floormatt6
-
Posts
8 -
Joined
-
Last visited
-
A System Check pop up appeared on my computer. It is a faux virus scan, finds multiple HDD errors, and advises you to purchase their software. Of course, I did not. "Windows Errors" pop up by the dozens. All programs are hidden. I've tried to remove it, but so far no luck. I ran rKill, TDSSKiller, and MBAM, in that order, all in Safe Mode. No luck! Any advice would be great! Thanks! Matt
-
Still works well. If it comes back, what should I do? Reply here or will it be closed? Make a new topic?
-
I've been testing it repeatedly and so far so good. I'll respond in a day or two after frequent browsing. Thanks (for now)!
-
ComboFix 11-11-02.03 - MattAsus 11/02/2011 13:08:21.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.2236 [GMT -4:00] Running from: c:\users\MattAsus\Desktop\ComboFix.exe AV: AVG Anti-Virus Free *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\MattAsus\jdk-7-windows-x64.exe c:\users\MattAsus\Taskmgr.exe c:\windows\security\Database\tmp.edb . . ((((((((((((((((((((((((( Files Created from 2011-10-02 to 2011-11-02 ))))))))))))))))))))))))))))))) . . 2011-11-02 17:22 . 2011-11-02 17:22 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-11-02 03:59 . 2011-11-02 15:57 -------- d-----w- c:\users\MattAsus\AppData\Local\cache 2011-11-02 03:38 . 2011-11-02 03:46 -------- d-----w- c:\program files\Autodesk 2011-11-02 03:38 . 2011-11-02 03:38 -------- d-----w- c:\program files (x86)\Autodesk 2011-11-02 03:36 . 2009-09-04 21:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll 2011-11-02 03:36 . 2009-09-04 21:29 235344 ----a-w- c:\windows\SysWow64\d3dx11_42.dll 2011-11-02 03:36 . 2009-09-04 21:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll 2011-11-02 03:36 . 2009-09-04 21:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll 2011-11-02 03:36 . 2009-09-04 21:29 285024 ----a-w- c:\windows\system32\d3dx11_42.dll 2011-11-02 03:36 . 2009-09-04 21:29 2582888 ----a-w- c:\windows\system32\D3DCompiler_42.dll 2011-11-02 03:36 . 2009-09-04 21:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll 2011-11-02 03:36 . 2009-09-04 21:29 2475352 ----a-w- c:\windows\system32\D3DX9_42.dll 2011-11-02 03:03 . 2011-11-02 17:25 -------- d-----w- c:\program files (x86)\Common Files\Akamai 2011-11-02 02:34 . 2011-11-02 02:47 -------- d-----w- c:\programdata\FLEXnet 2011-11-02 02:24 . 2011-11-02 02:24 -------- d-----w- c:\program files\Common Files\Macrovision Shared 2011-11-02 02:21 . 2011-11-02 03:47 -------- d-----w- c:\program files\Common Files\Autodesk Shared 2011-11-02 02:21 . 2011-11-02 03:38 -------- d-----w- c:\users\MattAsus\AppData\Local\Autodesk 2011-11-02 02:19 . 2011-11-02 03:47 -------- d-----w- c:\program files (x86)\Common Files\Autodesk Shared 2011-11-02 02:18 . 2009-03-09 19:27 520544 ----a-w- c:\windows\system32\d3dx10_41.dll 2011-11-02 02:18 . 2009-03-09 19:27 453456 ----a-w- c:\windows\SysWow64\d3dx10_41.dll 2011-11-02 02:18 . 2009-03-09 19:27 2430312 ----a-w- c:\windows\system32\D3DCompiler_41.dll 2011-11-02 02:18 . 2009-03-09 19:27 1846632 ----a-w- c:\windows\SysWow64\D3DCompiler_41.dll 2011-11-02 02:18 . 2009-03-09 19:27 5425496 ----a-w- c:\windows\system32\D3DX9_41.dll 2011-11-02 02:18 . 2009-03-09 19:27 4178264 ----a-w- c:\windows\SysWow64\D3DX9_41.dll 2011-11-02 02:14 . 2011-11-02 04:00 -------- d-----w- c:\programdata\Autodesk 2011-11-02 02:14 . 2011-11-02 03:59 -------- d-----w- c:\users\MattAsus\AppData\Roaming\Autodesk 2011-11-02 02:06 . 2011-11-02 03:21 -------- d-----w- C:\Autodesk 2011-10-28 14:27 . 2011-10-28 14:27 25160 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2011-10-28 14:27 . 2011-10-28 14:27 -------- d-----w- c:\programdata\Hitman Pro 2011-10-24 18:07 . 2011-10-24 18:07 -------- d-----w- c:\program files (x86)\Graph 2011-10-22 14:45 . 2011-10-22 14:59 -------- d-----w- c:\program files (x86)\PC Tools Security 2011-10-22 14:45 . 2011-10-22 14:59 -------- d-----w- c:\program files (x86)\Common Files\PC Tools 2011-10-22 14:44 . 2011-10-22 14:58 -------- d-----w- c:\programdata\PC Tools 2011-10-16 19:03 . 2011-10-16 19:05 -------- d-----w- c:\programdata\MFAData . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-16 18:58 . 2011-05-13 02:14 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-10-15 23:57 . 2010-06-14 02:41 627600 ----a-w- c:\windows\system32\deployJava1.dll 2011-09-12 22:26 . 2010-03-29 02:12 35664 ----a-w- c:\windows\system32\drivers\avgmfx64.sys 2011-08-31 21:00 . 2011-02-06 15:18 25416 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-04-08 18:31 . 2009-04-08 18:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll 2008-08-12 05:45 . 2008-08-12 05:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1] @="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}" [HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}] 2007-06-02 01:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Aim"="c:\program files (x86)\AIM\aim.exe" [2011-05-03 4321112] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-07-13 498160] "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-27 6998656] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-20 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] "HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-09-17 2245120] "SMART Board Service"="c:\program files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe" [2010-01-05 3372328] "SMART SNMP Agent"="c:\program files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe" [2010-01-05 1053992] "AVG9_TRAY"="c:\progra~2\AVG\AVG9\avgtray.exe" [2011-10-24 2078048] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "Malwarebytes' Anti-Malware (reboot)"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-2-7 12862] SMART Board Tools.lnk - c:\program files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardTools.exe [2010-1-5 11154728] SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-2-7 156952] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-16 136176] R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-11-02 1431888] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-16 136176] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x] R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S1 AvgLdx64;AVG Free AVI Loader Driver x64;c:\windows\system32\Drivers\avgldx64.sys [x] S1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;c:\windows\system32\Drivers\avgmfx64.sys [x] S1 AvgTdiA;AVG Free Network Redirector x64;c:\windows\system32\Drivers\avgtdia.