Jump to content

deejay

Members
  • Posts

    11
  • Joined

  • Last visited

Reputation

0 Neutral

Profile Information

  • Location
    Australia
  1. seems ok, will leave it at that, hopefully I wont have to speak to you again (I mean that in the nicest possible way haha) thanks! Matt
  2. seems ok, but malwarebytes still wont work, im guessing its corrupted and i should re-install. but so far so good. i dont like having to make firefox default everytime, but yea
  3. ComboFix 12-03-18.04 - Matthew 21/03/2012 10:25:28.3.1 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.1788.1194 [GMT 11:00] Running from: c:\users\Matthew\Downloads\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . c:\users\Matthew\AppData\Local\TempDIR c:\windows\system32\system32 c:\windows\system32\system32\3DAudio.ax c:\windows\system32\system32\avrt.dll c:\windows\system32\system32\cis-2.4.dll c:\windows\system32\system32\issacapi_bs-2.3.dll c:\windows\system32\system32\issacapi_pe-2.3.dll c:\windows\system32\system32\issacapi_se-2.3.dll c:\windows\system32\system32\MACXMLProto.dll c:\windows\system32\system32\MaDRM.dll c:\windows\system32\system32\MaJGUILib.dll c:\windows\system32\system32\MAMACExtract.dll c:\windows\system32\system32\MASetupCleaner.exe c:\windows\system32\system32\MaXMLProto.dll c:\windows\system32\system32\mfplat.dll c:\windows\system32\system32\MK_Lyric.dll c:\windows\system32\system32\MSCLib.dll c:\windows\system32\system32\MSFLib.dll c:\windows\system32\system32\MSLUR71.dll c:\windows\system32\system32\msvcp60.dll c:\windows\system32\system32\MTTELECHIP.dll c:\windows\system32\system32\MTXSYNCICON.dll c:\windows\system32\system32\muzaf1.dll c:\windows\system32\system32\muzapp.dll c:\windows\system32\system32\muzapp.exe c:\windows\system32\system32\muzdecode.ax c:\windows\system32\system32\muzeffect.ax c:\windows\system32\system32\muzmp4sp.ax c:\windows\system32\system32\muzmpgsp.ax c:\windows\system32\system32\muzoggsp.ax c:\windows\system32\system32\muzwmts.dll c:\windows\system32\system32\psapi.dll . . ((((((((((((((((((((((((( Files Created from 2012-02-20 to 2012-03-20 ))))))))))))))))))))))))))))))) . . 2012-03-20 23:57 . 2012-03-20 23:57 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-03-20 22:56 . 2012-03-20 22:56 -------- d-----w- C:\TDSSKiller_Quarantine 2012-03-20 09:35 . 2012-03-20 09:35 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9D57D94E-CC83-4776-8645-EDD0C8D09E43}\offreg.dll 2012-03-20 09:31 . 2012-02-08 06:03 6552120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9D57D94E-CC83-4776-8645-EDD0C8D09E43}\mpengine.dll 2012-03-20 04:47 . 2012-03-20 23:57 -------- d-----w- c:\users\Matthew\AppData\Local\temp 2012-03-17 06:01 . 2012-03-17 06:01 -------- d-----w- c:\users\Matthew\AppData\Local\Wizards of the Coast 2012-03-17 06:00 . 2012-03-17 06:00 -------- d-----w- c:\users\Matthew\AppData\Local\IsolatedStorage 2012-03-17 05:56 . 2012-03-17 05:56 -------- d-----w- c:\users\Matthew\AppData\Local\Apps 2012-03-17 05:56 . 2012-03-19 03:26 -------- d-----w- c:\users\Matthew\AppData\Local\Deployment 2012-03-17 04:21 . 2012-03-17 04:21 -------- d-----w- c:\users\Matthew\AppData\Local\CyberLink 2012-03-13 13:53 . 2012-03-13 13:57 -------- d-----w- c:\users\Matthew\AppData\Roaming\Registry Mechanic 2012-03-13 10:54 . 2012-03-13 10:54 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-03-12 09:48 . 2012-03-13 13:01 -------- d-----w- c:\program files\Emsisoft Anti-Malware 2012-03-12 00:11 . 2011-12-12 03:07 512472 ----a-w- c:\windows\system32\msxml.dll 2012-03-12 00:11 . 2011-12-12 03:07 37336 ----a-w- c:\windows\system32\CleanMFT32.exe 2012-03-12 00:11 . 2008-04-02 05:54 1101824 ----a-w- c:\windows\system32\UniBox210.ocx 2012-03-12 00:11 . 2008-04-02 05:53 212992 ----a-w- c:\windows\system32\UniBoxVB12.ocx 2012-03-12 00:11 . 2008-04-02 05:53 880640 ----a-w- c:\windows\system32\UniBox10.ocx 2012-03-12 00:11 . 2008-09-17 11:17 658432 ----a-w- c:\windows\system32\MSCOMCT2.OCX 2012-03-12 00:11 . 2012-03-12 00:11 -------- d-----w- c:\program files\Common Files\PC Tools 2012-03-12 00:11 . 2012-03-12 00:11 -------- d-----w- c:\program files\PC Tools 2012-03-12 00:07 . 2012-03-12 00:07 -------- d-----w- c:\programdata\PC Tools 2012-03-12 00:07 . 2012-03-12 00:07 -------- d-----w- c:\users\Matthew\AppData\Roaming\Product_RM 2012-03-11 11:56 . 2012-03-11 11:55 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2012-03-11 11:51 . 2012-03-19 23:39 -------- d-----w- c:\programdata\Lavasoft 2012-03-11 07:59 . 2012-03-11 07:59 -------- d-----w- c:\users\Matthew\AppData\Roaming\Malwarebytes 2012-03-11 07:59 . 2012-03-11 13:31 -------- d-----w- c:\programdata\Malwarebytes 2012-03-11 07:59 . 2012-03-11 12:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-03-11 06:13 . 2012-03-11 09:35 -------- d-----w- c:\program files\DA2CE 2012-03-11 06:13 . 2012-03-11 09:35 -------- d--h--w- c:\users\Matthew\AppData\Roaming\C4ADA 2012-03-03 09:52 . 2012-03-03 09:53 -------- d--h--w- c:\users\Matthew\AppData\Roaming\Apple Computer 2012-03-03 09:52 . 2012-03-03 09:52 -------- d--h--w- c:\users\Matthew\AppData\Local\Apple Computer 2012-03-03 09:51 . 2012-03-03 09:51 -------- d-----w- c:\program files\iPod 2012-03-03 09:51 . 2012-03-11 10:10 -------- d-----w- c:\program files\iTunes 2012-03-03 09:51 . 2012-03-11 10:09 -------- d-----w- c:\programdata\Apple Computer 2012-03-03 09:51 . 2012-03-03 09:52 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2012-03-03 09:50 . 2012-03-03 09:50 -------- d--h--w- c:\users\Matthew\AppData\Local\Apple 2012-03-03 09:50 . 2012-03-11 10:11 -------- d-----w- c:\program files\Apple Software Update 2012-03-03 09:48 . 2012-03-11 10:16 -------- d-----w- c:\program files\Bonjour 2012-03-03 09:48 . 2012-03-11 09:51 -------- d-----w- c:\program files\Common Files\Apple 2012-03-03 09:48 . 2012-03-03 09:50 -------- d-----w- c:\programdata\Apple 2012-03-02 13:45 . 2012-03-02 13:45 -------- d-----w- c:\programdata\PopCap Games 2012-03-02 12:44 . 2012-03-11 10:13 -------- d-----w- c:\program files\Plants vs. Zombies 2 Zombatar 2012-02-29 10:09 . 2012-02-29 10:36 -------- d--h--w- c:\users\Matthew\AppData\Roaming\Natural Threat.Ominous Shores 2012-02-29 06:06 . 2012-03-11 10:12 -------- d-----w- c:\program files\Microsoft Synchronization Services 2012-02-29 06:04 . 2012-03-11 10:12 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2012-02-29 06:03 . 2012-03-11 09:56 -------- d-----w- c:\program files\Microsoft Analysis Services 2012-02-29 06:03 . 2012-02-29 06:07 -------- d-----w- c:\windows\SHELLNEW 2012-02-29 06:02 . 2012-03-11 09:49 -------- d-----r- C:\MSOCache 2012-02-27 07:39 . 2012-02-27 07:39 -------- d--h--w- c:\users\Matthew\AppData\Roaming\GameInvest 2012-02-25 11:12 . 2012-03-11 10:05 -------- d-----w- c:\users\Matthew\AppData\Roaming\JoyBits 2012-02-25 11:10 . 2012-03-11 09:54 -------- d-----w- c:\program files\Foxy Games 2012-02-25 11:10 . 2012-02-25 11:10 -------- d-----w- C:\Downloads 2012-02-23 02:44 . 2012-03-13 12:24 -------- d--h--w- c:\users\Matthew\AppData\Local\Htc 2012-02-23 02:43 . 2012-03-11 10:05 -------- d-----w- c:\users\Matthew\AppData\Roaming\HTC 2012-02-23 02:41 . 2012-03-11 10:13 -------- d-----w- c:\program files\Spirent Communications 2012-02-23 02:40 . 2012-03-11 10:12 -------- d-----w- c:\program files\HTC 2012-02-23 02:39 . 2012-02-23 02:39 -------- d-----w- c:\program files\MSXML 4.0 . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-13 12:25 . 2012-01-06 08:33 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-02-22 22:18 . 2012-01-11 12:19 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-02-16 07:11 . 2012-01-06 08:25 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-01-31 04:51 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll 2012-01-31 03:10 . 2012-01-31 03:10 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-01-31 03:10 . 2012-01-31 03:10 161792 ----a-w- c:\windows\system32\msls31.dll 2012-01-31 03:10 . 2012-01-31 03:10 86528 ----a-w- c:\windows\system32\iesysprep.dll 2012-01-31 03:10 . 2012-01-31 03:10 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-01-31 03:10 . 2012-01-31 03:10 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-01-31 03:10 . 2012-01-31 03:10 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-01-31 03:10 . 2012-01-31 03:10 63488 ----a-w- c:\windows\system32\tdc.ocx 2012-01-31 03:10 . 2012-01-31 03:10 367104 ----a-w- c:\windows\system32\html.iec 2012-01-31 03:10 . 2012-01-31 03:10 74752 ----a-w- c:\windows\system32\iesetup.dll 2012-01-31 03:09 . 2012-01-31 03:09 23552 ----a-w- c:\windows\system32\licmgr10.dll 2012-01-31 03:09 . 2012-01-31 03:09 152064 ----a-w- c:\windows\system32\wextract.exe 2012-01-31 03:09 . 2012-01-31 03:09 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-01-31 03:09 . 2012-01-31 03:09 150528 ----a-w- c:\windows\system32\iexpress.exe 2012-01-31 03:09 . 2012-01-31 03:09 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-01-31 03:09 . 2012-01-31 03:09 35840 ----a-w- c:\windows\system32\imgutil.dll 2012-01-31 03:09 . 2012-01-31 03:09 11776 ----a-w- c:\windows\system32\mshta.exe 2012-01-31 03:09 . 2012-01-31 03:09 101888 ----a-w- c:\windows\system32\admparse.dll 2012-01-14 03:35 . 2012-02-14 23:08 2343424 ----a-w- c:\windows\system32\win32k.sys 2012-01-04 21:38 . 2012-01-04 21:38 29480 ----a-w- c:\windows\system32\msxml3a.dll 2012-01-04 21:38 . 2009-03-20 04:38 505128 ----a-w- c:\windows\system32\msvcp71.dll 2012-01-04 21:38 . 2009-03-20 04:38 353576 ----a-w- c:\windows\system32\msvcr71.dll 2012-01-04 08:58 . 2012-02-14 23:08 442880 ----a-w- c:\windows\system32\ntshrui.dll 2011-12-30 05:27 . 2012-02-14 23:08 478720 ----a-w- c:\windows\system32\timedate.cpl 2011-12-23 09:58 . 2012-02-02 04:09 4659712 ----a-w- c:\windows\system32\Redemption.dll 2011-12-23 09:58 . 2011-12-23 09:58 90112 ----a-w- c:\windows\MAMCityDownload.ocx 2011-12-23 09:58 . 2011-12-23 09:58 325552 ----a-w- c:\windows\MASetupCaller.dll 2011-12-23 09:58 . 2011-12-23 09:58 30568 ----a-w- c:\windows\MusiccityDownload.exe 2011-12-23 09:58 . 2011-12-23 09:58 974848 ----a-w- c:\windows\system32\cis-2.4.dll 2011-12-23 09:58 . 2011-12-23 09:58 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll 2011-12-23 09:58 . 2011-12-23 09:58 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll 2011-12-23 09:58 . 2011-12-23 09:58 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll 2011-12-23 09:58 . 2011-12-23 09:58 57344 ----a-w- c:\windows\system32\MK_Lyric.dll 2011-12-23 09:58 . 2011-12-23 09:58 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll 2011-12-23 09:58 . 2011-12-23 09:58 569344 ----a-w- c:\windows\system32\muzdecode.ax 2011-12-23 09:58 . 2011-12-23 09:58 491520 ----a-w- c:\windows\system32\muzapp.dll 2011-12-23 09:58 . 2011-12-23 09:58 49152 ----a-w- c:\windows\system32\MaJGUILib.dll 2011-12-23 09:58 . 2011-12-23 09:58 45056 ----a-w- c:\windows\system32\MaXMLProto.dll 2011-12-23 09:58 . 2011-12-23 09:58 45056 ----a-w- c:\windows\system32\MACXMLProto.dll 2011-12-23 09:58 . 2011-12-23 09:58 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll 2011-12-23 09:58 . 2011-12-23 09:58 40960 ----a-w- c:\windows\system32\MAMACExtract.dll 2011-12-23 09:58 . 2011-12-23 09:58 352256 ----a-w- c:\windows\system32\MSLUR71.dll 2011-12-23 09:58 . 2011-12-23 09:58 258048 ----a-w- c:\windows\system32\muzoggsp.ax 2011-12-23 09:58 . 2011-12-23 09:58 245760 ----a-w- c:\windows\system32\MSCLib.dll 2011-12-23 09:58 . 2011-12-23 09:58 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe 2011-12-23 09:58 . 2011-12-23 09:58 200704 ----a-w- c:\windows\system32\muzwmts.dll 2011-12-23 09:58 . 2011-12-23 09:58 155648 ----a-w- c:\windows\system32\MSFLib.dll 2011-12-23 09:58 . 2011-12-23 09:58 143360 ----a-w- c:\windows\system32\3DAudio.ax 2011-12-23 09:58 . 2011-12-23 09:58 135168 ----a-w- c:\windows\system32\muzaf1.dll 2011-12-23 09:58 . 2011-12-23 09:58 131072 ----a-w- c:\windows\system32\muzmpgsp.ax 2011-12-23 09:58 . 2011-12-23 09:58 122880 ----a-w- c:\windows\system32\muzeffect.ax 2011-12-23 09:58 . 2011-12-23 09:58 118784 ----a-w- c:\windows\system32\MaDRM.dll 2011-12-23 09:58 . 2011-12-23 09:58 110592 ----a-w- c:\windows\system32\muzmp4sp.ax 2011-12-23 09:58 . 2012-02-02 04:08 821824 ----a-w- c:\windows\system32\dgderapi.dll 2012-02-17 07:06 . 2012-01-06 08:24 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-03-20_04.50.10 ))))))))))))))))))))))))))))))))))))))))) . + 2009-11-09 19:04 . 2012-03-20 22:59 47964 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 04:55 . 2012-03-20 22:47 66696 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2012-01-04 04:01 . 2012-03-20 22:47 10516 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2249668314-1619009243-3578254783-1000_UserData.bin - 2012-01-04 21:24 . 