Inactive URL Constantly Being Blocked, Malware?

Status
Not open for further replies.
EXCellR8

EXCellR8

Posts: 1,797   +1
I am using Avast 6 and every 3 or so minutes the box pops up in the corner stating that a malicious URL has been blocked. The process is always PING.EXE or one of the svchost.exe and I can't figure out what's going on. Malware scan didn't turn up anything but I did delete a couple of suspicious startup entries, which haven't been recreated thus far. Nothing in the installed programs list looks off...

Firefox has also become problematic as all my links seem to redirect me to some web page where nothing appears. I've cleaned the web cache and deleted all temp files and history but the problem persists. CPU usage seems normal and I can't find any running processes that look suspicious. Anything else I can try here?

OS is Windows 7 Ultimate 64-bit
 
Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
Thanks for the reply I've posted the results below. Malwarebytes did pick up on one rootkit which was deleted and I restarted the computer when prompted. I downloaded and ran gmer.exe from C:\gmer but the quick scan didn't show any results, thus no log was created. I do have both of the DDS txt files...

MBAM

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7736

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

9/18/2011 12:21:28 AM
mbam-log-2011-09-18 (00-21-28).txt

Scan type: Quick scan
Objects scanned: 194511
Time elapsed: 38 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Derek\AppData\Local\Temp\gouvspk.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.

DDS.txt

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_26
Run by Derek at 0:40:55 on 2011-09-18
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.6134.3721 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\WTouch\WTouchService.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files (x86)\PowerChute\mainserv.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Pen_Tablet.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\PowerChute\dataserv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Logitech\SetPoint II\SetPointII.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDSirReal.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files\WTouch\WTouchUser.exe
C:\Program Files\CoreTemp\Core Temp.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files\Avast\AvastUI.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files (x86)\ATI\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Malwarebytes\mbamgui.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Windows\system32\WTablet\Pen_TabletUser.exe
C:\Windows\system32\Pen_Tablet.exe
C:\Program Files (x86)\ATI\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Malwarebytes\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyServer = 88.220.37.150:8080
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Steam] "E:\Game Files\Steam\steam.exe" -silent
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [avast5] "C:\Program Files\Avast\avastUI.exe" /nogui
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [StartCCC] "C:\Program Files (x86)\ATI\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [<NO NAME>]
mRun: [Display] C:\Program Files (x86)\PowerChute\DataCollectionLauncher.exe
mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes\mbamgui.exe" /starttray
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\APCUPS~1.LNK - C:\Program Files (x86)\PowerChute\Display.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SETPOI~1.LNK - C:\Program Files (x86)\Logitech\SetPoint II\SetPointII.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: Interfaces\{3175E6B0-E2A6-4BF2-9F1E-CD9C29EDDB8D} : NameServer = 208.67.222.222,208.67.220.220
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun-x64: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun-x64: [avast5] "C:\Program Files\Avast\avastUI.exe" /nogui
mRun-x64: [CTxfiHlp] CTXFIHLP.EXE
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [(Default)]
mRun-x64: [Display] C:\Program Files (x86)\PowerChute\DataCollectionLauncher.exe
mRun-x64: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes\mbamgui.exe" /starttray
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Derek\AppData\Roaming\Mozilla\Firefox\Profiles\cqzqkhbf.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=en&q=
FF - prefs.js: network.proxy.http - 89.252.8.150
FF - prefs.js: network.proxy.http_port - 808
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.50524.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
FF - plugin: C:\Program Files (x86)\VLC\npvlc.dll
FF - plugin: C:\Users\Derek\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AiCharger;ASUS Charger Driver;C:\Windows\system32\DRIVERS\AiCharger.sys --> C:\Windows\system32\DRIVERS\AiCharger.sys [?]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);C:\Windows\system32\DRIVERS\tdrpm273.sys --> C:\Windows\system32\DRIVERS\tdrpm273.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-4-25 3246040]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 APC Data Service;APC Data Service;C:\Program Files (x86)\PowerChute\dataserv.exe [2010-9-14 21880]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Avast\AvastSvc.exe [2011-9-13 44768]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-5-10 13336]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes\mbamservice.exe [2011-9-17 366152]
R2 TabletServicePen;TabletServicePen;C:\Windows\system32\Pen_Tablet.exe --> C:\Windows\system32\Pen_Tablet.exe [?]
R2 WTouchService;WTouch Service;C:\Program Files\WTouch\WTouchService.exe [2010-4-16 127784]
R3 afcdp;afcdp;C:\Windows\system32\DRIVERS\afcdp.sys --> C:\Windows\system32\DRIVERS\afcdp.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]
R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]
R3 ha20x22k;Creative 20X2 HAL Driver;C:\Windows\system32\drivers\ha20x22k.sys --> C:\Windows\system32\drivers\ha20x22k.sys [?]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\system32\drivers\LGBusEnum.sys --> C:\Windows\system32\drivers\LGBusEnum.sys [?]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\system32\drivers\LGVirHid.sys --> C:\Windows\system32\drivers\LGVirHid.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 wacmoumonitor;Wacom Mode Helper;C:\Windows\system32\DRIVERS\wacmoumonitor.sys --> C:\Windows\system32\DRIVERS\wacmoumonitor.sys [?]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-6-21 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-10-22 79360]
S3 CT20XUT;CT20XUT;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]
S3 CTEXFIFX;CTEXFIFX;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]
S3 CTHWIUT;CTHWIUT;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-12-1 1436424]
S4 netr7364;RT73 USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr7364.sys --> C:\Windows\system32\DRIVERS\netr7364.sys [?]
S4 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
.
=============== Created Last 30 ================
.
2011-09-18 04:31:22 -------- d-----w- C:\gmer
2011-09-15 18:18:35 -------- d-----w- C:\ProgramData\ManiaPlanet
2011-09-05 21:51:49 -------- d-----w- C:\Users\Derek\AppData\Roaming\Spotify
2011-09-05 21:51:49 -------- d-----w- C:\Users\Derek\AppData\Local\Spotify
2011-09-05 21:51:39 -------- d-----w- C:\Program Files (x86)\Spotify
2011-08-23 07:12:10 -------- d-----w- C:\Users\Derek\AppData\Local\28050
2011-08-21 20:56:38 -------- d-----w- C:\Program Files (x86)\Microsoft XNA
.
==================== Find3M ====================
.
2011-09-06 20:45:29 41184 ----a-w- C:\Windows\avastSS.scr
2011-09-06 20:38:18 601944 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-09-06 20:36:30 65368 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-08-31 21:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-08-21 05:06:28 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-12 15:34:00 96104 ----a-w- C:\Windows\System32\dns-sd.exe
2011-07-12 15:34:00 85864 ----a-w- C:\Windows\System32\dnssd.dll
2011-07-12 15:34:00 61288 ----a-w- C:\Windows\System32\jdns_sd.dll
2011-07-12 15:34:00 212840 ----a-w- C:\Windows\System32\dnssdX.dll
2011-07-12 15:20:54 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2011-07-12 15:20:54 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-07-12 15:20:54 50536 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
2011-07-12 15:20:54 178536 ----a-w- C:\Windows\SysWow64\dnssdX.dll
2011-07-05 22:37:00 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2011-07-05 22:37:00 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2011-06-21 22:03:02 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll
.
============= FINISH: 0:41:26.72 ===============

