Author Topic: Virus Removal Assistance Needed, Please Help :S (Read 33286 times)

SuperDave · « **Reply #15 on:** April 27, 2011, 10:47:23 AM »

Download TDSSKiller and save it to your Desktop.
Extract its contents to your desktop.
Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
Click the Report button and copy/paste the contents of it into your next reply

Note:It will also create a log in the C:\ directory..

dodo_fleet · « **Reply #16 on:** April 29, 2011, 09:42:19 AM »

Dave, it found one malicious problem and it "cured" it!

Here's the report...

2011/04/30 01:38:03.0483 4204   TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/30 01:38:04.0918 4204   ================================================================================
2011/04/30 01:38:04.0918 4204   SystemInfo:
2011/04/30 01:38:04.0918 4204
2011/04/30 01:38:04.0918 4204   OS Version: 6.1.7600 ServicePack: 0.0
2011/04/30 01:38:04.0918 4204   Product type: Workstation
2011/04/30 01:38:04.0918 4204   ComputerName: LAPTOP
2011/04/30 01:38:04.0918 4204   UserName: Chris
2011/04/30 01:38:04.0918 4204   Windows directory: C:\windows
2011/04/30 01:38:04.0918 4204   System windows directory: C:\windows
2011/04/30 01:38:04.0918 4204   Processor architecture: Intel x86
2011/04/30 01:38:04.0918 4204   Number of processors: 2
2011/04/30 01:38:04.0918 4204   Page size: 0x1000
2011/04/30 01:38:04.0918 4204   Boot type: Normal boot
2011/04/30 01:38:04.0918 4204   ================================================================================
2011/04/30 01:38:05.0246 4204   Initialize success
2011/04/30 01:38:11.0408 4276   ================================================================================
2011/04/30 01:38:11.0408 4276   Scan started
2011/04/30 01:38:11.0408 4276   Mode: Manual;
2011/04/30 01:38:11.0408 4276   ================================================================================
2011/04/30 01:38:14.0107 4276   1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
2011/04/30 01:38:14.0216 4276   ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
2011/04/30 01:38:14.0403 4276   AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
2011/04/30 01:38:14.0575 4276   adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
2011/04/30 01:38:14.0746 4276   adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
2011/04/30 01:38:14.0980 4276   adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
2011/04/30 01:38:15.0183 4276   AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\windows\system32\drivers\afd.sys
2011/04/30 01:38:15.0433 4276   AFS (be913403ed7219894b30e362fd8d4313) C:\windows\system32\drivers\AFS.sys
2011/04/30 01:38:15.0682 4276   AgereSoftModem (07758c2196a62f207f77556311e7459a) C:\windows\system32\DRIVERS\AGRSM.sys
2011/04/30 01:38:15.0901 4276   agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
2011/04/30 01:38:16.0072 4276   aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
2011/04/30 01:38:16.0244 4276   aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
2011/04/30 01:38:16.0416 4276   amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
2011/04/30 01:38:16.0556 4276   amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
2011/04/30 01:38:16.0837 4276   AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
2011/04/30 01:38:17.0055 4276   AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
2011/04/30 01:38:17.0196 4276   amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\windows\system32\DRIVERS\amdsata.sys
2011/04/30 01:38:17.0320 4276   amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
2011/04/30 01:38:17.0398 4276   amdxata (b81c2b5616f6420a9941ea093a92b150) C:\windows\system32\DRIVERS\amdxata.sys
2011/04/30 01:38:17.0492 4276   AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
2011/04/30 01:38:17.0648 4276   arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
2011/04/30 01:38:17.0742 4276   arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
2011/04/30 01:38:17.0913 4276   AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
2011/04/30 01:38:17.0991 4276   atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
2011/04/30 01:38:18.0241 4276   atikmdag (c97be8350fbcb1960b22fad2e6c2b514) C:\windows\system32\DRIVERS\atikmdag.sys
2011/04/30 01:38:18.0459 4276   AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\windows\system32\DRIVERS\AtiPcie.sys
2011/04/30 01:38:18.0615 4276   AVGIDSDriver (b93c0f409482d6c0e581caca51ae9c02) C:\windows\system32\DRIVERS\AVGIDSDriver.Sys
2011/04/30 01:38:18.0802 4276   AVGIDSEH (13256fc72fa5b3f6d6e8c5957e579b7c) C:\windows\system32\DRIVERS\AVGIDSEH.Sys
2011/04/30 01:38:18.0943 4276   AVGIDSFilter (fa0685cc51de5cfd804e7deaa6488e0e) C:\windows\system32\DRIVERS\AVGIDSFilter.Sys
2011/04/30 01:38:19.0052 4276   AVGIDSShim (f788b51100d0f40ea176798cce954a1a) C:\windows\system32\DRIVERS\AVGIDSShim.Sys
2011/04/30 01:38:19.0208 4276   Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\windows\system32\DRIVERS\avgldx86.sys
2011/04/30 01:38:19.0348 4276   Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\windows\system32\DRIVERS\avgmfx86.sys
2011/04/30 01:38:19.0489 4276   Avgrkx86 (ffbe8adeb1fd8640540bf6e4a137b3ef) C:\windows\system32\DRIVERS\avgrkx86.sys
2011/04/30 01:38:19.0614 4276   Avgtdix (69e6adf5cbbdeb5f2b727c93937a5823) C:\windows\system32\DRIVERS\avgtdix.sys
2011/04/30 01:38:19.0832 4276   b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
2011/04/30 01:38:19.0988 4276   b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
2011/04/30 01:38:20.0113 4276   Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
2011/04/30 01:38:20.0269 4276   blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
2011/04/30 01:38:20.0394 4276   bowser (fcafaef6798d7b51ff029f99a9898961) C:\windows\system32\DRIVERS\bowser.sys
2011/04/30 01:38:20.0456 4276   BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
2011/04/30 01:38:20.0550 4276   BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
2011/04/30 01:38:20.0706 4276   Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
2011/04/30 01:38:20.0877 4276   BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
2011/04/30 01:38:20.0986 4276   BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
2011/04/30 01:38:21.0064 4276   BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
2011/04/30 01:38:21.0158 4276   BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
2011/04/30 01:38:21.0283 4276   cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
2011/04/30 01:38:21.0392 4276   cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
2011/04/30 01:38:21.0548 4276   circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
2011/04/30 01:38:21.0626 4276   CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
2011/04/30 01:38:21.0751 4276   CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
2011/04/30 01:38:21.0829 4276   cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
2011/04/30 01:38:21.0938 4276   CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys
2011/04/30 01:38:22.0063 4276   Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
2011/04/30 01:38:22.0172 4276   CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
