Wininet.dll Invalid Hash

C

Carrigon

Member
Vista 64. Just a quick question on this. I've been seeing this error in my event viewer for a few days. My system boots fine, but I'm still seeing this. Should I be worried about it? I ran a SFC scan, but I still get this in event viewer. Nothing is showing up in my reg cleaner or anything else. System is now clean of spyware and viruses.

Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume1\Windows\System32\wininet.dll

I don't have a Vista disc to repair from, just restore on a different drive on my system. Should I even do anything about this error?
 

My Computer

System One

  • Manufacturer/Model
    HP Touchsmart IQ816
    Memory
    4GB
    Graphics Card(s)
    Nvidia 9600GS
    Internet Speed
    Broadband
Carrigon
If you are not having problems, there is no need for concern. That DLL helps with the internet. If you are working properly do not worry about the error of DLL. It may be caused by a small error in the registry, which CAN be caused by reg cleaners. If you want my suggestions for maintenance, just ask. I can tell you reg cleaners are not on it and not needed for Vista.

Now the bad news
Many virus disguise themselves as winnet.dll.
Make a full antivirus scan. Update
Donwload and make a full scan with malwarebytes
Make a full scan with eset online scanner, no need to download.
 

My Computer

System One

  • Manufacturer/Model
    Dell XPS420
    Memory
    6 gig
    Graphics Card(s)
    ATI Radeon HD3650 256 MB
    Sound Card
    Intergrated 7.1 Channel Audio
    Monitor(s) Displays
    Dell SP2009W 20 inch Flat Panel w Webcam
    Hard Drives
    640 gb
    Cooling
    Fan
    Keyboard
    Dell USB
    Mouse
    Dell USB 4 button optical
    Other Info
    DSL provided by ATT
Thanks. I'm pretty sure my system is clean now. Both Malwarebytes and AVG say I'm clean.

I use CCleaner alot, mostly to just empty temp files. I never trust it to just do what it wants on anything. If I don't trust something, I leave it be.

As long as the system boots and nothing crashes, I guess it's okay. It's just that I don't like weird errors in the event log.
 

My Computer

System One

  • Manufacturer/Model
    HP Touchsmart IQ816
    Memory
    4GB
    Graphics Card(s)
    Nvidia 9600GS
    Internet Speed
    Broadband
Most event logs have errors, I have some too. They are not there to worry about. They are there to help you diagnose when you have a problem.
I have a few, too.
 

My Computer

System One

  • Manufacturer/Model
    Dell XPS420
    Memory
    6 gig
    Graphics Card(s)
    ATI Radeon HD3650 256 MB
    Sound Card
    Intergrated 7.1 Channel Audio
    Monitor(s) Displays
    Dell SP2009W 20 inch Flat Panel w Webcam
    Hard Drives
    640 gb
    Cooling
    Fan
    Keyboard
    Dell USB
    Mouse
    Dell USB 4 button optical
    Other Info
    DSL provided by ATT
Thanks, I just get really paranoid after I've had a virus. Since I've cleaned it up, it's running really fast now. Not sure if I fixed the sleep mode crash yet. I had it in sleep mode for a few hours and it didn't crash on waking this time. And no crashes tonight. I've been on here for hours and hours.

Some of my crashes in the last six months seem to have been with Firefox and Nvidia, but I updated Firefox today, and that so far, seems to have stopped it. At least, I'm hoping the good fortune continues.
 

My Computer

System One

  • Manufacturer/Model
    HP Touchsmart IQ816
    Memory
    4GB
    Graphics Card(s)
    Nvidia 9600GS
    Internet Speed
    Broadband
Hello!

This is actually worrying me quite a lot. When Windows boots, it takes a checksum of many of its components. It can do various things with this, for example it won't write a dump file if a component fails checksum matching etc. etc. but it also helps to prevent malicious activity, and in fact, unless you enable "Disable Driver Checksum Enforcement" from F8, it won't actually boot your computer if a driver fails checksum activity.

To cut a long story short, this could actually be one of the only symptoms of a new strain of rootkit.

It looks to me as though it hasn't attacked a driver, because Windows is more careful when it comes to drivers. But why a file to do with the Internet? Malware writers make money (one of the ways) through advertising - Google redirects. Internet file - rootkit - Google Redirects.

I don't know. But it seems suspicious. The only other two possible causes which I know about are bad memory, or a bad filter driver. I don't believe that either of these are the problem in this case.

If this is a new strain of TDL, then uploading to Virus Total is ineffective, because Virus Total is showed a clean copy of the file, and not the infected one!

You admit that you were infected. If this were a rootkit, then it is likely that AVG and MBAM have scraped off the top, but left in the roots.

I would be very suspicious of this computer until we can ascertain what is going on.

Can you please run these two tools and post back with the logs: How to remove malware belonging to the family Rootkit.Win32.TDSS (aka Tidserv, TDSServ, Alureon)?

aswMBR

Also, you mentioned crashes. I wonder if this is a BSoD (with automatic restart possibly) Could you also please run this tool: http://www.vistax64.com/crashes-debugging/282419-blue-screen-death-bsod-posting-instructions.html

Thanks a lot!

Richard
 

My Computer

System One

  • Manufacturer/Model
    Dell XPS 420
    CPU
    Intel Core 2 Quad Q9300 2.50GHz
    Motherboard
    Stock Dell 0TP406
    Memory
    4 gb (DDR2 800) 400MHz
    Graphics Card(s)
    ATI Radeon HD 3870 (512 MBytes)
    Sound Card
    Onboard
    Monitor(s) Displays
    1 x Dell 2007FP and 1 x (old) Sonic flat screen
    Screen Resolution
    1600 x 1200 and 1280 x 1204
    Hard Drives
    1 x 640Gb (SATA 300)
    Western Digital: WDC WD6400AAKS-75A7B0

    1 x 1Tb (SATA 600)
    Western Digital: Caviar Black, SATA 6GB/S, 64Mb cache, 8ms
    Western Digital: WDC WD1002FAEX-00Z3A0 ATA Device
    PSU
    Stock PSU - 375W
    Case
    Dell XPS 420
    Cooling
    Stock Fan
    Keyboard
    Dell Bluetooth
    Mouse
    Advent Optical ADE-WG01 (colour change light up)
    Internet Speed
    120 kb/s
    Other Info
    ASUS USB 3.0 5Gbps/SATA 6Gbps - PCI-Express Combo Controller Card (U3S6)
Good that we have you Niemiro. I had mentioned in my origianal post that there was a possible virus problem. The scans that we used did not pick it up. Thanks for helping
 

My Computer

System One

  • Manufacturer/Model
    Dell XPS420
    Memory
    6 gig
    Graphics Card(s)
    ATI Radeon HD3650 256 MB
    Sound Card
    Intergrated 7.1 Channel Audio
    Monitor(s) Displays
    Dell SP2009W 20 inch Flat Panel w Webcam
    Hard Drives
    640 gb
    Cooling
    Fan
    Keyboard
    Dell USB
    Mouse
    Dell USB 4 button optical
    Other Info
    DSL provided by ATT
richc46 said:
Good that we have you Niemiro. I had mentioned in my origianal post that there was a possible virus problem. The scans that we used did not pick it up. Thanks for helping
Click to expand...