2012-03-20 02:21 81920 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2012-01-04 21:24 . 2012-03-20 07:08 81920 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2012-03-20 22:57 . 2012-03-20 22:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-03-20 03:56 . 2012-03-20 03:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-03-20 22:57 . 2012-03-20 22:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-03-20 03:56 . 2012-03-20 03:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-01-04 21:24 . 2012-03-20 02:21 737280 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2012-01-04 21:24 . 2012-03-20 07:08 737280 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:41 . 2012-03-20 07:08 524288 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:41 . 2012-03-20 02:21 524288 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:47 . 2012-03-20 03:50 396980 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 04:47 . 2012-03-20 22:57 396980 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2012-01-06 23:15 . 2012-03-20 22:57 7709324 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2249668314-1619009243-3578254783-1000-12288.dat - 2012-01-06 23:15 . 2012-03-20 03:50 7709324 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2249668314-1619009243-3578254783-1000-12288.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-05 98304] "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-05-15 282624] "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-08-20 322104] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-23 495708] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-07-19 2567272] "CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-08-04 1612920] "IJNetworkScanUtility"="c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2010-08-23 206240] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872] "SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-12-12 103896] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] 2011-11-01 12:25 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader] 2011-12-20 02:32 634880 ----a-w- c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper] 2012-02-03 08:50 943504 ----a-w- c:\program files\Samsung\Kies\KiesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR] 2012-02-18 01:42 21416 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] 2012-02-03 08:50 3508624 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2011-03-04 01:45 2741616 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent] 2011-09-20 03:53 1493288 ----a-w- c:\program files\Nero\Nero 11\Nero BackItUp\NBAgent.exe . R2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360] R3 a2acc;a2acc;c:\program files\EMSISOFT ANTI-MALWARE\a2accx86.sys [2011-11-01 51632] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2011-12-08 80184] R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-26 25088] R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-22 23040] R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-28 116064] R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2011-12-08 181432] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-01-08 1343400] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296] S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-07-13 56496] S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 12464] S1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files\Emsisoft Anti-Malware\a2ddax86.sys [2011-05-19 17904] S1 a2injectiondriver;a2injectiondriver;c:\program files\Emsisoft Anti-Malware\a2dix86.sys [2011-11-01 34768] S1 a2util;a-squared Malware-IDS utility driver;c:\program files\Emsisoft Anti-Malware\a2util32.sys [2010-05-04 11776] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 a2AntiMalware;Emsisoft Anti-Malware 6.0 - Service;c:\program files\Emsisoft Anti-Malware\a2service.exe [2012-01-21 3025112] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe [2009-03-02 81920] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-05 176128] S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2011-09-23 641832] S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576] S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-12-12 793048] S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-05-23 167936] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-04-03 27320] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 59064639 *NewlyCreated* - ASWMBR *Deregistered* - 59064639 *Deregistered* - aswMBR . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2011-03-04 01:29 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Contents of the 'Scheduled Tasks' folder . 2012-03-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2249668314-1619009243-3578254783-1000Core.job - c:\users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-13 23:56] . 2012-03-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2249668314-1619009243-3578254783-1000UA.job - c:\users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-13 23:56] . 2012-03-11 c:\windows\Tasks\HPCeeScheduleForMatthew.job - c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 12:22] . 2012-03-13 c:\windows\Tasks\RMSchedule.job - c:\program files\PC Tools\PC Tools Registry Mechanic\RegMech.exe [2012-03-12 00:13] . . ------- Supplementary Scan ------- . uStart Page = hxxp://friendly-google-search.blogspot.com uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105 IE: Upload to Facebook - c:\program files\UploadRabbitforFacebook\iecontext.htm TCP: DhcpNameServer = 203.12.160.35 203.12.160.36 192.168.1.1 FF - ProfilePath - c:\users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\0llz4515.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/ . - - - - ORPHANS REMOVED - - - - . AddRemove-LSI Soft Modem - c:\windows\agrsmdel . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(2392) c:\windows\System32\netshell.dll c:\windows\System32\srchadmin.dll c:\windows\System32\QAgent.dll . Completion time: 2012-03-21 11:01:45 ComboFix-quarantined-files.txt 2012-03-21 00:01 . Pre-Run: 119,180,238,848 bytes free Post-Run: 119,304,790,016 bytes free . - - End Of File - - 59E97DA2B58A544FE253AB666C0CCA88
  4. 10:19:19.0063 2616 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43 10:19:20.0051 2616 ============================================================ 10:19:20.0051 2616 Current date / time: 2012/03/21 10:19:20.0051 10:19:20.0051 2616 SystemInfo: 10:19:20.0051 2616 10:19:20.0051 2616 OS Version: 6.1.7601 ServicePack: 1.0 10:19:20.0051 2616 Product type: Workstation 10:19:20.0051 2616 ComputerName: MATTHEW-PC 10:19:20.0052 2616 UserName: Matthew 10:19:20.0052 2616 Windows directory: C:\Windows 10:19:20.0052 2616 System windows directory: C:\Windows 10:19:20.0052 2616 Processor architecture: Intel x86 10:19:20.0052 2616 Number of processors: 1 10:19:20.0052 2616 Page size: 0x1000 10:19:20.0052 2616 Boot type: Normal boot 10:19:20.0052 2616 ============================================================ 10:19:21.0097 2616 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 10:19:21.0098 2616 \Device\Harddisk0\DR0: 10:19:21.0099 2616 MBR used 10:19:21.0099 2616 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800 10:19:21.0099 2616 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x23A07800 10:19:21.0099 2616 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23A6B800, BlocksNum 0x198F000 10:19:21.0099 2616 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0 10:19:21.0222 2616 Initialize success 10:19:21.0222 2616 ============================================================ 10:19:27.0691 3800 ============================================================ 10:19:27.0691 3800 Scan started 10:19:27.0691 3800 Mode: Manual; SigCheck; TDLFS; 10:19:27.0691 3800 ============================================================ 10:19:28.0376 3800 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 10:19:28.0462 3800 1394ohci - ok 10:19:28.0584 3800 a2acc (05dac43a484272de87eac038814a7840) C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys 10:19:28.0619 3800 a2acc - ok 10:19:28.0706 3800 A2DDA (f7eabca8375ea2dc6f35c4bca4757515) C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys 10:19:28.0714 3800 A2DDA - ok 10:19:28.0737 3800 a2injectiondriver (23aac49133765eeaa86a65452d21ef1c) C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys 10:19:28.0745 3800 a2injectiondriver - ok 10:19:28.0779 3800 a2util (2da26eb05b5495d3b2ee36456c239fb7) C:\Program Files\Emsisoft Anti-Malware\a2util32.sys 10:19:28.0787 3800 a2util - ok 10:19:28.0907 3800 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 10:19:28.0936 3800 ACPI - ok 10:19:28.0981 3800 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 10:19:29.0084 3800 AcpiPmi - ok 10:19:29.0274 3800 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 10:19:29.0302 3800 adp94xx - ok 10:19:29.0332 3800 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 10:19:29.0347 3800 adpahci - ok 10:19:29.0384 3800 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 10:19:29.0396 3800 adpu320 - ok 10:19:29.0480 3800 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 10:19:29.0553 3800 AFD - ok 10:19:29.0637 3800 AgereSoftModem (07758c2196a62f207f77556311e7459a) C:\Windows\system32\DRIVERS\AGRSM.sys 10:19:29.0693 3800 AgereSoftModem - ok 10:19:29.0839 3800 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 10:19:29.0863 3800 agp440 - ok 10:19:29.0903 3800 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 10:19:29.0913 3800 aic78xx - ok 10:19:29.0964 3800 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 10:19:29.0972 3800 aliide - ok 10:19:30.0006 3800 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 10:19:30.0016 3800 amdagp - ok 10:19:30.0046 3800 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 10:19:30.0055 3800 amdide - ok 10:19:30.0098 3800 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 10:19:30.0182 3800 AmdK8 - ok 10:19:30.0228 3800 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 10:19:30.0259 3800 AmdPPM - ok 10:19:30.0328 3800 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 10:19:30.0339 3800 amdsata - ok 10:19:30.0382 3800 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 10:19:30.0394 3800 amdsbs - ok 10:19:30.0421 3800 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 10:19:30.0430 3800 amdxata - ok 10:19:30.0493 3800 ApfiltrService (7df70a08b56cbbc874744d9b0b396272) C:\Windows\system32\DRIVERS\Apfiltr.sys 10:19:30.0519 3800 ApfiltrService - ok 10:19:30.0568 3800 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 10:19:30.0593 3800 AppID - ok 10:19:30.0659 3800 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 10:19:30.0669 3800 arc - ok 10:19:30.0698 3800 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 10:19:30.0708 3800 arcsas - ok 10:19:30.0764 3800 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 10:19:30.0812 3800 AsyncMac - ok 10:19:30.0860 3800 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 10:19:30.0869 3800 atapi - ok 10:19:30.0921 3800 athr (6a661d017c4e5cd313f6a55acf1d7465) C:\Windows\system32\DRIVERS\athr.sys 10:19:30.0995 3800 athr - ok 10:19:31.0201 3800 AtiHdmiService (e2398389648b5d44dc63ca43fdd5b3f8) C:\Windows\system32\drivers\AtiHdmi.sys 10:19:31.0217 3800 AtiHdmiService - ok 10:19:31.0376 3800 atikmdag (bcb9cf3b087dd15a8f33a149296e6183) C:\Windows\system32\DRIVERS\atikmdag.sys 10:19:31.0575 3800 atikmdag - ok 10:19:31.0738 3800 AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\Windows\system32\DRIVERS\AtiPcie.sys 10:19:31.0756 3800 AtiPcie - ok 10:19:31.0903 3800 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 10:19:31.0945 3800 b06bdrv - ok 10:19:32.0002 3800 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 10:19:32.0021 3800 b57nd60x - ok 10:19:32.0122 3800 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 10:19:32.0210 3800 Beep - ok 10:19:32.0269 3800 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 10:19:32.0323 3800 blbdrive - ok 10:19:32.0605 3800 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 10:19:32.0638 3800 bowser - ok 10:19:32.0661 3800 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 10:19:32.0753 3800 BrFiltLo - ok 10:19:32.0787 3800 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 10:19:32.0816 3800 BrFiltUp - ok 10:19:32.0902 3800 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys 10:19:32.0966 3800 BridgeMP - ok 10:19:33.0004 3800 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 10:19:33.0034 3800 Brserid - ok 10:19:33.0050 3800 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 10:19:33.0065 3800 BrSerWdm - ok 10:19:33.0092 3800 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 10:19:33.0117 3800 BrUsbMdm - ok 10:19:33.0148 3800 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 10:19:33.0161 