2011/04/30 01:38:22.0312 4276   crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
2011/04/30 01:38:22.0500 4276   DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\windows\system32\Drivers\dfsc.sys
2011/04/30 01:38:22.0640 4276   discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
2011/04/30 01:38:22.0749 4276   Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
2011/04/30 01:38:22.0921 4276   Dot4 (b5e479eb83707dd698f66953e922042c) C:\windows\system32\DRIVERS\Dot4.sys
2011/04/30 01:38:23.0248 4276   Dot4Print (c25fea07a8e7767e8b89ab96a3b96519) C:\windows\system32\DRIVERS\Dot4Prt.sys
2011/04/30 01:38:23.0451 4276   dot4usb (cf491ff38d62143203c065260567e2f7) C:\windows\system32\DRIVERS\dot4usb.sys
2011/04/30 01:38:23.0623 4276   drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
2011/04/30 01:38:23.0888 4276   DXGKrnl (39806cfeddcc55e686a49bccd2972f23) C:\windows\System32\drivers\dxgkrnl.sys
2011/04/30 01:38:24.0465 4276   ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
2011/04/30 01:38:24.0684 4276   elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
2011/04/30 01:38:24.0824 4276   epmntdrv (539ca34fbc74ec366a0d751028c32a08) C:\windows\system32\epmntdrv.sys
2011/04/30 01:38:24.0886 4276   ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
2011/04/30 01:38:25.0011 4276   EuGdiDrv (1f2f4ab15ce03ecc257feb2f6dc5a013) C:\windows\system32\EuGdiDrv.sys
2011/04/30 01:38:25.0120 4276   exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
2011/04/30 01:38:25.0214 4276   fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
2011/04/30 01:38:25.0308 4276   fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
2011/04/30 01:38:25.0370 4276   FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
2011/04/30 01:38:25.0448 4276   Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
2011/04/30 01:38:25.0495 4276   flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
2011/04/30 01:38:25.0604 4276   FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
2011/04/30 01:38:25.0713 4276   FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
2011/04/30 01:38:25.0932 4276   Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
2011/04/30 01:38:26.0119 4276   fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\windows\system32\DRIVERS\fvevol.sys
2011/04/30 01:38:26.0275 4276   gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
2011/04/30 01:38:26.0368 4276   GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
2011/04/30 01:38:26.0540 4276   hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
2011/04/30 01:38:26.0665 4276   HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
2011/04/30 01:38:26.0790 4276   HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
2011/04/30 01:38:26.0868 4276   HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
2011/04/30 01:38:26.0946 4276   HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
2011/04/30 01:38:27.0008 4276   HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
2011/04/30 01:38:27.0102 4276   HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
2011/04/30 01:38:27.0242 4276   HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
2011/04/30 01:38:27.0351 4276   HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
2011/04/30 01:38:27.0507 4276   hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
2011/04/30 01:38:27.0679 4276   i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
2011/04/30 01:38:27.0804 4276   iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\windows\system32\DRIVERS\iaStorV.sys
2011/04/30 01:38:27.0975 4276   iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
2011/04/30 01:38:28.0162 4276   IntcAzAudAddService (e4a2e810cb2607c9c159c0dfb0bd4c88) C:\windows\system32\drivers\RTKVHDA.sys
2011/04/30 01:38:28.0318 4276   intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
2011/04/30 01:38:28.0459 4276   intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
2011/04/30 01:38:28.0584 4276   IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
2011/04/30 01:38:28.0708 4276   IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
2011/04/30 01:38:28.0818 4276   IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
2011/04/30 01:38:28.0942 4276   IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
2011/04/30 01:38:29.0052 4276   isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
2011/04/30 01:38:29.0176 4276   iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
2011/04/30 01:38:29.0286 4276   kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
2011/04/30 01:38:29.0395 4276   kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
2011/04/30 01:38:29.0520 4276   KSecDD (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys
2011/04/30 01:38:29.0629 4276   KSecPkg (26c046977e85b95036453d7b88ba1820) C:\windows\system32\Drivers\ksecpkg.sys
2011/04/30 01:38:29.0754 4276   Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
2011/04/30 01:38:29.0878 4276   Lbd (336abe8721cbc3110f1c6426da633417) C:\windows\system32\DRIVERS\Lbd.sys
2011/04/30 01:38:30.0003 4276   lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
2011/04/30 01:38:30.0159 4276   LPCFilter (6e3d3816749e107883eec5734ce44493) C:\windows\system32\DRIVERS\LPCFilter.sys
2011/04/30 01:38:30.0331 4276   LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
2011/04/30 01:38:30.0471 4276   LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
2011/04/30 01:38:30.0658 4276   LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
2011/04/30 01:38:30.0861 4276   LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
2011/04/30 01:38:31.0080 4276   luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
2011/04/30 01:38:31.0220 4276   megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
2011/04/30 01:38:31.0360 4276   MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
2011/04/30 01:38:31.0485 4276   Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
2011/04/30 01:38:31.0657 4276   monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
2011/04/30 01:38:31.0766 4276   mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
2011/04/30 01:38:31.0875 4276   mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
2011/04/30 01:38:32.0031 4276   mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
2011/04/30 01:38:32.0187 4276   mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
2011/04/30 01:38:32.0312 4276   mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
2011/04/30 01:38:32.0421 4276   MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
2011/04/30 01:38:32.0530 4276   mrxsmb (f4a054be78af7f410129c4b64b07dc9b) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/04/30 01:38:32.0718 4276   mrxsmb10 (deffa295bd1895c6ed8e3078412ac60b) C:\windows\system32\DRIVERS\mrxsmb10.sys
2011/04/30 01:38:32.0889 4276   mrxsmb20 (24d76abe5dcad22f19d105f76fdf0ce1) C:\windows\system32\DRIVERS\mrxsmb20.sys
2011/04/30 01:38:33.0076 4276   msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys
2011/04/30 01:38:33.0232 4276   msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
2011/04/30 01:38:33.0404 4276   Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