Attach.txt

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume3
Install Date: 10/22/2009 1:06:41 PM
System Uptime: 9/18/2011 12:22:48 AM (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P6T
Processor: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz | LGA1366 | 4000/199mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 97.448 GiB free.
D: is FIXED (NTFS) - 466 GiB total, 101.841 GiB free.
E: is FIXED (NTFS) - 932 GiB total, 564.556 GiB free.
F: is FIXED (NTFS) - 298 GiB total, 14.693 GiB free.
G: is FIXED (NTFS) - 149 GiB total, 35.809 GiB free.
J: is FIXED (NTFS) - 0 GiB total, 0.031 GiB free.
Q: is CDROM ()
V: is CDROM ()
Z: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Description: Intel Processor
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_26_-_INTEL(R)_CORE(TM)_I7_CPU_________920__@_2.67GHZ\_6
Manufacturer: Intel
Name: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz
PNP Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_26_-_INTEL(R)_CORE(TM)_I7_CPU_________920__@_2.67GHZ\_6
Service: intelppm
.
Class GUID: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Description: Intel Processor
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_26_-_INTEL(R)_CORE(TM)_I7_CPU_________920__@_2.67GHZ\_1
Manufacturer: Intel
Name: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz
PNP Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_26_-_INTEL(R)_CORE(TM)_I7_CPU_________920__@_2.67GHZ\_1
Service: intelppm
.
Class GUID: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Description: Intel Processor
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_26_-_INTEL(R)_CORE(TM)_I7_CPU_________920__@_2.67GHZ\_7
Manufacturer: Intel
Name: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz
PNP Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_26_-_INTEL(R)_CORE(TM)_I7_CPU_________920__@_2.67GHZ\_7
Service: intelppm
.
Class GUID: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Description: Intel Processor
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_26_-_INTEL(R)_CORE(TM)_I7_CPU_________920__@_2.67GHZ\_2
Manufacturer: Intel
Name: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz
PNP Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_26_-_INTEL(R)_CORE(TM)_I7_CPU_________920__@_2.67GHZ\_2
Service: intelppm
.
Class GUID: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Description: Intel Processor
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_26_-_INTEL(R)_CORE(TM)_I7_CPU_________920__@_2.67GHZ\_8
Manufacturer: Intel
Name: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz
PNP Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_26_-_INTEL(R)_CORE(TM)_I7_CPU_________920__@_2.67GHZ\_8
Service: intelppm
.
Class GUID: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Description: Intel Processor
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_26_-_INTEL(R)_CORE(TM)_I7_CPU_________920__@_2.67GHZ\_3
Manufacturer: Intel
Name: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz
PNP Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_26_-_INTEL(R)_CORE(TM)_I7_CPU_________920__@_2.67GHZ\_3
Service: intelppm
.
Class GUID: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Description: Intel Processor
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_26_-_INTEL(R)_CORE(TM)_I7_CPU_________920__@_2.67GHZ\_4
Manufacturer: Intel
Name: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz
PNP Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_26_-_INTEL(R)_CORE(TM)_I7_CPU_________920__@_2.67GHZ\_4
Service: intelppm
.
Class GUID: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Description: Intel Processor
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_26_-_INTEL(R)_CORE(TM)_I7_CPU_________920__@_2.67GHZ\_5
Manufacturer: Intel
Name: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz
PNP Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_26_-_INTEL(R)_CORE(TM)_I7_CPU_________920__@_2.67GHZ\_5
Service: intelppm
.
==== System Restore Points ===================
.
RP230: 8/4/2011 12:00:02 AM - Scheduled Checkpoint
RP231: 8/4/2011 1:41:53 PM - Installed Rosetta Stone Version 3
RP232: 8/8/2011 6:44:38 PM - Installed iTunes
RP233: 8/8/2011 6:52:31 PM - Removed iTunes
RP234: 8/16/2011 12:00:02 AM - Scheduled Checkpoint
RP235: 8/21/2011 4:56:34 PM - Installed Microsoft XNA Framework Redistributable 3.1
RP236: 8/23/2011 3:11:31 AM - Installed DirectX
RP237: 8/24/2011 11:31:36 PM - Installed DirectX
RP238: 9/1/2011 12:24:34 AM - Scheduled Checkpoint
RP239: 9/9/2011 12:48:05 AM - Scheduled Checkpoint
RP240: 9/15/2011 2:18:55 PM - Installed DirectX
.
==== Installed Programs ======================
.
µTorrent
Acrobat.com
Acronis*True*Image*Home 2011
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe CSI CS4
Adobe Default Language CS4
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Illustrator CS4
Adobe InDesign CS4
Adobe InDesign CS4 Application Feature Set Files (Roman)
Adobe InDesign CS4 Common Base Files
Adobe InDesign CS4 Icon Handler
Adobe Linguistics CS4
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Reader X (10.1.0)
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe SGM CS4
Adobe SING CS4
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Akamai NetSession Interface
APC PowerChute Personal Edition 3.0
Apple Application Support
Apple Software Update
Assassin's Creed Brotherhood
ASUS Ai Charger
Autodesk Backburner 2008.1
Autodesk Material Library 2011
Autodesk Material Library 2011 Base Image library
Autodesk Material Library 2011 Medium Image library
avast! Free Antivirus
Bamboo
Bastion
BioShock
BioShock 2
Brink
Bulletstorm
Call of Duty: Black Ops
Call of Duty: Black Ops - Multiplayer
Call of Pripyat Complete v1.0.2
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
ccc-core-static
CCC Help English
Connect
Creative ALchemy
Creative Audio Control Panel
Creative Console Launcher
Creative Software AutoUpdate
Creative Sound Blaster Properties x64 Edition
Crysis® 2
Dead Space™ 2
Deus Ex Human Revolution Augmented Edition Bonus Content
Deus Ex: Game of the Year Edition
Deus Ex: Human Revolution
DiRT2
Duke Nukem Forever
erLT
Fallout 3
Fallout: New Vegas
Folding@home-gpu
Folding@home-x86
Futuremark SystemInfo
Google Earth
Hard Reset
High-Definition Video Playback 10
HP USB Disk Storage Format Tool
ImgBurn
Intel(R) Rapid Storage Technology
Intel® Solid-State Drive Toolbox
Java Auto Updater
Java(TM) 6 Update 20
Java(TM) 6 Update 26
Just Cause 2
kuler
LCDSirReal - a multipurpose plugin for the Logitech G13/G15
LG USB Modem driver
Malwarebytes' Anti-Malware version 1.51.2.1300
ManiaPlanet
Mass Effect 2
MediaMonkey 3.2
Metro 2033
Microsoft Chart Controls for Microsoft .NET Framework 3.5
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft XNA Framework Redistributable 3.1
Mozilla Firefox 6.0 (x86 en-US)
Mozilla Thunderbird (6.0.2)
Natural Selection 2
Need for Speed(TM) Hot Pursuit
Nero 10 Menu TemplatePack Basic
Nero 10 Movie ThemePack Basic
Nero Burning ROM 10
Nero Control Center 10
Nero Core Components 10
Nero DiscSpeed 10
Nero Dolby Files 10
Nero Multimedia Suite 10
NVIDIA Photoshop Plug-ins 64 bit
NVIDIA PhysX
OpenAL
OpenOffice.org 3.2
PCMark Vantage
PDF Settings CS4
Photoshop Camera Raw
Plus Pack for Acronis True Image Home 2011
Portal 2
PunkBuster Services
QuickTime
Rapture3D 2.4.4 Game
Rosetta Stone Version 3
S.T.A.L.K.E.R. - Call of Pripyat [v1.6.02]
Section 8: Prejudice
SHIFT 2 UNLEASHED™
Spotify
StarCraft II
Suite Shared Configuration CS4
Super Meat Boy
Tom Clancy's Splinter Cell Conviction
Ubisoft Game Launcher
Veetle TV 0.9.17
VLC media player 1.0.5
WebTablet IE Plugin
WebTablet Netscape Plugin
Winamp
ZBrush 3.5 R3
.
==== Event Viewer Messages From Past Week ========
.
9/18/2011 12:40:24 AM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.
9/18/2011 12:24:00 AM, Error: Service Control Manager [7023] - The Superfetch service terminated with the following error: The system cannot find the file specified.
.
==== End Of File ===========================
 