3800 BrUsbSer - ok 10:19:33.0219 3800 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys 10:19:33.0277 3800 BthEnum - ok 10:19:33.0315 3800 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 10:19:33.0347 3800 BTHMODEM - ok 10:19:33.0392 3800 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys 10:19:33.0408 3800 BthPan - ok 10:19:33.0516 3800 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys 10:19:33.0557 3800 BTHPORT - ok 10:19:33.0638 3800 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys 10:19:33.0672 3800 BTHUSB - ok 10:19:33.0901 3800 catchme - ok 10:19:34.0052 3800 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 10:19:34.0137 3800 cdfs - ok 10:19:34.0190 3800 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys 10:19:34.0215 3800 cdrom - ok 10:19:34.0282 3800 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 10:19:34.0309 3800 circlass - ok 10:19:34.0346 3800 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 10:19:34.0363 3800 CLFS - ok 10:19:34.0444 3800 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 10:19:34.0466 3800 CmBatt - ok 10:19:34.0505 3800 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 10:19:34.0514 3800 cmdide - ok 10:19:34.0594 3800 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys 10:19:34.0639 3800 CNG - ok 10:19:34.0708 3800 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 10:19:34.0717 3800 Compbatt - ok 10:19:34.0811 3800 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 10:19:34.0864 3800 CompositeBus - ok 10:19:34.0915 3800 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 10:19:34.0924 3800 crcdisk - ok 10:19:34.0998 3800 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 10:19:35.0042 3800 DfsC - ok 10:19:35.0133 3800 dg_ssudbus (919f338fd36f47d860775368d0748780) C:\Windows\system32\DRIVERS\ssudbus.sys 10:19:35.0157 3800 dg_ssudbus - ok 10:19:35.0211 3800 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 10:19:35.0274 3800 discache - ok 10:19:35.0386 3800 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 10:19:35.0411 3800 Disk - ok 10:19:35.0462 3800 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 10:19:35.0496 3800 drmkaud - ok 10:19:35.0555 3800 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 10:19:35.0579 3800 DXGKrnl - ok 10:19:35.0716 3800 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 10:19:35.0795 3800 ebdrv - ok 10:19:35.0966 3800 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 10:19:35.0993 3800 elxstor - ok 10:19:36.0030 3800 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 10:19:36.0053 3800 ErrDev - ok 10:19:36.0099 3800 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 10:19:36.0127 3800 exfat - ok 10:19:36.0151 3800 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 10:19:36.0198 3800 fastfat - ok 10:19:36.0255 3800 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 10:19:36.0267 3800 fdc - ok 10:19:36.0305 3800 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 10:19:36.0315 3800 FileInfo - ok 10:19:36.0336 3800 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 10:19:36.0416 3800 Filetrace - ok 10:19:36.0442 3800 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 10:19:36.0466 3800 flpydisk - ok 10:19:36.0498 3800 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 10:19:36.0511 3800 FltMgr - ok 10:19:36.0564 3800 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 10:19:36.0573 3800 FsDepends - ok 10:19:36.0592 3800 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 10:19:36.0602 3800 Fs_Rec - ok 10:19:36.0654 3800 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 10:19:36.0669 3800 fvevol - ok 10:19:36.0709 3800 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 10:19:36.0719 3800 gagp30kx - ok 10:19:36.0752 3800 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 10:19:36.0779 3800 hcw85cir - ok 10:19:36.0865 3800 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 10:19:36.0899 3800 HdAudAddService - ok 10:19:36.0934 3800 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys 10:19:36.0968 3800 HDAudBus - ok 10:19:37.0027 3800 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 10:19:37.0082 3800 HidBatt - ok 10:19:37.0123 3800 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 10:19:37.0151 3800 HidBth - ok 10:19:37.0194 3800 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 10:19:37.0263 3800 HidIr - ok 10:19:37.0366 3800 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys 10:19:37.0422 3800 HidUsb - ok 10:19:37.0562 3800 HpqKbFiltr (1210960ff8928950d2a786895b0c424a) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys 10:19:37.0590 3800 HpqKbFiltr - ok 10:19:37.0641 3800 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 10:19:37.0652 3800 HpSAMD - ok 10:19:37.0711 3800 HTCAND32 (950cc1e6ae3a6cd23e0945cde089b02c) C:\Windows\system32\Drivers\ANDROIDUSB.sys 10:19:37.0756 3800 HTCAND32 - ok 10:19:37.0846 3800 htcnprot (339adefad60353f960e3ca67ce468c24) C:\Windows\system32\DRIVERS\htcnprot.sys 10:19:37.0879 3800 htcnprot - ok 10:19:37.0930 3800 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 10:19:37.0994 3800 HTTP - ok 10:19:38.0032 3800 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 10:19:38.0042 3800 hwpolicy - ok 10:19:38.0102 3800 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 10:19:38.0128 3800 i8042prt - ok 10:19:38.0196 3800 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 10:19:38.0211 3800 iaStorV - ok 10:19:38.0398 3800 igfx (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys 10:19:38.0548 3800 igfx - ok 10:19:38.0690 3800 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 10:19:38.0714 3800 iirsp - ok 10:19:38.0753 3800 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 10:19:38.0762 3800 intelide - ok 10:19:38.0797 3800 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 10:19:38.0821 3800 intelppm - ok 10:19:38.0864 3800 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 10:19:38.0902 3800 IpFilterDriver - ok 10:19:38.0940 3800 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 10:19:38.0965 3800 IPMIDRV - ok 10:19:38.0991 3800 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 10:19:39.0031 3800 IPNAT - ok 10:19:39.0072 3800 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 10:19:39.0110 3800 IRENUM - ok 10:19:39.0173 3800 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 10:19:39.0195 3800 isapnp - ok 10:19:39.0223 3800 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 10:19:39.0238 3800 iScsiPrt - ok 10:19:39.0281 3800 JMCR (8c17deb1995e593853373c30485e7368) C:\Windows\system32\DRIVERS\jmcr.sys 10:19:39.0299 3800 JMCR - ok 10:19:39.0332 3800 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys 10:19:39.0342 3800 kbdclass - ok 10:19:39.0387 3800 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys 10:19:39.0399 3800 kbdhid - ok 10:19:39.0449 3800 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys 10:19:39.0460 3800 KSecDD - ok 10:19:39.0488 3800 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys 10:19:39.0500 3800 KSecPkg - ok 10:19:39.0622 3800 Lavasoft Kernexplorer - ok 10:19:39.0807 3800 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 10:19:39.0870 3800 lltdio - ok 10:19:39.0922 3800 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 10:19:39.0933 3800 LSI_FC - ok 10:19:39.0953 3800 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 10:19:39.0965 3800 LSI_SAS - ok 10:19:40.0006 3800 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 10:19:40.0015 3800 LSI_SAS2 - ok 10:19:40.0047 3800 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 10:19:40.0058 3800 LSI_SCSI - ok 10:19:40.0101 3800 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 10:19:40.0167 3800 luafv - ok 10:19:40.0181 3800 MBAMProtector - ok 10:19:40.0267 3800 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 10:19:40.0276 3800 megasas - ok 10:19:40.0306 3800 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 10:19:40.0320 3800 MegaSR - ok 10:19:40.0386 3800 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 10:19:40.0427 3800 Modem - ok 10:19:40.0470 3800 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 10:19:40.0537 3800 monitor - ok 10:19:40.0605 3800 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys 10:19:40.0629 3800 mouclass - ok 10:19:40.0672 3800 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 10:19:40.0697 3800 mouhid - ok 10:19:40.0732 3800 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 10:19:40.0742 3800 mountmgr - ok 10:19:40.0779 3800 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 10:19:40.0791 3800 mpio - ok 10:19:40.0819 3800 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 10:19:40.0865 3800 mpsdrv - ok 10:19:40.0905 3800 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 10:19:40.0934 3800 MRxDAV - ok 10:19:41.0006 3800 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 10:19:41.0058 3800 mrxsmb - ok 10:19:41.0094 3800 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 10:19:41.0109 3800 mrxsmb10 - ok 10:19:41.0132 3800 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 10:19:41.0145 3800 mrxsmb20 - ok 10:19:41.0183 3800 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 10:19:41.0193 3800 msahci - ok 10:19:41.0227 3800 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 10:19:41.0238 3800 msdsm - ok 10:19:41.0309 3800 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 10:19:41.0336 3800 Msfs - ok 10:19:41.0357 3800 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 10:19:41.0398 3800 mshidkmdf - ok 10:19:41.0446 3800 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 10:19:41.0455 3800 msisadrv - ok 10:19:41.0498 3800 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 10:19:41.0544 3800 MSKSSRV - ok 10:19:41.0571 3800 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 10:19:41.0661 3800 MSPCLOCK - ok 10:19:41.0680 3800 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 10:19:41.0717 3800 MSPQM - ok 10:19:41.0747 3800 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 10:19:41.0760 3800 MsRPC - ok 10:19:41.0785 3800 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 10:19:41.0795 3800 mssmbios - ok 10:19:41.0825 3800 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 10:19:41.0904 3800 MSTEE - ok 10:19:41.0934 3800 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 10:19:41.0977 3800 MTConfig - ok 10:19:42.0049 3800 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 10:19:42.0071 3800 Mup - ok 10:19:42.0128 3800 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 10:19:42.0159 3800 NativeWifiP - ok 10:19:42.0253 3800 NBVol (e240f3204e86b7b6ccf266b2a2ad32b4) C:\Windows\system32\DRIVERS\NBVol.sys 10:19:42.0274 3800 NBVol - ok 10:19:42.0319 3800 NBVolUp (c0cf3cccce3c75f7280c89029ab47866) C:\Windows\system32\DRIVERS\NBVolUp.sys 10:19:42.0326 3800 NBVolUp - ok 10:19:42.0383 3800 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 10:19:42.0406 3800 NDIS - ok 10:19:42.0458 3800 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 10:19:42.0485 3800 NdisCap - ok 10:19:42.0526 3800 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 10:19:42.0562 3800 NdisTapi - ok 10:19:42.0624 3800 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 10:19:42.0649 3800 Ndisuio - ok 10:19:42.0696 3800 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 10:19:42.0732 3800 NdisWan - ok 10:19:42.0773 3800 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 10:19:42.0798 3800 NDProxy - ok 10:19:42.0848 3800 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 10:19:42.0893 3800 NetBIOS - ok 10:19:42.0934 3800 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 10:19:42.0966 3800 NetBT - ok 10:19:43.0158 3800 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys 10:19:43.0295 3800 netw5v32 - ok 10:19:43.0427 3800 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 10:19:43.0451 3800 nfrd960 - ok 10:19:43.0495 3800 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 10:19:43.0539 3800 Npfs - ok 10:19:43.0577 3800 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 10:19:43.0617 3800 nsiproxy - ok 10:19:43.0682 3800 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 10:19:43.0716 3800 Ntfs - ok 10:19:43.0751 3800 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 10:19:43.0796 3800 Null - ok 10:19:43.0836 3800 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 10:19:43.0847 3800 nvraid - ok 10:19:43.0873 3800 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 10:19:43.0886 3800 nvstor - ok 10:19:43.0908 3800 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 10:19:43.0920 3800 nv_agp - ok 10:19:43.0942 3800 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 10:19:43.0975 3800 ohci1394 - ok 10:19:44.0059 3800 