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416] S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656] S2 avg9emc;AVG Free E-mail Scanner;c:\program files (x86)\AVG\AVG9\avgemc.exe [2010-07-30 921952] S2 avg9wd;AVG Free WatchDog;c:\program files (x86)\AVG\AVG9\avgwdsvc.exe [2010-07-15 308136] S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x] S3 SMARTMouseFilterx64;HID-compliant mouse;c:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys [x] S3 SMARTVHidMiniVistaAmd64;SMART HID Device;c:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [x] S3 SMARTVTabletPCx64;SMART Virtual TabletPC;c:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys [x] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . Contents of the 'Scheduled Tasks' folder . 2011-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-16 22:52] . 2011-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-16 22:52] . 2011-11-02 c:\windows\Tasks\Norton Security Scan for MattAsus.job - c:\program files (x86)\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-10-14 15:04] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1] @="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}" [HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}] 2007-06-02 00:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 161304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 415256] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://asus.msn.com mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\MattAsus\AppData\Roaming\Mozilla\Firefox\Profiles\a8vbnqzw.default\ FF - prefs.js: browser.startup.homepage - www.yahoo.com FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: SMART Notebook Extension: {D6D05E6F-D5C1-4e03-8E33-73F92B05E262} - c:\program files (x86)\Mozilla Firefox\extensions\{D6D05E6F-D5C1-4e03-8E33-73F92B05E262} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files (x86)\AVG\AVG9\Firefox FF - Ext: 20-20 3D Viewer: 2020Player@2020Technologies.com - %profile%\extensions\2020Player@2020Technologies.com FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false . - - - - ORPHANS REMOVED - - - - . BHO-{18B361C3-AC0C-414E-B293-930AFBC1E6Af} - c:\users\MattAsus\AppData\Local\NetworkSys32.dll Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-AdobeBridge - (no file) Wow6432Node-HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd Toolbar-Locked - (no file) AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr AddRemove-{FBBC4667-2521-4E78-B1BD-8706F774549B} - c:\programdata\{5D8BE403-3090-4297-B98F-65CBBE9DBF71}\Best Buy Software Installer Setup.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe c:\windows\AsScrPro.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe c:\program files (x86)\AVG\AVG9\avgcsrvx.exe c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe . ************************************************************************** . Completion time: 2011-11-02 13:47:27 - machine was rebooted ComboFix-quarantined-files.txt 2011-11-02 17:47 . Pre-Run: 398,500,581,376 bytes free Post-Run: 401,133,232,128 bytes free . - - End Of File - - CA20FAEF080D24DC41BBA48F172C8EBE
-
i did
-
01:02:06.0428 4636 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01 01:02:06.0709 4636 ============================================================ 01:02:06.0709 4636 Current date / time: 2011/11/02 01:02:06.0709 01:02:06.0709 4636 SystemInfo: 01:02:06.0709 4636 01:02:06.0709 4636 OS Version: 6.1.7601 ServicePack: 1.0 01:02:06.0709 4636 Product type: Workstation 01:02:06.0709 4636 ComputerName: MATTASUS-PC 01:02:06.0709 4636 UserName: MattAsus 01:02:06.0709 4636 Windows directory: C:\Windows 01:02:06.0709 4636 System windows directory: C:\Windows 01:02:06.0709 4636 Running under WOW64 01:02:06.0709 4636 Processor architecture: Intel x64 01:02:06.0709 4636 Number of processors: 2 01:02:06.0709 4636 Page size: 0x1000 01:02:06.0709 4636 Boot type: Normal boot 01:02:06.0709 4636 ============================================================ 01:02:07.0317 4636 Initialize success 01:02:09.0267 2752 ============================================================ 01:02:09.0267 2752 Scan started 01:02:09.0267 2752 Mode: Manual; 01:02:09.0267 2752 ============================================================ 01:02:10.0297 2752 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 01:02:10.0297 2752 1394ohci - ok 01:02:10.0359 2752 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 01:02:10.0375 2752 ACPI - ok 01:02:10.0422 2752 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 01:02:10.0422 2752 AcpiPmi - ok 01:02:10.0484 2752 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 01:02:10.0484 2752 adp94xx - ok 01:02:10.0515 2752 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 01:02:10.0531 2752 adpahci - ok 01:02:10.0546 2752 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 01:02:10.0562 2752 adpu320 - ok 01:02:10.0656 2752 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys 01:02:10.0671 2752 AFD - ok 01:02:10.0734 2752 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 01:02:10.0734 2752 agp440 - ok 01:02:10.0827 2752 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 01:02:10.0827 2752 aliide - ok 01:02:10.0874 2752 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 01:02:10.0874 2752 amdide - ok 01:02:10.0921 2752 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 01:02:10.0921 2752 AmdK8 - ok 01:02:10.0952 2752 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 