Download TDSSKiller and save it to your desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
 
Alright I'll try that after work... there's definitely still something in there because every now and then an extra tab will appear in Firefox that's filled with garbage advertising.
 
yea it's alright, computer is relatively normal other than a few little things... i've encountered MUCH worse.

here's the TDSS logs:

before rootkit removal

2011/09/18 04:22:32.0561 7812 TDSS rootkit removing tool 2.5.22.0 Sep 13 2011 15:55:17
2011/09/18 04:22:32.0861 7812 ================================================================================
2011/09/18 04:22:32.0861 7812 SystemInfo:
2011/09/18 04:22:32.0861 7812
2011/09/18 04:22:32.0861 7812 OS Version: 6.1.7600 ServicePack: 0.0
2011/09/18 04:22:32.0861 7812 Product type: Workstation
2011/09/18 04:22:32.0861 7812 ComputerName: P6TX58-64
2011/09/18 04:22:32.0861 7812 UserName: Derek
2011/09/18 04:22:32.0861 7812 Windows directory: C:\Windows
2011/09/18 04:22:32.0861 7812 System windows directory: C:\Windows
2011/09/18 04:22:32.0861 7812 Running under WOW64
2011/09/18 04:22:32.0861 7812 Processor architecture: Intel x64
2011/09/18 04:22:32.0861 7812 Number of processors: 8
2011/09/18 04:22:32.0861 7812 Page size: 0x1000
2011/09/18 04:22:32.0861 7812 Boot type: Normal boot
2011/09/18 04:22:32.0861 7812 ================================================================================
2011/09/18 04:22:33.0071 7812 Initialize success
2011/09/18 04:22:43.0491 7936 ================================================================================
2011/09/18 04:22:43.0491 7936 Scan started
2011/09/18 04:22:43.0491 7936 Mode: Manual;
2011/09/18 04:22:43.0491 7936 ================================================================================
2011/09/18 04:22:43.0661 7936 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/09/18 04:22:43.0671 7936 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
2011/09/18 04:22:43.0671 7936 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/09/18 04:22:43.0681 7936 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
2011/09/18 04:22:43.0701 7936 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/09/18 04:22:43.0701 7936 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/09/18 04:22:43.0711 7936 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/09/18 04:22:43.0721 7936 afcdp (ae1fce2cd1e99bea89183ba8cd320872) C:\Windows\system32\DRIVERS\afcdp.sys
2011/09/18 04:22:43.0741 7936 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2011/09/18 04:22:43.0741 7936 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/09/18 04:22:43.0751 7936 AiCharger (254a19686e9c8e1b59ac06b7fd1e753c) C:\Windows\system32\DRIVERS\AiCharger.sys
2011/09/18 04:22:43.0761 7936 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/09/18 04:22:43.0781 7936 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/09/18 04:22:43.0781 7936 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/09/18 04:22:43.0841 7936 amdkmdag (dcc8177244fe79c61c4e73c65e63922a) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/09/18 04:22:43.0881 7936 amdkmdap (7fe67d107329dc2cf89136a8e19bceb7) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/09/18 04:22:43.0891 7936 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/09/18 04:22:43.0901 7936 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
2011/09/18 04:22:43.0901 7936 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/09/18 04:22:43.0911 7936 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
2011/09/18 04:22:43.0921 7936 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/09/18 04:22:43.0931 7936 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/09/18 04:22:43.0941 7936 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/09/18 04:22:43.0951 7936 aswFsBlk (5a68b880c16ad5a6aa20b49a47ffff24) C:\Windows\system32\drivers\aswFsBlk.sys
2011/09/18 04:22:43.0951 7936 aswMonFlt (230613be2d3da8053879be5ed2848f2d) C:\Windows\system32\drivers\aswMonFlt.sys
2011/09/18 04:22:43.0961 7936 aswRdr (0dc1996ae4178d7d14744ef6b3082313) C:\Windows\system32\drivers\aswRdr.sys
2011/09/18 04:22:43.0971 7936 aswSnx (b6ff911c23775cdfdd49612d92637af4) C:\Windows\system32\drivers\aswSnx.sys
2011/09/18 04:22:43.0981 7936 aswSP (5a590d8516376aed1829fc07d3bdaa4b) C:\Windows\system32\drivers\aswSP.sys
2011/09/18 04:22:43.0991 7936 aswTdi (3239c0082fb0c1c4ee323730b85690a5) C:\Windows\system32\drivers\aswTdi.sys
2011/09/18 04:22:44.0001 7936 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/18 04:22:44.0001 7936 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/09/18 04:22:44.0011 7936 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
2011/09/18 04:22:44.0021 7936 AtiHdmiService (d481083348138b4933acfe95812db71c) C:\Windows\system32\drivers\AtiHdmi.sys
2011/09/18 04:22:44.0061 7936 atikmdag (dcc8177244fe79c61c4e73c65e63922a) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/09/18 04:22:44.0101 7936 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/09/18 04:22:44.0111 7936 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/09/18 04:22:44.0121 7936 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/09/18 04:22:44.0131 7936 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/09/18 04:22:44.0141 7936 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/18 04:22:44.0141 7936 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/09/18 04:22:44.0151 7936 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/09/18 04:22:44.0161 7936 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/09/18 04:22:44.0171 7936 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/09/18 04:22:44.0171 7936 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/09/18 04:22:44.0181 7936 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/09/18 04:22:44.0181 7936 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/09/18 04:22:44.0201 7936 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/18 04:22:44.0201 7936 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/18 04:22:44.0211 7936 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/09/18 04:22:44.0221 7936 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/09/18 04:22:44.0231 7936 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/09/18 04:22:44.0241 7936 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/09/18 04:22:44.0251 7936 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/09/18 04:22:44.0251 7936 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/09/18 04:22:44.0261 7936 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/09/18 04:22:44.0281 7936 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/09/18 04:22:44.0291 7936 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
2011/09/18 04:22:44.0311 7936 CT20XUT (e756ef26b1f90f5e01a158dbaa17633b) C:\Windows\system32\drivers\CT20XUT.SYS
2011/09/18 04:22:44.0311 7936 CT20XUT.SYS (e756ef26b1f90f5e01a158dbaa17633b) C:\Windows\System32\drivers\CT20XUT.SYS
2011/09/18 04:22:44.0321 7936 ctac32k (6a451cca41b89b2a742c53765f838026) C:\Windows\system32\drivers\ctac32k.sys
2011/09/18 04:22:44.0331 7936 ctaud2k (99f6f1c63c0371dc71cbff91d0ca5788) C:\Windows\system32\drivers\ctaud2k.sys
2011/09/18 04:22:44.0361 7936 CTEXFIFX (2b63b90cea9398d992ef35111a9a2fd6) C:\Windows\system32\drivers\CTEXFIFX.SYS
2011/09/18 04:22:44.0371 7936 CTEXFIFX.SYS (2b63b90cea9398d992ef35111a9a2fd6) C:\Windows\System32\drivers\CTEXFIFX.SYS
2011/09/18 04:22:44.0381 7936 CTHWIUT (e6a1cfc352f5dd1d9dd19a44e95d4e16) C:\Windows\system32\drivers\CTHWIUT.SYS
2011/09/18 04:22:44.0381 7936 CTHWIUT.SYS (e6a1cfc352f5dd1d9dd19a44e95d4e16) C:\Windows\System32\drivers\CTHWIUT.SYS
2011/09/18 04:22:44.0391 7936 ctprxy2k (814da956ecac0449fb57ea077bc276d3) C:\Windows\system32\drivers\ctprxy2k.sys
2011/09/18 04:22:44.0401 7936 ctsfm2k (98d972106c1a12e8cfe6b029e11473aa) C:\Windows\system32\drivers\ctsfm2k.sys
2011/09/18 04:22:44.0411 7936 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2011/09/18 04:22:44.0421 7936 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/09/18 04:22:44.0431 7936 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/09/18 04:22:44.0441 7936 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/09/18 04:22:44.0451 7936 DXGKrnl (7cb7d2b73813ce05c7bc0f5f95d27cec) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/18 04:22:44.0481 7936 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/09/18 04:22:44.0511 7936 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/09/18 04:22:44.0521 7936 emupia (659fb9daf4e6ed15ffaa69e4b29ef092) C:\Windows\system32\drivers\emupia2k.sys
2011/09/18 04:22:44.0521 7936 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/09/18 04:22:44.0541 7936 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/09/18 04:22:44.0551 7936 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/09/18 04:22:44.0551 7936 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/18 04:22:44.0561 7936 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/09/18 04:22:44.0571 7936 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/09/18 04:22:44.0581 7936 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/18 04:22:44.0591 7936 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/09/18 04:22:44.0601 7936 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/09/18 04:22:44.0611 7936 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/18 04:22:44.0611 7936 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