No problem :) It was a very good call. I am slightly concerned that it may be malware - it might even be a new strain. If this appears to be the case, we will need to send this off to a proper Malware University, for sampling, analysis, and then propagating to the security tools writers and firms for inclusion in the databases - especially if this is a new rootkit, and not just a virus.
 

My Computer

System One

  • Manufacturer/Model
    Dell XPS 420
    CPU
    Intel Core 2 Quad Q9300 2.50GHz
    Motherboard
    Stock Dell 0TP406
    Memory
    4 gb (DDR2 800) 400MHz
    Graphics Card(s)
    ATI Radeon HD 3870 (512 MBytes)
    Sound Card
    Onboard
    Monitor(s) Displays
    1 x Dell 2007FP and 1 x (old) Sonic flat screen
    Screen Resolution
    1600 x 1200 and 1280 x 1204
    Hard Drives
    1 x 640Gb (SATA 300)
    Western Digital: WDC WD6400AAKS-75A7B0

    1 x 1Tb (SATA 600)
    Western Digital: Caviar Black, SATA 6GB/S, 64Mb cache, 8ms
    Western Digital: WDC WD1002FAEX-00Z3A0 ATA Device
    PSU
    Stock PSU - 375W
    Case
    Dell XPS 420
    Cooling
    Stock Fan
    Keyboard
    Dell Bluetooth
    Mouse
    Advent Optical ADE-WG01 (colour change light up)
    Internet Speed
    120 kb/s
    Other Info
    ASUS USB 3.0 5Gbps/SATA 6Gbps - PCI-Express Combo Controller Card (U3S6)
I find it very hard to believe that there are idiots out there, who spend their time writing these things. They should all be locked up somwhere and charged the cost of repairing all the computers that they have damaged.
 

My Computer

System One

  • Manufacturer/Model
    Dell XPS420
    Memory
    6 gig
    Graphics Card(s)
    ATI Radeon HD3650 256 MB
    Sound Card
    Intergrated 7.1 Channel Audio
    Monitor(s) Displays
    Dell SP2009W 20 inch Flat Panel w Webcam
    Hard Drives
    640 gb
    Cooling
    Fan
    Keyboard
    Dell USB
    Mouse
    Dell USB 4 button optical
    Other Info
    DSL provided by ATT
When I get time later today, I will try running those and post the results. What I can tell you is, I cannot connect to the net on that pc without a usb stick. And this has been going on for a year and a half. Last year, a bunch of us who own HP Touchsmarts suddenly lost net connection. We didn't know what caused it. We assumed it was after a Vista update. We tried everything to get our net connections back, nothing worked. We updated all drivers, we did system restores, we reset everything. We reinstalled the network card, absolutely nothing we tried ever worked. We just never found the cause. So we had all posted over at the HP forums complaining of this. And we each ended up buying a usb network stick just to be able to connect to the net again. So I've been doing that on there this whole time. I had no idea the wininet file is either a virus/trojan or damaged by one. Especially since the system scans kept coming up clean. It would be interesting if we finally identified the cause.
 

My Computer

System One

  • Manufacturer/Model
    HP Touchsmart IQ816
    Memory
    4GB
    Graphics Card(s)
    Nvidia 9600GS
    Internet Speed
    Broadband
Just wanted to mention, the BSOD was doing auto restart. But it's not happening now that I cleaned up. It was mostly just when coming out of sleep mode. And it would say something about a thing stuck in memory. Then it would reboot. Since I've cleaned it, it's not doing it right now. I had this pc in sleep mode for about five hours and it woke up okay. I'm going to run the Avast scan now, see what it shows.
 

My Computer

System One

  • Manufacturer/Model
    HP Touchsmart IQ816
    Memory
    4GB
    Graphics Card(s)
    Nvidia 9600GS
    Internet Speed
    Broadband
aswMBR version 0.9.7.675 Copyright(c) 2011 AVAST Software
Run date: 2011-07-02 10:44:30
-----------------------------
10:44:30.486 OS Version: Windows x64 6.0.6002 Service Pack 2
10:44:30.486 Number of processors: 2 586 0x1706
10:44:30.486 ComputerName: CARRIGON-PC UserName: Carrigon
10:44:34.012 Initialize success
10:44:44.861 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:44:44.861 Disk 0 Vendor: ST375063 HP26 Size: 715404MB BusType: 3
10:44:44.861 Device \Driver\iaStor -> MajorFunction fffffa8004c276c0
10:44:44.861 Disk 0 MBR read error 0
10:44:44.861 Disk 0 MBR scan
10:44:44.861 Disk 0 unknown MBR code
10:44:44.877 MBR BIOS signature not found 0
10:44:44.877 Service scanning
10:44:46.078 Disk 0 trace - called modules:
10:44:46.078 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8004c276c0]<<
10:44:46.078 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004bce5c0]
10:44:46.078 3 CLASSPNP.SYS[fffffa6001407c33] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004965050]
10:44:46.093 \Driver\iaStor[0xfffffa8004bd87a0] -> IRP_MJ_CREATE -> 0xfffffa8004c276c0
10:44:46.093 Scan finished successfully
10:45:46.029 Disk 0 MBR has been saved successfully to "C:\Users\Carrigon\Downloads\Avast_Rootkitscanner\MBR.dat"
10:45:46.029 The log file has been saved successfully to "C:\Users\Carrigon\Downloads\Avast_Rootkitscanner\aswMBR.txt"
 