01:02:10.0952 2752 AmdPPM - ok 01:02:10.0999 2752 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys 01:02:10.0999 2752 amdsata - ok 01:02:11.0014 2752 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 01:02:11.0030 2752 amdsbs - ok 01:02:11.0046 2752 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys 01:02:11.0046 2752 amdxata - ok 01:02:11.0092 2752 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS 01:02:11.0124 2752 AmUStor - ok 01:02:11.0233 2752 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 01:02:11.0233 2752 AppID - ok 01:02:11.0326 2752 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 01:02:11.0326 2752 arc - ok 01:02:11.0358 2752 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 01:02:11.0358 2752 arcsas - ok 01:02:11.0404 2752 AsDsm (88fbc8bebfd38566235eaa5e4dbc4e05) C:\Windows\system32\drivers\AsDsm.sys 01:02:11.0404 2752 AsDsm - ok 01:02:11.0545 2752 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 01:02:11.0560 2752 ASMMAP64 - ok 01:02:11.0654 2752 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 01:02:11.0670 2752 AsyncMac - ok 01:02:11.0732 2752 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 01:02:11.0732 2752 atapi - ok 01:02:11.0794 2752 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys 01:02:11.0857 2752 athr - ok 01:02:11.0982 2752 AvgLdx64 (b447db072bf939db9e07bef2adf4ecbd) C:\Windows\system32\Drivers\avgldx64.sys 01:02:11.0997 2752 AvgLdx64 - ok 01:02:12.0028 2752 AvgMfx64 (0db5a749acd8e66091736f88c40207bd) C:\Windows\system32\Drivers\avgmfx64.sys 01:02:12.0044 2752 AvgMfx64 - ok 01:02:12.0091 2752 AvgTdiA (8aa68c0ba2b84fd7eb3e1f10bbfc825b) C:\Windows\system32\Drivers\avgtdia.sys 01:02:12.0106 2752 AvgTdiA - ok 01:02:12.0231 2752 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 01:02:12.0247 2752 b06bdrv - ok 01:02:12.0278 2752 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 01:02:12.0294 2752 b57nd60a - ok 01:02:12.0418 2752 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 01:02:12.0434 2752 Beep - ok 01:02:12.0481 2752 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 01:02:12.0496 2752 blbdrive - ok 01:02:12.0543 2752 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 01:02:12.0590 2752 bowser - ok 01:02:12.0637 2752 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 01:02:12.0637 2752 BrFiltLo - ok 01:02:12.0652 2752 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 01:02:12.0668 2752 BrFiltUp - ok 01:02:12.0699 2752 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 01:02:12.0715 2752 Brserid - ok 01:02:12.0730 2752 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 01:02:12.0730 2752 BrSerWdm - ok 01:02:12.0762 2752 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 01:02:12.0762 2752 BrUsbMdm - ok 01:02:12.0793 2752 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 01:02:12.0793 2752 BrUsbSer - ok 01:02:12.0824 2752 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 01:02:12.0824 2752 BTHMODEM - ok 01:02:12.0855 2752 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 01:02:12.0871 2752 cdfs - ok 01:02:12.0918 2752 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 01:02:12.0933 2752 cdrom - ok 01:02:13.0027 2752 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 01:02:13.0027 2752 circlass - ok 01:02:13.0074 2752 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 01:02:13.0089 2752 CLFS - ok 01:02:13.0167 2752 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 01:02:13.0167 2752 CmBatt - ok 01:02:13.0214 2752 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 01:02:13.0230 2752 cmdide - ok 01:02:13.0292 2752 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys 01:02:13.0308 2752 CNG - ok 01:02:13.0354 2752 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 01:02:13.0370 2752 Compbatt - ok 01:02:13.0417 2752 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 01:02:13.0432 2752 CompositeBus - ok 01:02:13.0479 2752 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 01:02:13.0479 2752 crcdisk - ok 01:02:13.0620 2752 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 01:02:13.0620 2752 DfsC - ok 01:02:13.0666 2752 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 01:02:13.0666 2752 discache - ok 01:02:13.0729 2752 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 01:02:13.0729 2752 Disk - ok 01:02:13.0807 2752 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 01:02:13.0807 2752 drmkaud - ok 01:02:13.0869 2752 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 01:02:13.0916 2752 DXGKrnl - ok 01:02:14.0010 2752 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 01:02:14.0103 2752 ebdrv - ok 01:02:14.0244 2752 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 01:02:14.0259 2752 elxstor - ok 01:02:14.0322 2752 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 01:02:14.0322 2752 ErrDev - ok 01:02:14.0462 2752 ETD (3c38648375b7f3988691f53a7aae10a9) C:\Windows\system32\DRIVERS\ETD.sys 01:02:14.0462 2752 ETD - ok 01:02:14.0509 2752 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 01:02:14.0524 2752 exfat - ok 01:02:14.0618 2752 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 01:02:14.0758 2752 fastfat - ok 01:02:14.0805 2752 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 01:02:14.0821 2752 fdc - ok 01:02:14.0868 2752 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 01:02:14.0868 2752 FileInfo - ok 01:02:14.0883 2752 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 01:02:14.0883 2752 Filetrace - ok 01:02:15.0008 2752 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 01:02:15.0024 2752 flpydisk - ok 01:02:15.0070 2752 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 01:02:15.0086 2752 FltMgr - ok 01:02:15.0117 2752 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 01:02:15.0117 2752 FsDepends - ok 01:02:15.0164 2752 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys 01:02:15.0164 2752 fssfltr - ok 01:02:15.0195 2752 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 