2011/09/18 04:22:44.0621 7936 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/09/18 04:22:44.0641 7936 ha20x22k (7cb466f6d66d0b2446e9366ed7f51627) C:\Windows\system32\drivers\ha20x22k.sys
2011/09/18 04:22:44.0661 7936 ha20x2k (99801e11163fea2f3919dbe2386a61d6) C:\Windows\system32\drivers\ha20x2k.sys
2011/09/18 04:22:44.0671 7936 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/09/18 04:22:44.0681 7936 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/09/18 04:22:44.0681 7936 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/09/18 04:22:44.0691 7936 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/09/18 04:22:44.0701 7936 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/09/18 04:22:44.0701 7936 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/09/18 04:22:44.0711 7936 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/09/18 04:22:44.0731 7936 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/09/18 04:22:44.0741 7936 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/09/18 04:22:44.0741 7936 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/09/18 04:22:44.0751 7936 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/18 04:22:44.0761 7936 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
2011/09/18 04:22:44.0771 7936 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/09/18 04:22:44.0781 7936 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/09/18 04:22:44.0791 7936 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/09/18 04:22:44.0801 7936 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/18 04:22:44.0811 7936 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/18 04:22:44.0811 7936 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/09/18 04:22:44.0821 7936 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/09/18 04:22:44.0831 7936 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/09/18 04:22:44.0831 7936 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/09/18 04:22:44.0841 7936 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/09/18 04:22:44.0851 7936 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/09/18 04:22:44.0851 7936 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/09/18 04:22:44.0861 7936 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/18 04:22:44.0871 7936 KSecPkg (bbe1bf6d9b661c354d4857d5fadb943b) C:\Windows\system32\Drivers\ksecpkg.sys
2011/09/18 04:22:44.0871 7936 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/09/18 04:22:44.0891 7936 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
2011/09/18 04:22:44.0901 7936 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
2011/09/18 04:22:44.0901 7936 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\Windows\system32\DRIVERS\LHidFilt.Sys
2011/09/18 04:22:44.0911 7936 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/18 04:22:44.0921 7936 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\Windows\system32\DRIVERS\LMouFilt.Sys
2011/09/18 04:22:44.0931 7936 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/09/18 04:22:44.0931 7936 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/09/18 04:22:44.0941 7936 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/09/18 04:22:44.0951 7936 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/09/18 04:22:44.0951 7936 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/09/18 04:22:44.0961 7936 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
2011/09/18 04:22:44.0971 7936 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/09/18 04:22:44.0981 7936 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/09/18 04:22:44.0991 7936 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/09/18 04:22:44.0991 7936 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/18 04:22:45.0001 7936 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/09/18 04:22:45.0011 7936 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/18 04:22:45.0011 7936 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/09/18 04:22:45.0021 7936 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/09/18 04:22:45.0031 7936 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/18 04:22:45.0031 7936 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/09/18 04:22:45.0041 7936 mrxsmb (cfdcd8ca87c2a657debc150ac35b5e08) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/18 04:22:45.0051 7936 mrxsmb10 (1bee517b220b7f024f411aec1571dd5a) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/18 04:22:45.0061 7936 mrxsmb20 (6b2d5fef385828b6e485c1c90afb8195) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/18 04:22:45.0061 7936 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/09/18 04:22:45.0071 7936 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/09/18 04:22:45.0081 7936 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/09/18 04:22:45.0091 7936 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/09/18 04:22:45.0091 7936 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/09/18 04:22:45.0101 7936 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/18 04:22:45.0111 7936 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/18 04:22:45.0121 7936 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/09/18 04:22:45.0121 7936 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/09/18 04:22:45.0131 7936 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/09/18 04:22:45.0141 7936 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/09/18 04:22:45.0151 7936 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/09/18 04:22:45.0151 7936 MTsensor (6936198f2cc25b39cf5262436c80df46) C:\Windows\system32\DRIVERS\ASACPI.sys
2011/09/18 04:22:45.0161 7936 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/09/18 04:22:45.0171 7936 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/18 04:22:45.0181 7936 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/09/18 04:22:45.0191 7936 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/09/18 04:22:45.0201 7936 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/18 04:22:45.0211 7936 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/18 04:22:45.0211 7936 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/18 04:22:45.0221 7936 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/09/18 04:22:45.0231 7936 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/18 04:22:45.0231 7936 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/18 04:22:45.0251 7936 netr7364 (81b8d0c1ce44a7fdbd596b693783950c) C:\Windows\system32\DRIVERS\netr7364.sys
2011/09/18 04:22:45.0261 7936 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/09/18 04:22:45.0271 7936 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/09/18 04:22:45.0281 7936 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/18 04:22:45.0301 7936 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
2011/09/18 04:22:45.0311 7936 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/09/18 04:22:45.0321 7936 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/09/18 04:22:45.0321 7936 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
2011/09/18 04:22:45.0331 7936 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/09/18 04:22:45.0341 7936 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/09/18 04:22:45.0341 7936 ossrv (547e7d8aeb9266160d61eb655ff970ba) C:\Windows\system32\drivers\ctoss2k.sys
2011/09/18 04:22:45.0351 7936 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/09/18 04:22:45.0361 7936 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/09/18 04:22:45.0371 7936 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
2011/09/18 04:22:45.0381 7936 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/09/18 04:22:45.0381 7936 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/09/18 04:22:45.0391 7936 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/09/18 04:22:45.0401 7936 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/09/18 04:22:45.0441 7936 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/18 04:22:45.0441 7936 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
2011/09/18 04:22:45.0451 7936 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/18 04:22:45.0471 7936 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/09/18 04:22:45.0481 7936 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/09/18 04:22:45.0491 7936 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/18 04:22:45.0491 7936 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/18 04:22:45.0501 7936 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/09/18 04:22:45.0511 7936 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/18 04:22:45.0521 7936 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/18 04:22:45.0521 7936 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/18 04:22:45.0531 7936 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/18 04:22:45.0541 7936 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/09/18 04:22:45.0551 7936 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/18 04:22:45.0561 7936 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
