-
Posts
11 -
Joined
-
Last visited
Reputation
0 NeutralProfile Information
-
Location
Australia
-
seems ok, will leave it at that, hopefully I wont have to speak to you again (I mean that in the nicest possible way haha) thanks! Matt
-
seems ok, but malwarebytes still wont work, im guessing its corrupted and i should re-install. but so far so good. i dont like having to make firefox default everytime, but yea
-
ComboFix 12-03-18.04 - Matthew 21/03/2012 10:25:28.3.1 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.1788.1194 [GMT 11:00] Running from: c:\users\Matthew\Downloads\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . c:\users\Matthew\AppData\Local\TempDIR c:\windows\system32\system32 c:\windows\system32\system32\3DAudio.ax c:\windows\system32\system32\avrt.dll c:\windows\system32\system32\cis-2.4.dll c:\windows\system32\system32\issacapi_bs-2.3.dll c:\windows\system32\system32\issacapi_pe-2.3.dll c:\windows\system32\system32\issacapi_se-2.3.dll c:\windows\system32\system32\MACXMLProto.dll c:\windows\system32\system32\MaDRM.dll c:\windows\system32\system32\MaJGUILib.dll c:\windows\system32\system32\MAMACExtract.dll c:\windows\system32\system32\MASetupCleaner.exe c:\windows\system32\system32\MaXMLProto.dll c:\windows\system32\system32\mfplat.dll c:\windows\system32\system32\MK_Lyric.dll c:\windows\system32\system32\MSCLib.dll c:\windows\system32\system32\MSFLib.dll c:\windows\system32\system32\MSLUR71.dll c:\windows\system32\system32\msvcp60.dll c:\windows\system32\system32\MTTELECHIP.dll c:\windows\system32\system32\MTXSYNCICON.dll c:\windows\system32\system32\muzaf1.dll c:\windows\system32\system32\muzapp.dll c:\windows\system32\system32\muzapp.exe c:\windows\system32\system32\muzdecode.ax c:\windows\system32\system32\muzeffect.ax c:\windows\system32\system32\muzmp4sp.ax c:\windows\system32\system32\muzmpgsp.ax c:\windows\system32\system32\muzoggsp.ax c:\windows\system32\system32\muzwmts.dll c:\windows\system32\system32\psapi.dll . . ((((((((((((((((((((((((( Files Created from 2012-02-20 to 2012-03-20 ))))))))))))))))))))))))))))))) . . 2012-03-20 23:57 . 2012-03-20 23:57 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-03-20 22:56 . 2012-03-20 22:56 -------- d-----w- C:\TDSSKiller_Quarantine 2012-03-20 09:35 . 2012-03-20 09:35 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9D57D94E-CC83-4776-8645-EDD0C8D09E43}\offreg.dll 2012-03-20 09:31 . 2012-02-08 06:03 6552120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9D57D94E-CC83-4776-8645-EDD0C8D09E43}\mpengine.dll 2012-03-20 04:47 . 2012-03-20 23:57 -------- d-----w- c:\users\Matthew\AppData\Local\temp 2012-03-17 06:01 . 2012-03-17 06:01 -------- d-----w- c:\users\Matthew\AppData\Local\Wizards of the Coast 2012-03-17 06:00 . 2012-03-17 06:00 -------- d-----w- c:\users\Matthew\AppData\Local\IsolatedStorage 2012-03-17 05:56 . 2012-03-17 05:56 -------- d-----w- c:\users\Matthew\AppData\Local\Apps 2012-03-17 05:56 . 2012-03-19 03:26 -------- d-----w- c:\users\Matthew\AppData\Local\Deployment 2012-03-17 04:21 . 2012-03-17 04:21 -------- d-----w- c:\users\Matthew\AppData\Local\CyberLink 2012-03-13 13:53 . 2012-03-13 13:57 -------- d-----w- c:\users\Matthew\AppData\Roaming\Registry Mechanic 2012-03-13 10:54 . 2012-03-13 10:54 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-03-12 09:48 . 2012-03-13 13:01 -------- d-----w- c:\program files\Emsisoft Anti-Malware 2012-03-12 00:11 . 2011-12-12 03:07 512472 ----a-w- c:\windows\system32\msxml.dll 2012-03-12 00:11 . 2011-12-12 03:07 37336 ----a-w- c:\windows\system32\CleanMFT32.exe 2012-03-12 00:11 . 2008-04-02 05:54 1101824 ----a-w- c:\windows\system32\UniBox210.ocx 2012-03-12 00:11 . 2008-04-02 05:53 212992 ----a-w- c:\windows\system32\UniBoxVB12.ocx 2012-03-12 00:11 . 2008-04-02 05:53 880640 ----a-w- c:\windows\system32\UniBox10.ocx 2012-03-12 00:11 . 2008-09-17 11:17 658432 ----a-w- c:\windows\system32\MSCOMCT2.OCX 2012-03-12 00:11 . 2012-03-12 00:11 -------- d-----w- c:\program files\Common Files\PC Tools 2012-03-12 00:11 . 2012-03-12 00:11 -------- d-----w- c:\program files\PC Tools 2012-03-12 00:07 . 2012-03-12 00:07 -------- d-----w- c:\programdata\PC Tools 2012-03-12 00:07 . 2012-03-12 00:07 -------- d-----w- c:\users\Matthew\AppData\Roaming\Product_RM 2012-03-11 11:56 . 2012-03-11 11:55 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2012-03-11 11:51 . 2012-03-19 23:39 -------- d-----w- c:\programdata\Lavasoft 2012-03-11 07:59 . 2012-03-11 07:59 -------- d-----w- c:\users\Matthew\AppData\Roaming\Malwarebytes 2012-03-11 07:59 . 2012-03-11 13:31 -------- d-----w- c:\programdata\Malwarebytes 2012-03-11 07:59 . 2012-03-11 12:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-03-11 06:13 . 2012-03-11 09:35 -------- d-----w- c:\program files\DA2CE 2012-03-11 06:13 . 2012-03-11 09:35 -------- d--h--w- c:\users\Matthew\AppData\Roaming\C4ADA 2012-03-03 09:52 . 2012-03-03 09:53 -------- d--h--w- c:\users\Matthew\AppData\Roaming\Apple Computer 2012-03-03 09:52 . 2012-03-03 09:52 -------- d--h--w- c:\users\Matthew\AppData\Local\Apple Computer 2012-03-03 09:51 . 2012-03-03 09:51 -------- d-----w- c:\program files\iPod 2012-03-03 09:51 . 2012-03-11 10:10 -------- d-----w- c:\program files\iTunes 2012-03-03 09:51 . 2012-03-11 10:09 -------- d-----w- c:\programdata\Apple Computer 2012-03-03 09:51 . 2012-03-03 09:52 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2012-03-03 09:50 . 2012-03-03 09:50 -------- d--h--w- c:\users\Matthew\AppData\Local\Apple 2012-03-03 09:50 . 2012-03-11 10:11 -------- d-----w- c:\program files\Apple Software Update 2012-03-03 09:48 . 2012-03-11 10:16 -------- d-----w- c:\program files\Bonjour 2012-03-03 09:48 . 2012-03-11 09:51 -------- d-----w- c:\program files\Common Files\Apple 2012-03-03 09:48 . 2012-03-03 09:50 -------- d-----w- c:\programdata\Apple 2012-03-02 13:45 . 2012-03-02 13:45 -------- d-----w- c:\programdata\PopCap Games 2012-03-02 12:44 . 2012-03-11 10:13 -------- d-----w- c:\program files\Plants vs. Zombies 2 Zombatar 2012-02-29 10:09 . 2012-02-29 10:36 -------- d--h--w- c:\users\Matthew\AppData\Roaming\Natural Threat.Ominous Shores 2012-02-29 06:06 . 2012-03-11 10:12 -------- d-----w- c:\program files\Microsoft Synchronization Services 2012-02-29 06:04 . 2012-03-11 10:12 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2012-02-29 06:03 . 2012-03-11 09:56 -------- d-----w- c:\program files\Microsoft Analysis Services 2012-02-29 06:03 . 2012-02-29 06:07 -------- d-----w- c:\windows\SHELLNEW 2012-02-29 06:02 . 2012-03-11 09:49 -------- d-----r- C:\MSOCache 2012-02-27 07:39 . 2012-02-27 07:39 -------- d--h--w- c:\users\Matthew\AppData\Roaming\GameInvest 2012-02-25 11:12 . 2012-03-11 10:05 -------- d-----w- c:\users\Matthew\AppData\Roaming\JoyBits 2012-02-25 11:10 . 2012-03-11 09:54 -------- d-----w- c:\program files\Foxy Games 2012-02-25 11:10 . 2012-02-25 11:10 -------- d-----w- C:\Downloads 2012-02-23 02:44 . 2012-03-13 12:24 -------- d--h--w- c:\users\Matthew\AppData\Local\Htc 2012-02-23 02:43 . 2012-03-11 10:05 -------- d-----w- c:\users\Matthew\AppData\Roaming\HTC 2012-02-23 02:41 . 