Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows vista recovery virus


  • Please log in to reply
17 replies to this topic

#1 vymichelle

vymichelle

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:52 AM

Posted 06 July 2011 - 07:27 AM

Hello,

I also have the dreaded google redirect virus. It came from the Windows Vista Recovery virus which appeared on Saturday. Luckily my partner knew it was a virus and closed it straight away, I would have been far more gullable!
Problems it caused seem to be;
Google re-direct - have tried to follow the removal guide which went fine untill the last step of running tdsskille. It just won't run, have tried changing name, extention etc but nothing seems to help. I have windows vista so click run as administrator and then it pops up but when you press run it disappears??!
All documents and contents of folders got hidden - unhide.exe did the trick with that.
Windows isn't installing updates when the computer is restarted - don't know where to start with that one but I see from other people's questions that it seems to be part of the virus.
No sound in browser, youtube etc. - again, I see this is part of the problem but I can't seem to fix that either.

Any help greatly appreciated!
Michelle

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:52 PM

Posted 06 July 2011 - 09:14 PM

Welcome aboard Posted Image

Did you try these steps?
http://www.bleepingcomputer.com/virus-removal/remove-windows-recovery

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 vymichelle

vymichelle
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:52 AM

Posted 07 July 2011 - 07:20 AM

Hi,
Thanks for getting back to me.
I tried following that guide yesturday but the anti-malware scan can't find anything wrong and says "no malicious items detected" anywhere..
I then tried following the guide to removing the google redirect virus but at the last and the most important step I fail because tdsskiller just will not run. I've tried changing the name and extention but no difference..
It's all very frustrating!
Many thanks,
Michelle

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:52 PM

Posted 07 July 2011 - 07:33 PM

What are the current issues?

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#5 vymichelle

vymichelle
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:52 AM

Posted 08 July 2011 - 07:11 AM

Hello,

Current issues are still the same as outlined in my first post - google re-direct, no browser sound and windows can't install updates, the rest of the problems associated with the vista repair virus we seem to have been able to fix.
I have done as you've said and here are the logs for security check, mini tool box and anti-malware (which still can't detect the problem) GMER ran for a couple of minutes then I got a message that it had stopped working and would have to close. I then tried again in safe mode but the same thing again...?
Here are the first three logs if that helps at all.
Many thanks,
Michelle

Results of screen317's Security Check version 0.99.7
Windows Vista Service Pack 1 (UAC is disabled!)
Out of date service pack!!
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
CCleaner (remove only)
Adobe Flash Player
````````````````````````````````
Process Check:
objlist.exe by Laurent

McAfee Managed VirusScan Agent myAgtSvc.Exe
McAfee Managed VirusScan Agent myAgtTry.exe
``````````End of Log````````````




MiniToolBox by Farbar
Ran by Michelle (administrator) on 08-07-2011 at 07:34:50
Windows Vista ™ Home Premium Service Pack 1 (X86)

***************************************************************************


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= End of IE Proxy Settings ========================
=============== Hosts content: ============================================

127.0.0.1 localhost

=============== End of Hosts ==============================================

================= IP Configuration: =======================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Michelle-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection
Physical Address. . . . . . . . . : 00-1F-3C-D3-1A-9A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::457e:e61d:cfa6:69dd%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.103(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 08 July 2011 06:54:07
Lease Expires . . . . . . . . . . : 09 July 2011 06:54:06
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82562GT 10/100 Network Connection
Physical Address. . . . . . . . . : 00-24-81-56-F2-59
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 00-24-7E-41-07-C6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.home
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D0B00DF2-6F2E-4455-BE08-0D532B7D23E0}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D0B00DF2-6F2E-4455-BE08-0D532B7D23E0}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:14f1:14d3:3f57:fe98(Preferred)
Link-local IPv6 Address . . . . . : fe80::14f1:14d3:3f57:fe98%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{D0B00DF2-6F2E-4455-BE08-0D532B7D23E0}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : isatap.home
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{71FBE98A-922B-47FE-9199-E125F14DF733}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: api.home
Address: 192.168.1.254

Name: google.com
Addresses: 209.85.147.105
209.85.147.104
209.85.147.103
209.85.147.99
209.85.147.106
209.85.147.147



Pinging google.com [209.85.147.147] with 32 bytes of data:

Reply from 209.85.147.147: bytes=32 time=36ms TTL=49

Reply from 209.85.147.147: bytes=32 time=37ms TTL=49



Ping statistics for 209.85.147.147:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 36ms, Maximum = 37ms, Average = 36ms

Server: api.home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 69.147.125.65
72.30.2.43
98.137.149.56
209.191.122.70
67.195.160.76



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=170ms TTL=47

Reply from 209.191.122.70: bytes=32 time=166ms TTL=47



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 166ms, Maximum = 170ms, Average = 168ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
13 ...00 1f 3c d3 1a 9a ...... Intel® PRO/Wireless 3945ABG Network Connection
12 ...00 24 81 56 f2 59 ...... Intel® 82562GT 10/100 Network Connection
11 ...00 24 7e 41 07 c6 ...... Bluetooth Device (Personal Area Network)
1 ........................... Software Loopback Interface 1
15 ...00 00 00 00 00 00 00 e0 isatap.home
16 ...00 00 00 00 00 00 00 e0 isatap.{D0B00DF2-6F2E-4455-BE08-0D532B7D23E0}
18 ...00 00 00 00 00 00 00 e0 isatap.{D0B00DF2-6F2E-4455-BE08-0D532B7D23E0}
14 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
19 ...00 00 00 00 00 00 00 e0 isatap.{D0B00DF2-6F2E-4455-BE08-0D532B7D23E0}
17 ...00 00 00 00 00 00 00 e0 isatap.home
20 ...00 00 00 00 00 00 00 e0 isatap.{71FBE98A-922B-47FE-9199-E125F14DF733}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.103 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.103 281
192.168.1.103 255.255.255.255 On-link 192.168.1.103 281
192.168.1.255 255.255.255.255 On-link 192.168.1.103 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.103 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.103 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 18 ::/0 On-link
1 306 ::1/128 On-link
14 18 2001::/32 On-link
14 266 2001:0:5ef5:79fd:14f1:14d3:3f57:fe98/128
On-link
13 281 fe80::/64 On-link
14 266 fe80::/64 On-link
14 266 fe80::14f1:14d3:3f57:fe98/128
On-link
13 281 fe80::457e:e61d:cfa6:69dd/128
On-link
1 306 ff00::/8 On-link
14 266 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

================= End of IP Configuration =================================

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/08/2011 06:54:43 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2011 01:51:29 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.19088, time stamp 0x4de07b1b, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x0091dae8,
process id 0x17a4, application start time 0xiexplore.exe0.

Error: (07/07/2011 09:21:06 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.19088, time stamp 0x4de07b1b, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0xfc6c0000,
process id 0x13cc, application start time 0xiexplore.exe0.

Error: (07/07/2011 09:01:43 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.19088, time stamp 0x4de07b1b, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000000,
process id 0x55c, application start time 0xiexplore.exe0.

Error: (07/07/2011 06:54:04 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/06/2011 11:19:49 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/06/2011 11:15:55 AM) (Source: Microsoft-Windows-RestartManager) (User: Michelle)Michelle
Description: 0LSSrvc.exeLightScribeService Direct Disc Labeling Service03026217824800

Error: (07/06/2011 11:01:42 AM) (Source: Application Error) (User: )
Description: Faulting application MsiExec.exe, version 4.0.6001.18000, time stamp 0x47918d31, faulting module QuickTime.qts_unloaded, version 0.0.0.0, time stamp 0x4cf4536a, exception code 0xc0000005, fault offset 0x5cebbb89,
process id 0x13b0, application start time 0xMsiExec.exe0.

Error: (07/06/2011 10:34:56 AM) (Source: Microsoft-Windows-RestartManager) (User: Michelle)Michelle
Description: 0AppleMobileDeviceService.exeApple Mobile Device03026217811080

Error: (07/06/2011 10:34:55 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (10/13/2010 01:45:08 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 10 seconds with 0 seconds of active time. This session ended with a crash.


========================= End of Event log errors =========================

========================= Memory info: ====================================

Percentage of memory in use: 37%
Total physical RAM: 3062.34 MB
Available physical RAM: 1923.19 MB
Total Pagefile: 6326.95 MB
Available Pagefile: 5223.9 MB
Total Virtual: 2047.88 MB
Available Virtual: 1958.67 MB

======================= Partitions: =======================================

1 Drive c: () (Fixed) (Total:223.88 GB) (Free:126.03 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:9 GB) (Free:1.06 GB) NTFS

================= Users: ==================================================

User accounts for \\MICHELLE-PC

-------------------------------------------------------------------------------
Administrator Guest McAfeeMVSUser
Michelle
The command completed successfully.

================= End of Users ============================================




Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 7029

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.19088

08/07/2011 07:41:07
mbam-log-2011-07-08 (07-41-07).txt

Scan type: Quick scan
Objects scanned: 158008
Time elapsed: 3 minute(s), 31 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:52 PM

Posted 08 July 2011 - 11:19 AM

Please download Rootkit Unhooker from one of the following links and save it to your desktop.
Link 1 (.exe file)
Link 2 (zipped file)
Link 3 (.rar file)In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can download, install and use the free 7-zip utility.

  • Double-click on RKUnhookerLE.exe to start the program.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • Click the Report tab, then click Scan.
  • Check Drivers, Stealth, and uncheck the rest.
  • Click OK.
  • Wait until it's finished and then go to File > Save Report.
  • Save the report to your Desktop.
  • Copy and paste the contents of the report into your next reply.
-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#7 vymichelle

