Im not sure which viris it is....

"%userprofile%\desktop\commy.exe" /stepdel

it did not give me the chance to put this in... what did i do wrong?

should i try and do this again? Thank you

Hi Belazar, I did what was said to do but it wouldnt let me paste what needed to be pasted it did the scan will it still work for you?

Belahzur ,,, i apologize about the spelling...

I just bought the tips and tricks and have me receipt how do i get the 75 pages... ?

Hi,

Please download Malwarebytes Anti-Malware from Here.


Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply.
  

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7465

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

8/14/2011 9:47:21 AM
mbam-log-2011-08-14 (09-47-21).txt

Scan type: Quick scan
Objects scanned: 201707
Time elapsed: 8 minute(s), 25 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 7

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\RealTime Gaming Software\Gold VIP Club Casino (Adware.Casino) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\beach master\local settings\temp\tmp44D6.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\documents and settings\beach master\local settings\temp\ptu11f_tmp.exe (PUP.Casino) -> Quarantined and deleted successfully.
c:\documents and settings\beach master\local settings\temp\ptu120_tmp.exe (PUP.Casino) -> Quarantined and deleted successfully.
c:\documents and settings\beach master\local settings\temp\ptu184_tmp.exe (PUP.Casino) -> Quarantined and deleted successfully.
c:\documents and settings\beach master\local settings\temp\ptu185_tmp.exe (PUP.Casino) -> Quarantined and deleted successfully.
c:\documents and settings\beach master\local settings\temp\ptu186_tmp.exe (PUP.Casino) -> Quarantined and deleted successfully.
c:\documents and settings\beach master\local settings\temp\ptu187_tmp.exe (PUP.Casino) -> Quarantined and deleted successfully.

Hi Sneakyone,
Just a note after doing this i went to my log in and the page is still green with none of my programs or outlook on it... just wanted you to know Thank you for all that you do.. its greatly appreciated.
Dana

i just noticed that malware was on my green screen so i ran it again and found more and this is the note
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7465

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

8/14/2011 2:33:27 PM
mbam-log-2011-08-14 (14-33-27).txt

Scan type: Quick scan
Objects scanned: 141155
Time elapsed: 4 minute(s), 10 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA73037A-F182-44A0-BC0B-690D71231330} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\gvtl (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\qulYhhRuoG (Rogue.Agent.SA) -> Value: qulYhhRuoG -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (PUM.Bad.Proxy) -> Value: ProxyServer -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Hi,

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan

• Tick the box next to YES, I accept the Terms of Use
  
• Click Start
  
• When asked, allow the ActiveX control to install
  
• Click Start
  
• Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  
• Click Scan (This scan can take several hours, so please be patient)
  
• Once the scan is completed, you may close the window
  
• Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  
• Copy and paste that log as a reply to this topic
  