2012-03-11 10:13 -------- d-----w- c:\program files\Spirent Communications 2012-02-23 02:40 . 2012-03-11 10:12 -------- d-----w- c:\program files\HTC 2012-02-23 02:39 . 2012-02-23 02:39 -------- d-----w- c:\program files\MSXML 4.0 . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-13 12:25 . 2012-01-06 08:33 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-02-22 22:18 . 2012-01-11 12:19 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-02-16 07:11 . 2012-01-06 08:25 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-01-31 04:51 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll 2012-01-31 03:10 . 2012-01-31 03:10 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-01-31 03:10 . 2012-01-31 03:10 161792 ----a-w- c:\windows\system32\msls31.dll 2012-01-31 03:10 . 2012-01-31 03:10 86528 ----a-w- c:\windows\system32\iesysprep.dll 2012-01-31 03:10 . 2012-01-31 03:10 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-01-31 03:10 . 2012-01-31 03:10 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-01-31 03:10 . 2012-01-31 03:10 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-01-31 03:10 . 2012-01-31 03:10 63488 ----a-w- c:\windows\system32\tdc.ocx 2012-01-31 03:10 . 2012-01-31 03:10 367104 ----a-w- c:\windows\system32\html.iec 2012-01-31 03:10 . 2012-01-31 03:10 74752 ----a-w- c:\windows\system32\iesetup.dll 2012-01-31 03:09 . 2012-01-31 03:09 23552 ----a-w- c:\windows\system32\licmgr10.dll 2012-01-31 03:09 . 2012-01-31 03:09 152064 ----a-w- c:\windows\system32\wextract.exe 2012-01-31 03:09 . 2012-01-31 03:09 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-01-31 03:09 . 2012-01-31 03:09 150528 ----a-w- c:\windows\system32\iexpress.exe 2012-01-31 03:09 . 2012-01-31 03:09 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-01-31 03:09 . 2012-01-31 03:09 35840 ----a-w- c:\windows\system32\imgutil.dll 2012-01-31 03:09 . 2012-01-31 03:09 11776 ----a-w- c:\windows\system32\mshta.exe 2012-01-31 03:09 . 2012-01-31 03:09 101888 ----a-w- c:\windows\system32\admparse.dll 2012-01-14 03:35 . 2012-02-14 23:08 2343424 ----a-w- c:\windows\system32\win32k.sys 2012-01-04 21:38 . 2012-01-04 21:38 29480 ----a-w- c:\windows\system32\msxml3a.dll 2012-01-04 21:38 . 2009-03-20 04:38 505128 ----a-w- c:\windows\system32\msvcp71.dll 2012-01-04 21:38 . 2009-03-20 04:38 353576 ----a-w- c:\windows\system32\msvcr71.dll 2012-01-04 08:58 . 2012-02-14 23:08 442880 ----a-w- c:\windows\system32\ntshrui.dll 2011-12-30 05:27 . 2012-02-14 23:08 478720 ----a-w- c:\windows\system32\timedate.cpl 2011-12-23 09:58 . 2012-02-02 04:09 4659712 ----a-w- c:\windows\system32\Redemption.dll 2011-12-23 09:58 . 2011-12-23 09:58 90112 ----a-w- c:\windows\MAMCityDownload.ocx 2011-12-23 09:58 . 2011-12-23 09:58 325552 ----a-w- c:\windows\MASetupCaller.dll 2011-12-23 09:58 . 2011-12-23 09:58 30568 ----a-w- c:\windows\MusiccityDownload.exe 2011-12-23 09:58 . 2011-12-23 09:58 974848 ----a-w- c:\windows\system32\cis-2.4.dll 2011-12-23 09:58 . 2011-12-23 09:58 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll 2011-12-23 09:58 . 2011-12-23 09:58 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll 2011-12-23 09:58 . 2011-12-23 09:58 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll 2011-12-23 09:58 . 2011-12-23 09:58 57344 ----a-w- c:\windows\system32\MK_Lyric.dll 2011-12-23 09:58 . 2011-12-23 09:58 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll 2011-12-23 09:58 . 2011-12-23 09:58 569344 ----a-w- c:\windows\system32\muzdecode.ax 2011-12-23 09:58 . 2011-12-23 09:58 491520 ----a-w- c:\windows\system32\muzapp.dll 2011-12-23 09:58 . 2011-12-23 09:58 49152 ----a-w- c:\windows\system32\MaJGUILib.dll 2011-12-23 09:58 . 2011-12-23 09:58 45056 ----a-w- c:\windows\system32\MaXMLProto.dll 2011-12-23 09:58 . 2011-12-23 09:58 45056 ----a-w- c:\windows\system32\MACXMLProto.dll 2011-12-23 09:58 . 2011-12-23 09:58 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll 2011-12-23 09:58 . 2011-12-23 09:58 40960 ----a-w- c:\windows\system32\MAMACExtract.dll 2011-12-23 09:58 . 2011-12-23 09:58 352256 ----a-w- c:\windows\system32\MSLUR71.dll 2011-12-23 09:58 . 2011-12-23 09:58 258048 ----a-w- c:\windows\system32\muzoggsp.ax 2011-12-23 09:58 . 2011-12-23 09:58 245760 ----a-w- c:\windows\system32\MSCLib.dll 2011-12-23 09:58 . 2011-12-23 09:58 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe 2011-12-23 09:58 . 2011-12-23 09:58 200704 ----a-w- c:\windows\system32\muzwmts.dll 2011-12-23 09:58 . 2011-12-23 09:58 155648 ----a-w- c:\windows\system32\MSFLib.dll 2011-12-23 09:58 . 2011-12-23 09:58 143360 ----a-w- c:\windows\system32\3DAudio.ax 2011-12-23 09:58 . 2011-12-23 09:58 135168 ----a-w- c:\windows\system32\muzaf1.dll 2011-12-23 09:58 . 2011-12-23 09:58 131072 ----a-w- c:\windows\system32\muzmpgsp.ax 2011-12-23 09:58 . 2011-12-23 09:58 122880 ----a-w- c:\windows\system32\muzeffect.ax 2011-12-23 09:58 . 2011-12-23 09:58 118784 ----a-w- c:\windows\system32\MaDRM.dll 2011-12-23 09:58 . 2011-12-23 09:58 110592 ----a-w- c:\windows\system32\muzmp4sp.ax 2011-12-23 09:58 . 2012-02-02 04:08 821824 ----a-w- c:\windows\system32\dgderapi.dll 2012-02-17 07:06 . 2012-01-06 08:24 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-03-20_04.50.10 ))))))))))))))))))))))))))))))))))))))))) . + 2009-11-09 19:04 . 2012-03-20 22:59 47964 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 04:55 . 2012-03-20 22:47 66696 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2012-01-04 04:01 . 2012-03-20 22:47 10516 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2249668314-1619009243-3578254783-1000_UserData.bin - 2012-01-04 21:24 . 2012-03-20 02:21 81920 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2012-01-04 21:24 . 2012-03-20 07:08 81920 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2012-03-20 22:57 . 2012-03-20 22:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-03-20 03:56 . 2012-03-20 03:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-03-20 22:57 . 2012-03-20 22:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-03-20 03:56 . 2012-03-20 03:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-01-04 21:24 . 2012-03-20 02:21 737280 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2012-01-04 21:24 . 2012-03-20 07:08 737280 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:41 . 2012-03-20 07:08 524288 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:41 . 2012-03-20 02:21 524288 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:47 . 2012-03-20 03:50 396980 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 04:47 . 2012-03-20 22:57 396980 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2012-01-06 23:15 . 2012-03-20 22:57 7709324 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2249668314-1619009243-3578254783-1000-12288.dat - 2012-01-06 23:15 . 2012-03-20 03:50 7709324 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2249668314-1619009243-3578254783-1000-12288.