vymichelle
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:52 AM

Posted 09 July 2011 - 01:08 AM

Hi,
Report from unhooker;
Michelle

RkU Version: 3.8.389.593, Type LE (SR2)
==============================================
OS Name: Windows Vista
Version 6.0.6001 (Service Pack 1)
Number of processors #2
==============================================
>Drivers
==============================================
0x8EC0C000 C:\windows\system32\DRIVERS\igdkmd32.sys 7057408 bytes (Intel Corporation, Intel Graphics Kernel Mode Driver)
0x81E0D000 C:\windows\system32\ntkrnlpa.exe 3903488 bytes (Microsoft Corporation, NT Kernel & System)
0x81E0D000 PnpManager 3903488 bytes
0x81E0D000 RAW 3903488 bytes
0x81E0D000 WMIxWDM 3903488 bytes
0x8F60A000 C:\windows\system32\DRIVERS\NETw5v32.sys 3698688 bytes (Intel Corporation, IntelŽ Wireless WiFi Link Driver)
0x98420000 Win32k 2109440 bytes
0x98420000 C:\windows\System32\win32k.sys 2109440 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0x8AA06000 C:\windows\system32\drivers\ql2300.sys 1277952 bytes (QLogic Corporation, QLogic Fibre Channel Stor Miniport Driver)
0x8FE08000 C:\windows\system32\DRIVERS\AGRSM.sys 1204224 bytes (Agere Systems, SoftModem Device Driver)
0x8B006000 C:\windows\System32\Drivers\Ntfs.sys 1110016 bytes (Microsoft Corporation, NT File System Driver)
0x8AE06000 C:\windows\system32\drivers\ndis.sys 1093632 bytes (Microsoft Corporation, NDIS 6.0 wrapper driver)
0x90006000 C:\windows\System32\drivers\tcpip.sys 954368 bytes (Microsoft Corporation, TCP/IP Driver)
0x804C0000 C:\windows\system32\CI.dll 917504 bytes (Microsoft Corporation, Code Integrity Module)
0xB1E08000 C:\windows\system32\drivers\peauth.sys 909312 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x90503000 C:\windows\System32\Drivers\dump_iaStor.sys 843776 bytes
0x82436000 C:\windows\system32\drivers\iastor.sys 843776 bytes (Intel Corporation, Intel Matrix Storage Manager driver - ia32)
0x8A908000 C:\windows\system32\drivers\megasr.sys 749568 bytes (LSI Corporation, Inc., LSI MegaRAID Software RAID Driver)
0x8AD02000 C:\windows\system32\drivers\spsys.sys 716800 bytes (Microsoft Corporation, security processor)
0x82504000 C:\windows\system32\drivers\iastorv.sys 659456 bytes (Intel Corporation, Intel Matrix Storage Manager driver (base))
0x8F2C7000 C:\windows\System32\drivers\dxgkrnl.sys 651264 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x8A806000 C:\windows\system32\drivers\elxstor.sys 606208 bytes (Emulex, Storport Miniport Driver for LightPulse HBAs)
0x9020B000 C:\windows\System32\Drivers\bthport.sys 524288 bytes (Microsoft Corporation, Bluetooth Bus Driver)
0x90473000 C:\windows\system32\drivers\btwaudio.sys 524288 bytes (Broadcom Corporation., Bluetooth Audio Device)
0x8060F000 C:\windows\system32\drivers\Wdf01000.sys 507904 bytes (Microsoft Corporation, WDF Dynamic)
0x8AC91000 C:\windows\System32\Drivers\ksecdd.sys 462848 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xAC003000 C:\windows\system32\drivers\HTTP.sys 446464 bytes (Microsoft Corporation, HTTP Protocol Stack)
0x82657000 C:\windows\system32\drivers\adp94xx.sys 434176 bytes (Adaptec, Inc., Adaptec Windows SAS/SATA Storport Driver)
0x9040C000 C:\windows\system32\drivers\btwavdt.sys 421888 bytes (Broadcom Corporation., Broadcom Bluetooth AVDT Service)
0x80406000 C:\windows\system32\mcupdate_GenuineIntel.dll 393216 bytes (Microsoft Corporation, Intel Microcode Update Library)
0x8AB3E000 C:\windows\system32\drivers\ql40xx.sys 348160 bytes (QLogic Corporation, QLogic iSCSI Storport Miniport Driver)
0x8FB00000 C:\windows\system32\drivers\ADIHdAud.sys 327680 bytes (Analog Devices, Inc., High Definition Audio Function Driver)
0xAC173000 C:\windows\System32\DRIVERS\srv.sys 323584 bytes (Microsoft Corporation, Server driver)
0x826C1000 C:\windows\system32\drivers\adpahci.sys 311296 bytes (Adaptec, Inc., Adaptec Windows SATA Storport Driver)
0x8076C000 C:\windows\System32\drivers\volmgrx.sys 303104 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x901AA000 C:\windows\system32\drivers\afd.sys 294912 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x80698000 C:\windows\system32\drivers\acpi.sys 286720 bytes (Microsoft Corporation, ACPI Driver for NT)
0x8047F000 C:\windows\system32\CLFS.SYS 266240 bytes (Microsoft Corporation, Common Log File System Driver)
0x8260B000 C:\windows\system32\drivers\storport.sys 266240 bytes (Microsoft Corporation, Microsoft Storage Port Driver)
0x8F3B7000 C:\windows\system32\DRIVERS\USBPORT.SYS 253952 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x902C2000 C:\windows\system32\DRIVERS\rdbss.sys 245760 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0x827B4000 C:\windows\system32\drivers\uliahci.sys 245760 bytes (ULi Electronics Inc., ULi SATA Controller Driver)
0x8AF3C000 C:\windows\system32\drivers\NETIO.SYS 237568 bytes (Microsoft Corporation, Network I/O Subsystem)
0x8F373000 C:\windows\system32\DRIVERS\e1e6032.sys 233472 bytes (Intel Corporation, Intel® PRO/1000 Adapter NDIS 6 deserialized driver)
0xAC0FA000 C:\windows\system32\DRIVERS\mrxsmb10.sys 233472 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x8B11D000 C:\windows\system32\drivers\volsnap.sys 233472 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0x8FAB2000 C:\windows\system32\DRIVERS\usbhub.sys 212992 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x821C6000 ACPI_HAL 208896 bytes
0x821C6000 C:\windows\system32\hal.dll 208896 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x8AC4F000 C:\windows\system32\drivers\fltmgr.sys 204800 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0x90178000 C:\windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x90308000 C:\windows\system32\drivers\mfehidk.sys 200704 bytes (McAfee, Inc., Host Intrusion Detection Link Driver)
0x8F9B4000 C:\windows\system32\DRIVERS\SynTP.sys 196608 bytes (Synaptics, Inc., Synaptics Touchpad Driver)
0x8AFBF000 C:\windows\system32\DRIVERS\msiscsi.sys 188416 bytes (Microsoft Corporation, Microsoft iSCSI Initiator Driver)
0x807D2000 C:\windows\system32\DRIVERS\pcmcia.sys 184320 bytes (Microsoft Corporation, PCMCIA Bus Driver)
0x8FB50000 C:\windows\system32\drivers\portcls.sys 184320 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x8AC02000 C:\windows\system32\drivers\ulsata2.sys 180224 bytes (Promise Technology, Inc., Promise SATAII150 Series Windows Drivers)
0x8AF11000 C:\windows\system32\drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x8FA71000 C:\windows\system32\DRIVERS\ks.sys 172032 bytes (Microsoft Corporation, Kernel CSA Library)
0x903C6000 C:\windows\system32\DRIVERS\nwifi.sys 172032 bytes (Microsoft Corporation, NativeWiFi Miniport Driver)
0x90339000 C:\windows\system32\DRIVERS\rfcomm.sys 167936 bytes (Microsoft Corporation, Bluetooth RFCOMM Driver)
0xAC14B000 C:\windows\System32\DRIVERS\srv2.sys 163840 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x8B182000 C:\windows\System32\drivers\ecache.sys 159744 bytes (Microsoft Corporation, Special Memory Device Cache)
0x806EF000 C:\windows\system32\drivers\pci.sys 159744 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0x8274E000 C:\windows\system32\drivers\adpu320.sys 155648 bytes (Adaptec, Inc., Adaptec StorPort Ultra320 SCSI Driver)
0x9010A000 C:\windows\System32\Drivers\Mpfp.sys 155648 bytes (McAfee, Inc., McAfee Personal Firewall Plus Driver)
0x82728000 C:\windows\system32\drivers\SCSIPORT.SYS 155648 bytes (Microsoft Corporation, SCSI Port Driver)
0x8FB7D000 C:\windows\system32\drivers\drmk.sys 151552 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0x8FA04000 C:\windows\system32\DRIVERS\ndiswan.sys 143360 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x8240D000 C:\windows\system32\drivers\CLASSPNP.SYS 135168 bytes (Microsoft Corporation, SCSI Class System Dll)
0x8ABD7000 C:\windows\system32\drivers\ulsata.sys 135168 bytes (Promise Technology, Inc., Promise Ultra/Sata Series Driver for Win2003)
0x8FF5E000 C:\windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0x8AC2E000 C:\windows\system32\drivers\vsmraid.sys 135168 bytes (VIA Technologies Inc.,Ltd, VIA RAID DRIVER FOR AMD-X86-64)
0xAC0BB000 C:\windows\system32\drivers\mrxdav.sys 131072 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xAC0DB000 C:\windows\system32\DRIVERS\mrxsmb.sys 126976 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x825AD000 C:\windows\system32\drivers\ataport.SYS 122880 bytes (Microsoft Corporation, ATAPI Driver Extension)
0xAC070000 C:\windows\System32\DRIVERS\srvnet.sys 118784 bytes (Microsoft Corporation, Server Network driver)
0x80725000 C:\windows\system32\drivers\mpio.sys 114688 bytes (Microsoft Corporation, MultiPath Support Bus-Driver)
0x8270D000 C:\windows\system32\drivers\adpu160m.sys 110592 bytes (Adaptec, Inc., Adaptec LH Ultra160 Driver (x86))
0x900EF000 C:\windows\System32\drivers\fwpkclnt.sys 110592 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x903AB000 C:\windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, LUA File Virtualization Filter Driver)
0x805D2000 C:\windows\system32\drivers\nvraid.sys 110592 bytes (NVIDIA Corporation, NVIDIAŽ nForce™ RAID Driver)
0x90383000 C:\windows\system32\DRIVERS\bthpan.sys 106496 bytes (Microsoft Corporation, Bluetooth Personal Area Networking)
0x8A8CC000 C:\windows\system32\drivers\lsi_fc.sys 106496 bytes (LSI Logic, LSI Logic Fusion-MPT FC Driver (StorPort))
0x825CB000 C:\windows\system32\drivers\lsi_scsi.sys 106496 bytes (LSI Logic, LSI Logic Fusion-MPT SCSI Driver (StorPort))
0x805B8000 C:\windows\system32\drivers\msdsm.sys 106496 bytes (Microsoft Corporation, Microsoft Device Specific Module)
0xAC08D000 C:\windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x8AF97000 C:\windows\system32\DRIVERS\cdrom.sys 98304 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0x8A8E6000 C:\windows\system32\drivers\lsi_sas.sys 98304 bytes (LSI Logic, LSI Logic Fusion-MPT SAS Driver (StorPort))
0xAC133000 C:\windows\system32\DRIVERS\mrxsmb20.sys 98304 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x90362000 C:\windows\System32\Drivers\dfsc.sys 94208 bytes (Microsoft Corporation, DFS Namespace Client Driver)
0x8ADD0000 C:\windows\system32\DRIVERS\rasl2tp.sys 94208 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0x82788000 C:\windows\system32\drivers\arc.sys 90112 bytes (Adaptec, Inc., Adaptec RAID Storport Driver)
0x8279E000 C:\windows\system32\drivers\arcsas.sys 90112 bytes (Adaptec, Inc., Adaptec SAS RAID WS03 Driver)
0xB1EFF000 C:\windows\system32\DRIVERS\cdfs.sys 90112 bytes (Microsoft Corporation, CD-ROM File System Driver)
0x9028B000 C:\windows\system32\DRIVERS\pacer.sys 90112 bytes (Microsoft Corporation, QoS Packet Scheduler)
0x90130000 C:\windows\system32\DRIVERS\tdx.sys 90112 bytes (Microsoft Corporation, TDI Translation Driver)
0xAC0A6000 C:\windows\System32\drivers\mpsdrv.sys 86016 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x8FA4A000 C:\windows\system32\DRIVERS\rassstp.sys 86016 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)