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 10:19:44.0086 3800 Parport - ok 10:19:44.0138 3800 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 10:19:44.0148 3800 partmgr - ok 10:19:44.0174 3800 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 10:19:44.0201 3800 Parvdm - ok 10:19:44.0272 3800 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 10:19:44.0284 3800 pci - ok 10:19:44.0305 3800 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 10:19:44.0314 3800 pciide - ok 10:19:44.0372 3800 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 10:19:44.0384 3800 pcmcia - ok 10:19:44.0462 3800 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 10:19:44.0472 3800 pcw - ok 10:19:44.0510 3800 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 10:19:44.0565 3800 PEAUTH - ok 10:19:44.0644 3800 Point32 (896d916de06f5502d301e8c4dc442ae8) C:\Windows\system32\DRIVERS\point32.sys 10:19:44.0652 3800 Point32 - ok 10:19:44.0699 3800 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 10:19:44.0740 3800 PptpMiniport - ok 10:19:44.0776 3800 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 10:19:44.0802 3800 Processor - ok 10:19:44.0910 3800 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 10:19:44.0962 3800 Psched - ok 10:19:45.0040 3800 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 10:19:45.0079 3800 ql2300 - ok 10:19:45.0100 3800 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 10:19:45.0111 3800 ql40xx - ok 10:19:45.0136 3800 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 10:19:45.0150 3800 QWAVEdrv - ok 10:19:45.0174 3800 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 10:19:45.0219 3800 RasAcd - ok 10:19:45.0282 3800 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 10:19:45.0350 3800 RasAgileVpn - ok 10:19:45.0388 3800 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 10:19:45.0433 3800 Rasl2tp - ok 10:19:45.0484 3800 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 10:19:45.0529 3800 RasPppoe - ok 10:19:45.0575 3800 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 10:19:45.0620 3800 RasSstp - ok 10:19:45.0666 3800 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 10:19:45.0715 3800 rdbss - ok 10:19:45.0763 3800 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 10:19:45.0794 3800 rdpbus - ok 10:19:45.0840 3800 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 10:19:45.0880 3800 RDPCDD - ok 10:19:45.0923 3800 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 10:19:45.0957 3800 RDPENCDD - ok 10:19:45.0991 3800 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 10:19:46.0027 3800 RDPREFMP - ok 10:19:46.0071 3800 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys 10:19:46.0108 3800 RDPWD - ok 10:19:46.0179 3800 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 10:19:46.0210 3800 rdyboost - ok 10:19:46.0265 3800 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys 10:19:46.0281 3800 RFCOMM - ok 10:19:46.0344 3800 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 10:19:46.0382 3800 rspndr - ok 10:19:46.0431 3800 RTL8167 (26a9d6227d12b9d9da5a81bb9b55d810) C:\Windows\system32\DRIVERS\Rt86win7.sys 10:19:46.0459 3800 RTL8167 - ok 10:19:46.0510 3800 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 10:19:46.0521 3800 sbp2port - ok 10:19:46.0562 3800 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 10:19:46.0605 3800 scfilter - ok 10:19:46.0669 3800 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys 10:19:46.0697 3800 sdbus - ok 10:19:46.0740 3800 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 10:19:46.0783 3800 secdrv - ok 10:19:46.0848 3800 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 10:19:46.0893 3800 Serenum - ok 10:19:46.0934 3800 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 10:19:46.0962 3800 Serial - ok 10:19:47.0003 3800 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 10:19:47.0019 3800 sermouse - ok 10:19:47.0069 3800 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 10:19:47.0093 3800 sffdisk - ok 10:19:47.0120 3800 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 10:19:47.0145 3800 sffp_mmc - ok 10:19:47.0176 3800 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 10:19:47.0201 3800 sffp_sd - ok 10:19:47.0241 3800 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 10:19:47.0282 3800 sfloppy - ok 10:19:47.0350 3800 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 10:19:47.0360 3800 sisagp - ok 10:19:47.0401 3800 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 10:19:47.0411 3800 SiSRaid2 - ok 10:19:47.0435 3800 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 10:19:47.0446 3800 SiSRaid4 - ok 10:19:47.0479 3800 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 10:19:47.0508 3800 Smb - ok 10:19:47.0543 3800 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 10:19:47.0552 3800 spldr - ok 10:19:47.0617 3800 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 10:19:47.0656 3800 srv - ok 10:19:47.0688 3800 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 10:19:47.0705 3800 srv2 - ok 10:19:47.0745 3800 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS 10:19:47.0780 3800 SrvHsfHDA - ok 10:19:47.0847 3800 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS 10:19:47.0884 3800 SrvHsfV92 - ok 10:19:47.0915 3800 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS 10:19:47.0938 3800 SrvHsfWinac - ok 10:19:47.0976 3800 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 10:19:48.0009 3800 srvnet - ok 10:19:48.0087 3800 ssudmdm (8f299012ef58246f1c98de7b7e48dbf0) C:\Windows\system32\DRIVERS\ssudmdm.sys 10:19:48.0099 3800 ssudmdm - ok 10:19:48.0144 3800 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 10:19:48.0153 3800 stexstor - ok 10:19:48.0222 3800 STHDA (dadb74bf26766757dbba9c5912969ebf) C:\Windows\system32\DRIVERS\stwrt.sys 10:19:48.0270 3800 STHDA - ok 10:19:48.0315 3800 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 10:19:48.0324 3800 swenum - ok 10:19:48.0429 3800 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys 10:19:48.0465 3800 Tcpip - ok 10:19:48.0643 3800 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys 10:19:48.0674 3800 TCPIP6 - ok 10:19:48.0802 3800 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 10:19:48.0865 3800 tcpipreg - ok 10:19:48.0918 3800 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 10:19:48.0949 3800 TDPIPE - ok 10:19:48.0978 3800 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys 10:19:49.0018 3800 TDTCP - ok 10:19:49.0063 3800 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 10:19:49.0105 3800 tdx - ok 10:19:49.0149 3800 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 10:19:49.0159 3800 TermDD - ok 10:19:49.0229 3800 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 10:19:49.0253 3800 tssecsrv - ok 10:19:49.0305 3800 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 10:19:49.0333 3800 TsUsbFlt - ok 10:19:49.0401 3800 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 10:19:49.0438 3800 tunnel - ok 10:19:49.0473 3800 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 10:19:49.0483 3800 uagp35 - ok 10:19:49.0531 3800 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 10:19:49.0577 3800 udfs - ok 10:19:49.0645 3800 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 10:19:49.0666 3800 uliagpkx - ok 10:19:49.0699 3800 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys 10:19:49.0711 3800 umbus - ok 10:19:49.0743 3800 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 10:19:49.0771 3800 UmPass - ok 10:19:49.0827 3800 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys 10:19:49.0854 3800 USBAAPL - ok 10:19:49.0891 3800 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 10:19:49.0927 3800 usbccgp - ok 10:19:49.0994 3800 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 10:19:50.0026 3800 usbcir - ok 10:19:50.0055 3800 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 10:19:50.0086 3800 usbehci - ok 10:19:50.0161 3800 usbfilter (0150b06d3e73f6c27afcb963fd931820) C:\Windows\system32\DRIVERS\usbfilter.sys 10:19:50.0176 3800 usbfilter - ok 10:19:50.0207 3800 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 10:19:50.0223 3800 usbhub - ok 10:19:50.0249 3800 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys 10:19:50.0282 3800 usbohci - ok 10:19:50.0329 3800 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 10:19:50.0343 3800 usbprint - ok 10:19:50.0386 3800 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 10:19:50.0400 3800 usbscan - ok 10:19:50.0441 3800 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 10:19:50.0473 3800 USBSTOR - ok 10:19:50.0512 3800 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys 10:19:50.0524 3800 usbuhci - ok 10:19:50.0567 3800 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys 10:19:50.0583 3800 usbvideo - ok 10:19:50.0620 3800 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 10:19:50.0630 3800 vdrvroot - ok 10:19:50.0664 3800 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 10:19:50.0694 3800 vga - ok 10:19:50.0728 3800 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 10:19:50.0754 3800 VgaSave - ok 10:19:50.0784 3800 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 10:19:50.0796 3800 vhdmp - ok 10:19:50.0827 3800 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 10:19:50.0838 3800 viaagp - ok 10:19:50.0863 3800 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 10:19:50.0896 3800 ViaC7 - ok 10:19:50.0938 3800 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 10:19:50.0947 3800 viaide - ok 10:19:50.0974 3800 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 10:19:50.0985 3800 volmgr - ok 10:19:51.0015 3800 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 10:19:51.0030 3800 volmgrx - ok 10:19:51.0077 3800 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 10:19:51.0091 3800 volsnap - ok 10:19:51.0139 3800 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 10:19:51.0151 3800 vsmraid - ok 10:19:51.0184 3800 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys 10:19:51.0210 3800 vwifibus - ok 10:19:51.0241 3800 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys 10:19:51.0270 3800 vwififlt - ok 10:19:51.0307 3800 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 10:19:51.0332 3800 WacomPen - ok 10:19:51.0395 3800 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 10:19:51.0458 3800 WANARP - ok 10:19:51.0475 3800 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 10:19:51.0500 3800 Wanarpv6 - ok 10:19:51.0572 3800 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 10:19:51.0581 3800 Wd - ok 10:19:51.0613 3800 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 10:19:51.0632 3800 Wdf01000 - ok 10:19:51.0706 3800 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 10:19:51.0732 3800 WfpLwf - ok 10:19:51.0763 3800 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 10:19:51.0773 3800 WIMMount - ok 10:19:51.0878 3800 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys 10:19:51.0905 3800 WinUsb - ok 10:19:51.0939 3800 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 10:19:51.0962 3800 WmiAcpi - ok 10:19:52.0012 3800 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 10:19:52.0056 3800 ws2ifsl - ok 10:19:52.0114 3800 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 10:19:52.0150 3800 WudfPf - ok 10:19:52.0210 3800 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 10:19:52.0284 3800 WUDFRd - ok 10:19:52.0349 3800 yukonw7 (b07c5b7efdf936ff93d4f540938725be) C:\Windows\system32\DRIVERS\yk62x86.sys 10:19:52.0366 3800 yukonw7 - ok 10:19:52.0402 3800 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 10:19:52.0612 3800 \Device\Harddisk0\DR0 - ok 10:19:52.0627 3800 Boot (0x1200) (ab9c3f458846aa4505070124e9456fc2) \Device\Harddisk0\DR0\Partition0 10:19:52.0629 3800 \Device\Harddisk0\DR0\Partition0 - ok 10:19:52.0667 3800 Boot (0x1200) (95e78351fccb63d801d16fcf6567be26) \Device\Harddisk0\DR0\Partition1 10:19:52.0668 3800 \Device\Harddisk0\DR0\Partition1 - ok 10:19:52.0707 3800 Boot (0x1200) (7b080ef081319fc5937d01f29cf41bff) \Device\Harddisk0\DR0\Partition2 10:19:52.0708 3800 \Device\Harddisk0\DR0\Partition2 - ok 10:19:52.0726 3800 Boot (0x1200) (91b00e461e6114437d77a1c5480e260e) \Device\Harddisk0\DR0\Partition3 10:19:52.0726 3800 \Device\Harddisk0\DR0\Partition3 - ok 10:19:52.0730 3800 ============================================================ 10:19:52.0730 3800 Scan finished 10:19:52.0730 3800 ============================================================ 10:19:52.0747 3724 Detected object count: 0 10:19:52.0747 3724 Actual detected object count: 0 10:20:06.0687 2524 Deinitialize success