2011/09/18 04:22:45.0561 7936 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/18 04:22:45.0571 7936 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/09/18 04:22:45.0581 7936 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/09/18 04:22:45.0591 7936 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2011/09/18 04:22:45.0601 7936 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/18 04:22:45.0611 7936 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
2011/09/18 04:22:45.0621 7936 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
2011/09/18 04:22:45.0631 7936 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/09/18 04:22:45.0631 7936 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/09/18 04:22:45.0651 7936 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/09/18 04:22:45.0661 7936 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/09/18 04:22:45.0661 7936 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/09/18 04:22:45.0671 7936 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/09/18 04:22:45.0681 7936 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/09/18 04:22:45.0691 7936 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/09/18 04:22:45.0701 7936 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/09/18 04:22:45.0701 7936 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/09/18 04:22:45.0711 7936 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/09/18 04:22:45.0721 7936 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/09/18 04:22:45.0731 7936 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/09/18 04:22:45.0741 7936 snapman (10450f432811d7fda60a97fcc674d7b2) C:\Windows\system32\DRIVERS\snapman.sys
2011/09/18 04:22:45.0751 7936 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/09/18 04:22:45.0761 7936 sptd (88e5162e58c8919cc873f5d8946197cf) C:\Windows\system32\Drivers\sptd.sys
2011/09/18 04:22:45.0761 7936 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 88e5162e58c8919cc873f5d8946197cf
2011/09/18 04:22:45.0771 7936 sptd - detected LockedFile.Multi.Generic (1)
2011/09/18 04:22:45.0771 7936 srv (ec8f67289105bf270498095f14963464) C:\Windows\system32\DRIVERS\srv.sys
2011/09/18 04:22:45.0781 7936 srv2 (f773d2ed090b7baa1c1a034f3ca476c8) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/18 04:22:45.0791 7936 srvnet (26e84d3649019c3244622e654dfcd75b) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/18 04:22:45.0801 7936 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/09/18 04:22:45.0811 7936 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
2011/09/18 04:22:45.0821 7936 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
2011/09/18 04:22:45.0821 7936 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/09/18 04:22:45.0861 7936 Tcpip (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\drivers\tcpip.sys
2011/09/18 04:22:45.0881 7936 TCPIP6 (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/18 04:22:45.0891 7936 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/18 04:22:45.0901 7936 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/09/18 04:22:45.0921 7936 tdrpman273 (99527d49ee0a96fc25537c61b270a372) C:\Windows\system32\DRIVERS\tdrpm273.sys
2011/09/18 04:22:45.0931 7936 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/09/18 04:22:45.0931 7936 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/18 04:22:45.0941 7936 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/09/18 04:22:45.0961 7936 timounter (ebbaea02f0095a798000c7e06b16d41b) C:\Windows\system32\DRIVERS\timntr.sys
2011/09/18 04:22:45.0981 7936 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/18 04:22:45.0981 7936 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/18 04:22:45.0991 7936 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/09/18 04:22:46.0001 7936 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/18 04:22:46.0011 7936 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/09/18 04:22:46.0021 7936 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/09/18 04:22:46.0021 7936 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/09/18 04:22:46.0031 7936 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
2011/09/18 04:22:46.0041 7936 usbbus (a760351af8b6d9e8d862db3b657a8bdd) C:\Windows\system32\DRIVERS\lgx64bus.sys
2011/09/18 04:22:46.0051 7936 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/18 04:22:46.0051 7936 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/09/18 04:22:46.0061 7936 UsbDiag (461cc33ce7cc38b696d4f04cd52640e4) C:\Windows\system32\DRIVERS\lgx64diag.sys
2011/09/18 04:22:46.0071 7936 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
2011/09/18 04:22:46.0071 7936 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/18 04:22:46.0081 7936 USBModem (c51cf486a3af418561077dd828ab70a1) C:\Windows\system32\DRIVERS\lgx64modem.sys
2011/09/18 04:22:46.0091 7936 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/09/18 04:22:46.0091 7936 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/09/18 04:22:46.0101 7936 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/09/18 04:22:46.0111 7936 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/09/18 04:22:46.0121 7936 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/09/18 04:22:46.0121 7936 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/18 04:22:46.0131 7936 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/09/18 04:22:46.0141 7936 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/09/18 04:22:46.0141 7936 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/09/18 04:22:46.0151 7936 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
2011/09/18 04:22:46.0161 7936 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
2011/09/18 04:22:46.0161 7936 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/09/18 04:22:46.0171 7936 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/09/18 04:22:46.0181 7936 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/09/18 04:22:46.0191 7936 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/09/18 04:22:46.0201 7936 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/09/18 04:22:46.0201 7936 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/09/18 04:22:46.0211 7936 wacmoumonitor (6b6718dc4b4597ec10f4f8c614282ee1) C:\Windows\system32\DRIVERS\wacmoumonitor.sys
2011/09/18 04:22:46.0221 7936 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys
2011/09/18 04:22:46.0231 7936 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/09/18 04:22:46.0231 7936 wacomvhid (26b430e7c5f598fe7353e3bc4b261321) C:\Windows\system32\DRIVERS\wacomvhid.sys
2011/09/18 04:22:46.0251 7936 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/18 04:22:46.0251 7936 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/18 04:22:46.0271 7936 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/09/18 04:22:46.0281 7936 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/18 04:22:46.0301 7936 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/09/18 04:22:46.0301 7936 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/09/18 04:22:46.0331 7936 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/09/18 04:22:46.0351 7936 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/18 04:22:46.0361 7936 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/09/18 04:22:46.0371 7936 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/18 04:22:46.0391 7936 xnacc (4a5ce13408945e525503b5f73d29b9c5) C:\Windows\system32\DRIVERS\xnacc.sys
2011/09/18 04:22:46.0401 7936 xusb21 (5aa532bbac7e34186edff24f72bcd61b) C:\Windows\system32\DRIVERS\xusb21.sys
2011/09/18 04:22:46.0401 7936 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
2011/09/18 04:22:46.0431 7936 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk3\DR3
2011/09/18 04:22:46.0441 7936 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk4\DR4
2011/09/18 04:22:46.0441 7936 MBR (0x1B8) (de1996b5390bac8242e23168f828c750) \Device\Harddisk0\DR0
2011/09/18 04:22:46.0451 7936 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/09/18 04:22:46.0451 7936 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
2011/09/18 04:22:46.0471 7936 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
2011/09/18 04:22:46.0481 7936 Boot (0x1200) (87e361d687c259c90e77444edbde1072) \Device\Harddisk3\DR3\Partition0
2011/09/18 04:22:46.0491 7936 Boot (0x1200) (187aab5e4c6104c55a523191caf47268) \Device\Harddisk4\DR4\Partition0
2011/09/18 04:22:46.0491 7936 Boot (0x1200) (1614f0664974f8acc68a5b782a7dce56) \Device\Harddisk0\DR0\Partition0
2011/09/18 04:22:46.0501 7936 Boot (0x1200) (25cf051f7953c7ca4d4e979f6fdc8153) \Device\Harddisk0\DR0\Partition1
2011/09/18 04:22:46.0501 7936 Boot (0x1200) (87bc019594ea9577769a390b945c6425) \Device\Harddisk1\DR1\Partition0
2011/09/18 04:22:46.0511 7936 Boot (0x1200) (6df51dd9e1aba8de3bf79eb7c3713b09) \Device\Harddisk2\DR2\Partition0
2011/09/18 04:22:46.0511 7936 ================================================================================
2011/09/18 04:22:46.0511 7936 Scan finished
2011/09/18 04:22:46.0511 7936 ================================================================================
2011/09/18 04:22:46.0521 7204 Detected object count: 2
2011/09/18 04:22:46.0521 7204 Actual detected object count: 2
2011/09/18 04:23:14.0792 7204 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/09/18 04:23:14.0792 7204 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/09/18 04:23:14.0792 7204 \Device\Harddisk0\DR0 - ok
2011/09/18 04:23:14.0792 7204 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure
2011/09/18 04:23:20.0312 7456 Deinitialize success
 
