Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Canít stop computer from uploading.


  • This topic is locked This topic is locked
36 replies to this topic

#1 agamegmon

agamegmon

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:09:28 PM

Posted 11 August 2011 - 07:57 PM

Upon the suggestion of a BE Advisor I'm posting a request for assistance here.

I have discovered that my system is uploading data full tilt and am unable to make it stop other than by disconnecting from the internet. In my previous post which can be found here:My link I have logs for: SecurityCheck, MiniToolBox, Malwarebytes, TCPView, the cmd “netstat –b 5 > activity.txt” command and the GMER log. I was only able to check the service, registry, files and ADS boxes as the other were greyed out.

Any assistance is greatly appreciated.

.
DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
Run by GK at 18:48:20 on 2011-08-11
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4091.2688 [GMT -5:00]
.
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\SysWOW64\astsrv.exe
C:\Windows\Explorer.EXE
C:\Program Files\cFosSpeed\spd.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
C:\Windows\system32\nlsInterface.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files (x86)\HooTech\NetMeter\HooNetMeter.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Expat Shield Class: {3706ee7c-3cad-445d-8a43-03ebc3b75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
uRun: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
uRun: [NetMeter] C:\Program Files (x86)\HooTech\NetMeter\HooNetMeter.exe
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Trusted Zone: intuit.com\ttlc
Trusted Zone: kktarchitects.com\remote
Trusted Zone: microsoft.com\go
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} - hxxp://www.vexcast.com/download/vexcast.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://lrp.webex.com/client/T27LB/event/ieatgpc1.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.0.1 192.168.0.1
TCP: Interfaces\{306061FE-5704-4BD2-BF98-18E52C7FB874} : NameServer = 68.94.156.1,68.94.157.1
TCP: Interfaces\{306061FE-5704-4BD2-BF98-18E52C7FB874} : DhcpNameServer = 192.168.0.1 192.168.0.1
TCP: Interfaces\{94B1975E-7E4C-402E-B2D3-B2DA259560A8} : NameServer = 10.204.24.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: IDMIEHlprObj Class: {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO-X64: IDM Helper - No File
BHO-X64: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Expat Shield Class: {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
TB-X64: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
mRun-x64: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
AppInit_DLLs-X64: C:\Windows\SysWOW64\guard32.dll
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\GK\AppData\Roaming\Mozilla\Firefox\Profiles\2rpylogd.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npatgpc.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
FF - plugin: C:\Users\GK\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Users\GK\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll
FF - plugin: C:\Users\GK\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll
FF - plugin: C:\Users\GK\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\GK\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\system32\TVUAx\npTVUAx.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 Sahdad64;HDD Filter Driver;C:\Windows\system32\Drivers\Sahdad64.sys --> C:\Windows\system32\Drivers\Sahdad64.sys [?]
R0 Saibad64;Volume Filter Driver;C:\Windows\system32\Drivers\Saibad64.sys --> C:\Windows\system32\Drivers\Saibad64.sys [?]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys --> C:\Windows\system32\DRIVERS\cmdguard.sys [?]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys --> C:\Windows\system32\DRIVERS\cmdhlp.sys [?]
R1 nltdi;nltdi;C:\Program Files\NetLimiter 3\nltdi.sys [2011-3-21 88200]
R1 SaibVdAd64;Virtual Disk Driver;C:\Windows\system32\Drivers\SaibVdAd64.sys --> C:\Windows\system32\Drivers\SaibVdAd64.sys [?]
R2 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys --> C:\Windows\system32\DRIVERS\eamonm.sys [?]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-1-12 810144]
R2 epfwwfpr;epfwwfpr;C:\Windows\system32\DRIVERS\epfwwfpr.sys --> C:\Windows\system32\DRIVERS\epfwwfpr.sys [?]
R2 IDMWFP;IDMWFP;C:\Windows\system32\DRIVERS\idmwfp.sys --> C:\Windows\system32\DRIVERS\idmwfp.sys [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-8-9 366640]
R2 nlscc;Nalpeiron X64 Service;C:\Windows\system32\nlsInterface.exe --> C:\Windows\system32\nlsInterface.exe [?]
R2 WMDrive;WMDrive;C:\Windows\SysWOW64\drivers\WMDrive.sys [2010-8-12 63968]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 NLNdisMP;NLNdisMP;C:\Windows\system32\DRIVERS\nlndis.sys --> C:\Windows\system32\DRIVERS\nlndis.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-1 136176]
S3 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2009-6-2 457200]
S3 ExpatTrayService;Expat Shield Tray Service;C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.exe [2011-7-1 58013]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-10-2 1436424]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-1 136176]
S3 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2011-8-5 517632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-12-27 31124344]
S3 NLNdisPT;NetLimiter Ndis Protocol Service;C:\Windows\system32\DRIVERS\nlndis.sys --> C:\Windows\system32\DRIVERS\nlndis.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 pwdrvio;pwdrvio;\??\C:\Windows\system32\pwdrvio.sys --> C:\Windows\system32\pwdrvio.sys [?]
S3 pwdspio;pwdspio;\??\C:\Windows\system32\pwdspio.sys --> C:\Windows\system32\pwdspio.sys [?]
S4 BOT4Service;BOT4Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2010-8-30 39408]
S4 ExpatShieldService;Expat Shield Service;C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe [2011-7-1 298824]
S4 ExpatSrv;Expat Shield Routing Service;C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe [2011-5-24 363336]
S4 ExpatWd;Expat Shield Monitoring Service;C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -product Expat --> C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -product Expat [?]
S4 hasplms;HASP License Manager;C:\Windows\system32\hasplms.exe -run --> C:\Windows\system32\hasplms.exe -run [?]
S4 RosettaStoneLtdController;RosettaStoneLtdController;C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdController.exe [2008-9-16 352312]
S4 RoxMediaDB13;RoxMediaDB13;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2010-7-16 1099248]
S4 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2010-7-16 354288]
S4 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-5-28 275968]
S4 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-4-22 92592]
.
=============== File Associations ===============
.
.scr=AutoCADScriptFile
.
=============== Created Last 30 ================
.
2011-08-11 14:50:45 1261440 ----a-w- C:\Windows\System32\drivers\cfosspeed6.sys
2011-08-11 14:50:45 -------- d-----w- C:\Program Files\cFosSpeed
2011-08-11 14:29:39 -------- d-sh--w- C:\$RECYCLE.BIN
2011-08-10 21:14:18 388096 ----a-r- C:\Users\GK\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-08-10 21:14:18 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-08-09 23:31:01 -------- d-----w- C:\$AVG
2011-08-09 23:07:38 -------- d-----w- C:\Users\GK\AppData\Roaming\AVG10
2011-08-09 23:04:37 -------- d-----w- C:\ProgramData\AVG10
2011-08-09 23:04:10 -------- d-----w- C:\Program Files (x86)\AVG
2011-08-09 22:50:33 -------- d--h--w- C:\ProgramData\Common Files
2011-08-09 22:50:16 -------- d-----w- C:\ProgramData\MFAData
2011-08-09 16:28:13 -------- d-----w- C:\Users\GK\AppData\Roaming\HTNetMeter
2011-08-09 16:22:48 -------- d-----w- C:\Program Files (x86)\HooTech
2011-08-06 22:05:23 -------- d-----w- C:\Users\GK\AppData\Roaming\XMedia Recode
2011-08-06 20:01:07 -------- d-----w- C:\Program Files (x86)\Aurora
2011-08-06 17:34:23 -------- d-----w- C:\Program Files (x86)\XMedia Recode
2011-08-06 17:22:15 -------- d-----w- C:\Users\GK\AppData\Roaming\AVS4YOU
2011-08-06 17:20:53 -------- d-----w- C:\ProgramData\AVS4YOU
2011-08-06 17:20:53 -------- d-----w- C:\Program Files (x86)\Common Files\AVSMedia
2011-08-06 17:20:53 -------- d-----w- C:\Program Files (x86)\AVS4YOU
2011-08-05 18:04:41 -------- d-----w- C:\Program Files (x86)\ATT-RC
2011-08-05 18:01:02 -------- d-----w- C:\Program Files\Common Files\Motive
2011-08-02 14:36:33 7450888 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\926848fc1cc512145\bingbarsetup.exe
2011-08-02 14:33:05 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\177fee361cc512137\MeshBetaRemover.exe
2011-08-02 14:29:40 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\9ca3a18c1cc512029\DXSETUP.exe
2011-08-02 14:29:39 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\9ca3a18c1cc512029\DSETUP.dll
2011-08-02 14:29:39 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\9ca3a18c1cc512029\dsetup32.dll
2011-08-02 14:29:33 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\983cb47c1cc512028\DXSETUP.exe
2011-08-02 14:29:32 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\983cb47c1cc512028\DSETUP.dll
2011-08-02 14:29:32 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\983cb47c1cc512028\dsetup32.dll
2011-08-02 14:20:24 -------- d-----w- C:\Users\GK\AppData\Local\Windows Live
2011-08-02 14:20:23 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2011-07-29 21:53:39 -------- d-----w- C:\Users\GK\AppData\Roaming\deskDOC DWG to PDF Professional
2011-07-29 21:53:33 9265152 ----a-w- C:\Windows\SysWow64\DWG2ImageX.dll
2011-07-29 21:53:32 9158656 ----a-w- C:\Windows\SysWow64\DWGTOPDFX.dll
2011-07-29 21:53:32 3907640 ----a-w- C:\Windows\SysWow64\gsdll32.dll
2011-07-29 21:53:32 -------- d-----w- C:\Program Files (x86)\deskDOC DWG to PDF Professional
2011-07-29 21:11:38 -------- d-----w- C:\VritualRoot
2011-07-19 17:16:13 -------- d-----w- C:\Users\GK\AppData\Local\Locktime
2011-07-19 17:12:44 -------- d-----w- C:\ProgramData\Locktime
2011-07-19 17:12:44 -------- d-----w- C:\Program Files\NetLimiter 3
2011-07-18 12:27:58 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-07-18 12:27:58 338944 ----a-w- C:\Windows\System32\conhost.exe
2011-07-18 12:27:58 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-07-18 12:27:58 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-07-18 12:27:58 214528 ----a-w- C:\Windows\System32\winsrv.dll
2011-07-18 12:27:58 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-07-18 12:27:58 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-07-18 12:27:58 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-07-18 12:27:57 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-07-18 12:27:57 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-07-18 12:27:56 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-07-17 11:07:57 -------- d-----w- C:\ProgramData\hssff
2011-07-15 16:37:10 -------- d-----w- C:\Users\GK\.get_iplayer
2011-07-15 16:37:00 -------- d-----w- C:\ProgramData\get_iplayer
2011-07-15 16:36:56 -------- d-----w- C:\Program Files (x86)\get_iplayer
2011-07-15 14:38:27 -------- d-----w- C:\Users\GK\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
2011-07-15 14:38:22 -------- d-----w- C:\Program Files (x86)\BBC iPlayer Desktop
2011-07-15 14:27:32 -------- d-----w- C:\Expat Shield
2011-07-15 14:26:35 756552 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor.dll
2011-07-15 14:26:35 755016 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor50.dll
2011-07-15 14:26:35 -------- d-----w- C:\Program Files (x86)\Expat Shield
.
==================== Find3M ====================
.
2011-08-01 19:16:42 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-10 16:20:47 363560 ----a-w- C:\Windows\System32\guard64.dll
2011-07-10 16:20:46 285256 ----a-w- C:\Windows\SysWow64\guard32.dll
2011-07-10 16:20:44 41712 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2011-07-10 16:20:44 252344 ----a-w- C:\Windows\System32\drivers\cmdGuard.sys
2011-07-10 16:20:44 16016 ----a-w- C:\Windows\System32\drivers\cmderd.sys
2011-07-07 00:52:42 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-07 00:52:42 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-06-15 04:17:34 255352 ----a-w- C:\Windows\SysWow64\awrdscdc.ax
2011-06-11 02:56:44 3134464 ----a-w- C:\Windows\System32\win32k.sys
2011-06-02 06:39:54 422400 ----a-w- C:\Windows\System32\KernelBase.dll
2011-06-02 05:56:28 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-06-02 05:54:50 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-06-02 03:45:49 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-06-02 03:45:49 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-06-02 03:45:49 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-06-02 03:45:49 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-05-24 23:40:10 56832 ----a-w- C:\Windows\System32\drivers\HssDrv.sys
2011-05-24 11:21:59 404992 ----a-w- C:\Windows\System32\umpnpmgr.dll
2011-05-24 10:34:20 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2011-05-24 10:34:20 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2011-05-24 10:34:00 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2011-05-24 10:32:46 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2010-04-26 17:55:21 34516288 ----a-w- C:\Program Files\freedwgviewer.exe
.
============= FINISH: 18:48:54.19 ===============

Attached Files


Edited by agamegmon, 11 August 2011 - 09:07 PM.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,662 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:28 PM

Posted 16 August 2011 - 08:00 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resouce! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/413992 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:03:28 AM

Posted 17 August 2011 - 07:19 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.