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=fa72923c85765f4cab1291fcdcf48dc0
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=false
# utc_time=2011-08-15 12:00:02
# local_time=2011-08-15 07:00:02 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 40109185 40109185 0 0
# compatibility_mode=3586 16764926 100 82 44474057 737703265 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=132084
# found=17
# cleaned=17
# scan_time=5139
C:\Documents and Settings\Beach Master\Local Settings\temp\ICReinstall\Facemoods[1].exe probably a variant of Win32/InstallCore.A application (cleaned by deleting - quarantined) 9957B0472BC21740D1424781D6306277 C
C:\Documents and Settings\Beach Master\Local Settings\temp\1C0.tmp a variant of Win32/Kryptik.RMF trojan (cleaned by deleting - quarantined) 1E6A4136C63F49E37BF9C2CA4BF3D912 C
C:\Documents and Settings\Beach Master\Local Settings\temp\JavaUpdate.exe a variant of Win32/Kryptik.RMF trojan (cleaned by deleting - quarantined) 1E6A4136C63F49E37BF9C2CA4BF3D912 C
C:\Documents and Settings\Beach Master\My Documents\FONTS\free fonts computor\Smartdownload.exe a variant of Win32/CasOnline application (cleaned by deleting - quarantined) 24D98C3EC0291758E5E9D801502C43D5 C
C:\Program Files\PConPoint\PConPoint.exe a variant of Win32/Adware.ErrorClean application (cleaned by deleting - quarantined) 55DF1C8006E748A42A62B160EF2AEEFC C
C:\Program Files\Slots of Vegas\casino.dll a variant of Win32/CasOnline application (cleaned by deleting - quarantined) C37ACECE76953BCDF941E739D7C13057 C
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\P1kAlMiG2Kb7Fz.exe.vir a variant of Win32/Kryptik.RNF trojan (cleaned by deleting - quarantined) A7FAE5A198DA074CAC7026BFDF7FF781 C
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\qulYhhRuoG.exe.vir a variant of Win32/Kryptik.RNF trojan (cleaned by deleting - quarantined) 86CBB81C342A2A3C3187CC31BA8660B8 C
C:\RECYCLER\S-1-5-21-4140633030-3341314632-3632176343-1006\Dc2\casino.dll.vir a variant of Win32/CasOnline application (cleaned by deleting - quarantined) 9FAADA8A951FC5387624386A9A7D670A C
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1441\A0246167.exe Win32/RubyRoyal application (cleaned by deleting - quarantined) AAB82C4076268A66EFEF376EEF3105E0 C
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1443\A0246715.dll a variant of Win32/CasOnline application (cleaned by deleting - quarantined) 5FC40CCF8E35F13871D2449BA2314DFC C
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1443\A0247022.exe a variant of Win32/CasOnline application (cleaned by deleting - quarantined) 84C2FBD53B5C5603A041ACA7F4999710 C
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1466\A0251701.exe a variant of Win32/Kryptik.RNF trojan (cleaned by deleting - quarantined) A7FAE5A198DA074CAC7026BFDF7FF781 C
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1466\A0251702.exe a variant of Win32/Kryptik.RNF trojan (cleaned by deleting - quarantined) 86CBB81C342A2A3C3187CC31BA8660B8 C
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1466\A0251706.dll a variant of Win32/CasOnline application (cleaned by deleting - quarantined) 9FAADA8A951FC5387624386A9A7D670A C
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1469\A0252208.exe a variant of Win32/Adware.ErrorClean application (cleaned by deleting - quarantined) 55DF1C8006E748A42A62B160EF2AEEFC C
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1469\A0252209.dll a variant of Win32/CasOnline application (cleaned by deleting - quarantined) C37ACECE76953BCDF941E739D7C13057 C

Hi just checking in i went to see if my programs and documents were back and outlook and it is still a green screen and nothing on it but the malware and eset . Thank you

Hi,

Please download aswMBR from here

• Save aswMBR.exe to your Desktop
  
• Double click aswMBR.exe to run it
  
• Click the Scan button to start the scan as illustrated below
  

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives

• Once the scan finishes click Save log to save the log to your Desktop
  
  
  
• Copy and paste the contents of aswMBR.txt back here for review
  

aswMBR version 0.9.8.978 Copyright(c) 2011 AVAST Software
Run date: 2011-08-16 06:36:19
-----------------------------
06:36:19.312 OS Version: Windows 5.1.2600 Service Pack 2
06:36:19.312 Number of processors: 2 586 0x403
06:36:19.312 ComputerName: MOTHER UserName: Dana
06:36:20.453 Initialize success
06:37:06.359 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e
06:37:06.359 Disk 0 Vendor: Maxtor_6L160M0 BACE1G10 Size: 152587MB BusType: 3
06:37:08.375 Disk 0 MBR read successfully
06:37:08.375 Disk 0 MBR scan
06:37:08.375 Disk 0 Windows XP default MBR code
06:37:08.375 Disk 0 scanning sectors +312496380
06:37:08.437 Disk 0 scanning C:\WINDOWS\system32\drivers
06:37:13.781 Service scanning
06:37:14.953 Modules scanning
06:37:19.578 Disk 0 trace - called modules:
06:37:19.578 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
06:37:19.593 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f3dab8]
06:37:19.593 3 CLASSPNP.SYS[f76a505b] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-e[0x86fa3030]
06:37:19.593 Scan finished successfully
06:37:36.625 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Dana\Desktop\MBR.dat"
06:37:36.640 The log file has been saved successfully to "C:\Documents and Settings\Dana\Desktop\aswMBR.txt"

Did i do this correctly?