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-05 98304] "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-05-15 282624] "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-08-20 322104] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-23 495708] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-07-19 2567272] "CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-08-04 1612920] "IJNetworkScanUtility"="c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2010-08-23 206240] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872] "SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-12-12 103896] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] 2011-11-01 12:25 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader] 2011-12-20 02:32 634880 ----a-w- c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper] 2012-02-03 08:50 943504 ----a-w- c:\program files\Samsung\Kies\KiesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR] 2012-02-18 01:42 21416 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] 2012-02-03 08:50 3508624 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2011-03-04 01:45 2741616 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent] 2011-09-20 03:53 1493288 ----a-w- c:\program files\Nero\Nero 11\Nero BackItUp\NBAgent.exe . R2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360] R3 a2acc;a2acc;c:\program files\EMSISOFT ANTI-MALWARE\a2accx86.sys [2011-11-01 51632] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2011-12-08 80184] R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-26 25088] R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-22 23040] R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-28 116064] R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2011-12-08 181432] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-01-08 1343400] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296] S0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\DRIVERS\NBVol.sys [2011-07-13 56496] S0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 12464] S1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files\Emsisoft Anti-Malware\a2ddax86.sys [2011-05-19 17904] S1 a2injectiondriver;a2injectiondriver;c:\program files\Emsisoft Anti-Malware\a2dix86.sys [2011-11-01 34768] S1 a2util;a-squared Malware-IDS utility driver;c:\program files\Emsisoft Anti-Malware\a2util32.sys [2010-05-04 11776] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 a2AntiMalware;Emsisoft Anti-Malware 6.0 - Service;c:\program files\Emsisoft Anti-Malware\a2service.exe [2012-01-21 3025112] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe [2009-03-02 81920] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-05 176128] S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2011-09-23 641832] S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576] S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-12-12 793048] S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-05-23 167936] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-04-03 27320] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 59064639 *NewlyCreated* - ASWMBR *Deregistered* - 59064639 *Deregistered* - aswMBR . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2011-03-04 01:29 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Contents of the 'Scheduled Tasks' folder . 2012-03-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2249668314-1619009243-3578254783-1000Core.job - c:\users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-13 23:56] . 2012-03-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2249668314-1619009243-3578254783-1000UA.job - c:\users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-13 23:56] . 2012-03-11 c:\windows\Tasks\HPCeeScheduleForMatthew.job - c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 12:22] . 2012-03-13 c:\windows\Tasks\RMSchedule.job - c:\program files\PC Tools\PC Tools Registry Mechanic\RegMech.exe [2012-03-12 00:13] . . ------- Supplementary Scan ------- . uStart Page = hxxp://friendly-google-search.blogspot.com uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105 IE: Upload to Facebook - c:\program files\UploadRabbitforFacebook\iecontext.htm TCP: DhcpNameServer = 203.12.160.35 203.12.160.36 192.168.1.1 FF - ProfilePath - c:\users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\0llz4515.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/ . - - - - ORPHANS REMOVED - - - - . AddRemove-LSI Soft Modem - c:\windows\agrsmdel . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(2392) c:\windows\System32\netshell.dll c:\windows\System32\srchadmin.dll c:\windows\System32\QAgent.dll . Completion time: 2012-03-21 11:01:45 ComboFix-quarantined-files.txt 2012-03-21 00:01 . Pre-Run: 119,180,238,848 bytes free Post-Run: 119,304,790,016 bytes free . - - End Of File - - 59E97DA2B58A544FE253AB666C0CCA88
-
10:19:19.0063 2616 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43 10:19:20.0051 2616 ============================================================ 10:19:20.0051 2616 Current date / time: 2012/03/21 10:19:20.0051 10:19:20.0051 2616 SystemInfo: 10:19:20.0051 2616 10:19:20.0051 2616 OS Version: 6.1.7601 ServicePack: 1.0 10:19:20.0051 2616 Product type: Workstation 10:19:20.0051 2616 ComputerName: MATTHEW-PC 10:19:20.0052 2616 UserName: Matthew 10:19:20.0052 2616 Windows directory: C:\Windows 10:19:20.0052 2616 System windows directory: C:\Windows 10:19:20.0052 2616 Processor architecture: Intel x86 10:19:20.0052 2616 Number of processors: 1 10:19:20.0052 2616 Page size: 0x1000 10:19:20.0052 2616 Boot type: Normal boot 10:19:20.0052 2616 ============================================================ 10:19:21.0097 2616 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 10:19:21.0098 2616 \Device\Harddisk0\DR0: 10:19:21.0099 2616 MBR used 10:19:21.0099 2616 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800 10:19:21.0099 2616 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x23A07800 10:19:21.0099 2616 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23A6B800, BlocksNum 0x198F000 10:19:21.0099 2616 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0 10:19:21.0222 2616 Initialize success 10:19:21.0222 2616 ============================================================ 10:19:27.0691 3800 ============================================================ 10:19:27.0691 3800 Scan started 10:19:27.0691 3800 Mode: Manual; SigCheck; TDLFS; 10:19:27.0691 3800 ============================================================ 10:19:28.0376 3800 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 10:19:28.0462 3800 1394ohci - ok 10:19:28.0584 3800 a2acc (05dac43a484272de87eac038814a7840) C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys 10:19:28.0619 3800 a2acc - ok 10:19:28.0706 3800 A2DDA (f7eabca8375ea2dc6f35c4bca4757515) C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys 10:19:28.0714 3800 A2DDA - ok 10:19:28.0737 3800 a2injectiondriver (23aac49133765eeaa86a65452d21ef1c) C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys 10:19:28.0745 3800 a2injectiondriver - ok 10:19:28.0779 3800 a2util (2da26eb05b5495d3b2ee36456c239fb7) C:\Program