Unable to run Windows updates; Error code 80072EFE...........

Hi MiketheGreaseMan,

Welcome to Dell Community Malware Removal Forums,

Sorry for the delay in getting to you, I'm K27 and i will be reviewing your log for you.

Please DO NOT run any scans/tools/fixes on your own as this will conflict with the tools we are going to use.

Please Print or Save to Notepad all instructions and please follow them carefully and if there's something you don't understand or that will not work please let me know and we will go through it together.

Please DO NOT use this system for anything apart from visiting this forum and other sites I direct you too, as this will only make the cleanup process all the more diffecult.

Failure to reply in three (3) days will result in this topic being closed and I will remove it from my notifications, If you require more time then that is fine but please let me know.

Please post me a fresh HJT log if you still require assistance.

Thanks.

I also have Mozilla Firefox as my web browser.  Windows Explorer is also installed, but the Firefox seems to work a little better.  Do these two browsers conflict in any way?

Regards,

Mike Fussell

Hi Mike,

I need to see some additional information about what is happening in your machine.
Please perform the following scan:

• Download DDS by sUBs from one of the following links. Save it to your desktop.
  • DDS.com
  • DDS.scr
  • DDS.pif
• Double click on the DDS icon, allow it to run.
• A small box will open, with an explanation about the tool.
• When done, DDS will open two (2) logs
  1. DDS.txt
  2. Attach.txt
• Save both reports to your desktop.
• The instructions here ask you to attach the Attach.txt.
  
• Instead of attaching, please copy/past both logs into your next reply.

   

   

• Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control HERE

Then please Disable all Anti-virus/Anti-Spyware/FireWall on your machine(instructions via links below)

• Anti Virus
• Anti Spyware
• Firewall

• And then please download Rootkit Unhooker and save it to your desktop.
  
• Double-click RKUnhookerLE.exe to run it.
• Click the Report tab, then click Scan
• Check Drivers, Stealth Code, Files, and Code Hooks
• Uncheck the rest, then click OK
• When prompted to Select Disks for Scan, make sure C:\ is checked and click OK
• Wait till the scanner has finished then go File > Save Report
• Save the report somewhere you can find it. Click Close
• This log may be very large so please use multiple posts if need be.

Note** you may get the following warning. It is ok, just ignore it.

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"

Please post both DDS logs and the RKU log back to me for review.

Thanks.

Here are the reports:

DDS (Ver_10-03-17.01) - NTFSx86 
Run by Mike's Laptop at  6:26:17.07 on Fri 09/03/2010
Internet Explorer: 8.0.6001.18928 BrowserJavaVersion: 1.6.0_18
Microsoft® Windows Vista™ Home Basic   6.0.6002.2.1252.1.1033.18.3573.1762 [GMT -5:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\aestsrv.exe
C:\Program Files\Common Files\Dell\apache\bin\httpd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Common Files\Dell\apache\bin\httpd.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\Windows\system32\CTsvcCDA.exe
C:\Program Files\Common Files\Dell\MySQL\bin\mysqld.exe
C:\Program Files\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
c:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Norton 360\Norton 360\Engine\3.0.0.135\ccSvcHst.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\ProgramData\UltraVNC\winvnc.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\ProgramData\UltraVNC\winvnc.exe
C:\Program Files\Norton 360\Norton 360\Engine\3.0.0.135\ccSvcHst.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Yahoo!\Companion\att\ToolbarSvr.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Mike's Laptop\Downloads\dds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uStart Page = https://login.yahoo.com/config/mail?.partner=sbc&.intl=us&.done=http%3A%2F%2Fus.mg203.mail.yahoo.com%2Fdc%2Flaunch%3F.partner%3Dsbc%26.gx%3D0%26.rand%3D274h1nr76k4ah
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2090526
uSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
mWinlogon: Userinit=c:\windows\system32\userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\norton 360\engine\3.0.0.135\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\norton 360\engine\3.0.0.135\IPSBHO.DLL
BHO: {8a9d74f9-560b-4fe7-abeb-3b2e638e5cd6} - BrowserHelper Class
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Panda Security Toolbar: {b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4} - c:\program files\panda security\panda security toolbar\PandaSecurityDx.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No File
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\norton 360\engine\3.0.0.135\coIEPlg.dll
TB: att.net Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Panda Security Toolbar: {b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4} - c:\program files\panda security\panda security toolbar\PandaSecurityDx.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
mRun: [ ]
mRun: [hpqSRMon]
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [PSUNMain] "c:\program files\panda security\panda cloud antivirus\PSUNMain.exe" /Traybar
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\aa documents\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [SpySweeper] "c:\program files\webroot\spy sweeper\SpySweeperUI.exe" /startintray
dRun: [eqwsypkl] c:\windows\system32\config\systemprofile\appdata\local\xbjivfnam\nkfrofushdw.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {38E51477-DDB4-4aed-9D61-D0C193E10749} - {38E51477-DDB4-4aed-9D61-D0C193E10749} - c:\program files\allmusicconverter\YouTubeRipper.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} - hxxp://archives.gametap.com/static/cab_headless/GameTapWebPlayer.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton 360\norton 360\engine\3.0.0.135\CoIEPlg.dll
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\mike's~1\appdata\roaming\mozilla\firefox\profiles\0q7qe93b.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://us.mg203.mail.yahoo.com/dc/launch?.partner=sbc&.gx=1&.rand=demh6s69mau5m|http://www.rushlimbaugh.com/home/today.guest.html|http://www.facebook.com/Give100ofSomething|http://www.manofest.com/|http://linkiest.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=panda&type=panda1_0yatb&p=
FF - component: c:\program files\panda security\panda id protect\firefox\components\FFKeypad.dll
FF - component: c:\users\mike's laptop\appdata\roaming\mozilla\firefox\profiles\0q7qe93b.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\winnt_x86-msvc\components\WeaveCrypto.dll
FF - component: c:\users\mike's laptop\appdata\roaming\mozilla\firefox\profiles\0q7qe93b.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
FF - component: c:\users\mike's laptop\appdata\roaming\mozilla\firefox\profiles\0q7qe93b.default\extensions\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}\components\dtTransparency.dll
FF - component: c:\users\mike's laptop\appdata\roaming\mozilla\firefox\profiles\0q7qe93b.default\extensions\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}\components\dtTransparency3.5.dll
FF - component: c:\users\mike's laptop\appdata\roaming\mozilla\firefox\profiles\0q7qe93b.default\extensions\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}\components\dtTransparency3.6.dll
FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1601.7122\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\users\mike's laptop\appdata\local\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: google.toolbar.linkdoctor.enabled - false
FF - user.js: yahoo.ytff.general.dontshowhpoffer - truec:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",   1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type",                  5);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size",  4096);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug",            false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight",       2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize",       1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",   25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",     5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 cdburner;cdburner;c:\windows\system32\drivers\cdburner.sys [2009-8-9 15872]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2010-7-31 28552]
R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\drivers\ssfs0bbc.sys [2009-11-6 29808]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0300000.087\SymEFA.sys [2010-2-2 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\n360\0300000.087\BHDrvx86.sys [2010-2-2 258608]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0300000.087\cchpx86.sys [2010-2-2 482352]
R1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\elrawdsk.sys [2009-5-27 20392]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20100901.003\IDSvix86.sys [2010-9-2 344112]
R1 PSINKNC;PSINKNC;c:\windows\system32\drivers\PSINKNC.sys [2010-5-4 125960]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2009-5-27 73728]
R2 Apache2.2;Remote Access Media Server;c:\program files\common files\dell\apache\bin\httpd.exe [2007-9-21 15872]
R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-12-18 155648]
R2 dsl-db;Remote Access DB;c:\program files\common files\dell\mysql\bin\mysqld.exe [2007-9-14 5730304]
R2 dsl-fs-sync;Remote Access File Sync Service;c:\program files\common files\dell\remote access file sync service\dsl_fs_sync.exe [2009-1-5 173296]
R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2009-5-27 600944]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2009-5-27 600944]
R2 N360;Norton 360;c:\program files\norton 360\norton 360\engine\3.0.0.135\ccSvcHst.exe [2010-2-2 115560]
R2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\panda security\panda cloud antivirus\PSANHost.exe [2010-4-30 136448]
R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [2010-5-27 141384]
R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [2010-4-30 99336]
R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [2010-4-30 111112]
R2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [2010-5-12 111176]
R2 uvnc_service;UltraVNC Server;c:\programdata\ultravnc\winvnc.exe -service --> c:\programdata\ultravnc\winvnc.exe -service [?]
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine;c:\program files\webroot\spy sweeper\SpySweeper.exe [2009-11-6 4048240]
R2 WRConsumerService;Webroot Client Service;c:\program files\webroot\spy sweeper\WRConsumerService.exe [2010-2-4 1201640]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-5-28 102448]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2009-5-26 111616]
R3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [2009-8-9 23096]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\system32\drivers\n360\0300000.087\symndisv.sys [2010-2-2 39984]
R3 TotRec7;Total Recorder WDM audio driver;c:\windows\system32\drivers\TotRec7.sys [2010-4-12 131664]
R3 TotRec8;Total Recorder WDM audio filter driver;c:\windows\system32\drivers\TotRec8.sys [2010-5-7 91728]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-5-2 136176]
S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxLiveShare10.exe [2008-5-14 309744]
S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxWatch10.exe [2008-5-14 166384]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\npf.sys [2009-8-15 34064]
S3 PCD5SRVC{3F6A8B78-EC003E00-05040104};PCD5SRVC{3F6A8B78-EC003E00-05040104} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\dellsu~1\hwdiag\bin\PCD5SRVC.pkms [2008-11-4 22904]
S3 PTDMBus;PANTECH USB Modem Composite Device Driver ;c:\windows\system32\drivers\PTDMBus.sys [2009-9-12 29952]
S3 PTDMMdm;PANTECH USB Modem Drivers ;c:\windows\system32\drivers\PTDMMdm.sys [2009-9-12 41856]
S3 PTDMVsp;PANTECH USB Modem Serial Port ;c:\windows\system32\drivers\PTDMVsp.sys [2009-9-12 39936]
S3 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe [2008-5-14 1120752]
S3 SMServer;SMServer;c:\windows\system32\snmvtsvc.exe [2009-8-9 245760]

============== File Associations ===============

JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1

=============== Created Last 30 ================

2010-09-02 11:12:56    0    d-----w-    c:\program files\Trend Micro
2010-09-01 08:27:21    38656    ----a-w-    c:\windows\system32\drivers\Capt905c.sys
2010-09-01 08:27:20    26496    ----a-w-    c:\windows\system32\drivers\Camd905c.sys
2010-09-01 08:27:07    0    d-----w-    c:\program files\MyDSC2
2010-09-01 08:18:38    18688    ----a-w-    c:\windows\system32\drivers\afc.sys
2010-09-01 08:16:00    212480    ----a-w-    c:\windows\PCDLIB32.DLL
2010-08-22 21:36:29    0    d-----w-    c:\users\mike's~1\appdata\roaming\Malwarebytes
2010-08-22 21:36:14    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-22 21:36:12    0    d-----w-    c:\programdata\Malwarebytes
2010-08-22 21:36:11    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-08-18 07:06:53    443459902    ----a-w-    c:\windows\MEMORY.DMP
2010-08-17 09:24:48    0    d-----w-    c:\windows\system32\catroot2
2010-08-10 10:15:58    94208    ----a-w-    c:\windows\system32\QuickTimeVR.qtx
2010-08-10 10:15:58    69632    ----a-w-    c:\windows\system32\QuickTime.qts

==================== Find3M  ====================

2010-09-01 10:19:35    51200    ----a-w-    c:\windows\inf\infpub.dat
2010-09-01 10:19:35    143360    ----a-w-    c:\windows\inf\infstrng.dat
2010-09-01 10:19:23    143360    ----a-w-    c:\windows\inf\infstor.dat
2010-08-01 01:47:23    242184    ----a-w-    c:\users\mike's laptop\PandaCloudAntivirus.exe
2010-06-05 18:42:03    23115    ----a-w-    c:\windows\hpqins15.dat
2009-11-17 10:12:15    665600    ----a-w-    c:\windows\inf\drvindex.dat
2009-07-30 14:56:08    4637952    ----a-w-    c:\program files\common files\lpuninstall.exe
2008-01-21 02:57:01    174    --sha-w-    c:\program files\desktop.ini
2006-11-02 12:39:34    30674    ----a-w-    c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:39:34    30674    ----a-w-    c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:39:34    287440    ----a-w-    c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:39:34    287440    ----a-w-    c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21    287440    ----a-w-    c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21    287440    ----a-w-    c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19    30674    ----a-w-    c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19    30674    ----a-w-    c:\windows\inf\perflib\0000\perfc.dat
2010-04-29 06:06:35    16384    --sha-w-    c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2010-04-29 06:06:35    32768    --sha-w-    c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2010-04-29 06:06:35    16384    --sha-w-    c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat
2009-12-08 08:35:04    245760    --sha-w-    c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
2009-09-18 02:16:58    32768    --sha-w-    c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009091720090918\index.dat
2009-09-18 16:34:32    32768    --sha-w-    c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009091820090919\index.dat
2009-09-19 16:31:06    32768    --sha-w-    c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009091920090920\index.dat
2009-09-21 10:02:54    32768    --sha-w-    c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009092120090922\index.dat
2009-10-02 07:34:40    32768    --sha-w-    c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009100220091003\index.dat
2009-10-03 23:58:16    32768    --sha-w-    c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009100320091004\index.dat
2009-10-16 07:32:58    32768    --sha-w-    c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009101620091017\index.dat
2009-10-19 00:40:43    32768    --sha-w-    c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009101820091019\index.dat
2009-10-21 16:16:33    32768    --sha-w-    c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009102120091022\index.dat
2009-10-27 07:04:03    32768    --sha-w-    c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009102720091028\index.dat
2009-11-04 18:54:01    32768    --sha-w-    c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009110420091105\index.dat
2009-11-07 07:36:12    32768    --sha-w-    c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009110720091108\index.dat
2009-11-10 19:38:01    32768    --sha-w-    c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009111020091111\index.dat
2009-11-13 07:46:17    32768    --sha-w-    c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009111320091114\index.dat
2009-11-19 07:38:30    32768    --sha-w-    c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009111920091120\index.dat
2009-11-21 07:23:36    32768    --sha-w-    c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009112120091122\index.dat
2009-11-22 07:30:26    32768    --sha-w-    c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009112220091123\index.dat
2009-11-26 08:27:14    32768    --sha-w-    c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009112620091127\index.dat
2009-11-28 19:21:29    32768    --sha-w-    c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009112820091129\index.dat
2009-12-21 18:58:55    32768    --sha-w-    c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009122120091222\index.dat
2009-11-28 19:21:29    16384    --sha-w-    c:\windows\system32\config\systemprofile\appdata\roaming\microsoft\windows\iecompatcache\index.dat
2009-11-26 08:27:14    16384    --sha-w-    c:\windows\system32\config\systemprofile\appdata\roaming\microsoft\windows\privacie\index.dat
2009-05-26 21:24:55    8192    --sha-w-    c:\windows\users\default\NTUSER.DAT

============= FINISH:  6:29:11.56 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume3
Install Date: 5/27/2009 1:23:25 PM
System Uptime: 9/2/2010 6:00:18 AM (24 hours ago)

Motherboard: Dell Inc. |  | 0U990C
Processor: Intel(R) Core(TM)2 Duo CPU     T5800  @ 2.00GHz | Microprocessor | 2000/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 215 GiB total, 53.54 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 8.913 GiB free.
E: is CDROM (CDFS)
Y: is FIXED (FAT32) - 149 GiB total, 20.612 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Officejet J6400 series
Device ID: ROOT\IMAGE\0000
Manufacturer: HP
Name: Officejet J6400 series
PNP Device ID: ROOT\IMAGE\0000
Service: StillCam

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet J6400 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet J6400 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:

Class GUID: {4d36e979-e325-11ce-bfc1-08002be10318}
Description: Officejet J6400 series
Device ID: ROOT\PRINTER\0000
Manufacturer: HP
Name: Officejet J6400 series
PNP Device ID: ROOT\PRINTER\0000
Service:

==== System Restore Points ===================


==== Installed Programs ======================

32 Bit HP CIO Components Installer
6400_Help
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.2
Advanced Audio FX Engine
Advanced Video FX Engine
AllMusicConverter 3.8.7
Apple Application Support
Apple Mobile Device Support
ArcSoft PhotoImpression 5
ATT-RC Self Support Tool
att.net Toolbar
Audacity 1.3.12 (Unicode)
AVS Update Manager 1.0 (Update Version)
AVS Video Recorder 2.4
AVS YouTube Uploader version 2.1
AVS4YOU Software Navigator 1.4
Banctec Service Agreement
BlackBerry Desktop Software 4.6
BlackBerry Device Software Updater
BlackBerry Device Software v4.6.0 for the BlackBerry 9000 smartphone
Bonjour
bpd_scan
BPDSoftware
BPDSoftware_Ini
Browser Address Error Redirector
BufferChm
CCleaner
CCScore
Compatibility Pack for the 2007 Office system
Conexant HDA D330 MDC V.92 Modem
Creative MediaSource 5
CustomerResearchQFolder
Dell Best of Web
Dell DataSafe Online
Dell Dock
Dell Edoc Viewer
Dell PC TuneUp
Dell Remote Access
Dell Support Center (Support Software)
Dell Touchpad
Dell Webcam Center
Dell Webcam Manager
DELL0703
Destination Component
DeviceDiscovery
DeviceManagementQFolder
Digital Line Detect
DirectXInstallService
DOC to Image Converter 2.00
DocMgr
DocProc
DocProcQFolder
DVDx 2
E.M. Free Youtube Download Tool 3.03
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
eSupportQFolder
Fax
ffdshow [rev 2527] [2008-12-19]
fflink
FFmpeg for Audacity on Windows
GEAR driver installer for x86 and x64
Google Earth
Google Update Helper
Google Updater
GoToAssist 8.0.0.514
GPBaseService
GPBaseService2
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 10.0
HP Document Manager 1.0
HP Imaging Device Functions 10.0
HP Officejet J6400 Series
HP Photosmart Essential 2.5
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
HPProductAssistant
HPSSupply
Intel(R) Matrix Storage Manager
Intel(R) PROSet/Wireless Software
iTunes
J6400
Java Auto Updater
Java(TM) 6 Update 18
kgcbaby
kgcbase
kgchday
kgchlwn
kgcinvt
kgckids
kgcmove
kgcvday
Kodak EasyShare software
Laptop Integrated Webcam Driver (1.03.02.0719) 
Malwarebytes' Anti-Malware
MarketResearch
McAfee Security Scan Plus
mCore
MediaCoder 0.6.1
MediaDirect
mHelp
Microsoft .NET Framework 3.5 SP1
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Edition 2003
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
mMHouse
Modem Diagnostic Tool
Mozilla Firefox (3.6.8)
mPfMgr
MSVCSetup
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
mWMI
MyDSC2
Napster
Napster Burn Engine
netbrdg
NetDeviceManager
Norton 360
OCR Software by I.R.I.S. 10.0
OfotoXMI
OGA Notifier 2.0.0048.0
OutlookAddinSetup
Panda ActiveScan 2.0
Panda Cloud Antivirus
Panda Identity Protect 3.0.44
Panda Security Toolbar
PANTECH PC USB Modem Software
ProductContext
PSSWCORE
QuickSet
QuickTime
Roxio Activation Module
Roxio CinePlayer Decoder Pack
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator Premier
Roxio Creator Premier 10
Roxio Creator Tools
Roxio Express Labeler
Roxio Media Manager
Roxio Update Manager
Scan
SFR
SHASTA
Shop for HP Supplies
skin0001
SKINXSDK
SmartWebPrinting
SolutionCenter
Sound Blaster Audigy ADVANCED MB
Spy Sweeper Core
staticcr
Status
Toolbox
tooltips
Total Recorder 8.1
TrayApp
Ultra Defragmenter
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VideoToolkit01
VPRINTOL
VZAccess Manager
WebReg
Webroot AntiVirus with Spy Sweeper
WildTangent Games
Windows Installer Clean Up
Windows Live OneCare safety scanner
WIRELESS
Wisdom-soft ScreenHunter 5.1 Free
Yahoo! BrowserPlus 2.9.8
Yahoo! Software Update
Yahoo! Widgets

==== End Of File ===========================

Here is the RootKit Report:

RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows Vista
Version 6.0.6002 (Service Pack 2)
Number of processors #2
==============================================
>Drivers
==============================================
0x8FA02000 C:\Windows\system32\DRIVERS\igdkmd32.sys 6606848 bytes (Intel Corporation, Intel Graphics Kernel Mode Driver)
0x82042000 C:\Windows\system32\ntkrnlpa.exe 3903488 bytes (Microsoft Corporation, NT Kernel & System)
0x82042000 PnpManager 3903488 bytes
0x82042000 RAW 3903488 bytes
0x82042000 WMIxWDM 3903488 bytes
0x9040A000 C:\Windows\system32\DRIVERS\NETw4v32.sys 2265088 bytes (Intel Corporation, Intel® Wireless WiFi Link Driver)
0xA38A0000 Win32k 2109440 bytes
0xA38A0000 C:\Windows\System32\win32k.sys 2109440 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0x92200000 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100902.050\NAVEX15.SYS 1359872 bytes (Symantec Corporation, AV Engine)
0x8BA0B000 C:\Windows\System32\Drivers\Ntfs.sys 1114112 bytes (Microsoft Corporation, NT File System Driver)
0x82609000 C:\Windows\SYSTEM32\Drivers\NDIS.SYS 1093632 bytes (Microsoft Corporation, NDIS 6.0 wrapper driver)
0x90A0C000 C:\Windows\system32\DRIVERS\HSX_DPV.sys 1056768 bytes (Conexant Systems, Inc., HSF_DP driver)
0x82E7B000 C:\Windows\System32\drivers\tcpip.sys 958464 bytes (Microsoft Corporation, TCP/IP Driver)
0x804D4000 C:\Windows\system32\CI.dll 917504 bytes (Microsoft Corporation, Code Integrity Module)
0xB9C77000 C:\Windows\system32\drivers\peauth.sys 909312 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x9AA97000 C:\Windows\System32\Drivers\dump_iaStor.sys 815104 bytes
0x82C03000 C:\Windows\system32\drivers\iastor.sys 815104 bytes (Intel Corporation, Intel Matrix Storage Manager driver - ia32)
0x90B0E000 C:\Windows\system32\DRIVERS\HSX_CNXT.sys 741376 bytes (Conexant Systems, Inc., HSF_CNXT driver)
0x8F600000 C:\Windows\system32\drivers\spsys.sys 720896 bytes (Microsoft Corporation, security processor)
0x9004F000 C:\Windows\System32\drivers\dxgkrnl.sys 659456 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x90154000 C:\Windows\system32\DRIVERS\HDAudBus.sys 577536 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0x80602000 C:\Windows\system32\drivers\Wdf01000.sys 507904 bytes (Microsoft Corporation, WDF Dynamic)
0x9A75A000 C:\Windows\system32\drivers\N360\0300000.087\ccHPx86.sys 503808 bytes (Symantec Corporation, Common Client Hash Provider Driver)
0x82E0A000 C:\Windows\System32\Drivers\ksecdd.sys 462848 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0x8040A000 C:\Windows\system32\mcupdate_GenuineIntel.dll 458752 bytes (Microsoft Corporation, Intel Microcode Update Library)
0xB8A51000 C:\Windows\system32\drivers\HTTP.sys 446464 bytes (Microsoft Corporation, HTTP Protocol Stack)
0x9A6C8000 C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 385024 bytes (Symantec Corporation, Symantec Eraser Control Driver)
0x9A66C000 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100901.003\IDSvix86.sys 360448 bytes (Symantec Corporation, IDS Core Driver)
0x90C0E000 C:\Windows\system32\drivers\stwrt.sys 348160 bytes (IDT, Inc., NDHF)
0x90CB8000 C:\Windows\system32\drivers\N360\0300000.087\SRTSP.SYS 335872 bytes (Symantec Corporation, Symantec AutoProtect)
0x9068E000 C:\Windows\system32\DRIVERS\rixdptsk.sys 331776 bytes (REDC, RICOH XD SM Driver)
0x82D5C000 C:\Windows\system32\drivers\N360\0300000.087\SYMEFA.SYS 323584 bytes (Symantec Corporation, Symantec Extended File Attributes)
0xB9C0D000 C:\Windows\System32\DRIVERS\srv.sys 319488 bytes (Microsoft Corporation, Server driver)
0x82746000 C:\Windows\System32\drivers\volmgrx.sys 303104 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x807B5000 C:\Windows\system32\drivers\afd.sys 294912 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x8068B000 C:\Windows\system32\drivers\acpi.sys 286720 bytes (Microsoft Corporation, ACPI Driver for NT)
0x8F7B2000 C:\Windows\system32\DRIVERS\yk60x86.sys 286720 bytes (Marvell, NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller)
0x9AA0A000 C:\Windows\system32\drivers\N360\0300000.087\BHDrvx86.sys 270336 bytes (Symantec Corporation, BASH Driver)
0x80493000 C:\Windows\system32\CLFS.SYS 266240 bytes (Microsoft Corporation, Common Log File System Driver)
0x90796000 C:\Windows\system32\DRIVERS\storport.sys 266240 bytes (Microsoft Corporation, Microsoft Storage Port Driver)
0x90107000 C:\Windows\system32\DRIVERS\USBPORT.SYS 253952 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x827C2000 C:\Windows\system32\DRIVERS\HSXHWAZL.sys 249856 bytes (Conexant Systems, Inc., HSF_HWAZL WDM driver)
0x9A604000 C:\Windows\system32\DRIVERS\rdbss.sys 245760 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0x8077A000 C:\Windows\SYSTEM32\Drivers\NETIO.SYS 241664 bytes (Microsoft Corporation, Network I/O Subsystem)
0x90C7C000 C:\Windows\system32\DRIVERS\OEM02Dev.sys 237568 bytes (Creative Technology Ltd., Video Capture Device Driver)
0xB8B49000 C:\Windows\system32\DRIVERS\mrxsmb10.sys 233472 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x8BB1B000 C:\Windows\system32\drivers\volsnap.sys 233472 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0x82DB5000 C:\Windows\system32\DRIVERS\usbhub.sys 217088 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x90D43000 C:\Windows\system32\drivers\N360\0300000.087\SYMTDI.SYS 212992 bytes (Symantec Corporation, Network Dispatch Driver)
0x8200F000 ACPI_HAL 208896 bytes
0x8200F000 C:\Windows\system32\hal.dll 208896 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x82D1A000 C:\Windows\system32\drivers\fltmgr.sys 204800 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0x805B4000 C:\Windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x90767000 C:\Windows\system32\DRIVERS\msiscsi.sys 192512 bytes (Microsoft Corporation, Microsoft iSCSI Initiator Driver)
0x80721000 C:\Windows\SYSTEM32\Drivers\SSIDRV.SYS 188416 bytes (Webroot Software, Inc. (www.webroot.com), Spy Sweeper Interdiction Driver)
0x8F6FF000 C:\Windows\system32\drivers\portcls.sys 184320 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x906F2000 C:\Windows\system32\DRIVERS\Apfiltr.sys 180224 bytes (Alps Electric Co., Ltd., Alps Touch Pad Driver)
0x8074F000 C:\Windows\SYSTEM32\Drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x8F751000 C:\Windows\system32\drivers\ks.sys 172032 bytes (Microsoft Corporation, Kernel CSA Library)
0xB8A0A000 C:\Windows\system32\DRIVERS\nwifi.sys 172032 bytes (Microsoft Corporation, NativeWiFi Miniport Driver)
0x8F6D5000 C:\Windows\system32\drivers\TotRec7.sys 172032 bytes (High Criteria inc., Total Recorder WDM audio driver (Professional Edition))
0x9AA4C000 C:\Windows\System32\Drivers\fastfat.SYS 163840 bytes (Microsoft Corporation, Fast FAT File System Driver)
0x8BB6B000 C:\Windows\System32\drivers\ecache.sys 159744 bytes (Microsoft Corporation, Special Memory Device Cache)
0x806E2000 C:\Windows\system32\drivers\pci.sys 159744 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0x9AB92000 C:\Windows\system32\DRIVERS\PSINAflt.sys 159744 bytes (Panda Security, S.L., PSINAflt Filter Driver for Vista32)
0xB8B9A000 C:\Windows\System32\DRIVERS\srv2.sys 159744 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x82CF4000 C:\Windows\system32\DRIVERS\SCSIPORT.SYS 155648 bytes (Microsoft Corporation, SCSI Port Driver)
0x8F72C000 C:\Windows\system32\drivers\drmk.sys 151552 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0x9234C000 C:\Windows\system32\Drivers\SYMEVENT.SYS 151552 bytes (Symantec Corporation, Symantec Event Library)
0x82F80000 C:\Windows\system32\DRIVERS\ndiswan.sys 143360 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x9A640000 C:\Windows\system32\DRIVERS\psinknc.sys 139264 bytes (Panda Security, S.L., PSINKNC Kernel Controller for Vista32)
0x8BBA3000 C:\Windows\system32\drivers\CLASSPNP.SYS 135168 bytes (Microsoft Corporation, SCSI Class System Dll)
0x90BC3000 C:\Windows\system32\drivers\IntcHdmi.sys 135168 bytes (Intel(R) Corporation, Intel(R) High Definition Audio HDMI)
0xB8B09000 C:\Windows\system32\drivers\mrxdav.sys 135168 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0x923B8000 C:\Windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0xB8B2A000 C:\Windows\system32\DRIVERS\mrxsmb.sys 126976 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x8F77B000 C:\Windows\system32\drivers\TotRec8.sys 126976 bytes (High Criteria inc., Total Recorder WDM audio filter driver (Professional Edition))
0x82CD2000 C:\Windows\system32\drivers\ataport.SYS 122880 bytes (Microsoft Corporation, ATAPI Driver Extension)
0x9A7D5000 C:\Windows\system32\DRIVERS\PSINProc.sys 122880 bytes (Panda Security, S.L., PSINProc Filter Driver for Vista32)
0x9ABB9000 C:\Windows\system32\DRIVERS\PSINProt.sys 122880 bytes (Panda Security, S.L., PSINProt for Vista32)
0x9A726000 C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 118784 bytes (Symantec Corporation, Symantec Eraser Utility Driver)
0xB8ABE000 C:\Windows\System32\DRIVERS\srvnet.sys 118784 bytes (Microsoft Corporation, Server Network driver)
0x9ABD7000 C:\Windows\system32\DRIVERS\PSINFile.sys 114688 bytes (Panda Security, S.L., PSINFile Filter Driver for Vista32)
0x82F65000 C:\Windows\System32\drivers\fwpkclnt.sys 110592 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x9AB77000 C:\Windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, LUA File Virtualization Filter Driver)
0x90651000 C:\Windows\system32\DRIVERS\sdbus.sys 106496 bytes (Microsoft Corporation, SecureDigital Bus Driver)
0xB8ADB000 C:\Windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x9073C000 C:\Windows\system32\DRIVERS\cdrom.sys 98304 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xB8B82000 C:\Windows\system32\DRIVERS\mrxsmb20.sys 98304 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x9A743000 C:\Windows\System32\Drivers\dfsc.sys 94208 bytes (Microsoft Corporation, DFS Namespace Client Driver)
0x901E1000 C:\Windows\system32\DRIVERS\rasl2tp.sys 94208 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0x90C63000 C:\Windows\system32\DRIVERS\usbccgp.sys 94208 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)
0x9AA74000 C:\Windows\system32\DRIVERS\cdfs.sys 90112 bytes (Microsoft Corporation, CD-ROM File System Driver)
0x90DD4000 C:\Windows\system32\DRIVERS\pacer.sys 90112 bytes (Microsoft Corporation, QoS Packet Scheduler)
0x90D2D000 C:\Windows\system32\DRIVERS\tdx.sys 90112 bytes (Microsoft Corporation, TDI Translation Driver)
0xB8AF4000 C:\Windows\System32\drivers\mpsdrv.sys 86016 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x82FB7000 C:\Windows\system32\DRIVERS\rassstp.sys 86016 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)
0x90DAB000 C:\Windows\system32\drivers\N360\0300000.087\SYMFW.SYS 86016 bytes (Symantec Corporation, Firewall Filter Driver)
0x90D0A000 C:\Windows\system32\DRIVERS\USBSTOR.SYS 86016 bytes (Microsoft Corporation, USB Mass Storage Class Driver)
0xB9DCD000 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100902.050\NAVENG.SYS 81920 bytes (Symantec Corporation, AV Engine)
0x82FA3000 C:\Windows\system32\DRIVERS\raspptp.sys 81920 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x9067A000 C:\Windows\system32\DRIVERS\rimsptsk.sys 81920 bytes (REDC, RICOH MS Driver)
0x90DC0000 C:\Windows\system32\DRIVERS\smb.sys 81920 bytes (Microsoft Corporation, SMB Transport driver)
0x906DF000 C:\Windows\system32\DRIVERS\i8042prt.sys 77824 bytes (Microsoft Corporation, i8042 Port Driver)
0xB8A3E000 C:\Windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x90BE4000 C:\Windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0x8BB92000 C:\Windows\system32\drivers\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x82FE9000 C:\Windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)
0x8047A000 C:\Windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Platform Specific Hardware Error Driver)
0x82D4C000 C:\Windows\system32\drivers\fileinfo.sys 65536 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x90D80000 C:\Windows\system32\DRIVERS\HIDCLASS.SYS 65536 bytes (Microsoft Corporation, Hid Class Library)
0x8F6B0000 C:\Windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x827AC000 C:\Windows\System32\drivers\mountmgr.sys 65536 bytes (Microsoft Corporation, Mount Point Manager)
0x90633000 C:\Windows\system32\DRIVERS\ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0x82FCC000 C:\Windows\system32\DRIVERS\termdd.sys 65536 bytes (Microsoft Corporation, Terminal Server Driver)
0x8F7A3000 C:\Windows\system32\DRIVERS\intelppm.sys 61440 bytes (Microsoft Corporation, Processor Device Driver)
0x9AB68000 C:\Windows\system32\DRIVERS\monitor.sys 61440 bytes (Microsoft Corporation, Monitor Driver)
0x8BB5C000 C:\Windows\System32\Drivers\mup.sys 61440 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0x80709000 C:\Windows\System32\drivers\partmgr.sys 61440 bytes (Microsoft Corporation, Partition Management Driver)
0x8BBE5000 C:\Windows\system32\DRIVERS\raspppoe.sys 61440 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x9066B000 C:\Windows\system32\DRIVERS\rimmptsk.sys 61440 bytes (REDC, RICOH SD Driver)
0x90145000 C:\Windows\system32\DRIVERS\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x82737000 C:\Windows\system32\drivers\volmgr.sys 61440 bytes (Microsoft Corporation, Volume Manager Driver)
0x90643000 C:\Windows\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0xA3AE0000 C:\Windows\System32\cdd.dll 57344 bytes (Microsoft Corporation, Canonical Display Driver)
0x90C00000 C:\Windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x90D1F000 C:\Windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x82797000 C:\Windows\system32\DRIVERS\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0x9AA8A000 C:\Windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x907E9000 C:\Windows\system32\drivers\modem.sys 53248 bytes (Microsoft Corporation, Modem Device Driver)
0xB9DB9000 C:\Windows\System32\Drivers\STREAM.SYS 53248 bytes (Microsoft Corporation, WDM CODEC Class Device Driver 2.0)
0x82FDC000 C:\Windows\system32\DRIVERS\umbus.sys 53248 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x8067E000 C:\Windows\system32\drivers\WDFLDR.SYS 53248 bytes (Microsoft Corporation, WDFLDR)
0x90D9F000 C:\Windows\system32\drivers\N360\0300000.087\SYMNDISV.SYS 49152 bytes (Symantec Corporation, NDIS Filter Driver)
0xB9D5F000 C:\Windows\System32\drivers\tcpipreg.sys 49152 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0x923AC000 C:\Windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x900F0000 C:\Windows\System32\drivers\watchdog.sys 49152 bytes (Microsoft Corporation, Watchdog Driver)
0x90729000 C:\Windows\system32\DRIVERS\kbdclass.sys 45056 bytes (Microsoft Corporation, Keyboard Class Driver)
0x9071E000 C:\Windows\system32\DRIVERS\mouclass.sys 45056 bytes (Microsoft Corporation, Mouse Class Driver)
0x923E9000 C:\Windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x8BBDA000 C:\Windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x8271F000 C:\Windows\system32\DRIVERS\ssfs0bbc.sys 45056 bytes (Webroot Software, Inc. (www.webroot.com), Spy Sweeper FileSystem Filter Driver)
0x82714000 C:\Windows\SYSTEM32\Drivers\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)
0x8F6CA000 C:\Windows\system32\DRIVERS\tunnel.sys 45056 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x900FC000 C:\Windows\system32\DRIVERS\usbuhci.sys 45056 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0x8272D000 C:\Windows\system32\DRIVERS\BATTC.SYS 40960 bytes (Microsoft Corporation, Battery Class Driver)
0xB9DAF000 C:\Windows\System32\Drivers\Capt905c.sys 40960 bytes (Service & Quality Technology., Universal Serial Bus Camera Driver)
0x9AB5E000 C:\Windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x90400000 C:\Windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x907D7000 C:\Windows\system32\drivers\MusCAudio.sys 40960 bytes (Windows (R) Codename Longhorn DDK provider, Support Device)
0xB8A34000 C:\Windows\system32\DRIVERS\ndisuio.sys 40960 bytes (Microsoft Corporation, NDIS User mode I/O driver)
0x9A662000 C:\Windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0x82DAB000 C:\Windows\System32\Drivers\PxHelp20.sys 40960 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xB9D55000 C:\Windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0x9238B000 C:\Windows\system32\drivers\N360\0300000.087\SRTSPX.SYS 40960 bytes (Symantec Corporation, Symantec AutoProtect)
0x8BBC4000 C:\Windows\system32\drivers\crcdisk.sys 36864 bytes (Microsoft Corporation, Disk Block Verification Filter Driver)
0x92395000 C:\Windows\System32\Drivers\Fs_Rec.SYS 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0x90D77000 C:\Windows\system32\DRIVERS\hidusb.sys 36864 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xB9DE1000 C:\Windows\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0x923F4000 C:\Windows\System32\DRIVERS\rasacd.sys 36864 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0x80718000 C:\Windows\SYSTEM32\Drivers\SSHRMD.SYS 36864 bytes (Webroot Software, Inc. (www.webroot.com), Spy Sweeper Mini Driver)
0x90DEA000 C:\Windows\system32\DRIVERS\SymIMv.sys 36864 bytes (Symantec Corporation, NDIS 6.0 Filter Driver for Windows Vista)
0xA3AC0000 C:\Windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x8F79A000 C:\Windows\system32\DRIVERS\tunmp.sys 36864 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x9075E000 C:\Windows\system32\DRIVERS\wmiacpi.sys 36864 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
0x806D1000 C:\Windows\system32\drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x90734000 C:\Windows\system32\drivers\Afc.sys 32768 bytes (Arcsoft, Inc., Arcsoft(R) ASPI Shell)
0x82CCA000 C:\Windows\system32\drivers\atapi.sys 32768 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x8048B000 C:\Windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x90D97000 C:\Windows\system32\DRIVERS\mouhid.sys 32768 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0x806DA000 C:\Windows\system32\drivers\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x923D9000 C:\Windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x923E1000 C:\Windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x907E1000 C:\Windows\System32\Drivers\RootMdm.sys 32768 bytes (Microsoft Corporation, Legacy Non-Pnp Modem Device Driver)
0x8BB54000 C:\Windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0xB9D6B000 C:\Windows\system32\DRIVERS\xaudio.sys 32768 bytes (Conexant Systems, Inc., Modem Audio Device Driver)
0x923A5000 C:\Windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0xB9DC6000 C:\Windows\System32\Drivers\Camd905c.SYS 28672 bytes (Service & Quality Technology., Universal Serial Bus Camera Driver)
0x90D90000 C:\Windows\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0x82790000 C:\Windows\system32\DRIVERS\intelide.sys 28672 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0x80403000 C:\Windows\system32\kdcom.dll 28672 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0x9239E000 C:\Windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x827A5000 C:\Windows\system32\drivers\pciide.sys 28672 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0x907F6000 C:\Windows\system32\DRIVERS\RimSerial.sys 28672 bytes (Research in Motion Ltd, RIM Virtual Serial Driver)
0x90754000 C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0x9ABF3000 C:\Windows\system32\DRIVERS\packet.sys 24576 bytes (SingleClick Systems, SCS NDIS 5.0 Auto IP Protocol Driver)
0x827BC000 C:\Windows\system32\drivers\pavboot.sys 24576 bytes (Panda Security, S.L., Panda Boot Driver)
0x82CF0000 C:\Windows\system32\DRIVERS\cdburner.sys 16384 bytes
0x9075A000 C:\Windows\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0x9A6C4000 C:\Windows\system32\drivers\elrawdsk.sys 16384 bytes (EldoS Corporation, RawDisk Driver. Allows write access to raw disk sectors for user mode applications in Windows 2000, XP, 2003, Vista, 2008.)
0xB9C73000 C:\Windows\system32\DRIVERS\mdmxsdk.sys 16384 bytes (Conexant, Diagnostic Interface x86 Driver)
0x8272A000 C:\Windows\system32\DRIVERS\compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0x90CB6000 C:\Windows\system32\DRIVERS\OEM02Vfx.sys 8192 bytes (EyePower Games Pte. Ltd., Advanced Video FX Filter
Driver (Win2K based))
0x907FD000 C:\Windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0x90C7A000 C:\Windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
!!!!!!!!!!!Hidden driver:  0x85CFFAEA ?_empty_? 1302 bytes
0x85CFFEC5 unknown_irp_handler 315 bytes
!!!!!!!!!!!Hidden driver:  0x877EF400 ?_empty_? 0 bytes
==============================================
>Stealth
==============================================
0x82C03000 WARNING: suspicious driver modification [iastor.sys::0x85CFFAEA]
0x01D80000 Hidden Image-->SupportSoft.Agent.Sprocket.dll [ EPROCESS 0x857D6618 ] PID: 4572, 28672 bytes
0x01C90000 Hidden Image-->SupportSoft.Agent.Sprocket.SupportMessage.dll [ EPROCESS 0x857D6618 ] PID: 4572, 45056 bytes