My Computer

System One

  • Manufacturer/Model
    HP Touchsmart IQ816
    Memory
    4GB
    Graphics Card(s)
    Nvidia 9600GS
    Internet Speed
    Broadband
2011/07/02 10:55:42.0732 2828 TDSS rootkit removing tool 2.5.8.0 Jun 28 2011 19:12:16
2011/07/02 10:55:43.0481 2828 ================================================================================
2011/07/02 10:55:43.0481 2828 SystemInfo:
2011/07/02 10:55:43.0481 2828
2011/07/02 10:55:43.0481 2828 OS Version: 6.0.6002 ServicePack: 2.0
2011/07/02 10:55:43.0481 2828 Product type: Workstation
2011/07/02 10:55:43.0481 2828 ComputerName: CARRIGON-PC
2011/07/02 10:55:43.0481 2828 UserName: Carrigon
2011/07/02 10:55:43.0481 2828 Windows directory: C:\Windows
2011/07/02 10:55:43.0481 2828 System windows directory: C:\Windows
2011/07/02 10:55:43.0481 2828 Running under WOW64
2011/07/02 10:55:43.0481 2828 Processor architecture: Intel x64
2011/07/02 10:55:43.0481 2828 Number of processors: 2
2011/07/02 10:55:43.0481 2828 Page size: 0x1000
2011/07/02 10:55:43.0481 2828 Boot type: Normal boot
2011/07/02 10:55:43.0481 2828 ================================================================================
2011/07/02 10:55:44.0604 2828 Initialize success
2011/07/02 10:55:52.0076 5352 ================================================================================
2011/07/02 10:55:52.0076 5352 Scan started
2011/07/02 10:55:52.0076 5352 Mode: Manual;
2011/07/02 10:55:52.0076 5352 ================================================================================
2011/07/02 10:55:53.0496 5352 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
2011/07/02 10:55:53.0605 5352 ACPIService (b0c2cea708685e8ad10f028211a2d973) C:\Windows\system32\DRIVERS\OSDACPI.SYS
2011/07/02 10:55:53.0652 5352 ADIHdAudAddService (f813ca7c3ce931fbb01e8dea0d6e4aa9) C:\Windows\system32\drivers\ADIHdAud.sys
2011/07/02 10:55:53.0745 5352 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
2011/07/02 10:55:53.0823 5352 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
2011/07/02 10:55:53.0855 5352 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
2011/07/02 10:55:53.0886 5352 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
2011/07/02 10:55:53.0948 5352 AFD (12415ccfd3e7cec55b5184e67b039fe4) C:\Windows\system32\drivers\afd.sys
2011/07/02 10:55:53.0995 5352 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
2011/07/02 10:55:54.0026 5352 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
2011/07/02 10:55:54.0057 5352 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
2011/07/02 10:55:54.0073 5352 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
2011/07/02 10:55:54.0104 5352 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
2011/07/02 10:55:54.0167 5352 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
2011/07/02 10:55:54.0307 5352 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
2011/07/02 10:55:54.0463 5352 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/02 10:55:54.0494 5352 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
2011/07/02 10:55:54.0635 5352 AVerAVF2 (064f2b116a5558f11f8c1360f6a4acda) C:\Windows\system32\DRIVERS\AVerAVF2.sys
2011/07/02 10:55:54.0837 5352 AVGIDSDriver (593868a578b40da9bc155b22316bc9a3) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
2011/07/02 10:55:54.0900 5352 AVGIDSEH (0994ba65388c7d5282242d1124fe8373) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
2011/07/02 10:55:54.0947 5352 AVGIDSFilter (bf9ebe32b3827991d2100fcebca1af01) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
2011/07/02 10:55:55.0087 5352 Avgldx64 (ff7383388a7d2283dae5831abc2b0720) C:\Windows\system32\DRIVERS\avgldx64.sys
2011/07/02 10:55:55.0149 5352 Avgmfx64 (997d002827d3e3dcbbb25bf46db161ab) C:\Windows\system32\DRIVERS\avgmfx64.sys
2011/07/02 10:55:55.0243 5352 Avgrkx64 (bccfe3374c887075cde2ac8fdb1cb2f8) C:\Windows\system32\DRIVERS\avgrkx64.sys
2011/07/02 10:55:55.0290 5352 Avgtdia (0d49adcebe243b79366ea523b647519a) C:\Windows\system32\DRIVERS\avgtdia.sys
2011/07/02 10:55:55.0430 5352 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
2011/07/02 10:55:55.0524 5352 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/02 10:55:55.0602 5352 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
2011/07/02 10:55:55.0617 5352 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
2011/07/02 10:55:55.0649 5352 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
2011/07/02 10:55:55.0680 5352 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
2011/07/02 10:55:55.0695 5352 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
2011/07/02 10:55:55.0727 5352 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
2011/07/02 10:55:55.0773 5352 BthEnum (09f926a0d9c0bafd8417a4307d2ed13c) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/07/02 10:55:55.0805 5352 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
2011/07/02 10:55:55.0851 5352 BthPan (befc5311736b475ac5b60c14ff7c775a) C:\Windows\system32\DRIVERS\bthpan.sys
2011/07/02 10:55:55.0914 5352 BTHPORT (2ff122eeb3a712feda238fb331f738b9) C:\Windows\system32\Drivers\BTHport.sys
2011/07/02 10:55:55.0961 5352 BTHUSB (2b668e7c1616c0e931714272934c678b) C:\Windows\system32\Drivers\BTHUSB.sys
2011/07/02 10:55:56.0007 5352 btwaudio (c45bac661f01a492ae2f926d3b0d1775) C:\Windows\system32\drivers\btwaudio.sys
2011/07/02 10:55:56.0039 5352 btwavdt (8964a01861b2539160dc8fe72b400e39) C:\Windows\system32\drivers\btwavdt.sys
2011/07/02 10:55:56.0085 5352 btwl2cap (fda1b5124e07003c3d0d279e5050485e) C:\Windows\system32\DRIVERS\btwl2cap.sys
2011/07/02 10:55:56.0132 5352 btwrchid (387fc34f3488aca2a16394cd7421e7a0) C:\Windows\system32\DRIVERS\btwrchid.sys
2011/07/02 10:55:56.0179 5352 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/02 10:55:56.0226 5352 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
2011/07/02 10:55:56.0241 5352 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\DRIVERS\circlass.sys
2011/07/02 10:55:56.0288 5352 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
2011/07/02 10:55:56.0397 5352 clwvd (e6b64473f48c4c1cad47ca3c5821ad49) C:\Windows\system32\DRIVERS\clwvd.sys
2011/07/02 10:55:56.0491 5352 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
2011/07/02 10:55:56.0522 5352 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
2011/07/02 10:55:56.0553 5352 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
2011/07/02 10:55:56.0600 5352 DfsC (36cd31121f228e7e79bae60aa45764c6) C:\Windows\system32\Drivers\dfsc.sys
2011/07/02 10:55:56.0663 5352 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
2011/07/02 10:55:56.0709 5352 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
2011/07/02 10:55:56.0803 5352 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/02 10:55:56.0881 5352 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
2011/07/02 10:55:56.0928 5352 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
2011/07/02 10:55:56.0975 5352 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
2011/07/02 10:55:57.0006 5352 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
2011/07/02 10:55:57.0053 5352 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
2011/07/02 10:55:57.0146 5352 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
2011/07/02 10:55:57.0177 5352 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/02 10:55:57.0224 5352 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
2011/07/02 10:55:57.0240 5352 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
2011/07/02 10:55:57.0271 5352 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/02 10:55:57.0302 5352 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
2011/07/02 10:55:57.0365 5352 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/02 10:55:57.0443 5352 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
2011/07/02 10:55:57.0521 5352 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/07/02 10:55:57.0583 5352 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
2011/07/02 10:55:57.0614 5352 HidIr (5f47839455d01ff6403b008d481a6f5b) C:\Windows\system32\DRIVERS\hidir.sys
2011/07/02 10:55:57.0645 5352 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
2011/07/02 10:55:57.0708 5352 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
2011/07/02 10:55:57.0770 5352 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
2011/07/02 10:55:57.0801 5352 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
2011/07/02 10:55:57.0848 5352 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/07/02 10:55:57.0895 5352 iaStor (a5afc75c01044c0dda0231c4e26c15a0) C:\Windows\system32\DRIVERS\iaStor.sys
2011/07/02 10:55:57.0989 5352 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
2011/07/02 10:55:58.0082 5352 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
2011/07/02 10:55:58.0176 5352 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
2011/07/02 10:55:58.0207 5352 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/02 10:55:58.0254 5352 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/07/02 10:55:58.0332 5352 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
2011/07/02 10:55:58.0379 5352 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
2011/07/02 10:55:58.0441 5352 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
2011/07/02 10:55:58.0488 5352 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
2011/07/02 10:55:58.0519 5352 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/07/02 10:55:58.0566 5352 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
2011/07/02 10:55:58.0597 5352 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
2011/07/02 10:55:58.0628 5352 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/07/02 10:55:58.0659 5352 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/07/02 10:55:58.0706 5352 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/02 10:55:58.0815 5352 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
2011/07/02 10:55:58.0878 5352 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/02 10:55:58.0925 5352 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
2011/07/02 10:55:58.0956 5352 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
2011/07/02 10:55:59.0003 5352 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
2011/07/02 10:55:59.0034 5352 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
2011/07/02 10:55:59.0065 5352 MBAMProtector (ed49fd1373de93617a1f6d128d98fe4d) C:\Windows\system32\drivers\mbam.sys
2011/07/02 10:55:59.0127 5352 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
2011/07/02 10:55:59.0174 5352 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
2011/07/02 10:55:59.0190 5352 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
2011/07/02 10:55:59.0237 5352 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/02 10:55:59.0252 5352 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
2011/07/02 10:55:59.0283 5352 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
2011/07/02 10:55:59.0315 5352 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
2011/07/02 10:55:59.0455 5352 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
2011/07/02 10:56:00.0251 5352 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/02 10:56:00.0282 5352 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
2011/07/02 10:56:00.0812 5352 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
2011/07/02 10:56:00.0953 5352 mrxsmb (dc434b4769e18da09ce1b7755d4c64e9) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/02 10:56:00.0999 5352 mrxsmb10 (64713fcfe3de8881d62f8f3f2f794241) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/02 10:56:01.0031 5352 mrxsmb20 (0005c599a2abf767a815afcd32e523e3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/02 10:56:01.0077 5352 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