After rootkit removal and upon restart

2011/09/18 04:26:02.0979 6564 TDSS rootkit removing tool 2.5.22.0 Sep 13 2011 15:55:17
2011/09/18 04:26:02.0989 6564 ================================================================================
2011/09/18 04:26:02.0989 6564 SystemInfo:
2011/09/18 04:26:02.0989 6564
2011/09/18 04:26:02.0989 6564 OS Version: 6.1.7600 ServicePack: 0.0
2011/09/18 04:26:02.0989 6564 Product type: Workstation
2011/09/18 04:26:02.0989 6564 ComputerName: P6TX58-64
2011/09/18 04:26:02.0989 6564 UserName: Derek
2011/09/18 04:26:02.0989 6564 Windows directory: C:\Windows
2011/09/18 04:26:02.0989 6564 System windows directory: C:\Windows
2011/09/18 04:26:02.0989 6564 Running under WOW64
2011/09/18 04:26:02.0989 6564 Processor architecture: Intel x64
2011/09/18 04:26:02.0989 6564 Number of processors: 8
2011/09/18 04:26:02.0989 6564 Page size: 0x1000
2011/09/18 04:26:02.0989 6564 Boot type: Normal boot
2011/09/18 04:26:02.0989 6564 ================================================================================
2011/09/18 04:26:03.0399 6564 Initialize success
2011/09/18 04:26:06.0099 6676 ================================================================================
2011/09/18 04:26:06.0099 6676 Scan started
2011/09/18 04:26:06.0099 6676 Mode: Manual;
2011/09/18 04:26:06.0099 6676 ================================================================================
2011/09/18 04:26:06.0159 6676 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/09/18 04:26:06.0169 6676 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
2011/09/18 04:26:06.0169 6676 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/09/18 04:26:06.0179 6676 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
2011/09/18 04:26:06.0199 6676 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/09/18 04:26:06.0209 6676 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/09/18 04:26:06.0209 6676 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/09/18 04:26:06.0229 6676 afcdp (ae1fce2cd1e99bea89183ba8cd320872) C:\Windows\system32\DRIVERS\afcdp.sys
2011/09/18 04:26:06.0239 6676 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2011/09/18 04:26:06.0239 6676 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/09/18 04:26:06.0249 6676 AiCharger (254a19686e9c8e1b59ac06b7fd1e753c) C:\Windows\system32\DRIVERS\AiCharger.sys
2011/09/18 04:26:06.0259 6676 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/09/18 04:26:06.0279 6676 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/09/18 04:26:06.0279 6676 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/09/18 04:26:06.0339 6676 amdkmdag (dcc8177244fe79c61c4e73c65e63922a) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/09/18 04:26:06.0389 6676 amdkmdap (7fe67d107329dc2cf89136a8e19bceb7) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/09/18 04:26:06.0389 6676 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/09/18 04:26:06.0399 6676 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
2011/09/18 04:26:06.0409 6676 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/09/18 04:26:06.0409 6676 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
2011/09/18 04:26:06.0419 6676 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/09/18 04:26:06.0439 6676 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/09/18 04:26:06.0449 6676 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/09/18 04:26:06.0449 6676 aswFsBlk (5a68b880c16ad5a6aa20b49a47ffff24) C:\Windows\system32\drivers\aswFsBlk.sys
2011/09/18 04:26:06.0459 6676 aswMonFlt (230613be2d3da8053879be5ed2848f2d) C:\Windows\system32\drivers\aswMonFlt.sys
2011/09/18 04:26:06.0459 6676 aswRdr (0dc1996ae4178d7d14744ef6b3082313) C:\Windows\system32\drivers\aswRdr.sys
2011/09/18 04:26:06.0479 6676 aswSnx (b6ff911c23775cdfdd49612d92637af4) C:\Windows\system32\drivers\aswSnx.sys
2011/09/18 04:26:06.0479 6676 aswSP (5a590d8516376aed1829fc07d3bdaa4b) C:\Windows\system32\drivers\aswSP.sys
2011/09/18 04:26:06.0489 6676 aswTdi (3239c0082fb0c1c4ee323730b85690a5) C:\Windows\system32\drivers\aswTdi.sys
2011/09/18 04:26:06.0499 6676 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/18 04:26:06.0499 6676 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/09/18 04:26:06.0509 6676 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
2011/09/18 04:26:06.0519 6676 AtiHdmiService (d481083348138b4933acfe95812db71c) C:\Windows\system32\drivers\AtiHdmi.sys
2011/09/18 04:26:06.0549 6676 atikmdag (dcc8177244fe79c61c4e73c65e63922a) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/09/18 04:26:06.0589 6676 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/09/18 04:26:06.0599 6676 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/09/18 04:26:06.0609 6676 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/09/18 04:26:06.0629 6676 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/09/18 04:26:06.0629 6676 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/18 04:26:06.0639 6676 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/09/18 04:26:06.0649 6676 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/09/18 04:26:06.0659 6676 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/09/18 04:26:06.0659 6676 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/09/18 04:26:06.0669 6676 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/09/18 04:26:06.0679 6676 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/09/18 04:26:06.0679 6676 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/09/18 04:26:06.0689 6676 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/18 04:26:06.0699 6676 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/18 04:26:06.0709 6676 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/09/18 04:26:06.0719 6676 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/09/18 04:26:06.0729 6676 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/09/18 04:26:06.0739 6676 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/09/18 04:26:06.0749 6676 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/09/18 04:26:06.0749 6676 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/09/18 04:26:06.0759 6676 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/09/18 04:26:06.0779 6676 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/09/18 04:26:06.0789 6676 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
2011/09/18 04:26:06.0809 6676 CT20XUT (e756ef26b1f90f5e01a158dbaa17633b) C:\Windows\system32\drivers\CT20XUT.SYS
2011/09/18 04:26:06.0809 6676 CT20XUT.SYS (e756ef26b1f90f5e01a158dbaa17633b) C:\Windows\System32\drivers\CT20XUT.SYS
2011/09/18 04:26:06.0819 6676 ctac32k (6a451cca41b89b2a742c53765f838026) C:\Windows\system32\drivers\ctac32k.sys
2011/09/18 04:26:06.0829 6676 ctaud2k (99f6f1c63c0371dc71cbff91d0ca5788) C:\Windows\system32\drivers\ctaud2k.sys
2011/09/18 04:26:06.0849 6676 CTEXFIFX (2b63b90cea9398d992ef35111a9a2fd6) C:\Windows\system32\drivers\CTEXFIFX.SYS
2011/09/18 04:26:06.0869 6676 CTEXFIFX.SYS (2b63b90cea9398d992ef35111a9a2fd6) C:\Windows\System32\drivers\CTEXFIFX.SYS
2011/09/18 04:26:06.0879 6676 CTHWIUT (e6a1cfc352f5dd1d9dd19a44e95d4e16) C:\Windows\system32\drivers\CTHWIUT.SYS
2011/09/18 04:26:06.0879 6676 CTHWIUT.SYS (e6a1cfc352f5dd1d9dd19a44e95d4e16) C:\Windows\System32\drivers\CTHWIUT.SYS
2011/09/18 04:26:06.0889 6676 ctprxy2k (814da956ecac0449fb57ea077bc276d3) C:\Windows\system32\drivers\ctprxy2k.sys
2011/09/18 04:26:06.0899 6676 ctsfm2k (98d972106c1a12e8cfe6b029e11473aa) C:\Windows\system32\drivers\ctsfm2k.sys
2011/09/18 04:26:06.0909 6676 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2011/09/18 04:26:06.0919 6676 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/09/18 04:26:06.0919 6676 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/09/18 04:26:06.0939 6676 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/09/18 04:26:06.0949 6676 DXGKrnl (7cb7d2b73813ce05c7bc0f5f95d27cec) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/18 04:26:06.0979 6676 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/09/18 04:26:07.0009 6676 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/09/18 04:26:07.0019 6676 emupia (659fb9daf4e6ed15ffaa69e4b29ef092) C:\Windows\system32\drivers\emupia2k.sys
2011/09/18 04:26:07.0019 6676 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/09/18 04:26:07.0039 6676 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/09/18 04:26:07.0039 6676 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/09/18 04:26:07.0049 6676 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/18 04:26:07.0059 6676 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/09/18 04:26:07.0069 6676 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/09/18 04:26:07.0079 6676 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/18 04:26:07.0089 6676 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/09/18 04:26:07.0099 6676 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/09/18 04:26:07.0109 6676 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/18 04:26:07.0109 6676 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
2011/09/18 04:26:07.0119 6676 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/09/18 04:26:07.0139 6676 ha20x22k (7cb466f6d66d0b2446e9366ed7f51627) C:\Windows\system32\drivers\ha20x22k.sys
2011/09/18 04:26:07.0159 6676 ha20x2k (99801e11163fea2f3919dbe2386a61d6) C:\Windows\system32\drivers\ha20x2k.sys
2011/09/18 04:26:07.0169 6676 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/09/18 04:26:07.0179 6676 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/09/18 04:26:07.0189 6676 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/09/18 04:26:07.0189 6676 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/09/18 04:26:07.0199 6676 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/09/18 04:26:07.0199 6676 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/09/18 04:26:07.0209 6676 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/09/18 04:26:07.0229 6676 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/09/18 04:26:07.0239 6676 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/09/18 04:26:07.0239 6676 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/09/18 04:26:07.0249 6676 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/18 04:26:07.0259 6676 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
2011/09/18 04:26:07.0269 6676 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/09/18 04:26:07.0279 6676 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/09/18 04:26:07.0289 6676 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/09/18 04:26:07.0299 6676 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/18 04:26:07.0309 6676 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/18 04:26:07.0319 6676 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/09/18 04:26:07.0319 6676 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/09/18 04:26:07.0329 6676 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/09/18 04:26:07.0339 6676 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/09/18 04:26:07.0339 6676 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/09/18 04:26:07.0349 6676 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/09/18 04:26:07.0359 6676 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/09/18 04:26:07.0369 6676 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/18 04:26:07.0369 6676 KSecPkg (bbe1bf6d9b661c354d4857d5fadb943b) C:\Windows\system32\Drivers\ksecpkg.sys
2011/09/18 04:26:07.0379 6676 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/09/18 04:26:07.0399 6676 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
2011/09/18 04:26:07.0399 6676 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
2011/09/18 04:26:07.0409 6676 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\Windows\system32\DRIVERS\LHidFilt.Sys
2011/09/18 04:26:07.0419 6676 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/18 04:26:07.0429 6676 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\Windows\system32\DRIVERS\LMouFilt.Sys
2011/09/18 04:26:07.0429 6676 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/09/18 04:26:07.0439 6676 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/09/18 04:26:07.0449 6676 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/09/18 04:26:07.0449 6676 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/09/18 04:26:07.0459 6676 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/09/18 04:26:07.0469 6676 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
2011/09/18 04:26:07.0479 6676 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/09/18 04:26:07.0489 6676 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/09/18 04:26:07.0499 6676 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/09/18 04:26:07.0499 6676 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/18 04:26:07.0509 6676 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/09/18 04:26:07.0509 6676 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/18 04:26:07.0519 6676 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/09/18 04:26:07.0529 6676 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/09/18 04:26:07.0539 6676 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/18 04:26:07.0539 6676 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/09/18 04:26:07.0549 6676 mrxsmb (cfdcd8ca87c2a657debc150ac35b5e08) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/18 04:26:07.0559 6676 mrxsmb10 (1bee517b220b7f024f411aec1571dd5a) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/18 04:26:07.0569 6676 mrxsmb20 (6b2d5fef385828b6e485c1c90afb8195) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/18 04:26:07.0569 6676 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/09/18 04:26:07.0579 6676 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/09/18 04:26:07.0589 6676 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/09/18 04:26:07.0599 6676 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/09/18 04:26:07.0599 6676 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/09/18 04:26:07.0609 6676 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/18 04:26:07.0619 6676 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/18 04:26:07.0629 6676 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/09/18 04:26:07.0639 6676 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/09/18 04:26:07.0649 6676 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/09/18 04:26:07.0649 6676 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/09/18 04:26:07.0659 6676 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/09/18 04:26:07.0659 6676 MTsensor (6936198f2cc25b39cf5262436c80df46) C:\Windows\system32\DRIVERS\ASACPI.sys