Please carry out HelpBot's instructions above and we can take it from there.
Posted Image
m0le is a proud member of UNITE

#4 agamegmon

agamegmon
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:09:28 PM

Posted 17 August 2011 - 11:09 PM

Thanks. Here we go....

I have not used the computer since my last post so everything is as it was. I have Windows 7 64bit and I have the disc but I have not come up with it yet. Iíll keep looking.

#5 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:03:28 AM

Posted 18 August 2011 - 04:35 PM

Okay, the original logs are only six days old so we can use them.

Please run aswMBR and TDSSKiller so we can look for rootkits

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

And

  • Download TDSSKiller and save it to your Desktop.

  • Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.

  • Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.

    "%userprofile%\Desktop\TDSSKiller.exe" -l report.txt

  • Now click Start Scan.
  • If Malicious objects are found, ensure Cure is selected then click Continue > Reboot now.
  • Click Close
  • Finally press Report and copy and paste the contents into your next reply. If you've rebooted then the log will be found at C:\

Posted Image
m0le is a proud member of UNITE

#6 agamegmon

agamegmon
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:09:28 PM

Posted 18 August 2011 - 06:28 PM

OK. I have run aswMBR and TDSSKiller. I have also include another TDSSKiller log which I ran just before giving up hope of solving the problem on my own and coming here for help.

///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

aswMBR version 0.9.8.978 Copyright© 2011 AVAST Software
Run date: 2011-08-18 17:19:10
-----------------------------
17:19:10.397 OS Version: Windows x64 6.1.7600
17:19:10.397 Number of processors: 4 586 0x1E05
17:19:10.397 ComputerName: GIGABYTE UserName: GK
17:19:14.625 Initialize success
17:24:32.166 AVAST engine defs: 11081800
17:25:38.107 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:25:38.123 Disk 0 Vendor: WDC_WD1001FALS-00J7B0 05.00K05 Size: 953869MB BusType: 3
17:25:38.123 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-3
17:25:38.123 Disk 1 Vendor: WDC_WD10EADS-00L5B1 01.01A01 Size: 953869MB BusType: 3
17:25:38.123 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP1T0L0-1
17:25:38.139 Disk 2 Vendor: HDT722525DLA380 V44OA91A Size: 238475MB BusType: 3
17:25:38.139 Disk 3 \Device\Harddisk3\DR3 -> \Device\Ide\IdeDeviceP3T0L0-6
17:25:38.139 Disk 3 Vendor: HDT722525DLA380 V44OA91A Size: 238475MB BusType: 3
17:25:40.167 Disk 0 MBR read successfully
17:25:40.167 Disk 0 MBR scan
17:25:40.198 Disk 0 unknown MBR code
17:25:40.198 Service scanning
17:25:43.879 Modules scanning
17:25:43.879 Disk 0 trace - called modules:
17:25:43.895 ntoskrnl.exe CLASSPNP.SYS disk.sys Sahdad64.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
17:25:43.911 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004793060]
17:25:43.911 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8004665a20]
17:25:43.911 5 Sahdad64.sys[fffff8800196de25] -> nt!IofCallDriver -> [0xfffffa800420be40]
17:25:43.911 7 ACPI.sys[fffff88000f60781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004508060]
17:25:44.519 AVAST engine scan C:\Windows
17:25:46.609 AVAST engine scan C:\Windows\system32
17:26:54.111 AVAST engine scan C:\Windows\system32\drivers
17:27:03.330 AVAST engine scan C:\Users\GK
17:35:28.366 AVAST engine scan C:\ProgramData
17:47:09.576 Disk 0 MBR has been saved successfully to "J:\MBR.dat"
17:47:09.841 The log file has been saved successfully to "J:\aswMBR.txt"