Files\Emsisoft Anti-Malware\a2util32.sys 10:19:28.0787 3800 a2util - ok 10:19:28.0907 3800 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 10:19:28.0936 3800 ACPI - ok 10:19:28.0981 3800 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 10:19:29.0084 3800 AcpiPmi - ok 10:19:29.0274 3800 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 10:19:29.0302 3800 adp94xx - ok 10:19:29.0332 3800 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 10:19:29.0347 3800 adpahci - ok 10:19:29.0384 3800 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 10:19:29.0396 3800 adpu320 - ok 10:19:29.0480 3800 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 10:19:29.0553 3800 AFD - ok 10:19:29.0637 3800 AgereSoftModem (07758c2196a62f207f77556311e7459a) C:\Windows\system32\DRIVERS\AGRSM.sys 10:19:29.0693 3800 AgereSoftModem - ok 10:19:29.0839 3800 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 10:19:29.0863 3800 agp440 - ok 10:19:29.0903 3800 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 10:19:29.0913 3800 aic78xx - ok 10:19:29.0964 3800 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 10:19:29.0972 3800 aliide - ok 10:19:30.0006 3800 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 10:19:30.0016 3800 amdagp - ok 10:19:30.0046 3800 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 10:19:30.0055 3800 amdide - ok 10:19:30.0098 3800 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 10:19:30.0182 3800 AmdK8 - ok 10:19:30.0228 3800 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 10:19:30.0259 3800 AmdPPM - ok 10:19:30.0328 3800 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 10:19:30.0339 3800 amdsata - ok 10:19:30.0382 3800 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 10:19:30.0394 3800 amdsbs - ok 10:19:30.0421 3800 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 10:19:30.0430 3800 amdxata - ok 10:19:30.0493 3800 ApfiltrService (7df70a08b56cbbc874744d9b0b396272) C:\Windows\system32\DRIVERS\Apfiltr.sys 10:19:30.0519 3800 ApfiltrService - ok 10:19:30.0568 3800 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 10:19:30.0593 3800 AppID - ok 10:19:30.0659 3800 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 10:19:30.0669 3800 arc - ok 10:19:30.0698 3800 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 10:19:30.0708 3800 arcsas - ok 10:19:30.0764 3800 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 10:19:30.0812 3800 AsyncMac - ok 10:19:30.0860 3800 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 10:19:30.0869 3800 atapi - ok 10:19:30.0921 3800 athr (6a661d017c4e5cd313f6a55acf1d7465) C:\Windows\system32\DRIVERS\athr.sys 10:19:30.0995 3800 athr - ok 10:19:31.0201 3800 AtiHdmiService (e2398389648b5d44dc63ca43fdd5b3f8) C:\Windows\system32\drivers\AtiHdmi.sys 10:19:31.0217 3800 AtiHdmiService - ok 10:19:31.0376 3800 atikmdag (bcb9cf3b087dd15a8f33a149296e6183) C:\Windows\system32\DRIVERS\atikmdag.sys 10:19:31.0575 3800 atikmdag - ok 10:19:31.0738 3800 AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\Windows\system32\DRIVERS\AtiPcie.sys 10:19:31.0756 3800 AtiPcie - ok 10:19:31.0903 3800 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 10:19:31.0945 3800 b06bdrv - ok 10:19:32.0002 3800 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 10:19:32.0021 3800 b57nd60x - ok 10:19:32.0122 3800 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 10:19:32.0210 3800 Beep - ok 10:19:32.0269 3800 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 10:19:32.0323 3800 blbdrive - ok 10:19:32.0605 3800 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 10:19:32.0638 3800 bowser - ok 10:19:32.0661 3800 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 10:19:32.0753 3800 BrFiltLo - ok 10:19:32.0787 3800 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 10:19:32.0816 3800 BrFiltUp - ok 10:19:32.0902 3800 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys 10:19:32.0966 3800 BridgeMP - ok 10:19:33.0004 3800 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 10:19:33.0034 3800 Brserid - ok 10:19:33.0050 3800 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 10:19:33.0065 3800 BrSerWdm - ok 10:19:33.0092 3800 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 10:19:33.0117 3800 BrUsbMdm - ok 10:19:33.0148 3800 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 10:19:33.0161 3800 BrUsbSer - ok 10:19:33.0219 3800 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys 10:19:33.0277 3800 BthEnum - ok 10:19:33.0315 3800 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 10:19:33.0347 3800 BTHMODEM - ok 10:19:33.0392 3800 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys 10:19:33.0408 3800 BthPan - ok 10:19:33.0516 3800 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys 10:19:33.0557 3800 BTHPORT - ok 10:19:33.0638 3800 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys 10:19:33.0672 3800 BTHUSB - ok 10:19:33.0901 3800 catchme - ok 10:19:34.0052 3800 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 10:19:34.0137 3800 cdfs - ok 10:19:34.0190 3800 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys 10:19:34.0215 3800 cdrom - ok 10:19:34.0282 3800 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 10:19:34.0309 3800 circlass - ok 10:19:34.0346 3800 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 10:19:34.0363 3800 CLFS - ok 10:19:34.0444 3800 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 10:19:34.0466 3800 CmBatt - ok 10:19:34.0505 3800 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 10:19:34.0514 3800 cmdide - ok 10:19:34.0594 3800 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys 10:19:34.0639 3800 CNG - ok 10:19:34.0708 3800 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 10:19:34.0717 3800 Compbatt - ok 10:19:34.0811 3800 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 10:19:34.0864 3800 CompositeBus - ok 10:19:34.0915 3800 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 10:19:34.0924 3800 crcdisk - ok 10:19:34.0998 3800 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 10:19:35.0042 3800 DfsC - ok 10:19:35.0133 3800 dg_ssudbus (919f338fd36f47d860775368d0748780) C:\Windows\system32\DRIVERS\ssudbus.sys 10:19:35.0157 3800 dg_ssudbus - ok 10:19:35.0211 3800 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 10:19:35.0274 3800 discache - ok 10:19:35.0386 3800 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 10:19:35.0411 3800 Disk - ok 10:19:35.0462 3800 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 10:19:35.0496 3800 drmkaud - ok 10:19:35.0555 3800 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 10:19:35.0579 3800 DXGKrnl - ok 10:19:35.0716 3800 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 10:19:35.0795 3800 ebdrv - ok 10:19:35.0966 3800 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 10:19:35.0993 3800 elxstor - ok 10:19:36.0030 3800 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 10:19:36.0053 3800 ErrDev - ok 10:19:36.0099 3800 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 10:19:36.0127 