01:02:15.0195 2752 Fs_Rec - ok 01:02:15.0242 2752 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 01:02:15.0242 2752 fvevol - ok 01:02:15.0289 2752 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 01:02:15.0289 2752 gagp30kx - ok 01:02:15.0398 2752 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 01:02:15.0414 2752 hcw85cir - ok 01:02:15.0460 2752 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 01:02:15.0476 2752 HdAudAddService - ok 01:02:15.0538 2752 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 01:02:15.0538 2752 HDAudBus - ok 01:02:15.0570 2752 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 01:02:15.0570 2752 HidBatt - ok 01:02:15.0585 2752 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 01:02:15.0601 2752 HidBth - ok 01:02:15.0616 2752 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 01:02:15.0616 2752 HidIr - ok 01:02:15.0679 2752 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 01:02:15.0679 2752 HidUsb - ok 01:02:15.0710 2752 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 01:02:15.0726 2752 HpSAMD - ok 01:02:15.0788 2752 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 01:02:15.0804 2752 HTTP - ok 01:02:15.0850 2752 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 01:02:15.0850 2752 hwpolicy - ok 01:02:15.0913 2752 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 01:02:15.0913 2752 i8042prt - ok 01:02:15.0975 2752 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys 01:02:15.0975 2752 iaStor - ok 01:02:16.0038 2752 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys 01:02:16.0038 2752 iaStorV - ok 01:02:16.0303 2752 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys 01:02:16.0537 2752 igfx - ok 01:02:16.0630 2752 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 01:02:16.0630 2752 iirsp - ok 01:02:16.0708 2752 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 01:02:16.0724 2752 intelide - ok 01:02:16.0771 2752 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 01:02:16.0771 2752 intelppm - ok 01:02:16.0818 2752 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 01:02:16.0833 2752 IpFilterDriver - ok 01:02:16.0864 2752 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 01:02:16.0880 2752 IPMIDRV - ok 01:02:16.0896 2752 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 01:02:16.0911 2752 IPNAT - ok 01:02:16.0942 2752 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 01:02:16.0942 2752 IRENUM - ok 01:02:16.0989 2752 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 01:02:17.0005 2752 isapnp - ok 01:02:17.0036 2752 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 01:02:17.0036 2752 iScsiPrt - ok 01:02:17.0083 2752 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 01:02:17.0083 2752 kbdclass - ok 01:02:17.0130 2752 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 01:02:17.0130 2752 kbdhid - ok 01:02:17.0192 2752 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys 01:02:17.0192 2752 kbfiltr - ok 01:02:17.0239 2752 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys 01:02:17.0239 2752 KSecDD - ok 01:02:17.0286 2752 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys 01:02:17.0286 2752 KSecPkg - ok 01:02:17.0317 2752 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 01:02:17.0317 2752 ksthunk - ok 01:02:17.0379 2752 L1E (b8e670d7ef61615fa03104552854fac9) C:\Windows\system32\DRIVERS\L1E62x64.sys 01:02:17.0395 2752 L1E - ok 01:02:17.0504 2752 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 01:02:17.0504 2752 lltdio - ok 01:02:17.0582 2752 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 01:02:17.0582 2752 LSI_FC - ok 01:02:17.0613 2752 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 01:02:17.0613 2752 LSI_SAS - ok 01:02:17.0660 2752 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 01:02:17.0660 2752 LSI_SAS2 - ok 01:02:17.0707 2752 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 01:02:17.0707 2752 LSI_SCSI - ok 01:02:17.0754 2752 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 01:02:17.0754 2752 luafv - ok 01:02:17.0785 2752 lullaby (085435ae1a124361304044029b5cc644) C:\Windows\system32\DRIVERS\lullaby.sys 01:02:17.0785 2752 lullaby - ok 01:02:17.0847 2752 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 01:02:17.0847 2752 megasas - ok 01:02:17.0878 2752 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 01:02:17.0878 2752 MegaSR - ok 01:02:17.0941 2752 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 01:02:17.0941 2752 Modem - ok 01:02:18.0003 2752 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 01:02:18.0019 2752 monitor - ok 01:02:18.0097 2752 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 01:02:18.0097 2752 mouclass - ok 01:02:18.0190 2752 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 01:02:18.0190 2752 mouhid - ok 01:02:18.0237 2752 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 01:02:18.0253 2752 mountmgr - ok 01:02:18.0300 2752 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 01:02:18.0300 2752 mpio - ok 01:02:18.0331 2752 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 01:02:18.0331 2752 mpsdrv - ok 01:02:18.0378 2752 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 01:02:18.0378 2752 MRxDAV - ok 01:02:18.0424 2752 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 01:02:18.0440 2752 mrxsmb - ok 01:02:18.0487 2752 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 01:02:18.0487 2752 mrxsmb10 - ok 01:02:18.0534 2752 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 01:02:18.0534 2752 mrxsmb20 - ok 01:02:18.0580 2752 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 01:02:18.0580 2752 msahci - ok 01:02:18.0596 2752 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 01:02:18.0612 2752 msdsm - ok 01:02:18.0643 2752 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 01:02:18.0658 2752 Msfs - ok 01:02:18.0674 2752 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 01:02:18.0674 2752 mshidkmdf - ok 