/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

2011/08/10 11:03:36.0296 1492 TDSS rootkit removing tool 2.5.14.0 Aug 5 2011 16:09:29
2011/08/10 11:03:36.0327 1492 ================================================================================
2011/08/10 11:03:36.0327 1492 SystemInfo:
2011/08/10 11:03:36.0327 1492
2011/08/10 11:03:36.0327 1492 OS Version: 6.1.7600 ServicePack: 0.0
2011/08/10 11:03:36.0327 1492 Product type: Workstation
2011/08/10 11:03:36.0327 1492 ComputerName: GIGABYTE
2011/08/10 11:03:36.0327 1492 UserName: GK
2011/08/10 11:03:36.0327 1492 Windows directory: C:\Windows
2011/08/10 11:03:36.0327 1492 System windows directory: C:\Windows
2011/08/10 11:03:36.0327 1492 Running under WOW64
2011/08/10 11:03:36.0327 1492 Processor architecture: Intel x64
2011/08/10 11:03:36.0327 1492 Number of processors: 4
2011/08/10 11:03:36.0327 1492 Page size: 0x1000
2011/08/10 11:03:36.0327 1492 Boot type: Normal boot
2011/08/10 11:03:36.0327 1492 ================================================================================
2011/08/10 11:03:37.0388 1492 Initialize success
2011/08/10 11:04:08.0308 2944 ================================================================================
2011/08/10 11:04:08.0308 2944 Scan started
2011/08/10 11:04:08.0308 2944 Mode: Manual;
2011/08/10 11:04:08.0308 2944 ================================================================================
2011/08/10 11:04:09.0836 2944 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/08/10 11:04:09.0899 2944 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/08/10 11:04:09.0930 2944 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/08/10 11:04:09.0992 2944 adfs (d44bcaf639e4e45307c2bc80715273d5) C:\Windows\system32\drivers\adfs.sys
2011/08/10 11:04:10.0086 2944 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/08/10 11:04:10.0133 2944 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/08/10 11:04:10.0211 2944 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\DRIVERS\adpu160m.sys
2011/08/10 11:04:10.0242 2944 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/08/10 11:04:10.0304 2944 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
2011/08/10 11:04:10.0367 2944 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/08/10 11:04:10.0414 2944 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/08/10 11:04:10.0429 2944 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/08/10 11:04:10.0460 2944 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/08/10 11:04:10.0492 2944 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/08/10 11:04:10.0538 2944 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
2011/08/10 11:04:10.0601 2944 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/08/10 11:04:10.0632 2944 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
2011/08/10 11:04:10.0663 2944 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/08/10 11:04:10.0741 2944 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/08/10 11:04:10.0772 2944 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/08/10 11:04:10.0835 2944 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/08/10 11:04:10.0866 2944 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/08/10 11:04:10.0928 2944 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/08/10 11:04:10.0975 2944 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/08/10 11:04:11.0006 2944 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/08/10 11:04:11.0053 2944 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/08/10 11:04:11.0100 2944 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
2011/08/10 11:04:11.0131 2944 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/08/10 11:04:11.0162 2944 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/08/10 11:04:11.0178 2944 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/08/10 11:04:11.0209 2944 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/08/10 11:04:11.0240 2944 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/08/10 11:04:11.0256 2944 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/08/10 11:04:11.0272 2944 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/08/10 11:04:11.0318 2944 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/08/10 11:04:11.0334 2944 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/08/10 11:04:11.0365 2944 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/08/10 11:04:11.0412 2944 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/08/10 11:04:11.0474 2944 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/08/10 11:04:11.0506 2944 cmdGuard (0020e6598d80b92e4d8618554c4843ab) C:\Windows\system32\DRIVERS\cmdguard.sys
2011/08/10 11:04:11.0537 2944 cmdHlp (7a2af19b01bf433c23ac1111610acf84) C:\Windows\system32\DRIVERS\cmdhlp.sys
2011/08/10 11:04:11.0568 2944 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/08/10 11:04:11.0599 2944 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/08/10 11:04:11.0615 2944 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/08/10 11:04:11.0662 2944 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/08/10 11:04:11.0693 2944 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/08/10 11:04:11.0740 2944 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
2011/08/10 11:04:11.0786 2944 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
2011/08/10 11:04:11.0833 2944 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/08/10 11:04:11.0864 2944 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/08/10 11:04:11.0927 2944 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/08/10 11:04:12.0005 2944 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
2011/08/10 11:04:12.0052 2944 eamonm (aca3fe4f18a945b7bf2618a79f6f670b) C:\Windows\system32\DRIVERS\eamonm.sys
2011/08/10 11:04:12.0145 2944 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/08/10 11:04:12.0223 2944 ehdrv (6672438bdcbfd87250d22112d458294d) C:\Windows\system32\DRIVERS\ehdrv.sys
2011/08/10 11:04:12.0317 2944 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/08/10 11:04:12.0364 2944 epfwwfpr (954fade8e59f159b0a71d0cfcc99a76e) C:\Windows\system32\DRIVERS\epfwwfpr.sys
2011/08/10 11:04:12.0395 2944 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/08/10 11:04:12.0457 2944 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/08/10 11:04:12.0551 2944 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/08/10 11:04:12.0613 2944 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/08/10 11:04:12.0660 2944 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/08/10 11:04:12.0691 2944 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/08/10 11:04:12.0722 2944 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/08/10 11:04:12.0754 2944 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/08/10 11:04:12.0800 2944 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/08/10 11:04:12.0832 2944 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/08/10 11:04:12.0894 2944 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/08/10 11:04:12.0988 2944 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/08/10 11:04:13.0081 2944 grmnusb (2ed7ff3e1ada4092632393781518b3a7) C:\Windows\system32\drivers\grmnusb.sys
2011/08/10 11:04:13.0144 2944 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/08/10 11:04:13.0190 2944 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/08/10 11:04:13.0237 2944 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/08/10 11:04:13.0253 2944 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/08/10 11:04:13.0315 2944 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/08/10 11:04:13.0346 2944 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/08/10 11:04:13.0409 2944 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/08/10 11:04:13.0471 2944 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/08/10 11:04:13.0549 2944 HssDrv (80b0c0d39178e80905e30fa92c0f6d43) C:\Windows\system32\DRIVERS\HssDrv.sys
2011/08/10 11:04:13.0627 2944 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/08/10 11:04:13.0674 2944 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/08/10 11:04:13.0721 2944 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/08/10 11:04:13.0768 2944 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
2011/08/10 11:04:13.0830 2944 IDMWFP (ecb18e43ab0302406d4a9a643209d4f0) C:\Windows\system32\DRIVERS\idmwfp.sys
2011/08/10 11:04:13.0877 2944 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/08/10 11:04:13.0955 2944 inspect (fc863d6ec8fc977ac4be6ca7ddc10dae) C:\Windows\system32\DRIVERS\inspect.sys
2011/08/10 11:04:14.0017 2944 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/08/10 11:04:14.0048 2944 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/08/10 11:04:14.0111 2944 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/08/10 11:04:14.0126 2944 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/08/10 11:04:14.0142 2944 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/08/10 11:04:14.0189 2944 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/08/10 11:04:14.0220 2944 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/08/10 11:04:14.0267 2944 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/08/10 11:04:14.0329 2944 JRAID (4a8a242fda43765f4f73ecde2ba0d62a) C:\Windows\system32\DRIVERS\jraid.sys
2011/08/10 11:04:14.0392 2944 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/08/10 11:04:14.0438 2944 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/08/10 11:04:14.0470 2944 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/08/10 11:04:14.0516 2944 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2011/08/10 11:04:14.0548 2944 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/08/10 11:04:14.0626 2944 LHidFilt (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys
2011/08/10 11:04:14.0688 2944 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/08/10 11:04:14.0735 2944 LMouFilt (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys
2011/08/10 11:04:14.0782 2944 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/08/10 11:04:14.0813 2944 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/08/10 11:04:14.0844 2944 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/08/10 11:04:14.0875 2944 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/08/10 11:04:14.0906 2944 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/08/10 11:04:14.0953 2944 LUsbFilt (b8be35421b9e8dc1ab4b0cb7b9b0328b) C:\Windows\system32\Drivers\LUsbFilt.Sys
2011/08/10 11:04:15.0016 2944 MBAMProtector (9c4fb231b6e02f84580de2f00f3c5293) C:\Windows\system32\drivers\mbam.sys
2011/08/10 11:04:15.0109 2944 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
2011/08/10 11:04:15.0172 2944 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/08/10 11:04:15.0203 2944 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/08/10 11:04:15.0265 2944 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/08/10 11:04:15.0296 2944 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/08/10 11:04:15.0343 2944 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/08/10 11:04:15.0374 2944 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/08/10 11:04:15.0406 2944 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/08/10 11:04:15.0452 2944 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/08/10 11:04:15.0499 2944 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/08/10 11:04:15.0530 2944 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/08/10 11:04:15.0562 2944 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/08/10 11:04:15.0608 2944 mrxsmb10 (a8c2d7673c8a010569390c826a0efaf4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/08/10 11:04:15.0640 2944 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/08/10 11:04:15.0655 2944 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/08/10 11:04:15.0686 2944 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/08/10 11:04:15.0749 2944 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/08/10 11:04:15.0764 2944 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/08/10 11:04:15.0780 2944 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/08/10 11:04:15.0827 2944 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/08/10 11:04:15.0874 2944 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/08/10 11:04:15.0889 2944 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/08/10 11:04:15.0920 2944 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/08/10 11:04:15.0952 2944 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/08/10 11:04:15.0967 2944 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/08/10 11:04:15.0983 2944 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/08/10 11:04:15.0998 2944 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/08/10 11:04:16.0061 2944 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/08/10 11:04:16.0186 2944 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/08/10 11:04:16.0264 2944 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/08/10 11:04:16.0326 2944 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/08/10 11:04:16.0357 2944 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/08/10 11:04:16.0388 2944 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/08/10 11:04:16.0435 2944 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/08/10 11:04:16.0466 2944 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/08/10 11:04:16.0498 2944 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/08/10 11:04:16.0560 2944 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/08/10 11:04:16.0622 2944 NLNdisMP (ad42fb061166af0643806800304bd76f) C:\Windows\system32\DRIVERS\nlndis.sys
2011/08/10 11:04:16.0700 2944 NLNdisPT (ad42fb061166af0643806800304bd76f) C:\Windows\system32\DRIVERS\nlndis.sys
2011/08/10 11:04:16.0763 2944 nltdi (75e6581de9a0b155edab6807e668be06) C:\Program Files\NetLimiter 3\nltdi.sys
2011/08/10 11:04:16.0841 2944 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
2011/08/10 11:04:16.0888 2944 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/08/10 11:04:16.0919 2944 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/08/10 11:04:16.0997 2944 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
2011/08/10 11:04:17.0075 2944 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/08/10 11:04:17.0356 2944 nvlddmkm (e55cab397f77d5208db18a78b1b7c0d5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/08/10 11:04:17.0465 2944 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
2011/08/10 11:04:17.0496 2944 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
2011/08/10 11:04:17.0574 2944 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/08/10 11:04:17.0590 2944 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/08/10 11:04:17.0714 2944 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/08/10 11:04:17.0777 2944 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/08/10 11:04:17.0839 2944 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/08/10 11:04:17.0870 2944 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2011/08/10 11:04:17.0902 2944 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/08/10 11:04:17.0964 2944 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys
2011/08/10 11:04:18.0011 2944 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/08/10 11:04:18.0042 2944 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/08/10 11:04:18.0151 2944 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/08/10 11:04:18.0182 2944 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/08/10 11:04:18.0229 2944 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/08/10 11:04:18.0292 2944 pwdrvio (1aca6b4aabd105b7df61622d5432a1b8) C:\Windows\system32\pwdrvio.sys
2011/08/10 11:04:18.0370 2944 pwdspio (30ef02dad9abbd8029eb7337b8d3edca) C:\Windows\system32\pwdspio.sys
2011/08/10 11:04:18.0432 2944 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
2011/08/10 11:04:18.0494 2944 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/08/10 11:04:18.0541 2944 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/08/10 11:04:18.0588 2944 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/08/10 11:04:18.0619 2944 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/08/10 11:04:18.0650 2944 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/08/10 11:04:18.0682 2944 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/08/10 11:04:18.0713 2944 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/08/10 11:04:18.0728 2944 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/08/10 11:04:18.0760 2944 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/08/10 11:04:18.0791 2944 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/08/10 11:04:18.0838 2944 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/08/10 11:04:18.0869 2944 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