3800 exfat - ok 10:19:36.0151 3800 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 10:19:36.0198 3800 fastfat - ok 10:19:36.0255 3800 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 10:19:36.0267 3800 fdc - ok 10:19:36.0305 3800 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 10:19:36.0315 3800 FileInfo - ok 10:19:36.0336 3800 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 10:19:36.0416 3800 Filetrace - ok 10:19:36.0442 3800 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 10:19:36.0466 3800 flpydisk - ok 10:19:36.0498 3800 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 10:19:36.0511 3800 FltMgr - ok 10:19:36.0564 3800 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 10:19:36.0573 3800 FsDepends - ok 10:19:36.0592 3800 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 10:19:36.0602 3800 Fs_Rec - ok 10:19:36.0654 3800 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 10:19:36.0669 3800 fvevol - ok 10:19:36.0709 3800 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 10:19:36.0719 3800 gagp30kx - ok 10:19:36.0752 3800 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 10:19:36.0779 3800 hcw85cir - ok 10:19:36.0865 3800 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 10:19:36.0899 3800 HdAudAddService - ok 10:19:36.0934 3800 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys 10:19:36.0968 3800 HDAudBus - ok 10:19:37.0027 3800 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 10:19:37.0082 3800 HidBatt - ok 10:19:37.0123 3800 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 10:19:37.0151 3800 HidBth - ok 10:19:37.0194 3800 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 10:19:37.0263 3800 HidIr - ok 10:19:37.0366 3800 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys 10:19:37.0422 3800 HidUsb - ok 10:19:37.0562 3800 HpqKbFiltr (1210960ff8928950d2a786895b0c424a) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys 10:19:37.0590 3800 HpqKbFiltr - ok 10:19:37.0641 3800 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 10:19:37.0652 3800 HpSAMD - ok 10:19:37.0711 3800 HTCAND32 (950cc1e6ae3a6cd23e0945cde089b02c) C:\Windows\system32\Drivers\ANDROIDUSB.sys 10:19:37.0756 3800 HTCAND32 - ok 10:19:37.0846 3800 htcnprot (339adefad60353f960e3ca67ce468c24) C:\Windows\system32\DRIVERS\htcnprot.sys 10:19:37.0879 3800 htcnprot - ok 10:19:37.0930 3800 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 10:19:37.0994 3800 HTTP - ok 10:19:38.0032 3800 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 10:19:38.0042 3800 hwpolicy - ok 10:19:38.0102 3800 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 10:19:38.0128 3800 i8042prt - ok 10:19:38.0196 3800 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 10:19:38.0211 3800 iaStorV - ok 10:19:38.0398 3800 igfx (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys 10:19:38.0548 3800 igfx - ok 10:19:38.0690 3800 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 10:19:38.0714 3800 iirsp - ok 10:19:38.0753 3800 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 10:19:38.0762 3800 intelide - ok 10:19:38.0797 3800 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 10:19:38.0821 3800 intelppm - ok 10:19:38.0864 3800 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 10:19:38.0902 3800 IpFilterDriver - ok 10:19:38.0940 3800 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 10:19:38.0965 3800 IPMIDRV - ok 10:19:38.0991 3800 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 10:19:39.0031 3800 IPNAT - ok 10:19:39.0072 3800 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 10:19:39.0110 3800 IRENUM - ok 10:19:39.0173 3800 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 10:19:39.0195 3800 isapnp - ok 10:19:39.0223 3800 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 10:19:39.0238 3800 iScsiPrt - ok 10:19:39.0281 3800 JMCR (8c17deb1995e593853373c30485e7368) C:\Windows\system32\DRIVERS\jmcr.sys 10:19:39.0299 3800 JMCR - ok 10:19:39.0332 3800 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys 10:19:39.0342 3800 kbdclass - ok 10:19:39.0387 3800 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys 10:19:39.0399 3800 kbdhid - ok 10:19:39.0449 3800 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys 10:19:39.0460 3800 KSecDD - ok 10:19:39.0488 3800 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys 10:19:39.0500 3800 KSecPkg - ok 10:19:39.0622 3800 Lavasoft Kernexplorer - ok 10:19:39.0807 3800 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 10:19:39.0870 3800 lltdio - ok 10:19:39.0922 3800 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 10:19:39.0933 3800 LSI_FC - ok 10:19:39.0953 3800 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 10:19:39.0965 3800 LSI_SAS - ok 10:19:40.0006 3800 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 10:19:40.0015 3800 LSI_SAS2 - ok 10:19:40.0047 3800 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 10:19:40.0058 3800 LSI_SCSI - ok 10:19:40.0101 3800 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 10:19:40.0167 3800 luafv - ok 10:19:40.0181 3800 MBAMProtector - ok 10:19:40.0267 3800 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 10:19:40.0276 3800 megasas - ok 10:19:40.0306 3800 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 10:19:40.0320 3800 MegaSR - ok 10:19:40.0386 3800 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 10:19:40.0427 3800 Modem - ok 10:19:40.0470 3800 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 10:19:40.0537 3800 monitor - ok 10:19:40.0605 3800 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys 10:19:40.0629 3800 mouclass - ok 10:19:40.0672 3800 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 10:19:40.0697 3800 mouhid - ok 10:19:40.0732 3800 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 10:19:40.0742 3800 mountmgr - ok 10:19:40.0779 3800 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 10:19:40.0791 3800 mpio - ok 10:19:40.0819 3800 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 10:19:40.0865 3800 mpsdrv - ok 10:19:40.0905 3800 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 10:19:40.0934 3800 MRxDAV - ok 10:19:41.0006 3800 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 10:19:41.0058 3800 mrxsmb - ok 10:19:41.0094 3800 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 10:19:41.0109 3800 mrxsmb10 - ok 10:19:41.0132 3800 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 10:19:41.0145 3800 mrxsmb20 - ok 10:19:41.0183 3800 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 10:19:41.0193 3800 msahci - ok 10:19:41.0227 3800 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 10:19:41.0238 3800 msdsm - ok 10:19:41.0309 3800 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 10:19:41.0336 3800 Msfs - ok 10:19:41.0357 3800 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 10:19:41.0398 3800 mshidkmdf - ok 10:19:41.0446 3800 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 10:19:41.0455 3800 msisadrv - ok 10:19:41.0498 3800 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 10:19:41.0544 