2011/07/02 10:56:01.0124 5352 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
2011/07/02 10:56:01.0171 5352 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
2011/07/02 10:56:01.0187 5352 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
2011/07/02 10:56:01.0249 5352 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/02 10:56:01.0296 5352 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/02 10:56:01.0327 5352 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
2011/07/02 10:56:01.0530 5352 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
2011/07/02 10:56:01.0623 5352 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/07/02 10:56:01.0701 5352 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
2011/07/02 10:56:01.0842 5352 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
2011/07/02 10:56:01.0935 5352 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
2011/07/02 10:56:02.0060 5352 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
2011/07/02 10:56:02.0107 5352 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/07/02 10:56:02.0123 5352 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/07/02 10:56:02.0154 5352 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/07/02 10:56:02.0185 5352 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
2011/07/02 10:56:02.0216 5352 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
2011/07/02 10:56:02.0263 5352 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
2011/07/02 10:56:02.0341 5352 netr28x (69993bf4a23bd6096d8de5d2cf3011db) C:\Windows\system32\DRIVERS\netr28x.sys
2011/07/02 10:56:02.0388 5352 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
2011/07/02 10:56:02.0466 5352 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
2011/07/02 10:56:02.0497 5352 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
2011/07/02 10:56:02.0559 5352 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
2011/07/02 10:56:02.0622 5352 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
2011/07/02 10:56:02.0996 5352 nvlddmkm (bbe872a814b00798c2d568d46c42a71b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/07/02 10:56:03.0324 5352 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
2011/07/02 10:56:03.0371 5352 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
2011/07/02 10:56:03.0449 5352 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
2011/07/02 10:56:03.0589 5352 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/07/02 10:56:03.0636 5352 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
2011/07/02 10:56:03.0745 5352 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
2011/07/02 10:56:04.0057 5352 PCD5SRVC{8AAF211B-043E02A9-05040000} (7204f835a4355d1ab2853e57c9ff177c) C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms
2011/07/02 10:56:04.0229 5352 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
2011/07/02 10:56:04.0275 5352 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
2011/07/02 10:56:04.0307 5352 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
2011/07/02 10:56:04.0353 5352 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
2011/07/02 10:56:04.0541 5352 pnarp (4ff73a83a25d0eead4f5e6c841bb6704) C:\Windows\system32\DRIVERS\pnarp.sys
2011/07/02 10:56:04.0619 5352 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
2011/07/02 10:56:04.0650 5352 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
2011/07/02 10:56:04.0728 5352 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/02 10:56:04.0759 5352 purendis (9a68a89f10f283a23afee2a1bfe4bffb) C:\Windows\system32\DRIVERS\purendis.sys
2011/07/02 10:56:04.0821 5352 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
2011/07/02 10:56:04.0946 5352 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
2011/07/02 10:56:05.0024 5352 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/02 10:56:05.0087 5352 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
2011/07/02 10:56:05.0149 5352 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/07/02 10:56:05.0196 5352 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/07/02 10:56:05.0289 5352 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
2011/07/02 10:56:05.0321 5352 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
2011/07/02 10:56:05.0367 5352 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/02 10:56:05.0399 5352 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
2011/07/02 10:56:05.0430 5352 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
2011/07/02 10:56:05.0477 5352 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
2011/07/02 10:56:05.0601 5352 RFCOMM (cd71e053d7260e4102d99a28f9196070) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/07/02 10:56:05.0664 5352 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
2011/07/02 10:56:05.0711 5352 RTL8169 (82b66abf055611024e5dbb9fa556c11d) C:\Windows\system32\DRIVERS\Rtlh64.sys
2011/07/02 10:56:05.0742 5352 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
2011/07/02 10:56:05.0804 5352 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/07/02 10:56:05.0851 5352 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
2011/07/02 10:56:05.0913 5352 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
2011/07/02 10:56:05.0960 5352 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
2011/07/02 10:56:06.0007 5352 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
2011/07/02 10:56:06.0038 5352 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
2011/07/02 10:56:06.0054 5352 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
2011/07/02 10:56:06.0085 5352 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
2011/07/02 10:56:06.0132 5352 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
2011/07/02 10:56:06.0163 5352 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
2011/07/02 10:56:06.0210 5352 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
2011/07/02 10:56:06.0350 5352 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
2011/07/02 10:56:06.0413 5352 sptd (9ab59cf736981ed1f83c6ab5faa8ba5c) C:\Windows\system32\Drivers\sptd.sys
2011/07/02 10:56:06.0413 5352 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 9ab59cf736981ed1f83c6ab5faa8ba5c
2011/07/02 10:56:06.0413 5352 sptd - detected LockedFile.Multi.Generic (1)
2011/07/02 10:56:06.0522 5352 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
2011/07/02 10:56:06.0584 5352 srv2 (fa36d119249bf27bc4c0079734e1f33b) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/02 10:56:06.0693 5352 srvnet (cfe7bc92d52c7e79427545909a0182f8) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/02 10:56:06.0756 5352 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
2011/07/02 10:56:06.0803 5352 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
2011/07/02 10:56:06.0834 5352 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
2011/07/02 10:56:06.0865 5352 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
2011/07/02 10:56:06.0943 5352 Tcpip (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\drivers\tcpip.sys
2011/07/02 10:56:07.0068 5352 Tcpip6 (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\DRIVERS\tcpip.sys
2011/07/02 10:56:07.0161 5352 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
2011/07/02 10:56:07.0239 5352 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
2011/07/02 10:56:07.0317 5352 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
2011/07/02 10:56:07.0505 5352 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
2011/07/02 10:56:07.0692 5352 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
2011/07/02 10:56:07.0785 5352 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/07/02 10:56:07.0832 5352 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
2011/07/02 10:56:07.0863 5352 tunnel (f6a4fba7c03ac2efd00f3301c0c1e067) C:\Windows\system32\DRIVERS\tunnel.sys
2011/07/02 10:56:07.0926 5352 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
2011/07/02 10:56:08.0066 5352 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/02 10:56:08.0207 5352 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
2011/07/02 10:56:08.0285 5352 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
2011/07/02 10:56:08.0347 5352 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
2011/07/02 10:56:08.0534 5352 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
2011/07/02 10:56:08.0690 5352 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
2011/07/02 10:56:08.0893 5352 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/07/02 10:56:08.0940 5352 usbcir (8c39d53e1a343f4c47ee8f3c052126d8) C:\Windows\system32\DRIVERS\usbcir.sys
2011/07/02 10:56:09.0033 5352 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
2011/07/02 10:56:09.0127 5352 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
2011/07/02 10:56:09.0174 5352 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
2011/07/02 10:56:09.0221 5352 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
2011/07/02 10:56:09.0299 5352 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
2011/07/02 10:56:09.0330 5352 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/07/02 10:56:09.0361 5352 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/07/02 10:56:09.0377 5352 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
2011/07/02 10:56:09.0455 5352 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/02 10:56:09.0486 5352 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
2011/07/02 10:56:09.0501 5352 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
2011/07/02 10:56:09.0611 5352 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
2011/07/02 10:56:09.0657 5352 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
2011/07/02 10:56:09.0689 5352 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
2011/07/02 10:56:09.0735 5352 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
2011/07/02 10:56:09.0782 5352 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
2011/07/02 10:56:09.0845 5352 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/02 10:56:09.0860 5352 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/02 10:56:09.0907 5352 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
2011/07/02 10:56:09.0969 5352 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/02 10:56:10.0141 5352 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
2011/07/02 10:56:10.0203 5352 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/02 10:56:10.0281 5352 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/07/02 10:56:10.0344 5352 WUSB54GCv3 (c088056dfba2b3a6955ea596ee5cc507) C:\Windows\system32\DRIVERS\WUSB54GCv3.sys
2011/07/02 10:56:10.0531 5352 {55662437-DA8C-40c0-AADA-2C816A897A49} (74983addca2d9618512c088d856d6615) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
2011/07/02 10:56:10.0547 5352 MBR (0x1B8) (13af81ffe36981a6a5910f5f7a43b4f8) \Device\Harddisk0\DR0
2011/07/02 10:56:10.0547 5352 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/07/02 10:56:10.0562 5352 Boot (0x1200) (f20dea7e8f811a307a00e3ca10b3f696) \Device\Harddisk0\DR0\Partition0
2011/07/02 10:56:10.0593 5352 Boot (0x1200) (083a99644bc62d0c80fb033581757795) \Device\Harddisk0\DR0\Partition1
2011/07/02 10:56:10.0593 5352 ================================================================================
2011/07/02 10:56:10.0593 5352 Scan finished
2011/07/02 10:56:10.0593 5352 ================================================================================
2011/07/02 10:56:10.0609 5436 Detected object count: 2
2011/07/02 10:56:10.0609 5436 Actual detected object count: 2
2011/07/02 10:57:55.0550 5436 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/07/02 10:57:55.0550 5436 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Skip
 