2011/08/10 11:04:18.0931 2944 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/08/10 11:04:18.0947 2944 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/08/10 11:04:18.0962 2944 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/08/10 11:04:19.0009 2944 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2011/08/10 11:04:19.0103 2944 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/08/10 11:04:19.0165 2944 RTL8167 (a73ed14670220307874ad6bc2f279349) C:\Windows\system32\DRIVERS\Rt64win7.sys
2011/08/10 11:04:19.0228 2944 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
2011/08/10 11:04:19.0274 2944 Sahdad64 (27db9153d259d632d15483deeab799ed) C:\Windows\system32\Drivers\Sahdad64.sys
2011/08/10 11:04:19.0337 2944 Saibad64 (f77849d909b90bcacfcf7295aecf299b) C:\Windows\system32\Drivers\Saibad64.sys
2011/08/10 11:04:19.0368 2944 SaibVdAd64 (704d415290a568f68de20942dac23f7e) C:\Windows\system32\Drivers\SaibVdAd64.sys
2011/08/10 11:04:19.0430 2944 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/08/10 11:04:19.0727 2944 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/08/10 11:04:19.0852 2944 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/08/10 11:04:20.0023 2944 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/08/10 11:04:20.0257 2944 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/08/10 11:04:20.0335 2944 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/08/10 11:04:20.0491 2944 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/08/10 11:04:20.0647 2944 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/08/10 11:04:20.0756 2944 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/08/10 11:04:20.0803 2944 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/08/10 11:04:20.0881 2944 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/08/10 11:04:20.0944 2944 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/08/10 11:04:21.0006 2944 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/08/10 11:04:21.0053 2944 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/08/10 11:04:21.0131 2944 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
2011/08/10 11:04:21.0131 2944 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
2011/08/10 11:04:21.0131 2944 sptd - detected LockedFile.Multi.Generic (1)
2011/08/10 11:04:21.0178 2944 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
2011/08/10 11:04:21.0209 2944 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
2011/08/10 11:04:21.0271 2944 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
2011/08/10 11:04:21.0318 2944 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/08/10 11:04:21.0365 2944 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
2011/08/10 11:04:21.0396 2944 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
2011/08/10 11:04:21.0443 2944 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/08/10 11:04:21.0521 2944 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
2011/08/10 11:04:21.0583 2944 Tcpip (61dc720bb065d607d5823f13d2a64321) C:\Windows\system32\drivers\tcpip.sys
2011/08/10 11:04:21.0646 2944 TCPIP6 (61dc720bb065d607d5823f13d2a64321) C:\Windows\system32\DRIVERS\tcpip.sys
2011/08/10 11:04:21.0677 2944 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/08/10 11:04:21.0708 2944 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/08/10 11:04:21.0739 2944 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/08/10 11:04:21.0755 2944 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/08/10 11:04:21.0817 2944 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/08/10 11:04:21.0864 2944 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/08/10 11:04:21.0911 2944 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/08/10 11:04:21.0942 2944 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/08/10 11:04:21.0973 2944 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/08/10 11:04:22.0129 2944 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/08/10 11:04:22.0192 2944 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/08/10 11:04:22.0254 2944 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/08/10 11:04:22.0410 2944 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/08/10 11:04:22.0582 2944 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/08/10 11:04:22.0675 2944 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
2011/08/10 11:04:22.0784 2944 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
2011/08/10 11:04:22.0940 2944 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
2011/08/10 11:04:22.0987 2944 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/08/10 11:04:23.0034 2944 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
2011/08/10 11:04:23.0065 2944 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
2011/08/10 11:04:23.0081 2944 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/08/10 11:04:23.0128 2944 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/08/10 11:04:23.0159 2944 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/08/10 11:04:23.0190 2944 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/08/10 11:04:23.0221 2944 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/08/10 11:04:23.0268 2944 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
2011/08/10 11:04:23.0330 2944 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
2011/08/10 11:04:23.0362 2944 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/08/10 11:04:23.0393 2944 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/08/10 11:04:23.0424 2944 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/08/10 11:04:23.0502 2944 vpcbus (f004aeb456cd886dfdb123b6297d89c9) C:\Windows\system32\DRIVERS\vpchbus.sys
2011/08/10 11:04:23.0549 2944 vpcusb (4cdf15ceaf71f068bd26b9841d4e3e2b) C:\Windows\system32\DRIVERS\vpcusb.sys
2011/08/10 11:04:23.0596 2944 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/08/10 11:04:23.0689 2944 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/08/10 11:04:23.0752 2944 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/08/10 11:04:23.0783 2944 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/10 11:04:23.0798 2944 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/10 11:04:23.0845 2944 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/08/10 11:04:23.0876 2944 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/08/10 11:04:23.0908 2944 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/08/10 11:04:23.0939 2944 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/08/10 11:04:24.0032 2944 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/08/10 11:04:24.0126 2944 WMDrive (0bdaeab53129feff4e77ea19e65c275e) C:\Windows\SysWOW64\drivers\WMDrive.sys
2011/08/10 11:04:24.0188 2944 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/08/10 11:04:24.0251 2944 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/08/10 11:04:24.0282 2944 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/08/10 11:04:24.0313 2944 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/08/10 11:04:24.0360 2944 MBR (0x1B8) (9e3cf4e4beac02e4bed36eea1a4d1ad6) \Device\Harddisk0\DR0
2011/08/10 11:04:24.0376 2944 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
2011/08/10 11:04:24.0828 2944 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
2011/08/10 11:04:24.0859 2944 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
2011/08/10 11:04:24.0875 2944 MBR (0x1B8) (0f0080bb940da8216656b160d0a2ea01) \Device\Harddisk4\DR4
2011/08/10 11:04:25.0062 2944 Boot (0x1200) (ed84a6e74837118a28418f9e97568768) \Device\Harddisk0\DR0\Partition0
2011/08/10 11:04:25.0093 2944 Boot (0x1200) (ce635039d5ed62665eecbd3710f882a2) \Device\Harddisk0\DR0\Partition1
2011/08/10 11:04:25.0109 2944 Boot (0x1200) (cd42ecd7ce649a00cee4ae5cbcccca9d) \Device\Harddisk1\DR1\Partition0
2011/08/10 11:04:25.0124 2944 Boot (0x1200) (258b2eb3d775563b704871dd60cc912b) \Device\Harddisk2\DR2\Partition0
2011/08/10 11:04:25.0140 2944 Boot (0x1200) (ab933300cad5fc8f7719e7eeac633d7b) \Device\Harddisk3\DR3\Partition0
2011/08/10 11:04:25.0140 2944 ================================================================================
2011/08/10 11:04:25.0140 2944 Scan finished
2011/08/10 11:04:25.0140 2944 ================================================================================
2011/08/10 11:04:25.0140 2552 Detected object count: 1
2011/08/10 11:04:25.0140 2552 Actual detected object count: 1
2011/08/10 11:04:52.0346 2552 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/08/10 11:06:27.0210 1048 ================================================================================
2011/08/10 11:06:27.0210 1048 Scan started
2011/08/10 11:06:27.0210 1048 Mode: Manual;
2011/08/10 11:06:27.0210 1048 ================================================================================
2011/08/10 11:06:27.0678 1048 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/08/10 11:06:27.0725 1048 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/08/10 11:06:27.0756 1048 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/08/10 11:06:27.0803 1048 adfs (d44bcaf639e4e45307c2bc80715273d5) C:\Windows\system32\drivers\adfs.sys
2011/08/10 11:06:27.0834 1048 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/08/10 11:06:27.0881 1048 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/08/10 11:06:27.0912 1048 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\DRIVERS\adpu160m.sys
2011/08/10 11:06:27.0943 1048 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/08/10 11:06:27.0975 1048 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
2011/08/10 11:06:28.0006 1048 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/08/10 11:06:28.0021 1048 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/08/10 11:06:28.0037 1048 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/08/10 11:06:28.0068 1048 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/08/10 11:06:28.0084 1048 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/08/10 11:06:28.0131 1048 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
2011/08/10 11:06:28.0162 1048 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/08/10 11:06:28.0193 1048 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
2011/08/10 11:06:28.0209 1048 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/08/10 11:06:28.0271 1048 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/08/10 11:06:28.0302 1048 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/08/10 11:06:28.0333 1048 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/08/10 11:06:28.0365 1048 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/08/10 11:06:28.0396 1048 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/08/10 11:06:28.0427 1048 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/08/10 11:06:28.0458 1048 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/08/10 11:06:28.0489 1048 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/08/10 11:06:28.0521 1048 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
2011/08/10 11:06:28.0536 1048 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/08/10 11:06:28.0567 1048 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/08/10 11:06:28.0583 1048 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/08/10 11:06:28.0614 1048 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/08/10 11:06:28.0645 1048 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/08/10 11:06:28.0661 1048 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/08/10 11:06:28.0677 1048 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/08/10 11:06:28.0708 1048 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/08/10 11:06:28.0739 1048 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/08/10 11:06:28.0739 1048 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/08/10 11:06:28.0786 1048 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/08/10 11:06:28.0817 1048 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/08/10 11:06:28.0864 1048 cmdGuard (0020e6598d80b92e4d8618554c4843ab) C:\Windows\system32\DRIVERS\cmdguard.sys
2011/08/10 11:06:28.0879 1048 cmdHlp (7a2af19b01bf433c23ac1111610acf84) C:\Windows\system32\DRIVERS\cmdhlp.sys
2011/08/10 11:06:28.0895 1048 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/08/10 11:06:28.0926 1048 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/08/10 11:06:28.0942 1048 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/08/10 11:06:28.0973 1048 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/08/10 11:06:29.0004 1048 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/08/10 11:06:29.0035 1048 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
2011/08/10 11:06:29.0082 1048 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
2011/08/10 11:06:29.0113 1048 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/08/10 11:06:29.0113 1048 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/08/10 11:06:29.0160 1048 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/08/10 11:06:29.0223 1048 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
2011/08/10 11:06:29.0269 1048 eamonm (aca3fe4f18a945b7bf2618a79f6f670b) C:\Windows\system32\DRIVERS\eamonm.sys
2011/08/10 11:06:29.0347 1048 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/08/10 11:06:29.0394 1048 ehdrv (6672438bdcbfd87250d22112d458294d) C:\Windows\system32\DRIVERS\ehdrv.sys
2011/08/10 11:06:29.0457 1048 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/08/10 11:06:29.0488 1048 epfwwfpr (954fade8e59f159b0a71d0cfcc99a76e) C:\Windows\system32\DRIVERS\epfwwfpr.sys
2011/08/10 11:06:29.0503 1048 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/08/10 11:06:29.0519 1048 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/08/10 11:06:29.0597 1048 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/08/10 11:06:29.0628 1048 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/08/10 11:06:29.0659 1048 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/08/10 11:06:29.0691 1048 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/08/10 11:06:29.0722 1048 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/08/10 11:06:29.0753 1048 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/08/10 11:06:29.0784 1048 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/08/10 11:06:29.0784 1048 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/08/10 11:06:29.0831 1048 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/08/10 11:06:29.0862 1048 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/08/10 11:06:29.0940 1048 grmnusb (2ed7ff3e1ada4092632393781518b3a7) C:\Windows\system32\drivers\grmnusb.sys
2011/08/10 11:06:29.0956 1048 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/08/10 11:06:30.0003 1048 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/08/10 11:06:30.0018 1048 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/08/10 11:06:30.0049 1048 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/08/10 11:06:30.0081 1048 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/08/10 11:06:30.0112 1048 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/08/10 11:06:30.0143 1048 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/08/10 11:06:30.0174 1048 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/08/10 11:06:30.0205 1048 HssDrv (80b0c0d39178e80905e30fa92c0f6d43) C:\Windows\system32\DRIVERS\HssDrv.sys
2011/08/10 11:06:30.0237 1048 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/08/10 11:06:30.0268 1048 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/08/10 11:06:30.0299 1048 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/08/10 11:06:30.0346 1048 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
2011/08/10 11:06:30.0393 1048 IDMWFP (ecb18e43ab0302406d4a9a643209d4f0) C:\Windows\system32\DRIVERS\idmwfp.sys
2011/08/10 11:06:30.0424 1048 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/08/10 11:06:30.0455 1048 inspect (fc863d6ec8fc977ac4be6ca7ddc10dae) C:\Windows\system32\DRIVERS\inspect.sys