3800 MSKSSRV - ok 10:19:41.0571 3800 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 10:19:41.0661 3800 MSPCLOCK - ok 10:19:41.0680 3800 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 10:19:41.0717 3800 MSPQM - ok 10:19:41.0747 3800 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 10:19:41.0760 3800 MsRPC - ok 10:19:41.0785 3800 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 10:19:41.0795 3800 mssmbios - ok 10:19:41.0825 3800 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 10:19:41.0904 3800 MSTEE - ok 10:19:41.0934 3800 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 10:19:41.0977 3800 MTConfig - ok 10:19:42.0049 3800 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 10:19:42.0071 3800 Mup - ok 10:19:42.0128 3800 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 10:19:42.0159 3800 NativeWifiP - ok 10:19:42.0253 3800 NBVol (e240f3204e86b7b6ccf266b2a2ad32b4) C:\Windows\system32\DRIVERS\NBVol.sys 10:19:42.0274 3800 NBVol - ok 10:19:42.0319 3800 NBVolUp (c0cf3cccce3c75f7280c89029ab47866) C:\Windows\system32\DRIVERS\NBVolUp.sys 10:19:42.0326 3800 NBVolUp - ok 10:19:42.0383 3800 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 10:19:42.0406 3800 NDIS - ok 10:19:42.0458 3800 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 10:19:42.0485 3800 NdisCap - ok 10:19:42.0526 3800 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 10:19:42.0562 3800 NdisTapi - ok 10:19:42.0624 3800 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 10:19:42.0649 3800 Ndisuio - ok 10:19:42.0696 3800 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 10:19:42.0732 3800 NdisWan - ok 10:19:42.0773 3800 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 10:19:42.0798 3800 NDProxy - ok 10:19:42.0848 3800 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 10:19:42.0893 3800 NetBIOS - ok 10:19:42.0934 3800 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 10:19:42.0966 3800 NetBT - ok 10:19:43.0158 3800 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys 10:19:43.0295 3800 netw5v32 - ok 10:19:43.0427 3800 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 10:19:43.0451 3800 nfrd960 - ok 10:19:43.0495 3800 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 10:19:43.0539 3800 Npfs - ok 10:19:43.0577 3800 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 10:19:43.0617 3800 nsiproxy - ok 10:19:43.0682 3800 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 10:19:43.0716 3800 Ntfs - ok 10:19:43.0751 3800 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 10:19:43.0796 3800 Null - ok 10:19:43.0836 3800 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 10:19:43.0847 3800 nvraid - ok 10:19:43.0873 3800 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 10:19:43.0886 3800 nvstor - ok 10:19:43.0908 3800 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 10:19:43.0920 3800 nv_agp - ok 10:19:43.0942 3800 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 10:19:43.0975 3800 ohci1394 - ok 10:19:44.0059 3800 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 10:19:44.0086 3800 Parport - ok 10:19:44.0138 3800 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 10:19:44.0148 3800 partmgr - ok 10:19:44.0174 3800 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 10:19:44.0201 3800 Parvdm - ok 10:19:44.0272 3800 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 10:19:44.0284 3800 pci - ok 10:19:44.0305 3800 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 10:19:44.0314 3800 pciide - ok 10:19:44.0372 3800 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 10:19:44.0384 3800 pcmcia - ok 10:19:44.0462 3800 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 10:19:44.0472 3800 pcw - ok 10:19:44.0510 3800 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 10:19:44.0565 3800 PEAUTH - ok 10:19:44.0644 3800 Point32 (896d916de06f5502d301e8c4dc442ae8) C:\Windows\system32\DRIVERS\point32.sys 10:19:44.0652 3800 Point32 - ok 10:19:44.0699 3800 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 10:19:44.0740 3800 PptpMiniport - ok 10:19:44.0776 3800 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 10:19:44.0802 3800 Processor - ok 10:19:44.0910 3800 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 10:19:44.0962 3800 Psched - ok 10:19:45.0040 3800 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 10:19:45.0079 3800 ql2300 - ok 10:19:45.0100 3800 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 10:19:45.0111 3800 ql40xx - ok 10:19:45.0136 3800 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 10:19:45.0150 3800 QWAVEdrv - ok 10:19:45.0174 3800 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 10:19:45.0219 3800 RasAcd - ok 10:19:45.0282 3800 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 10:19:45.0350 3800 RasAgileVpn - ok 10:19:45.0388 3800 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 10:19:45.0433 3800 Rasl2tp - ok 10:19:45.0484 3800 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 10:19:45.0529 3800 RasPppoe - ok 10:19:45.0575 3800 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 10:19:45.0620 3800 RasSstp - ok 10:19:45.0666 3800 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 10:19:45.0715 3800 rdbss - ok 10:19:45.0763 3800 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 10:19:45.0794 3800 rdpbus - ok 10:19:45.0840 3800 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 10:19:45.0880 3800 RDPCDD - ok 10:19:45.0923 3800 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 10:19:45.0957 3800 RDPENCDD - ok 10:19:45.0991 3800 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 10:19:46.0027 3800 RDPREFMP - ok 10:19:46.0071 3800 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys 10:19:46.0108 3800 RDPWD - ok 10:19:46.0179 3800 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 10:19:46.0210 3800 rdyboost - ok 10:19:46.0265 3800 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys 10:19:46.0281 3800 RFCOMM - ok 10:19:46.0344 3800 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 10:19:46.0382 3800 rspndr - ok 10:19:46.0431 3800 RTL8167 (26a9d6227d12b9d9da5a81bb9b55d810) C:\Windows\system32\DRIVERS\Rt86win7.sys 10:19:46.0459 3800 RTL8167 - ok 10:19:46.0510 3800 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 10:19:46.0521 3800 sbp2port - ok 10:19:46.0562 3800 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 10:19:46.0605 3800 scfilter - ok 10:19:46.0669 3800 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys 10:19:46.0697 3800 sdbus - ok 10:19:46.0740 3800 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 10:19:46.0783 3800 secdrv - ok 10:19:46.0848 3800 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 10:19:46.0893 3800 Serenum - ok 10:19:46.0934 3800 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 10:19:46.0962 3800 Serial - ok 10:19:47.0003 3800 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 10:19:47.0019 3800 sermouse - ok 10:19:47.0069 3800 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 10:19:47.0093 3800 sffdisk - ok 10:19:47.0120 