0x01A80000 Hidden Image-->sprtmessage.dll [ EPROCESS 0x857D6618 ] PID: 4572, 77824 bytes
==============================================
>Files
==============================================
!-->[Hidden] C:\ProgramData\ATTYToolbar\BL-62317.DAT
!-->[Hidden] C:\ProgramData\ATTYToolbar\BL-62317.IDX
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS08D96.log
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000D.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000E.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010010.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010010.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010010.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010011.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001D.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010020.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010020.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010020.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010023.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010023.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010023.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010024.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010024.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010024.wid
!-->[Hidden] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Common Client\ccSubSDK\{3AC447DA-F989-4207-93AB-22C05723E442}
!-->[Hidden] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Common Client\ccSubSDK\{7BB11056-370D-4554-AE89-82385C8E6E5D}
!-->[Hidden] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Common Client\ccSubSDK\{A0CB6398-8931-4737-968E-72418D520285}
!-->[Hidden] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\tagfiles\20100903.017.sst
!-->[Hidden] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\tagfiles\20100903.018.sst
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I10AMQTD\rev62317[1]
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U1W0Y11U\current-version-rel4[1].txt
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VXAPHBHC\37174[1].xml
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VXAPHBHC\dul-current-version[1].txt
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\00B439E4d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\04EBA9F5d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\0C905BB0d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\0F97EDD2d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\1535CAE0d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\1548A91Ed01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\174D0BB2d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\1CB26A39d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\26C5A587d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\2A15C029d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\2B2E400Fd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\2F687AC4d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\321D82A8d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\3256DCCCd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\37C50319d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\3E98162Fd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\3F55B47Ed01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\3F600978d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\3FF54ED4d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\4D2F7C41d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\51EFAA3Cd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\5A825422d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\64905F6Fd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\64BF70B6d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\7345D4F1d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\75406C44d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\760BD790d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\761B5A40d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\786B9FE1d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\7B0B2EE4d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\7D74F145d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\7F37E632d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\7FA07CF4d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\80720562d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\87B48194d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\891EE5FAd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\8D5DD6D7d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\8DA693F6d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\903D5CD7d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\919F1911d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\92757BFDd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\9D0DA475d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\A2C9EF1Fd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\A9B58F76d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\AE3DDF7Bd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\B37511BAd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\B720E986d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\BD643680d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\BEE7ED01d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\C0523642d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\C0710FDCd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\C2366FAAd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\C4670896d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\C56D2B4Dd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\C7B63BA0d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\C89D9648d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\C8ABE9E3d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\C8CE8761d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\CE177663d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\CE6B70E6d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\D3A036AEd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\D77D8493d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\D7F35E5Dd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\D8CA81C1d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\D98439B9d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\DBECC59Dd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\DE6719F3d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\DE6B7384d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\E19DC020d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\E76D6A44d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\ECD13D55d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\F7356BB6d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\F81C4DB3d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\F851D4C1d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\FAE09410d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\FBCAAD02d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\FF55AE3Ed01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Temp\SerFE1B.tmp\Ima3B5.tmp\Mike and Cade at the Titans game.jpg
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Temp\SerFE1B.tmp\ImaFED4.tmp\Mike and Cade at the Titans game.jpg
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Roaming\Apple Computer\Logs\asl.060335_02Sep10.log
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Roaming\Microsoft\Windows\Recent\Eagle flying.lnk
!-->[Hidden] C:\Users\Mike's Laptop\Documents\Blackberry Backup file.ipd::$DATA
!-->[Hidden] C:\Users\Mike's Laptop\Documents\LoaderBackup-(2010-06-05)-1.ipd::$DATA
!-->[Hidden] C:\Users\Mike's Laptop\Documents\LoaderBackup-(2010-06-05).ipd::$DATA
!-->[Hidden] C:\Users\Mike's Laptop\Documents\LoaderBackup-(2010-06-06).ipd::$DATA
!-->[Hidden] C:\Users\Mike's Laptop\Pictures\Eagle flying.jpg
!-->[Hidden] C:\Windows\Prefetch\BROWSERPLUSSERVICE.EXE-677B6C05.pf
!-->[Hidden] C:\Windows\Prefetch\OUTLOOK.EXE-673E506A.pf
!-->[Hidden] C:\Windows\Prefetch\PHP.EXE-7E0E63EE.pf
!-->[Hidden] C:\Windows\Prefetch\WINWORD.EXE-D0290961.pf
!-->[Hidden] C:\Windows\System32\WDI\{a7a5847a-7511-4e4e-90b1-45ad2a002f51}\{83cf9ad1-850d-4f24-a4e0-17ea4e4d3e9c}\krundown.etl
!-->[Hidden] C:\Windows\System32\WDI\{a7a5847a-7511-4e4e-90b1-45ad2a002f51}\{83cf9ad1-850d-4f24-a4e0-17ea4e4d3e9c}\ksnapshot.etl
==============================================
>Hooks
==============================================
ntkrnlpa.exe+0x000A87AA, Type: Inline - RelativeJump 0x820EA7AA-->820EA7B1 [ntkrnlpa.exe]
ntkrnlpa.exe+0x000AC880, Type: Inline - RelativeJump 0x820EE880-->820EE823 [ntkrnlpa.exe]
ntkrnlpa.exe+0x000AC8A0, Type: Inline - RelativeJump 0x820EE8A0-->820EE82F [ntkrnlpa.exe]
ntkrnlpa.exe+0x000AC980, Type: Inline - RelativeJump 0x820EE980-->820EE923 [ntkrnlpa.exe]
ntkrnlpa.exe+0x000ACB94, Type: Inline - RelativeJump 0x820EEB94-->820EEB25 [ntkrnlpa.exe]
ntkrnlpa.exe+0x000ACD84, Type: Inline - RelativeJump 0x820EED84-->820EED1B [ntkrnlpa.exe]
ntkrnlpa.exe-->TmInitSystem, Type: Inline - RelativeJump 0x8239B1DF-->8239B1ED [ntkrnlpa.exe]
[1352]svchost.exe-->mswsock.dll+0x00002671, Type: Inline - RelativeJump 0x75722671-->00000000 [unknown_code_page]
[1352]svchost.exe-->mswsock.dll+0x000027D4, Type: Inline - RelativeJump 0x757227D4-->00000000 [unknown_code_page]
[1352]svchost.exe-->mswsock.dll+0x00002995, Type: Inline - RelativeJump 0x75722995-->00000000 [unknown_code_page]
[1352]svchost.exe-->ntdll.dll-->KiUserExceptionDispatcher, Type: Inline - RelativeJump 0x77C55DC8-->00000000 [unknown_code_page]
[1352]svchost.exe-->ntdll.dll-->NtProtectVirtualMemory, Type: Inline - RelativeJump 0x77C54D34-->00000000 [unknown_code_page]
[1352]svchost.exe-->ntdll.dll-->NtWriteVirtualMemory, Type: Inline - RelativeJump 0x77C55674-->00000000 [unknown_code_page]
[1352]svchost.exe-->user32.dll-->GetCursorPos, Type: Inline - RelativeJump 0x76290B88-->00000000 [unknown_code_page]
[5796]explorer.exe-->mswsock.dll+0x00002671, Type: Inline - RelativeJump 0x75722671-->00000000 [unknown_code_page]
[5796]explorer.exe-->mswsock.dll+0x000027D4, Type: Inline - RelativeJump 0x757227D4-->00000000 [unknown_code_page]
[5796]explorer.exe-->mswsock.dll+0x00002995, Type: Inline - RelativeJump 0x75722995-->00000000 [unknown_code_page]
[5796]explorer.exe-->ntdll.dll-->KiUserExceptionDispatcher, Type: Inline - RelativeJump 0x77C55DC8-->00000000 [unknown_code_page]
[5796]explorer.exe-->ntdll.dll-->NtProtectVirtualMemory, Type: Inline - RelativeJump 0x77C54D34-->00000000 [unknown_code_page]
[5796]explorer.exe-->ntdll.dll-->NtWriteVirtualMemory, Type: Inline - RelativeJump 0x77C55674-->00000000 [unknown_code_page]
[5832]YahooAUService.exe-->advapi32.dll-->CreateServiceW, Type: IAT modification 0x00467054-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->advapi32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77C8151C-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->advapi32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77C816D0-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->advapi32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77C81664-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77C814BC-->00000000 [shimeng.dll]
[5832]YahooAUService.exe-->advapi32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x77C81668-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->advapi32.dll-->kernel32.dll-->OpenFile, Type: IAT modification 0x77C81514-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x00467088-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->advapi32.dll-->RegDeleteValueW, Type: IAT modification 0x00467090-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->advapi32.dll-->RegOpenKeyExA, Type: IAT modification 0x00467004-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x00467084-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->advapi32.dll-->RegSetValueExW, Type: IAT modification 0x0046707C-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->gdi32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77B61130-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->gdi32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77B6119C-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->gdi32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77B611BC-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77B61170-->00000000 [shimeng.dll]
[5832]YahooAUService.exe-->kernel32.dll-->CreateFileA, Type: IAT modification 0x00467138-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->kernel32.dll-->CreateFileW, Type: IAT modification 0x004670C8-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->kernel32.dll-->CreateProcessW, Type: IAT modification 0x004670D8-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->kernel32.dll-->DeleteFileA, Type: IAT modification 0x00467250-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x004670AC-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->kernel32.dll-->GetFileAttributesW, Type: IAT modification 0x00467108-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x004670F0-->00000000 [shimeng.dll]
[5832]YahooAUService.exe-->kernel32.dll-->MoveFileA, Type: IAT modification 0x00467254-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->mswsock.dll-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x6D641258-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->mswsock.dll-->advapi32.dll-->RegOpenKeyExA, Type: IAT modification 0x6D641268-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->mswsock.dll-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x6D641274-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->mswsock.dll-->advapi32.dll-->RegSetValueExA, Type: IAT modification 0x6D641254-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->mswsock.dll-->advapi32.dll-->RegSetValueExW, Type: IAT modification 0x6D64125C-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->mswsock.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x6D64123C-->00000000 [shimeng.dll]
[5832]YahooAUService.exe-->shell32.dll-->advapi32.dll-->AccessCheck, Type: IAT modification 0x768E1C04-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->shell32.dll-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x768E1B34-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->shell32.dll-->advapi32.dll-->RegCreateKeyW, Type: IAT modification 0x768E1CB8-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->shell32.dll-->advapi32.dll-->RegDeleteValueW, Type: IAT modification 0x768E1B54-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->shell32.dll-->advapi32.dll-->RegOpenKeyExA, Type: IAT modification 0x768E1CFC-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->shell32.dll-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x768E1B2C-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->shell32.dll-->advapi32.dll-->RegSetValueExW, Type: IAT modification 0x768E1B30-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->shell32.dll-->advapi32.dll-->RegSetValueW, Type: IAT modification 0x768E1B74-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->shell32.dll-->advapi32.dll-->SetFileSecurityW, Type: IAT modification 0x768E1CC8-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->shell32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x768E125C-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->shell32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x768E1460-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->shell32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x768E13B4-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->shell32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x768E1414-->00000000 [shimeng.dll]
[5832]YahooAUService.exe-->shell32.dll-->kernel32.dll-->MoveFileExW, Type: IAT modification 0x768E13C0-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->shell32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x768E130C-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->shell32.dll-->kernel32.dll-->SetFileAttributesW, Type: IAT modification 0x768E13B8-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->user32.dll-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x77D51548-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->user32.dll-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x77D51528-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->user32.dll-->advapi32.dll-->RegSetValueExW, Type: IAT modification 0x77D51550-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->user32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77D511A8-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->user32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77D512B8-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->user32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77D511B0-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77D51300-->00000000 [shimeng.dll]
[5832]YahooAUService.exe-->user32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x77D511AC-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->wininet.dll-->advapi32.dll-->RegCreateKeyExA, Type: IAT modification 0x70411278-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->wininet.dll-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x70411208-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->wininet.dll-->advapi32.dll-->RegDeleteValueA, Type: IAT modification 0x7041123C-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->wininet.dll-->advapi32.dll-->RegDeleteValueW, Type: IAT modification 0x704111E8-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->wininet.dll-->advapi32.dll-->RegOpenKeyExA, Type: IAT modification 0x70411280-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->wininet.dll-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x7041124C-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->wininet.dll-->advapi32.dll-->RegSetValueExA, Type: IAT modification 0x7041127C-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->wininet.dll-->advapi32.dll-->RegSetValueExW, Type: IAT modification 0x70411204-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->wininet.dll-->kernel32.dll-->CopyFileA, Type: IAT modification 0x704112F0-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->wininet.dll-->kernel32.dll-->CreateFileA, Type: IAT modification 0x70411400-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->wininet.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x704113FC-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->wininet.dll-->kernel32.dll-->DeleteFileA, Type: IAT modification 0x704113D4-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->wininet.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x70411364-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->wininet.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x704114B0-->00000000 [shimeng.dll]
[5832]YahooAUService.exe-->wininet.dll-->kernel32.dll-->MoveFileA, Type: IAT modification 0x7041132C-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->wininet.dll-->kernel32.dll-->MoveFileExA, Type: IAT modification 0x70411320-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->wininet.dll-->kernel32.dll-->MoveFileExW, Type: IAT modification 0x70411324-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->wininet.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x70411328-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->wininet.dll-->kernel32.dll-->SetFileAttributesA, Type: IAT modification 0x70411308-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->wininet.dll-->kernel32.dll-->SetFileAttributesW, Type: IAT modification 0x70411484-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->ws2_32.dll-->advapi32.dll-->RegCreateKeyExA, Type: IAT modification 0x4B0D1104-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->ws2_32.dll-->advapi32.dll-->RegOpenKeyExA, Type: IAT modification 0x4B0D110C-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->ws2_32.dll-->advapi32.dll-->RegSetValueExA, Type: IAT modification 0x4B0D1114-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->ws2_32.dll-->advapi32.dll-->RegSetValueExW, Type: IAT modification 0x4B0D1110-->00000000 [AcGenral.dll]
[5832]YahooAUService.exe-->ws2_32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x4B0D11E8-->00000000 [shimeng.dll]
[6692]wuauclt.exe-->mswsock.dll+0x00002671, Type: Inline - RelativeJump 0x75722671-->00000000 [unknown_code_page]
[6692]wuauclt.exe-->mswsock.dll+0x000027D4, Type: Inline - RelativeJump 0x757227D4-->00000000 [unknown_code_page]
[6692]wuauclt.exe-->mswsock.dll+0x00002995, Type: Inline - RelativeJump 0x75722995-->00000000 [unknown_code_page]
[6692]wuauclt.exe-->ntdll.dll-->KiUserExceptionDispatcher, Type: Inline - RelativeJump 0x77C55DC8-->00000000 [unknown_code_page]
[6692]wuauclt.exe-->ntdll.dll-->NtProtectVirtualMemory, Type: Inline - RelativeJump 0x77C54D34-->00000000 [unknown_code_page]
[6692]wuauclt.exe-->ntdll.dll-->NtWriteVirtualMemory, Type: Inline - RelativeJump 0x77C55674-->00000000 [unknown_code_page]