  5. aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-03-21 10:11:47 ----------------------------- 10:11:47.625 OS Version: Windows 6.1.7601 Service Pack 1 10:11:47.625 Number of processors: 1 586 0x602 10:11:47.629 ComputerName: MATTHEW-PC UserName: Matthew 10:12:07.067 Initialize success 10:12:21.779 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 10:12:21.779 Disk 0 Vendor: SAMSUNG_HM321HI 2AJ10003 Size: 305245MB BusType: 11 10:12:21.795 Disk 0 MBR read successfully 10:12:21.795 Disk 0 MBR scan 10:12:21.795 Disk 0 Windows XP default MBR code 10:12:21.811 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048 10:12:21.826 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 291855 MB offset 409600 10:12:21.857 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13086 MB offset 598128640 10:12:21.873 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 624928768 10:12:21.889 Disk 0 scanning sectors +625140400 10:12:21.935 Disk 0 scanning C:\Windows\system32\drivers 10:12:28.144 Service scanning 10:12:49.048 Modules scanning 10:13:00.935 Disk 0 trace - called modules: 10:13:01.279 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys dxgkrnl.sys atikmdag.sys dxgmms1.sys USBPORT.SYS usbohci.sys hidusb.sys HIDCLASS.SYS HIDPARSE.SYS mouhid.sys point32.sys Wdf01000.sys mouclass.sys?? 10:13:01.294 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x860bc4e8] 10:13:01.294 3 CLASSPNP.SYS[8899d59e] -> nt!IofCallDriver -> [0x852cc918] 10:13:01.310 5 ACPI.sys[833993d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x86090030] 10:13:01.310 7 mouhid.sys[9060978b] -> nt!IofCallDriver -> \Device\00000094[0x86f32d08] 10:13:01.325 9 hidusb.sys[907f3391] -> nt!IofCallDriver -> [0x86f41020] 10:13:01.325 11 usbfilter.sys[8f3ddbf0] -> nt!IofCallDriver -> \Device\USBPDO-7[0x86d236a8] 10:13:01.341 13 usbhub.sys[8e59dc88] -> nt!IofCallDriver -> [0x86b894e0] 10:13:01.357 15 usbfilter.sys[8f3ddbf0] -> nt!IofCallDriver -> \Device\USBPDO-0[0x86b8b028] 10:13:01.357 17 mouhid.sys[9060978b] -> nt!IofCallDriver -> \Device\00000094[0x86f32d08] 10:13:01.372 19 hidusb.sys[907f3391] -> nt!IofCallDriver -> [0x86f41020] 10:13:01.372 21 usbfilter.sys[8f3ddbf0] -> nt!IofCallDriver -> \Device\USBPDO-7[0x86d236a8] 10:13:01.388 23 usbhub.sys[8e59dc88] -> nt!IofCallDriver -> [0x86b894e0] 10:13:01.403 25 usbfilter.sys[8f3ddbf0] -> nt!IofCallDriver -> \Device\USBPDO-0[0x86b8b028] 10:13:01.403 27 mouhid.sys[9060978b] -> nt!IofCallDriver -> \Device\00000094[0x86f32d08] 10:13:01.419 29 hidusb.sys[907f3391] -> nt!IofCallDriver -> [0x86f41020] 10:13:01.419 31 usbfilter.sys[8f3ddbf0] -> nt!IofCallDriver -> \Device\USBPDO-7[0x86d236a8] 10:13:01.435 33 usbhub.sys[8e59dc88] -> nt!IofCallDriver -> [0x86b894e0] 10:13:01.450 35 usbfilter.sys[8f3ddbf0] -> nt!IofCallDriver -> \Device\USBPDO-0[0x86b8b028] 10:13:01.450 37 mouhid.sys[9060978b] -> nt!IofCallDriver -> \Device\00000094[0x86f32d08] 10:13:01.466 39 hidusb.sys[907f3391] -> nt!IofCallDriver -> [0x86f41020] 10:13:01.481 41 usbfilter.sys[8f3ddbf0] -> nt!IofCallDriver -> \Device\USBPDO-7[0x86d236a8] 10:13:01.481 43 usbhub.sys[8e59dc88] -> nt!IofCallDriver -> [0x86b894e0] 10:13:01.497 45 usbfilter.sys[8f3ddbf0] -> nt!IofCallDriver -> \Device\USBPDO-0[0x86b8b028] 10:13:01.513 Scan finished successfully 10:13:36.507 Disk 0 MBR has been saved successfully to "C:\Users\Matthew\Desktop\MBR.dat" 10:13:36.522 The log file has been saved successfully to "C:\Users\Matthew\Desktop\aswMBR.txt"
  6. I certainly did, it stated that can not cure, will write standard boot codes or something though.
  7. 09:54:37.0004 6140 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43 09:54:38.0297 6140 ============================================================ 09:54:38.0297 6140 Current date / time: 2012/03/21 09:54:38.0297 09:54:38.0297 6140 SystemInfo: 09:54:38.0297 6140 09:54:38.0297 6140 OS Version: 6.1.7601 ServicePack: 1.0 09:54:38.0297 6140 Product type: Workstation 09:54:38.0298 6140 ComputerName: MATTHEW-PC 09:54:38.0298 6140 UserName: Matthew 09:54:38.0298 6140 Windows directory: C:\Windows 09:54:38.0298 6140 System windows directory: C:\Windows 09:54:38.0298 6140 Processor architecture: Intel x86 09:54:38.0298 6140 Number of processors: 1 09:54:38.0298 6140 Page size: 0x1000 09:54:38.0298 6140 Boot type: Normal boot 09:54:38.0298 6140 ============================================================ 09:54:40.0078 6140 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 09:54:40.0080 6140 \Device\Harddisk0\DR0: 09:54:40.0080 6140 MBR used 09:54:40.0080 6140 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800 09:54:40.0080 6140 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x23A07800 09:54:40.0080 6140 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23A6B800, BlocksNum 0x198F000 09:54:40.0080 6140 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0 09:54:40.0181 6140 Initialize success 09:54:40.0181 6140 ============================================================ 09:55:15.0133 2332 ============================================================ 09:55:15.0133 2332 Scan started 09:55:15.0133 2332 Mode: Manual; SigCheck; TDLFS; 09:55:15.0133 2332 ============================================================ 09:55:17.0447 2332 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 09:55:17.0548 2332 1394ohci - ok 09:55:17.0649 2332 a2acc (05dac43a484272de87eac038814a7840) C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys 09:55:17.0669 2332 a2acc - ok 09:55:17.0761 2332 A2DDA (f7eabca8375ea2dc6f35c4bca4757515) C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys 09:55:17.0793 2332 A2DDA - ok 09:55:17.0825 2332 a2injectiondriver (23aac49133765eeaa86a65452d21ef1c) C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys 09:55:17.0833 2332 a2injectiondriver - ok 09:55:17.0863 2332 a2util (2da26eb05b5495d3b2ee36456c239fb7) C:\Program Files\Emsisoft Anti-Malware\a2util32.sys 09:55:17.0873 2332 a2util - ok 09:55:17.0971 2332 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 09:55:17.0986 2332 ACPI - ok 09:55:18.0025 2332 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 09:55:18.0085 2332 AcpiPmi - ok 09:55:18.0235 2332 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 09:55:18.0255 2332 adp94xx - ok 09:55:18.0288 2332 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 09:55:18.0304 2332 adpahci - ok 09:55:18.0329 2332 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 09:55:18.0399 2332 adpu320 - ok 09:55:18.0491 2332 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 09:55:18.0537 2332 AFD - ok 09:55:18.0607 2332 AgereSoftModem (07758c2196a62f207f77556311e7459a) C:\Windows\system32\DRIVERS\AGRSM.sys 09:55:18.0677 2332 AgereSoftModem - ok 09:55:18.0794 2332 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 09:55:18.0804 2332 agp440 - ok 09:55:18.0837 2332 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 09:55:18.0847 2332 aic78xx - ok 09:55:18.0899 2332 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 09:55:18.0909 2332 aliide - ok 09:55:18.0959 2332 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 09:55:18.0969 2332 amdagp - ok 09:55:18.0989 2332 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 09:55:18.0999 2332 amdide - ok 09:55:19.0039 2332 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 09:55:19.0089 2332 AmdK8 - ok 09:55:19.0139 2332 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 09:55:19.0179 2332 AmdPPM - ok 09:55:19.0239 2332 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 09:55:19.0249 2332 amdsata - ok 09:55:19.0269 2332 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 09:55:19.0279 2332 amdsbs - ok 09:55:19.0309 2332 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 09:55:19.0319 2332 amdxata - ok 09:55:19.0371 2332 ApfiltrService (7df70a08b56cbbc874744d9b0b396272) C:\Windows\system32\DRIVERS\Apfiltr.sys 09:55:19.0391 2332 ApfiltrService - ok 09:55:19.0431 2332 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 09:55:19.0551 2332 AppID - ok 09:55:19.0733 2332 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 09:55:19.0743 2332 arc - ok 09:55:19.0783 2332 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 09:55:19.0793 2332 arcsas - ok 09:55:19.0883 2332 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 09:55:19.0983 2332 AsyncMac - ok 09:55:20.0095 2332 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 09:55:20.0105 2332 atapi - ok 09:55:20.0175 2332 athr (6a661d017c4e5cd313f6a55acf1d7465) C:\Windows\system32\DRIVERS\athr.sys 09:55:20.0255 2332 athr - ok 09:55:20.0405 2332 AtiHdmiService (e2398389648b5d44dc63ca43fdd5b3f8) C:\Windows\system32\drivers\AtiHdmi.sys 09:55:20.0415 2332 AtiHdmiService - ok 09:55:20.0535 2332 atikmdag (bcb9cf3b087dd15a8f33a149296e6183) C:\Windows\system32\DRIVERS\atikmdag.sys 09:55:20.0719 2332 atikmdag - ok 09:55:20.0829 2332 AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\Windows\system32\DRIVERS\AtiPcie.sys 09:55:20.0839 2332 AtiPcie - ok 09:55:20.0929 2332 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 09:55:20.0979 2332 b06bdrv - ok 09:55:21.0019 2332 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 09:55:21.0039 2332 b57nd60x - ok 09:55:21.0119 2332 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 09:55:21.0169 2332 Beep - ok 09:55:21.0231 2332 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 09:55:21.0261 2332 blbdrive - ok 09:55:21.0321 2332 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 09:55:21.0341 2332 bowser - ok 09:55:21.0371 2332 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 09:55:21.0421 2332 BrFiltLo - ok 09:55:21.0491 2332 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 09:55:21.0531 2332 BrFiltUp - ok 09:55:21.0641 2332 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys 09:55:21.0691 2332 BridgeMP - ok 09:55:21.0743 2332 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 09:55:21.0793 2332 Brserid - ok 09:55:21.0803 2332 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 09:55:21.0833 2332 BrSerWdm - ok 09:55:21.0863 2332 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 09:55:21.0903 2332 BrUsbMdm - ok 09:55:21.0937 2332 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 09:55:21.0975 2332 BrUsbSer - ok 09:55:22.0037 2332 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys 09:55:22.0077 2332 BthEnum - ok 09:55:22.0097 2332 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 09:55:22.0137 2332 BTHMODEM - ok 09:55:22.0177 2332 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys 09:55:22.0207 2332 BthPan - ok 09:55:22.0267 2332 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys 09:55:22.0317 2332 BTHPORT - ok 09:55:22.0367 2332 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys 09:55:22.0387 2332 BTHUSB - ok 09:55:22.0517 2332 catchme - ok 09:55:22.0562 2332 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 09:55:22.0934 2332 cdfs - ok 09:55:23.0000 2332 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys 09:55:23.0028 2332 cdrom - ok 09:55:23.0070 2332 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 09:55:23.0156 2332 circlass - ok 09:55:23.0189 2332 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 09:55:23.0204 2332 CLFS - ok 09:55:23.0265 2332 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 09:55:23.0299 2332 CmBatt - ok 09:55:23.0337 2332 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 09:55:23.0346 2332 cmdide - ok 09:55:23.0391 2332 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys 09:55:23.0409 2332 CNG - ok 09:55:23.0491 2332 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 09:55:23.0501 2332 Compbatt - ok 09:55:23.0571 2332 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 09:55:23.0611 2332 CompositeBus - ok 09:55:23.0651 2332 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 09:55:23.0661 2332 crcdisk - ok 09:55:23.0741 2332 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 09:55:23.0783 2332 DfsC - ok 09:55:23.0835 2332 dg_ssudbus (919f338fd36f47d860775368d0748780) C:\Windows\system32\DRIVERS\ssudbus.sys 09:55:23.0855 2332 dg_ssudbus - ok 09:55:23.0895 2332 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 09:55:23.0945 2332 discache - ok 09:55:24.0007 2332 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 09:55:24.0017 2332 Disk - ok 09:55:24.0061 2332 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 09:55:24.0089 2332 drmkaud - ok 09:55:24.0149 2332 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 09:55:24.0169 2332 DXGKrnl - ok 09:55:24.0271 2332 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 09:55:24.0361 2332 ebdrv - ok 09:55:24.0513 2332 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 09:55:24.0543 2332 elxstor - ok 09:55:24.0574 2332 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 09:55:24.0598 2332 ErrDev - ok 09:55:24.0643 2332 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 09:55:24.0673 2332 exfat - ok 09:55:24.0695 