0x8B15E000 C:\windows\system32\drivers\sbp2port.sys 86016 bytes (Microsoft Corporation, SBP-2 Protocol Driver)
0x8ABA0000 C:\windows\system32\drivers\sisraid4.sys 86016 bytes (Silicon Integrated Systems, SiS AHCI Stor-Miniport Driver)
0x82774000 C:\windows\system32\drivers\djsvs.sys 81920 bytes (Adaptec, Inc., Adaptec Ultra SCSI miniport)
0x8FA36000 C:\windows\system32\DRIVERS\raspptp.sys 81920 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x90164000 C:\windows\system32\DRIVERS\smb.sys 81920 bytes (Microsoft Corporation, SMB Transport driver)
0x8F991000 C:\windows\system32\DRIVERS\i8042prt.sys 77824 bytes (Microsoft Corporation, i8042 Port Driver)
0x8FFB1000 C:\windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x902AF000 C:\windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0x8AF85000 C:\windows\system32\DRIVERS\HDAudBus.sys 73728 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0x90146000 C:\windows\system32\DRIVERS\ipfltdrv.sys 73728 bytes (Microsoft Corporation, IP FILTER DRIVER)
0x8B1A9000 C:\windows\system32\drivers\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x8FAEF000 C:\windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)
0x80466000 C:\windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Platform Specific Hardware Error Driver)
0x8AC81000 C:\windows\system32\drivers\fileinfo.sys 65536 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x8AFAF000 C:\windows\system32\DRIVERS\HIDCLASS.SYS 65536 bytes (Microsoft Corporation, Hid Class Library)
0x8A8A4000 C:\windows\system32\drivers\iirsp.sys 65536 bytes (Intel Corp./ICP vortex GmbH, Intel/ICP Raid Storport Driver)
0x905EA000 C:\windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x805A8000 C:\windows\System32\drivers\mountmgr.sys 65536 bytes (Microsoft Corporation, Mount Point Manager)
0x8FA5F000 C:\windows\system32\DRIVERS\termdd.sys 65536 bytes (Microsoft Corporation, Terminal Server Driver)
0x8B1E4000 C:\windows\system32\DRIVERS\intelppm.sys 61440 bytes (Microsoft Corporation, Processor Device Driver)
0x80716000 C:\windows\system32\drivers\isapnp.sys 61440 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0x905DB000 C:\windows\system32\DRIVERS\monitor.sys 61440 bytes (Microsoft Corporation, Monitor Driver)
0x8B173000 C:\windows\System32\Drivers\mup.sys 61440 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xAC1DA000 C:\windows\system32\drivers\npf.sys 61440 bytes (CACE Technologies, Inc., npf.sys (NT5/6 x86) Kernel Driver)
0x80741000 C:\windows\System32\drivers\partmgr.sys 61440 bytes (Microsoft Corporation, Partition Management Driver)
0x8FA27000 C:\windows\system32\DRIVERS\raspppoe.sys 61440 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x8AF76000 C:\windows\system32\DRIVERS\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x8075D000 C:\windows\system32\drivers\volmgr.sys 61440 bytes (Microsoft Corporation, Volume Manager Driver)
0x9039D000 C:\windows\system32\DRIVERS\bthmodem.sys 57344 bytes (Microsoft Corporation, Bluetooth Communications Driver)
0x98660000 C:\windows\System32\cdd.dll 57344 bytes (Microsoft Corporation, Canonical Display Driver)
0x902A1000 C:\windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x8A9D4000 C:\windows\system32\drivers\nfrd960.sys 57344 bytes (IBM Corporation, IBM ServeRAID Controller Driver)
0x8FF9A000 C:\windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x807BD000 C:\windows\system32\drivers\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0x901F2000 C:\windows\System32\Drivers\BTHUSB.sys 53248 bytes (Microsoft Corporation, Bluetooth Miniport Driver)
0x904F6000 C:\windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x8FF2E000 C:\windows\system32\drivers\modem.sys 53248 bytes (Microsoft Corporation, Modem Device Driver)
0x8A9E2000 C:\windows\system32\drivers\nvstor.sys 53248 bytes (NVIDIA Corporation, NVIDIAŽ nForce™ Sata Performance Driver)
0x8AB93000 C:\windows\system32\drivers\sisraid2.sys 53248 bytes (Microsoft Corporation, SiS RAID Stor Miniport Driver)
0x8FAA5000 C:\windows\system32\DRIVERS\umbus.sys 53248 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x8F366000 C:\windows\System32\drivers\watchdog.sys 53248 bytes (Microsoft Corporation, Watchdog Driver)
0x8068B000 C:\windows\system32\drivers\WDFLDR.SYS 53248 bytes (Microsoft Corporation, WDFLDR)
0x8A8B4000 C:\windows\system32\drivers\iteatapi.sys 49152 bytes (Integrated Technology Express, Inc., ITE IT8211 ATA/ATAPI SCSI miniport)
0x8A8C0000 C:\windows\system32\drivers\iteraid.sys 49152 bytes (Integrated Technology Express, Inc., ITE IT8212 ATA RAID SCSI miniport)
0x90158000 C:\windows\system32\drivers\mfetdik.sys 49152 bytes (McAfee, Inc., Anti-Virus Mini-Firewall Driver)
0x8ABB5000 C:\windows\system32\drivers\symc8xx.sys 49152 bytes (LSI Logic, LSI Logic 8XX SCSI Miniport Driver)
0xB1EF0000 C:\windows\System32\drivers\tcpipreg.sys 49152 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0x8FF52000 C:\windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x8264C000 C:\windows\system32\drivers\hpcisss.sys 45056 bytes (Hewlett-Packard Company, Smart Array Storport Driver)
0x8F9A9000 C:\windows\system32\DRIVERS\kbdclass.sys 45056 bytes (Microsoft Corporation, Keyboard Class Driver)
0x8F9E6000 C:\windows\system32\DRIVERS\mouclass.sys 45056 bytes (Microsoft Corporation, Mouse Class Driver)
0x8A9BF000 C:\windows\system32\drivers\mraid35x.sys 45056 bytes (LSI Logic Corporation, MegaRAID RAID Controller Driver for Windows Vista/Longhorn for x86)
0x8FF8F000 C:\windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x8EC00000 C:\windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x8ABC1000 C:\windows\system32\drivers\sym_hi.sys 45056 bytes (LSI Logic, LSI Logic Hi-Perf SCSI Miniport Driver)
0x8ABCC000 C:\windows\system32\drivers\sym_u3.sys 45056 bytes (LSI Logic, LSI Logic Ultra160 SCSI Miniport Driver)
0x8F3F5000 C:\windows\system32\DRIVERS\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)
0x8B1D0000 C:\windows\system32\DRIVERS\tunnel.sys 45056 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8F3AC000 C:\windows\system32\DRIVERS\usbuhci.sys 45056 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0x80753000 C:\windows\system32\DRIVERS\BATTC.SYS 40960 bytes (Microsoft Corporation, Battery Class Driver)
0x90379000 C:\windows\system32\DRIVERS\BthEnum.sys 40960 bytes (Microsoft Corporation, Bluetooth Bus Extender)
0x905D1000 C:\windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x8A89A000 C:\windows\system32\drivers\i2omp.sys 40960 bytes (Microsoft Corporation, I2O Miniport Driver)
0x8A8FE000 C:\windows\system32\drivers\megasas.sys 40960 bytes (LSI Corporation, MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x86)
0x8A9CA000 C:\windows\system32\drivers\msahci.sys 40960 bytes (Microsoft Corporation, MS AHCI 1.0 Standard Driver)
0x8FA9B000 C:\windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x90400000 C:\windows\system32\DRIVERS\ndisuio.sys 40960 bytes (Microsoft Corporation, NDIS User mode I/O driver)
0x902FE000 C:\windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0xB1EE6000 C:\windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0xB1F15000 C:\windows\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
0x8B1BA000 C:\windows\system32\drivers\crcdisk.sys 36864 bytes (Microsoft Corporation, Disk Block Verification Filter Driver)
0x8FF3B000 C:\windows\System32\Drivers\Fs_Rec.SYS 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0x8FAE6000 C:\windows\system32\DRIVERS\kbdhid.sys 36864 bytes (Microsoft Corporation, HID Keyboard Filter Driver)
0x8FFA8000 C:\windows\System32\DRIVERS\rasacd.sys 36864 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0x98640000 C:\windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x8B1DB000 C:\windows\system32\DRIVERS\tunmp.sys 36864 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8F600000 C:\windows\system32\DRIVERS\wmiacpi.sys 36864 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
0x806DE000 C:\windows\system32\drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x825A5000 C:\windows\system32\drivers\atapi.sys 32768 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x80477000 C:\windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x805A0000 C:\windows\system32\drivers\cmdide.sys 32768 bytes (CMD Technology, Inc., CMD PCI IDE Bus Driver)
0x806E7000 C:\windows\system32\drivers\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x8FF7F000 C:\windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8FF87000 C:\windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8B156000 C:\windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0x8242E000 C:\windows\system32\drivers\viaide.sys 32768 bytes (VIA Technologies, Inc., VIA Generic PCI IDE Bus Driver)
0x8B115000 C:\windows\system32\drivers\wd.sys 32768 bytes (Microsoft Corporation, Microsoft Watchdog Timer Driver)
0x80600000 C:\windows\system32\drivers\aliide.sys 28672 bytes (Acer Laboratories Inc., ALi mini IDE Driver)
0x80607000 C:\windows\system32\drivers\amdide.sys 28672 bytes (Microsoft Corporation, AMD IDE Driver)
0x8FF4B000 C:\windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x8F9F4000 C:\windows\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0x807B6000 C:\windows\system32\drivers\intelide.sys 28672 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0x8FF44000 C:\windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x807CB000 C:\windows\system32\DRIVERS\pciide.sys 28672 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0x8F9A4000 C:\windows\system32\DRIVERS\HpqKbFiltr.sys 20480 bytes (Hewlett-Packard Development Company, L.P., HpqKbFiltr Keyboard Filter Driver)
0x8F9FB000 C:\windows\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0x904F3000 C:\windows\system32\DRIVERS\btwrchid.sys 12288 bytes (Broadcom Corporation., Bluetooth Remote Control HID Minidriver)
0x80750000 C:\windows\system32\DRIVERS\compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0x8F9F1000 C:\windows\system32\DRIVERS\cpqbttn.sys 12288 bytes (Hewlett-Packard Development Company, L.P., HP Tablet PC Key Button HID Driver)
0xB1EFC000 C:\windows\system32\DRIVERS\psi_mf.sys 12288 bytes (Secunia, Secunia PSI Driver)
0x80404000 00000030 8192 bytes
0x80404000 C:\windows\system32\kdcom.dll 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0x8FA6F000 C:\windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0x8F9E4000 C:\windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
!!!!!!!!!!!Hidden driver: 0x87209F38 00000648 0 bytes
==============================================
>Stealth
==============================================
0x8721A619 Unknown page with executable code, 2535 bytes
0x8721C604 Unknown page with executable code, 2556 bytes
0x8721A4A5 Unknown page with executable code, 2907 bytes
0x87219DAA Unknown page with executable code, 598 bytes
0x8721A0B3 Unknown thread object [ ETHREAD 0x85B43AD0 ] TID: 240, 600 bytes
0x8721B7FB Unknown thread object [ ETHREAD 0x8725DAD0 ] TID: 252, 600 bytes
0x87217FB5 Unknown page with executable code, 75 bytes
0x87219CCB Unknown page with executable code, 821 bytes