2011/04/30 01:38:33.0591 4276   mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
2011/04/30 01:38:33.0763 4276   msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
2011/04/30 01:38:33.0997 4276   MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
2011/04/30 01:38:34.0122 4276   MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
2011/04/30 01:38:34.0184 4276   MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
2011/04/30 01:38:34.0278 4276   MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
2011/04/30 01:38:34.0387 4276   mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys
2011/04/30 01:38:34.0512 4276   MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
2011/04/30 01:38:34.0574 4276   MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
2011/04/30 01:38:34.0668 4276   Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
2011/04/30 01:38:34.0777 4276   MxlW2k (d37a535bbe77a16c232969c6882b524b) C:\windows\system32\drivers\MxlW2k.sys
2011/04/30 01:38:34.0855 4276   NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
2011/04/30 01:38:34.0933 4276   NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
2011/04/30 01:38:35.0058 4276   NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
2011/04/30 01:38:35.0167 4276   NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
2011/04/30 01:38:35.0260 4276   Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
2011/04/30 01:38:35.0307 4276   NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
2011/04/30 01:38:35.0416 4276   NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
2011/04/30 01:38:35.0557 4276   NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
2011/04/30 01:38:35.0650 4276   NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
2011/04/30 01:38:35.0822 4276   nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
2011/04/30 01:38:35.0947 4276   nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\windows\system32\drivers\ccdcmb.sys
2011/04/30 01:38:36.0150 4276   nmwcdc (3859c69a77793180548802dac9f34a38) C:\windows\system32\drivers\ccdcmbo.sys
2011/04/30 01:38:36.0337 4276   npf (b9730495e0cf674680121e34bd95a73b) C:\windows\system32\drivers\npf.sys
2011/04/30 01:38:36.0477 4276   Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
2011/04/30 01:38:36.0586 4276   nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
2011/04/30 01:38:36.0774 4276   Ntfs (3795dcd21f740ee799fb7223234215af) C:\windows\system32\drivers\Ntfs.sys
2011/04/30 01:38:36.0898 4276   Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
2011/04/30 01:38:37.0101 4276   nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\windows\system32\DRIVERS\nvraid.sys
2011/04/30 01:38:37.0257 4276   nvstor (c99f251a5de63c6f129cf71933aced0f) C:\windows\system32\DRIVERS\nvstor.sys
2011/04/30 01:38:37.0382 4276   nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys
2011/04/30 01:38:37.0600 4276   ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys
2011/04/30 01:38:37.0772 4276   Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
2011/04/30 01:38:37.0866 4276   partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys
2011/04/30 01:38:37.0990 4276   Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
2011/04/30 01:38:38.0146 4276   pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\windows\system32\DRIVERS\pccsmcfd.sys
2011/04/30 01:38:38.0287 4276   pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys
2011/04/30 01:38:38.0365 4276   pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys
2011/04/30 01:38:38.0474 4276   pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
2011/04/30 01:38:38.0630 4276   pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
2011/04/30 01:38:38.0786 4276   PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
2011/04/30 01:38:39.0020 4276   PGEffect (1b5011dd8d57f53aed31ff0f7d635802) C:\windows\system32\DRIVERS\pgeffect.sys
2011/04/30 01:38:39.0270 4276   PortlUSB (895dbe112ef6435dda75c8c9698e400b) C:\windows\system32\DRIVERS\H10USB.sys
2011/04/30 01:38:39.0457 4276   PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
2011/04/30 01:38:39.0613 4276   Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
2011/04/30 01:38:39.0769 4276   Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
2011/04/30 01:38:39.0987 4276   ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
2011/04/30 01:38:40.0143 4276   ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
2011/04/30 01:38:40.0315 4276   QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
2011/04/30 01:38:40.0424 4276   RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
2011/04/30 01:38:40.0611 4276   RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
2011/04/30 01:38:40.0767 4276   Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
2011/04/30 01:38:40.0923 4276   RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
2011/04/30 01:38:41.0079 4276   RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
2011/04/30 01:38:41.0235 4276   rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
2011/04/30 01:38:41.0485 4276   rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
2011/04/30 01:38:41.0672 4276   RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
2011/04/30 01:38:41.0844 4276   RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
2011/04/30 01:38:42.0062 4276   RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
2011/04/30 01:38:42.0265 4276   RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys
2011/04/30 01:38:42.0405 4276   rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
2011/04/30 01:38:42.0624 4276   RegGuard (7634b1f964f8d5c12d3a2d0b8c458568) C:\windows\system32\Drivers\regguard.sys
2011/04/30 01:38:42.0811 4276   rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
2011/04/30 01:38:43.0029 4276   RSUSBSTOR (ef8b2afc3c0751c5e5a59983c8893260) C:\windows\system32\Drivers\RtsUStor.sys
2011/04/30 01:38:43.0216 4276   RTL8167 (26a9d6227d12b9d9da5a81bb9b55d810) C:\windows\system32\DRIVERS\Rt86win7.sys
2011/04/30 01:38:43.0310 4276   RTL8187Se (5bd298bdf62e6a8a0fc69f73a82a52bb) C:\windows\system32\DRIVERS\RTL8187Se.sys
2011/04/30 01:38:43.0482 4276   SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/04/30 01:38:43.0528 4276   SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
2011/04/30 01:38:43.0622 4276   SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2011/04/30 01:38:43.0747 4276   SBKUPNT (729248b54aff21e740054acebfdbcb1c) C:\windows\system32\Drivers\SBKUPNT.SYS
2011/04/30 01:38:43.0856 4276   sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys
2011/04/30 01:38:43.0996 4276   scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
2011/04/30 01:38:44.0137 4276   secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
2011/04/30 01:38:44.0277 4276   Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
2011/04/30 01:38:44.0355 4276   Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
2011/04/30 01:38:44.0449 4276   sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
2011/04/30 01:38:44.0605 4276   sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys
2011/04/30 01:38:44.0886 4276   sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys
2011/04/30 01:38:45.0088 4276   sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\windows\system32\DRIVERS\sffp_sd.sys
2011/04/30 01:38:45.0385 4276   sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
2011/04/30 01:38:45.0572 4276   sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys
2011/04/30 01:38:45.0962 4276   SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
2011/04/30 01:38:46.0212 4276   SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
2011/04/30 01:38:46.0446 4276   Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
2011/04/30 01:38:46.0680 4276   spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
2011/04/30 01:38:46.0929 4276   srv (2ba4ebc7dfba845a1edbe1f75913be33) C:\windows\system32\DRIVERS\srv.sys
2011/04/30 01:38:47.0179 4276   srv2 (dce7e10feaabd4cae95948b3de5340bb) C:\windows\system32\DRIVERS\srv2.sys
2011/04/30 01:38:47.0631 4276   srvnet (b5665baa2120b8a54e22e9cd07c05106) C:\windows\system32\DRIVERS\srvnet.sys
2011/04/30 01:38:48.0302 4276   stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
2011/04/30 01:38:48.0895 4276   swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys
2011/04/30 01:38:52.0389 4276   SynTP (8bd10dc8809dc69a1c5a795cb10add76) C:\windows\system32\DRIVERS\SynTP.sys
2011/04/30 01:38:53.0013 4276   Tcpip (2cc3d75488abd3ec628bbb9a4fc84efc) C:\windows\system32\drivers\tcpip.sys
2011/04/30 01:38:53.0278 4276   TCPIP6 (2cc3d75488abd3ec628bbb9a4fc84efc) C:\windows\system32\DRIVERS\tcpip.sys
2011/04/30 01:38:53.0497 4276   tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
2011/04/30 01:38:53.0684 4276   tdcmdpst (4084ea00d50c858d6f9038f86ae2e2d0) C:\windows\system32\DRIVERS\tdcmdpst.sys
2011/04/30 01:38:53.0856 4276   TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
2011/04/30 01:38:54.0043 4276   TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys
2011/04/30 01:38:54.0261 4276   tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys
2011/04/30 01:38:54.0417 4276   TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys
2011/04/30 01:38:54.0620 4276   tos_sps32 (969377943fe7284609babbab4e06b93c) C:\windows\system32\DRIVERS\tos_sps32.sys
2011/04/30 01:38:54.0760 4276   tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
2011/04/30 01:38:54.0916 4276   tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
2011/04/30 01:38:55.0041 4276   TVALZ (fc24015b4052600c324c43e3a79c0664) C:\windows\system32\DRIVERS\TVALZ_O.SYS
2011/04/30 01:38:55.0150 4276   TVALZFL (866462f5ae3f375ef83ef9dce436031c) C:\windows\system32\DRIVERS\TVALZFL.sys
2011/04/30 01:38:55.0275 4276   uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
2011/04/30 01:38:55.0369 4276   udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\windows\system32\DRIVERS\udfs.sys
2011/04/30 01:38:55.0728 4276   uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys
2011/04/30 01:38:55.0899 4276   umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys
2011/04/30 01:38:56.0040 4276   UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
2011/04/30 01:38:56.0149 4276   UnlockerDriver5 (4847639d852763ee39415c929470f672) C:\Program Files\Unlocker\UnlockerDriver5.sys
2011/04/30 01:38:56.0305 4276   upperdev (0ccadc7391021376edbb8aa649d04e68) C:\windows\system32\DRIVERS\usbser_lowerflt.sys
2011/04/30 01:38:56.0508 4276   usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\windows\system32\drivers\usbaudio.sys
2011/04/30 01:38:56.0648 4276   usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\windows\system32\DRIVERS\usbccgp.sys
2011/04/30 01:38:56.0820 4276   usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys
2011/04/30 01:38:56.0976 4276   usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\windows\system32\DRIVERS\usbehci.sys
2011/04/30 01:38:57.0178 4276   usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\windows\system32\DRIVERS\usbhub.sys
2011/04/30 01:38:57.0334 4276   usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\windows\system32\DRIVERS\usbohci.sys
2011/04/30 01:38:57.0522 4276   usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
2011/04/30 01:38:57.0631 4276   usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys
2011/04/30 01:38:57.0724 4276   usbser (88701eca76145e2c011c0eeff0f7b70e) C:\windows\system32\drivers\usbser.sys
2011/04/30 01:38:57.0818 4276   UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\windows\system32\DRIVERS\usbser_lowerfltj.sys
2011/04/30 01:38:57.0896 4276   USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\windows\system32\DRIVERS\USBSTOR.SYS
2011/04/30 01:38:57.0990 4276   usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\windows\system32\DRIVERS\usbuhci.sys
2011/04/30 01:38:58.0068 4276   usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\windows\system32\Drivers\usbvideo.sys
2011/04/30 01:38:58.0161 4276   vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys
2011/04/30 01:38:58.0239 4276   vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
2011/04/30 01:38:58.0333 4276   VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
2011/04/30 01:38:58.0411 4276   vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys
2011/04/30 01:38:58.0489 4276   viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys
2011/04/30 01:38:58.0536 4276   ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
2011/04/30 01:38:58.0598 4276   viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys
2011/04/30 01:38:58.0692 4276   volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys
2011/04/30 01:38:58.0754 4276   volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
2011/04/30 01:38:58.0832 4276   volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys
2011/04/30 01:38:58.0941 4276   vsbus (1c8a783e90c34d205596f1ab4a97e261) C:\windows\system32\DRIVERS\vsb.sys
2011/04/30 01:38:59.0035 4276   vserial (3377daa1cb8cac46a538c236f5f3d58f) C:\windows\system32\DRIVERS\vserial.sys
2011/04/30 01:38:59.0144 4276   vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
2011/04/30 01:38:59.0347 4276   vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
2011/04/30 01:38:59.0503 4276   vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
2011/04/30 01:38:59.0643 4276   WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
2011/04/30 01:38:59.0721 4276   WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
2011/04/30 01:38:59.0768 4276   Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
2011/04/30 01:38:59.0940 4276   Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
2011/04/30 01:39:00.0033 4276   Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
2011/04/30 01:39:00.0189 4276   WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
2011/04/30 01:39:00.0236 4276   WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
2011/04/30 01:39:00.0470 4276   WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\windows\system32\DRIVERS\WinUsb.sys
2011/04/30 01:39:00.0657 4276   WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys
2011/04/30 01:39:00.0798 4276   ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
2011/04/30 01:39:00.0876 4276   WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
2011/04/30 01:39:00.0969 4276   WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys
2011/04/30 01:39:01.0094 4276   ================================================================================
2011/04/30 01:39:01.0094 4276   Scan finished
2011/04/30 01:39:01.0094 4276   ================================================================================
2011/04/30 01:39:17.0817 5444   ================================================================================
2011/04/30 01:39:17.0817 5444   Scan started
2011/04/30 01:39:17.0817 5444   Mode: Manual;
2011/04/30 01:39:17.0817 5444   ================================================================================
2011/04/30 01:39:18.0878 5444   1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
2011/04/30 01:39:18.0940 5444   ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
2011/04/30 01:39:19.0050 5444   AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
2011/04/30 01:39:19.0206 5444   adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
2011/04/30 01:39:19.0377 5444   adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
2011/04/30 01:39:19.0518 5444   adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
2011/04/30 01:39:19.0627 5444   AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\windows\system32\drivers\afd.sys
2011/04/30 01:39:19.0689 5444   AFS (be913403ed7219894b30e362fd8d4313) C:\windows\system32\drivers\AFS.sys
2011/04/30 01:39:19.0892 5444   AgereSoftModem (07758c2196a62f207f77556311e7459a) C:\windows\system32\DRIVERS\AGRSM.sys
2011/04/30 01:39:20.0017 5444   agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
2011/04/30 01:39:20.0079 5444   aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
2011/04/30 01:39:20.0282 5444   aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
2011/04/30 01:39:20.0391 5444   amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
2011/04/30 01:39:20.0469 5444   amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
2011/04/30 01:39:20.0578 5444   AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
2011/04/30 01:39:20.0656 5444   AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
2011/04/30 01:39:20.0844 5444   amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\windows\system32\DRIVERS\amdsata.sys
2011/04/30 01:39:21.0031 5444   amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
2011/04/30 01:39:21.0124 5444   amdxata (b81c2b5616f6420a9941ea093a92b150) C:\windows\system32\DRIVERS\amdxata.sys
2011/04/30 01:39:21.0187 5444   AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
2011/04/30 01:39:21.0374 5444   arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
2011/04/30 01:39:21.0514 5444   arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
2011/04/30 01:39:21.0748 5444   AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
2011/04/30 01:39:21.0873 5444   atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
2011/04/30 01:39:22.0232 5444   atikmdag (c97be8350fbcb1960b22fad2e6c2b514) C:\windows\system32\DRIVERS\atikmdag.sys
2011/04/30 01:39:22.0357 5444   AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\windows\system32\DRIVERS\AtiPcie.sys
2011/04/30 01:39:22.0497 5444   AVGIDSDriver (b93c0f409482d6c0e581caca51ae9c02) C:\windows\system32\DRIVERS\AVGIDSDriver.Sys
2011/04/30 01:39:22.0638 5444   AVGIDSEH (13256fc72fa5b3f6d6e8c5957e579b7c) C:\windows\system32\DRIVERS\AVGIDSEH.Sys
2011/04/30 01:39:22.0731 5444   AVGIDSFilter (fa0685cc51de5cfd804e7deaa6488e0e) C:\windows\system32\DRIVERS\AVGIDSFilter.Sys
2011/04/30 01:39:22.0840 5444   AVGIDSShim (f788b51100d0f40ea176798cce954a1a) C:\windows\system32\DRIVERS\AVGIDSShim.Sys
2011/04/30 01:39:22.0996 5444   Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\windows\system32\DRIVERS\avgldx86.sys
2011/04/30 01:39:23.0090 5444   Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\windows\system32\DRIVERS\avgmfx86.sys
2011/04/30 01:39:23.0215 5444   Avgrkx86 (ffbe8adeb1fd8640540bf6e4a137b3ef) C:\windows\system32\DRIVERS\avgrkx86.sys
2011/04/30 01:39:23.0355 5444   Avgtdix (69e6adf5cbbdeb5f2b727c93937a5823) C:\windows\system32\DRIVERS\avgtdix.sys
2011/04/30 01:39:23.0464 5444   b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
2011/04/30 01:39:23.0605 5444   b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
2011/04/30 01:39:23.0667 5444   Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
2011/04/30 01:39:23.0808 5444   blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
2011/04/30 01:39:23.0901 5444   bowser (fcafaef6798d7b51ff029f99a9898961) C:\windows\system32\DRIVERS\bowser.sys
2011/04/30 01:39:23.0964 5444   BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
2011/04/30 01:39:24.0057 5444   BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
2011/04/30 01:39:24.0135 5444   Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
2011/04/30 01:39:24.0229 5444   BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
2011/04/30 01:39:24.0291 5444   BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
2011/04/30 01:39:24.0385 5444   BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
2011/04/30 01:39:24.0447 5444   BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
2011/04/30 01:39:24.0556 5444   cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
2011/04/30 01:39:24.0619 5444   cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
2011/04/30 01:39:24.0728 5444   circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
2011/04/30 01:39:24.0775 5444   CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
2011/04/30 01:39:24.0884 5444   CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
2011/04/30 01:39:24.0978 5444   cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
2011/04/30 01:39:25.0040 5444   CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys
2011/04/30 01:39:25.0102 5444   Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
2011/04/30 01:39:25.0165 5444   CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
2011/04/30 01:39:25.0243 5444   crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
2011/04/30 01:39:25.0321 5444   DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\windows\system32\Drivers\dfsc.sys
2011/04/30 01:39:25.0399 5444   discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
2011/04/30 01:39:25.0461 5444   Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
2011/04/30 01:39:25.0555 5444   Dot4 (b5e479eb83707dd698f66953e922042c) C:\windows\system32\DRIVERS\Dot4.sys
2011/04/30 01:39:25.0648 5444   Dot4Print (c25fea07a8e7767e8b89ab96a3b96519) C:\windows\system32\DRIVERS\Dot4Prt.sys
2011/04/30 01:39:25.0758 5444   dot4usb (cf491ff38d62143203c065260567e2f7) C:\windows\system32\DRIVERS\dot4usb.sys
2011/04/30 01:39:25.0867 5444   drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
2011/04/30 01:39:25.0914 5444   DXGKrnl (39806cfeddcc55e686a49bccd2972f23) C:\windows\System32\drivers\dxgkrnl.sys
2011/04/30 01:39:26.0054 5444   ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
2011/04/30 01:39:26.0179 5444   elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
2011/04/30 01:39:26.0241 5444   epmntdrv (539ca34fbc74ec366a0d751028c32a08) C:\windows\system32\epmntdrv.sys
2011/04/30 01:39:26.0319 5444   ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