Hi Mike,

You have a nasty Rootkit installed please run this next tool for me:

Please read carefully and follow these steps.

• Download TDSSKiller and save it to your Desktop.
• Extract its contents to your desktop.
• Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.

   

  

   

• If an infected file is detected, the default action will be Cure, click on Continue.

   

  

   

• If a suspicious file is detected, the default action will be Skip, click on Continue.

   

  

   

• It may ask you to reboot the computer to complete the process. Click on Reboot Now.

   

  

   

• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt".

Please copy and paste the contents of that file here.

Thanks.

Also noticed that the 80072EFE error still shows up when I try to update.

2010/09/04 17:17:52.0249    TDSS rootkit removing tool 2.4.2.0 Sep  3 2010 10:26:06
2010/09/04 17:17:52.0250    ================================================================================
2010/09/04 17:17:52.0250    SystemInfo:
2010/09/04 17:17:52.0250   
2010/09/04 17:17:52.0250    OS Version: 6.0.6002 ServicePack: 2.0
2010/09/04 17:17:52.0250    Product type: Workstation
2010/09/04 17:17:52.0250    ComputerName: MIKESLAPTOP
2010/09/04 17:17:52.0250    UserName: Mike's Laptop
2010/09/04 17:17:52.0250    Windows directory: C:\Windows
2010/09/04 17:17:52.0250    System windows directory: C:\Windows
2010/09/04 17:17:52.0250    Processor architecture: Intel x86
2010/09/04 17:17:52.0250    Number of processors: 2
2010/09/04 17:17:52.0250    Page size: 0x1000
2010/09/04 17:17:52.0250    Boot type: Normal boot
2010/09/04 17:17:52.0250    ================================================================================
2010/09/04 17:17:52.0840    Initialize success
2010/09/04 17:18:12.0508    ================================================================================
2010/09/04 17:18:12.0508    Scan started
2010/09/04 17:18:12.0508    Mode: Manual;
2010/09/04 17:18:12.0508    ================================================================================
2010/09/04 17:18:13.0228    ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2010/09/04 17:18:13.0363    adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2010/09/04 17:18:13.0714    adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2010/09/04 17:18:13.0883    adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2010/09/04 17:18:14.0067    adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2010/09/04 17:18:14.0486    Afc             (fe3ea6e9afc1a78e6edca121e006afb7) C:\Windows\system32\drivers\Afc.sys
2010/09/04 17:18:14.0837    AFD             (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2010/09/04 17:18:15.0147    agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2010/09/04 17:18:15.0307    aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2010/09/04 17:18:15.0483    aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2010/09/04 17:18:15.0931    amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2010/09/04 17:18:16.0190    amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2010/09/04 17:18:16.0346    AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2010/09/04 17:18:16.0457    AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2010/09/04 17:18:16.0622    ApfiltrService  (a80230bd04f0b8bf05185b369bb1cbb8) C:\Windows\system32\DRIVERS\Apfiltr.sys
2010/09/04 17:18:16.0763    arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2010/09/04 17:18:16.0914    arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2010/09/04 17:18:17.0037    AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/09/04 17:18:17.0123    atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2010/09/04 17:18:17.0298    Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2010/09/04 17:18:17.0474    BHDrvx86        (8a0b7bd7947f769c2d87f795bc97e766) C:\Windows\system32\drivers\N360\0300000.087\BHDrvx86.sys
2010/09/04 17:18:17.0600    blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2010/09/04 17:18:17.0747    bowser          (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2010/09/04 17:18:17.0885    BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2010/09/04 17:18:18.0007    BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2010/09/04 17:18:18.0165    Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2010/09/04 17:18:18.0277    BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2010/09/04 17:18:18.0387    BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2010/09/04 17:18:18.0493    BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2010/09/04 17:18:18.0638    BthEnum         (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
2010/09/04 17:18:18.0765    BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2010/09/04 17:18:18.0907    BthPan          (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
2010/09/04 17:18:19.0035    BTHPORT         (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
2010/09/04 17:18:19.0180    BTHUSB          (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
2010/09/04 17:18:19.0360    ccHP            (7652f4e64c389b80ac6282339e5fa386) C:\Windows\system32\drivers\N360\0300000.087\ccHPx86.sys
2010/09/04 17:18:19.0489    cdburner        (c2eee2fd8b0e0c82d2be25281e017e57) C:\Windows\system32\DRIVERS\cdburner.sys
2010/09/04 17:18:19.0619    cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2010/09/04 17:18:19.0757    cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2010/09/04 17:18:19.0885    circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2010/09/04 17:18:19.0988    CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2010/09/04 17:18:20.0101    CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/09/04 17:18:20.0206    cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2010/09/04 17:18:20.0316    Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2010/09/04 17:18:20.0352    crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2010/09/04 17:18:20.0469    Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2010/09/04 17:18:20.0607    DfsC            (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2010/09/04 17:18:20.0744    disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2010/09/04 17:18:20.0926    drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2010/09/04 17:18:21.0083    DXGKrnl         (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
2010/09/04 17:18:21.0217    e1express       (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
2010/09/04 17:18:21.0344    E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2010/09/04 17:18:21.0459    Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2010/09/04 17:18:21.0583    eeCtrl          (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
2010/09/04 17:18:21.0708    ElRawDisk       (9c64c2a950195f9bc3a09a499648b01c) C:\Windows\system32\drivers\elrawdsk.sys
2010/09/04 17:18:21.0847    elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2010/09/04 17:18:21.0979    EraserUtilRebootDrv (850259334652d392e33ee3412562e583) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
2010/09/04 17:18:22.0076    ErrDev          (f2a80de2d1b7116052c09cb4d4ca1416) C:\Windows\system32\drivers\errdev.sys
2010/09/04 17:18:22.0235    exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2010/09/04 17:18:22.0295    fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2010/09/04 17:18:22.0422    fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2010/09/04 17:18:22.0550    FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2010/09/04 17:18:22.0587    Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2010/09/04 17:18:22.0702    flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/09/04 17:18:22.0766    FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2010/09/04 17:18:22.0935    Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2010/09/04 17:18:23.0071    gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2010/09/04 17:18:23.0193    GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2010/09/04 17:18:23.0355    HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/09/04 17:18:23.0466    HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2010/09/04 17:18:23.0502    HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2010/09/04 17:18:23.0601    HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2010/09/04 17:18:23.0756    HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2010/09/04 17:18:23.0956    HSF_DPV         (99f85640054ba65190b860d878a7c9ae) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2010/09/04 17:18:24.0090    HSXHWAZL        (cfbc2b81972e298f0e19ee68fa9e73da) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2010/09/04 17:18:24.0178    HTTP            (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
2010/09/04 17:18:24.0317    i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2010/09/04 17:18:24.0465    i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/09/04 17:18:24.0676    iaStor          (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
2010/09/04 17:18:24.0955    iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2010/09/04 17:18:25.0253    IDSVix86        (2edd3504457691a10328079da011d0b8) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100903.003\IDSvix86.sys
2010/09/04 17:18:25.0711    igfx            (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
2010/09/04 17:18:25.0950    iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2010/09/04 17:18:26.0068    IntcHdmiAddService (98d303ccb3415e9202e82043b37d66dc) C:\Windows\system32\drivers\IntcHdmi.sys
2010/09/04 17:18:26.0388    intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
2010/09/04 17:18:26.0492    intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2010/09/04 17:18:26.0679    IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/09/04 17:18:27.0104    IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2010/09/04 17:18:27.0305    IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2010/09/04 17:18:27.0449    IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2010/09/04 17:18:27.0843    isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2010/09/04 17:18:28.0002    iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/09/04 17:18:28.0130    iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2010/09/04 17:18:28.0413    iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2010/09/04 17:18:28.0619    kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/09/04 17:18:28.0781    kbdhid          (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/09/04 17:18:28.0958    KSecDD          (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2010/09/04 17:18:29.0135    lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2010/09/04 17:18:29.0516    LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2010/09/04 17:18:29.0757    LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2010/09/04 17:18:30.0152    LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2010/09/04 17:18:30.0396    luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2010/09/04 17:18:30.0596    mdmxsdk         (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2010/09/04 17:18:30.0748    megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2010/09/04 17:18:30.0980    MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2010/09/04 17:18:31.0196    Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2010/09/04 17:18:31.0654    monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2010/09/04 17:18:31.0872    mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2010/09/04 17:18:32.0036    mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2010/09/04 17:18:32.0145    MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2010/09/04 17:18:32.0320    mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2010/09/04 17:18:32.0594    mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2010/09/04 17:18:32.0807    Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2010/09/04 17:18:32.0935    MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2010/09/04 17:18:33.0203    mrxsmb          (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/09/04 17:18:33.0380    mrxsmb10        (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/09/04 17:18:33.0549    mrxsmb20        (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/09/04 17:18:33.0698    msahci          (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
2010/09/04 17:18:33.0946    msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2010/09/04 17:18:34.0116    Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2010/09/04 17:18:34.0254    msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2010/09/04 17:18:34.0939    MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2010/09/04 17:18:35.0064    MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/09/04 17:18:35.0503    MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2010/09/04 17:18:35.0715    MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2010/09/04 17:18:35.0843    mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/09/04 17:18:35.0948    MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2010/09/04 17:18:36.0053    Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2010/09/04 17:18:36.0178    MusCAudio       (2893b158fc5d98a42d0b2f4d7c22c788) C:\Windows\system32\drivers\MusCAudio.sys
2010/09/04 17:18:36.0320    NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2010/09/04 17:18:36.0486    NAVENG          (0953bb24c1e70a99c315f44f15993c17) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100904.003\NAVENG.SYS
2010/09/04 17:18:36.0723    NAVEX15         (3ddb0bef60b65df6b110c23e17cd67dc) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100904.003\NAVEX15.SYS
2010/09/04 17:18:36.0950    NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2010/09/04 17:18:37.0059    NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/09/04 17:18:37.0169    Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/09/04 17:18:37.0246    NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/09/04 17:18:37.0351    NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2010/09/04 17:18:37.0700    NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2010/09/04 17:18:37.0947    netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2010/09/04 17:18:38.0298    NETw4v32        (dd194a025d1c0472f45f57de8d8388eb) C:\Windows\system32\DRIVERS\NETw4v32.sys
2010/09/04 17:18:39.0023    nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2010/09/04 17:18:39.0404    NPF             (6623e51595c0076755c29c00846c4eb2) C:\Windows\system32\drivers\NPF.sys
2010/09/04 17:18:39.0633    Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2010/09/04 17:18:39.0789    nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2010/09/04 17:18:40.0074    Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2010/09/04 17:18:40.0241    ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2010/09/04 17:18:40.0370    Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2010/09/04 17:18:40.0534    nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2010/09/04 17:18:40.0986    nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2010/09/04 17:18:41.0048    nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2010/09/04 17:18:41.0772    OEM02Dev        (9d20fa5d8875f6063aa5e1c44446f698) C:\Windows\system32\DRIVERS\OEM02Dev.sys
2010/09/04 17:18:41.0859    OEM02Vfx        (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
2010/09/04 17:18:42.0469    ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/09/04 17:18:42.0726    Packet          (9d80e0be979c3edaf2863f23b88f4de6) C:\Windows\system32\DRIVERS\packet.sys
2010/09/04 17:18:42.0879    Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2010/09/04 17:18:43.0062    partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2010/09/04 17:18:43.0554    Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2010/09/04 17:18:43.0824    pavboot         (3adb8bd6154a3ef87496e8fce9c22493) C:\Windows\system32\drivers\pavboot.sys
2010/09/04 17:18:44.0333    PCD5SRVC{3F6A8B78-EC003E00-05040104} (42ede7d217325ff56cb8a9983cd7f73b) C:\PROGRA~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms
2010/09/04 17:18:44.0622    pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2010/09/04 17:18:44.0775    pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
2010/09/04 17:18:45.0223    pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2010/09/04 17:18:45.0630    PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2010/09/04 17:18:45.0806    PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2010/09/04 17:18:45.0927    Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2010/09/04 17:18:46.0066    PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2010/09/04 17:18:46.0186    PSINAflt        (235af4d494143f80a5584447ad7fc402) C:\Windows\system32\DRIVERS\PSINAflt.sys
2010/09/04 17:18:46.0299    PSINFile        (5571350a5670379de59d6d558d6a7007) C:\Windows\system32\DRIVERS\PSINFile.sys
2010/09/04 17:18:46.0437    PSINKNC         (ef57398f3baae958c43fd37353850cda) C:\Windows\system32\DRIVERS\psinknc.sys
2010/09/04 17:18:46.0545    PSINProc        (af6714cd8fb9e47d034a235629d0ab1d) C:\Windows\system32\DRIVERS\PSINProc.sys
2010/09/04 17:18:46.0663    PSINProt        (76c4efe8843909162b614ab3e5648611) C:\Windows\system32\DRIVERS\PSINProt.sys
2010/09/04 17:18:46.0774    PTDMBus         (785e1032c8f3c8c60aa8e2b7fe377869) C:\Windows\system32\DRIVERS\PTDMBus.sys
2010/09/04 17:18:46.0912    PTDMMdm         (924c2b2dca76d2bd7d44b3bb968b344f) C:\Windows\system32\DRIVERS\PTDMMdm.sys
2010/09/04 17:18:47.0034    PTDMVsp         (58ad3ccdd567fa45fd94af15229ace7c) C:\Windows\system32\DRIVERS\PTDMVsp.sys
2010/09/04 17:18:47.0140    PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
2010/09/04 17:18:47.0336    ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2010/09/04 17:18:47.0470    ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2010/09/04 17:18:47.0618    QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2010/09/04 17:18:47.0809    R300            (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
2010/09/04 17:18:47.0977    RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2010/09/04 17:18:48.0132    Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/09/04 17:18:48.0299    RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/09/04 17:18:48.0615    RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2010/09/04 17:18:48.0763    rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2010/09/04 17:18:48.0906    RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/09/04 17:18:49.0198    rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2010/09/04 17:18:49.0395    RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2010/09/04 17:18:49.0671    RDPWD           (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2010/09/04 17:18:50.0061    RFCOMM          (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
2010/09/04 17:18:50.0339    rimmptsk        (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
2010/09/04 17:18:50.0515    rimsptsk        (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
2010/09/04 17:18:50.0828    RimUsb          (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
2010/09/04 17:18:51.0047    RimVSerPort     (d9b34325ee5df78b8f28a3de9f577c7d) C:\Windows\system32\DRIVERS\RimSerial.sys
2010/09/04 17:18:51.0263    rismxdp         (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
2010/09/04 17:18:51.0401    ROOTMODEM       (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
2010/09/04 17:18:51.0810    rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2010/09/04 17:18:52.0084    sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2010/09/04 17:18:52.0236    sdbus           (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
2010/09/04 17:18:52.0718    secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2010/09/04 17:18:52.0935    Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2010/09/04 17:18:53.0081    Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2010/09/04 17:18:53.0246    sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2010/09/04 17:18:53.0868    sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/09/04 17:18:54.0092    sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2010/09/04 17:18:54.0386    sffp_sd         (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/09/04 17:18:54.0725    sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2010/09/04 17:18:54.0863    sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2010/09/04 17:18:55.0264    SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2010/09/04 17:18:55.0637    SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2010/09/04 17:18:55.0770    Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2010/09/04 17:18:55.0879    spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2010/09/04 17:18:56.0030    SQTECH905C      (b9ac9023207149a206a9ea037d76cfce) C:\Windows\system32\Drivers\Capt905c.sys
2010/09/04 17:18:56.0183    SRTSP           (d572d48ca47b33b49bba9a7bc5cb45c6) C:\Windows\system32\drivers\N360\0300000.087\SRTSP.SYS
2010/09/04 17:18:56.0349    SRTSPX          (262072d44a269e6d590291f8321f00b1) C:\Windows\system32\drivers\N360\0300000.087\SRTSPX.SYS
2010/09/04 17:18:56.0462    srv             (0debafcc0e3591fca34f077cab62f7f7) C:\Windows\system32\DRIVERS\srv.sys
2010/09/04 17:18:56.0565    srv2            (6b6f3658e0a58c6c50c5f7fbdf3df633) C:\Windows\system32\DRIVERS\srv2.sys
2010/09/04 17:18:56.0697    srvnet          (0c5ab1892ae0fa504218db094bf6d041) C:\Windows\system32\DRIVERS\srvnet.sys
2010/09/04 17:18:56.0864    ssfs0bbc        (a3cc244f1e043c2b7ae32899ff99a0a0) C:\Windows\system32\DRIVERS\ssfs0bbc.sys
2010/09/04 17:18:56.0983    SSHRMD          (d6688e854dbe0f3024966e0d018274a7) C:\Windows\system32\Drivers\SSHRMD.SYS
2010/09/04 17:18:56.0984    Suspicious file (Forged): C:\Windows\system32\Drivers\SSHRMD.SYS. Real md5: d6688e854dbe0f3024966e0d018274a7, Fake md5: e041026dafa17af2610afc4da8f4ea14
2010/09/04 17:18:56.0996    SSHRMD - detected Rootkit.Win32.TDSS.tdl3 (0)
2010/09/04 17:18:57.0096    SSIDRV          (5a40b485825cc31b3a49bb4701b30d35) C:\Windows\system32\Drivers\SSIDRV.SYS
2010/09/04 17:18:57.0221    SSKBFD          (2907633cd784808e2b24004b54040faa) C:\Windows\system32\Drivers\sskbfd.sys
2010/09/04 17:18:57.0450    STHDA           (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
2010/09/04 17:18:57.0596    StillCam        (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
2010/09/04 17:18:57.0728    swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2010/09/04 17:18:57.0834    Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2010/09/04 17:18:58.0009    SymEFA          (d0403502b507878aa57a79e45b7dfe40) C:\Windows\system32\drivers\N360\0300000.087\SYMEFA.SYS
2010/09/04 17:18:58.0107    SymEvent        (a54ff04bd6e75dc4d8cb6f3e352635e0) C:\Windows\system32\Drivers\SYMEVENT.SYS
2010/09/04 17:18:58.0546    SYMFW           (3d4c6195812acd7cd8ef59cb61dd8101) C:\Windows\system32\drivers\N360\0300000.087\SYMFW.SYS
2010/09/04 17:18:58.0768    SymIM           (0b7e7cbe1f9dd57bc5dcdcad3f6b1b3b) C:\Windows\system32\DRIVERS\SymIMv.sys
2010/09/04 17:18:58.0928    SYMNDISV        (8629557cbaa0215463f084562030c016) C:\Windows\system32\drivers\N360\0300000.087\SYMNDISV.SYS
2010/09/04 17:18:59.0459    SYMTDI          (3b4a6cf6b737a998d753c17e8eb4c11e) C:\Windows\system32\drivers\N360\0300000.087\SYMTDI.SYS
2010/09/04 17:18:59.0746    Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2010/09/04 17:18:59.0901    Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2010/09/04 17:19:00.0331    Tcpip           (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\drivers\tcpip.sys
2010/09/04 17:19:00.0606    Tcpip6          (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\DRIVERS\tcpip.sys
2010/09/04 17:19:01.0036    tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2010/09/04 17:19:01.0276    TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2010/09/04 17:19:01.0761    TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2010/09/04 17:19:02.0055    tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2010/09/04 17:19:02.0390    TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2010/09/04 17:19:02.0594    TotRec7         (53d06e5a0fdd4d9447840fd23c3ff4a6) C:\Windows\system32\drivers\TotRec7.sys
2010/09/04 17:19:02.0777    TotRec8         (9647e89bb2909560753ac371c95d3f0e) C:\Windows\system32\drivers\TotRec8.sys
2010/09/04 17:19:03.0512    tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/09/04 17:19:03.0929    tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2010/09/04 17:19:04.0079    tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2010/09/04 17:19:04.0666    uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2010/09/04 17:19:04.0791    udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2010/09/04 17:19:04.0971    uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2010/09/04 17:19:05.0476    uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2010/09/04 17:19:05.0674    UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2010/09/04 17:19:05.0869    ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2010/09/04 17:19:06.0101    umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2010/09/04 17:19:06.0277    USBAAPL         (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
2010/09/04 17:19:06.0432    usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/09/04 17:19:06.0542    usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2010/09/04 17:19:06.0690    usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2010/09/04 17:19:06.0818    usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2010/09/04 17:19:06.0945    usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2010/09/04 17:19:07.0087    usbprint        (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2010/09/04 17:19:07.0217    USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/09/04 17:19:07.0329    usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/09/04 17:19:07.0495    vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/09/04 17:19:07.0610    VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2010/09/04 17:19:07.0734    viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2010/09/04 17:19:07.0790    ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2010/09/04 17:19:07.0914    viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2010/09/04 17:19:07.0962    volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2010/09/04 17:19:08.0143    volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2010/09/04 17:19:08.0292    volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2010/09/04 17:19:08.0465    vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2010/09/04 17:19:08.0888    WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2010/09/04 17:19:09.0139    Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/09/04 17:19:09.0167    Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/09/04 17:19:09.0483    Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2010/09/04 17:19:09.0699    Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2010/09/04 17:19:10.0482    winachsf        (72cc6a8ca7891031d6380db5025c773c) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2010/09/04 17:19:10.0842    WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/09/04 17:19:10.0986    WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2010/09/04 17:19:11.0141    ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2010/09/04 17:19:11.0599    WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/09/04 17:19:11.0863    XAudio          (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
2010/09/04 17:19:12.0145    yukonwlh        (a4822191c7cea271903c2a4fb6d9809d) C:\Windows\system32\DRIVERS\yk60x86.sys
2010/09/04 17:19:12.0213    ================================================================================
2010/09/04 17:19:12.0213    Scan finished
2010/09/04 17:19:12.0213    ================================================================================