2332 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 09:55:24.0743 2332 fastfat - ok 09:55:24.0786 2332 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 09:55:24.0815 2332 fdc - ok 09:55:24.0860 2332 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 09:55:24.0865 2332 FileInfo - ok 09:55:24.0885 2332 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 09:55:24.0935 2332 Filetrace - ok 09:55:24.0975 2332 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 09:55:24.0997 2332 flpydisk - ok 09:55:25.0027 2332 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 09:55:25.0037 2332 FltMgr - ok 09:55:25.0087 2332 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 09:55:25.0107 2332 FsDepends - ok 09:55:25.0127 2332 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 09:55:25.0146 2332 Fs_Rec - ok 09:55:25.0189 2332 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 09:55:25.0209 2332 fvevol - ok 09:55:25.0253 2332 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 09:55:25.0261 2332 gagp30kx - ok 09:55:25.0291 2332 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 09:55:25.0331 2332 hcw85cir - ok 09:55:25.0381 2332 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 09:55:25.0421 2332 HdAudAddService - ok 09:55:25.0451 2332 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys 09:55:25.0481 2332 HDAudBus - ok 09:55:25.0521 2332 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 09:55:25.0551 2332 HidBatt - ok 09:55:25.0581 2332 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 09:55:25.0621 2332 HidBth - ok 09:55:25.0671 2332 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 09:55:25.0701 2332 HidIr - ok 09:55:25.0771 2332 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys 09:55:25.0801 2332 HidUsb - ok 09:55:25.0893 2332 HpqKbFiltr (1210960ff8928950d2a786895b0c424a) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys 09:55:25.0933 2332 HpqKbFiltr - ok 09:55:25.0983 2332 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 09:55:25.0993 2332 HpSAMD - ok 09:55:26.0053 2332 HTCAND32 (950cc1e6ae3a6cd23e0945cde089b02c) C:\Windows\system32\Drivers\ANDROIDUSB.sys 09:55:26.0113 2332 HTCAND32 - ok 09:55:26.0165 2332 htcnprot (339adefad60353f960e3ca67ce468c24) C:\Windows\system32\DRIVERS\htcnprot.sys 09:55:26.0205 2332 htcnprot - ok 09:55:26.0255 2332 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 09:55:26.0317 2332 HTTP - ok 09:55:26.0347 2332 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 09:55:26.0357 2332 hwpolicy - ok 09:55:26.0397 2332 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 09:55:26.0427 2332 i8042prt - ok 09:55:26.0477 2332 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 09:55:26.0497 2332 iaStorV - ok 09:55:26.0649 2332 igfx (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys 09:55:26.0793 2332 igfx - ok 09:55:26.0913 2332 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 09:55:26.0913 2332 iirsp - ok 09:55:26.0964 2332 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 09:55:26.0973 2332 intelide - ok 09:55:27.0005 2332 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 09:55:27.0025 2332 intelppm - ok 09:55:27.0065 2332 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 09:55:27.0095 2332 IpFilterDriver - ok 09:55:27.0151 2332 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 09:55:27.0217 2332 IPMIDRV - ok 09:55:27.0267 2332 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 09:55:27.0307 2332 IPNAT - ok 09:55:27.0347 2332 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 09:55:27.0397 2332 IRENUM - ok 09:55:27.0437 2332 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 09:55:27.0448 2332 isapnp - ok 09:55:27.0478 2332 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 09:55:27.0488 2332 iScsiPrt - ok 09:55:27.0528 2332 JMCR (8c17deb1995e593853373c30485e7368) C:\Windows\system32\DRIVERS\jmcr.sys 09:55:27.0568 2332 JMCR - ok 09:55:27.0618 2332 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys 09:55:27.0628 2332 kbdclass - ok 09:55:27.0668 2332 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys 09:55:27.0688 2332 kbdhid - ok 09:55:27.0738 2332 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys 09:55:27.0740 2332 KSecDD - ok 09:55:27.0770 2332 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys 09:55:27.0780 2332 KSecPkg - ok 09:55:27.0882 2332 Lavasoft Kernexplorer - ok 09:55:28.0034 2332 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 09:55:28.0084 2332 lltdio - ok 09:55:28.0136 2332 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 09:55:28.0156 2332 LSI_FC - ok 09:55:28.0187 2332 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 09:55:28.0198 2332 LSI_SAS - ok 09:55:28.0208 2332 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 09:55:28.0218 2332 LSI_SAS2 - ok 09:55:28.0258 2332 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 09:55:28.0268 2332 LSI_SCSI - ok 09:55:28.0288 2332 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 09:55:28.0328 2332 luafv - ok 09:55:28.0348 2332 MBAMProtector - ok 09:55:28.0400 2332 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 09:55:28.0410 2332 megasas - ok 09:55:28.0440 2332 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 09:55:28.0450 2332 MegaSR - ok 09:55:28.0500 2332 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 09:55:28.0540 2332 Modem - ok 09:55:28.0592 2332 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 09:55:28.0622 2332 monitor - ok 09:55:28.0672 2332 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys 09:55:28.0672 2332 mouclass - ok 09:55:28.0712 2332 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 09:55:28.0742 2332 mouhid - ok 09:55:28.0782 2332 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 09:55:28.0812 2332 mountmgr - ok 09:55:28.0847 2332 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 09:55:28.0854 2332 mpio - ok 09:55:28.0884 2332 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 09:55:28.0914 2332 mpsdrv - ok 09:55:28.0966 2332 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 09:55:29.0016 2332 MRxDAV - ok 09:55:29.0066 2332 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 09:55:29.0106 2332 mrxsmb - ok 09:55:29.0146 2332 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 09:55:29.0166 2332 mrxsmb10 - ok 09:55:29.0206 2332 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 09:55:29.0226 2332 mrxsmb20 - ok 09:55:29.0286 2332 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 09:55:29.0296 2332 msahci - ok 09:55:29.0336 2332 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 09:55:29.0346 2332 msdsm - ok 09:55:29.0396 2332 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 09:55:29.0426 2332 Msfs - ok 09:55:29.0468 2332 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 09:55:29.0538 2332 mshidkmdf - ok 09:55:29.0610 2332 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 09:55:29.0630 2332 msisadrv - ok 09:55:29.0732 2332 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 09:55:29.0772 2332 MSKSSRV - ok 09:55:29.0805 2332 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 09:55:29.0844 2332 MSPCLOCK - ok 09:55:29.0854 2332 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 09:55:29.0896 2332 MSPQM - ok 09:55:29.0926 2332 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 09:55:29.0936 2332 MsRPC - ok 09:55:29.0986 2332 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 09:55:29.0986 2332 mssmbios - ok 09:55:30.0006 2332 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 09:55:30.0046 2332 MSTEE - ok 09:55:30.0090 2332 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 09:55:30.0098 2332 MTConfig - ok 09:55:30.0118 2332 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 09:55:30.0128 2332 Mup - ok 09:55:30.0188 2332 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 09:55:30.0238 2332 NativeWifiP - ok 09:55:30.0331 2332 NBVol (e240f3204e86b7b6ccf266b2a2ad32b4) C:\Windows\system32\DRIVERS\NBVol.sys 09:55:30.0367 2332 NBVol - ok 09:55:30.0400 2332 NBVolUp (c0cf3cccce3c75f7280c89029ab47866) C:\Windows\system32\DRIVERS\NBVolUp.sys 09:55:30.0410 2332 NBVolUp - ok 09:55:30.0470 2332 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 09:55:30.0490 2332 NDIS - ok 09:55:30.0542 2332 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 09:55:30.0572 2332 NdisCap - ok 09:55:30.0614 2332 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 09:55:30.0644 2332 NdisTapi - ok 09:55:30.0706 2332 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 09:55:30.0770 2332 Ndisuio - ok 09:55:30.0798 2332 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 09:55:30.0838 2332 NdisWan - ok 09:55:30.0885 2332 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 09:55:30.0910 2332 NDProxy - ok 09:55:30.0952 2332 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 09:55:31.0002 2332 NetBIOS - ok 09:55:31.0042 2332 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 09:55:31.0072 2332 NetBT - ok 09:55:31.0257 2332 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys 09:55:31.0420 2332 netw5v32 - ok 09:55:31.0546 2332 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 09:55:31.0566 2332 nfrd960 - ok 09:55:31.0626 2332 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 09:55:31.0686 2332 Npfs - ok 09:55:31.0728 2332 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 09:55:31.0768 2332 nsiproxy - ok 09:55:31.0830 2332 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 09:55:31.0870 2332 Ntfs - ok 09:55:31.0907 2332 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 09:55:31.0952 2332 Null - ok 09:55:31.0993 2332 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 09:55:32.0004 2332 nvraid - ok 09:55:32.0024 2332 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 09:55:32.0042 2332 nvstor - ok 09:55:32.0076 2332 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 09:55:32.0086 2332 nv_agp - ok 09:55:32.0116 2332 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 09:55:32.0146 2332 ohci1394 - ok 09:55:32.0248 2332 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 09:55:32.0258 2332 Parport - ok 09:55:32.0288 2332 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 09:55:32.0298 2332 partmgr - ok 09:55:32.0331 2332 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 09:55:32.0368 2332 Parvdm - ok 09:55:32.0439 2332 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 09:55:32.0452 2332 pci - ok 09:55:32.0473 2332 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 09:55:32.0483 2332 pciide - ok 09:55:32.0528 2332 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 09:55:32.0542 2332 pcmcia - ok 09:55:32.0602 2332 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 09:55:32.0618 2332 pcw - ok 09:55:32.0655 2332 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 09:55:32.0710 2332 PEAUTH - ok 09:55:32.0800 2332 Point32 (896d916de06f5502d301e8c4dc442ae8) C:\Windows\system32\DRIVERS\point32.sys 09:55:32.0815 2332 Point32 - ok 09:55:32.0866 2332 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 09:55:32.0904 2332 PptpMiniport - ok 09:55:32.0932 2332 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 09:55:32.0956 2332 Processor - ok 09:55:33.0016 2332 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 09:55:33.0066 2332 Psched - ok 09:55:33.0128 2332 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 09:55:33.0158 2332 ql2300 - ok 09:55:33.0190 2332 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 09:55:33.0200 2332 ql40xx - ok 09:55:33.0230 2332 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 09:55:33.0250 2332 QWAVEdrv - ok 09:55:33.0280 2332 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 09:55:33.0330 2332 RasAcd - ok 09:55:33.0382 2332 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 09:55:33.0412 2332 RasAgileVpn - ok 09:55:33.0456 2332 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 09:55:33.0494 2332 Rasl2tp - ok 09:55:33.0546 2332 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 09:55:33.0596 2332 RasPppoe - ok 09:55:33.0638 2332 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 09:55:33.0688 2332 RasSstp - ok 09:55:33.0730 2332 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 09:55:33.0780 2332 rdbss - ok 09:55:33.0822 2332 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 09:55:33.0842 2332 rdpbus - ok 09:55:33.0882 2332 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 09:55:33.0922 2332 RDPCDD - ok 09:55:33.0968 2332 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 09:55:33.0994 2332 RDPENCDD - ok 09:55:34.0036 2332 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 09:55:34.0076 2332 RDPREFMP - ok 09:55:34.0127 2332 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys 09:55:34.0168 2332 RDPWD - ok 