2011/04/30 01:39:26.0413 5444   EuGdiDrv (1f2f4ab15ce03ecc257feb2f6dc5a013) C:\windows\system32\EuGdiDrv.sys
2011/04/30 01:39:26.0506 5444   exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
2011/04/30 01:39:26.0569 5444   fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
2011/04/30 01:39:26.0631 5444   fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
2011/04/30 01:39:26.0725 5444   FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
2011/04/30 01:39:26.0803 5444   Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
2011/04/30 01:39:26.0850 5444   flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
2011/04/30 01:39:26.0928 5444   FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
2011/04/30 01:39:26.0990 5444   FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
2011/04/30 01:39:27.0068 5444   Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
2011/04/30 01:39:27.0130 5444   fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\windows\system32\DRIVERS\fvevol.sys
2011/04/30 01:39:27.0193 5444   gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
2011/04/30 01:39:27.0271 5444   GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
2011/04/30 01:39:27.0333 5444   hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
2011/04/30 01:39:27.0411 5444   HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
2011/04/30 01:39:27.0489 5444   HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
2011/04/30 01:39:27.0583 5444   HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
2011/04/30 01:39:27.0676 5444   HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
2011/04/30 01:39:27.0786 5444   HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
2011/04/30 01:39:27.0879 5444   HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
2011/04/30 01:39:28.0004 5444   HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
2011/04/30 01:39:28.0098 5444   HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
2011/04/30 01:39:28.0238 5444   hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
2011/04/30 01:39:28.0363 5444   i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
2011/04/30 01:39:28.0472 5444   iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\windows\system32\DRIVERS\iaStorV.sys
2011/04/30 01:39:28.0581 5444   iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
2011/04/30 01:39:28.0737 5444   IntcAzAudAddService (e4a2e810cb2607c9c159c0dfb0bd4c88) C:\windows\system32\drivers\RTKVHDA.sys
2011/04/30 01:39:28.0846 5444   intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
2011/04/30 01:39:28.0956 5444   intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
2011/04/30 01:39:29.0018 5444   IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
2011/04/30 01:39:29.0096 5444   IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
2011/04/30 01:39:29.0205 5444   IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
2011/04/30 01:39:29.0299 5444   IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
2011/04/30 01:39:29.0392 5444   isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
2011/04/30 01:39:29.0439 5444   iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
2011/04/30 01:39:29.0533 5444   kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
2011/04/30 01:39:29.0626 5444   kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
2011/04/30 01:39:29.0720 5444   KSecDD (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys
2011/04/30 01:39:29.0767 5444   KSecPkg (26c046977e85b95036453d7b88ba1820) C:\windows\system32\Drivers\ksecpkg.sys
2011/04/30 01:39:29.0860 5444   Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
2011/04/30 01:39:29.0923 5444   Lbd (336abe8721cbc3110f1c6426da633417) C:\windows\system32\DRIVERS\Lbd.sys
2011/04/30 01:39:29.0985 5444   lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
2011/04/30 01:39:30.0079 5444   LPCFilter (6e3d3816749e107883eec5734ce44493) C:\windows\system32\DRIVERS\LPCFilter.sys
2011/04/30 01:39:30.0188 5444   LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
2011/04/30 01:39:30.0297 5444   LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
2011/04/30 01:39:30.0391 5444   LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
2011/04/30 01:39:30.0500 5444   LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
2011/04/30 01:39:30.0594 5444   luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
2011/04/30 01:39:30.0687 5444   megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
2011/04/30 01:39:30.0796 5444   MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
2011/04/30 01:39:30.0890 5444   Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
2011/04/30 01:39:30.0968 5444   monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
2011/04/30 01:39:31.0077 5444   mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
2011/04/30 01:39:31.0171 5444   mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
2011/04/30 01:39:31.0264 5444   mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
2011/04/30 01:39:31.0358 5444   mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
2011/04/30 01:39:31.0452 5444   mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
2011/04/30 01:39:31.0561 5444   MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
2011/04/30 01:39:31.0654 5444   mrxsmb (f4a054be78af7f410129c4b64b07dc9b) C:\windows\system32\DRIVERS\mrxsmb.sys
2011/04/30 01:39:31.0764 5444   mrxsmb10 (deffa295bd1895c6ed8e3078412ac60b) C:\windows\system32\DRIVERS\mrxsmb10.sys
2011/04/30 01:39:31.0857 5444   mrxsmb20 (24d76abe5dcad22f19d105f76fdf0ce1) C:\windows\system32\DRIVERS\mrxsmb20.sys
2011/04/30 01:39:31.0951 5444   msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys
2011/04/30 01:39:32.0029 5444   msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
2011/04/30 01:39:32.0138 5444   Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
2011/04/30 01:39:32.0232 5444   mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
2011/04/30 01:39:32.0278 5444   msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
2011/04/30 01:39:32.0372 5444   MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
2011/04/30 01:39:32.0466 5444   MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
2011/04/30 01:39:32.0575 5444   MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
2011/04/30 01:39:32.0653 5444   MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
2011/04/30 01:39:32.0762 5444   mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys
2011/04/30 01:39:32.0856 5444   MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
2011/04/30 01:39:32.0949 5444   MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
2011/04/30 01:39:33.0012 5444   Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
2011/04/30 01:39:33.0090 5444   MxlW2k (d37a535bbe77a16c232969c6882b524b) C:\windows\system32\drivers\MxlW2k.sys
2011/04/30 01:39:33.0199 5444   NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
2011/04/30 01:39:33.0308 5444   NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
2011/04/30 01:39:33.0402 5444   NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
2011/04/30 01:39:33.0495 5444   NdisTapi (e4a8aec125a2e43a9e32afeea7