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:52 PM

Posted 09 July 2011 - 10:37 AM

Download TDSSKiller and save it to your desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#9 vymichelle

vymichelle
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:52 AM

Posted 09 July 2011 - 02:22 PM

As I mentioned in the first post, I cant seem to get tdsskiller to run..
Have tried the name change and extention change but no joy.
Tried downloading the one from your link and starting from scratch but still no luck..?!

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:52 PM

Posted 09 July 2011 - 02:27 PM

Download the FixTDSS.exe

Save the file to your Windows desktop.
Close all running programs.
If you are running Windows XP, turn off System Restore. How to turn off or turn on Windows XP System Restore
Double-click the FixTDSS.exe file to start the removal tool.
Click Start to begin the process, and then allow the tool to run.
Restart the computer when prompted by the tool.
After the computer has started, the tool will inform you of the state of infection (make sure to let me know what it said)
If you are running Windows XP, re-enable System Restore.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#11 vymichelle

vymichelle
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:52 AM

Posted 10 July 2011 - 01:23 AM

It seemed to run in the opposite order.. I asked it to run, it restarted the computer and then ran. Then said:


***Infected MBR detected
Repair succeeded

Edited by vymichelle, 10 July 2011 - 01:24 AM.


#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:52 PM

Posted 10 July 2011 - 10:09 AM

Very well.
See if TDSSKiller will run now.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#13 vymichelle

vymichelle
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:52 AM

Posted 10 July 2011 - 11:17 AM

Good news is that it ran, bad news is that it still didn't find the problem...?