3800 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 10:19:47.0145 3800 sffp_mmc - ok 10:19:47.0176 3800 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 10:19:47.0201 3800 sffp_sd - ok 10:19:47.0241 3800 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 10:19:47.0282 3800 sfloppy - ok 10:19:47.0350 3800 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 10:19:47.0360 3800 sisagp - ok 10:19:47.0401 3800 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 10:19:47.0411 3800 SiSRaid2 - ok 10:19:47.0435 3800 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 10:19:47.0446 3800 SiSRaid4 - ok 10:19:47.0479 3800 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 10:19:47.0508 3800 Smb - ok 10:19:47.0543 3800 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 10:19:47.0552 3800 spldr - ok 10:19:47.0617 3800 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 10:19:47.0656 3800 srv - ok 10:19:47.0688 3800 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 10:19:47.0705 3800 srv2 - ok 10:19:47.0745 3800 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS 10:19:47.0780 3800 SrvHsfHDA - ok 10:19:47.0847 3800 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS 10:19:47.0884 3800 SrvHsfV92 - ok 10:19:47.0915 3800 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS 10:19:47.0938 3800 SrvHsfWinac - ok 10:19:47.0976 3800 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 10:19:48.0009 3800 srvnet - ok 10:19:48.0087 3800 ssudmdm (8f299012ef58246f1c98de7b7e48dbf0) C:\Windows\system32\DRIVERS\ssudmdm.sys 10:19:48.0099 3800 ssudmdm - ok 10:19:48.0144 3800 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 10:19:48.0153 3800 stexstor - ok 10:19:48.0222 3800 STHDA (dadb74bf26766757dbba9c5912969ebf) C:\Windows\system32\DRIVERS\stwrt.sys 10:19:48.0270 3800 STHDA - ok 10:19:48.0315 3800 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 10:19:48.0324 3800 swenum - ok 10:19:48.0429 3800 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys 10:19:48.0465 3800 Tcpip - ok 10:19:48.0643 3800 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys 10:19:48.0674 3800 TCPIP6 - ok 10:19:48.0802 3800 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 10:19:48.0865 3800 tcpipreg - ok 10:19:48.0918 3800 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 10:19:48.0949 3800 TDPIPE - ok 10:19:48.0978 3800 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys 10:19:49.0018 3800 TDTCP - ok 10:19:49.0063 3800 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 10:19:49.0105 3800 tdx - ok 10:19:49.0149 3800 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 10:19:49.0159 3800 TermDD - ok 10:19:49.0229 3800 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 10:19:49.0253 3800 tssecsrv - ok 10:19:49.0305 3800 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 10:19:49.0333 3800 TsUsbFlt - ok 10:19:49.0401 3800 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 10:19:49.0438 3800 tunnel - ok 10:19:49.0473 3800 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 10:19:49.0483 3800 uagp35 - ok 10:19:49.0531 3800 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 10:19:49.0577 3800 udfs - ok 10:19:49.0645 3800 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 10:19:49.0666 3800 uliagpkx - ok 10:19:49.0699 3800 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys 10:19:49.0711 3800 umbus - ok 10:19:49.0743 3800 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 10:19:49.0771 3800 UmPass - ok 10:19:49.0827 3800 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys 10:19:49.0854 3800 USBAAPL - ok 10:19:49.0891 3800 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 10:19:49.0927 3800 usbccgp - ok 10:19:49.0994 3800 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 10:19:50.0026 3800 usbcir - ok 10:19:50.0055 3800 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 10:19:50.0086 3800 usbehci - ok 10:19:50.0161 3800 usbfilter (0150b06d3e73f6c27afcb963fd931820) C:\Windows\system32\DRIVERS\usbfilter.sys 10:19:50.0176 3800 usbfilter - ok 10:19:50.0207 3800 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 10:19:50.0223 3800 usbhub - ok 10:19:50.0249 3800 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys 10:19:50.0282 3800 usbohci - ok 10:19:50.0329 3800 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 10:19:50.0343 3800 usbprint - ok 10:19:50.0386 3800 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 10:19:50.0400 3800 usbscan - ok 10:19:50.0441 3800 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 10:19:50.0473 3800 USBSTOR - ok 10:19:50.0512 3800 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys 10:19:50.0524 3800 usbuhci - ok 10:19:50.0567 3800 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys 10:19:50.0583 3800 usbvideo - ok 10:19:50.0620 3800 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 10:19:50.0630 3800 vdrvroot - ok 10:19:50.0664 3800 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 10:19:50.0694 3800 vga - ok 10:19:50.0728 3800 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 10:19:50.0754 3800 VgaSave - ok 10:19:50.0784 3800 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 10:19:50.0796 3800 vhdmp - ok 10:19:50.0827 3800 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 10:19:50.0838 3800 viaagp - ok 10:19:50.0863 3800 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 10:19:50.0896 3800 ViaC7 - ok 10:19:50.0938 3800 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 10:19:50.0947 3800 viaide - ok 10:19:50.0974 3800 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 10:19:50.0985 3800 volmgr - ok 10:19:51.0015 3800 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 10:19:51.0030 3800 volmgrx - ok 10:19:51.0077 3800 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 10:19:51.0091 3800 volsnap - ok 10:19:51.0139 3800 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 10:19:51.0151 3800 vsmraid - ok 10:19:51.0184 3800 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys 10:19:51.0210 3800 vwifibus - ok 10:19:51.0241 3800 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys 10:19:51.0270 3800 vwififlt - ok 10:19:51.0307 3800 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 10:19:51.0332 3800 WacomPen - ok 10:19:51.0395 3800 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 10:19:51.0458 3800 WANARP - ok 10:19:51.0475 3800 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 10:19:51.0500 3800 Wanarpv6 - ok 10:19:51.0572 3800 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 10:19:51.0581 3800 Wd - ok 10:19:51.0613 3800 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 10:19:51.0632 3800 Wdf01000 - ok 10:19:51.0706 3800 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 10:19:51.0732 3800 WfpLwf - ok 10:19:51.0763 3800 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 10:19:51.0773 3800 WIMMount - ok 10:19:51.0878 3800 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys 10:19:51.0905 3800 WinUsb - ok 10:19:51.0939 3800 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 