2010/09/04 17:19:12.0224    Detected object count: 1
2010/09/04 17:21:01.0135    SSHRMD          (d6688e854dbe0f3024966e0d018274a7) C:\Windows\system32\Drivers\SSHRMD.SYS
2010/09/04 17:21:01.0136    Suspicious file (Forged): C:\Windows\system32\Drivers\SSHRMD.SYS. Real md5: d6688e854dbe0f3024966e0d018274a7, Fake md5: e041026dafa17af2610afc4da8f4ea14
2010/09/04 17:21:01.0148    C:\Windows\system32\Drivers\SSHRMD.SYS - quarantined
2010/09/04 17:21:02.0542    Rootkit.Win32.TDSS.tdl3(SSHRMD) - User select action: Quarantine
2010/09/04 17:25:07.0484    ================================================================================
2010/09/04 17:25:07.0484    Scan started
2010/09/04 17:25:07.0484    Mode: Manual;
2010/09/04 17:25:07.0484    ================================================================================
2010/09/04 17:25:07.0851    Scan interrupted by user!
2010/09/04 17:25:07.0851    Scan interrupted by user!
2010/09/04 17:25:07.0851    ================================================================================
2010/09/04 17:25:07.0851    Scan finished
2010/09/04 17:25:07.0851    ================================================================================
2010/09/04 17:27:41.0157    ================================================================================
2010/09/04 17:27:41.0157    Scan started
2010/09/04 17:27:41.0157    Mode: Manual;
2010/09/04 17:27:41.0157    ================================================================================
2010/09/04 17:27:41.0413    ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2010/09/04 17:27:41.0554    adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2010/09/04 17:27:41.0686    adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2010/09/04 17:27:41.0802    adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2010/09/04 17:27:41.0919    adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2010/09/04 17:27:42.0049    Afc             (fe3ea6e9afc1a78e6edca121e006afb7) C:\Windows\system32\drivers\Afc.sys
2010/09/04 17:27:42.0177    AFD             (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2010/09/04 17:27:42.0310    agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2010/09/04 17:27:42.0437    aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2010/09/04 17:27:42.0512    aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2010/09/04 17:27:42.0615    amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2010/09/04 17:27:42.0730    amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2010/09/04 17:27:42.0842    AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2010/09/04 17:27:42.0953    AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2010/09/04 17:27:43.0074    ApfiltrService  (a80230bd04f0b8bf05185b369bb1cbb8) C:\Windows\system32\DRIVERS\Apfiltr.sys
2010/09/04 17:27:43.0215    arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2010/09/04 17:27:43.0344    arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2010/09/04 17:27:43.0511    AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/09/04 17:27:43.0631    atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2010/09/04 17:27:43.0759    Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2010/09/04 17:27:43.0947    BHDrvx86        (8a0b7bd7947f769c2d87f795bc97e766) C:\Windows\system32\drivers\N360\0300000.087\BHDrvx86.sys
2010/09/04 17:27:44.0062    blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2010/09/04 17:27:44.0187    bowser          (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2010/09/04 17:27:44.0292    BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2010/09/04 17:27:44.0403    BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2010/09/04 17:27:44.0517    Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2010/09/04 17:27:44.0596    BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2010/09/04 17:27:44.0705    BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2010/09/04 17:27:44.0834    BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2010/09/04 17:27:44.0968    BthEnum         (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
2010/09/04 17:27:45.0084    BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2010/09/04 17:27:45.0270    BthPan          (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
2010/09/04 17:27:45.0411    BTHPORT         (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
2010/09/04 17:27:45.0566    BTHUSB          (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
2010/09/04 17:27:45.0766    ccHP            (7652f4e64c389b80ac6282339e5fa386) C:\Windows\system32\drivers\N360\0300000.087\ccHPx86.sys
2010/09/04 17:27:45.0885    cdburner        (c2eee2fd8b0e0c82d2be25281e017e57) C:\Windows\system32\DRIVERS\cdburner.sys
2010/09/04 17:27:45.0926    cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2010/09/04 17:27:46.0042    cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2010/09/04 17:27:46.0136    circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2010/09/04 17:27:46.0252    CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2010/09/04 17:27:46.0386    CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/09/04 17:27:46.0424    cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2010/09/04 17:27:46.0523    Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2010/09/04 17:27:46.0559    crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2010/09/04 17:27:46.0710    Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2010/09/04 17:27:46.0848    DfsC            (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2010/09/04 17:27:46.0962    disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2010/09/04 17:27:47.0111    drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2010/09/04 17:27:47.0301    DXGKrnl         (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
2010/09/04 17:27:47.0458    e1express       (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
2010/09/04 17:27:47.0596    E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2010/09/04 17:27:47.0722    Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2010/09/04 17:27:47.0845    eeCtrl          (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
2010/09/04 17:27:47.0970    ElRawDisk       (9c64c2a950195f9bc3a09a499648b01c) C:\Windows\system32\drivers\elrawdsk.sys
2010/09/04 17:27:48.0098    elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2010/09/04 17:27:48.0208    EraserUtilRebootDrv (850259334652d392e33ee3412562e583) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
2010/09/04 17:27:48.0316    ErrDev          (f2a80de2d1b7116052c09cb4d4ca1416) C:\Windows\system32\drivers\errdev.sys
2010/09/04 17:27:48.0498    exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2010/09/04 17:27:48.0624    fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2010/09/04 17:27:48.0741    fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2010/09/04 17:27:48.0847    FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2010/09/04 17:27:49.0005    Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2010/09/04 17:27:49.0131    flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/09/04 17:27:49.0274    FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2010/09/04 17:27:49.0486    Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2010/09/04 17:27:49.0623    gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2010/09/04 17:27:49.0768    GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2010/09/04 17:27:49.0962    HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/09/04 17:27:50.0084    HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2010/09/04 17:27:50.0175    HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2010/09/04 17:27:50.0331    HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2010/09/04 17:27:50.0452    HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2010/09/04 17:27:50.0630    HSF_DPV         (99f85640054ba65190b860d878a7c9ae) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2010/09/04 17:27:50.0764    HSXHWAZL        (cfbc2b81972e298f0e19ee68fa9e73da) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2010/09/04 17:27:50.0907    HTTP            (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
2010/09/04 17:27:51.0024    i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2010/09/04 17:27:51.0150    i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/09/04 17:27:51.0296    iaStor          (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
2010/09/04 17:27:51.0422    iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2010/09/04 17:27:51.0593    IDSVix86        (2edd3504457691a10328079da011d0b8) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100903.003\IDSvix86.sys
2010/09/04 17:27:51.0782    igfx            (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
2010/09/04 17:27:51.0927    iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2010/09/04 17:27:52.0119    IntcHdmiAddService (98d303ccb3415e9202e82043b37d66dc) C:\Windows\system32\drivers\IntcHdmi.sys
2010/09/04 17:27:52.0261    intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
2010/09/04 17:27:52.0388    intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2010/09/04 17:27:52.0552    IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/09/04 17:27:52.0676    IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2010/09/04 17:27:52.0789    IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2010/09/04 17:27:52.0922    IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2010/09/04 17:27:53.0039    isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2010/09/04 17:27:53.0173    iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/09/04 17:27:53.0303    iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2010/09/04 17:27:53.0431    iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2010/09/04 17:27:53.0548    kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/09/04 17:27:53.0688    kbdhid          (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/09/04 17:27:53.0844    KSecDD          (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2010/09/04 17:27:54.0019    lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2010/09/04 17:27:54.0200    LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2010/09/04 17:27:54.0329    LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2010/09/04 17:27:54.0459    LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2010/09/04 17:27:54.0603    luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2010/09/04 17:27:54.0724    mdmxsdk         (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2010/09/04 17:27:54.0843    megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2010/09/04 17:27:54.0976    MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2010/09/04 17:27:55.0114    Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2010/09/04 17:27:55.0249    monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2010/09/04 17:27:55.0389    mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2010/09/04 17:27:55.0554    mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2010/09/04 17:27:55.0684    MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2010/09/04 17:27:55.0804    mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2010/09/04 17:27:55.0933    mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2010/09/04 17:27:56.0079    Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2010/09/04 17:27:56.0242    MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2010/09/04 17:27:56.0343    mrxsmb          (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/09/04 17:27:56.0464    mrxsmb10        (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/09/04 17:27:56.0578    mrxsmb20        (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/09/04 17:27:56.0615    msahci          (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
2010/09/04 17:27:56.0730    msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2010/09/04 17:27:56.0855    Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2010/09/04 17:27:56.0960    msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2010/09/04 17:27:57.0099    MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2010/09/04 17:27:57.0226    MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/09/04 17:27:57.0342    MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2010/09/04 17:27:57.0387    MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2010/09/04 17:27:57.0483    mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/09/04 17:27:57.0610    MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2010/09/04 17:27:57.0648    Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2010/09/04 17:27:57.0774    MusCAudio       (2893b158fc5d98a42d0b2f4d7c22c788) C:\Windows\system32\drivers\MusCAudio.sys
2010/09/04 17:27:57.0914    NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2010/09/04 17:27:58.0104    NAVENG          (0953bb24c1e70a99c315f44f15993c17) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100904.003\NAVENG.SYS
2010/09/04 17:27:58.0346    NAVEX15         (3ddb0bef60b65df6b110c23e17cd67dc) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100904.003\NAVEX15.SYS
2010/09/04 17:27:58.0488    NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2010/09/04 17:27:58.0599    NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/09/04 17:27:58.0642    Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/09/04 17:27:58.0775    NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/09/04 17:27:58.0890    NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2010/09/04 17:27:59.0017    NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2010/09/04 17:27:59.0132    netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2010/09/04 17:27:59.0355    NETw4v32        (dd194a025d1c0472f45f57de8d8388eb) C:\Windows\system32\DRIVERS\NETw4v32.sys
2010/09/04 17:27:59.0486    nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2010/09/04 17:27:59.0745    NPF             (6623e51595c0076755c29c00846c4eb2) C:\Windows\system32\drivers\NPF.sys
2010/09/04 17:27:59.0862    Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2010/09/04 17:27:59.0974    nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2010/09/04 17:28:00.0117    Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2010/09/04 17:28:00.0238    ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2010/09/04 17:28:00.0355    Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2010/09/04 17:28:00.0486    nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2010/09/04 17:28:00.0604    nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2010/09/04 17:28:00.0722    nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2010/09/04 17:28:01.0013    OEM02Dev        (9d20fa5d8875f6063aa5e1c44446f698) C:\Windows\system32\DRIVERS\OEM02Dev.sys
2010/09/04 17:28:01.0177    OEM02Vfx        (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
2010/09/04 17:28:01.0276    ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/09/04 17:28:01.0411    Packet          (9d80e0be979c3edaf2863f23b88f4de6) C:\Windows\system32\DRIVERS\packet.sys
2010/09/04 17:28:01.0566    Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2010/09/04 17:28:01.0725    partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2010/09/04 17:28:01.0883    Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2010/09/04 17:28:02.0032    pavboot         (3adb8bd6154a3ef87496e8fce9c22493) C:\Windows\system32\drivers\pavboot.sys
2010/09/04 17:28:02.0141    PCD5SRVC{3F6A8B78-EC003E00-05040104} (42ede7d217325ff56cb8a9983cd7f73b) C:\PROGRA~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms
2010/09/04 17:28:02.0263    pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2010/09/04 17:28:02.0372    pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
2010/09/04 17:28:02.0497    pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2010/09/04 17:28:02.0672    PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2010/09/04 17:28:02.0870    PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2010/09/04 17:28:03.0058    Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2010/09/04 17:28:03.0286    PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2010/09/04 17:28:03.0416    PSINAflt        (235af4d494143f80a5584447ad7fc402) C:\Windows\system32\DRIVERS\PSINAflt.sys
2010/09/04 17:28:03.0563    PSINFile        (5571350a5670379de59d6d558d6a7007) C:\Windows\system32\DRIVERS\PSINFile.sys
2010/09/04 17:28:03.0723    PSINKNC         (ef57398f3baae958c43fd37353850cda) C:\Windows\system32\DRIVERS\psinknc.sys
2010/09/04 17:28:03.0875    PSINProc        (af6714cd8fb9e47d034a235629d0ab1d) C:\Windows\system32\DRIVERS\PSINProc.sys
2010/09/04 17:28:04.0004    PSINProt        (76c4efe8843909162b614ab3e5648611) C:\Windows\system32\DRIVERS\PSINProt.sys
2010/09/04 17:28:04.0116    PTDMBus         (785e1032c8f3c8c60aa8e2b7fe377869) C:\Windows\system32\DRIVERS\PTDMBus.sys
2010/09/04 17:28:04.0220    PTDMMdm         (924c2b2dca76d2bd7d44b3bb968b344f) C:\Windows\system32\DRIVERS\PTDMMdm.sys
2010/09/04 17:28:04.0276    PTDMVsp         (58ad3ccdd567fa45fd94af15229ace7c) C:\Windows\system32\DRIVERS\PTDMVsp.sys
2010/09/04 17:28:04.0393    PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
2010/09/04 17:28:04.0530    ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2010/09/04 17:28:04.0689    ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2010/09/04 17:28:04.0804    QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2010/09/04 17:28:05.0022    R300            (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
2010/09/04 17:28:05.0151    RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2010/09/04 17:28:05.0196    Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/09/04 17:28:05.0297    RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/09/04 17:28:05.0334    RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2010/09/04 17:28:05.0448    rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2010/09/04 17:28:05.0536    RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/09/04 17:28:05.0683    rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2010/09/04 17:28:05.0814    RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2010/09/04 17:28:05.0923    RDPWD           (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2010/09/04 17:28:06.0058    RFCOMM          (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
2010/09/04 17:28:06.0181    rimmptsk        (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
2010/09/04 17:28:06.0279    rimsptsk        (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
2010/09/04 17:28:06.0381    RimUsb          (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
2010/09/04 17:28:06.0489    RimVSerPort     (d9b34325ee5df78b8f28a3de9f577c7d) C:\Windows\system32\DRIVERS\RimSerial.sys
2010/09/04 17:28:06.0594    rismxdp         (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
2010/09/04 17:28:06.0652    ROOTMODEM       (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
2010/09/04 17:28:06.0863    rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2010/09/04 17:28:06.0992    sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2010/09/04 17:28:07.0133    sdbus           (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
2010/09/04 17:28:07.0270    secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2010/09/04 17:28:07.0422    Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2010/09/04 17:28:07.0534    Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2010/09/04 17:28:07.0577    sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2010/09/04 17:28:07.0743    sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/09/04 17:28:07.0879    sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2010/09/04 17:28:08.0073    sffp_sd         (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/09/04 17:28:08.0213    sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2010/09/04 17:28:08.0373    sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2010/09/04 17:28:08.0496    SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2010/09/04 17:28:08.0557    SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2010/09/04 17:28:08.0690    Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2010/09/04 17:28:08.0877    spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2010/09/04 17:28:09.0061    SQTECH905C      (b9ac9023207149a206a9ea037d76cfce) C:\Windows\system32\Drivers\Capt905c.sys
2010/09/04 17:28:09.0224    SRTSP           (d572d48ca47b33b49bba9a7bc5cb45c6) C:\Windows\system32\drivers\N360\0300000.087\SRTSP.SYS
2010/09/04 17:28:09.0369    SRTSPX          (262072d44a269e6d590291f8321f00b1) C:\Windows\system32\drivers\N360\0300000.087\SRTSPX.SYS
2010/09/04 17:28:09.0479    srv             (0debafcc0e3591fca34f077cab62f7f7) C:\Windows\system32\DRIVERS\srv.sys
2010/09/04 17:28:09.0584    srv2            (6b6f3658e0a58c6c50c5f7fbdf3df633) C:\Windows\system32\DRIVERS\srv2.sys
2010/09/04 17:28:09.0694    srvnet          (0c5ab1892ae0fa504218db094bf6d041) C:\Windows\system32\DRIVERS\srvnet.sys
2010/09/04 17:28:09.0805    ssfs0bbc        (a3cc244f1e043c2b7ae32899ff99a0a0) C:\Windows\system32\DRIVERS\ssfs0bbc.sys
2010/09/04 17:28:09.0858    SSHRMD          (d6688e854dbe0f3024966e0d018274a7) C:\Windows\system32\Drivers\SSHRMD.SYS
2010/09/04 17:28:09.0858    Suspicious file (Forged): C:\Windows\system32\Drivers\SSHRMD.SYS. Real md5: d6688e854dbe0f3024966e0d018274a7, Fake md5: e041026dafa17af2610afc4da8f4ea14
2010/09/04 17:28:09.0867    SSHRMD - detected Rootkit.Win32.TDSS.tdl3 (0)
2010/09/04 17:28:10.0015    SSIDRV          (5a40b485825cc31b3a49bb4701b30d35) C:\Windows\system32\Drivers\SSIDRV.SYS
2010/09/04 17:28:10.0129    SSKBFD          (2907633cd784808e2b24004b54040faa) C:\Windows\system32\Drivers\sskbfd.sys
2010/09/04 17:28:10.0290    STHDA           (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
2010/09/04 17:28:10.0416    StillCam        (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
2010/09/04 17:28:10.0526    swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2010/09/04 17:28:10.0653    Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2010/09/04 17:28:10.0840    SymEFA          (d0403502b507878aa57a79e45b7dfe40) C:\Windows\system32\drivers\N360\0300000.087\SYMEFA.SYS
2010/09/04 17:28:11.0004    SymEvent        (a54ff04bd6e75dc4d8cb6f3e352635e0) C:\Windows\system32\Drivers\SYMEVENT.SYS
2010/09/04 17:28:11.0188    SYMFW           (3d4c6195812acd7cd8ef59cb61dd8101) C:\Windows\system32\drivers\N360\0300000.087\SYMFW.SYS
2010/09/04 17:28:11.0296    SymIM           (0b7e7cbe1f9dd57bc5dcdcad3f6b1b3b) C:\Windows\system32\DRIVERS\SymIMv.sys
2010/09/04 17:28:11.0414    SYMNDISV        (8629557cbaa0215463f084562030c016) C:\Windows\system32\drivers\N360\0300000.087\SYMNDISV.SYS
2010/09/04 17:28:11.0589    SYMTDI          (3b4a6cf6b737a998d753c17e8eb4c11e) C:\Windows\system32\drivers\N360\0300000.087\SYMTDI.SYS
2010/09/04 17:28:11.0732    Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2010/09/04 17:28:11.0787    Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2010/09/04 17:28:11.0997    Tcpip           (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\drivers\tcpip.sys
2010/09/04 17:28:12.0169    Tcpip6          (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\DRIVERS\tcpip.sys
2010/09/04 17:28:12.0289    tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2010/09/04 17:28:12.0395    TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2010/09/04 17:28:12.0514    TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2010/09/04 17:28:12.0652    tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2010/09/04 17:28:12.0754    TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2010/09/04 17:28:12.0902    TotRec7         (53d06e5a0fdd4d9447840fd23c3ff4a6) C:\Windows\system32\drivers\TotRec7.sys
2010/09/04 17:28:13.0030    TotRec8         (9647e89bb2909560753ac371c95d3f0e) C:\Windows\system32\drivers\TotRec8.sys
2010/09/04 17:28:13.0187    tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/09/04 17:28:13.0315    tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2010/09/04 17:28:13.0432    tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2010/09/04 17:28:13.0563    uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2010/09/04 17:28:13.0676    udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2010/09/04 17:28:13.0790    uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2010/09/04 17:28:13.0907    uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2010/09/04 17:28:14.0049    UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2010/09/04 17:28:14.0189    ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2010/09/04 17:28:14.0231    umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2010/09/04 17:28:14.0374    USBAAPL         (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
2010/09/04 17:28:14.0430    usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/09/04 17:28:14.0573    usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2010/09/04 17:28:14.0698    usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2010/09/04 17:28:14.0815    usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2010/09/04 17:28:14.0942    usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2010/09/04 17:28:15.0051    usbprint        (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2010/09/04 17:28:15.0158    USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/09/04 17:28:15.0282    usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/09/04 17:28:15.0426    vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/09/04 17:28:15.0551    VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2010/09/04 17:28:15.0698    viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2010/09/04 17:28:15.0809    ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2010/09/04 17:28:15.0944    viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2010/09/04 17:28:16.0071    volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2010/09/04 17:28:16.0199    volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2010/09/04 17:28:16.0335    volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2010/09/04 17:28:16.0475    vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2010/09/04 17:28:16.0630    WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2010/09/04 17:28:16.0692    Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/09/04 17:28:16.0739    Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/09/04 17:28:16.0880    Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2010/09/04 17:28:17.0007    Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2010/09/04 17:28:17.0178    winachsf        (72cc6a8ca7891031d6380db5025c773c) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2010/09/04 17:28:17.0351    WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/09/04 17:28:17.0506    WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2010/09/04 17:28:17.0605    ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2010/09/04 17:28:17.0685    WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/09/04 17:28:17.0771    XAudio          (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
2010/09/04 17:28:17.0898    yukonwlh        (a4822191c7cea271903c2a4fb6d9809d) C:\Windows\system32\DRIVERS\yk60x86.sys
2010/09/04 17:28:17.0978    ================================================================================
2010/09/04 17:28:17.0978    Scan finished
2010/09/04 17:28:17.0978    ================================================================================
2010/09/04 17:28:17.0993    Detected object count: 1
2010/09/04 17:28:55.0277    SSHRMD          (d6688e854dbe0f3024966e0d018274a7) C:\Windows\system32\Drivers\SSHRMD.SYS
2010/09/04 17:28:55.0278    Suspicious file (Forged): C:\Windows\system32\Drivers\SSHRMD.SYS. Real md5: d6688e854dbe0f3024966e0d018274a7, Fake md5: e041026dafa17af2610afc4da8f4ea14
2010/09/04 17:28:55.0587    Backup copy found, using it..
2010/09/04 17:28:55.0820    C:\Windows\system32\Drivers\SSHRMD.SYS - processing error
2010/09/04 17:28:55.0820    Rootkit.Win32.TDSS.tdl3(SSHRMD) - User select action: Cure

