixdpe64.sys
2011/05/13 21:30:53.0911 4856 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
2011/05/13 21:30:53.0973 4856 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\windows\system32\DRIVERS\Rt64win7.sys
2011/05/13 21:30:54.0082 4856 rtl8192se (7475548b0ba58eba4d12414fc9e9dfe6) C:\windows\system32\DRIVERS\rtl8192se.sys
2011/05/13 21:30:54.0207 4856 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
2011/05/13 21:30:54.0285 4856 SCDEmu (4b12e2e559641b0f26474bbc6d7cfaff) C:\windows\system32\drivers\SCDEmu.sys
2011/05/13 21:30:54.0379 4856 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
2011/05/13 21:30:54.0457 4856 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\drivers\sdbus.sys
2011/05/13 21:30:54.0550 4856 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
2011/05/13 21:30:54.0628 4856 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
2011/05/13 21:30:54.0722 4856 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
2011/05/13 21:30:54.0784 4856 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
2011/05/13 21:30:54.0909 4856 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
2011/05/13 21:30:54.0940 4856 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
2011/05/13 21:30:54.0972 4856 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
2011/05/13 21:30:55.0034 4856 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
2011/05/13 21:30:55.0128 4856 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
2011/05/13 21:30:55.0159 4856 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
2011/05/13 21:30:55.0206 4856 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
2011/05/13 21:30:55.0315 4856 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
2011/05/13 21:30:55.0393 4856 srv (65bbf4920148c2ee279055da7228fc7b) C:\windows\system32\DRIVERS\srv.sys
2011/05/13 21:30:55.0518 4856 srv2 (da939f762a1ccc2d77428621ddbd40a7) C:\windows\system32\DRIVERS\srv2.sys
2011/05/13 21:30:55.0564 4856 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\windows\system32\DRIVERS\VSTAZL6.SYS
2011/05/13 21:30:55.0689 4856 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\windows\system32\DRIVERS\VSTDPV6.SYS
2011/05/13 21:30:55.0814 4856 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\windows\system32\DRIVERS\VSTCNXT6.SYS
2011/05/13 21:30:55.0923 4856 srvnet (3f847c9dc87299516f7dc82fb6572865) C:\windows\system32\DRIVERS\srvnet.sys
2011/05/13 21:30:55.0986 4856 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
2011/05/13 21:30:56.0079 4856 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
2011/05/13 21:30:56.0220 4856 SynTP (e28ca52ecf8cb6eb04b34de440ba260e) C:\windows\system32\DRIVERS\SynTP.sys
2011/05/13 21:30:56.0376 4856 Tcpip (509383e505c973ed7534a06b3d19688d) C:\windows\system32\drivers\tcpip.sys
2011/05/13 21:30:56.0547 4856 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\windows\system32\DRIVERS\tcpip.sys
2011/05/13 21:30:56.0672 4856 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
2011/05/13 21:30:56.0734 4856 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
2011/05/13 21:30:56.0812 4856 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
2011/05/13 21:30:56.0844 4856 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
2011/05/13 21:30:56.0922 4856 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
2011/05/13 21:30:57.0015 4856 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
2011/05/13 21:30:57.0078 4856 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys
2011/05/13 21:30:57.0156 4856 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS
2011/05/13 21:30:57.0249 4856 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
2011/05/13 21:30:57.0374 4856 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
2011/05/13 21:30:57.0514 4856 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
2011/05/13 21:30:57.0639 4856 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
2011/05/13 21:30:57.0686 4856 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
2011/05/13 21:30:57.0764 4856 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys
2011/05/13 21:30:57.0811 4856 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
2011/05/13 21:30:57.0873 4856 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
2011/05/13 21:30:57.0998 4856 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
2011/05/13 21:30:58.0045 4856 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
2011/05/13 21:30:58.0076 4856 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
2011/05/13 21:30:58.0170 4856 USBAAPL64 (cd03479f2da26500b203ed075c146a7a) C:\windows\system32\Drivers\usbaapl64.sys
2011/05/13 21:30:58.0232 4856 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\windows\system32\drivers\usbaudio.sys
2011/05/13 21:30:58.0341 4856 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
2011/05/13 21:30:58.0419 4856 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
2011/05/13 21:30:58.0513 4856 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
2011/05/13 21:30:58.0591 4856 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
2011/05/13 21:30:58.0684 4856 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
2011/05/13 21:30:58.0731 4856 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
2011/05/13 21:30:58.0778 4856 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\drivers\USBSTOR.SYS
2011/05/13 21:30:58.0856 4856 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
2011/05/13 21:30:58.0918 4856 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
2011/05/13 21:30:59.0059 4856 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
2011/05/13 21:30:59.0121 4856 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
2011/05/13 21:30:59.0152 4856 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
2011/05/13 21:30:59.0246 4856 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
2011/05/13 21:30:59.0324 4856 vhidmini (52290e2e0bfae61d622aa8b9b3a4cb4e) C:\windows\system32\DRIVERS\vhidmini.sys
2011/05/13 21:30:59.0402 4856 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
2011/05/13 21:30:59.0433 4856 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
2011/05/13 21:30:59.0496 4856 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
2011/05/13 21:30:59.0589 4856 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
2011/05/13 21:30:59.0652 4856 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
2011/05/13 21:30:59.0683 4856 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
2011/05/13 21:30:59.0776 4856 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
2011/05/13 21:30:59.0823 4856 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
2011/05/13 21:30:59.0932 4856 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
2011/05/13 21:31:00.0010 4856 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
2011/05/13 21:31:00.0026 4856 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
2011/05/13 21:31:00.0151 4856 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
2011/05/13 21:31:00.0213 4856 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\windows\system32\DRIVERS\wdcsam64.sys
2011/05/13 21:31:00.0307 4856 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
2011/05/13 21:31:00.0447 4856 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
2011/05/13 21:31:00.0494 4856 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
2011/05/13 21:31:00.0666 4856 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
2011/05/13 21:31:00.0728 4856 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
2011/05/13 21:31:00.0868 4856 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
2011/05/13 21:31:00.0946 4856 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
2011/05/13 21:31:01.0056 4856 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
2011/05/13 21:31:01.0149 4856 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\windows\system32\DRIVERS\xusb21.sys
2011/05/13 21:31:01.0227 4856 ================================================================================
2011/05/13 21:31:01.0227 4856 Scan finished
2011/05/13 21:31:01.0227 4856 ================================================================================


Still nothing showed up.

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:31 AM

Posted 14 May 2011 - 09:15 AM

Looks like the malware has made serious corruptions. We need to either reinstall or have our Malware team dig this out.

We need a deeper look. Please go here....
Preparation Guide ,do steps 6 - 9.

Create a DDS log and post it in the new topic explained in step 9,which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If Gmer won't run,skip it and move on.
Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 B14CKL15T3D

B14CKL15T3D
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:31 AM

Posted 15 May 2011 - 10:25 AM

I still haven't gotten a response.

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:31 AM

Posted 15 May 2011 - 12:19 PM

Sorry, I looked and the back up is a couple days. We got bombarded with logs.

Edited by boopme, 15 May 2011 - 12:19 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 B14CKL15T3D

B14CKL15T3D
  • Topic Starter

  • Members
  • 65 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:31 AM

Posted 20 May 2011 - 03:25 AM

Thank You for all your help, my computer is now fixed just wanted to let you know and I'm definitely giving this website to everyone I know that's having problems with their computers. I will donate but can't until the first of June.

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:31 AM

Posted 22 May 2011 - 09:21 PM

You're welcome and we are glad top have helped.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users