My Computer

System One

  • Manufacturer/Model
    HP Touchsmart IQ816
    Memory
    4GB
    Graphics Card(s)
    Nvidia 9600GS
    Internet Speed
    Broadband
I chose to skip cleaning right now. Will my system still boot if I clean these? I'm just worried about it doing a false report and killing this pc.
 

My Computer

System One

  • Manufacturer/Model
    HP Touchsmart IQ816
    Memory
    4GB
    Graphics Card(s)
    Nvidia 9600GS
    Internet Speed
    Broadband
And this is the Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:20:17 AM, on 7/2/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnProxy.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.EXE
C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\FastUserSwitching.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\HWManager.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Windows\SysWOW64\OSDFORM.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Users\Carrigon\Downloads\Avast_Rootkitscanner\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP TouchSmart | What's Hot with the HP TouchSmart PC?
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP TouchSmart | What's Hot with the HP TouchSmart PC?
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP TouchSmart | What's Hot with the HP TouchSmart PC?
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
O4 - HKLM\..\Run: [HP KEYBOARD] "C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.EXE"
O4 - HKLM\..\Run: [Buttons & OSDs control application gen2] "C:\Program Files (x86)\Hewlett Packard\Buttons & OSDs control application gen2\FastUserSwitching.exe"
O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [4ECYTQ9SIC] C:\Windows\TEMP\Xrh.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [4ECYTQ9SIC] C:\Windows\TEMP\Xrh.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files (x86)\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: Add to Media Manager... - C:\Program Files (x86)\MP3 Player Utilities 4.00\MediaManager\grab.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CalendarSynchService - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Touch Screen Enhance - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnSrv.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - c:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10142 bytes
 

My Computer

System One

  • Manufacturer/Model
    HP Touchsmart IQ816
    Memory
    4GB
    Graphics Card(s)
    Nvidia 9600GS
    Internet Speed
    Broadband
The locked file that the TDDSkiller found should just be from Daemon Tools. That's why I'm hesitant to do anything with this stuff, I don't want to kill my system.
 

My Computer

System One

  • Manufacturer/Model
    HP Touchsmart IQ816
    Memory
    4GB
    Graphics Card(s)
    Nvidia 9600GS
    Internet Speed
    Broadband
Hello!

I am quite glad that I ran those tools! Both logs are infected, and you are indeed infected with the very latest TDL4 variant, which is very nasty. Very nasty. Basically, the sptd is a false positive. It is a CD emulation driver, and will always show up, however, it is not infected. So, always select Skip on sptd.

However (and it is fine to do so), please re-run TDSS Killer, and select Cure on Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0)

Once you have done that, you have broken the back of the infection, and after that, it is just cleaning up.

However, because this infection may want to steal your data, and I am not trained in Malware Removal, it is imperative that you seek expert advice who will clean up the rest, check for anything else, and then give you the all clear.

I know that it is a real pain to create another account on another forum, but for this infection, I believe that it is extremely important that you scrub yourself clean under a fully trained professional. You can read about how to do this here: Malware and Spyware Cleaning Guide - Geeks to Go Forums

In your Thread Title, please put in the phrase "TDL4". That will mean something to whichever expert helps you! Also, only trained experts help over there, so you are guaranteed to have someone who has endured months of training. Also, please post your AswMBR and TDSS Killer logs.

After that, I shall continue to investigate this checksum mismatch, be it malware or not.

Thanks a lot, and the very best of luck!

Richard

P.S. I personally recommend Geeks to Go because it is very friendly, and extremely competent :)
 

My Computer

System One

  • Manufacturer/Model
    Dell XPS 420
    CPU
    Intel Core 2 Quad Q9300 2.50GHz
    Motherboard
    Stock Dell 0TP406
    Memory
    4 gb (DDR2 800) 400MHz
    Graphics Card(s)
    ATI Radeon HD 3870 (512 MBytes)
    Sound Card
    Onboard
    Monitor(s) Displays
    1 x Dell 2007FP and 1 x (old) Sonic flat screen
    Screen Resolution
    1600 x 1200 and 1280 x 1204
    Hard Drives
    1 x 640Gb (SATA 300)
    Western Digital: WDC WD6400AAKS-75A7B0

    1 x 1Tb (SATA 600)
    Western Digital: Caviar Black, SATA 6GB/S, 64Mb cache, 8ms
    Western Digital: WDC WD1002FAEX-00Z3A0 ATA Device
    PSU
    Stock PSU - 375W
    Case
    Dell XPS 420
    Cooling
    Stock Fan
    Keyboard
    Dell Bluetooth
    Mouse
    Advent Optical ADE-WG01 (colour change light up)
    Internet Speed
    120 kb/s
    Other Info
    ASUS USB 3.0 5Gbps/SATA 6Gbps - PCI-Express Combo Controller Card (U3S6)
Thanks. I'm still wondering how I got this. But I'd say, it has to have started when the net connection died on here. I knew something was going on then, but was never able to find it.
 