01:02:18.0690 2752 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 01:02:18.0690 2752 msisadrv - ok 01:02:18.0752 2752 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 01:02:18.0768 2752 MSKSSRV - ok 01:02:18.0783 2752 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 01:02:18.0799 2752 MSPCLOCK - ok 01:02:18.0830 2752 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 01:02:18.0830 2752 MSPQM - ok 01:02:18.0892 2752 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 01:02:18.0908 2752 MsRPC - ok 01:02:18.0955 2752 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 01:02:18.0955 2752 mssmbios - ok 01:02:19.0002 2752 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 01:02:19.0017 2752 MSTEE - ok 01:02:19.0048 2752 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 01:02:19.0048 2752 MTConfig - ok 01:02:19.0095 2752 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys 01:02:19.0111 2752 MTsensor - ok 01:02:19.0142 2752 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 01:02:19.0142 2752 Mup - ok 01:02:19.0204 2752 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 01:02:19.0220 2752 NativeWifiP - ok 01:02:19.0314 2752 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 01:02:19.0345 2752 NDIS - ok 01:02:19.0392 2752 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 01:02:19.0392 2752 NdisCap - ok 01:02:19.0423 2752 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 01:02:19.0423 2752 NdisTapi - ok 01:02:19.0485 2752 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 01:02:19.0485 2752 Ndisuio - ok 01:02:19.0532 2752 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 01:02:19.0532 2752 NdisWan - ok 01:02:19.0579 2752 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 01:02:19.0579 2752 NDProxy - ok 01:02:19.0626 2752 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 01:02:19.0626 2752 NetBIOS - ok 01:02:19.0672 2752 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 01:02:19.0672 2752 NetBT - ok 01:02:19.0797 2752 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 01:02:19.0813 2752 nfrd960 - ok 01:02:19.0844 2752 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 01:02:19.0860 2752 Npfs - ok 01:02:19.0906 2752 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 01:02:19.0906 2752 nsiproxy - ok 01:02:19.0984 2752 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys 01:02:20.0031 2752 Ntfs - ok 01:02:20.0078 2752 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 01:02:20.0078 2752 Null - ok 01:02:20.0125 2752 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys 01:02:20.0156 2752 nvraid - ok 01:02:20.0234 2752 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys 01:02:20.0234 2752 nvstor - ok 01:02:20.0281 2752 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 01:02:20.0281 2752 nv_agp - ok 01:02:20.0374 2752 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 01:02:20.0374 2752 ohci1394 - ok 01:02:20.0484 2752 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 01:02:20.0499 2752 Parport - ok 01:02:20.0530 2752 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 01:02:20.0530 2752 partmgr - ok 01:02:20.0577 2752 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 01:02:20.0593 2752 pci - ok 01:02:20.0624 2752 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 01:02:20.0640 2752 pciide - ok 01:02:20.0671 2752 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 01:02:20.0686 2752 pcmcia - ok 01:02:20.0702 2752 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 01:02:20.0702 2752 pcw - ok 01:02:20.0749 2752 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 01:02:20.0764 2752 PEAUTH - ok 01:02:20.0936 2752 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 01:02:20.0936 2752 PptpMiniport - ok 01:02:20.0967 2752 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 01:02:20.0967 2752 Processor - ok 01:02:21.0030 2752 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 01:02:21.0030 2752 Psched - ok 01:02:21.0092 2752 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys 01:02:21.0092 2752 PxHlpa64 - ok 01:02:21.0154 2752 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 01:02:21.0217 2752 ql2300 - ok 01:02:21.0264 2752 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 01:02:21.0264 2752 ql40xx - ok 01:02:21.0295 2752 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 01:02:21.0310 2752 QWAVEdrv - ok 01:02:21.0326 2752 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 01:02:21.0326 2752 RasAcd - ok 01:02:21.0373 2752 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 01:02:21.0373 2752 RasAgileVpn - ok 01:02:21.0435 2752 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 01:02:21.0435 2752 Rasl2tp - ok 01:02:21.0513 2752 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 01:02:21.0529 2752 RasPppoe - ok 01:02:21.0622 2752 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 01:02:21.0622 2752 RasSstp - ok 01:02:21.0685 2752 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 01:02:21.0685 2752 rdbss - ok 01:02:21.0716 2752 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 01:02:21.0716 2752 rdpbus - ok 01:02:21.0747 2752 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 01:02:21.0747 2752 RDPCDD - ok 01:02:21.0778 2752 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 01:02:21.0778 2752 RDPENCDD - ok 01:02:21.0810 2752 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 01:02:21.0810 2752 RDPREFMP - ok 01:02:21.0841 2752 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 01:02:21.0856 2752 RDPWD - ok 01:02:21.0903 2752 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 01:02:21.0903 2752 rdyboost - ok 01:02:22.0012 2752 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 01:02:22.0028 2752 rspndr - ok 01:02:22.0059 2752 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 01:02:22.0075 2752 sbp2port - ok 01:02:22.0122 2752 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 01:02:22.0122 2752 scfilter - ok 01:02:22.0168 