09:55:34.0240 2332 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 09:55:34.0270 2332 rdyboost - ok 09:55:34.0332 2332 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys 09:55:34.0342 2332 RFCOMM - ok 09:55:34.0422 2332 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 09:55:34.0452 2332 rspndr - ok 09:55:34.0504 2332 RTL8167 (26a9d6227d12b9d9da5a81bb9b55d810) C:\Windows\system32\DRIVERS\Rt86win7.sys 09:55:34.0554 2332 RTL8167 - ok 09:55:34.0611 2332 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 09:55:34.0616 2332 sbp2port - ok 09:55:34.0666 2332 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 09:55:34.0716 2332 scfilter - ok 09:55:34.0778 2332 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys 09:55:34.0808 2332 sdbus - ok 09:55:34.0858 2332 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 09:55:34.0898 2332 secdrv - ok 09:55:34.0960 2332 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 09:55:34.0990 2332 Serenum - ok 09:55:35.0020 2332 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 09:55:35.0254 2332 Serial - ok 09:55:35.0292 2332 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 09:55:35.0537 2332 sermouse - ok 09:55:35.0591 2332 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 09:55:35.0865 2332 sffdisk - ok 09:55:35.0887 2332 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 09:55:36.0042 2332 sffp_mmc - ok 09:55:36.0072 2332 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 09:55:36.0242 2332 sffp_sd - ok 09:55:36.0276 2332 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 09:55:36.0306 2332 sfloppy - ok 09:55:36.0372 2332 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 09:55:36.0382 2332 sisagp - ok 09:55:36.0418 2332 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 09:55:36.0428 2332 SiSRaid2 - ok 09:55:36.0448 2332 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 09:55:36.0458 2332 SiSRaid4 - ok 09:55:36.0501 2332 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 09:55:36.0740 2332 Smb - ok 09:55:36.0780 2332 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 09:55:36.0790 2332 spldr - ok 09:55:36.0850 2332 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 09:55:36.0902 2332 srv - ok 09:55:36.0942 2332 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 09:55:36.0962 2332 srv2 - ok 09:55:36.0999 2332 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS 09:55:37.0034 2332 SrvHsfHDA - ok 09:55:37.0074 2332 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS 09:55:37.0134 2332 SrvHsfV92 - ok 09:55:37.0174 2332 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS 09:55:37.0204 2332 SrvHsfWinac - ok 09:55:37.0242 2332 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 09:55:37.0378 2332 srvnet - ok 09:55:37.0458 2332 ssudmdm (8f299012ef58246f1c98de7b7e48dbf0) C:\Windows\system32\DRIVERS\ssudmdm.sys 09:55:37.0478 2332 ssudmdm - ok 09:55:37.0520 2332 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 09:55:37.0530 2332 stexstor - ok 09:55:37.0580 2332 STHDA (dadb74bf26766757dbba9c5912969ebf) C:\Windows\system32\DRIVERS\stwrt.sys 09:55:37.0610 2332 STHDA - ok 09:55:37.0659 2332 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 09:55:37.0667 2332 swenum - ok 09:55:37.0782 2332 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys 09:55:37.0812 2332 Tcpip - ok 09:55:37.0996 2332 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys 09:55:38.0026 2332 TCPIP6 - ok 09:55:38.0145 2332 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 09:55:38.0185 2332 tcpipreg - ok 09:55:38.0228 2332 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 09:55:38.0270 2332 TDPIPE - ok 09:55:38.0290 2332 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys 09:55:38.0330 2332 TDTCP - ok 09:55:38.0382 2332 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 09:55:38.0422 2332 tdx - ok 09:55:38.0470 2332 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 09:55:38.0474 2332 TermDD - ok 09:55:38.0556 2332 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 09:55:38.0586 2332 tssecsrv - ok 09:55:38.0628 2332 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 09:55:38.0668 2332 TsUsbFlt - ok 09:55:38.0739 2332 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 09:55:38.0799 2332 tunnel - ok 09:55:38.0839 2332 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 09:55:38.0841 2332 uagp35 - ok 09:55:38.0891 2332 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 09:55:38.0941 2332 udfs - ok 09:55:39.0003 2332 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 09:55:39.0014 2332 uliagpkx - ok 09:55:39.0053 2332 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys 09:55:39.0283 2332 umbus - ok 09:55:39.0309 2332 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 09:55:39.0565 2332 UmPass - ok 09:55:39.0626 2332 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys 09:55:39.0668 2332 USBAAPL - ok 09:55:39.0708 2332 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 09:55:39.0728 2332 usbccgp - ok 09:55:39.0778 2332 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 09:55:39.0788 2332 usbcir - ok 09:55:39.0818 2332 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 09:55:39.0848 2332 usbehci - ok 09:55:39.0918 2332 usbfilter (0150b06d3e73f6c27afcb963fd931820) C:\Windows\system32\DRIVERS\usbfilter.sys 09:55:39.0952 2332 usbfilter - ok 09:55:39.0990 2332 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 09:55:40.0020 2332 usbhub - ok 09:55:40.0070 2332 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys 09:55:40.0100 2332 usbohci - ok 09:55:40.0150 2332 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 09:55:40.0170 2332 usbprint - ok 09:55:40.0230 2332 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 09:55:40.0242 2332 usbscan - ok 09:55:40.0282 2332 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 09:55:40.0322 2332 USBSTOR - ok 09:55:40.0362 2332 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys 09:55:40.0372 2332 usbuhci - ok 09:55:40.0412 2332 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys 09:55:40.0452 2332 usbvideo - ok 09:55:40.0504 2332 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 09:55:40.0514 2332 vdrvroot - ok 09:55:40.0544 2332 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 09:55:40.0586 2332 vga - ok 09:55:40.0626 2332 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 09:55:40.0648 2332 VgaSave - ok 09:55:40.0683 2332 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 09:55:40.0695 2332 vhdmp - ok 09:55:40.0726 2332 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 09:55:40.0736 2332 viaagp - ok 09:55:40.0762 2332 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 09:55:40.0790 2332 ViaC7 - ok 09:55:40.0837 2332 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 09:55:40.0846 2332 viaide - ok 09:55:40.0873 2332 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 09:55:40.0882 2332 volmgr - ok 09:55:40.0912 2332 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 09:55:40.0929 2332 volmgrx - ok 09:55:40.0976 2332 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 09:55:40.0990 2332 volsnap - ok 09:55:41.0034 2332 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 09:55:41.0044 2332 vsmraid - ok 09:55:41.0083 2332 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys 09:55:41.0116 2332 vwifibus - ok 09:55:41.0146 2332 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys 09:55:41.0186 2332 vwififlt - ok 09:55:41.0227 2332 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 09:55:41.0268 2332 WacomPen - ok 09:55:41.0328 2332 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 09:55:41.0368 2332 WANARP - ok 09:55:41.0378 2332 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 09:55:41.0418 2332 Wanarpv6 - ok 09:55:41.0492 2332 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 09:55:41.0502 2332 Wd - ok 09:55:41.0533 2332 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 09:55:41.0542 2332 Wdf01000 - ok 09:55:41.0624 2332 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 09:55:41.0644 2332 WfpLwf - ok 09:55:41.0664 2332 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 09:55:41.0681 2332 WIMMount - ok 09:55:41.0776 2332 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys 09:55:41.0796 2332 WinUsb - ok 09:55:41.0837 2332 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 09:55:41.0858 2332 WmiAcpi - ok 09:55:41.0921 2332 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 09:55:41.0960 2332 ws2ifsl - ok 09:55:42.0032 2332 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 09:55:42.0062 2332 WudfPf - ok 09:55:42.0114 2332 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 09:55:42.0164 2332 WUDFRd - ok 09:55:42.0246 2332 yukonw7 (b07c5b7efdf936ff93d4f540938725be) C:\Windows\system32\DRIVERS\yk62x86.sys 09:55:42.0266 2332 yukonw7 - ok 09:55:42.0311 2332 MBR (0x1B8) (87b60ba824650a5a22043915b40a338e) \Device\Harddisk0\DR0 09:55:42.0338 2332 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected 09:55:42.0338 2332 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0) 09:55:42.0408 2332 Boot (0x1200) (ab9c3f458846aa4505070124e9456fc2) \Device\Harddisk0\DR0\Partition0 09:55:42.0408 2332 \Device\Harddisk0\DR0\Partition0 - ok 09:55:42.0418 2332 Boot (0x1200) (95e78351fccb63d801d16fcf6567be26) \Device\Harddisk0\DR0\Partition1 09:55:42.0418 2332 \Device\Harddisk0\DR0\Partition1 - ok 09:55:42.0461 2332 Boot (0x1200) (7b080ef081319fc5937d01f29cf41bff) \Device\Harddisk0\DR0\Partition2 09:55:42.0462 2332 \Device\Harddisk0\DR0\Partition2 - ok 09:55:42.0470 2332 Boot (0x1200) (91b00e461e6114437d77a1c5480e260e) \Device\Harddisk0\DR0\Partition3 09:55:42.0480 2332 \Device\Harddisk0\DR0\Partition3 - ok 09:55:42.0480 2332 ============================================================ 09:55:42.0480 2332 Scan finished 09:55:42.0480 2332 ============================================================ 09:55:42.0500 3748 Detected object count: 1 09:55:42.0500 3748 Actual detected object count: 1 09:56:25.0785 3748 \Device\Harddisk0\DR0\# - copied to quarantine 09:56:25.0786 3748 \Device\Harddisk0\DR0 - copied to quarantine 09:56:25.0824 3748 \Device\Harddisk0\DR0 - processing error 09:56:41.0825 3748 \Device\Harddisk0\DR0 - will be restored on reboot 09:56:42.0317 3748 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Cure Restore 09:56:45.0269 6128 Deinitialize success
  8. ok after all that, combofix was able to tell me I are infected with rootkit.zeroaccess combofix kept crashing during scanning/removal, it also stated that it is in my tcp/ip settings my pc still disables a few of the my startup programs, like catcalyst control centre, malwarebytes (see the screen shot on post 1) everytime I open firefox it asks if I want it to be the default browser (even though I chose yes and tick the box) I get random popups from "webpage" stating either just "thankyou" or "congratulations you have won a ipad2" or "are you sure you want to navigate away from this page" I always shut them down with alt + F4