2011/08/10 11:06:30.0471 1048 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/08/10 11:06:30.0502 1048 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/08/10 11:06:30.0533 1048 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/08/10 11:06:30.0564 1048 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/08/10 11:06:30.0580 1048 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/08/10 11:06:30.0595 1048 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/08/10 11:06:30.0627 1048 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/08/10 11:06:30.0658 1048 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/08/10 11:06:30.0705 1048 JRAID (4a8a242fda43765f4f73ecde2ba0d62a) C:\Windows\system32\DRIVERS\jraid.sys
2011/08/10 11:06:30.0751 1048 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/08/10 11:06:30.0767 1048 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/08/10 11:06:30.0783 1048 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/08/10 11:06:30.0829 1048 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2011/08/10 11:06:30.0845 1048 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/08/10 11:06:30.0907 1048 LHidFilt (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys
2011/08/10 11:06:30.0939 1048 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/08/10 11:06:30.0970 1048 LMouFilt (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys
2011/08/10 11:06:30.0985 1048 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/08/10 11:06:31.0017 1048 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/08/10 11:06:31.0032 1048 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/08/10 11:06:31.0048 1048 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/08/10 11:06:31.0079 1048 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/08/10 11:06:31.0110 1048 LUsbFilt (b8be35421b9e8dc1ab4b0cb7b9b0328b) C:\Windows\system32\Drivers\LUsbFilt.Sys
2011/08/10 11:06:31.0141 1048 MBAMProtector (9c4fb231b6e02f84580de2f00f3c5293) C:\Windows\system32\drivers\mbam.sys
2011/08/10 11:06:31.0173 1048 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
2011/08/10 11:06:31.0204 1048 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/08/10 11:06:31.0219 1048 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/08/10 11:06:31.0251 1048 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/08/10 11:06:31.0266 1048 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/08/10 11:06:31.0282 1048 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/08/10 11:06:31.0297 1048 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/08/10 11:06:31.0329 1048 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/08/10 11:06:31.0344 1048 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/08/10 11:06:31.0375 1048 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/08/10 11:06:31.0391 1048 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/08/10 11:06:31.0438 1048 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/08/10 11:06:31.0469 1048 mrxsmb10 (a8c2d7673c8a010569390c826a0efaf4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/08/10 11:06:31.0485 1048 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/08/10 11:06:31.0531 1048 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/08/10 11:06:31.0547 1048 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/08/10 11:06:31.0594 1048 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/08/10 11:06:31.0609 1048 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/08/10 11:06:31.0625 1048 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/08/10 11:06:31.0687 1048 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/08/10 11:06:31.0703 1048 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/08/10 11:06:31.0734 1048 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/08/10 11:06:31.0750 1048 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/08/10 11:06:31.0781 1048 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/08/10 11:06:31.0781 1048 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/08/10 11:06:31.0812 1048 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/08/10 11:06:31.0828 1048 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/08/10 11:06:31.0859 1048 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/08/10 11:06:31.0906 1048 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/08/10 11:06:31.0937 1048 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/08/10 11:06:31.0953 1048 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/08/10 11:06:31.0968 1048 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/08/10 11:06:31.0999 1048 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/08/10 11:06:32.0015 1048 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/08/10 11:06:32.0046 1048 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/08/10 11:06:32.0062 1048 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/08/10 11:06:32.0093 1048 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/08/10 11:06:32.0155 1048 NLNdisMP (ad42fb061166af0643806800304bd76f) C:\Windows\system32\DRIVERS\nlndis.sys
2011/08/10 11:06:32.0155 1048 NLNdisPT (ad42fb061166af0643806800304bd76f) C:\Windows\system32\DRIVERS\nlndis.sys
2011/08/10 11:06:32.0218 1048 nltdi (75e6581de9a0b155edab6807e668be06) C:\Program Files\NetLimiter 3\nltdi.sys
2011/08/10 11:06:32.0265 1048 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
2011/08/10 11:06:32.0311 1048 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/08/10 11:06:32.0327 1048 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/08/10 11:06:32.0405 1048 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
2011/08/10 11:06:32.0467 1048 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/08/10 11:06:32.0686 1048 nvlddmkm (e55cab397f77d5208db18a78b1b7c0d5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/08/10 11:06:32.0764 1048 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
2011/08/10 11:06:32.0795 1048 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
2011/08/10 11:06:32.0826 1048 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/08/10 11:06:32.0857 1048 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/08/10 11:06:32.0889 1048 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/08/10 11:06:32.0920 1048 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/08/10 11:06:32.0935 1048 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/08/10 11:06:32.0967 1048 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2011/08/10 11:06:32.0998 1048 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/08/10 11:06:33.0029 1048 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys
2011/08/10 11:06:33.0060 1048 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/08/10 11:06:33.0091 1048 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/08/10 11:06:33.0138 1048 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/08/10 11:06:33.0169 1048 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/08/10 11:06:33.0201 1048 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/08/10 11:06:33.0232 1048 pwdrvio (1aca6b4aabd105b7df61622d5432a1b8) C:\Windows\system32\pwdrvio.sys
2011/08/10 11:06:33.0279 1048 pwdspio (30ef02dad9abbd8029eb7337b8d3edca) C:\Windows\system32\pwdspio.sys
2011/08/10 11:06:33.0294 1048 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
2011/08/10 11:06:33.0341 1048 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/08/10 11:06:33.0372 1048 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/08/10 11:06:33.0388 1048 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/08/10 11:06:33.0419 1048 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/08/10 11:06:33.0450 1048 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/08/10 11:06:33.0481 1048 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/08/10 11:06:33.0513 1048 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/08/10 11:06:33.0528 1048 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/08/10 11:06:33.0544 1048 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/08/10 11:06:33.0575 1048 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/08/10 11:06:33.0591 1048 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/08/10 11:06:33.0637 1048 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
2011/08/10 11:06:33.0653 1048 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/08/10 11:06:33.0669 1048 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/08/10 11:06:33.0700 1048 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/08/10 11:06:33.0731 1048 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2011/08/10 11:06:33.0778 1048 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/08/10 11:06:33.0825 1048 RTL8167 (a73ed14670220307874ad6bc2f279349) C:\Windows\system32\DRIVERS\Rt64win7.sys
2011/08/10 11:06:33.0856 1048 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
2011/08/10 11:06:33.0903 1048 Sahdad64 (27db9153d259d632d15483deeab799ed) C:\Windows\system32\Drivers\Sahdad64.sys
2011/08/10 11:06:33.0949 1048 Saibad64 (f77849d909b90bcacfcf7295aecf299b) C:\Windows\system32\Drivers\Saibad64.sys
2011/08/10 11:06:33.0981 1048 SaibVdAd64 (704d415290a568f68de20942dac23f7e) C:\Windows\system32\Drivers\SaibVdAd64.sys
2011/08/10 11:06:33.0996 1048 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/08/10 11:06:34.0012 1048 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/08/10 11:06:34.0043 1048 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/08/10 11:06:34.0074 1048 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/08/10 11:06:34.0090 1048 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/08/10 11:06:34.0121 1048 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/08/10 11:06:34.0152 1048 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/08/10 11:06:34.0183 1048 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/08/10 11:06:34.0199 1048 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/08/10 11:06:34.0230 1048 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/08/10 11:06:34.0261 1048 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/08/10 11:06:34.0277 1048 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/08/10 11:06:34.0308 1048 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/08/10 11:06:34.0339 1048 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/08/10 11:06:34.0386 1048 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
2011/08/10 11:06:34.0386 1048 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
2011/08/10 11:06:34.0386 1048 sptd - detected LockedFile.Multi.Generic (1)
2011/08/10 11:06:34.0433 1048 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
2011/08/10 11:06:34.0464 1048 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
2011/08/10 11:06:34.0495 1048 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
2011/08/10 11:06:34.0527 1048 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/08/10 11:06:34.0558 1048 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
2011/08/10 11:06:34.0573 1048 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
2011/08/10 11:06:34.0589 1048 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/08/10 11:06:34.0636 1048 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
2011/08/10 11:06:34.0698 1048 Tcpip (61dc720bb065d607d5823f13d2a64321) C:\Windows\system32\drivers\tcpip.sys
2011/08/10 11:06:34.0745 1048 TCPIP6 (61dc720bb065d607d5823f13d2a64321) C:\Windows\system32\DRIVERS\tcpip.sys
2011/08/10 11:06:34.0776 1048 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/08/10 11:06:34.0792 1048 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/08/10 11:06:34.0823 1048 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/08/10 11:06:34.0839 1048 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/08/10 11:06:34.0854 1048 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/08/10 11:06:34.0901 1048 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/08/10 11:06:34.0917 1048 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/08/10 11:06:34.0948 1048 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/08/10 11:06:34.0979 1048 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/08/10 11:06:35.0010 1048 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/08/10 11:06:35.0026 1048 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/08/10 11:06:35.0057 1048 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/08/10 11:06:35.0088 1048 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/08/10 11:06:35.0104 1048 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/08/10 11:06:35.0135 1048 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
2011/08/10 11:06:35.0151 1048 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
2011/08/10 11:06:35.0182 1048 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
2011/08/10 11:06:35.0197 1048 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/08/10 11:06:35.0229 1048 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
2011/08/10 11:06:35.0244 1048 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
2011/08/10 11:06:35.0275 1048 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/08/10 11:06:35.0307 1048 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/08/10 11:06:35.0322 1048 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/08/10 11:06:35.0338 1048 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/08/10 11:06:35.0369 1048 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/08/10 11:06:35.0400 1048 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
2011/08/10 11:06:35.0416 1048 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
2011/08/10 11:06:35.0447 1048 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/08/10 11:06:35.0494 1048 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/08/10 11:06:35.0509 1048 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/08/10 11:06:35.0541 1048 vpcbus (f004aeb456cd886dfdb123b6297d89c9) C:\Windows\system32\DRIVERS\vpchbus.sys
2011/08/10 11:06:35.0587 1048 vpcusb (4cdf15ceaf71f068bd26b9841d4e3e2b) C:\Windows\system32\DRIVERS\vpcusb.sys
2011/08/10 11:06:35.0603 1048 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/08/10 11:06:35.0634 1048 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/08/10 11:06:35.0665 1048 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/08/10 11:06:35.0681 1048 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/10 11:06:35.0697 1048 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/10 11:06:35.0743 1048 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/08/10 11:06:35.0759 1048 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/08/10 11:06:35.0806 1048 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/08/10 11:06:35.0821 1048 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/08/10 11:06:35.0884 1048 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/08/10 11:06:35.0962 1048 WMDrive (0bdaeab53129feff4e77ea19e65c275e) C:\Windows\SysWOW64\drivers\WMDrive.sys
2011/08/10 11:06:35.0977 1048 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/08/10 11:06:36.0040 1048 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/08/10 11:06:36.0071 1048 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/08/10 11:06:36.0087 1048 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/08/10 11:06:36.0133 1048 MBR (0x1B8) (9e3cf4e4beac02e4bed36eea1a4d1ad6) \Device\Harddisk0\DR0
2011/08/10 11:06:36.0149 1048 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
2011/08/10 11:06:36.0165 1048 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
2011/08/10 11:06:36.0196 1048 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
2011/08/10 11:06:36.0227 1048 MBR (0x1B8) (0f0080bb940da8216656b160d0a2ea01) \Device\Harddisk4\DR4
2011/08/10 11:06:36.0414 1048 Boot (0x1200) (ed84a6e74837118a28418f9e97568768) \Device\Harddisk0\DR0\Partition0
2011/08/10 11:06:36.0445 1048 Boot (0x1200) (ce635039d5ed62665eecbd3710f882a2) \Device\Harddisk0\DR0\Partition1
2011/08/10 11:06:36.0461 1048 Boot (0x1200) (cd42ecd7ce649a00cee4ae5cbcccca9d) \Device\Harddisk1\DR1\Partition0
2011/08/10 11:06:36.0461 1048 Boot (0x1200) (258b2eb3d775563b704871dd60cc912b) \Device\Harddisk2\DR2\Partition0
2011/08/10 11:06:36.0461 1048 Boot (0x1200) (ab933300cad5fc8f7719e7eeac633d7b) \Device\Harddisk3\DR3\Partition0
2011/08/10 11:06:36.0477 1048 ================================================================================
2011/08/10 11:06:36.0477 1048 Scan finished
2011/08/10 11:06:36.0477 1048 ================================================================================
2011/08/10 11:06:36.0477 3484 Detected object count: 1
2011/08/10 11:06:36.0477 3484 Actual detected object count: 1
2011/08/10 11:08:49.0139 3484 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/08/10 11:10:17.0685 2316 Deinitialize success