2011/09/18 04:26:07.0669 6676 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/09/18 04:26:07.0679 6676 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/18 04:26:07.0699 6676 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/09/18 04:26:07.0709 6676 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/09/18 04:26:07.0709 6676 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/18 04:26:07.0719 6676 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/18 04:26:07.0729 6676 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/18 04:26:07.0729 6676 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/09/18 04:26:07.0739 6676 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/18 04:26:07.0749 6676 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/18 04:26:07.0759 6676 netr7364 (81b8d0c1ce44a7fdbd596b693783950c) C:\Windows\system32\DRIVERS\netr7364.sys
2011/09/18 04:26:07.0779 6676 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/09/18 04:26:07.0779 6676 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/09/18 04:26:07.0789 6676 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/18 04:26:07.0809 6676 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
2011/09/18 04:26:07.0819 6676 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/09/18 04:26:07.0829 6676 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/09/18 04:26:07.0839 6676 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
2011/09/18 04:26:07.0839 6676 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/09/18 04:26:07.0849 6676 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/09/18 04:26:07.0859 6676 ossrv (547e7d8aeb9266160d61eb655ff970ba) C:\Windows\system32\drivers\ctoss2k.sys
2011/09/18 04:26:07.0869 6676 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/09/18 04:26:07.0869 6676 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/09/18 04:26:07.0879 6676 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
2011/09/18 04:26:07.0889 6676 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/09/18 04:26:07.0899 6676 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/09/18 04:26:07.0899 6676 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/09/18 04:26:07.0909 6676 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/09/18 04:26:07.0949 6676 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/18 04:26:07.0959 6676 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
2011/09/18 04:26:07.0969 6676 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/18 04:26:07.0979 6676 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/09/18 04:26:07.0989 6676 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/09/18 04:26:07.0999 6676 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/18 04:26:08.0009 6676 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/18 04:26:08.0019 6676 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/09/18 04:26:08.0029 6676 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/18 04:26:08.0029 6676 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/18 04:26:08.0039 6676 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/18 04:26:08.0049 6676 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/18 04:26:08.0059 6676 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/09/18 04:26:08.0059 6676 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/18 04:26:08.0069 6676 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
2011/09/18 04:26:08.0079 6676 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/18 04:26:08.0089 6676 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/09/18 04:26:08.0099 6676 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/09/18 04:26:08.0099 6676 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2011/09/18 04:26:08.0129 6676 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/18 04:26:08.0139 6676 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
2011/09/18 04:26:08.0139 6676 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
2011/09/18 04:26:08.0149 6676 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/09/18 04:26:08.0159 6676 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/09/18 04:26:08.0179 6676 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/09/18 04:26:08.0189 6676 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/09/18 04:26:08.0189 6676 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/09/18 04:26:08.0199 6676 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/09/18 04:26:08.0219 6676 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/09/18 04:26:08.0219 6676 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/09/18 04:26:08.0229 6676 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/09/18 04:26:08.0229 6676 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/09/18 04:26:08.0249 6676 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/09/18 04:26:08.0249 6676 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/09/18 04:26:08.0259 6676 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/09/18 04:26:08.0269 6676 snapman (10450f432811d7fda60a97fcc674d7b2) C:\Windows\system32\DRIVERS\snapman.sys
2011/09/18 04:26:08.0279 6676 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/09/18 04:26:08.0299 6676 sptd (88e5162e58c8919cc873f5d8946197cf) C:\Windows\system32\Drivers\sptd.sys
2011/09/18 04:26:08.0299 6676 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 88e5162e58c8919cc873f5d8946197cf
2011/09/18 04:26:08.0299 6676 sptd - detected LockedFile.Multi.Generic (1)
2011/09/18 04:26:08.0309 6676 srv (ec8f67289105bf270498095f14963464) C:\Windows\system32\DRIVERS\srv.sys
2011/09/18 04:26:08.0319 6676 srv2 (f773d2ed090b7baa1c1a034f3ca476c8) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/18 04:26:08.0319 6676 srvnet (26e84d3649019c3244622e654dfcd75b) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/18 04:26:08.0339 6676 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/09/18 04:26:08.0349 6676 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
2011/09/18 04:26:08.0349 6676 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
2011/09/18 04:26:08.0359 6676 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/09/18 04:26:08.0389 6676 Tcpip (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\drivers\tcpip.sys
2011/09/18 04:26:08.0419 6676 TCPIP6 (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/18 04:26:08.0429 6676 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/18 04:26:08.0439 6676 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/09/18 04:26:08.0449 6676 tdrpman273 (99527d49ee0a96fc25537c61b270a372) C:\Windows\system32\DRIVERS\tdrpm273.sys
2011/09/18 04:26:08.0459 6676 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/09/18 04:26:08.0469 6676 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/18 04:26:08.0479 6676 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/09/18 04:26:08.0499 6676 timounter (ebbaea02f0095a798000c7e06b16d41b) C:\Windows\system32\DRIVERS\timntr.sys
2011/09/18 04:26:08.0509 6676 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/18 04:26:08.0519 6676 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/18 04:26:08.0529 6676 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/09/18 04:26:08.0529 6676 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/18 04:26:08.0549 6676 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/09/18 04:26:08.0549 6676 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/09/18 04:26:08.0559 6676 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/09/18 04:26:08.0569 6676 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
2011/09/18 04:26:08.0579 6676 usbbus (a760351af8b6d9e8d862db3b657a8bdd) C:\Windows\system32\DRIVERS\lgx64bus.sys
2011/09/18 04:26:08.0579 6676 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/18 04:26:08.0589 6676 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/09/18 04:26:08.0599 6676 UsbDiag (461cc33ce7cc38b696d4f04cd52640e4) C:\Windows\system32\DRIVERS\lgx64diag.sys
2011/09/18 04:26:08.0599 6676 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
2011/09/18 04:26:08.0609 6676 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/18 04:26:08.0619 6676 USBModem (c51cf486a3af418561077dd828ab70a1) C:\Windows\system32\DRIVERS\lgx64modem.sys
2011/09/18 04:26:08.0629 6676 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/09/18 04:26:08.0629 6676 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/09/18 04:26:08.0639 6676 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/09/18 04:26:08.0639 6676 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/09/18 04:26:08.0659 6676 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/09/18 04:26:08.0659 6676 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/18 04:26:08.0669 6676 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/09/18 04:26:08.0679 6676 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/09/18 04:26:08.0679 6676 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/09/18 04:26:08.0689 6676 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
2011/09/18 04:26:08.0699 6676 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
2011/09/18 04:26:08.0709 6676 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/09/18 04:26:08.0709 6676 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/09/18 04:26:08.0719 6676 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/09/18 04:26:08.0729 6676 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/09/18 04:26:08.0739 6676 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/09/18 04:26:08.0739 6676 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/09/18 04:26:08.0749 6676 wacmoumonitor (6b6718dc4b4597ec10f4f8c614282ee1) C:\Windows\system32\DRIVERS\wacmoumonitor.sys
2011/09/18 04:26:08.0759 6676 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys
2011/09/18 04:26:08.0769 6676 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/09/18 04:26:08.0769 6676 wacomvhid (26b430e7c5f598fe7353e3bc4b261321) C:\Windows\system32\DRIVERS\wacomvhid.sys
2011/09/18 04:26:08.0789 6676 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/18 04:26:08.0789 6676 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/18 04:26:08.0809 6676 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/09/18 04:26:08.0819 6676 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/18 04:26:08.0839 6676 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/09/18 04:26:08.0849 6676 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/09/18 04:26:08.0869 6676 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/09/18 04:26:08.0889 6676 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/18 04:26:08.0909 6676 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/09/18 04:26:08.0909 6676 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/18 04:26:08.0929 6676 xnacc (4a5ce13408945e525503b5f73d29b9c5) C:\Windows\system32\DRIVERS\xnacc.sys
2011/09/18 04:26:08.0939 6676 xusb21 (5aa532bbac7e34186edff24f72bcd61b) C:\Windows\system32\DRIVERS\xusb21.sys
2011/09/18 04:26:08.0949 6676 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
2011/09/18 04:26:08.0979 6676 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk3\DR3
2011/09/18 04:26:08.0979 6676 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk4\DR4
2011/09/18 04:26:08.0989 6676 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/09/18 04:26:08.0989 6676 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
2011/09/18 04:26:09.0019 6676 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
2011/09/18 04:26:09.0029 6676 Boot (0x1200) (87e361d687c259c90e77444edbde1072) \Device\Harddisk3\DR3\Partition0
2011/09/18 04:26:09.0039 6676 Boot (0x1200) (187aab5e4c6104c55a523191caf47268) \Device\Harddisk4\DR4\Partition0
2011/09/18 04:26:09.0039 6676 Boot (0x1200) (1614f0664974f8acc68a5b782a7dce56) \Device\Harddisk0\DR0\Partition0
2011/09/18 04:26:09.0049 6676 Boot (0x1200) (25cf051f7953c7ca4d4e979f6fdc8153) \Device\Harddisk0\DR0\Partition1
2011/09/18 04:26:09.0059 6676 Boot (0x1200) (87bc019594ea9577769a390b945c6425) \Device\Harddisk1\DR1\Partition0
2011/09/18 04:26:09.0059 6676 Boot (0x1200) (6df51dd9e1aba8de3bf79eb7c3713b09) \Device\Harddisk2\DR2\Partition0
2011/09/18 04:26:09.0069 6676 ================================================================================
2011/09/18 04:26:09.0069 6676 Scan finished
2011/09/18 04:26:09.0069 6676 ================================================================================
2011/09/18 04:26:09.0069 6668 Detected object count: 1
2011/09/18 04:26:09.0069 6668 Actual detected object count: 1
2011/09/18 04:26:15.0249 6668 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/09/18 04:26:38.0220 6532 Deinitialize success