2011/07/10 17:12:50.0287 0532 TDSS rootkit removing tool 2.5.9.0 Jul 1 2011 18:45:21
2011/07/10 17:12:52.0315 0532 ================================================================================
2011/07/10 17:12:52.0315 0532 SystemInfo:
2011/07/10 17:12:52.0315 0532
2011/07/10 17:12:52.0315 0532 OS Version: 6.0.6001 ServicePack: 1.0
2011/07/10 17:12:52.0315 0532 Product type: Workstation
2011/07/10 17:12:52.0315 0532 ComputerName: MICHELLE-PC
2011/07/10 17:12:52.0315 0532 UserName: Michelle
2011/07/10 17:12:52.0315 0532 Windows directory: C:\windows
2011/07/10 17:12:52.0315 0532 System windows directory: C:\windows
2011/07/10 17:12:52.0315 0532 Processor architecture: Intel x86
2011/07/10 17:12:52.0315 0532 Number of processors: 2
2011/07/10 17:12:52.0315 0532 Page size: 0x1000
2011/07/10 17:12:52.0315 0532 Boot type: Normal boot
2011/07/10 17:12:52.0315 0532 ================================================================================
2011/07/10 17:12:52.0799 0532 Initialize success
2011/07/10 17:12:55.0435 4488 ================================================================================
2011/07/10 17:12:55.0435 4488 Scan started
2011/07/10 17:12:55.0435 4488 Mode: Manual;
2011/07/10 17:12:55.0435 4488 ================================================================================
2011/07/10 17:12:56.0044 4488 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\windows\system32\drivers\acpi.sys
2011/07/10 17:12:56.0122 4488 ADIHdAudAddService (fb9ece3f7b8a03e474e611031ad4cd23) C:\windows\system32\drivers\ADIHdAud.sys
2011/07/10 17:12:56.0153 4488 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\windows\system32\drivers\adp94xx.sys
2011/07/10 17:12:56.0200 4488 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\windows\system32\drivers\adpahci.sys
2011/07/10 17:12:56.0293 4488 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\windows\system32\drivers\adpu160m.sys
2011/07/10 17:12:56.0324 4488 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\windows\system32\drivers\adpu320.sys
2011/07/10 17:12:56.0449 4488 AFD (48eb99503533c27ac6135648e5474457) C:\windows\system32\drivers\afd.sys
2011/07/10 17:12:56.0605 4488 AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\windows\system32\DRIVERS\AGRSM.sys
2011/07/10 17:12:56.0730 4488 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\windows\system32\drivers\agp440.sys
2011/07/10 17:12:56.0761 4488 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\windows\system32\drivers\djsvs.sys
2011/07/10 17:12:56.0777 4488 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\windows\system32\drivers\aliide.sys
2011/07/10 17:12:56.0808 4488 amdagp (c47344bc706e5f0b9dce369516661578) C:\windows\system32\drivers\amdagp.sys
2011/07/10 17:12:56.0824 4488 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\windows\system32\drivers\amdide.sys
2011/07/10 17:12:56.0886 4488 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\windows\system32\drivers\amdk7.sys
2011/07/10 17:12:56.0964 4488 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\windows\system32\DRIVERS\amdk8.sys
2011/07/10 17:12:57.0026 4488 arc (5d2888182fb46632511acee92fdad522) C:\windows\system32\drivers\arc.sys
2011/07/10 17:12:57.0073 4488 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\windows\system32\drivers\arcsas.sys
2011/07/10 17:12:57.0151 4488 AsyncMac (53b202abee6455406254444303e87be1) C:\windows\system32\DRIVERS\asyncmac.sys
2011/07/10 17:12:57.0198 4488 atapi (2d9c903dc76a66813d350a562de40ed9) C:\windows\system32\drivers\atapi.sys
2011/07/10 17:12:57.0385 4488 b57nd60x (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\windows\system32\DRIVERS\b57nd60x.sys
2011/07/10 17:12:57.0463 4488 BCM43XX (3f5e7621cdf6867d3d8417d13a098277) C:\windows\system32\DRIVERS\bcmwl6.sys
2011/07/10 17:12:57.0572 4488 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\windows\system32\drivers\Beep.sys
2011/07/10 17:12:57.0682 4488 blbdrive (d4df28447741fd3d953526e33a617397) C:\windows\system32\drivers\blbdrive.sys
2011/07/10 17:12:57.0744 4488 bowser (8153396d5551276227fa146900f734e6) C:\windows\system32\DRIVERS\bowser.sys
2011/07/10 17:12:57.0853 4488 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\drivers\brfiltlo.sys
2011/07/10 17:12:57.0884 4488 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\drivers\brfiltup.sys
2011/07/10 17:12:57.0962 4488 Brserid (b304e75cff293029eddf094246747113) C:\windows\system32\drivers\brserid.sys
2011/07/10 17:12:57.0994 4488 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\system32\drivers\brserwdm.sys
2011/07/10 17:12:58.0087 4488 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\system32\drivers\brusbmdm.sys
2011/07/10 17:12:58.0134 4488 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\system32\drivers\brusbser.sys
2011/07/10 17:12:58.0181 4488 BthEnum (cce53afc28347cc18ea139972e5b5e5a) C:\windows\system32\DRIVERS\BthEnum.sys
2011/07/10 17:12:58.0259 4488 BTHMODEM (5ffa6988ff9597986ff2ada736cc90c0) C:\windows\system32\DRIVERS\bthmodem.sys
2011/07/10 17:12:58.0368 4488 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\windows\system32\DRIVERS\bthpan.sys
2011/07/10 17:12:58.0430 4488 BTHPORT (ac8a1689d5efc4d214201155a78d8f4b) C:\windows\system32\Drivers\BTHport.sys
2011/07/10 17:12:58.0524 4488 BTHUSB (288c1f74e3e2eed6c7b54eb3aac70856) C:\windows\system32\Drivers\BTHUSB.sys
2011/07/10 17:12:58.0586 4488 btwaudio (99aeea7cefdfc6e4151a8f620d682088) C:\windows\system32\drivers\btwaudio.sys
2011/07/10 17:12:58.0633 4488 btwavdt (195872e48a7fb01f8bc9b800f70f4054) C:\windows\system32\drivers\btwavdt.sys
2011/07/10 17:12:58.0649 4488 btwrchid (0724e7d6c9b6a289eddda33fa8176e80) C:\windows\system32\DRIVERS\btwrchid.sys
2011/07/10 17:12:58.0789 4488 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\windows\system32\DRIVERS\cdfs.sys
2011/07/10 17:12:58.0852 4488 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\windows\system32\DRIVERS\cdrom.sys
2011/07/10 17:12:58.0914 4488 circlass (e5d4133f37219dbcfe102bc61072589d) C:\windows\system32\drivers\circlass.sys
2011/07/10 17:12:58.0961 4488 CLFS (465745561c832b29f7c48b488aab3842) C:\windows\system32\CLFS.sys
2011/07/10 17:12:59.0070 4488 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\windows\system32\DRIVERS\CmBatt.sys
2011/07/10 17:12:59.0132 4488 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\windows\system32\drivers\cmdide.sys
2011/07/10 17:12:59.0164 4488 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\windows\system32\DRIVERS\compbatt.sys
2011/07/10 17:12:59.0195 4488 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\windows\system32\drivers\crcdisk.sys
2011/07/10 17:12:59.0226 4488 Crusoe (1f07becdca750766a96cda811ba86410) C:\windows\system32\drivers\crusoe.sys
2011/07/10 17:12:59.0273 4488 DAMDrv (5d5984255a4bfaa4262fb750df7cd537) C:\windows\system32\DRIVERS\DAMDrv.sys
2011/07/10 17:12:59.0351 4488 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\windows\system32\Drivers\dfsc.sys
2011/07/10 17:12:59.0507 4488 disk (64109e623abd6955c8fb110b592e68b7) C:\windows\system32\drivers\disk.sys
2011/07/10 17:12:59.0569 4488 drmkaud (97fef831ab90bee128c9af390e243f80) C:\windows\system32\drivers\drmkaud.sys
2011/07/10 17:12:59.0616 4488 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\windows\System32\drivers\dxgkrnl.sys
2011/07/10 17:12:59.0725 4488 e1express (9636e42b3114b66ce6edfb34b9d8e81b) C:\windows\system32\DRIVERS\e1e6032.sys
2011/07/10 17:12:59.0772 4488 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\windows\system32\DRIVERS\E1G60I32.sys
2011/07/10 17:12:59.0850 4488 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\windows\system32\drivers\ecache.sys
2011/07/10 17:12:59.0990 4488 elxstor (23b62471681a124889978f6295b3f4c6) C:\windows\system32\drivers\elxstor.sys
2011/07/10 17:13:00.0037 4488 ErrDev (3db974f3935483555d7148663f726c61) C:\windows\system32\drivers\errdev.sys
2011/07/10 17:13:00.0115 4488 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\windows\system32\drivers\exfat.sys
2011/07/10 17:13:00.0162 4488 fastfat (3c489390c2e2064563727752af8eab9e) C:\windows\system32\drivers\fastfat.sys
2011/07/10 17:13:00.0193 4488 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\windows\system32\DRIVERS\fdc.sys
2011/07/10 17:13:00.0302 4488 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\windows\system32\drivers\fileinfo.sys
2011/07/10 17:13:00.0334 4488 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\windows\system32\drivers\filetrace.sys
2011/07/10 17:13:00.0396 4488 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\windows\system32\DRIVERS\flpydisk.sys
2011/07/10 17:13:00.0427 4488 FltMgr (05ea53afe985443011e36dab07343b46) C:\windows\system32\drivers\fltmgr.sys
2011/07/10 17:13:00.0458 4488 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\windows\system32\drivers\Fs_Rec.sys
2011/07/10 17:13:00.0505 4488 FTDIBUS (7c17235845d5ae3fb33ead47b5881521) C:\windows\system32\drivers\ftdibus.sys
2011/07/10 17:13:00.0599 4488 FTSER2K (23220a4709cc5785f9633ba71416145c) C:\windows\system32\drivers\ftser2k.sys
2011/07/10 17:13:00.0614 4488 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\windows\system32\drivers\gagp30kx.sys
2011/07/10 17:13:00.0708 4488 HBtnKey (88a78635b41ed4b261365fadeb28fe81) C:\windows\system32\DRIVERS\cpqbttn.sys
2011/07/10 17:13:00.0755 4488 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\windows\system32\drivers\HdAudio.sys
2011/07/10 17:13:00.0973 4488 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\windows\system32\DRIVERS\HDAudBus.sys
2011/07/10 17:13:01.0145 4488 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\windows\system32\drivers\hidbth.sys
2011/07/10 17:13:01.0160 4488 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\windows\system32\drivers\hidir.sys
2011/07/10 17:13:01.0207 4488 HidUsb (e2b5bd48afcc0f0974fb44641b223250) C:\windows\system32\DRIVERS\hidusb.sys
2011/07/10 17:13:01.0285 4488 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\windows\system32\drivers\hpcisss.sys
2011/07/10 17:13:01.0363 4488 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\windows\system32\DRIVERS\HpqKbFiltr.sys
2011/07/10 17:13:01.0410 4488 HTTP (96e241624c71211a79c84f50a8e71cab) C:\windows\system32\drivers\HTTP.sys
2011/07/10 17:13:01.0472 4488 i2omp (c6b032d69650985468160fc9937cf5b4) C:\windows\system32\drivers\i2omp.sys
2011/07/10 17:13:01.0566 4488 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\windows\system32\DRIVERS\i8042prt.sys
2011/07/10 17:13:01.0660 4488 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\windows\system32\drivers\iastor.sys
2011/07/10 17:13:01.0691 4488 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\windows\system32\drivers\iastorv.sys
2011/07/10 17:13:01.0769 4488 igfx (9378d57e2b96c0a185d844770ad49948) C:\windows\system32\DRIVERS\igdkmd32.sys
2011/07/10 17:13:01.0909 4488 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\windows\system32\drivers\iirsp.sys
2011/07/10 17:13:01.0956 4488 intelide (83aa759f3189e6370c30de5dc5590718) C:\windows\system32\drivers\intelide.sys
2011/07/10 17:13:01.0972 4488 intelppm (224191001e78c89dfa78924c3ea595ff) C:\windows\system32\DRIVERS\intelppm.sys
2011/07/10 17:13:02.0034 4488 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\windows\system32\DRIVERS\ipfltdrv.sys
2011/07/10 17:13:02.0159 4488 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\windows\system32\drivers\ipmidrv.sys
2011/07/10 17:13:02.0206 4488 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\windows\system32\DRIVERS\ipnat.sys
2011/07/10 17:13:02.0237 4488 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\windows\system32\drivers\irenum.sys
2011/07/10 17:13:02.0252 4488 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\windows\system32\drivers\isapnp.sys
2011/07/10 17:13:02.0299 4488 iScsiPrt (f247eec28317f6c739c16de420097301) C:\windows\system32\DRIVERS\msiscsi.sys
2011/07/10 17:13:02.0424 4488 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\windows\system32\drivers\iteatapi.sys
2011/07/10 17:13:02.0455 4488 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\windows\system32\drivers\iteraid.sys
2011/07/10 17:13:02.0471 4488 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\windows\system32\DRIVERS\kbdclass.sys
2011/07/10 17:13:02.0502 4488 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\windows\system32\DRIVERS\kbdhid.sys
2011/07/10 17:13:02.0533 4488 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\windows\system32\Drivers\ksecdd.sys
2011/07/10 17:13:02.0611 4488 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\windows\system32\DRIVERS\lltdio.sys
2011/07/10 17:13:02.0674 4488 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\windows\system32\drivers\lsi_fc.sys
2011/07/10 17:13:02.0705 4488 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\windows\system32\drivers\lsi_sas.sys
2011/07/10 17:13:02.0720 4488 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\windows\system32\drivers\lsi_scsi.sys
2011/07/10 17:13:02.0767 4488 luafv (8f5c7426567798e62a3b3614965d62cc) C:\windows\system32\drivers\luafv.sys
2011/07/10 17:13:02.0923 4488 megasas (0001ce609d66632fa17b84705f658879) C:\windows\system32\drivers\megasas.sys
2011/07/10 17:13:03.0017 4488 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\windows\system32\drivers\megasr.sys
2011/07/10 17:13:03.0235 4488 MfeAVFK (4a802c0d6f1ae9a11cc778e7d3378fe0) C:\windows\system32\drivers\MfeAVFK.sys
2011/07/10 17:13:03.0251 4488 MfeBOPK (f8dedc7b973e7311458fa52774242d19) C:\windows\system32\drivers\MfeBOPK.sys
2011/07/10 17:13:03.0298 4488 mfehidk (04e66896ebb00e94f1a51358d32e24af) C:\windows\system32\drivers\mfehidk.sys
2011/07/10 17:13:03.0313 4488 MfeRKDK (459330ecf667872821fa1e56a2a37d24) C:\windows\system32\drivers\MfeRKDK.sys
2011/07/10 17:13:03.0344 4488 mfetdik (74a22591e2afe1091e949952bdbf7c20) C:\windows\system32\drivers\mfetdik.sys
2011/07/10 17:13:03.0407 4488 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\windows\system32\drivers\modem.sys
2011/07/10 17:13:03.0454 4488 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\windows\system32\DRIVERS\monitor.sys
2011/07/10 17:13:03.0500 4488 mouclass (5bf6a1326a335c5298477754a506d263) C:\windows\system32\DRIVERS\mouclass.sys
2011/07/10 17:13:03.0516 4488 mouhid (93b8d4869e12cfbe663915502900876f) C:\windows\system32\DRIVERS\mouhid.sys
2011/07/10 17:13:03.0547 4488 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\windows\system32\drivers\mountmgr.sys
2011/07/10 17:13:03.0610 4488 MPFP (e320f922bead67774d84a1f2febf01f9) C:\windows\system32\Drivers\Mpfp.sys
2011/07/10 17:13:03.0734 4488 mpio (511d011289755dd9f9a7579fb0b064e6) C:\windows\system32\drivers\mpio.sys
2011/07/10 17:13:03.0781 4488 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\windows\system32\drivers\mpsdrv.sys
2011/07/10 17:13:03.0812 4488 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\windows\system32\drivers\mraid35x.sys
2011/07/10 17:13:03.0828 4488 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\windows\system32\drivers\mrxdav.sys
2011/07/10 17:13:03.0937 4488 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/07/10 17:13:03.0984 4488 mrxsmb10 (cf6e972f8e0d0f2970360a17572b366b) C:\windows\system32\DRIVERS\mrxsmb10.sys