2752 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 01:02:22.0184 2752 secdrv - ok 01:02:22.0231 2752 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 01:02:22.0231 2752 Serenum - ok 01:02:22.0278 2752 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 01:02:22.0278 2752 Serial - ok 01:02:22.0340 2752 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 01:02:22.0356 2752 sermouse - ok 01:02:22.0434 2752 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 01:02:22.0449 2752 sffdisk - ok 01:02:22.0480 2752 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 01:02:22.0496 2752 sffp_mmc - ok 01:02:22.0527 2752 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 01:02:22.0558 2752 sffp_sd - ok 01:02:22.0590 2752 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 01:02:22.0590 2752 sfloppy - ok 01:02:22.0621 2752 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys 01:02:22.0636 2752 SiSGbeLH - ok 01:02:22.0730 2752 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 01:02:22.0730 2752 SiSRaid2 - ok 01:02:22.0761 2752 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 01:02:22.0761 2752 SiSRaid4 - ok 01:02:22.0808 2752 SMARTMouseFilterx64 (323ddcd15db2a7fed09df1f835cafcfb) C:\Windows\system32\DRIVERS\SMARTMouseFilterx64.sys 01:02:22.0808 2752 SMARTMouseFilterx64 - ok 01:02:22.0902 2752 SMARTVHidMiniVistaAmd64 (6c691320c71ca8e8c38f52b2ce652c64) C:\Windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys 01:02:22.0902 2752 SMARTVHidMiniVistaAmd64 - ok 01:02:22.0933 2752 SMARTVTabletPCx64 (20563f6830badd675407af0f5bca76ba) C:\Windows\system32\DRIVERS\SMARTVTabletPCx64.sys 01:02:22.0933 2752 SMARTVTabletPCx64 - ok 01:02:22.0980 2752 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 01:02:22.0980 2752 Smb - ok 01:02:23.0104 2752 SNP2UVC (f06a6de8438f7446bff9e61f31356521) C:\Windows\system32\DRIVERS\snp2uvc.sys 01:02:23.0245 2752 SNP2UVC - ok 01:02:23.0323 2752 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 01:02:23.0323 2752 spldr - ok 01:02:23.0385 2752 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 01:02:23.0401 2752 srv - ok 01:02:23.0448 2752 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 01:02:23.0463 2752 srv2 - ok 01:02:23.0510 2752 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 01:02:23.0510 2752 srvnet - ok 01:02:23.0557 2752 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 01:02:23.0572 2752 stexstor - ok 01:02:23.0619 2752 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 01:02:23.0619 2752 swenum - ok 01:02:23.0822 2752 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys 01:02:23.0869 2752 Tcpip - ok 01:02:23.0962 2752 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys 01:02:23.0978 2752 TCPIP6 - ok 01:02:24.0025 2752 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 01:02:24.0040 2752 tcpipreg - ok 01:02:24.0087 2752 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 01:02:24.0103 2752 TDPIPE - ok 01:02:24.0134 2752 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 01:02:24.0150 2752 TDTCP - ok 01:02:24.0196 2752 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 01:02:24.0212 2752 tdx - ok 01:02:24.0243 2752 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 01:02:24.0243 2752 TermDD - ok 01:02:24.0399 2752 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 01:02:24.0399 2752 tssecsrv - ok 01:02:24.0462 2752 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 01:02:24.0462 2752 TsUsbFlt - ok 01:02:24.0524 2752 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 01:02:24.0540 2752 tunnel - ok 01:02:24.0602 2752 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 01:02:24.0618 2752 uagp35 - ok 01:02:24.0664 2752 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 01:02:24.0680 2752 udfs - ok 01:02:24.0742 2752 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 01:02:24.0758 2752 uliagpkx - ok 01:02:24.0789 2752 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 01:02:24.0789 2752 umbus - ok 01:02:24.0836 2752 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 01:02:24.0836 2752 UmPass - ok 01:02:24.0883 2752 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\drivers\usbccgp.sys 01:02:24.0898 2752 usbccgp - ok 01:02:24.0961 2752 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 01:02:24.0961 2752 usbcir - ok 01:02:25.0008 2752 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys 01:02:25.0023 2752 usbehci - ok 01:02:25.0101 2752 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys 01:02:25.0132 2752 usbhub - ok 01:02:25.0257 2752 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys 01:02:25.0273 2752 usbohci - ok 01:02:25.0335 2752 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 01:02:25.0335 2752 usbprint - ok 01:02:25.0398 2752 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\drivers\USBSTOR.SYS 01:02:25.0413 2752 USBSTOR - ok 01:02:25.0444 2752 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys 01:02:25.0444 2752 usbuhci - ok 01:02:25.0538 2752 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 01:02:25.0569 2752 usbvideo - ok 01:02:25.0632 2752 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 01:02:25.0647 2752 vdrvroot - ok 01:02:25.0694 2752 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 01:02:25.0694 2752 vga - ok 01:02:25.0725 2752 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 01:02:25.0725 2752 VgaSave - ok 01:02:25.0756 2752 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 01:02:25.0772 2752 vhdmp - ok 01:02:25.0850 2752 VIAHdAudAddService (fe595d1a1b781190bb483444b62cc607) C:\Windows\system32\drivers\viahduaa.sys 01:02:25.0881 2752 VIAHdAudAddService - ok 01:02:25.0959 2752 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 01:02:25.0959 2752 viaide - ok 01:02:26.0006 2752 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 01:02:26.0022 2752 volmgr - ok 01:02:26.0053 2752 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 01:02:26.0068 2752 volmgrx - ok 01:02:26.0100 2752 