SuperDave · « **Reply #17 on:** April 29, 2011, 01:01:45 PM »

Please try running ComboFix again.

dodo_fleet · « **Reply #18 on:** May 02, 2011, 07:01:14 PM »

Wow, you certainly know your stuff!!

the gadgets on my desktop are now displaying properly again and Combofix actually worked this time!! Thanks heaps Dave! Although Combofix did ask me to remove AVG in order to run, which I did. Just about to reinstall AVG now. Below is Combofix's log...

-----------------------------------------------------------------------------------------------------------------------------------------------

ComboFix 11-05-02.03 - Chris 03/05/2011 10:49:04.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.61.1033.18.2942.1963 [GMT 10:00]
Running from: c:\users\Chris\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\xp
c:\programdata\xp\EBLib.dll
c:\programdata\xp\TPwSav.sys
c:\users\Chris\AppData\Local\{655B544A-9BE9-47BF-B585-F295511A8A73}
c:\users\Chris\AppData\Local\{655B544A-9BE9-47BF-B585-F295511A8A73}\chrome.manifest
c:\users\Chris\AppData\Local\{655B544A-9BE9-47BF-B585-F295511A8A73}\chrome\content\_cfg.js
c:\users\Chris\AppData\Local\{655B544A-9BE9-47BF-B585-F295511A8A73}\chrome\content\overlay.xul
c:\users\Chris\AppData\Local\{655B544A-9BE9-47BF-B585-F295511A8A73}\install.rdf
c:\users\Chris\AppData\Local\Temp\explorer.dat
c:\users\Chris\AppData\Local\Temp\wininit.dat
c:\users\Chris\AppData\Roaming\Adobe\plugs
c:\users\Chris\AppData\Roaming\Adobe\shed
c:\users\Chris\AppData\Roaming\Bitrix Security
c:\users\Chris\AppData\Roaming\Bitrix Security\bnnhjx_shrd
c:\users\Chris\AppData\Roaming\Bitrix Security\ddljzh
c:\users\Chris\AppData\Roaming\Bitrix Security\fg.txt
c:\users\Chris\AppData\Roaming\Bitrix Security\jje.txt
c:\users\Chris\AppData\Roaming\Bitrix Security\ljgh.txt
c:\users\Chris\AppData\Roaming\Bitrix Security\mcx.txt
c:\users\Chris\AppData\Roaming\Bitrix Security\mxd1.txt
c:\users\Chris\AppData\Roaming\Bitrix Security\qnf.txt
c:\users\Chris\AppData\Roaming\Xyevw
c:\users\Chris\AppData\Roaming\Xyevw\ydird.tui
C:\Windows Restore
c:\windows restore\Uninstall Windows Restore.lnk
c:\windows restore\Windows Restore.lnk
c:\windows\desktop
.
.
((((((((((((((((((((((((( Files Created from 2011-04-03 to 2011-05-03 )))))))))))))))))))))))))))))))
.
.
2011-05-03 00:54 . 2011-05-03 00:55   --------   d-----w-   c:\users\Chris\AppData\Local\temp
2011-05-03 00:54 . 2011-05-03 00:54   --------   d-----w-   c:\users\Default\AppData\Local\temp
2011-05-03 00:44 . 2011-05-03 00:45   --------   d-----w-   C:\32788R22FWJFW
2011-04-29 10:51 . 2011-04-29 10:52   --------   d-----w-   c:\program files\Common Files\Nero
2011-04-29 10:51 . 2011-04-29 10:51   --------   d-----w-   c:\program files\Nero
2011-04-29 09:26 . 2011-04-29 09:26   --------   d-----w-   c:\program files\Nero Wave Editor
2011-04-29 09:26 . 2011-04-29 09:26   --------   d-----w-   c:\windows\Nero Wave Editor
2011-04-27 07:23 . 2011-04-27 07:23   --------   d-----w-   c:\users\Chris\AppData\Roaming\AVG10
2011-04-27 04:31 . 2011-05-03 00:40   --------   d-----w-   c:\programdata\AVG10
2011-04-26 12:12 . 2011-05-03 00:39   --------   d-----w-   c:\programdata\MFAData
2011-04-24 13:54 . 2011-04-24 14:43   --------   d-----w-   c:\program files\Toolbar Uninstaller
2011-04-23 16:49 . 2011-04-23 16:49   --------   d-----w-   c:\program files\uTorrent
2011-04-22 23:26 . 2011-04-22 23:26   --------   d-----w-   c:\program files\Bulk Rename Utility
2011-04-22 15:52 . 2011-04-23 16:48   --------   d-----w-   c:\program files\BitTorrent
2011-04-22 15:51 . 2011-04-23 16:48   --------   d-----w-   c:\users\Chris\AppData\Roaming\BitTorrent
2011-04-17 12:10 . 2011-04-17 12:10   --------   d-----w-   c:\program files\TrendMicro
2011-04-17 11:59 . 2011-04-17 11:59   --------   d-----w-   c:\program files\Common Files\Java
2011-04-17 11:59 . 2011-02-02 11:40   472808   ----a-w-   c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-04-17 11:59 . 2011-02-02 11:40   472808   ----a-w-   c:\windows\system32\deployJava1.dll
2011-04-13 04:10 . 2011-04-07 07:59   16432   ----a-w-   c:\windows\system32\lsdelete.exe
2011-04-13 03:18 . 2011-04-01 07:22   64512   ----a-w-   c:\windows\system32\drivers\Lbd.sys
2011-04-13 03:17 . 2011-04-13 03:17   98392   ----a-w-   c:\windows\system32\drivers\SBREDrv.sys
2011-04-13 03:17 . 2011-04-13 03:17   --------   d-----w-   c:\users\Chris\AppData\Local\Sunbelt Software
2011-04-13 03:15 . 2011-04-13 03:15   --------   dc-h--w-   c:\programdata\{6A395471-4AA3-4072-AE1B-9B69A97AD164}
2011-04-13 03:12 . 2011-04-13 03:16   --------   d-----w-   c:\programdata\Lavasoft
2011-04-13 03:12 . 2011-04-13 03:12   --------   d-----w-   c:\program files\Lavasoft
2011-04-13 03:08 . 2011-04-17 08:31   --------   d-----w-   c:\programdata\Spybot - Search & Destroy
2011-04-13 03:08 . 2011-04-13 03:08   --------   d-----w-   c:\program files\Spybot - Search & Destroy
2011-04-13 01:25 . 2011-04-13 01:32   --------   d-----w-   c:\users\Chris\AppData\Roaming\GetRightToGo
2011-04-12 06:55 . 2011-04-12 06:55   --------   d-----w-   C:\VundoFix Backups
2011-04-12 02:16 . 2008-12-08 02:53   57344   ----a-w-   c:\windows\system32\ff_vfw.dll
2011-04-12 02:16 . 2008-06-08 12:58   60273   ----a-w-   c:\windows\system32\pthreadGC2.dll
2011-04-12 02:16 . 2011-04-12 02:16   --------   d-----w-   c:\program files\ffdshow
2011-04-12 02:16 . 2011-04-12 02:16   --------   d-----w-   c:\program files\Haali
2011-04-12 02:16 . 2011-04-12 02:16   --------   d-----w-   c:\program files\AviSynth 2.5
2011-04-12 02:15 . 2010-08-26 13:45   147456   ----a-w-   c:\windows\system32\stQTSource.ax
2011-04-12 02:15 . 2010-07-15 01:30   290816   ----a-w-   c:\windows\system32\stFLVSource.ax
2011-04-12 02:15 . 2011-04-12 02:16   --------   d-----w-   c:\program files\Sothink Video Converter
2011-04-12 02:15 . 2009-08-16 23:54   1184984   ----a-w-   c:\windows\system32\wvc1dmod.dll
2011-04-12 02:15 . 2009-08-16 23:54   438272   ----a-w-   c:\windows\system32\Mpeg2DecFilter.ax
2011-04-12 02:15 . 2009-08-16 23:54   217088   ----a-w-   c:\windows\system32\CoreFLACDecoder.ax
2011-04-12 02:15 . 2009-03-17 07:38   70656   ----a-w-   c:\windows\system32\RLAPEDec.ax
2011-04-12 02:12 . 2011-04-12 02:15   --------   d-----w-   c:\program files\Common Files\SourceTec
2011-04-12 02:12 . 2011-04-12 02:12   --------   d-----w-   c:\program files\SourceTec
2011-04-07 10:18 . 2011-04-12 05:32   --------   d-----w-   c:\windows\PIF
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-12 02:15 . 2010-08-15 01:58   0   ----a-w-   c:\users\Chris\AppData\Local\Xxepobesitefe.bin
2011-03-11 10:50 . 2010-06-21 10:46   36734   ----a-w-   c:\windows\system32\OggDSuninst.exe
2011-03-11 10:22 . 2011-03-11 10:22   119350   ----a-w-   c:\windows\File Renamer - Basic Uninstaller.exe
2011-03-01 09:31 . 2011-03-01 09:31   77004   ----a-w-   c:\windows\system32\drivers\AFS.SYS
2011-02-12 15:09 . 2011-02-12 15:09   388096   ----a-r-   c:\users\Chris\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-01-26 12:11 . 2011-03-08 14:17   444283   ----a-w-   c:\program files\Common Files\WinPcapNmap.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TWebCamera"="%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe autorun" [X]
"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2009-07-10 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 425984]
"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2009-01-14 34088]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-08-04 611672]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2009-07-14 8704]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
"{F552DDE6-2090-4bf4-B924-6141E87789A5}"= "c:\program files\Greatis\RegRunSuite\RRShell.dll" [2004-11-01 368711]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GabPath
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iPlusAgent]
2005-02-18 19:49   225280   ----a-w-   c:\program files\iriver\iriver plus\iAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2010-05-14 00:32   1479680   ----a-w-   c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Regrun2]
2006-12-19 02:43   350208   ----a-w-   c:\progra~1\Greatis\REGRUN~1\WatchDog.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2009-07-29 04:12   7625248   ------w-   c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 04:49   249064   ----a-w-   c:\program files\Common Files\Java\Java Update\jusched.exe
.
R0 AFS;AFS;