/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

2011/08/18 17:56:01.0435 2232 TDSS rootkit removing tool 2.5.14.0 Aug 5 2011 16:09:29
2011/08/18 17:56:01.0435 2232 ================================================================================
2011/08/18 17:56:01.0435 2232 SystemInfo:
2011/08/18 17:56:01.0435 2232
2011/08/18 17:56:01.0435 2232 OS Version: 6.1.7600 ServicePack: 0.0
2011/08/18 17:56:01.0435 2232 Product type: Workstation
2011/08/18 17:56:01.0435 2232 ComputerName: GIGABYTE
2011/08/18 17:56:01.0435 2232 UserName: GK
2011/08/18 17:56:01.0435 2232 Windows directory: C:\Windows
2011/08/18 17:56:01.0435 2232 System windows directory: C:\Windows
2011/08/18 17:56:01.0435 2232 Running under WOW64
2011/08/18 17:56:01.0435 2232 Processor architecture: Intel x64
2011/08/18 17:56:01.0435 2232 Number of processors: 4
2011/08/18 17:56:01.0435 2232 Page size: 0x1000
2011/08/18 17:56:01.0435 2232 Boot type: Normal boot
2011/08/18 17:56:01.0435 2232 ================================================================================
2011/08/18 17:56:02.0480 2232 Initialize success
2011/08/18 17:56:04.0898 4908 ================================================================================
2011/08/18 17:56:04.0898 4908 Scan started
2011/08/18 17:56:04.0898 4908 Mode: Manual;
2011/08/18 17:56:04.0898 4908 ================================================================================
2011/08/18 17:56:05.0584 4908 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/08/18 17:56:05.0631 4908 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/08/18 17:56:05.0647 4908 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/08/18 17:56:05.0693 4908 adfs (d44bcaf639e4e45307c2bc80715273d5) C:\Windows\system32\drivers\adfs.sys
2011/08/18 17:56:05.0740 4908 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/08/18 17:56:05.0771 4908 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/08/18 17:56:05.0818 4908 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\DRIVERS\adpu160m.sys
2011/08/18 17:56:05.0849 4908 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/08/18 17:56:05.0912 4908 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
2011/08/18 17:56:05.0943 4908 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/08/18 17:56:05.0974 4908 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/08/18 17:56:05.0990 4908 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/08/18 17:56:06.0005 4908 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/08/18 17:56:06.0021 4908 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/08/18 17:56:06.0037 4908 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
2011/08/18 17:56:06.0068 4908 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/08/18 17:56:06.0083 4908 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
2011/08/18 17:56:06.0099 4908 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/08/18 17:56:06.0146 4908 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/08/18 17:56:06.0161 4908 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/08/18 17:56:06.0224 4908 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/08/18 17:56:06.0239 4908 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/08/18 17:56:06.0286 4908 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/08/18 17:56:06.0333 4908 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/08/18 17:56:06.0364 4908 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/08/18 17:56:06.0411 4908 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/08/18 17:56:06.0458 4908 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
2011/08/18 17:56:06.0473 4908 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/08/18 17:56:06.0489 4908 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/08/18 17:56:06.0505 4908 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/08/18 17:56:06.0536 4908 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/08/18 17:56:06.0551 4908 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/08/18 17:56:06.0567 4908 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/08/18 17:56:06.0583 4908 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/08/18 17:56:06.0645 4908 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/08/18 17:56:06.0661 4908 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/08/18 17:56:06.0754 4908 cFosSpeed (954b02631ac49f1a09e3783551394eed) C:\Windows\system32\DRIVERS\cfosspeed6.sys
2011/08/18 17:56:06.0801 4908 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/08/18 17:56:06.0848 4908 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/08/18 17:56:06.0879 4908 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/08/18 17:56:06.0941 4908 cmdGuard (0020e6598d80b92e4d8618554c4843ab) C:\Windows\system32\DRIVERS\cmdguard.sys
2011/08/18 17:56:06.0957 4908 cmdHlp (7a2af19b01bf433c23ac1111610acf84) C:\Windows\system32\DRIVERS\cmdhlp.sys
2011/08/18 17:56:06.0973 4908 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/08/18 17:56:07.0019 4908 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/08/18 17:56:07.0019 4908 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/08/18 17:56:07.0066 4908 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/08/18 17:56:07.0097 4908 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/08/18 17:56:07.0144 4908 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
2011/08/18 17:56:07.0191 4908 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
2011/08/18 17:56:07.0207 4908 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/08/18 17:56:07.0222 4908 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/08/18 17:56:07.0285 4908 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/08/18 17:56:07.0331 4908 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
2011/08/18 17:56:07.0409 4908 eamonm (aca3fe4f18a945b7bf2618a79f6f670b) C:\Windows\system32\DRIVERS\eamonm.sys
2011/08/18 17:56:07.0487 4908 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/08/18 17:56:07.0565 4908 ehdrv (6672438bdcbfd87250d22112d458294d) C:\Windows\system32\DRIVERS\ehdrv.sys
2011/08/18 17:56:07.0612 4908 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/08/18 17:56:07.0643 4908 epfwwfpr (954fade8e59f159b0a71d0cfcc99a76e) C:\Windows\system32\DRIVERS\epfwwfpr.sys
2011/08/18 17:56:07.0659 4908 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/08/18 17:56:07.0690 4908 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/08/18 17:56:07.0768 4908 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/08/18 17:56:07.0799 4908 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/08/18 17:56:07.0831 4908 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/08/18 17:56:07.0846 4908 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/08/18 17:56:07.0862 4908 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/08/18 17:56:07.0893 4908 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/08/18 17:56:07.0940 4908 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/08/18 17:56:07.0955 4908 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/08/18 17:56:08.0018 4908 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/08/18 17:56:08.0065 4908 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/08/18 17:56:08.0111 4908 grmnusb (2ed7ff3e1ada4092632393781518b3a7) C:\Windows\system32\drivers\grmnusb.sys
2011/08/18 17:56:08.0158 4908 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/08/18 17:56:08.0189 4908 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/08/18 17:56:08.0221 4908 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/08/18 17:56:08.0252 4908 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/08/18 17:56:08.0299 4908 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/08/18 17:56:08.0314 4908 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/08/18 17:56:08.0361 4908 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/08/18 17:56:08.0408 4908 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/08/18 17:56:08.0470 4908 HssDrv (80b0c0d39178e80905e30fa92c0f6d43) C:\Windows\system32\DRIVERS\HssDrv.sys
2011/08/18 17:56:08.0501 4908 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/08/18 17:56:08.0533 4908 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/08/18 17:56:08.0579 4908 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/08/18 17:56:08.0626 4908 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
2011/08/18 17:56:08.0673 4908 IDMWFP (ecb18e43ab0302406d4a9a643209d4f0) C:\Windows\system32\DRIVERS\idmwfp.sys
2011/08/18 17:56:08.0704 4908 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/08/18 17:56:08.0782 4908 inspect (fc863d6ec8fc977ac4be6ca7ddc10dae) C:\Windows\system32\DRIVERS\inspect.sys
2011/08/18 17:56:08.0798 4908 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/08/18 17:56:08.0813 4908 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/08/18 17:56:08.0860 4908 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/08/18 17:56:08.0891 4908 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/08/18 17:56:08.0938 4908 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/08/18 17:56:08.0969 4908 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/08/18 17:56:08.0985 4908 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/08/18 17:56:09.0016 4908 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/08/18 17:56:09.0063 4908 JRAID (4a8a242fda43765f4f73ecde2ba0d62a) C:\Windows\system32\DRIVERS\jraid.sys
2011/08/18 17:56:09.0110 4908 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/08/18 17:56:09.0125 4908 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/08/18 17:56:09.0157 4908 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/08/18 17:56:09.0188 4908 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2011/08/18 17:56:09.0203 4908 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/08/18 17:56:09.0281 4908 LHidFilt (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys
2011/08/18 17:56:09.0344 4908 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/08/18 17:56:09.0375 4908 LMouFilt (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys
2011/08/18 17:56:09.0406 4908 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/08/18 17:56:09.0422 4908 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/08/18 17:56:09.0437 4908 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/08/18 17:56:09.0469 4908 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/08/18 17:56:09.0484 4908 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/08/18 17:56:09.0531 4908 LUsbFilt (b8be35421b9e8dc1ab4b0cb7b9b0328b) C:\Windows\system32\Drivers\LUsbFilt.Sys
2011/08/18 17:56:09.0593 4908 MBAMProtector (9c4fb231b6e02f84580de2f00f3c5293) C:\Windows\system32\drivers\mbam.sys
2011/08/18 17:56:09.0656 4908 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
2011/08/18 17:56:09.0703 4908 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/08/18 17:56:09.0749 4908 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/08/18 17:56:09.0781 4908 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/08/18 17:56:09.0827 4908 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/08/18 17:56:09.0843 4908 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/08/18 17:56:09.0890 4908 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/08/18 17:56:09.0921 4908 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/08/18 17:56:09.0952 4908 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/08/18 17:56:09.0968 4908 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/08/18 17:56:09.0999 4908 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/08/18 17:56:10.0030 4908 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/08/18 17:56:10.0061 4908 mrxsmb10 (a8c2d7673c8a010569390c826a0efaf4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/08/18 17:56:10.0077 4908 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/08/18 17:56:10.0093 4908 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/08/18 17:56:10.0108 4908 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/08/18 17:56:10.0155 4908 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/08/18 17:56:10.0186 4908 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/08/18 17:56:10.0202 4908 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/08/18 17:56:10.0249 4908 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/08/18 17:56:10.0264 4908 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/08/18 17:56:10.0295 4908 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/08/18 17:56:10.0311 4908 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/08/18 17:56:10.0327 4908 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/08/18 17:56:10.0342 4908 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/08/18 17:56:10.0358 4908 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/08/18 17:56:10.0389 4908 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/08/18 17:56:10.0436 4908 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/08/18 17:56:10.0483 4908 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/08/18 17:56:10.0529 4908 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/08/18 17:56:10.0561 4908 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/08/18 17:56:10.0592 4908 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/08/18 17:56:10.0607 4908 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/08/18 17:56:10.0639 4908 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/08/18 17:56:10.0654 4908 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/08/18 17:56:10.0670 4908 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/08/18 17:56:10.0717 4908 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/08/18 17:56:10.0795 4908 NLNdisMP (ad42fb061166af0643806800304bd76f) C:\Windows\system32\DRIVERS\nlndis.sys
2011/08/18 17:56:10.0826 4908 NLNdisPT (ad42fb061166af0643806800304bd76f) C:\Windows\system32\DRIVERS\nlndis.sys
2011/08/18 17:56:10.0904 4908 nltdi (75e6581de9a0b155edab6807e668be06) C:\Program Files\NetLimiter 3\nltdi.sys
2011/08/18 17:56:10.0951 4908 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
2011/08/18 17:56:10.0966 4908 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/08/18 17:56:10.0997 4908 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/08/18 17:56:11.0044 4908 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
2011/08/18 17:56:11.0075 4908 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/08/18 17:56:11.0278 4908 nvlddmkm (e55cab397f77d5208db18a78b1b7c0d5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/08/18 17:56:11.0372 4908 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
2011/08/18 17:56:11.0403 4908 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
2011/08/18 17:56:11.0450 4908 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/08/18 17:56:11.0465 4908 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/08/18 17:56:11.0575 4908 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/08/18 17:56:11.0590 4908 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/08/18 17:56:11.0606 4908 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/08/18 17:56:11.0637 4908 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2011/08/18 17:56:11.0668 4908 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/08/18 17:56:11.0715 4908 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys
2011/08/18 17:56:11.0762 4908 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/08/18 17:56:11.0793 4908 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/08/18 17:56:11.0855 4908 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/08/18 17:56:11.0871 4908 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/08/18 17:56:11.0902 4908 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/08/18 17:56:11.0933 4908 pwdrvio (1aca6b4aabd105b7df61622d5432a1b8) C:\Windows\system32\pwdrvio.sys
2011/08/18 17:56:11.0965 4908 pwdspio (30ef02dad9abbd8029eb7337b8d3edca) C:\Windows\system32\pwdspio.sys
2011/08/18 17:56:12.0011 4908 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
2011/08/18 17:56:12.0058 4908 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/08/18 17:56:12.0089 4908 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/08/18 17:56:12.0105 4908 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/08/18 17:56:12.0136 4908 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/08/18 17:56:12.0167 4908 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/08/18 17:56:12.0199 4908 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/08/18 17:56:12.0230 4908 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/08/18 17:56:12.0245 4908 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/08/18 17:56:12.0277 4908 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/08/18 17:56:12.0292 4908 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/08/18 17:56:12.0339 4908 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/08/18 17:56:12.0386 4908 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
2011/08/18 17:56:12.0401 4908 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/08/18 17:56:12.0433 4908 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/08/18 17:56:12.0464 4908 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/08/18 17:56:12.0495 4908 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2011/08/18 17:56:12.0589 4908 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/08/18 17:56:12.0620 4908 RTL8167 (a73ed14670220307874ad6bc2f279349) C:\Windows\system32\DRIVERS\Rt64win7.sys
2011/08/18 17:56:12.0667 4908 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
2011/08/18 17:56:12.0713 4908 Sahdad64 (27db9153d259d632d15483deeab799ed) C:\Windows\system32\Drivers\Sahdad64.sys
2011/08/18 17:56:12.0729 4908 Saibad64 (f77849d909b90bcacfcf7295aecf299b) C:\Windows\system32\Drivers\Saibad64.sys
2011/08/18 17:56:12.0760 4908 SaibVdAd64 (704d415290a568f68de20942dac23f7e) C:\Windows\system32\Drivers\SaibVdAd64.sys
2011/08/18 17:56:12.0791 4908 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/08/18 17:56:12.0823 4908 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/08/18 17:56:12.0854 4908 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/08/18 17:56:12.0885 4908 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/08/18 17:56:12.0916 4908 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/08/18 17:56:12.0932 4908 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/08/18 17:56:12.0979 4908 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/08/18 17:56:13.0010 4908 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/08/18 17:56:13.0025 4908 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/08/18 17:56:13.0057 4908 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/08/18 17:56:13.0072 4908 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/08/18 17:56:13.0103 4908 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/08/18 17:56:13.0119 4908 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/08/18 17:56:13.0166 4908 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/08/18 17:56:13.0228 4908 sptd (602884696850c86434530790b110e8eb) C:\Windows\System32\Drivers\sptd.sys
2011/08/18 17:56:13.0275 4908 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
2011/08/18 17:56:13.0306 4908 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
2011/08/18 17:56:13.0353 4908 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
2011/08/18 17:56:13.0400 4908 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/08/18 17:56:13.0431 4908 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
2011/08/18 17:56:13.0462 4908 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
2011/08/18 17:56:13.0493 4908 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/08/18 17:56:13.0540 4908 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
2011/08/18 17:56:13.0618 4908 Tcpip (61dc720bb065d607d5823f13d2a64321) C:\Windows\system32\drivers\tcpip.sys
2011/08/18 17:56:13.0696 4908 TCPIP6 (61dc720bb065d607d5823f13d2a64321) C:\Windows\system32\DRIVERS\tcpip.sys
2011/08/18 17:56:13.0727 4908 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/08/18 17:56:13.0759 4908 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/08/18 17:56:13.0774 4908 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/08/18 17:56:13.0790 4908 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/08/18 17:56:13.0805 4908 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/08/18 17:56:13.0868 4908 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/08/18 17:56:13.0915 4908 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/08/18 17:56:13.0930 4908 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/08/18 17:56:13.0946 4908 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/08/18 17:56:13.0993 4908 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/08/18 17:56:14.0008 4908 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/08/18 17:56:14.0039 4908 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/08/18 17:56:14.0071 4908 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/08/18 17:56:14.0102 4908 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/08/18 17:56:14.0133 4908 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
2011/08/18 17:56:14.0149 4908 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
2011/08/18 17:56:14.0180 4908 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
2011/08/18 17:56:14.0211 4908 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/08/18 17:56:14.0227 4908 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
2011/08/18 17:56:14.0242 4908 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
2011/08/18 17:56:14.0273 4908 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/08/18 17:56:14.0305 4908 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/08/18 17:56:14.0320 4908 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/08/18 17:56:14.0351 4908 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/08/18 17:56:14.0367 4908 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/08/18 17:56:14.0398 4908 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
2011/08/18 17:56:14.0429 4908 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
2011/08/18 17:56:14.0445 4908 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/08/18 17:56:14.0476 4908 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/08/18 17:56:14.0507 4908 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/08/18 17:56:14.0554 4908 vpcbus (f004aeb456cd886dfdb123b6297d89c9) C:\Windows\system32\DRIVERS\vpchbus.sys
2011/08/18 17:56:14.0585 4908 vpcusb (4cdf15ceaf71f068bd26b9841d4e3e2b) C:\Windows\system32\DRIVERS\vpcusb.sys
2011/08/18 17:56:14.0617 4908 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/08/18 17:56:14.0632 4908 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/08/18 17:56:14.0679 4908 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/08/18 17:56:14.0726 4908 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/18 17:56:14.0741 4908 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/18 17:56:14.0773 4908 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/08/18 17:56:14.0804 4908 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/08/18 17:56:14.0835 4908 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/08/18 17:56:14.0851 4908 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/08/18 17:56:14.0929 4908 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/08/18 17:56:14.0991 4908 WMDrive (0bdaeab53129feff4e77ea19e65c275e) C:\Windows\SysWOW64\drivers\WMDrive.sys
2011/08/18 17:56:15.0022 4908 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/08/18 17:56:15.0069 4908 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/08/18 17:56:15.0100 4908 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/08/18 17:56:15.0131 4908 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/08/18 17:56:15.0178 4908 MBR (0x1B8) (9e3cf4e4beac02e4bed36eea1a4d1ad6) \Device\Harddisk0\DR0
2011/08/18 17:56:15.0178 4908 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
2011/08/18 17:56:15.0194 4908 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
2011/08/18 17:56:15.0194 4908 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
2011/08/18 17:56:15.0209 4908 MBR (0x1B8) (0f0080bb940da8216656b160d0a2ea01) \Device\Harddisk4\DR6
2011/08/18 17:56:15.0365 4908 Boot (0x1200) (ed84a6e74837118a28418f9e97568768) \Device\Harddisk0\DR0\Partition0
2011/08/18 17:56:15.0397 4908 Boot (0x1200) (ce635039d5ed62665eecbd3710f882a2) \Device\Harddisk0\DR0\Partition1
2011/08/18 17:56:15.0397 4908 Boot (0x1200) (cd42ecd7ce649a00cee4ae5cbcccca9d) \Device\Harddisk2\DR2\Partition0
2011/08/18 17:56:15.0397 4908 Boot (0x1200) (258b2eb3d775563b704871dd60cc912b) \Device\Harddisk1\DR1\Partition0
2011/08/18 17:56:15.0412 4908 Boot (0x1200) (ab933300cad5fc8f7719e7eeac633d7b) \Device\Harddisk3\DR3\Partition0
2011/08/18 17:56:15.0412 4908 ================================================================================
2011/08/18 17:56:15.0412 4908 Scan finished
2011/08/18 17:56:15.0412 4908 ================================================================================
2011/08/18 17:56:15.0428 1944 Detected object count: 0
2011/08/18 17:56:15.0428 1944 Actual detected object count: 0
2011/08/18 17:56:26.0847 3788 Deinitialize success