My Computer

System One

  • Manufacturer/Model
    HP Touchsmart IQ816
    Memory
    4GB
    Graphics Card(s)
    Nvidia 9600GS
    Internet Speed
    Broadband
Carrigon said:
Thanks. I'm still wondering how I got this. But I'd say, it has to have started when the net connection died on here. I knew something was going on then, but was never able to find it.
Click to expand...

I am honestly not too sure, but if you ask the people at Geeks to Go, I am sure that they might be able to shed some light on this (certainly more than I can)

Richard
 

My Computer

System One

  • Manufacturer/Model
    Dell XPS 420
    CPU
    Intel Core 2 Quad Q9300 2.50GHz
    Motherboard
    Stock Dell 0TP406
    Memory
    4 gb (DDR2 800) 400MHz
    Graphics Card(s)
    ATI Radeon HD 3870 (512 MBytes)
    Sound Card
    Onboard
    Monitor(s) Displays
    1 x Dell 2007FP and 1 x (old) Sonic flat screen
    Screen Resolution
    1600 x 1200 and 1280 x 1204
    Hard Drives
    1 x 640Gb (SATA 300)
    Western Digital: WDC WD6400AAKS-75A7B0

    1 x 1Tb (SATA 600)
    Western Digital: Caviar Black, SATA 6GB/S, 64Mb cache, 8ms
    Western Digital: WDC WD1002FAEX-00Z3A0 ATA Device
    PSU
    Stock PSU - 375W
    Case
    Dell XPS 420
    Cooling
    Stock Fan
    Keyboard
    Dell Bluetooth
    Mouse
    Advent Optical ADE-WG01 (colour change light up)
    Internet Speed
    120 kb/s
    Other Info
    ASUS USB 3.0 5Gbps/SATA 6Gbps - PCI-Express Combo Controller Card (U3S6)
Okay, I cleaned it, and this is the TDSSkiller log:

2011/07/02 15:57:36.0775 3504 TDSS rootkit removing tool 2.5.8.0 Jun 28 2011 19:12:16
2011/07/02 15:57:37.0181 3504 ================================================================================
2011/07/02 15:57:37.0181 3504 SystemInfo:
2011/07/02 15:57:37.0181 3504
2011/07/02 15:57:37.0181 3504 OS Version: 6.0.6002 ServicePack: 2.0
2011/07/02 15:57:37.0181 3504 Product type: Workstation
2011/07/02 15:57:37.0181 3504 ComputerName: CARRIGON-PC
2011/07/02 15:57:37.0181 3504 UserName: Carrigon
2011/07/02 15:57:37.0181 3504 Windows directory: C:\Windows
2011/07/02 15:57:37.0181 3504 System windows directory: C:\Windows
2011/07/02 15:57:37.0181 3504 Running under WOW64
2011/07/02 15:57:37.0181 3504 Processor architecture: Intel x64
2011/07/02 15:57:37.0181 3504 Number of processors: 2
2011/07/02 15:57:37.0181 3504 Page size: 0x1000
2011/07/02 15:57:37.0181 3504 Boot type: Normal boot
2011/07/02 15:57:37.0181 3504 ================================================================================
2011/07/02 15:57:39.0396 3504 Initialize success
2011/07/02 15:57:42.0953 3288 ================================================================================
2011/07/02 15:57:42.0953 3288 Scan started
2011/07/02 15:57:42.0953 3288 Mode: Manual;
2011/07/02 15:57:42.0953 3288 ================================================================================
2011/07/02 15:57:43.0826 3288 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
2011/07/02 15:57:43.0904 3288 ACPIService (b0c2cea708685e8ad10f028211a2d973) C:\Windows\system32\DRIVERS\OSDACPI.SYS
2011/07/02 15:57:43.0967 3288 ADIHdAudAddService (f813ca7c3ce931fbb01e8dea0d6e4aa9) C:\Windows\system32\drivers\ADIHdAud.sys
2011/07/02 15:57:44.0013 3288 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
2011/07/02 15:57:44.0060 3288 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
2011/07/02 15:57:44.0091 3288 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
2011/07/02 15:57:44.0123 3288 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
2011/07/02 15:57:44.0201 3288 AFD (12415ccfd3e7cec55b5184e67b039fe4) C:\Windows\system32\drivers\afd.sys
2011/07/02 15:57:44.0247 3288 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
2011/07/02 15:57:44.0279 3288 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
2011/07/02 15:57:44.0325 3288 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
2011/07/02 15:57:44.0388 3288 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
2011/07/02 15:57:44.0419 3288 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
2011/07/02 15:57:44.0450 3288 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
2011/07/02 15:57:44.0481 3288 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
2011/07/02 15:57:44.0544 3288 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/02 15:57:44.0575 3288 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
2011/07/02 15:57:44.0684 3288 AVerAVF2 (064f2b116a5558f11f8c1360f6a4acda) C:\Windows\system32\DRIVERS\AVerAVF2.sys
2011/07/02 15:57:44.0762 3288 AVGIDSDriver (593868a578b40da9bc155b22316bc9a3) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
2011/07/02 15:57:44.0778 3288 AVGIDSEH (0994ba65388c7d5282242d1124fe8373) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
2011/07/02 15:57:44.0825 3288 AVGIDSFilter (bf9ebe32b3827991d2100fcebca1af01) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
2011/07/02 15:57:44.0856 3288 Avgldx64 (ff7383388a7d2283dae5831abc2b0720) C:\Windows\system32\DRIVERS\avgldx64.sys
2011/07/02 15:57:44.0887 3288 Avgmfx64 (997d002827d3e3dcbbb25bf46db161ab) C:\Windows\system32\DRIVERS\avgmfx64.sys
2011/07/02 15:57:44.0965 3288 Avgrkx64 (bccfe3374c887075cde2ac8fdb1cb2f8) C:\Windows\system32\DRIVERS\avgrkx64.sys
2011/07/02 15:57:45.0012 3288 Avgtdia (0d49adcebe243b79366ea523b647519a) C:\Windows\system32\DRIVERS\avgtdia.sys
2011/07/02 15:57:45.0090 3288 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
2011/07/02 15:57:45.0137 3288 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/02 15:57:45.0168 3288 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
2011/07/02 15:57:45.0199 3288 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
2011/07/02 15:57:45.0230 3288 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
2011/07/02 15:57:45.0293 3288 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
2011/07/02 15:57:45.0339 3288 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
2011/07/02 15:57:45.0402 3288 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
2011/07/02 15:57:45.0464 3288 BthEnum (09f926a0d9c0bafd8417a4307d2ed13c) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/07/02 15:57:45.0480 3288 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
2011/07/02 15:57:45.0527 3288 BthPan (befc5311736b475ac5b60c14ff7c775a) C:\Windows\system32\DRIVERS\bthpan.sys
2011/07/02 15:57:45.0573 3288 BTHPORT (2ff122eeb3a712feda238fb331f738b9) C:\Windows\system32\Drivers\BTHport.sys
2011/07/02 15:57:45.0605 3288 BTHUSB (2b668e7c1616c0e931714272934c678b) C:\Windows\system32\Drivers\BTHUSB.sys
2011/07/02 15:57:45.0651 3288 btwaudio (c45bac661f01a492ae2f926d3b0d1775) C:\Windows\system32\drivers\btwaudio.sys
2011/07/02 15:57:45.0683 3288 btwavdt (8964a01861b2539160dc8fe72b400e39) C:\Windows\system32\drivers\btwavdt.sys
2011/07/02 15:57:45.0714 3288 btwl2cap (fda1b5124e07003c3d0d279e5050485e) C:\Windows\system32\DRIVERS\btwl2cap.sys
2011/07/02 15:57:45.0761 3288 btwrchid (387fc34f3488aca2a16394cd7421e7a0) C:\Windows\system32\DRIVERS\btwrchid.sys
2011/07/02 15:57:45.0823 3288 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/02 15:57:45.0854 3288 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
2011/07/02 15:57:45.0885 3288 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\DRIVERS\circlass.sys
2011/07/02 15:57:45.0995 3288 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
2011/07/02 15:57:46.0073 3288 clwvd (e6b64473f48c4c1cad47ca3c5821ad49) C:\Windows\system32\DRIVERS\clwvd.sys
2011/07/02 15:57:46.0104 3288 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
2011/07/02 15:57:46.0135 3288 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
2011/07/02 15:57:46.0166 3288 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
2011/07/02 15:57:46.0213 3288 DfsC (36cd31121f228e7e79bae60aa45764c6) C:\Windows\system32\Drivers\dfsc.sys
2011/07/02 15:57:46.0275 3288 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
2011/07/02 15:57:46.0338 3288 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
2011/07/02 15:57:46.0494 3288 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/02 15:57:46.0541 3288 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
2011/07/02 15:57:46.0572 3288 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
2011/07/02 15:57:46.0619 3288 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
2011/07/02 15:57:46.0681 3288 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
2011/07/02 15:57:46.0775 3288 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
2011/07/02 15:57:46.0821 3288 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
2011/07/02 15:57:46.0884 3288 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/02 15:57:46.0899 3288 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
2011/07/02 15:57:46.0931 3288 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
2011/07/02 15:57:46.0962 3288 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/02 15:57:47.0087 3288 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
2011/07/02 15:57:47.0149 3288 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/02 15:57:47.0165 3288 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
2011/07/02 15:57:47.0367 3288 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/07/02 15:57:47.0445 3288 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
2011/07/02 15:57:47.0477 3288 HidIr (5f47839455d01ff6403b008d481a6f5b) C:\Windows\system32\DRIVERS\hidir.sys
2011/07/02 15:57:47.0508 3288 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
2011/07/02 15:57:47.0601 3288 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
2011/07/02 15:57:47.0648 3288 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
2011/07/02 15:57:47.0679 3288 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
2011/07/02 15:57:47.0742 3288 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/07/02 15:57:47.0882 3288 iaStor (a5afc75c01044c0dda0231c4e26c15a0) C:\Windows\system32\DRIVERS\iaStor.sys
2011/07/02 15:57:47.0929 3288 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
2011/07/02 15:57:47.0991 3288 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
2011/07/02 15:57:48.0038 3288 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
2011/07/02 15:57:48.0054 3288 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/02 15:57:48.0132 3288 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/07/02 15:57:48.0194 3288 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
2011/07/02 15:57:48.0210 3288 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
2011/07/02 15:57:48.0241 3288 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
2011/07/02 15:57:48.0288 3288 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
2011/07/02 15:57:48.0335 3288 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/07/02 15:57:48.0366 3288 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
2011/07/02 15:57:48.0428 3288 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
2011/07/02 15:57:48.0459 3288 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/07/02 15:57:48.0537 3288 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/07/02 15:57:48.0709 3288 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/02 15:57:48.0771 3288 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
2011/07/02 15:57:48.0818 3288 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/02 15:57:48.0881 3288 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
2011/07/02 15:57:48.0912 3288 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
2011/07/02 15:57:48.0943 3288 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
2011/07/02 15:57:48.0974 3288 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
2011/07/02 15:57:49.0005 3288 MBAMProtector (ed49fd1373de93617a1f6d128d98fe4d) C:\Windows\system32\drivers\mbam.sys
2011/07/02 15:57:49.0083 3288 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
2011/07/02 15:57:49.0130 3288 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
2011/07/02 15:57:49.0161 3288 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
2011/07/02 15:57:49.0208 3288 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/02 15:57:49.0239 3288 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
2011/07/02 15:57:49.0302 3288 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
2011/07/02 15:57:49.0364 3288 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
2011/07/02 15:57:49.0411 3288 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
2011/07/02 15:57:49.0473 3288 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/02 15:57:49.0505 3288 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
2011/07/02 15:57:49.0551 3288 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
2011/07/02 15:57:49.0598 3288 mrxsmb (dc434b4769e18da09ce1b7755d4c64e9) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/02 15:57:49.0645 3288 mrxsmb10 (64713fcfe3de8881d62f8f3f2f794241) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/02 15:57:49.0692 3288 mrxsmb20 (0005c599a2abf767a815afcd32e523e3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/02 15:57:49.0754 3288 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
2011/07/02 15:57:49.0785 3288 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