Hi Mike,

TDSSKiller is seeing the infected file but looks as if it is having trouble replacing it.

Please re-run RKUnhooker for me me and post me the log. For ease of access I will post the instructions again,

Please Disable all Anti-virus/Anti-Spyware/FireWall on your machine(instructions via links below)

• Anti Virus
• Anti Spyware
• Firewall

• Please download Rootkit Unhooker and save it to your desktop.
  
• Double-click RKUnhookerLE.exe to run it.
• Click the Report tab, then click Scan
• Check Drivers, Stealth Code, Files, and Code Hooks
• Uncheck the rest, then click OK
• When prompted to Select Disks for Scan, make sure C:\ is checked and click OK
• Wait till the scanner has finished then go File > Save Report
• Save the report somewhere you can find it. Click Close
• This log may be very large so please use multiple posts if need be.

Note** you may get the following warning. It is ok, just ignore it.

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"

Please post the RKU log back to me.

Thanks

The scan stopped when it was scanning the 'files' .  I don't know if this report is complete or not.  I'll run the scan again, 'files' only. and see what happens.

RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows Vista
Version 6.0.6002 (Service Pack 2)
Number of processors #2
==============================================
>Drivers
==============================================
0x8FA06000 C:\Windows\system32\DRIVERS\igdkmd32.sys 6606848 bytes (Intel Corporation, Intel Graphics Kernel Mode Driver)
0x82014000 C:\Windows\system32\ntkrnlpa.exe 3903488 bytes (Microsoft Corporation, NT Kernel & System)
0x82014000 PnpManager 3903488 bytes
0x82014000 RAW 3903488 bytes
0x82014000 WMIxWDM 3903488 bytes
0x90401000 C:\Windows\system32\DRIVERS\NETw4v32.sys 2265088 bytes (Intel Corporation, Intel® Wireless WiFi Link Driver)
0x9C240000 Win32k 2109440 bytes
0x9C240000 C:\Windows\System32\win32k.sys 2109440 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xB620E000 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100905.003\NAVEX15.SYS 1359872 bytes (Symantec Corporation, AV Engine)
0x8BA02000 C:\Windows\System32\Drivers\Ntfs.sys 1114112 bytes (Microsoft Corporation, NT File System Driver)
0x82603000 C:\Windows\SYSTEM32\Drivers\NDIS.SYS 1093632 bytes (Microsoft Corporation, NDIS 6.0 wrapper driver)
0x90A00000 C:\Windows\system32\DRIVERS\HSX_DPV.sys 1056768 bytes (Conexant Systems, Inc., HSF_DP driver)
0x82E76000 C:\Windows\System32\drivers\tcpip.sys 958464 bytes (Microsoft Corporation, TCP/IP Driver)
0x804D1000 C:\Windows\system32\CI.dll 917504 bytes (Microsoft Corporation, Code Integrity Module)
0xB266A000 C:\Windows\system32\drivers\peauth.sys 909312 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x92AA1000 C:\Windows\System32\Drivers\dump_iaStor.sys 815104 bytes
0x82C03000 C:\Windows\system32\drivers\iastor.sys 815104 bytes (Intel Corporation, Intel Matrix Storage Manager driver - ia32)
0x90B02000 C:\Windows\system32\DRIVERS\HSX_CNXT.sys 741376 bytes (Conexant Systems, Inc., HSF_CNXT driver)
0x8F400000 C:\Windows\system32\drivers\spsys.sys 720896 bytes (Microsoft Corporation, security processor)
0x90053000 C:\Windows\System32\drivers\dxgkrnl.sys 659456 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x90158000 C:\Windows\system32\DRIVERS\HDAudBus.sys 577536 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0x80607000 C:\Windows\system32\drivers\Wdf01000.sys 507904 bytes (Microsoft Corporation, WDF Dynamic)
0x91D56000 C:\Windows\system32\drivers\N360\0300000.087\ccHPx86.sys 503808 bytes (Symantec Corporation, Common Client Hash Provider Driver)
0x82E05000 C:\Windows\System32\Drivers\ksecdd.sys 462848 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0x80407000 C:\Windows\system32\mcupdate_GenuineIntel.dll 458752 bytes (Microsoft Corporation, Intel Microcode Update Library)
0xB164E000 C:\Windows\system32\drivers\HTTP.sys 446464 bytes (Microsoft Corporation, HTTP Protocol Stack)
0x91CC4000 C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 385024 bytes (Symantec Corporation, Symantec Eraser Control Driver)
0x91C68000 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100903.003\IDSvix86.sys 360448 bytes (Symantec Corporation, IDS Core Driver)
0x90C06000 C:\Windows\system32\drivers\stwrt.sys 348160 bytes (IDT, Inc., NDHF)
0xB2785000 C:\Windows\system32\drivers\N360\0300000.087\SRTSP.SYS 335872 bytes (Symantec Corporation, Symantec AutoProtect)
0x90685000 C:\Windows\system32\DRIVERS\rixdptsk.sys 331776 bytes (REDC, RICOH XD SM Driver)
0x82D5C000 C:\Windows\system32\drivers\N360\0300000.087\SYMEFA.SYS 323584 bytes (Symantec Corporation, Symantec Extended File Attributes)
0xB2600000 C:\Windows\System32\DRIVERS\srv.sys 319488 bytes (Microsoft Corporation, Server driver)
0x82740000 C:\Windows\System32\drivers\volmgrx.sys 303104 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x805B1000 C:\Windows\system32\drivers\afd.sys 294912 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x80690000 C:\Windows\system32\drivers\acpi.sys 286720 bytes (Microsoft Corporation, ACPI Driver for NT)
0x8F5B1000 C:\Windows\system32\DRIVERS\yk60x86.sys 286720 bytes (Marvell, NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller)
0x92A02000 C:\Windows\system32\drivers\N360\0300000.087\BHDrvx86.sys 270336 bytes (Symantec Corporation, BASH Driver)
0x80490000 C:\Windows\system32\CLFS.SYS 266240 bytes (Microsoft Corporation, Common Log File System Driver)
0x9078D000 C:\Windows\system32\DRIVERS\storport.sys 266240 bytes (Microsoft Corporation, Microsoft Storage Port Driver)
0x9010B000 C:\Windows\system32\DRIVERS\USBPORT.SYS 253952 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x827BC000 C:\Windows\system32\DRIVERS\HSXHWAZL.sys 249856 bytes (Conexant Systems, Inc., HSF_HWAZL WDM driver)
0x91C00000 C:\Windows\system32\DRIVERS\rdbss.sys 245760 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0x8077F000 C:\Windows\SYSTEM32\Drivers\NETIO.SYS 241664 bytes (Microsoft Corporation, Network I/O Subsystem)
0x90C74000 C:\Windows\system32\DRIVERS\OEM02Dev.sys 237568 bytes (Creative Technology Ltd., Video Capture Device Driver)
0xB1746000 C:\Windows\system32\DRIVERS\mrxsmb10.sys 233472 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x8BB12000 C:\Windows\system32\drivers\volsnap.sys 233472 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0x82DB5000 C:\Windows\system32\DRIVERS\usbhub.sys 217088 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x90D3C000 C:\Windows\system32\drivers\N360\0300000.087\SYMTDI.SYS 212992 bytes (Symantec Corporation, Network Dispatch Driver)
0x823CD000 ACPI_HAL 208896 bytes
0x823CD000 C:\Windows\system32\hal.dll 208896 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x82D1A000 C:\Windows\system32\drivers\fltmgr.sys 204800 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0x807BA000 C:\Windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x9075E000 C:\Windows\system32\DRIVERS\msiscsi.sys 192512 bytes (Microsoft Corporation, Microsoft iSCSI Initiator Driver)
0x80726000 C:\Windows\SYSTEM32\Drivers\SSIDRV.SYS 188416 bytes (Webroot Software, Inc. (www.webroot.com), Spy Sweeper Interdiction Driver)
0x8F4FE000 C:\Windows\system32\drivers\portcls.sys 184320 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x906E9000 C:\Windows\system32\DRIVERS\Apfiltr.sys 180224 bytes (Alps Electric Co., Ltd., Alps Touch Pad Driver)
0x80754000 C:\Windows\SYSTEM32\Drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x8F550000 C:\Windows\system32\drivers\ks.sys 172032 bytes (Microsoft Corporation, Kernel CSA Library)
0xB1607000 C:\Windows\system32\DRIVERS\nwifi.sys 172032 bytes (Microsoft Corporation, NativeWiFi Miniport Driver)
0x8F4D4000 C:\Windows\system32\drivers\TotRec7.sys 172032 bytes (High Criteria inc., Total Recorder WDM audio driver (Professional Edition))
0x92A44000 C:\Windows\System32\Drivers\fastfat.SYS 163840 bytes (Microsoft Corporation, Fast FAT File System Driver)
0x8BB62000 C:\Windows\System32\drivers\ecache.sys 159744 bytes (Microsoft Corporation, Special Memory Device Cache)
0x806E7000 C:\Windows\system32\drivers\pci.sys 159744 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0x92B9C000 C:\Windows\system32\DRIVERS\PSINAflt.sys 159744 bytes (Panda Security, S.L., PSINAflt Filter Driver for Vista32)
0xB1797000 C:\Windows\System32\DRIVERS\srv2.sys 159744 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x82CF4000 C:\Windows\system32\DRIVERS\SCSIPORT.SYS 155648 bytes (Microsoft Corporation, SCSI Port Driver)
0x8F52B000 C:\Windows\system32\drivers\drmk.sys 151552 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0x90D70000 C:\Windows\system32\Drivers\SYMEVENT.SYS 151552 bytes (Symantec Corporation, Symantec Event Library)
0x8BBD1000 C:\Windows\system32\DRIVERS\ndiswan.sys 143360 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x91C3C000 C:\Windows\system32\DRIVERS\psinknc.sys 139264 bytes (Panda Security, S.L., PSINKNC Kernel Controller for Vista32)
0x8BB9A000 C:\Windows\system32\drivers\CLASSPNP.SYS 135168 bytes (Microsoft Corporation, SCSI Class System Dll)
0x90BB7000 C:\Windows\system32\drivers\IntcHdmi.sys 135168 bytes (Intel(R) Corporation, Intel(R) High Definition Audio HDMI)
0xB1706000 C:\Windows\system32\drivers\mrxdav.sys 135168 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0x90CD3000 C:\Windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0xB1727000 C:\Windows\system32\DRIVERS\mrxsmb.sys 126976 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x8F57A000 C:\Windows\system32\drivers\TotRec8.sys 126976 bytes (High Criteria inc., Total Recorder WDM audio filter driver (Professional Edition))
0x82CD2000 C:\Windows\system32\drivers\ataport.SYS 122880 bytes (Microsoft Corporation, ATAPI Driver Extension)
0x91DD1000 C:\Windows\system32\DRIVERS\PSINProc.sys 122880 bytes (Panda Security, S.L., PSINProc Filter Driver for Vista32)
0x92BC3000 C:\Windows\system32\DRIVERS\PSINProt.sys 122880 bytes (Panda Security, S.L., PSINProt for Vista32)
0x91D22000 C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 118784 bytes (Symantec Corporation, Symantec Eraser Utility Driver)
0xB16BB000 C:\Windows\System32\DRIVERS\srvnet.sys 118784 bytes (Microsoft Corporation, Server Network driver)
0x92BE1000 C:\Windows\system32\DRIVERS\PSINFile.sys 114688 bytes (Panda Security, S.L., PSINFile Filter Driver for Vista32)
0x82F60000 C:\Windows\System32\drivers\fwpkclnt.sys 110592 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x92B81000 C:\Windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, LUA File Virtualization Filter Driver)
0x90648000 C:\Windows\system32\DRIVERS\sdbus.sys 106496 bytes (Microsoft Corporation, SecureDigital Bus Driver)
0xB16D8000 C:\Windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x90733000 C:\Windows\system32\DRIVERS\cdrom.sys 98304 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xB177F000 C:\Windows\system32\DRIVERS\mrxsmb20.sys 98304 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x91D3F000 C:\Windows\System32\Drivers\dfsc.sys 94208 bytes (Microsoft Corporation, DFS Namespace Client Driver)
0x901E5000 C:\Windows\system32\DRIVERS\rasl2tp.sys 94208 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0x90C5B000 C:\Windows\system32\DRIVERS\usbccgp.sys 94208 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)
0xB2766000 C:\Windows\system32\DRIVERS\cdfs.sys 90112 bytes (Microsoft Corporation, CD-ROM File System Driver)
0x90DDF000 C:\Windows\system32\DRIVERS\pacer.sys 90112 bytes (Microsoft Corporation, QoS Packet Scheduler)
0x90D26000 C:\Windows\system32\DRIVERS\tdx.sys 90112 bytes (Microsoft Corporation, TDI Translation Driver)
0xB16F1000 C:\Windows\System32\drivers\mpsdrv.sys 86016 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x82F9E000 C:\Windows\system32\DRIVERS\rassstp.sys 86016 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)
0x90DA1000 C:\Windows\system32\drivers\N360\0300000.087\SYMFW.SYS 86016 bytes (Symantec Corporation, Firewall Filter Driver)
0x90DB6000 C:\Windows\system32\DRIVERS\USBSTOR.SYS 86016 bytes (Microsoft Corporation, USB Mass Storage Class Driver)
0xB635A000 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100905.003\NAVENG.SYS 81920 bytes (Symantec Corporation, AV Engine)
0x82F8A000 C:\Windows\system32\DRIVERS\raspptp.sys 81920 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x90671000 C:\Windows\system32\DRIVERS\rimsptsk.sys 81920 bytes (REDC, RICOH MS Driver)
0x90DCB000 C:\Windows\system32\DRIVERS\smb.sys 81920 bytes (Microsoft Corporation, SMB Transport driver)
0x906D6000 C:\Windows\system32\DRIVERS\i8042prt.sys 77824 bytes (Microsoft Corporation, i8042 Port Driver)
0xB163B000 C:\Windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x90BE6000 C:\Windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0x8BB89000 C:\Windows\system32\drivers\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x82FD0000 C:\Windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)
0x80477000 C:\Windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Platform Specific Hardware Error Driver)
0x82D4C000 C:\Windows\system32\drivers\fileinfo.sys 65536 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x92A75000 C:\Windows\system32\DRIVERS\HIDCLASS.SYS 65536 bytes (Microsoft Corporation, Hid Class Library)
0x8F4B0000 C:\Windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x827A6000 C:\Windows\System32\drivers\mountmgr.sys 65536 bytes (Microsoft Corporation, Mount Point Manager)
0x9062A000 C:\Windows\system32\DRIVERS\ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0x82FB3000 C:\Windows\system32\DRIVERS\termdd.sys 65536 bytes (Microsoft Corporation, Terminal Server Driver)
0x8F5A2000 C:\Windows\system32\DRIVERS\intelppm.sys 61440 bytes (Microsoft Corporation, Processor Device Driver)
0x92B72000 C:\Windows\system32\DRIVERS\monitor.sys 61440 bytes (Microsoft Corporation, Monitor Driver)
0x8BB53000 C:\Windows\System32\Drivers\mup.sys 61440 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0x8070E000 C:\Windows\System32\drivers\partmgr.sys 61440 bytes (Microsoft Corporation, Partition Management Driver)
0x82F7B000 C:\Windows\system32\DRIVERS\raspppoe.sys 61440 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x90662000 C:\Windows\system32\DRIVERS\rimmptsk.sys 61440 bytes (REDC, RICOH SD Driver)
0x90149000 C:\Windows\system32\DRIVERS\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x82731000 C:\Windows\system32\drivers\volmgr.sys 61440 bytes (Microsoft Corporation, Volume Manager Driver)
0x9063A000 C:\Windows\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0x9C480000 C:\Windows\System32\cdd.dll 57344 bytes (Microsoft Corporation, Canonical Display Driver)
0x90BD8000 C:\Windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x90D0F000 C:\Windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x82791000 C:\Windows\system32\DRIVERS\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0x92A94000 C:\Windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x907E0000 C:\Windows\system32\drivers\modem.sys 53248 bytes (Microsoft Corporation, Modem Device Driver)
0x82FC3000 C:\Windows\system32\DRIVERS\umbus.sys 53248 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x80683000 C:\Windows\system32\drivers\WDFLDR.SYS 53248 bytes (Microsoft Corporation, WDFLDR)
0x90D95000 C:\Windows\system32\drivers\N360\0300000.087\SYMNDISV.SYS 49152 bytes (Symantec Corporation, NDIS Filter Driver)
0xB2752000 C:\Windows\System32\drivers\tcpipreg.sys 49152 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0x90CC7000 C:\Windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x900F4000 C:\Windows\System32\drivers\watchdog.sys 49152 bytes (Microsoft Corporation, Watchdog Driver)
0x90720000 C:\Windows\system32\DRIVERS\kbdclass.sys 45056 bytes (Microsoft Corporation, Keyboard Class Driver)
0x90715000 C:\Windows\system32\DRIVERS\mouclass.sys 45056 bytes (Microsoft Corporation, Mouse Class Driver)
0x90D04000 C:\Windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x907ED000 C:\Windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x82719000 C:\Windows\system32\DRIVERS\ssfs0bbc.sys 45056 bytes (Webroot Software, Inc. (www.webroot.com), Spy Sweeper FileSystem Filter Driver)
0x8270E000 C:\Windows\SYSTEM32\Drivers\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)
0x8F4C9000 C:\Windows\system32\DRIVERS\tunnel.sys 45056 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x90100000 C:\Windows\system32\DRIVERS\usbuhci.sys 45056 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0x82727000 C:\Windows\system32\DRIVERS\BATTC.SYS 40960 bytes (Microsoft Corporation, Battery Class Driver)
0x92B68000 C:\Windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x8BBF4000 C:\Windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x907CE000 C:\Windows\system32\drivers\MusCAudio.sys 40960 bytes (Windows (R) Codename Longhorn DDK provider, Support Device)
0xB1631000 C:\Windows\system32\DRIVERS\ndisuio.sys 40960 bytes (Microsoft Corporation, NDIS User mode I/O driver)
0x91C5E000 C:\Windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0x82DAB000 C:\Windows\System32\Drivers\PxHelp20.sys 40960 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xB2748000 C:\Windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0x82FE1000 C:\Windows\system32\drivers\N360\0300000.087\SRTSPX.SYS 40960 bytes (Symantec Corporation, Symantec AutoProtect)
0x8BBBB000 C:\Windows\system32\drivers\crcdisk.sys 36864 bytes (Microsoft Corporation, Disk Block Verification Filter Driver)
0x90CB0000 C:\Windows\System32\Drivers\Fs_Rec.SYS 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0x92A6C000 C:\Windows\system32\DRIVERS\hidusb.sys 36864 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xB277C000 C:\Windows\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0x90D1D000 C:\Windows\System32\DRIVERS\rasacd.sys 36864 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0x8071D000 C:\Windows\SYSTEM32\Drivers\SSHRMD.SYS 36864 bytes (Webroot Software, Inc. (www.webroot.com), Spy Sweeper Mini Driver)
0x90DF5000 C:\Windows\system32\DRIVERS\SymIMv.sys 36864 bytes (Symantec Corporation, NDIS 6.0 Filter Driver for Windows Vista)
0x9C460000 C:\Windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x8F599000 C:\Windows\system32\DRIVERS\tunmp.sys 36864 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x90755000 C:\Windows\system32\DRIVERS\wmiacpi.sys 36864 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
0x806D6000 C:\Windows\system32\drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x9072B000 C:\Windows\system32\drivers\Afc.sys 32768 bytes (Arcsoft, Inc., Arcsoft(R) ASPI Shell)
0x82CCA000 C:\Windows\system32\drivers\atapi.sys 32768 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x80488000 C:\Windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x92A8C000 C:\Windows\system32\DRIVERS\mouhid.sys 32768 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0x806DF000 C:\Windows\system32\drivers\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x90CF4000 C:\Windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x90CFC000 C:\Windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x907D8000 C:\Windows\System32\Drivers\RootMdm.sys 32768 bytes (Microsoft Corporation, Legacy Non-Pnp Modem Device Driver)
0x8BB4B000 C:\Windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0xB275E000 C:\Windows\system32\DRIVERS\xaudio.sys 32768 bytes (Conexant Systems, Inc., Modem Audio Device Driver)
0x90CC0000 C:\Windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x92A85000 C:\Windows\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0x8278A000 C:\Windows\system32\DRIVERS\intelide.sys 28672 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0x80400000 C:\Windows\system32\kdcom.dll 28672 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0x90CB9000 C:\Windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x8279F000 C:\Windows\system32\drivers\pciide.sys 28672 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0x907F8000 C:\Windows\system32\DRIVERS\RimSerial.sys 28672 bytes (Research in Motion Ltd, RIM Virtual Serial Driver)
0x9074B000 C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0x91DEF000 C:\Windows\system32\DRIVERS\packet.sys 24576 bytes (SingleClick Systems, SCS NDIS 5.0 Auto IP Protocol Driver)
0x827B6000 C:\Windows\system32\drivers\pavboot.sys 24576 bytes (Panda Security, S.L., Panda Boot Driver)
0x82CF0000 C:\Windows\system32\DRIVERS\cdburner.sys 16384 bytes
0x90751000 C:\Windows\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0x91CC0000 C:\Windows\system32\drivers\elrawdsk.sys 16384 bytes (EldoS Corporation, RawDisk Driver. Allows write access to raw disk sectors for user mode applications in Windows 2000, XP, 2003, Vista, 2008.)
0xB2666000 C:\Windows\system32\DRIVERS\mdmxsdk.sys 16384 bytes (Conexant, Diagnostic Interface x86 Driver)
0x82724000 C:\Windows\system32\DRIVERS\compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0x90CAE000 C:\Windows\system32\DRIVERS\OEM02Vfx.sys 8192 bytes (EyePower Games Pte. Ltd., Advanced Video FX Filter
Driver (Win2K based))
0x901FC000 C:\Windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0x90C72000 C:\Windows\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
!!!!!!!!!!!Hidden driver:  0x85CF7AEA ?_empty_? 1302 bytes
!!!!!!!!!!!Hidden driver:  0x877D4948 ?_empty_? 0 bytes
==============================================
>Stealth
==============================================
0x82C03000 WARNING: suspicious driver modification [iastor.sys::0x85CF7AEA]
0x01C50000 Hidden Image-->SupportSoft.Agent.Sprocket.dll [ EPROCESS 0xB4F62C08 ] PID: 1476, 28672 bytes
0x01C30000 Hidden Image-->SupportSoft.Agent.Sprocket.SupportMessage.dll [ EPROCESS 0xB4F62C08 ] PID: 1476, 45056 bytes
0x00940000 Hidden Image-->sprtmessage.dll [ EPROCESS 0xB4F62C08 ] PID: 1476, 77824 bytes
==============================================
>Files
==============================================
==============================================
>Hooks
==============================================
ntkrnlpa.exe+0x000A87AA, Type: Inline - RelativeJump 0x820BC7AA-->820BC7B1 [ntkrnlpa.exe]
ntkrnlpa.exe+0x000ACB10, Type: Inline - RelativeJump 0x820C0B10-->820C0AAF [ntkrnlpa.exe]
ntkrnlpa.exe+0x000ACB54, Type: Inline - RelativeJump 0x820C0B54-->820C0AE7 [ntkrnlpa.exe]
ntkrnlpa.exe+0x000ACB70, Type: Inline - RelativeJump 0x820C0B70-->820C0B03 [ntkrnlpa.exe]
ntkrnlpa.exe+0x000ACCB4, Type: Inline - RelativeJump 0x820C0CB4-->820C0CAA [ntkrnlpa.exe]
ntkrnlpa.exe+0x000ACD10, Type: Inline - RelativeJump 0x820C0D10-->820C0CA3 [ntkrnlpa.exe]
ntkrnlpa.exe+0x000ACDE4, Type: Inline - RelativeJump 0x820C0DE4-->820C0D77 [ntkrnlpa.exe]
[1412]svchost.exe-->mswsock.dll+0x00002671, Type: Inline - RelativeJump 0x75402671-->00000000 [unknown_code_page]
[1412]svchost.exe-->mswsock.dll+0x000027D4, Type: Inline - RelativeJump 0x754027D4-->00000000 [unknown_code_page]
[1412]svchost.exe-->mswsock.dll+0x00002995, Type: Inline - RelativeJump 0x75402995-->00000000 [unknown_code_page]
[1412]svchost.exe-->ntdll.dll-->KiUserExceptionDispatcher, Type: Inline - RelativeJump 0x778D5DC8-->00000000 [unknown_code_page]
[1412]svchost.exe-->ntdll.dll-->NtProtectVirtualMemory, Type: Inline - RelativeJump 0x778D4D34-->00000000 [unknown_code_page]
[1412]svchost.exe-->ntdll.dll-->NtWriteVirtualMemory, Type: Inline - RelativeJump 0x778D5674-->00000000 [unknown_code_page]
[1412]svchost.exe-->user32.dll-->GetCursorPos, Type: Inline - RelativeJump 0x76E50B88-->00000000 [unknown_code_page]
[3928]explorer.exe-->mswsock.dll+0x00002671, Type: Inline - RelativeJump 0x75402671-->00000000 [unknown_code_page]
[3928]explorer.exe-->mswsock.dll+0x000027D4, Type: Inline - RelativeJump 0x754027D4-->00000000 [unknown_code_page]
[3928]explorer.exe-->mswsock.dll+0x00002995, Type: Inline - RelativeJump 0x75402995-->00000000 [unknown_code_page]
[3928]explorer.exe-->ntdll.dll-->KiUserExceptionDispatcher, Type: Inline - RelativeJump 0x778D5DC8-->00000000 [unknown_code_page]
[3928]explorer.exe-->ntdll.dll-->NtProtectVirtualMemory, Type: Inline - RelativeJump 0x778D4D34-->00000000 [unknown_code_page]
[3928]explorer.exe-->ntdll.dll-->NtWriteVirtualMemory, Type: Inline - RelativeJump 0x778D5674-->00000000 [unknown_code_page]
[5628]YahooAUService.exe-->advapi32.dll-->CreateServiceW, Type: IAT modification 0x00467054-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->advapi32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77C8151C-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->advapi32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77C816D0-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->advapi32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77C81664-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77C814BC-->00000000 [shimeng.dll]
[5628]YahooAUService.exe-->advapi32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x77C81668-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->advapi32.dll-->kernel32.dll-->OpenFile, Type: IAT modification 0x77C81514-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x00467088-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->advapi32.dll-->RegDeleteValueW, Type: IAT modification 0x00467090-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->advapi32.dll-->RegOpenKeyExA, Type: IAT modification 0x00467004-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x00467084-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->advapi32.dll-->RegSetValueExW, Type: IAT modification 0x0046707C-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->gdi32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77B61130-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->gdi32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77B6119C-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->gdi32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77B611BC-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77B61170-->00000000 [shimeng.dll]
[5628]YahooAUService.exe-->kernel32.dll-->CreateFileA, Type: IAT modification 0x00467138-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->kernel32.dll-->CreateFileW, Type: IAT modification 0x004670C8-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->kernel32.dll-->CreateProcessW, Type: IAT modification 0x004670D8-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->kernel32.dll-->DeleteFileA, Type: IAT modification 0x00467250-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x004670AC-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->kernel32.dll-->GetFileAttributesW, Type: IAT modification 0x00467108-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x004670F0-->00000000 [shimeng.dll]
[5628]YahooAUService.exe-->kernel32.dll-->MoveFileA, Type: IAT modification 0x00467254-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->mswsock.dll-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x6D641258-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->mswsock.dll-->advapi32.dll-->RegOpenKeyExA, Type: IAT modification 0x6D641268-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->mswsock.dll-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x6D641274-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->mswsock.dll-->advapi32.dll-->RegSetValueExA, Type: IAT modification 0x6D641254-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->mswsock.dll-->advapi32.dll-->RegSetValueExW, Type: IAT modification 0x6D64125C-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->mswsock.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x6D64123C-->00000000 [shimeng.dll]
[5628]YahooAUService.exe-->shell32.dll-->advapi32.dll-->AccessCheck, Type: IAT modification 0x768E1C04-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->shell32.dll-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x768E1B34-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->shell32.dll-->advapi32.dll-->RegCreateKeyW, Type: IAT modification 0x768E1CB8-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->shell32.dll-->advapi32.dll-->RegDeleteValueW, Type: IAT modification 0x768E1B54-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->shell32.dll-->advapi32.dll-->RegOpenKeyExA, Type: IAT modification 0x768E1CFC-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->shell32.dll-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x768E1B2C-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->shell32.dll-->advapi32.dll-->RegSetValueExW, Type: IAT modification 0x768E1B30-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->shell32.dll-->advapi32.dll-->RegSetValueW, Type: IAT modification 0x768E1B74-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->shell32.dll-->advapi32.dll-->SetFileSecurityW, Type: IAT modification 0x768E1CC8-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->shell32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x768E125C-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->shell32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x768E1460-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->shell32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x768E13B4-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->shell32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x768E1414-->00000000 [shimeng.dll]
[5628]YahooAUService.exe-->shell32.dll-->kernel32.dll-->MoveFileExW, Type: IAT modification 0x768E13C0-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->shell32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x768E130C-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->shell32.dll-->kernel32.dll-->SetFileAttributesW, Type: IAT modification 0x768E13B8-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->user32.dll-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x77D51548-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->user32.dll-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x77D51528-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->user32.dll-->advapi32.dll-->RegSetValueExW, Type: IAT modification 0x77D51550-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->user32.dll-->kernel32.dll-->CopyFileW, Type: IAT modification 0x77D511A8-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->user32.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x77D512B8-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->user32.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x77D511B0-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77D51300-->00000000 [shimeng.dll]
[5628]YahooAUService.exe-->user32.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x77D511AC-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->wininet.dll-->advapi32.dll-->RegCreateKeyExA, Type: IAT modification 0x70411278-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->wininet.dll-->advapi32.dll-->RegCreateKeyExW, Type: IAT modification 0x70411208-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->wininet.dll-->advapi32.dll-->RegDeleteValueA, Type: IAT modification 0x7041123C-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->wininet.dll-->advapi32.dll-->RegDeleteValueW, Type: IAT modification 0x704111E8-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->wininet.dll-->advapi32.dll-->RegOpenKeyExA, Type: IAT modification 0x70411280-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->wininet.dll-->advapi32.dll-->RegOpenKeyExW, Type: IAT modification 0x7041124C-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->wininet.dll-->advapi32.dll-->RegSetValueExA, Type: IAT modification 0x7041127C-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->wininet.dll-->advapi32.dll-->RegSetValueExW, Type: IAT modification 0x70411204-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->wininet.dll-->kernel32.dll-->CopyFileA, Type: IAT modification 0x704112F0-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->wininet.dll-->kernel32.dll-->CreateFileA, Type: IAT modification 0x70411400-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->wininet.dll-->kernel32.dll-->CreateFileW, Type: IAT modification 0x704113FC-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->wininet.dll-->kernel32.dll-->DeleteFileA, Type: IAT modification 0x704113D4-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->wininet.dll-->kernel32.dll-->DeleteFileW, Type: IAT modification 0x70411364-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->wininet.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x704114B0-->00000000 [shimeng.dll]
[5628]YahooAUService.exe-->wininet.dll-->kernel32.dll-->MoveFileA, Type: IAT modification 0x7041132C-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->wininet.dll-->kernel32.dll-->MoveFileExA, Type: IAT modification 0x70411320-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->wininet.dll-->kernel32.dll-->MoveFileExW, Type: IAT modification 0x70411324-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->wininet.dll-->kernel32.dll-->MoveFileW, Type: IAT modification 0x70411328-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->wininet.dll-->kernel32.dll-->SetFileAttributesA, Type: IAT modification 0x70411308-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->wininet.dll-->kernel32.dll-->SetFileAttributesW, Type: IAT modification 0x70411484-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->ws2_32.dll-->advapi32.dll-->RegCreateKeyExA, Type: IAT modification 0x4B0D1104-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->ws2_32.dll-->advapi32.dll-->RegOpenKeyExA, Type: IAT modification 0x4B0D110C-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->ws2_32.dll-->advapi32.dll-->RegSetValueExA, Type: IAT modification 0x4B0D1114-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->ws2_32.dll-->advapi32.dll-->RegSetValueExW, Type: IAT modification 0x4B0D1110-->00000000 [AcGenral.dll]
[5628]YahooAUService.exe-->ws2_32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x4B0D11E8-->00000000 [shimeng.dll]
[5936]wuauclt.exe-->mswsock.dll+0x00002671, Type: Inline - RelativeJump 0x75402671-->00000000 [unknown_code_page]
[5936]wuauclt.exe-->mswsock.dll+0x000027D4, Type: Inline - RelativeJump 0x754027D4-->00000000 [unknown_code_page]
[5936]wuauclt.exe-->mswsock.dll+0x00002995, Type: Inline - RelativeJump 0x75402995-->00000000 [unknown_code_page]
[5936]wuauclt.exe-->ntdll.dll-->KiUserExceptionDispatcher, Type: Inline - RelativeJump 0x778D5DC8-->00000000 [unknown_code_page]
[5936]wuauclt.exe-->ntdll.dll-->NtProtectVirtualMemory, Type: Inline - RelativeJump 0x778D4D34-->00000000 [unknown_code_page]
[5936]wuauclt.exe-->ntdll.dll-->NtWriteVirtualMemory, Type: Inline - RelativeJump 0x778D5674-->00000000 [unknown_code_page]