Edited by agamegmon, 18 August 2011 - 06:29 PM.


#7 agamegmon

agamegmon
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:09:28 PM

Posted 18 August 2011 - 06:43 PM

Forgot to mention that some of the other scan logs I posted in my original post might be helpful along with a screen capture of outgoing internet connections that can be found here: http://www.flickr.com/photos/66297320@N08/6029875685/in/photostream

#8 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:03:28 AM

Posted 18 August 2011 - 07:21 PM

Thanks for the screenshots. Can you please run MBRCheck, aswMBR couldn't recognise the Master Boot Record you currently have.

Please download MBRCheck to your desktop.

1. Double click MBRCheck.exe to run it (Right click and run as Administrator for Vista).
2. It will open a black window, please do not fix anything (if it gives you an option).
3. Exit that window and it will produce a log (MBRCheck_date_time).
4. Please post that log when you reply.
Posted Image
m0le is a proud member of UNITE

#9 agamegmon

agamegmon
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:09:28 PM

Posted 18 August 2011 - 11:10 PM

Thanks for your time in helping me with this.

MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows 7 Ultimate Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Gigabyte Technology Co., Ltd.
BIOS Manufacturer: Award Software International, Inc.
System Manufacturer: Gigabyte Technology Co., Ltd.
System Product Name: P55-UD4P
Logical Drives Mask: 0x000007fd

Kernel Drivers (total 215):
0x0C468000 \SystemRoot\system32\ntoskrnl.exe
0x0C41F000 \SystemRoot\system32\hal.dll
0x00BC0000 \SystemRoot\system32\kdcom.dll
0x00C30000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00C74000 \SystemRoot\system32\PSHED.dll
0x00C88000 \SystemRoot\system32\CLFS.SYS
0x00CE6000 \SystemRoot\system32\CI.dll
0x00EA2000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F46000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F55000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00FAC000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00FB5000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00FBF000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00FCC000 \SystemRoot\system32\DRIVERS\pci.sys
0x00E00000 \SystemRoot\System32\drivers\partmgr.sys
0x00E15000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00E2A000 \SystemRoot\System32\drivers\volmgrx.sys
0x00E86000 \SystemRoot\system32\DRIVERS\pciide.sys
0x00E8D000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x00DA6000 \SystemRoot\system32\DRIVERS\jraid.sys
0x00DC6000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
0x00C00000 \SystemRoot\System32\drivers\mountmgr.sys
0x00C1A000 \SystemRoot\system32\DRIVERS\atapi.sys
0x01085000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x010AF000 \SystemRoot\system32\DRIVERS\adpu160m.sys
0x010D0000 \SystemRoot\system32\drivers\amdxata.sys
0x010DB000 \SystemRoot\system32\drivers\fltmgr.sys
0x01127000 \SystemRoot\system32\drivers\fileinfo.sys
0x0113B000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x0120E000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01148000 \SystemRoot\System32\Drivers\msrpc.sys
0x013B0000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01000000 \SystemRoot\System32\Drivers\cng.sys
0x013CA000 \SystemRoot\System32\drivers\pcw.sys
0x013DB000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x014C5000 \SystemRoot\system32\drivers\ndis.sys
0x01400000 \SystemRoot\system32\drivers\NETIO.SYS
0x01460000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01603000 \SystemRoot\System32\drivers\tcpip.sys
0x011A6000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x0148B000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
0x018CD000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x01919000 \SystemRoot\System32\Drivers\spldr.sys
0x01921000 \SystemRoot\SysWOW64\speedfan.sys
0x01928000 \SystemRoot\System32\drivers\rdyboost.sys
0x01962000 \SystemRoot\System32\Drivers\Saibad64.sys
0x0196B000 \SystemRoot\System32\Drivers\Sahdad64.sys
0x01976000 \SystemRoot\System32\Drivers\mup.sys
0x01988000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01991000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x019CB000 \SystemRoot\system32\DRIVERS\disk.sys
0x01800000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x01866000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x015B7000 \SystemRoot\System32\DRIVERS\cmdguard.sys
0x01890000 \SystemRoot\System32\Drivers\Null.SYS
0x01899000 \SystemRoot\System32\Drivers\Beep.SYS
0x018A0000 \SystemRoot\system32\DRIVERS\ehdrv.sys
0x019E1000 \SystemRoot\System32\drivers\vga.sys
0x0149B000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x019EF000 \SystemRoot\System32\drivers\watchdog.sys
0x013E5000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x013EE000 \SystemRoot\system32\drivers\rdpencdd.sys
0x013F7000 \SystemRoot\system32\drivers\rdprefmp.sys
0x01200000 \SystemRoot\System32\Drivers\Msfs.SYS
0x01073000 \SystemRoot\System32\Drivers\Npfs.SYS
0x02C25000 \SystemRoot\system32\DRIVERS\tdx.sys
0x02C43000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x02C50000 \SystemRoot\System32\DRIVERS\cmdhlp.sys
0x03E43000 \??\C:\Program Files\NetLimiter 3\nltdi.sys
0x043B3000 \SystemRoot\System32\DRIVERS\netbt.sys
0x02C5C000 \SystemRoot\system32\drivers\afd.sys
0x03E00000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x03E09000 \SystemRoot\system32\DRIVERS\pacer.sys
0x02CE5000 \SystemRoot\system32\DRIVERS\inspect.sys
0x04483000 \SystemRoot\system32\DRIVERS\cfosspeed6.sys
0x045C5000 \SystemRoot\system32\DRIVERS\netbios.sys
0x045D4000 \SystemRoot\system32\DRIVERS\serial.sys
0x04400000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x0441B000 \SystemRoot\system32\DRIVERS\termdd.sys
0x0442F000 \SystemRoot\System32\Drivers\SaibVdAd64.sys
0x02CFD000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x04439000 \SystemRoot\system32\drivers\nsiproxy.sys
0x04445000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x04450000 \SystemRoot\System32\drivers\discache.sys
0x02D4E000 \SystemRoot\system32\drivers\csc.sys
0x0445F000 \SystemRoot\System32\Drivers\dfsc.sys
0x03E2F000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x02DD1000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x02C00000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x0FE43000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x10AD5000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
0x10AD7000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x04A38000 \SystemRoot\System32\drivers\dxgmms1.sys
0x04A7E000 \SystemRoot\system32\drivers\usbuhci.sys
0x04A8B000 \SystemRoot\system32\drivers\USBPORT.SYS
0x04AE1000 \SystemRoot\system32\drivers\usbehci.sys
0x04AF2000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x04B16000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x04B7C000 \SystemRoot\system32\DRIVERS\1394ohci.sys
0x04BBA000 \SystemRoot\system32\DRIVERS\fdc.sys
0x04BC7000 \SystemRoot\system32\DRIVERS\serenum.sys
0x04BD3000 \SystemRoot\system32\DRIVERS\parport.sys
0x04BF0000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x04A00000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x04A10000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x10BCB000 \SystemRoot\system32\DRIVERS\HssDrv.sys
0x0FE00000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x04A26000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x04ED0000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x04EFF000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x04F1A000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x04F3B000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x04F55000 \SystemRoot\system32\DRIVERS\taphss.sys
0x05651000 \SystemRoot\system32\DRIVERS\nlndis.sys
0x05BB3000 \SystemRoot\System32\Drivers\pcouffin.sys
0x05BC8000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x05BD3000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x05BE2000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x05600000 \SystemRoot\system32\DRIVERS\mcdbus.sys
0x0563D000 \SystemRoot\system32\DRIVERS\swenum.sys
0x04F62000 \SystemRoot\system32\DRIVERS\ks.sys
0x0563F000 \SystemRoot\system32\DRIVERS\umbus.sys
0x04FA5000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x05BF1000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0x04E00000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x04E15000 \SystemRoot\system32\drivers\HdAudio.sys
0x04E71000 \SystemRoot\system32\drivers\portcls.sys
0x04EAE000 \SystemRoot\system32\drivers\drmk.sys
0x04A32000 \SystemRoot\system32\drivers\ksthunk.sys
0x078F0000 \SystemRoot\system32\DRIVERS\udfs.sys
0x00030000 \SystemRoot\System32\win32k.sys
0x07944000 \SystemRoot\System32\drivers\Dxapi.sys
0x07950000 \SystemRoot\System32\Drivers\crashdmp.sys
0x0795E000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x0796A000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x07973000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x07986000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x07994000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x079AD000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x079B6000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x079B8000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x079C5000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x079E2000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x079F0000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00570000 \SystemRoot\System32\TSDDD.dll
0x00600000 \SystemRoot\System32\cdd.dll
0x00930000 \SystemRoot\System32\ATMFD.DLL
0x07800000 \SystemRoot\system32\drivers\luafv.sys
0x022D4000 \SystemRoot\system32\DRIVERS\eamonm.sys
0x023AD000 \SystemRoot\system32\drivers\WudfPf.sys
0x023CE000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x02200000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x02253000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x02266000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x07823000 \SystemRoot\system32\drivers\HTTP.sys
0x0227E000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x022AB000 \SystemRoot\system32\DRIVERS\bowser.sys
0x023E3000 \SystemRoot\System32\drivers\mpsdrv.sys
0x01830000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x02840000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0288E000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x028B1000 \SystemRoot\System32\DRIVERS\srv2.sys
0x02918000 \SystemRoot\System32\DRIVERS\srv.sys
0x029AD000 \SystemRoot\System32\Drivers\adfs.SYS
0x029C5000 \SystemRoot\system32\DRIVERS\epfwwfpr.sys
0x02800000 \SystemRoot\system32\DRIVERS\idmwfp.sys
0x046D8000 \SystemRoot\system32\drivers\peauth.sys
0x0477E000 \SystemRoot\System32\Drivers\secdrv.SYS
0x04789000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0479B000 \??\C:\Windows\SysWOW64\drivers\WMDrive.sys
0x04600000 \SystemRoot\System32\Drivers\fastfat.SYS
0x04667000 \??\C:\Windows\system32\drivers\mbam.sys
0x088AA000 \??\C:\Users\GK\AppData\Local\Temp\aswMBR.sys
0x08860000 \SystemRoot\system32\drivers\USBSTOR.SYS
0x088B8000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x77570000 \Windows\System32\ntdll.dll
0x482E0000 \Windows\System32\smss.exe
0xFF890000 \Windows\System32\apisetschema.dll
0xFF4C0000 \Windows\System32\autochk.exe
0xFF860000 \Windows\System32\sechost.dll
0x77410000 \Windows\System32\wininet.dll
0xFF7E0000 \Windows\System32\difxapi.dll
0xFF7C0000 \Windows\System32\imagehlp.dll
0x77200000 \Windows\System32\iertutil.dll
0xFF6F0000 \Windows\System32\usp10.dll
0xFF610000 \Windows\System32\oleaut32.dll
0xFF570000 \Windows\System32\msvcrt.dll
0xFF440000 \Windows\System32\rpcrt4.dll
0xFF3F0000 \Windows\System32\ws2_32.dll
0xFF3E0000 \Windows\System32\lpk.dll
0xFF340000 \Windows\System32\clbcatq.dll
0xFF230000 \Windows\System32\msctf.dll
0x770B0000 \Windows\System32\urlmon.dll
0x77740000 \Windows\System32\normaliz.dll
0xFF1B0000 \Windows\System32\shlwapi.dll
0xFF140000 \Windows\System32\gdi32.dll
0x77730000 \Windows\System32\psapi.dll
0xFEF30000 \Windows\System32\ole32.dll
0xFED50000 \Windows\System32\setupapi.dll
0x76FB0000 \Windows\System32\user32.dll
0xFECB0000 \Windows\System32\comdlg32.dll
0xFEBD0000 \Windows\System32\advapi32.dll
0x76E90000 \Windows\System32\kernel32.dll
0xFEBA0000 \Windows\System32\imm32.dll
0xFEB50000 \Windows\System32\Wldap32.dll
0xFDDC0000 \Windows\System32\shell32.dll
0xFDDB0000 \Windows\System32\nsi.dll
0xFDD70000 \Windows\System32\wintrust.dll
0xFDD50000 \Windows\System32\devobj.dll
0xFDD10000 \Windows\System32\cfgmgr32.dll
0xFDCA0000 \Windows\System32\KernelBase.dll
0xFDB30000 \Windows\System32\crypt32.dll
0xFDA90000 \Windows\System32\comctl32.dll
0xFDA80000 \Windows\System32\msasn1.dll
0x75450000 \Windows\SysWOW64\normaliz.dll