2011/07/10 17:13:04.0015 4488 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\windows\system32\DRIVERS\mrxsmb20.sys
2011/07/10 17:13:04.0078 4488 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\windows\system32\drivers\msahci.sys
2011/07/10 17:13:04.0140 4488 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\windows\system32\drivers\msdsm.sys
2011/07/10 17:13:04.0218 4488 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\windows\system32\drivers\Msfs.sys
2011/07/10 17:13:04.0280 4488 msisadrv (0f400e306f385c56317357d6dea56f62) C:\windows\system32\drivers\msisadrv.sys
2011/07/10 17:13:04.0358 4488 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\windows\system32\drivers\MSKSSRV.sys
2011/07/10 17:13:04.0405 4488 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\windows\system32\drivers\MSPCLOCK.sys
2011/07/10 17:13:04.0483 4488 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\windows\system32\drivers\MSPQM.sys
2011/07/10 17:13:04.0514 4488 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\windows\system32\drivers\MsRPC.sys
2011/07/10 17:13:04.0561 4488 mssmbios (e384487cb84be41d09711c30ca79646c) C:\windows\system32\DRIVERS\mssmbios.sys
2011/07/10 17:13:04.0592 4488 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\windows\system32\drivers\MSTEE.sys
2011/07/10 17:13:04.0624 4488 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\windows\system32\Drivers\mup.sys
2011/07/10 17:13:04.0717 4488 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\windows\system32\DRIVERS\nwifi.sys
2011/07/10 17:13:04.0826 4488 NDIS (c8560010a542b5dca94c62468dc20784) C:\windows\system32\drivers\ndis.sys
2011/07/10 17:13:04.0858 4488 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\windows\system32\DRIVERS\ndistapi.sys
2011/07/10 17:13:04.0920 4488 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\windows\system32\DRIVERS\ndisuio.sys
2011/07/10 17:13:04.0982 4488 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\windows\system32\DRIVERS\ndiswan.sys
2011/07/10 17:13:05.0014 4488 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\windows\system32\drivers\NDProxy.sys
2011/07/10 17:13:05.0092 4488 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\windows\system32\DRIVERS\netbios.sys
2011/07/10 17:13:05.0138 4488 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\windows\system32\DRIVERS\netbt.sys
2011/07/10 17:13:05.0310 4488 NETw5v32 (e559ea9138c77b5d1fda8c558764a25f) C:\windows\system32\DRIVERS\NETw5v32.sys
2011/07/10 17:13:05.0513 4488 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\windows\system32\drivers\nfrd960.sys
2011/07/10 17:13:05.0560 4488 NPF (b9730495e0cf674680121e34bd95a73b) C:\windows\system32\drivers\npf.sys
2011/07/10 17:13:05.0606 4488 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\windows\system32\drivers\Npfs.sys
2011/07/10 17:13:05.0684 4488 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\windows\system32\drivers\nsiproxy.sys
2011/07/10 17:13:05.0747 4488 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\windows\system32\drivers\Ntfs.sys
2011/07/10 17:13:05.0872 4488 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\windows\system32\drivers\ntrigdigi.sys
2011/07/10 17:13:05.0918 4488 Null (c5dbbcda07d780bda9b685df333bb41e) C:\windows\system32\drivers\Null.sys
2011/07/10 17:13:05.0934 4488 nvraid (2edf9e7751554b42cbb60116de727101) C:\windows\system32\drivers\nvraid.sys
2011/07/10 17:13:05.0965 4488 nvstor (abed0c09758d1d97db0042dbb2688177) C:\windows\system32\drivers\nvstor.sys
2011/07/10 17:13:06.0074 4488 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\windows\system32\drivers\nv_agp.sys
2011/07/10 17:13:06.0152 4488 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\windows\system32\DRIVERS\ohci1394.sys
2011/07/10 17:13:06.0215 4488 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\windows\system32\DRIVERS\parport.sys
2011/07/10 17:13:06.0262 4488 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\windows\system32\drivers\partmgr.sys
2011/07/10 17:13:06.0371 4488 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\windows\system32\DRIVERS\parvdm.sys
2011/07/10 17:13:06.0418 4488 pci (01b94418deb235dff777cc80076354b4) C:\windows\system32\drivers\pci.sys
2011/07/10 17:13:06.0433 4488 pciide (fc175f5ddab666d7f4d17449a547626f) C:\windows\system32\DRIVERS\pciide.sys
2011/07/10 17:13:06.0464 4488 pcmcia (b7c5a8769541900f6dfa6fe0c5e4d513) C:\windows\system32\DRIVERS\pcmcia.sys
2011/07/10 17:13:06.0589 4488 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\windows\system32\drivers\peauth.sys
2011/07/10 17:13:06.0745 4488 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\windows\system32\DRIVERS\raspptp.sys
2011/07/10 17:13:06.0808 4488 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\windows\system32\drivers\processr.sys
2011/07/10 17:13:06.0870 4488 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\windows\system32\DRIVERS\pacer.sys
2011/07/10 17:13:06.0964 4488 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\windows\system32\DRIVERS\psi_mf.sys
2011/07/10 17:13:07.0042 4488 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\windows\system32\drivers\ql2300.sys
2011/07/10 17:13:07.0166 4488 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\windows\system32\drivers\ql40xx.sys
2011/07/10 17:13:07.0198 4488 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\windows\system32\drivers\qwavedrv.sys
2011/07/10 17:13:07.0229 4488 RasAcd (147d7f9c556d259924351feb0de606c3) C:\windows\system32\DRIVERS\rasacd.sys
2011/07/10 17:13:07.0260 4488 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\windows\system32\DRIVERS\rasl2tp.sys
2011/07/10 17:13:07.0307 4488 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\windows\system32\DRIVERS\raspppoe.sys
2011/07/10 17:13:07.0354 4488 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\windows\system32\DRIVERS\rassstp.sys
2011/07/10 17:13:07.0385 4488 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\windows\system32\DRIVERS\rdbss.sys
2011/07/10 17:13:07.0400 4488 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\windows\system32\DRIVERS\RDPCDD.sys
2011/07/10 17:13:07.0463 4488 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\windows\system32\drivers\rdpdr.sys
2011/07/10 17:13:07.0572 4488 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\windows\system32\drivers\rdpencdd.sys
2011/07/10 17:13:07.0619 4488 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\windows\system32\drivers\RDPWD.sys
2011/07/10 17:13:07.0681 4488 RFCOMM (23f486726da7a9b2f3ec7326421a9c36) C:\windows\system32\DRIVERS\rfcomm.sys
2011/07/10 17:13:07.0806 4488 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\windows\system32\DRIVERS\rspndr.sys
2011/07/10 17:13:07.0868 4488 sbp2port (3ce8f073a557e172b330109436984e30) C:\windows\system32\drivers\sbp2port.sys
2011/07/10 17:13:07.0915 4488 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
2011/07/10 17:13:07.0962 4488 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\windows\system32\DRIVERS\serenum.sys
2011/07/10 17:13:08.0071 4488 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\windows\system32\drivers\serial.sys
2011/07/10 17:13:08.0118 4488 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\windows\system32\drivers\sermouse.sys
2011/07/10 17:13:08.0165 4488 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\windows\system32\drivers\sffdisk.sys
2011/07/10 17:13:08.0196 4488 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\windows\system32\drivers\sffp_mmc.sys
2011/07/10 17:13:08.0321 4488 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\windows\system32\drivers\sffp_sd.sys
2011/07/10 17:13:08.0352 4488 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\windows\system32\drivers\sfloppy.sys
2011/07/10 17:13:08.0399 4488 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\windows\system32\drivers\sisagp.sys
2011/07/10 17:13:08.0446 4488 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\windows\system32\drivers\sisraid2.sys
2011/07/10 17:13:08.0461 4488 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\windows\system32\drivers\sisraid4.sys
2011/07/10 17:13:08.0586 4488 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\windows\system32\DRIVERS\smb.sys
2011/07/10 17:13:08.0633 4488 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\windows\system32\drivers\spldr.sys
2011/07/10 17:13:08.0726 4488 srv (2252aef839b1093d16761189f45af885) C:\windows\system32\DRIVERS\srv.sys
2011/07/10 17:13:08.0789 4488 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\windows\system32\DRIVERS\srv2.sys
2011/07/10 17:13:08.0820 4488 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\windows\system32\DRIVERS\srvnet.sys
2011/07/10 17:13:08.0914 4488 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\windows\system32\DRIVERS\swenum.sys
2011/07/10 17:13:08.0945 4488 Symc8xx (192aa3ac01df071b541094f251deed10) C:\windows\system32\drivers\symc8xx.sys
2011/07/10 17:13:08.0976 4488 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\windows\system32\drivers\sym_hi.sys
2011/07/10 17:13:08.0992 4488 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\windows\system32\drivers\sym_u3.sys
2011/07/10 17:13:09.0023 4488 SynTP (f5d926807bd9bc0af68f9376144de425) C:\windows\system32\DRIVERS\SynTP.sys
2011/07/10 17:13:09.0116 4488 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\windows\system32\drivers\tcpip.sys
2011/07/10 17:13:09.0272 4488 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\windows\system32\DRIVERS\tcpip.sys
2011/07/10 17:13:09.0366 4488 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\windows\system32\drivers\tcpipreg.sys
2011/07/10 17:13:09.0382 4488 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\windows\system32\drivers\tdpipe.sys
2011/07/10 17:13:09.0413 4488 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\windows\system32\drivers\tdtcp.sys
2011/07/10 17:13:09.0444 4488 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\windows\system32\DRIVERS\tdx.sys
2011/07/10 17:13:09.0475 4488 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\windows\system32\DRIVERS\termdd.sys
2011/07/10 17:13:09.0616 4488 TPM (cb258c2f726f1be73c507022be33ebb3) C:\windows\system32\drivers\tpm.sys
2011/07/10 17:13:09.0678 4488 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\windows\system32\DRIVERS\tssecsrv.sys
2011/07/10 17:13:09.0756 4488 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\windows\system32\DRIVERS\tunmp.sys
2011/07/10 17:13:09.0834 4488 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\windows\system32\DRIVERS\tunnel.sys
2011/07/10 17:13:09.0881 4488 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\windows\system32\drivers\uagp35.sys
2011/07/10 17:13:09.0974 4488 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\windows\system32\DRIVERS\udfs.sys
2011/07/10 17:13:10.0084 4488 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\windows\system32\drivers\uliagpkx.sys
2011/07/10 17:13:10.0130 4488 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\windows\system32\drivers\uliahci.sys
2011/07/10 17:13:10.0177 4488 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\windows\system32\drivers\ulsata.sys
2011/07/10 17:13:10.0193 4488 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\windows\system32\drivers\ulsata2.sys
2011/07/10 17:13:10.0240 4488 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\windows\system32\DRIVERS\umbus.sys
2011/07/10 17:13:10.0364 4488 usbaudio (292a25bb75a568ae2c67169ba2c6365a) C:\windows\system32\drivers\usbaudio.sys
2011/07/10 17:13:10.0396 4488 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\windows\system32\DRIVERS\usbccgp.sys
2011/07/10 17:13:10.0458 4488 usbcir (e9476e6c486e76bc4898074768fb7131) C:\windows\system32\drivers\usbcir.sys
2011/07/10 17:13:10.0536 4488 usbehci (cebe90821810e76320155beba722fcf9) C:\windows\system32\DRIVERS\usbehci.sys
2011/07/10 17:13:10.0567 4488 usbhub (cc6b28e4ce39951357963119ce47b143) C:\windows\system32\DRIVERS\usbhub.sys
2011/07/10 17:13:10.0598 4488 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\windows\system32\DRIVERS\usbohci.sys
2011/07/10 17:13:10.0645 4488 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\windows\system32\DRIVERS\usbprint.sys
2011/07/10 17:13:10.0723 4488 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\windows\system32\DRIVERS\USBSTOR.SYS
2011/07/10 17:13:10.0770 4488 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\windows\system32\DRIVERS\usbuhci.sys
2011/07/10 17:13:10.0848 4488 vga (87b06e1f30b749a114f74622d013f8d4) C:\windows\system32\DRIVERS\vgapnp.sys
2011/07/10 17:13:10.0910 4488 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\windows\System32\drivers\vga.sys
2011/07/10 17:13:10.0957 4488 viaagp (5d7159def58a800d5781ba3a879627bc) C:\windows\system32\drivers\viaagp.sys
2011/07/10 17:13:10.0973 4488 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\windows\system32\drivers\viac7.sys
2011/07/10 17:13:11.0020 4488 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\windows\system32\drivers\viaide.sys
2011/07/10 17:13:11.0082 4488 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\windows\system32\drivers\volmgr.sys
2011/07/10 17:13:11.0129 4488 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\windows\system32\drivers\volmgrx.sys
2011/07/10 17:13:11.0238 4488 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\windows\system32\drivers\volsnap.sys
2011/07/10 17:13:11.0316 4488 vsmraid (587253e09325e6bf226b299774b728a9) C:\windows\system32\drivers\vsmraid.sys
2011/07/10 17:13:11.0378 4488 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\windows\system32\drivers\wacompen.sys
2011/07/10 17:13:11.0441 4488 Wanarp (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys
2011/07/10 17:13:11.0456 4488 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys
2011/07/10 17:13:11.0534 4488 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\windows\system32\drivers\wd.sys
2011/07/10 17:13:11.0566 4488 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\windows\system32\drivers\Wdf01000.sys
2011/07/10 17:13:11.0690 4488 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\windows\system32\DRIVERS\wmiacpi.sys
2011/07/10 17:13:11.0800 4488 WpdUsb (0cec23084b51b8288099eb710224e955) C:\windows\system32\DRIVERS\wpdusb.sys
2011/07/10 17:13:11.0831 4488 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\windows\system32\drivers\ws2ifsl.sys
2011/07/10 17:13:11.0924 4488 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\windows\system32\DRIVERS\WUDFRd.sys
2011/07/10 17:13:11.0971 4488 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
2011/07/10 17:13:12.0002 4488 Boot (0x1200) (3910334b5ea064cb12cae831927aa553) \Device\Harddisk0\DR0\Partition0
2011/07/10 17:13:12.0034 4488 Boot (0x1200) (7ce8e58093c0274c093dda8dd00929d4) \Device\Harddisk0\DR0\Partition1
2011/07/10 17:13:12.0049 4488 ================================================================================
2011/07/10 17:13:12.0049 4488 Scan finished
2011/07/10 17:13:12.0049 4488 ================================================================================
2011/07/10 17:13:12.0065 4236 Detected object count: 0
2011/07/10 17:13:12.0065 4236 Actual detected object count: 0