!!POSSIBLE ROOTKIT ACTIVITY DETECTED!! =)

This is what the report showed when I ran the 'files' scan by itself.  I scanned the D drive by itself, then the external drive by itself, then the C drive by itself.  The C drive gives me a message that says Please wait while RKU makes scan.  You can stop scan by pressing cancel.  Getting a list of files and directories.  (C:\)

Any ideas as to how to scan the C drive?  The green progress bar showed up when the other 2 drives were being scanned.  Nothing happens when I scan C.  It just sits there and does nothing.  Any suggestions???

RkU Version: 3.8.388.590, Type LE (SR2)

==============================================

OS Name: Windows Vista

Version 6.0.6002 (Service Pack 2)

Number of processors #2

==============================================

>Files

==============================================

Nothing detected :(

RkU Version: 3.8.388.590, Type LE (SR2)

==============================================

OS Name: Windows Vista

Version 6.0.6002 (Service Pack 2)

Number of processors #2

==============================================

>Files

==============================================

Nothing detected :(

Hi mike,

TDSS Killer failded to cure the Rootkit, please proceed as follows:

Please Disable all Anti-virus/Anti-Spyware/FireWall on your machine(instructions via links below)

• Anti Virus
• Anti Spyware
• Firewall

Please download ComboFix.exe. Please visit THIS webpage for download links, and instructions for running the tool:

ComboFix MUST be saved to your desktop before running the tool

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

When prompted to install the recovery console please make sure to do so as this is a VERY IMPORTANT backup of ComboFix (XP only, Vista/Windows7 user will not be prompted to installe the Recovery Console)

You will need to be conected to the net to install the recovery console, if you can not install it DO NOT run ComboFix,
Post back and we will install it manually.

DO NOT mouse click when ComboFix is running as this will cause ComboFix to Stall and it will not work as it should

EXTRA NOTES:

• If Combofix detects a Rootkit/Bootkit on the system it will give a warning and prompt for a reboot, please allow it to do so.
• If Combofix reboot's due to a rootkit, the screen may stay black for a few minutes on reboot, this is normal
• If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain item's, please reboot the system and this will fix the issue (These certain items will not be deleted)

   

  Please include the C:\ComboFix.txt in your next reply for further review.

  Thanks,
  K27.

I finally got the 'files' scan completed.  Here is the report of the scan.  I will wait until you get back with me before I complete the steps above that you just posted.  I won't do anything until I hear back from you.  THANKS!!!

RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows Vista
Version 6.0.6002 (Service Pack 2)
Number of processors #2
==============================================
>Files
==============================================
!-->[Hidden] C:\ProgramData\ATTYToolbar\BL-62353.DAT
!-->[Hidden] C:\ProgramData\ATTYToolbar\BL-62353.IDX
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS08E77.log
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000A.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000B.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000C.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001000F.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010014.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010014.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010014.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010015.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010015.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010015.wid
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.ci
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.dir
!-->[Hidden] C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010017.wid
!-->[Hidden] C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report1711150b\Report.wer
!-->[Hidden] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\tagfiles\20100905.038.sst
!-->[Hidden] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\tagfiles\20100905.039.sst
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5I7VLBZV\xmlrpc[1].xml
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DUO8NCJ4\37174[1].xml
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DUO8NCJ4\check-widget-update[1].xml
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HSH9T87H\rev62353[1]
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I10AMQTD\current-version-rel4[3].txt
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I10AMQTD\dul-current-version[1].txt
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KGBFEM00\37174[2].xml
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U1W0Y11U\submit[1].txt
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VXAPHBHC\check-update[1].xml
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VXAPHBHC\rev62352[1]
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\002FBF95d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\003BF46Dd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\00CDC1D1d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\01619487d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\01F40E07d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\027A4D20d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\045A62C2d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\0492BAFAd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\04F6C53Bd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\0519C1C6d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\06E703ABd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\073A3E47d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\0772FE1Ad01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\0899EB9Dd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\08F6CC01d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\097974A9d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\0B4406DEd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\0B67F38Bd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\0BD5BC32d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\0C45FF46d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\0D92A08Cd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\0E48E1F5d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\0EADE93Dd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\0ECCA69Ad01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\0F6BF819d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\0FA2654Cd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\109FAF7Ed01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\11D94AF7d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\14A20B60d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\1662F11Cd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\1668ECAFd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\16AF955Ad01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\172CE6C6d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\183DE1C5d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\187E018Ad01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\19971148d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\1BE33068d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\1C071CF2d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\1C393168d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\1CF77E9Dd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\1DA17C83d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\1E5534A9d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\1F35AAECd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\1F48FF79d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\1FCC0BAAd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\2077648Fd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\20A7BCD7d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\213E7DE6d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\21F1F543d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\21FA8AB3d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\22E04471d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\24326232d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\24CCAF3Ad01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\2804159Bd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\28A718EEd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\29D20C07d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\2AB45094d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\2BD4D2A3d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\2C47D2C0d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\2C8D5196d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\2F13E86Bd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\32A65226d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\33A265E5d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\33D2B93Dd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\3441C6CCd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\3727CC18d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\38FC487Ed01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\39C4F28Cd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\3ACDC012d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\3AE296C8d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\3BBB1CD4d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\3C202F10d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\3FB8E722d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\402B31A4d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\41AE356Dd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\41C6A092d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\41D23229d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\41D78CD2d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\42E63938d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\4367E304d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\438F2A9Ad01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\4470AB16d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\44B52828d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\482B5E9Ad01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\4C640B2Cd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\4D57319Cd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\4E48334Dd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\4E5D8FEFd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\4EA6F401d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\4EA7CDECd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\4F3162C7d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\4FE09021d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\501A7626d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\50E60D23d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\513FE988d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\533F19C2d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\54C85FFAd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\5555180Cd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\55F72881d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\561A21F6d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\567EDE93d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\5684E05Ed01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\59E7E00Dd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\59ECA04Ed01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\5B407A0Bd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\5B702592d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\5D71D776d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\5DA6FEF3d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\5DE052B8d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\5EBC9EE3d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\60839C21d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\60B14205d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\61399963d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\62AC9780d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\6373C9A9d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\63CC0413d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\640E563Ed01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\661471B9d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\66462C41d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\668AD53Bd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\67682F92d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\68344320d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\6B226506d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\6B69F94Fd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\6BD418BCd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\6BDDE2B2d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\6C48BA38d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\6CB6DCE4d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\6D6490D9d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\6E19BFA1d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\6E3E8BAAd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\724E43C6d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\72AB5D9Cd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\73D8FD76d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\74473F3Bd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\7722602Dd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\77425BE0d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\77A7B575d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\78870F7Ed01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\788D4EBEd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\78E8B736d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\79463549d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\7A6A2117d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\7AAAA45Bd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\7D614571d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\7D725325d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\7DD28800d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\7F0621C9d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\8013ABAAd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\80E8422Fd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\810004C3d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\83AF2FEFd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\8414EABBd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\8500382Ed01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\86326D1Bd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\887386D9d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\8913C046d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\89A738DCd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\8A522605d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\8A86EB7Fd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\8B246635d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\8B6E0B50d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\8B94C9CFd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\8CFD01F4d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\8D771C8Ed01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\8E24F64Cd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\8F1F5454d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\90104679d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\917151A0d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\92966B40d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\92C18E69d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\92DE5D50d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\9481B354d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\9682F3A0d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\97115BBFd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\98B93DBDd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\9B59FF02d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\9C2C584Ad01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\9C358E43d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\9CC625D1d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\9E369E8Dd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\A2061B12d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\A2542C78d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\A2E61BA1d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\A36457A4d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\A3A64851d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\A4551754d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\A460AF48d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\A533AA00d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\A5E4EA3Ad01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\A5FFD6DFd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\A64DC517d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\A7134F24d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\A748C77Cd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\A82157C5d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\A8789B5Cd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\A95F8C0Dd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\A9C0E4B4d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\A9CDA60Dd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\AA2902BCd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\ABA66487d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\AC1E517Fd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\ADCF1D2Dd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\AF15EA1Ed01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\AFBE24B5d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\B01C055Bd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\B0BC45DEd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\B1B4FFD1d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\B1FB684Ad01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\B232D63Dd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\B413A6D3d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\B6DED2C5d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\B809EB09d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\BA38B443d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\BB024D1Dd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\BBA06C64d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\BBBD037Ad01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\BBE97718d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\BC30B608d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\BC832AD8d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\BCCB37E7d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\BCD9EE5Bd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\BDF6EF6Dd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\C1C35ACDd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\C1CBBBB8d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\C26F2AD1d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\C356CC53d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\C4FA0ADEd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\C533307Ed01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\C75BAFE0d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\C7B855BFd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\C93A25BAd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\CA1FE0DCd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\CC85C860d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\CCB1D863d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\CCB3A73Ed01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\CCCE716Cd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\CD7DD16Cd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\CDB09F4Ad01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\CE7C6BA1d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\CEEF1936d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\CFCFA1E4d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\D02313C7d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\D0F42B90d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\D299BD77d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\D33A8A5Fd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\D3CB08E1d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\D51D4218d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\D5A5A637d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\D5AD646Bd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\D62E5C98d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\D6AB23FCd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\D6ACED73d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\D6D01A12d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\D8E36CCDd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\D92266B0d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\D93BB31Cd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\DA2A472Fd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\DA43E400d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\DCAC6DFCd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\E046DDEAd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\E155E102d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\E2807757d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\E35EB63Ed01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\E3763B7Ad01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\E39455FFd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\E3AE9E6Ad01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\E473A769d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\E4DC4ABBd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\E61DF882d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\E67C1FE1d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\E68E234Bd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\E6C93CEBd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\E8410792d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\E86256B4d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\EA42CBCEd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\EAB45712d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\EB44156Ad01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\EBCAAF5Fd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\EBEAB963d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\ED05843Fd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\ED62CC53d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\EE070469d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\EEB220A2d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\EF1AA47Dd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\EF282108d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\F08CB9B1d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\F094B70Cd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\F45599DBd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\F55EB938d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\F7BE6E03d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\F8184BD4d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\F99742BBd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\FA472A9Fd01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\FC4B69F8d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\FDB677C4d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\FE27DAF2d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\FE9F3855d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Mozilla\Firefox\Profiles\0q7qe93b.default\Cache\FF0606B6d01
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Temp\plugtmp-1\plugin-elegant_V4_spec_336_280.xml
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Temp\plugtmp-1\plugin-konalayer.swf
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Temp\~DF33C7.tmp::$DATA
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Temp\~DF7F36.tmp
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Local\Temp\~DF820A.tmp
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-668703000-809816363-4094811587-1000\bc4c8280bd33050768e9a677ccf63804_fcfce425-7241-41c3-a46e-86705f4a9247
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Roaming\Microsoft\Windows\Recent\Fighter Jet skiing.lnk
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Roaming\Microsoft\Word\~WRA0001.asd
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Roaming\Microsoft\Word\~WRA0002.as$
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Roaming\Mozilla\Firefox\Crash Reports\submitted\bp-cfe2119b-d9bf-44c6-a5a3-11c1a2100905.txt
!-->[Hidden] C:\Users\Mike's Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\0q7qe93b.default\sessionstore.bak
!-->[Hidden] C:\Users\Mike's Laptop\Documents\Blackberry Backup file.ipd::$DATA
!-->[Hidden] C:\Users\Mike's Laptop\Documents\LoaderBackup-(2010-06-05)-1.ipd::$DATA
!-->[Hidden] C:\Users\Mike's Laptop\Documents\LoaderBackup-(2010-06-05).ipd::$DATA
!-->[Hidden] C:\Users\Mike's Laptop\Documents\LoaderBackup-(2010-06-06).ipd::$DATA
!-->[Hidden] C:\Users\Mike's Laptop\Pictures\Fighter Jet skiing.jpg
!-->[Hidden] C:\Windows\Prefetch\CRASHREPORTER.EXE-918F1BCE.pf
!-->[Hidden] C:\Windows\Prefetch\RUNDLL32.EXE-DBDEB206.pf


!!POSSIBLE ROOTKIT ACTIVITY DETECTED!! =)

Hi Mike,

Please DO NOT run Combofix just yet, lets try running TDSSKiller again and see if it can now remove the infection.

This time when TDSSKiller finds the infected file, please select 'CURE', please DO NOT select Quarantine

Please delete your copy of TDSSKiller by right clicking the desktop icon and click delete and then please follow these instructions very closely for running the tool.

Please read carefully and follow these steps.

• Download TDSSKiller and save it to your Desktop.
• Extract its contents to your desktop.
• Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.

   

  

   

• If an infected file is detected, the default action will be Cure, Please leave CURE selected and DO NOT select Quarantine and click on Continue.

   

  

   

• If a suspicious file is detected, the default action will be Skip, click on Continue.

   

  

   

• It may ask you to reboot the computer to complete the process. Click on Reboot Now.

   

  

   

• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please post the fresh TDSSKIller log back to me for review.

Thanks.