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 01:02:26.0100 2752 volsnap - ok 01:02:26.0146 2752 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 01:02:26.0162 2752 vsmraid - ok 01:02:26.0178 2752 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 01:02:26.0178 2752 vwifibus - ok 01:02:26.0209 2752 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 01:02:26.0209 2752 vwififlt - ok 01:02:26.0240 2752 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 01:02:26.0240 2752 WacomPen - ok 01:02:26.0302 2752 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 01:02:26.0318 2752 WANARP - ok 01:02:26.0334 2752 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 01:02:26.0334 2752 Wanarpv6 - ok 01:02:26.0427 2752 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 01:02:26.0443 2752 Wd - ok 01:02:26.0474 2752 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 01:02:26.0505 2752 Wdf01000 - ok 01:02:26.0614 2752 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 01:02:26.0630 2752 WfpLwf - ok 01:02:26.0661 2752 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys 01:02:26.0677 2752 WimFltr - ok 01:02:26.0755 2752 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 01:02:26.0755 2752 WIMMount - ok 01:02:26.0895 2752 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 01:02:26.0895 2752 WinUsb - ok 01:02:26.0958 2752 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 01:02:27.0004 2752 WmiAcpi - ok 01:02:27.0114 2752 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 01:02:27.0129 2752 ws2ifsl - ok 01:02:27.0207 2752 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 01:02:27.0223 2752 WudfPf - ok 01:02:27.0254 2752 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 01:02:27.0270 2752 WUDFRd - ok 01:02:27.0316 2752 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 01:02:27.0332 2752 \Device\Harddisk0\DR0 - ok 01:02:27.0348 2752 Boot (0x1200) (df446c13128f400b8c34a66f75465476) \Device\Harddisk0\DR0\Partition0 01:02:27.0348 2752 \Device\Harddisk0\DR0\Partition0 - ok 01:02:27.0348 2752 ============================================================ 01:02:27.0348 2752 Scan finished 01:02:27.0348 2752 ============================================================ 01:02:27.0363 3856 Detected object count: 0 01:02:27.0363 3856 Actual detected object count: 0
-
Hello, Below is the scan from today. Using Firefox. This happens about 75% of the time. I type in something in the search bar and am brought to Yahoo's search result page just fine. When I select a link, I am redirect through about 3-4 different sites, none of which fully open. Then a page finally opens that is not what I chose. Most frequently, the above sites listed previously. If I back out to the search results page and open the link, it may or may not work the second time. Otherwise, I repeat until I'm successful. I am able to go directly to websites by typing in the search bar of Firefox, and have no problems. It is only when searching through Yahoo/Google. Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 8064 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 11/1/2011 6:12:40 PM mbam-log-2011-11-01 (18-12-25).txt Scan type: Full scan (C:\|E:\|) Objects scanned: 333031 Time elapsed: 55 minute(s), 38 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> No action taken. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MicrosoftServiceProfile (Trojan.SHarpro.PGen) -> Value: MicrosoftServiceProfile -> No action taken. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\Users\MattAsus\AppData\Local\Temp\thpm5278835783363488914.tmp (Exploit.Drop.3) -> No action taken.
-
Hi, Last weekend I had a faux AVG pop-up. I removed it (I think) but have been having redirect issues. When browsing, I am redirected through a few sites and usually end up at a "search-fast-results", or "63.209.69.107 .... " site. Hasn't been picked up with AVG, mbam, or hitman PRO. Just installed DDS with the following results: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_20 Run by MattAsus at 14:45:19 on 2011-10-29 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.2425 [GMT -4:00] . AV: AVG Anti-Virus Free *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\system32\FBAgent.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Windows\system32\taskeng.exe C:\Program Files\P4G\BatteryLife.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\AVG\AVG9\avgnsa.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files (x86)\AVG\AVG9\avgemc.exe C:\Program Files (x86)\AVG\AVG9\avgrsa.exe C:\Program Files (x86)\AVG\AVG9\avgchsva.exe C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\rundll32.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe C:\Program Files (x86)\AVG\AVG9\avgtray.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\AUDIODG.EXE C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://asus.msn.com uDefault_Page_URL = hxxp://asus.msn.com uURLSearchHooks: H - No File mWinlogon: Userinit=userinit.exe BHO: {18b361c3-ac0c-414e-b293-930afbc1e6af} - C:\Users\MattAsus\AppData\Local\NetworkSys32.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: CIEDownload Object: {67bcf957-85fc-4036-8dc4-d4d80e00a77b} - C:\Program Files (x86)\SMART Technologies\SMART Notebook\NotebookPlugin.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File uRun: [AdobeBridge] uRun: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US uRun: [MicrosoftServiceProfile] rundll32.exe "C:\ProgramData\MicrosoftServiceProfile.dll",DllRegisterServer mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r mRun: [setwallpaper] c:\programdata\SetWallpaper.cmd mRun: [sMART Board Service] C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe mRun: [sMART SNMP Agent] C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe -e mRun: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SMARTB~1.LNK - C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardTools.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{06C2883D-D19B-44D1-890E-96396CE3205B} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{06C2883D-D19B-44D1-890E-96396CE3205B}\A434D44333 : DhcpNameServer = 192.168.1.1 71.250.0.12 TCP: Interfaces\{06C2883D-D19B-44D1-890E-96396CE3205B}\C696C626562656 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{3BC4BAA9-A57E-4B1A-A766-463A8D84323F} : DhcpNameServer = 10.1.10.40 10.1.10.42 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll C:\Users\MattAsus\AppData\Local\NetworkSys32.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: CIEDownload Object: {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\SMART Notebook\NotebookPlugin.dll BHO-X64: SMART Notebook Download Plugin - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe mRun-x64: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r mRun-x64: [setwallpaper] c:\programdata\SetWallpaper.cmd mRun-x64: [sMART Board Service] C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe mRun-x64: [sMART SNMP Agent] C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe -e mRun-x64: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\MattAsus\AppData\Roaming\Mozilla\Firefox\Profiles\a8vbnqzw.default\ FF - prefs.js: browser.startup.homepage - www.yahoo.com FF - component: C:\Program Files (x86)\AVG\AVG9\Firefox\components\avgssff.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\MattAsus\AppData\Roaming\Mozilla\Firefox\Profiles\a8vbnqzw.default\extensions\2020Player@2020Technologies.com\plugins\NP2020Player.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: SMART Notebook Extension: {D6D05E6F-D5C1-4e03-8E33-73F92B05E262} - C:\Program Files (x86)\Mozilla Firefox\extensions\{D6D05E6F-D5C1-4e03-8E33-73F92B05E262} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - C:\Program Files (x86)\AVG\AVG9\Firefox FF - Ext: 20-20 3D Viewer: 2020Player@2020Technologies.com - %profile%\extensions\2020Player@2020Technologies.com FF - Ext: XUL Cache: {1b6b1361-4895-4b53-9eab-2854d6a4d769} - %profile%\extensions\{1b6b1361-4895-4b53-9eab-2854d6a4d769} . ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false ============= SERVICES / DRIVERS =============== . R0 lullaby;lullaby;C:\Windows\system32\DRIVERS\lullaby.sys --> C:\Windows\system32\DRIVERS\lullaby.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 AvgLdx64;AVG Free AVI Loader Driver x64;C:\Windows\system32\Drivers\avgldx64.sys --> C:\Windows\system32\Drivers\avgldx64.sys [?] R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;C:\Windows\system32\Drivers\avgmfx64.sys --> C:\Windows\system32\Drivers\avgmfx64.sys [?] R1 AvgTdiA;AVG Free Network Redirector x64;C:\Windows\system32\Drivers\avgtdia.sys --> C:\Windows\system32\Drivers\avgtdia.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?] R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416] R2 avg9emc;AVG Free E-mail Scanner;C:\Program Files (x86)\AVG\AVG9\avgemc.exe [2010-7-15 921952] R2 avg9wd;AVG Free WatchDog;C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2010-7-15 308136] R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-6-15 249648] R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?] R3 SMARTMouseFilterx64;HID-compliant mouse;C:\Windows\system32\DRIVERS\SMARTMouseFilterx64.sys --> C:\Windows\system32\DRIVERS\SMARTMouseFilterx64.sys [?] R3 SMARTVHidMiniVistaAmd64;SMART HID Device;C:\Windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys --> C:\Windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [?] R3 SMARTVTabletPCx64;SMART Virtual TabletPC;C:\Windows\system32\DRIVERS\SMARTVTabletPCx64.sys --> C:\Windows\system32\DRIVERS\SMARTVTabletPCx64.sys [?] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-16 136176] S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-7-7 195336] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-8 533344] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-16 136176] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2011-10-28 14:27:41 25160 ----a-w- C:\Windows\System32\drivers\hitmanpro35.sys 2011-10-28 14:27:05 -------- d-----w- C:\ProgramData\Hitman Pro 2011-10-24 18:07:34 -------- d-----w- C:\Program Files (x86)\Graph 2011-10-22 14:45:33 -------- d-----w- C:\Program Files (x86)\PC Tools Security 2011-10-22 14:45:33 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools 2011-10-22 14:44:22 -------- d-----w- C:\ProgramData\PC Tools 2011-10-16 19:03:29 -------- d-----w- C:\ProgramData\MFAData 2011-10-15 23:55:23 84144520 ----a-w- C:\Users\MattAsus\jdk-7-windows-x64.exe . ==================== Find3M ==================== . 2011-10-16 18:58:35 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-10-15 23:57:16 627600 ----a-w- C:\Windows\System32\deployJava1.dll 2011-10-01 03:25:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2011-10-01 02:42:56 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-09-12 22:26:56 35664 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys 2011-09-06 03:03:17 3138048 ----a-w- C:\Windows\System32\win32k.sys 2011-08-31 21:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-08-27 05:37:49 861696 ----a-w- C:\Windows\System32\oleaut32.dll 2011-08-27 05:37:48 331776 ----a-w- C:\Windows\System32\oleacc.dll 2011-08-27 04:26:27 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll 2011-08-27 04:26:27 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll 2011-08-20 05:37:58 1188864 ----a-w- C:\Windows\System32\wininet.dll 2011-08-20 04:31:05 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-08-17 05:26:46 613888 ----a-w- C:\Windows\System32\psisdecd.dll 2011-08-17 05:25:08 108032 ----a-w- C:\Windows\System32\psisrndr.ax 2011-08-17 04:24:12 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll 2011-08-17 04:19:27 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax 2009-04-08 18:31:56 106496 ----a-w- C:\Program Files (x86)\Common Files\CPInstallAction.dll 2008-08-12 05:45:20 155648 ----a-w- C:\Program Files (x86)\Common Files\MSIactionall.dll . ============= FINISH: 14:46:29.92 =============== Attach.zip