Hi,

Please download TDSSKiller from here and save it to your Desktop.

• Doubleclick TDSSKiller.exe to run the tool
  
• Click the Start Scan button
  
• After the scan has finished, click the Close button
  
• Click the Report button and copy/paste the contents of it into your next reply

Note:It will also create a log in the C:\ directory.

2011/08/18 06:46:42.0531 5012 TDSS rootkit removing tool 2.5.15.0 Aug 11 2011 16:32:13
2011/08/18 06:46:42.0875 5012 ================================================================================
2011/08/18 06:46:42.0875 5012 SystemInfo:
2011/08/18 06:46:42.0875 5012
2011/08/18 06:46:42.0875 5012 OS Version: 5.1.2600 ServicePack: 2.0
2011/08/18 06:46:42.0875 5012 Product type: Workstation
2011/08/18 06:46:42.0875 5012 ComputerName: MOTHER
2011/08/18 06:46:42.0875 5012 UserName: Dana
2011/08/18 06:46:42.0875 5012 Windows directory: C:\WINDOWS
2011/08/18 06:46:42.0875 5012 System windows directory: C:\WINDOWS
2011/08/18 06:46:42.0875 5012 Processor architecture: Intel x86
2011/08/18 06:46:42.0875 5012 Number of processors: 2
2011/08/18 06:46:42.0875 5012 Page size: 0x1000
2011/08/18 06:46:42.0875 5012 Boot type: Normal boot
2011/08/18 06:46:42.0875 5012 ================================================================================
2011/08/18 06:46:44.0875 5012 Initialize success
2011/08/18 06:46:49.0875 4400 ================================================================================
2011/08/18 06:46:49.0875 4400 Scan started
2011/08/18 06:46:49.0875 4400 Mode: Manual;
2011/08/18 06:46:49.0875 4400 ================================================================================
2011/08/18 06:46:52.0093 4400 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2011/08/18 06:46:52.0125 4400 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/08/18 06:46:52.0203 4400 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/08/18 06:46:52.0234 4400 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/08/18 06:46:52.0312 4400 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
2011/08/18 06:46:52.0406 4400 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
2011/08/18 06:46:52.0437 4400 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/08/18 06:46:52.0468 4400 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2011/08/18 06:46:52.0484 4400 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2011/08/18 06:46:52.0515 4400 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/08/18 06:46:52.0546 4400 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/08/18 06:46:52.0625 4400 aksusb (0fad77dadf29deabefcdf591a4810c07) C:\WINDOWS\system32\DRIVERS\aksusb.sys
2011/08/18 06:46:52.0671 4400 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/08/18 06:46:52.0750 4400 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2011/08/18 06:46:52.0781 4400 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2011/08/18 06:46:52.0812 4400 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2011/08/18 06:46:52.0828 4400 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2011/08/18 06:46:52.0859 4400 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2011/08/18 06:46:52.0875 4400 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2011/08/18 06:46:52.0937 4400 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/08/18 06:46:52.0984 4400 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/08/18 06:46:53.0078 4400 ati2mtag (afb591955258dec2deb6de0137876800) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/08/18 06:46:53.0218 4400 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/08/18 06:46:53.0250 4400 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/08/18 06:46:53.0312 4400 b57w2k (241474d01380e9ed41d4c07f4f5fd401) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
2011/08/18 06:46:53.0406 4400 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/08/18 06:46:53.0593 4400 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2011/08/18 06:46:53.0609 4400 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/08/18 06:46:53.0671 4400 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/08/18 06:46:53.0734 4400 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2011/08/18 06:46:53.0765 4400 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/08/18 06:46:53.0796 4400 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/08/18 06:46:53.0875 4400 Cdr4_xp (223dea13c9d064babc882b4727f6f905) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
2011/08/18 06:46:53.0906 4400 Cdralw2k (9e26599599d178e71afb5599e146031a) C:\WINDOWS\system32\drivers\Cdralw2k.sys
2011/08/18 06:46:53.0968 4400 Cdrom (7b53584d94e9d8716b2de91d5f1cb42d) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/08/18 06:46:54.0062 4400 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2011/08/18 06:46:54.0109 4400 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2011/08/18 06:46:54.0156 4400 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2011/08/18 06:46:54.0328 4400 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2011/08/18 06:46:54.0437 4400 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/08/18 06:46:54.0562 4400 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
2011/08/18 06:46:54.0625 4400 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
2011/08/18 06:46:54.0671 4400 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/08/18 06:46:54.0718 4400 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2011/08/18 06:46:54.0750 4400 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/08/18 06:46:54.0781 4400 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/08/18 06:46:54.0828 4400 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
2011/08/18 06:46:54.0937 4400 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
2011/08/18 06:46:54.0968 4400 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/08/18 06:46:55.0109 4400 eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
2011/08/18 06:46:55.0265 4400 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/08/18 06:46:55.0437 4400 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/08/18 06:46:55.0468 4400 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
2011/08/18 06:46:55.0515 4400 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/08/18 06:46:55.0593 4400 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/08/18 06:46:55.0671 4400 fssfltr (fb7f5239c9f6a1c13052869f5a0f7c80) C:\WINDOWS\system32\DRIVERS\fssfltr.sys