2010/09/06 14:11:15.0403    TDSS rootkit removing tool 2.4.2.0 Sep  3 2010 10:26:06
2010/09/06 14:11:15.0403    ================================================================================
2010/09/06 14:11:15.0403    SystemInfo:
2010/09/06 14:11:15.0403   
2010/09/06 14:11:15.0403    OS Version: 6.0.6002 ServicePack: 2.0
2010/09/06 14:11:15.0403    Product type: Workstation
2010/09/06 14:11:15.0403    ComputerName: MIKESLAPTOP
2010/09/06 14:11:15.0404    UserName: Mike's Laptop
2010/09/06 14:11:15.0404    Windows directory: C:\Windows
2010/09/06 14:11:15.0404    System windows directory: C:\Windows
2010/09/06 14:11:15.0404    Processor architecture: Intel x86
2010/09/06 14:11:15.0404    Number of processors: 2
2010/09/06 14:11:15.0404    Page size: 0x1000
2010/09/06 14:11:15.0404    Boot type: Normal boot
2010/09/06 14:11:15.0404    ================================================================================
2010/09/06 14:11:16.0193    Initialize success
2010/09/06 14:11:22.0264    ================================================================================
2010/09/06 14:11:22.0264    Scan started
2010/09/06 14:11:22.0264    Mode: Manual;
2010/09/06 14:11:22.0264    ================================================================================
2010/09/06 14:11:23.0294    ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2010/09/06 14:11:23.0357    adp94xx         (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2010/09/06 14:11:23.0500    adpahci         (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2010/09/06 14:11:23.0615    adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2010/09/06 14:11:23.0666    adpu320         (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2010/09/06 14:11:23.0839    Afc             (fe3ea6e9afc1a78e6edca121e006afb7) C:\Windows\system32\drivers\Afc.sys
2010/09/06 14:11:23.0989    AFD             (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2010/09/06 14:11:24.0167    agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2010/09/06 14:11:24.0305    aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2010/09/06 14:11:24.0536    aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2010/09/06 14:11:24.0684    amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2010/09/06 14:11:24.0721    amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2010/09/06 14:11:24.0866    AmdK7           (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2010/09/06 14:11:24.0989    AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2010/09/06 14:11:25.0175    ApfiltrService  (a80230bd04f0b8bf05185b369bb1cbb8) C:\Windows\system32\DRIVERS\Apfiltr.sys
2010/09/06 14:11:25.0317    arc             (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2010/09/06 14:11:25.0456    arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2010/09/06 14:11:25.0623    AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/09/06 14:11:25.0677    atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2010/09/06 14:11:26.0039    Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2010/09/06 14:11:26.0262    BHDrvx86        (8a0b7bd7947f769c2d87f795bc97e766) C:\Windows\system32\drivers\N360\0300000.087\BHDrvx86.sys
2010/09/06 14:11:26.0398    blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2010/09/06 14:11:26.0556    bowser          (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2010/09/06 14:11:26.0794    BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2010/09/06 14:11:27.0004    BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2010/09/06 14:11:27.0164    Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2010/09/06 14:11:27.0264    BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2010/09/06 14:11:27.0373    BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2010/09/06 14:11:27.0402    BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2010/09/06 14:11:27.0536    BthEnum         (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
2010/09/06 14:11:27.0641    BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2010/09/06 14:11:27.0760    BthPan          (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
2010/09/06 14:11:27.0822    BTHPORT         (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
2010/09/06 14:11:27.0956    BTHUSB          (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
2010/09/06 14:11:28.0058    ccHP            (7652f4e64c389b80ac6282339e5fa386) C:\Windows\system32\drivers\N360\0300000.087\ccHPx86.sys
2010/09/06 14:11:28.0186    cdburner        (c2eee2fd8b0e0c82d2be25281e017e57) C:\Windows\system32\DRIVERS\cdburner.sys
2010/09/06 14:11:28.0328    cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2010/09/06 14:11:28.0467    cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2010/09/06 14:11:28.0616    circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2010/09/06 14:11:28.0744    CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2010/09/06 14:11:28.0877    CmBatt          (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/09/06 14:11:28.0937    cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2010/09/06 14:11:29.0036    Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2010/09/06 14:11:29.0080    crcdisk         (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2010/09/06 14:11:29.0222    Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2010/09/06 14:11:29.0372    DfsC            (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2010/09/06 14:11:29.0708    disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2010/09/06 14:11:29.0880    drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2010/09/06 14:11:30.0059    DXGKrnl         (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
2010/09/06 14:11:30.0337    e1express       (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
2010/09/06 14:11:30.0475    E1G60           (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2010/09/06 14:11:30.0601    Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2010/09/06 14:11:30.0725    eeCtrl          (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
2010/09/06 14:11:30.0861    ElRawDisk       (9c64c2a950195f9bc3a09a499648b01c) C:\Windows\system32\drivers\elrawdsk.sys
2010/09/06 14:11:30.0988    elxstor         (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2010/09/06 14:11:31.0232    EraserUtilRebootDrv (850259334652d392e33ee3412562e583) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
2010/09/06 14:11:31.0340    ErrDev          (f2a80de2d1b7116052c09cb4d4ca1416) C:\Windows\system32\drivers\errdev.sys
2010/09/06 14:11:31.0600    exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2010/09/06 14:11:31.0847    fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2010/09/06 14:11:31.0975    fdc             (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2010/09/06 14:11:32.0103    FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2010/09/06 14:11:32.0217    Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2010/09/06 14:11:32.0343    flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/09/06 14:11:32.0463    FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2010/09/06 14:11:32.0609    Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2010/09/06 14:11:32.0835    gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2010/09/06 14:11:32.0979    GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2010/09/06 14:11:33.0179    HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/09/06 14:11:33.0329    HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2010/09/06 14:11:33.0432    HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2010/09/06 14:11:33.0598    HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2010/09/06 14:11:33.0753    HpCISSs         (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2010/09/06 14:11:34.0024    HSF_DPV         (99f85640054ba65190b860d878a7c9ae) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2010/09/06 14:11:34.0187    HSXHWAZL        (cfbc2b81972e298f0e19ee68fa9e73da) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2010/09/06 14:11:34.0321    HTTP            (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
2010/09/06 14:11:34.0458    i2omp           (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2010/09/06 14:11:34.0606    i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/09/06 14:11:34.0763    iaStor          (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
2010/09/06 14:11:34.0877    iaStorV         (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2010/09/06 14:11:35.0073    IDSVix86        (2edd3504457691a10328079da011d0b8) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100903.003\IDSvix86.sys
2010/09/06 14:11:35.0262    igfx            (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
2010/09/06 14:11:35.0402    iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2010/09/06 14:11:35.0542    IntcHdmiAddService (98d303ccb3415e9202e82043b37d66dc) C:\Windows\system32\drivers\IntcHdmi.sys
2010/09/06 14:11:35.0662    intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys
2010/09/06 14:11:35.0767    intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2010/09/06 14:11:35.0909    IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/09/06 14:11:36.0123    IPMIDRV         (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2010/09/06 14:11:36.0246    IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2010/09/06 14:11:36.0390    IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2010/09/06 14:11:36.0518    isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2010/09/06 14:11:36.0648    iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/09/06 14:11:36.0750    iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2010/09/06 14:11:36.0789    iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2010/09/06 14:11:36.0917    kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/09/06 14:11:37.0035    kbdhid          (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/09/06 14:11:37.0166    KSecDD          (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2010/09/06 14:11:37.0311    lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2010/09/06 14:11:37.0447    LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2010/09/06 14:11:37.0554    LSI_SAS         (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2010/09/06 14:11:37.0684    LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2010/09/06 14:11:37.0805    luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2010/09/06 14:11:37.0938    mdmxsdk         (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2010/09/06 14:11:38.0046    megasas         (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2010/09/06 14:11:38.0154    MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2010/09/06 14:11:38.0261    Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2010/09/06 14:11:38.0374    monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2010/09/06 14:11:38.0481    mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2010/09/06 14:11:38.0567    mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2010/09/06 14:11:38.0687    MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2010/09/06 14:11:38.0807    mpio            (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2010/09/06 14:11:38.0913    mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2010/09/06 14:11:39.0026    Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2010/09/06 14:11:39.0133    MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2010/09/06 14:11:39.0179    mrxsmb          (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/09/06 14:11:39.0300    mrxsmb10        (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/09/06 14:11:39.0414    mrxsmb20        (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/09/06 14:11:39.0529    msahci          (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
2010/09/06 14:11:39.0655    msdsm           (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2010/09/06 14:11:39.0791    Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2010/09/06 14:11:39.0918    msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2010/09/06 14:11:40.0057    MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2010/09/06 14:11:40.0106    MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/09/06 14:11:40.0312    MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2010/09/06 14:11:40.0380    MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2010/09/06 14:11:40.0530    mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/09/06 14:11:40.0679    MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2010/09/06 14:11:40.0740    Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2010/09/06 14:11:40.0876    MusCAudio       (2893b158fc5d98a42d0b2f4d7c22c788) C:\Windows\system32\drivers\MusCAudio.sys
2010/09/06 14:11:41.0051    NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2010/09/06 14:11:41.0247    NAVENG          (0953bb24c1e70a99c315f44f15993c17) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100906.003\NAVENG.SYS
2010/09/06 14:11:41.0566    NAVEX15         (3ddb0bef60b65df6b110c23e17cd67dc) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100906.003\NAVEX15.SYS
2010/09/06 14:11:41.0740    NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2010/09/06 14:11:41.0879    NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/09/06 14:11:41.0934    Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/09/06 14:11:42.0056    NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/09/06 14:11:42.0193    NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2010/09/06 14:11:42.0342    NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2010/09/06 14:11:42.0413    netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2010/09/06 14:11:42.0652    NETw4v32        (dd194a025d1c0472f45f57de8d8388eb) C:\Windows\system32\DRIVERS\NETw4v32.sys
2010/09/06 14:11:42.0811    nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2010/09/06 14:11:42.0981    NPF             (6623e51595c0076755c29c00846c4eb2) C:\Windows\system32\drivers\NPF.sys
2010/09/06 14:11:43.0109    Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2010/09/06 14:11:43.0244    nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2010/09/06 14:11:43.0397    Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2010/09/06 14:11:43.0529    ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2010/09/06 14:11:43.0635    Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2010/09/06 14:11:43.0678    nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2010/09/06 14:11:43.0796    nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2010/09/06 14:11:43.0836    nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2010/09/06 14:11:44.0217    OEM02Dev        (9d20fa5d8875f6063aa5e1c44446f698) C:\Windows\system32\DRIVERS\OEM02Dev.sys
2010/09/06 14:11:44.0335    OEM02Vfx        (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
2010/09/06 14:11:44.0480    ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/09/06 14:11:44.0658    Packet          (9d80e0be979c3edaf2863f23b88f4de6) C:\Windows\system32\DRIVERS\packet.sys
2010/09/06 14:11:44.0812    Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2010/09/06 14:11:44.0984    partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2010/09/06 14:11:45.0108    Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2010/09/06 14:11:45.0246    pavboot         (3adb8bd6154a3ef87496e8fce9c22493) C:\Windows\system32\drivers\pavboot.sys
2010/09/06 14:11:45.0366    PCD5SRVC{3F6A8B78-EC003E00-05040104} (42ede7d217325ff56cb8a9983cd7f73b) C:\PROGRA~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms
2010/09/06 14:11:45.0577    pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2010/09/06 14:11:45.0697    pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
2010/09/06 14:11:45.0833    pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2010/09/06 14:11:46.0002    PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2010/09/06 14:11:46.0238    PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2010/09/06 14:11:46.0348    Processor       (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2010/09/06 14:11:46.0487    PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2010/09/06 14:11:46.0607    PSINAflt        (235af4d494143f80a5584447ad7fc402) C:\Windows\system32\DRIVERS\PSINAflt.sys
2010/09/06 14:11:46.0698    PSINFile        (5571350a5670379de59d6d558d6a7007) C:\Windows\system32\DRIVERS\PSINFile.sys
2010/09/06 14:11:46.0814    PSINKNC         (ef57398f3baae958c43fd37353850cda) C:\Windows\system32\DRIVERS\psinknc.sys
2010/09/06 14:11:46.0943    PSINProc        (af6714cd8fb9e47d034a235629d0ab1d) C:\Windows\system32\DRIVERS\PSINProc.sys
2010/09/06 14:11:47.0062    PSINProt        (76c4efe8843909162b614ab3e5648611) C:\Windows\system32\DRIVERS\PSINProt.sys
2010/09/06 14:11:47.0184    PTDMBus         (785e1032c8f3c8c60aa8e2b7fe377869) C:\Windows\system32\DRIVERS\PTDMBus.sys
2010/09/06 14:11:47.0288    PTDMMdm         (924c2b2dca76d2bd7d44b3bb968b344f) C:\Windows\system32\DRIVERS\PTDMMdm.sys
2010/09/06 14:11:47.0311    PTDMVsp         (58ad3ccdd567fa45fd94af15229ace7c) C:\Windows\system32\DRIVERS\PTDMVsp.sys
2010/09/06 14:11:47.0416    PxHelp20        (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
2010/09/06 14:11:47.0559    ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2010/09/06 14:11:47.0691    ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2010/09/06 14:11:47.0794    QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2010/09/06 14:11:47.0974    R300            (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
2010/09/06 14:11:48.0142    RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2010/09/06 14:11:48.0276    Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/09/06 14:11:48.0421    RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/09/06 14:11:48.0558    RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2010/09/06 14:11:48.0683    rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2010/09/06 14:11:48.0738    RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/09/06 14:11:48.0853    rdpdr           (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2010/09/06 14:11:48.0983    RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2010/09/06 14:11:49.0149    RDPWD           (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2010/09/06 14:11:49.0330    RFCOMM          (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
2010/09/06 14:11:49.0472    rimmptsk        (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
2010/09/06 14:11:49.0637    rimsptsk        (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
2010/09/06 14:11:49.0772    RimUsb          (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
2010/09/06 14:11:49.0891    RimVSerPort     (d9b34325ee5df78b8f28a3de9f577c7d) C:\Windows\system32\DRIVERS\RimSerial.sys
2010/09/06 14:11:50.0007    rismxdp         (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
2010/09/06 14:11:50.0132    ROOTMODEM       (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
2010/09/06 14:11:50.0298    rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2010/09/06 14:11:50.0427    sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2010/09/06 14:11:50.0568    sdbus           (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
2010/09/06 14:11:50.0694    secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2010/09/06 14:11:50.0745    Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2010/09/06 14:11:50.0858    Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2010/09/06 14:11:50.0979    sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2010/09/06 14:11:51.0133    sffdisk         (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/09/06 14:11:51.0236    sffp_mmc        (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2010/09/06 14:11:51.0352    sffp_sd         (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/09/06 14:11:51.0481    sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2010/09/06 14:11:51.0618    sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2010/09/06 14:11:51.0753    SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2010/09/06 14:11:51.0793    SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2010/09/06 14:11:51.0915    Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2010/09/06 14:11:52.0068    spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2010/09/06 14:11:52.0230    SQTECH905C      (b9ac9023207149a206a9ea037d76cfce) C:\Windows\system32\Drivers\Capt905c.sys
2010/09/06 14:11:52.0418    SRTSP           (d572d48ca47b33b49bba9a7bc5cb45c6) C:\Windows\system32\drivers\N360\0300000.087\SRTSP.SYS
2010/09/06 14:11:52.0583    SRTSPX          (262072d44a269e6d590291f8321f00b1) C:\Windows\system32\drivers\N360\0300000.087\SRTSPX.SYS
2010/09/06 14:11:52.0704    srv             (0debafcc0e3591fca34f077cab62f7f7) C:\Windows\system32\DRIVERS\srv.sys
2010/09/06 14:11:53.0154    srv2            (6b6f3658e0a58c6c50c5f7fbdf3df633) C:\Windows\system32\DRIVERS\srv2.sys
2010/09/06 14:11:53.0263    srvnet          (0c5ab1892ae0fa504218db094bf6d041) C:\Windows\system32\DRIVERS\srvnet.sys
2010/09/06 14:11:53.0386    ssfs0bbc        (a3cc244f1e043c2b7ae32899ff99a0a0) C:\Windows\system32\DRIVERS\ssfs0bbc.sys
2010/09/06 14:11:53.0505    SSHRMD          (d6688e854dbe0f3024966e0d018274a7) C:\Windows\system32\Drivers\SSHRMD.SYS
2010/09/06 14:11:53.0506    Suspicious file (Forged): C:\Windows\system32\Drivers\SSHRMD.SYS. Real md5: d6688e854dbe0f3024966e0d018274a7, Fake md5: e041026dafa17af2610afc4da8f4ea14
2010/09/06 14:11:53.0515    SSHRMD - detected Rootkit.Win32.TDSS.tdl3 (0)
2010/09/06 14:11:53.0618    SSIDRV          (5a40b485825cc31b3a49bb4701b30d35) C:\Windows\system32\Drivers\SSIDRV.SYS
2010/09/06 14:11:53.0732    SSKBFD          (2907633cd784808e2b24004b54040faa) C:\Windows\system32\Drivers\sskbfd.sys
2010/09/06 14:11:53.0906    STHDA           (6a2a5e809c2c0178326d92b19ee4aad3) C:\Windows\system32\drivers\stwrt.sys
2010/09/06 14:11:54.0030    StillCam        (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
2010/09/06 14:11:54.0228    swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2010/09/06 14:11:54.0378    Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2010/09/06 14:11:54.0565    SymEFA          (d0403502b507878aa57a79e45b7dfe40) C:\Windows\system32\drivers\N360\0300000.087\SYMEFA.SYS
2010/09/06 14:11:54.0673    SymEvent        (a54ff04bd6e75dc4d8cb6f3e352635e0) C:\Windows\system32\Drivers\SYMEVENT.SYS
2010/09/06 14:11:54.0835    SYMFW           (3d4c6195812acd7cd8ef59cb61dd8101) C:\Windows\system32\drivers\N360\0300000.087\SYMFW.SYS
2010/09/06 14:11:54.0977    SymIM           (0b7e7cbe1f9dd57bc5dcdcad3f6b1b3b) C:\Windows\system32\DRIVERS\SymIMv.sys
2010/09/06 14:11:55.0083    SYMNDISV        (8629557cbaa0215463f084562030c016) C:\Windows\system32\drivers\N360\0300000.087\SYMNDISV.SYS
2010/09/06 14:11:55.0247    SYMTDI          (3b4a6cf6b737a998d753c17e8eb4c11e) C:\Windows\system32\drivers\N360\0300000.087\SYMTDI.SYS
2010/09/06 14:11:55.0402    Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2010/09/06 14:11:55.0534    Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2010/09/06 14:11:55.0727    Tcpip           (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\drivers\tcpip.sys
2010/09/06 14:11:55.0860    Tcpip6          (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\DRIVERS\tcpip.sys
2010/09/06 14:11:55.0969    tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2010/09/06 14:11:56.0009    TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2010/09/06 14:11:56.0117    TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2010/09/06 14:11:56.0232    tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2010/09/06 14:11:56.0346    TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2010/09/06 14:11:56.0483    TotRec7         (53d06e5a0fdd4d9447840fd23c3ff4a6) C:\Windows\system32\drivers\TotRec7.sys
2010/09/06 14:11:56.0610    TotRec8         (9647e89bb2909560753ac371c95d3f0e) C:\Windows\system32\drivers\TotRec8.sys
2010/09/06 14:11:56.0778    tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/09/06 14:11:56.0918    tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2010/09/06 14:11:57.0001    tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
2010/09/06 14:11:57.0133    uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2010/09/06 14:11:57.0269    udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2010/09/06 14:11:57.0438    uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2010/09/06 14:11:57.0578    uliahci         (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2010/09/06 14:11:57.0708    UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2010/09/06 14:11:57.0759    ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2010/09/06 14:11:57.0890    umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2010/09/06 14:11:58.0055    USBAAPL         (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
2010/09/06 14:11:58.0199    usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/09/06 14:11:58.0331    usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2010/09/06 14:11:58.0467    usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2010/09/06 14:11:58.0584    usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2010/09/06 14:11:58.0700    usbohci         (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2010/09/06 14:11:58.0820    usbprint        (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2010/09/06 14:11:58.0927    USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/09/06 14:11:58.0951    usbuhci         (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/09/06 14:11:59.0084    vga             (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/09/06 14:11:59.0198    VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2010/09/06 14:11:59.0322    viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2010/09/06 14:11:59.0456    ViaC7           (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2010/09/06 14:11:59.0580    viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2010/09/06 14:11:59.0740    volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2010/09/06 14:11:59.0869    volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2010/09/06 14:12:00.0005    volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2010/09/06 14:12:00.0144    vsmraid         (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2010/09/06 14:12:00.0332    WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2010/09/06 14:12:00.0483    Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/09/06 14:12:00.0507    Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/09/06 14:12:00.0704    Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2010/09/06 14:12:00.0887    Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2010/09/06 14:12:01.0091    winachsf        (72cc6a8ca7891031d6380db5025c773c) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2010/09/06 14:12:01.0330    WmiAcpi         (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/09/06 14:12:01.0474    WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2010/09/06 14:12:01.0517    ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2010/09/06 14:12:01.0664    WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/09/06 14:12:01.0784    XAudio          (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
2010/09/06 14:12:01.0933    yukonwlh        (a4822191c7cea271903c2a4fb6d9809d) C:\Windows\system32\DRIVERS\yk60x86.sys
2010/09/06 14:12:02.0004    ================================================================================
2010/09/06 14:12:02.0004    Scan finished
2010/09/06 14:12:02.0004    ================================================================================
2010/09/06 14:12:02.0020    Detected object count: 1
2010/09/06 14:12:09.0925    SSHRMD          (d6688e854dbe0f3024966e0d018274a7) C:\Windows\system32\Drivers\SSHRMD.SYS
2010/09/06 14:12:09.0926    Suspicious file (Forged): C:\Windows\system32\Drivers\SSHRMD.SYS. Real md5: d6688e854dbe0f3024966e0d018274a7, Fake md5: e041026dafa17af2610afc4da8f4ea14
2010/09/06 14:12:10.0143    Backup copy found, using it..
2010/09/06 14:12:10.0270    C:\Windows\system32\Drivers\SSHRMD.SYS - processing error
2010/09/06 14:12:10.0270    Rootkit.Win32.TDSS.tdl3(SSHRMD) - User select action: Cure