Processes (total 57):
0 System Idle Process
4 System
360 C:\Windows\System32\smss.exe
480 csrss.exe
544 C:\Windows\System32\wininit.exe
564 csrss.exe
608 C:\Windows\System32\services.exe
628 C:\Windows\System32\lsass.exe
636 C:\Windows\System32\lsm.exe
712 C:\Windows\System32\winlogon.exe
784 C:\Windows\System32\svchost.exe
848 C:\Windows\System32\nvvsvc.exe
888 C:\Windows\System32\svchost.exe
952 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
1012 C:\Windows\System32\svchost.exe
288 C:\Windows\System32\svchost.exe
460 C:\Windows\System32\svchost.exe
452 C:\Windows\System32\svchost.exe
1076 C:\Windows\System32\svchost.exe
1168 C:\Windows\System32\nvvsvc.exe
1404 C:\Windows\System32\spoolsv.exe
1432 C:\Windows\System32\svchost.exe
1676 C:\Windows\System32\taskhost.exe
1764 C:\Windows\System32\dwm.exe
1884 C:\Windows\SysWOW64\ASTSRV.EXE
1924 C:\Windows\explorer.exe
2016 C:\Program Files\cFosSpeed\spd.exe
472 C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
1904 C:\Windows\System32\nlsInterface.EXE
1980 C:\Windows\System32\svchost.exe
2236 C:\Program Files\Java\jre6\bin\jusched.exe
2244 C:\Program Files\Microsoft IntelliPoint\ipoint.exe
2352 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
2404 C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
2420 C:\Program Files\cFosSpeed\cfosspeed.exe
2436 C:\Program Files (x86)\Internet Download Manager\IDMan.exe
2612 C:\Program Files (x86)\HooTech\NetMeter\HooNetMeter.exe
3048 C:\Windows\System32\svchost.exe
2036 C:\Windows\System32\svchost.exe
2596 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
2676 C:\Windows\System32\SearchIndexer.exe
2888 C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
2216 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
1136 C:\Windows\System32\svchost.exe
2696 C:\Program Files\Windows Media Player\wmpnetwk.exe
2548 C:\Windows\System32\wuauclt.exe
2080 C:\Windows\System32\svchost.exe
2904 C:\Windows\System32\svchost.exe
552 C:\Program Files\NetLimiter 3\NLClientApp.exe
1116 C:\Program Files\NetLimiter 3\nlsvc.exe
3704 WUDFHost.exe
4132 C:\Windows\System32\taskeng.exe
836 C:\Windows\System32\SearchProtocolHost.exe
2284 C:\Windows\System32\SearchFilterHost.exe
4016 C:\Users\GK\Desktop\MBRCheck.exe
4800 C:\Windows\System32\conhost.exe
3808 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)
\\.\D: --> \\.\PhysicalDrive3 at offset 0x00000000`00007e00 (NTFS)
\\.\E: --> \\.\PhysicalDrive2 at offset 0x00000000`007e0000 (NTFS)
\\.\F: --> \\.\PhysicalDrive0 at offset 0x0000003a`388b0200 (NTFS)
\\.\H: --> \\.\PhysicalDrive1 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: WDCWD1001FALS-00J7B0, Rev: 05.00K05
PhysicalDrive3 Model Number: HDT722525DLA380, Rev: V44OA91A
PhysicalDrive2 Model Number: HDT722525DLA380, Rev: V44OA91A
PhysicalDrive1 Model Number: WDCWD10EADS-00L5B1, Rev: 01.01A01

Size Device Name MBR Status
--------------------------------------------
931 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 82EBFEE8E28BFC833EEDEFAEB4168C9C428FEDFD
232 GB \\.\PhysicalDrive3 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
232 GB \\.\PhysicalDrive2 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
931 GB \\.\PhysicalDrive1 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.

Enter your choice:

Done!

#10 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:03:28 AM

Posted 19 August 2011 - 05:42 PM

Please do the following:

Run MBRCheck again

When prompted, Enter 'Y' and hit ENTER for more options
When you see: "Enter your choice: Enter the physical disk number to dump (0-99, -1 to exit):"

Enter 0 to dump the MBR to the physical disk.

Name the dumped file as dump0.dat

Enter -1 to exit.

Please then locate the files and visit this site and follow the instructions for uploading the file.
Posted Image
m0le is a proud member of UNITE

#11 agamegmon

agamegmon
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:09:28 PM

Posted 19 August 2011 - 06:11 PM

Dump.dat sent

#12 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:03:28 AM

Posted 20 August 2011 - 07:36 PM

That's clean. We need to check if the MBR is being protected by something malicious

Try this please. You will need a USB drive.

Download http://unetbootin.sourceforge.net/unetbootin-xpud-windows-latest.exe & http://noahdfear.net/downloads/bootable/xPUD/xpud-0.9.2.iso to the desktop of your clean computer
  • Insert your USB drive
  • Press Start > My Computer > right click your USB drive > choose Format > Quick format
  • Double click the unetbootin-xpud-windows-387.exe that you just downloaded
  • Press Run then OK
  • Select the DiskImage option then click the browse button located on the right side of the textbox field.
  • Browse to and select the xpud-0.9.2.iso file you downloaded
  • Verify the correct drive letter is selected for your USB device then click OK
  • It will install a little bootable OS on your USB device
  • Once the files have been written to the device you will be prompted to reboot ~ do not reboot and instead just Exit the UNetbootin interface
  • After it has completed do not choose to reboot the clean computer simply close the installer
  • Next download dumpit to your USB
  • Remove the USB and insert it in the sick computer
  • Boot the Sick computer
  • Press F12 and choose to boot from the USB
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • Click on sdb1 (sdb1 represents the USB drive).
  • Double click on the dumpit file.
  • A black window will pop-up and it will dump and zip the MBR to your USB drive.
  • Press Enter to exit the black window.
  • Click on HOME tab and choose Power Off to turn off xPUD.
  • Remove the USB drive and insert it back on your working computer.
  • Locate the mbr.zip file in your USB drive and attach it when you reply.

Posted Image
m0le is a proud member of UNITE

#13 agamegmon

agamegmon
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:09:28 PM

Posted 20 August 2011 - 09:08 PM

Can't get the system to boot from USB. Went into the bios and confirmed that "Legacy USB storage detect" is "enabled.

I then set USB-HHD to the first boot device. Above that were options: 1) Hard disk Boot Priority and 2) Quick Boot Device - "disabled" which I did not touch

I'll give everything another go from the beginning in the AM and see if I somehow magically have success. If not I'll

try to format with HP USB Disk Storage Format Tool and/or see if i can use a floppy.

#14 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:03:28 AM

Posted 20 August 2011 - 09:09 PM

The USB sometimes fails. Try it with a disk

Download GETxPUD.exe to the desktop of your clean computer

  • Run GETxPUD.exe
  • A new folder will appear on the desktop.
  • Open the GETxPUD folder and click on the get&burn.bat
  • The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
  • Click on Start and follow the prompts to burn the image to a CD.

Posted Image
m0le is a proud member of UNITE

#15 agamegmon

agamegmon
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:09:28 PM

Posted 21 August 2011 - 12:26 PM

Success.

Attached Files

  • Attached File  mbr.zip   3.38KB   5 downloads





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users