  9. as requested . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31 Run by Matthew at 10:20:28 on 2012-03-20 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.1788.835 [GMT 11:00] . AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} . ============== Running Processes =============== . C:\PROGRA~1\AVG\AVG2012\avgrsx.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files\Emsisoft Anti-Malware\a2service.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe C:\Program Files\LSI SoftModem\agrsmsvc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files\AVG\AVG2012\avgnsx.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files\Hp\HP Software Update\hpwuschd2.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Windows\system32\conhost.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Users\Matthew\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files\Nero\Update\NASvc.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Users\Matthew\Downloads\ATF_Cleaner.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://friendly-google-search.blogspot.com uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~4\office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~4\office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll" TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll uRun: [Google Update] "c:\users\matthew\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [Apoint] c:\program files\apoint2k\Apoint.exe mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [<NO NAME>] mRun: [WirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe mRun: [sysTrayApp] c:\program files\idt\wdm\sttray.exe mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe" mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon mRun: [CanonSolutionMenuEx] c:\program files\canon\solution menu ex\CNSEMAIN.EXE /logon mRun: [iJNetworkScanUtility] c:\program files\canon\canon ij network scan utility\CNMNSUT.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [sSDMonitor] c:\program files\common files\pc tools\smonitor\SSDMonitor.exe uPolicies-explorer: NoInstrumentation = 1 mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) mPolicies-system: EnableLinkedConnections = 1 (0x1) IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105 IE: Upload to Facebook - c:\program files\uploadrabbitforfacebook\iecontext.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: DhcpNameServer = 203.12.160.35 203.12.160.36 192.168.1.1 TCP: Interfaces\{0C22E69E-3C0B-449F-8EC6-12F9AB67FC80} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{6E9E60BE-0811-410A-BA40-9D94B19AE934} : DhcpNameServer = 203.12.160.35 203.12.160.36 192.168.1.1 TCP: Interfaces\{6E9E60BE-0811-410A-BA40-9D94B19AE934}\E43435 : DhcpNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~4\office14\GROOVEEX.DLL mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe" . ================= FIREFOX =================== . FF - ProfilePath - c:\users\matthew\appdata\roaming\mozilla\firefox\profiles\0llz4515.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/ FF - plugin: c:\progra~1\common~1\nero\browse~1\npBrowserPlugin.dll FF - plugin: c:\progra~1\micros~4\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~4\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\users\matthew\appdata\local\google\update\1.3.21.99\npGoogleUpdate3.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2012-3-11 64512] R0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\drivers\NBVol.sys [2012-1-31 56496] R0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\drivers\NBVolUp.sys [2012-1-31 12464] R1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files\emsisoft anti-malware\a2ddax86.sys [2012-3-12 17904] R1 a2injectiondriver;a2injectiondriver;c:\program files\emsisoft anti-malware\a2dix86.sys [2012-3-12 34768] R1 a2util;a-squared Malware-IDS utility driver;c:\program files\emsisoft anti-malware\a2util32.sys [2012-3-12 11776] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-18 12872] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-11 67656] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2012-1-5 167936] R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2012-1-5 27320] S3 a2acc;a2acc;c:\program files\emsisoft anti-malware\a2accx86.sys [2012-3-12 51632] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2012-2-2 80184] S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-10-26 25088] S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2010-6-23 23040] S3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2009-7-29 116064] S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-12-23 15232] S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-11 4231168] S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-14 207360] S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-14 980992] S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-14 661504] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2012-2-2 181432] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-1-9 52224] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-14 311296] . =============== Created Last 30 ================ . 2012-03-17 06:01:10 -------- d-----w- c:\users\matthew\appdata\local\Wizards of the Coast 2012-03-17 06:00:25 -------- d-----w- c:\users\matthew\appdata\local\IsolatedStorage 2012-03-17 05:56:44 -------- d-----w- c:\users\matthew\appdata\local\Apps 2012-03-17 05:56:43 -------- d-----w- c:\users\matthew\appdata\local\Deployment 2012-03-17 04:21:51 -------- d-----w- c:\users\matthew\appdata\local\CyberLink 2012-03-13 13:53:22 -------- d-----w- c:\users\matthew\appdata\roaming\Registry Mechanic 2012-03-13 10:54:34 -------- d-----w- c:\users\matthew\appdata\roaming\SUPERAntiSpyware.com 2012-03-13 10:54:34 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-03-13 10:54:24 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-03-12 09:48:41 -------- d-----w- c:\program files\Emsisoft Anti-Malware 2012-03-12 00:11:24 880640 ----a-w- c:\windows\system32\UniBox10.ocx 2012-03-12 00:11:24 512472 ----a-w- c:\windows\system32\msxml.dll 2012-03-12 00:11:24 37336 ----a-w- c:\windows\system32\CleanMFT32.exe 2012-03-12 00:11:24 212992 ----a-w- c:\windows\system32\UniBoxVB12.ocx 2012-03-12 00:11:24 1101824 ----a-w- c:\windows\system32\UniBox210.ocx 2012-03-12 00:11:23 658432 ----a-w- c:\windows\system32\MSCOMCT2.OCX 2012-03-12 00:11:20 -------- d-----w- c:\program files\PC Tools 2012-03-12 00:11:20 -------- d-----w- c:\program files\common files\PC Tools 2012-03-12 00:07:59 -------- d-----w- c:\programdata\PC Tools 2012-03-12 00:07:58 -------- d-----w- c:\users\matthew\appdata\roaming\Product_RM 2012-03-11 11:56:00 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2012-03-11 11:51:24 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys 2012-03-11 11:51:11 -------- d-----w- c:\program files\Lavasoft 2012-03-11 07:59:40 -------- d-----w- c:\users\matthew\appdata\roaming\Malwarebytes 2012-03-11 07:59:29 -------- d-----w- c:\programdata\Malwarebytes 2012-03-11 07:59:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-03-11 06:15:07 -------- d--h--w- C:\$AVG 2012-03-11 06:13:43 -------- d-----w- c:\program files\DA2CE 2012-03-11 06:13:40 -------- d-----w- c:\program files\LP 2012-03-11 06:13:11 -------- d--h--w- c:\users\matthew\appdata\roaming\C4ADA 2012-03-03 09:52:17 -------- d--h--w- c:\users\matthew\appdata\local\Apple Computer 2012-03-03 09:51:14 -------- d-----w- c:\program files\iPod 2012-03-03 09:51:13 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2012-03-03 09:51:13 -------- d-----w- c:\program files\iTunes 2012-03-03 09:50:14 -------- d--h--w- c:\users\matthew\appdata\local\Apple 2012-03-03 09:48:29 -------- d-----w- c:\program files\Bonjour 2012-03-02 13:45:50 -------- d-----w- c:\programdata\PopCap Games 2012-03-02 12:44:01 -------- d-----w- c:\program files\Plants vs. Zombies 2 Zombatar 2012-02-29 10:09:27 -------- d--h--w- c:\users\matthew\appdata\roaming\Natural Threat.Ominous Shores 2012-02-29 06:06:40 -------- d-----w- c:\program files\Microsoft Synchronization Services 2012-02-29 06:04:26 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2012-02-29 06:03:29 -------- d-----w- c:\program files\Microsoft Analysis Services 2012-02-29 06:03:10 -------- d-----w- c:\windows\SHELLNEW 2012-02-27 07:39:28 -------- d--h--w- c:\users\matthew\appdata\roaming\GameInvest 2012-02-25 11:12:12 -------- d-----w- c:\users\matthew\appdata\roaming\JoyBits 2012-02-25 11:10:08 -------- d-----w- c:\program files\Foxy Games 2012-02-25 11:10:05 -------- d-----w- C:\Downloads 2012-02-23 19:20:33 -------- d--h--w- c:\users\matthew\appdata\roaming\Temp 2012-02-23 02:44:12 -------- d--h--w- c:\users\matthew\appdata\roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 2012-02-23 02:44:01 -------- d--h--w- c:\users\matthew\appdata\local\Htc 2012-02-23 02:43:04 -------- d-----w- c:\users\matthew\appdata\roaming\HTC 2012-02-23 02:41:15 -------- d-----w- c:\program files\Spirent Communications 2012-02-23 02:40:47 -------- d-----w- c:\program files\HTC 2012-02-23 02:39:37 -------- d-----w- c:\program files\MSXML 4.0 2012-02-19 09:44:47 -------- d-----w- c:\users\matthew\appdata\roaming\Friday's games . ==================== Find3M ==================== . 2012-03-13 12:25:19 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-02-16 07:11:31 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-01-31 04:51:49 152576 ----a-w- c:\windows\system32\msclmd.dll 2012-01-31 03:10:05 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-01-31 03:10:05 161792 ----a-w- c:\windows\system32\msls31.dll 2012-01-31 03:10:04 86528 ----a-w- c:\windows\system32\iesysprep.dll 2012-01-31 03:10:04 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-01-31 03:10:04 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-01-31 03:10:04 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-01-31 03:10:01 63488 ----a-w- c:\windows\system32\tdc.ocx 2012-01-31 03:10:01 367104 ----a-w- c:\windows\system32\html.iec 2012-01-31 03:10:00 74752 ----a-w- c:\windows\system32\iesetup.dll 2012-01-31 03:09:59 23552 ----a-w- c:\windows\system32\licmgr10.dll 2012-01-31 03:09:59 152064 ----a-w- c:\windows\system32\wextract.exe 2012-01-31 03:09:58 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-01-31 03:09:58 150528 ----a-w- c:\windows\system32\iexpress.exe 2012-01-31 03:09:58 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-01-31 03:09:57 35840 ----a-w- c:\windows\system32\imgutil.dll 2012-01-31 03:09:57 11776 ----a-w- c:\windows\system32\mshta.exe 2012-01-31 03:09:57 101888 ----a-w- c:\windows\system32\admparse.dll 2012-01-14 03:35:54 2343424 ----a-w- c:\windows\system32\win32k.sys 2012-01-04 21:38:10 505128 ----a-w- c:\windows\system32\msvcp71.dll 2012-01-04 21:38:10 353576 ----a-w- c:\windows\system32\msvcr71.dll 2012-01-04 21:38:10 29480 ----a-w- c:\windows\system32\msxml3a.dll 2012-01-04 21:28:54 0 ----a-w- c:\windows\ativpsrm.bin 2012-01-04 08:58:41 442880 ----a-w- c:\windows\system32\ntshrui.dll 2011-12-30 05:27:56 478720 ----a-w- c:\windows\system32\timedate.cpl . ============= FINISH: 10:29:32.10 ===============
  10. Merged post Hi guys and gals, I really need some help, I have been infected with some unknown virus. I have run numerous scans with AVG and malwarebytes all coming back with nothing, The symptoms I am getting at are: Slow pc pop up messages on my desktop randomly "message from webpage, congrats you have won a ipad 2" everytime I start firefox I get "this is not your default browser, will you make it" I tick yes and dont ask me again. Have attached the 2 dds files, And Hijackthis Log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:06:46 PM, on 14/03/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files\Hp\HP Software Update\hpwuschd2.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Apoint2K\Apntex.exe C:\Windows\system32\conhost.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Users\Matthew\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe C:\Windows\system32\taskeng.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe C:\Users\Matthew\Downloads\HijackThis.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/CQALL/13 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://friendly-goog...ch.blogspot.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/CQALL/13 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/CQALL/13 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [sSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Upload to Facebook - C:\Program Files\UploadRabbitforFacebook\iecontext.htm O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Emsisoft Anti-Malware 6.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe -- End of file - 11092 bytesDDS.txtAttach.txt And I am now getting this error from Malwarebytes
  11. Hi guys and gals, I really need some help, I have been infected with some unknown virus. I have run numerous scans with AVG and malwarebytes all coming back with nothing, The symptoms I am getting at are: Slow pc pop up messages on my desktop randomly "message from webpage, congrats you have won a ipad 2" everytime I start firefox I get "this is not your default browser, will you make it" I tick yes and dont ask me again. I have a hijackthis log below, but have no idea what to look for, hoping someone can help me Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:06:46 PM, on 14/03/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files\Hp\HP Software Update\hpwuschd2.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Apoint2K\Apntex.exe C:\Windows\system32\conhost.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Users\Matthew\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe C:\Windows\system32\taskeng.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe C:\Users\Matthew\Downloads\HijackThis.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/CQALL/13 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://friendly-google-search.blogspot.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/CQALL/13 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/CQALL/13 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [sSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Upload to Facebook - C:\Program Files\UploadRabbitforFacebook\iecontext.htm O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Emsisoft Anti-Malware 6.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe -- End of file - 11092 bytes
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.