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:52 PM

Posted 10 July 2011 - 11:21 AM

That's what we wanted.
We just double checked.
FixTDSS fixed the issue.

How is redirection?

Please give me fresh RKUnhooker log.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#15 vymichelle

vymichelle
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:52 AM

Posted 10 July 2011 - 11:44 AM

Thank you so much,
We had just realised google was working and played a song on youtube just to be sure, and then I saw your reply. Very chuffed indeed!!
We will donate some money via your link for your time.
Very grateful, keep up the good work!
Michelle

RkU Version: 3.8.389.593, Type LE (SR2)
==============================================
OS Name: Windows Vista
Version 6.0.6001 (Service Pack 1)
Number of processors #2
==============================================
>Drivers
==============================================
0x8F60F000 C:\windows\system32\DRIVERS\igdkmd32.sys 7057408 bytes (Intel Corporation, Intel Graphics Kernel Mode Driver)
0x81E4C000 C:\windows\system32\ntkrnlpa.exe 3903488 bytes (Microsoft Corporation, NT Kernel & System)
0x81E4C000 PnpManager 3903488 bytes
0x81E4C000 RAW 3903488 bytes
0x81E4C000 WMIxWDM 3903488 bytes
0x8FE07000 C:\windows\system32\DRIVERS\NETw5v32.sys 3698688 bytes (Intel Corporation, IntelŽ Wireless WiFi Link Driver)
0x99CF0000 Win32k 2109440 bytes
0x99CF0000 C:\windows\System32\win32k.sys 2109440 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0x8AC03000 C:\windows\system32\drivers\ql2300.sys 1277952 bytes (QLogic Corporation, QLogic Fibre Channel Stor Miniport Driver)
0x9060B000 C:\windows\system32\DRIVERS\AGRSM.sys 1204224 bytes (Agere Systems, SoftModem Device Driver)
0x8B206000 C:\windows\System32\Drivers\Ntfs.sys 1110016 bytes (Microsoft Corporation, NT File System Driver)
0x8B002000 C:\windows\system32\drivers\ndis.sys 1093632 bytes (Microsoft Corporation, NDIS 6.0 wrapper driver)
0x90804000 C:\windows\System32\drivers\tcpip.sys 954368 bytes (Microsoft Corporation, TCP/IP Driver)
0x806C2000 C:\windows\system32\CI.dll 917504 bytes (Microsoft Corporation, Code Integrity Module)
0xACEFB000 C:\windows\system32\drivers\peauth.sys 909312 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x910FF000 C:\windows\System32\Drivers\dump_iaStor.sys 843776 bytes
0x8A629000 C:\windows\system32\drivers\iastor.sys 843776 bytes (Intel Corporation, Intel Matrix Storage Manager driver - ia32)
0x8AB11000 C:\windows\system32\drivers\megasr.sys 749568 bytes (LSI Corporation, Inc., LSI MegaRAID Software RAID Driver)
0xAB001000 C:\windows\system32\drivers\spsys.sys 716800 bytes (Microsoft Corporation, security processor)
0x8A6F7000 C:\windows\system32\drivers\iastorv.sys 659456 bytes (Intel Corporation, Intel Matrix Storage Manager driver (base))
0x8FCCA000 C:\windows\System32\drivers\dxgkrnl.sys 651264 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x8AA0F000 C:\windows\system32\drivers\elxstor.sys 606208 bytes (Emulex, Storport Miniport Driver for LightPulse HBAs)
0x8AF06000 C:\windows\System32\Drivers\bthport.sys 524288 bytes (Microsoft Corporation, Bluetooth Bus Driver)
0x9106F000 C:\windows\system32\drivers\btwaudio.sys 524288 bytes (Broadcom Corporation., Bluetooth Audio Device)
0x8A40C000 C:\windows\system32\drivers\Wdf01000.sys 507904 bytes (Microsoft Corporation, WDF Dynamic)
0x8AE95000 C:\windows\System32\Drivers\ksecdd.sys 462848 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xAB107000 C:\windows\system32\drivers\HTTP.sys 446464 bytes (Microsoft Corporation, HTTP Protocol Stack)
0x8A84F000 C:\windows\system32\drivers\adp94xx.sys 434176 bytes (Adaptec, Inc., Adaptec Windows SAS/SATA Storport Driver)
0x91008000 C:\windows\system32\drivers\btwavdt.sys 421888 bytes (Broadcom Corporation., Broadcom Bluetooth AVDT Service)
0x80608000 C:\windows\system32\mcupdate_GenuineIntel.dll 393216 bytes (Microsoft Corporation, Intel Microcode Update Library)
0x8AD3B000 C:\windows\system32\drivers\ql40xx.sys 348160 bytes (QLogic Corporation, QLogic iSCSI Storport Miniport Driver)
0x904B6000 C:\windows\system32\drivers\ADIHdAud.sys 327680 bytes (Analog Devices, Inc., High Definition Audio Function Driver)
0xACE85000 C:\windows\System32\DRIVERS\srv.sys 323584 bytes (Microsoft Corporation, Server driver)
0x8A8B9000 C:\windows\system32\drivers\adpahci.sys 311296 bytes (Adaptec, Inc., Adaptec Windows SATA Storport Driver)
0x8A569000 C:\windows\System32\drivers\volmgrx.sys 303104 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x909A8000 C:\windows\system32\drivers\afd.sys 294912 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x8A495000 C:\windows\system32\drivers\acpi.sys 286720 bytes (Microsoft Corporation, ACPI Driver for NT)
0x80681000 C:\windows\system32\CLFS.SYS 266240 bytes (Microsoft Corporation, Common Log File System Driver)
0x8A803000 C:\windows\system32\drivers\storport.sys 266240 bytes (Microsoft Corporation, Microsoft Storage Port Driver)
0x8FDBA000 C:\windows\system32\DRIVERS\USBPORT.SYS 253952 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x90558000 C:\windows\system32\DRIVERS\rdbss.sys 245760 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0x8A9AC000 C:\windows\system32\drivers\uliahci.sys 245760 bytes (ULi Electronics Inc., ULi SATA Controller Driver)
0x8B138000 C:\windows\system32\drivers\NETIO.SYS 237568 bytes (Microsoft Corporation, Network I/O Subsystem)
0x8FD76000 C:\windows\system32\DRIVERS\e1e6032.sys 233472 bytes (Intel Corporation, Intel® PRO/1000 Adapter NDIS 6 deserialized driver)
0xACE0C000 C:\windows\system32\DRIVERS\mrxsmb10.sys 233472 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x8B31D000 C:\windows\system32\drivers\volsnap.sys 233472 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0x90468000 C:\windows\system32\DRIVERS\usbhub.sys 212992 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x81E19000 ACPI_HAL 208896 bytes
0x81E19000 C:\windows\system32\hal.dll 208896 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x8AE53000 C:\windows\system32\drivers\fltmgr.sys 204800 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0x90976000 C:\windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x90594000 C:\windows\system32\drivers\mfehidk.sys 200704 bytes (McAfee, Inc., Host Intrusion Detection Link Driver)
0x901B1000 C:\windows\system32\DRIVERS\SynTP.sys 196608 bytes (Synaptics, Inc., Synaptics Touchpad Driver)
0x8B1AC000 C:\windows\system32\DRIVERS\msiscsi.sys 188416 bytes (Microsoft Corporation, Microsoft iSCSI Initiator Driver)
0x8A5CF000 C:\windows\system32\DRIVERS\pcmcia.sys 184320 bytes (Microsoft Corporation, PCMCIA Bus Driver)
0x90506000 C:\windows\system32\drivers\portcls.sys 184320 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x8AE06000 C:\windows\system32\drivers\ulsata2.sys 180224 bytes (Promise Technology, Inc., Promise SATAII150 Series Windows Drivers)
0x8B10D000 C:\windows\system32\drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x90427000 C:\windows\system32\DRIVERS\ks.sys 172032 bytes (Microsoft Corporation, Kernel CSA Library)
0xAB0C0000 C:\windows\system32\DRIVERS\nwifi.sys 172032 bytes (Microsoft Corporation, NativeWiFi Miniport Driver)
0x905D2000 C:\windows\system32\DRIVERS\rfcomm.sys 167936 bytes (Microsoft Corporation, Bluetooth RFCOMM Driver)
0xACE5D000 C:\windows\System32\DRIVERS\srv2.sys 163840 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x8B382000 C:\windows\System32\drivers\ecache.sys 159744 bytes (Microsoft Corporation, Special Memory Device Cache)
0x8A4EC000 C:\windows\system32\drivers\pci.sys 159744 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0x8A946000 C:\windows\system32\drivers\adpu320.sys 155648 bytes (Adaptec, Inc., Adaptec StorPort Ultra320 SCSI Driver)
0x90908000 C:\windows\System32\Drivers\Mpfp.sys 155648 bytes (McAfee, Inc., McAfee Personal Firewall Plus Driver)
0x8A920000 C:\windows\system32\drivers\SCSIPORT.SYS 155648 bytes (Microsoft Corporation, SCSI Port Driver)
0x90533000 C:\windows\system32\drivers\drmk.sys 151552 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0x8A7D8000 C:\windows\system32\DRIVERS\ndiswan.sys 143360 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x8A600000 C:\windows\system32\drivers\CLASSPNP.SYS 135168 bytes (Microsoft Corporation, SCSI Class System Dll)
0x8ADD4000 C:\windows\system32\drivers\ulsata.sys 135168 bytes (Promise Technology, Inc., Promise Ultra/Sata Series Driver for Win2003)
0x90761000 C:\windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0x8AE32000 C:\windows\system32\drivers\vsmraid.sys 135168 bytes (VIA Technologies Inc.,Ltd, VIA RAID DRIVER FOR AMD-X86-64)
0xAB1BF000 C:\windows\system32\drivers\mrxdav.sys 131072 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xAB1DF000 C:\windows\system32\DRIVERS\mrxsmb.sys 126976 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x8A7A0000 C:\windows\system32\drivers\ataport.SYS 122880 bytes (Microsoft Corporation, ATAPI Driver Extension)
0xAB174000 C:\windows\System32\DRIVERS\srvnet.sys 118784 bytes (Microsoft Corporation, Server Network driver)
0x8A522000 C:\windows\system32\drivers\mpio.sys 114688 bytes (Microsoft Corporation, MultiPath Support Bus-Driver)
0x8A905000 C:\windows\system32\drivers\adpu160m.sys 110592 bytes (Adaptec, Inc., Adaptec LH Ultra160 Driver (x86))
0x908ED000 C:\windows\System32\drivers\fwpkclnt.sys 110592 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x8AFAE000 C:\windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, LUA File Virtualization Filter Driver)
0x807DB000 C:\windows\system32\drivers\nvraid.sys 110592 bytes (NVIDIA Corporation, NVIDIAŽ nForce™ RAID Driver)
0x8AF86000 C:\windows\system32\DRIVERS\bthpan.sys 106496 bytes (Microsoft Corporation, Bluetooth Personal Area Networking)
0x8AAD5000 C:\windows\system32\drivers\lsi_fc.sys 106496 bytes (LSI Logic, LSI Logic Fusion-MPT FC Driver (StorPort))
0x8A7BE000 C:\windows\system32\drivers\lsi_scsi.sys 106496 bytes (LSI Logic, LSI Logic Fusion-MPT SCSI Driver (StorPort))
0x807C1000 C:\windows\system32\drivers\msdsm.sys 106496 bytes (Microsoft Corporation, Microsoft Device Specific Module)
0xAB191000 C:\windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x8B184000 C:\windows\system32\DRIVERS\cdrom.sys 98304 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0x8AAEF000 C:\windows\system32\drivers\lsi_sas.sys 98304 bytes (LSI Logic, LSI Logic Fusion-MPT SAS Driver (StorPort))
0xACE45000 C:\windows\system32\DRIVERS\mrxsmb20.sys 98304 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x907E7000 C:\windows\System32\Drivers\dfsc.sys 94208 bytes (Microsoft Corporation, DFS Namespace Client Driver)
0x8B1E5000 C:\windows\system32\DRIVERS\rasl2tp.sys 94208 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0x8A980000 C:\windows\system32\drivers\arc.sys 90112 bytes (Adaptec, Inc., Adaptec RAID Storport Driver)
0x8A996000 C:\windows\system32\drivers\arcsas.sys 90112 bytes (Adaptec, Inc., Adaptec SAS RAID WS03 Driver)
0xACED4000 C:\windows\system32\DRIVERS\cdfs.sys 90112 bytes (Microsoft Corporation, CD-ROM File System Driver)