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-22 135664]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-05-11 14216]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-05-11 8456]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-22 135664]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys

R3 PortlUSB;PortlUSB;c:\windows\system32\DRIVERS\H10USB.sys [2004-06-24 7552]
R3 RegGuard;RegGuard;c:\windows\system32\Drivers\regguard.sys [2010-08-15 25773]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-31 171520]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys

R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-02-17 12872]
R3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-04-01 64512]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-30 176128]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [2009-08-11 185712]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-04-26 2146496]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-01-27 50704]
S2 RSELSVC;TOSHIBA Modem region select service;c:\program files\TOSHIBA\RSelect\RSelSvc.exe [2009-07-07 62832]
S2 SBKUPNT;SBKUPNT;c:\windows\system32\Drivers\SBKUPNT.SYS [2001-07-13 14976]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 12920]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-04-01 15232]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-23 24064]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-05-23 167936]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-04 111960]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-07 685424]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12   REG_MULTI_SZ     Pml Driver HPZ12 Net Driver HPZ12
HPService   REG_MULTI_SZ     HPSLPSVC
hpdevmgmt   REG_MULTI_SZ     hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-03 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-11-13 10:55]
.
2011-05-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-22 10:00]
.
2011-05-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-22 10:00]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSAU&bmod=TSAU
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
FF - ProfilePath - c:\users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\ceofca98.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=LMW2&o=16054&locale=en_US&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: PC Sync 2 Synchronisation Extension: [email protected] - c:\program files\Nokia\Nokia PC Suite 7\bkmrksync
FF - Ext: HP Smart Web Printing: [email protected] - c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: TVU Web Player: [email protected] - %profile%\extensions\[email protected]
FF - Ext: Sothink Web Video Downloader for Firefox: {FCAB6FDD-5585-425b-95C1-5ED856F3FD08} - %profile%\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}
FF - Ext: Conduit Engine : [email protected] - %profile%\extensions\[email protected]
FF - Ext: BitTorrentBar Community Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - %profile%\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
FF - Ext: HP Smart Web Printing: [email protected] - c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
HKLM-Run-TPwrMain - %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - %ProgramFiles%\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SmartFaceVWatcher - %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
HKLM-Run-TosWaitSrv - %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
MSConfigStartUp-Teco - %ProgramFiles%\TOSHIBA\TECO\Teco.exe
MSConfigStartUp-TosNC - %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
AddRemove-TOSHIBA Software Modem - c:\windows\agrsmdel
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3225168310-450358799-2518029026-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0619892F-D16A-973B-E705-9F49F072D162}*]
"lahilkapdgongndefaipeipf"=hex:65,62,64,62,62,6d,62,66,70,63,67,6a,62,6e,67,6b,
65,63,6f,6a,67,6f,65,6d,63,62,68,67,6d,6f,6a,68,6d,6e,67,6f,64,6a,6b,62,61,\
"haihofnpmgmhjfmc"=hex:63,62,6e,66,68,69,6c,6e,68,67,68,6e,64,6d,6b,61,61,6c,
6c,6f,61,6e,6c,66,6b,6b,6b,64,6d,62,70,66,6b,6b,6c,6f,6f,66,00,00
"haihofnpbfmnlepb"=hex:6f,61,66,69,65,67,64,68,62,66,6c,6e,63,62,6c,6c,6b,6d,
67,70,6d,65,64,6c,68,62,6c,67,61,61,00,66
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000009
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-05-03 10:56:22
ComboFix-quarantined-files.txt 2011-05-03 00:56
.
Pre-Run: 201,441,955,840 bytes free
Post-Run: 203,345,326,080 bytes free
.
- - End Of File - - 6E37FEA35733863D493B0D741ABB367E

SuperDave · « **Reply #19 on:** May 02, 2011, 07:41:11 PM »

That looks good. Don't despair. We're almost at the end.

P2P - I see you have P2P software installed on your machine (\uTorrent and BitTorrent). We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It is certainly contributing to your current situation.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.
*************************************************
Re-running ComboFix to remove infections:

Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Open notepad and copy/paste the text in the quotebox below into it:
Quote
KillAll::

RegNull::
[HKEY_USERS\S-1-5-21-3225168310-450358799-2518029026-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0619892F-D16A-973B-E705-9F49F072D162}*]
"lahilkapdgongndefaipeipf"=hex:65,62,64,62,62,6d,62,66,70,63,67,6a,62,6e,67,6b,
65,63,6f,6a,67,6f,65,6d,63,62,68,67,6d,6f,6a,68,6d,6e,67,6f,64,6a,6b,62,61,\
"haihofnpmgmhjfmc"=hex:63,62,6e,66,68,69,6c,6e,68,67,68,6e,64,6d,6b,61,61,6c,
6c,6f,61,6e,6c,66,6b,6b,6b,64,6d,62,70,66,6b,6b,6c,6f,6f,66,00,00
"haihofnpbfmnlepb"=hex:6f,61,66,69,65,67,64,68,62,66,6c,6e,63,62,6c,6c,6b,6d,
67,70,6d,65,64,6c,68,62,6c,67,61,61,00,66

MBR::
Save this as CFScript.txt, in the same location as ComboFix.exe
Referring to the picture above, drag CFScript into ComboFix.exe
When finished, it shall produce a log for you at C:\ComboFix.txt
Please post the contents of the log in your next reply.

*****************************************************
Download Security Check by screen317 from one of the following links and save it to your desktop.

Link 1
Link 2

* Unzip SecurityCheck.zip and a folder named Security Check should appear.
* Open the Security Check folder and double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.

Computer Hope Forum

News:

Author Topic: Virus Removal Assistance Needed, Please Help :S (Read 33286 times)

SuperDave

Re: Virus Removal Assistance Needed, Please Help :S

dodo_fleet

Re: Virus Removal Assistance Needed, Please Help :S

SuperDave

Re: Virus Removal Assistance Needed, Please Help :S

dodo_fleet

Re: Virus Removal Assistance Needed, Please Help :S

SuperDave

Re: Virus Removal Assistance Needed, Please Help :S