2011/08/18 06:46:55.0703 4400 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/08/18 06:46:55.0734 4400 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/08/18 06:46:55.0750 4400 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/08/18 06:46:55.0812 4400 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/08/18 06:46:55.0906 4400 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2011/08/18 06:46:55.0968 4400 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/08/18 06:46:56.0046 4400 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/08/18 06:46:56.0125 4400 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/08/18 06:46:56.0250 4400 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/08/18 06:46:56.0359 4400 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys
2011/08/18 06:46:56.0453 4400 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2011/08/18 06:46:56.0484 4400 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/08/18 06:46:56.0578 4400 ialm (9a883c3c4d91292c0d09de7c728e781c) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2011/08/18 06:46:56.0687 4400 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/08/18 06:46:56.0734 4400 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2011/08/18 06:46:56.0812 4400 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/08/18 06:46:56.0906 4400 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/08/18 06:46:56.0953 4400 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/08/18 06:46:57.0000 4400 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/08/18 06:46:57.0046 4400 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/08/18 06:46:57.0125 4400 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/08/18 06:46:57.0234 4400 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/08/18 06:46:57.0312 4400 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/08/18 06:46:57.0421 4400 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/08/18 06:46:57.0468 4400 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/08/18 06:46:57.0500 4400 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/08/18 06:46:57.0609 4400 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
2011/08/18 06:46:57.0671 4400 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/08/18 06:46:57.0828 4400 MBAMSwissArmy (b18225739ed9caa83ba2df966e9f43e8) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011/08/18 06:46:57.0937 4400 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/08/18 06:46:57.0984 4400 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
2011/08/18 06:46:58.0015 4400 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/08/18 06:46:58.0093 4400 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/08/18 06:46:58.0109 4400 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/08/18 06:46:58.0156 4400 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2011/08/18 06:46:58.0234 4400 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/08/18 06:46:58.0328 4400 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/08/18 06:46:58.0406 4400 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2011/08/18 06:46:58.0453 4400 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/08/18 06:46:58.0515 4400 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/08/18 06:46:58.0531 4400 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/08/18 06:46:58.0562 4400 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/08/18 06:46:58.0640 4400 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/08/18 06:46:58.0687 4400 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
2011/08/18 06:46:58.0781 4400 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/08/18 06:46:58.0968 4400 NAVENG (68f5550e4395b0d9b6d205ca7561c5b1) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070328.019\NAVENG.Sys
2011/08/18 06:46:59.0000 4400 NAVEX15 (3efba831884806a0d6675bbd61c479f0) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070328.019\NavEx15.Sys
2011/08/18 06:46:59.0093 4400 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2011/08/18 06:46:59.0125 4400 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/08/18 06:46:59.0343 4400 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/08/18 06:46:59.0359 4400 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/08/18 06:46:59.0390 4400 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/08/18 06:46:59.0421 4400 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/08/18 06:46:59.0437 4400 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/08/18 06:46:59.0578 4400 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/08/18 06:46:59.0687 4400 NPDriver (410ab482d8a1e1655a7158a7b5c72ce7) C:\WINDOWS\system32\Drivers\NPDRIVER.SYS
2011/08/18 06:46:59.0703 4400 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2011/08/18 06:46:59.0812 4400 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/08/18 06:46:59.0968 4400 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/08/18 06:47:00.0062 4400 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/08/18 06:47:00.0156 4400 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/08/18 06:47:00.0218 4400 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/08/18 06:47:00.0359 4400 omci (b17228142cec9b3c222239fd935a37ca) C:\WINDOWS\system32\DRIVERS\omci.sys
2011/08/18 06:47:00.0468 4400 PAC207 (eb0f54fbcb622957051cf507885bf66f) C:\WINDOWS\system32\DRIVERS\PFC027.SYS
2011/08/18 06:47:00.0578 4400 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/08/18 06:47:00.0656 4400 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/08/18 06:47:00.0703 4400 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/08/18 06:47:00.0750 4400 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/08/18 06:47:00.0812 4400 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/08/18 06:47:00.0875 4400 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/08/18 06:47:01.0031 4400 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2011/08/18 06:47:01.0062 4400 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2011/08/18 06:47:01.0250 4400 phc700 (8a3a05186cc4a9198581a0a09d38e959) C:\WINDOWS\system32\DRIVERS\phc700.sys
2011/08/18 06:47:01.0484 4400 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/08/18 06:47:01.0609 4400 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/08/18 06:47:01.0656 4400 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/08/18 06:47:01.0703 4400 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/08/18 06:47:01.0750 4400 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2011/08/18 06:47:01.0765 4400 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2011/08/18 06:47:01.0796 4400 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2011/08/18 06:47:01.0812 4400 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2011/08/18 06:47:01.0843 4400 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2011/08/18 06:47:01.0875 4400 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/08/18 06:47:01.0906 4400 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/08/18 06:47:01.0937 4400 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/08/18 06:47:01.0953 4400 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/08/18 06:47:02.0046 4400 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/08/18 06:47:02.0078 4400 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/08/18 06:47:02.0125 4400 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/08/18 06:47:02.0265 4400 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/08/18 06:47:02.0390 4400 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/08/18 06:47:02.0531 4400 RTL8192su (7fd98e91896cad23169a84874f145250) C:\WINDOWS\system32\DRIVERS\RTL8192su.sys