0x907B4000 C:\windows\system32\DRIVERS\pacer.sys 90112 bytes (Microsoft Corporation, QoS Packet Scheduler)
0x9092E000 C:\windows\system32\DRIVERS\tdx.sys 90112 bytes (Microsoft Corporation, TDI Translation Driver)
0xAB1AA000 C:\windows\System32\drivers\mpsdrv.sys 86016 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x90400000 C:\windows\system32\DRIVERS\rassstp.sys 86016 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)
0x8B35E000 C:\windows\system32\drivers\sbp2port.sys 86016 bytes (Microsoft Corporation, SBP-2 Protocol Driver)
0x8AD9D000 C:\windows\system32\drivers\sisraid4.sys 86016 bytes (Silicon Integrated Systems, SiS AHCI Stor-Miniport Driver)
0x8A96C000 C:\windows\system32\drivers\djsvs.sys 81920 bytes (Adaptec, Inc., Adaptec Ultra SCSI miniport)
0x8A9E8000 C:\windows\system32\DRIVERS\raspptp.sys 81920 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x90962000 C:\windows\system32\DRIVERS\smb.sys 81920 bytes (Microsoft Corporation, SMB Transport driver)
0x9018E000 C:\windows\system32\DRIVERS\i8042prt.sys 77824 bytes (Microsoft Corporation, i8042 Port Driver)
0xAB0F4000 C:\windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x907CA000 C:\windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0x8B172000 C:\windows\system32\DRIVERS\HDAudBus.sys 73728 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0x90944000 C:\windows\system32\DRIVERS\ipfltdrv.sys 73728 bytes (Microsoft Corporation, IP FILTER DRIVER)
0x8B3A9000 C:\windows\system32\drivers\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x904A5000 C:\windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)
0x80668000 C:\windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Platform Specific Hardware Error Driver)
0x8AE85000 C:\windows\system32\drivers\fileinfo.sys 65536 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x8B19C000 C:\windows\system32\DRIVERS\HIDCLASS.SYS 65536 bytes (Microsoft Corporation, Hid Class Library)
0x8AAAD000 C:\windows\system32\drivers\iirsp.sys 65536 bytes (Intel Corp./ICP vortex GmbH, Intel/ICP Raid Storport Driver)
0xAB0B0000 C:\windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x807B1000 C:\windows\System32\drivers\mountmgr.sys 65536 bytes (Microsoft Corporation, Mount Point Manager)
0x90415000 C:\windows\system32\DRIVERS\termdd.sys 65536 bytes (Microsoft Corporation, Terminal Server Driver)
0x8B3E4000 C:\windows\system32\DRIVERS\intelppm.sys 61440 bytes (Microsoft Corporation, Processor Device Driver)
0x8A513000 C:\windows\system32\drivers\isapnp.sys 61440 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0x911D7000 C:\windows\system32\DRIVERS\monitor.sys 61440 bytes (Microsoft Corporation, Monitor Driver)
0x8B373000 C:\windows\System32\Drivers\mup.sys 61440 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xACEEC000 C:\windows\system32\drivers\npf.sys 61440 bytes (CACE Technologies, Inc., npf.sys (NT5/6 x86) Kernel Driver)
0x8A53E000 C:\windows\System32\drivers\partmgr.sys 61440 bytes (Microsoft Corporation, Partition Management Driver)
0x8AFDF000 C:\windows\system32\DRIVERS\raspppoe.sys 61440 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x8F600000 C:\windows\system32\DRIVERS\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x8A55A000 C:\windows\system32\drivers\volmgr.sys 61440 bytes (Microsoft Corporation, Volume Manager Driver)
0x8AFA0000 C:\windows\system32\DRIVERS\bthmodem.sys 57344 bytes (Microsoft Corporation, Bluetooth Communications Driver)
0x99F30000 C:\windows\System32\cdd.dll 57344 bytes (Microsoft Corporation, Canonical Display Driver)
0x909F0000 C:\windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x8ABDD000 C:\windows\system32\drivers\nfrd960.sys 57344 bytes (IBM Corporation, IBM ServeRAID Controller Driver)
0x9079D000 C:\windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x8A5BA000 C:\windows\system32\drivers\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0x905C5000 C:\windows\System32\Drivers\BTHUSB.sys 53248 bytes (Microsoft Corporation, Bluetooth Miniport Driver)
0x910F2000 C:\windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x90731000 C:\windows\system32\drivers\modem.sys 53248 bytes (Microsoft Corporation, Modem Device Driver)
0x8ABEB000 C:\windows\system32\drivers\nvstor.sys 53248 bytes (NVIDIA Corporation, NVIDIAŽ nForce™ Sata Performance Driver)
0x8AD90000 C:\windows\system32\drivers\sisraid2.sys 53248 bytes (Microsoft Corporation, SiS RAID Stor Miniport Driver)
0x9045B000 C:\windows\system32\DRIVERS\umbus.sys 53248 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x8FD69000 C:\windows\System32\drivers\watchdog.sys 53248 bytes (Microsoft Corporation, Watchdog Driver)
0x8A488000 C:\windows\system32\drivers\WDFLDR.SYS 53248 bytes (Microsoft Corporation, WDFLDR)
0x8AABD000 C:\windows\system32\drivers\iteatapi.sys 49152 bytes (Integrated Technology Express, Inc., ITE IT8211 ATA/ATAPI SCSI miniport)
0x8AAC9000 C:\windows\system32\drivers\iteraid.sys 49152 bytes (Integrated Technology Express, Inc., ITE IT8212 ATA RAID SCSI miniport)
0x90956000 C:\windows\system32\drivers\mfetdik.sys 49152 bytes (McAfee, Inc., Anti-Virus Mini-Firewall Driver)
0x8ADB2000 C:\windows\system32\drivers\symc8xx.sys 49152 bytes (LSI Logic, LSI Logic 8XX SCSI Miniport Driver)
0xACFE6000 C:\windows\System32\drivers\tcpipreg.sys 49152 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0x90755000 C:\windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x8A844000 C:\windows\system32\drivers\hpcisss.sys 45056 bytes (Hewlett-Packard Company, Smart Array Storport Driver)
0x901A6000 C:\windows\system32\DRIVERS\kbdclass.sys 45056 bytes (Microsoft Corporation, Keyboard Class Driver)
0x901E3000 C:\windows\system32\DRIVERS\mouclass.sys 45056 bytes (Microsoft Corporation, Mouse Class Driver)
0x8ABC8000 C:\windows\system32\drivers\mraid35x.sys 45056 bytes (LSI Logic Corporation, MegaRAID RAID Controller Driver for Windows Vista/Longhorn for x86)
0x90792000 C:\windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x8AFD4000 C:\windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x8ADBE000 C:\windows\system32\drivers\sym_hi.sys 45056 bytes (LSI Logic, LSI Logic Hi-Perf SCSI Miniport Driver)
0x8ADC9000 C:\windows\system32\drivers\sym_u3.sys 45056 bytes (LSI Logic, LSI Logic Ultra160 SCSI Miniport Driver)
0x8B1DA000 C:\windows\system32\DRIVERS\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)
0x8B3D0000 C:\windows\system32\DRIVERS\tunnel.sys 45056 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8FDAF000 C:\windows\system32\DRIVERS\usbuhci.sys 45056 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0x8A550000 C:\windows\system32\DRIVERS\BATTC.SYS 40960 bytes (Microsoft Corporation, Battery Class Driver)
0x90600000 C:\windows\system32\DRIVERS\BthEnum.sys 40960 bytes (Microsoft Corporation, Bluetooth Bus Extender)
0x911CD000 C:\windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x8AAA3000 C:\windows\system32\drivers\i2omp.sys 40960 bytes (Microsoft Corporation, I2O Miniport Driver)
0x8AB07000 C:\windows\system32\drivers\megasas.sys 40960 bytes (LSI Corporation, MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x86)
0x8ABD3000 C:\windows\system32\drivers\msahci.sys 40960 bytes (Microsoft Corporation, MS AHCI 1.0 Standard Driver)
0x90451000 C:\windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0xAB0EA000 C:\windows\system32\DRIVERS\ndisuio.sys 40960 bytes (Microsoft Corporation, NDIS User mode I/O driver)
0x907DD000 C:\windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0xACFD9000 C:\windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0xACFF2000 C:\windows\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
0x8B3BA000 C:\windows\system32\drivers\crcdisk.sys 36864 bytes (Microsoft Corporation, Disk Block Verification Filter Driver)
0x9073E000 C:\windows\System32\Drivers\Fs_Rec.SYS 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0x9049C000 C:\windows\system32\DRIVERS\kbdhid.sys 36864 bytes (Microsoft Corporation, HID Keyboard Filter Driver)
0x907AB000 C:\windows\System32\DRIVERS\rasacd.sys 36864 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0x99F10000 C:\windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x8B3DB000 C:\windows\system32\DRIVERS\tunmp.sys 36864 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8B3F3000 C:\windows\system32\DRIVERS\wmiacpi.sys 36864 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
0x8A4DB000 C:\windows\system32\drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x8A798000 C:\windows\system32\drivers\atapi.sys 32768 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x80679000 C:\windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x807A9000 C:\windows\system32\drivers\cmdide.sys 32768 bytes (CMD Technology, Inc., CMD PCI IDE Bus Driver)
0x80600000 C:\windows\system32\kdcom.dll 32768 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0x8A4E4000 C:\windows\system32\drivers\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x90782000 C:\windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x9078A000 C:\windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8B356000 C:\windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0x8A621000 C:\windows\system32\drivers\viaide.sys 32768 bytes (VIA Technologies, Inc., VIA Generic PCI IDE Bus Driver)
0x8B315000 C:\windows\system32\drivers\wd.sys 32768 bytes (Microsoft Corporation, Microsoft Watchdog Timer Driver)
0x8A400000 C:\windows\system32\drivers\aliide.sys 28672 bytes (Acer Laboratories Inc., ALi mini IDE Driver)
0x807A2000 C:\windows\system32\drivers\amdide.sys 28672 bytes (Microsoft Corporation, AMD IDE Driver)
0x9074E000 C:\windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x901F1000 C:\windows\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0x8A5B3000 C:\windows\system32\drivers\intelide.sys 28672 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0x90747000 C:\windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x8A5C8000 C:\windows\system32\DRIVERS\pciide.sys 28672 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0x901A1000 C:\windows\system32\DRIVERS\HpqKbFiltr.sys 20480 bytes (Hewlett-Packard Development Company, L.P., HpqKbFiltr Keyboard Filter Driver)
0x901F8000 C:\windows\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0x910EF000 C:\windows\system32\DRIVERS\btwrchid.sys 12288 bytes (Broadcom Corporation., Bluetooth Remote Control HID Minidriver)
0x8A54D000 C:\windows\system32\DRIVERS\compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0x901EE000 C:\windows\system32\DRIVERS\cpqbttn.sys 12288 bytes (Hewlett-Packard Development Company, L.P., HP Tablet PC Key Button HID Driver)
0xACFE3000 C:\windows\system32\DRIVERS\psi_mf.sys 12288 bytes (Secunia, Secunia PSI Driver)
0x90425000 C:\windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0x901E1000 C:\windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
==============================================
>Stealth
==============================================




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users