2011/07/02 15:57:49.0832 3288 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
2011/07/02 15:57:49.0863 3288 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
2011/07/02 15:57:49.0926 3288 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/02 15:57:49.0973 3288 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/02 15:57:50.0019 3288 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
2011/07/02 15:57:50.0066 3288 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
2011/07/02 15:57:50.0113 3288 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/07/02 15:57:50.0160 3288 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
2011/07/02 15:57:50.0238 3288 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
2011/07/02 15:57:50.0285 3288 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
2011/07/02 15:57:50.0347 3288 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
2011/07/02 15:57:50.0394 3288 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/07/02 15:57:50.0441 3288 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/07/02 15:57:50.0472 3288 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/07/02 15:57:50.0519 3288 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
2011/07/02 15:57:50.0565 3288 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
2011/07/02 15:57:50.0612 3288 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
2011/07/02 15:57:50.0706 3288 netr28x (69993bf4a23bd6096d8de5d2cf3011db) C:\Windows\system32\DRIVERS\netr28x.sys
2011/07/02 15:57:50.0768 3288 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
2011/07/02 15:57:50.0862 3288 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
2011/07/02 15:57:50.0909 3288 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
2011/07/02 15:57:51.0080 3288 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
2011/07/02 15:57:51.0143 3288 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
2011/07/02 15:57:51.0891 3288 nvlddmkm (bbe872a814b00798c2d568d46c42a71b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/07/02 15:57:52.0047 3288 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
2011/07/02 15:57:52.0063 3288 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
2011/07/02 15:57:52.0125 3288 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
2011/07/02 15:57:52.0203 3288 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/07/02 15:57:52.0250 3288 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
2011/07/02 15:57:52.0297 3288 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
2011/07/02 15:57:52.0625 3288 PCD5SRVC{8AAF211B-043E02A9-05040000} (7204f835a4355d1ab2853e57c9ff177c) C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms
2011/07/02 15:57:52.0734 3288 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
2011/07/02 15:57:52.0765 3288 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
2011/07/02 15:57:52.0796 3288 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
2011/07/02 15:57:52.0843 3288 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
2011/07/02 15:57:52.0937 3288 pnarp (4ff73a83a25d0eead4f5e6c841bb6704) C:\Windows\system32\DRIVERS\pnarp.sys
2011/07/02 15:57:52.0983 3288 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
2011/07/02 15:57:53.0015 3288 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
2011/07/02 15:57:53.0093 3288 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/02 15:57:53.0124 3288 purendis (9a68a89f10f283a23afee2a1bfe4bffb) C:\Windows\system32\DRIVERS\purendis.sys
2011/07/02 15:57:53.0249 3288 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
2011/07/02 15:57:53.0327 3288 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
2011/07/02 15:57:53.0342 3288 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/02 15:57:53.0373 3288 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
2011/07/02 15:57:53.0420 3288 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/07/02 15:57:53.0467 3288 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/07/02 15:57:53.0498 3288 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
2011/07/02 15:57:53.0545 3288 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
2011/07/02 15:57:53.0576 3288 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/02 15:57:53.0623 3288 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
2011/07/02 15:57:53.0639 3288 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
2011/07/02 15:57:53.0685 3288 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
2011/07/02 15:57:53.0748 3288 RFCOMM (cd71e053d7260e4102d99a28f9196070) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/07/02 15:57:53.0795 3288 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
2011/07/02 15:57:53.0826 3288 RTL8169 (82b66abf055611024e5dbb9fa556c11d) C:\Windows\system32\DRIVERS\Rtlh64.sys
2011/07/02 15:57:53.0873 3288 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
2011/07/02 15:57:53.0935 3288 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/07/02 15:57:53.0966 3288 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
2011/07/02 15:57:53.0997 3288 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
2011/07/02 15:57:54.0029 3288 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
2011/07/02 15:57:54.0122 3288 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
2011/07/02 15:57:54.0169 3288 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
2011/07/02 15:57:54.0185 3288 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
2011/07/02 15:57:54.0216 3288 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
2011/07/02 15:57:54.0247 3288 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
2011/07/02 15:57:54.0294 3288 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
2011/07/02 15:57:54.0341 3288 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
2011/07/02 15:57:54.0403 3288 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
2011/07/02 15:57:54.0465 3288 sptd (9ab59cf736981ed1f83c6ab5faa8ba5c) C:\Windows\system32\Drivers\sptd.sys
2011/07/02 15:57:54.0465 3288 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 9ab59cf736981ed1f83c6ab5faa8ba5c
2011/07/02 15:57:54.0465 3288 sptd - detected LockedFile.Multi.Generic (1)
2011/07/02 15:57:54.0497 3288 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
2011/07/02 15:57:54.0528 3288 srv2 (fa36d119249bf27bc4c0079734e1f33b) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/02 15:57:54.0543 3288 srvnet (cfe7bc92d52c7e79427545909a0182f8) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/02 15:57:54.0590 3288 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
2011/07/02 15:57:54.0637 3288 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
2011/07/02 15:57:54.0668 3288 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
2011/07/02 15:57:54.0699 3288 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
2011/07/02 15:57:54.0840 3288 Tcpip (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\drivers\tcpip.sys
2011/07/02 15:57:54.0980 3288 Tcpip6 (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\DRIVERS\tcpip.sys
2011/07/02 15:57:55.0089 3288 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
2011/07/02 15:57:55.0136 3288 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
2011/07/02 15:57:55.0183 3288 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
2011/07/02 15:57:55.0214 3288 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
2011/07/02 15:57:55.0245 3288 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
2011/07/02 15:57:55.0308 3288 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/07/02 15:57:55.0339 3288 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
2011/07/02 15:57:55.0355 3288 tunnel (f6a4fba7c03ac2efd00f3301c0c1e067) C:\Windows\system32\DRIVERS\tunnel.sys
2011/07/02 15:57:55.0401 3288 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
2011/07/02 15:57:55.0464 3288 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/02 15:57:55.0511 3288 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
2011/07/02 15:57:55.0542 3288 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
2011/07/02 15:57:55.0589 3288 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
2011/07/02 15:57:55.0620 3288 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
2011/07/02 15:57:55.0635 3288 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
2011/07/02 15:57:55.0682 3288 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/07/02 15:57:55.0729 3288 usbcir (8c39d53e1a343f4c47ee8f3c052126d8) C:\Windows\system32\DRIVERS\usbcir.sys
2011/07/02 15:57:55.0760 3288 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
2011/07/02 15:57:55.0791 3288 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
2011/07/02 15:57:55.0838 3288 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
2011/07/02 15:57:55.0885 3288 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
2011/07/02 15:57:55.0932 3288 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
2011/07/02 15:57:55.0979 3288 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/07/02 15:57:55.0994 3288 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/07/02 15:57:56.0025 3288 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
2011/07/02 15:57:56.0088 3288 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/02 15:57:56.0103 3288 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
2011/07/02 15:57:56.0135 3288 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
2011/07/02 15:57:56.0181 3288 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
2011/07/02 15:57:56.0244 3288 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
2011/07/02 15:57:56.0291 3288 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
2011/07/02 15:57:56.0322 3288 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
2011/07/02 15:57:56.0369 3288 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
2011/07/02 15:57:56.0415 3288 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/02 15:57:56.0431 3288 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/02 15:57:56.0478 3288 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
2011/07/02 15:57:56.0509 3288 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/02 15:57:56.0696 3288 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
2011/07/02 15:57:56.0759 3288 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/02 15:57:56.0837 3288 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/07/02 15:57:56.0899 3288 WUSB54GCv3 (c088056dfba2b3a6955ea596ee5cc507) C:\Windows\system32\DRIVERS\WUSB54GCv3.sys
2011/07/02 15:57:57.0039 3288 {55662437-DA8C-40c0-AADA-2C816A897A49} (74983addca2d9618512c088d856d6615) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
2011/07/02 15:57:57.0055 3288 MBR (0x1B8) (81cd5ec01db0ce57edd853f82462ef27) \Device\Harddisk0\DR0
2011/07/02 15:57:57.0601 3288 Boot (0x1200) (f20dea7e8f811a307a00e3ca10b3f696) \Device\Harddisk0\DR0\Partition0
2011/07/02 15:57:57.0601 3288 Boot (0x1200) (083a99644bc62d0c80fb033581757795) \Device\Harddisk0\DR0\Partition1
2011/07/02 15:57:57.0617 3288 ================================================================================
2011/07/02 15:57:57.0617 3288 Scan finished
2011/07/02 15:57:57.0617 3288 ================================================================================
2011/07/02 15:57:57.0632 1112 Detected object count: 1
2011/07/02 15:57:57.0632 1112 Actual detected object count: 1
2011/07/02 15:58:07.0944 1112 LockedFile.Multi.Generic(sptd) - User select action: Skip
 

My Computer

System One

  • Manufacturer/Model
    HP Touchsmart IQ816
    Memory
    4GB
    Graphics Card(s)
    Nvidia 9600GS
    Internet Speed
    Broadband
You must log in or register to reply here.
Back
Top