not sure what that locked file is about...
 
That's a legit file (Daemon tools).

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan:


On completion of the scan click "Save log", save it to your desktop and post in your next reply:


NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

==================================================================

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  1. Please, never rename Combofix unless instructed.
  2. Close any open browsers.
  3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  4. Double click on combofix.exe & follow the prompts.
  5. When finished, it will produce a report for you.
  6. Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.



Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to yourname.exe BEFORE saving it to your desktop.
Do NOT run it yet.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click Rkill and choose Run as Administrator

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.com
Rkill.scr
Rkill.exe

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 
My OS drive is a two SSD in RAID-0 and whenever I try to scan them the computer crashes. I think I may have to download the latest Intel Storage drivers or something because that's been happening for awhile now. Quick scans usually work fine but for some reason when I try to deep scan I get blue screens. May try to fiddle with my SSD apps and see if that changes anything.

EDIT: I might just clone my RAID array to a regular spindle drive and then do the scan. That way I can fix whatever is wrong and then just clone it back to the SSD's after I can declare it clean.
 
Status
Not open for further replies.

Similar threads

N
Hackers are exploiting Windows loophole to load malicious drivers
Replies
0
Views
398
nanoguy
N
midian182
Microsoft accused of malware-like tactics, again, in attempt to push users onto Bing
Replies
24
Views
781
Hotlynx16
H
Jimmy2x
International authorities bring NetWire's malware infrastructure to a standstill
Replies
3
Views
475
psycros
psycros

Latest posts

Back