2011/08/18 06:47:02.0625 4400 SAVRT (916f1232167a090311950e6b87f1eab4) C:\WINDOWS\system32\Drivers\SAVRT.SYS
2011/08/18 06:47:02.0687 4400 SAVRTPEL (35f4d6f53fc698c1e00ac52cc8cd6f93) C:\WINDOWS\system32\Drivers\SAVRTPEL.SYS
2011/08/18 06:47:02.0812 4400 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/08/18 06:47:02.0875 4400 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
2011/08/18 06:47:02.0968 4400 Sentinel (99c81af18c0bf4d3b2ce0b36941e150f) C:\WINDOWS\System32\Drivers\SENTINEL.SYS
2011/08/18 06:47:03.0000 4400 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/08/18 06:47:03.0015 4400 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/08/18 06:47:03.0062 4400 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/08/18 06:47:03.0140 4400 sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2011/08/18 06:47:03.0265 4400 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/08/18 06:47:03.0390 4400 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys
2011/08/18 06:47:03.0421 4400 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2011/08/18 06:47:03.0484 4400 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
2011/08/18 06:47:03.0531 4400 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/08/18 06:47:03.0578 4400 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/08/18 06:47:03.0687 4400 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
2011/08/18 06:47:03.0734 4400 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
2011/08/18 06:47:03.0781 4400 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/08/18 06:47:03.0875 4400 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/08/18 06:47:03.0906 4400 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2011/08/18 06:47:03.0953 4400 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/08/18 06:47:04.0000 4400 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/08/18 06:47:04.0171 4400 SymEvent (c9b8f325b2a22cda1bda7b25181b1389) C:\Program Files\Symantec\SYMEVENT.SYS
2011/08/18 06:47:04.0281 4400 SYMREDRV (7c73b65f1bdfab9052a5076c0ca622de) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
2011/08/18 06:47:04.0312 4400 SYMTDI (b4562798891dca27ed67ca07acbadbd9) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
2011/08/18 06:47:04.0343 4400 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/08/18 06:47:04.0375 4400 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/08/18 06:47:04.0406 4400 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/08/18 06:47:04.0515 4400 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/08/18 06:47:04.0593 4400 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/08/18 06:47:04.0640 4400 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/08/18 06:47:04.0671 4400 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/08/18 06:47:04.0750 4400 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
2011/08/18 06:47:04.0796 4400 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
2011/08/18 06:47:04.0859 4400 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
2011/08/18 06:47:04.0890 4400 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
2011/08/18 06:47:04.0906 4400 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
2011/08/18 06:47:04.0937 4400 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
2011/08/18 06:47:04.0968 4400 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
2011/08/18 06:47:04.0984 4400 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
2011/08/18 06:47:05.0015 4400 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
2011/08/18 06:47:05.0062 4400 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2011/08/18 06:47:05.0140 4400 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
2011/08/18 06:47:05.0203 4400 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2011/08/18 06:47:05.0328 4400 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
2011/08/18 06:47:05.0453 4400 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/08/18 06:47:05.0562 4400 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/08/18 06:47:05.0656 4400 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/08/18 06:47:05.0671 4400 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/08/18 06:47:05.0734 4400 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/08/18 06:47:05.0812 4400 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/08/18 06:47:05.0921 4400 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/08/18 06:47:05.0968 4400 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/08/18 06:47:06.0000 4400 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2011/08/18 06:47:06.0031 4400 viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2011/08/18 06:47:06.0078 4400 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/08/18 06:47:06.0093 4400 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/08/18 06:47:06.0140 4400 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/08/18 06:47:06.0281 4400 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
2011/08/18 06:47:06.0390 4400 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/08/18 06:47:06.0515 4400 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
2011/08/18 06:47:06.0609 4400 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/08/18 06:47:06.0718 4400 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/08/18 06:47:06.0734 4400 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/08/18 06:47:06.0796 4400 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/08/18 06:47:06.0875 4400 Boot (0x1200) (d2e586c7ca56df819958d3089361f2f9) \Device\Harddisk0\DR0\Partition0
2011/08/18 06:47:06.0890 4400 ================================================================================
2011/08/18 06:47:06.0890 4400 Scan finished
2011/08/18 06:47:06.0890 4400 ================================================================================
2011/08/18 06:47:06.0906 1548 Detected object count: 0
2011/08/18 06:47:06.0906 1548 Actual detected object count: 0

Is there anything i could have done to avoid this? and Thank you so much for all your help... and is my computor going to be able to recover.. Thank you !

Hi,

How's your computer running now?

its the same my sign in has a green background and i dont have my programs or outlook for my email... i had to take a break from this im sorry cuz im loosing my business not being able to work on my computor can you think of anything else i can do?

Its not my programs i sign on to my sign in and my documents are gone..but when i sign in on the mother one... my documents are seen under beach master but they are shaded and i cant get to them.. and the outlook is gone for my email....

Save these instructions so you can have access to them while in Safe Mode.

Please click here to download AVP Tool by Kaspersky.

• Save it to your desktop.
• Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
• Double click the setup file to run it.
• Click Next to continue.
• Accept the License agreement and click on next.
• It will, by default, install it to your desktop folder. Click Next.
• It will then open a box There will be a tab that says Automatic scan.
• Under Automatic scan make sure these are checked.

• Hidden Startup Objects
• System Memory
• Disk Boot Sectors.
• My Computer.
• Also any other drives (Removable that you may have)

Leave the rest of the settings as they appear as default.

• Then click on Scan at the to right hand Corner.
• It will automatically Neutralize any objects found.
• If some objects are left un-neutralized then click the button that says Neutralize all
• If it says it cannot be neutralized then choose the delete option when prompted.
• After that is done click on the reports button at the bottom and save it to file name it Kas.
• Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.
  
  Note: This tool will self uninstall when you close it so please save the log before closing it.