10:19:51.0962 3800 WmiAcpi - ok 10:19:52.0012 3800 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 10:19:52.0056 3800 ws2ifsl - ok 10:19:52.0114 3800 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 10:19:52.0150 3800 WudfPf - ok 10:19:52.0210 3800 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 10:19:52.0284 3800 WUDFRd - ok 10:19:52.0349 3800 yukonw7 (b07c5b7efdf936ff93d4f540938725be) C:\Windows\system32\DRIVERS\yk62x86.sys 10:19:52.0366 3800 yukonw7 - ok 10:19:52.0402 3800 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 10:19:52.0612 3800 \Device\Harddisk0\DR0 - ok 10:19:52.0627 3800 Boot (0x1200) (ab9c3f458846aa4505070124e9456fc2) \Device\Harddisk0\DR0\Partition0 10:19:52.0629 3800 \Device\Harddisk0\DR0\Partition0 - ok 10:19:52.0667 3800 Boot (0x1200) (95e78351fccb63d801d16fcf6567be26) \Device\Harddisk0\DR0\Partition1 10:19:52.0668 3800 \Device\Harddisk0\DR0\Partition1 - ok 10:19:52.0707 3800 Boot (0x1200) (7b080ef081319fc5937d01f29cf41bff) \Device\Harddisk0\DR0\Partition2 10:19:52.0708 3800 \Device\Harddisk0\DR0\Partition2 - ok 10:19:52.0726 3800 Boot (0x1200) (91b00e461e6114437d77a1c5480e260e) \Device\Harddisk0\DR0\Partition3 10:19:52.0726 3800 \Device\Harddisk0\DR0\Partition3 - ok 10:19:52.0730 3800 ============================================================ 10:19:52.0730 3800 Scan finished 10:19:52.0730 3800 ============================================================ 10:19:52.0747 3724 Detected object count: 0 10:19:52.0747 3724 Actual detected object count: 0 10:20:06.0687 2524 Deinitialize success
-
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-03-21 10:11:47 ----------------------------- 10:11:47.625 OS Version: Windows 6.1.7601 Service Pack 1 10:11:47.625 Number of processors: 1 586 0x602 10:11:47.629 ComputerName: MATTHEW-PC UserName: Matthew 10:12:07.067 Initialize success 10:12:21.779 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 10:12:21.779 Disk 0 Vendor: SAMSUNG_HM321HI 2AJ10003 Size: 305245MB BusType: 11 10:12:21.795 Disk 0 MBR read successfully 10:12:21.795 Disk 0 MBR scan 10:12:21.795 Disk 0 Windows XP default MBR code 10:12:21.811 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048 10:12:21.826 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 291855 MB offset 409600 10:12:21.857 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13086 MB offset 598128640 10:12:21.873 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 624928768 10:12:21.889 Disk 0 scanning sectors +625140400 10:12:21.935 Disk 0 scanning C:\Windows\system32\drivers 10:12:28.144 Service scanning 10:12:49.048 Modules scanning 10:13:00.935 Disk 0 trace - called modules: 10:13:01.279 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys dxgkrnl.sys atikmdag.sys dxgmms1.sys USBPORT.SYS usbohci.sys hidusb.sys HIDCLASS.SYS HIDPARSE.SYS mouhid.sys point32.sys Wdf01000.sys mouclass.sys?? 10:13:01.294 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x860bc4e8] 10:13:01.294 3 CLASSPNP.SYS[8899d59e] -> nt!IofCallDriver -> [0x852cc918] 10:13:01.310 5 ACPI.sys[833993d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x86090030] 10:13:01.310 7 mouhid.sys[9060978b] -> nt!IofCallDriver -> \Device\00000094[0x86f32d08] 10:13:01.325 9 hidusb.sys[907f3391] -> nt!IofCallDriver -> [0x86f41020] 10:13:01.325 11 usbfilter.sys[8f3ddbf0] -> nt!IofCallDriver -> \Device\USBPDO-7[0x86d236a8] 10:13:01.341 13 usbhub.sys[8e59dc88] -> nt!IofCallDriver -> [0x86b894e0] 10:13:01.357 15 usbfilter.sys[8f3ddbf0] -> nt!IofCallDriver -> \Device\USBPDO-0[0x86b8b028] 10:13:01.357 17 mouhid.sys[9060978b] -> nt!IofCallDriver -> \Device\00000094[0x86f32d08] 10:13:01.372 19 hidusb.sys[907f3391] -> nt!IofCallDriver -> [0x86f41020] 10:13:01.372 21 usbfilter.sys[8f3ddbf0] -> nt!IofCallDriver -> \Device\USBPDO-7[0x86d236a8] 10:13:01.388 23 usbhub.sys[8e59dc88] -> nt!IofCallDriver -> [0x86b894e0] 10:13:01.403 25 usbfilter.sys[8f3ddbf0] -> nt!IofCallDriver -> \Device\USBPDO-0[0x86b8b028] 10:13:01.403 27 mouhid.sys[9060978b] -> nt!IofCallDriver -> \Device\00000094[0x86f32d08] 10:13:01.419 29 hidusb.sys[907f3391] -> nt!IofCallDriver -> [0x86f41020] 10:13:01.419 31 usbfilter.sys[8f3ddbf0] -> nt!IofCallDriver -> \Device\USBPDO-7[0x86d236a8] 10:13:01.435 33 usbhub.sys[8e59dc88] -> nt!IofCallDriver -> [0x86b894e0] 10:13:01.450 35 usbfilter.sys[8f3ddbf0] -> nt!IofCallDriver -> \Device\USBPDO-0[0x86b8b028] 10:13:01.450 37 mouhid.sys[9060978b] -> nt!IofCallDriver -> \Device\00000094[0x86f32d08] 10:13:01.466 39 hidusb.sys[907f3391] -> nt!IofCallDriver -> [0x86f41020] 10:13:01.481 41 usbfilter.sys[8f3ddbf0] -> nt!IofCallDriver -> \Device\USBPDO-7[0x86d236a8] 10:13:01.481 43 usbhub.sys[8e59dc88] -> nt!IofCallDriver -> [0x86b894e0] 10:13:01.497 45 usbfilter.sys[8f3ddbf0] -> nt!IofCallDriver -> \Device\USBPDO-0[0x86b8b028] 10:13:01.513 Scan finished successfully 10:13:36.507 Disk 0 MBR has been saved successfully to "C:\Users\Matthew\Desktop\MBR.dat" 10:13:36.522 The log file has been saved successfully to "C:\Users\Matthew\Desktop\aswMBR.txt"
-
I certainly did, it stated that can not cure, will write standard boot codes or something though.
-
09:54:37.0004 6140 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43 09:54:38.0297 6140 ============================================================ 09:54:38.0297 6140 Current date / time: 2012/03/21 09:54:38.0297 09:54:38.0297 6140 SystemInfo: 09:54:38.0297 6140 09:54:38.0297 6140 OS Version: 6.1.7601 ServicePack: 1.0 09:54:38.0297 6140 Product type: Workstation 09:54:38.0298 6140 ComputerName: MATTHEW-PC 09:54:38.0298 6140 UserName: Matthew 09:54:38.0298 6140 Windows directory: C:\Windows 09:54:38.0298 6140 System windows directory: C:\Windows 09:54:38.0298 6140 Processor architecture: Intel x86 09:54:38.0298 6140 Number of processors: 1 09:54:38.0298 6140 Page size: 0x1000 09:54:38.0298 6140 Boot type: Normal boot 09:54:38.0298 6140 ============================================================ 09:54:40.0078 6140 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 09:54:40.0080 6140 \Device\Harddisk0\DR0: 09:54:40.0080 6140 MBR used 09:54:40.0080 6140 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800 09:54:40.0080 6140 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x23A07800 09:54:40.0080 6140 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23A6B800, BlocksNum 0x198F000 09:54:40.0080 6140 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0 09:54:40.0181 6140 Initialize success 09:54:40.0181 6140 ============================================================ 09:55:15.0133 2332 ============================================================ 09:55:15.0133 2332 Scan started 09:55:15.0133 2332 Mode: Manual; SigCheck; TDLFS; 09:55:15.0133 2332 ============================================================ 09:55:17.0447 2332 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 09:55:17.0548 2332 1394ohci - ok 09:55:17.0649 2332 a2acc (05dac43a484272de87eac038814a7840) C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys 09:55:17.0669 2332 a2acc - ok 09:55:17.0761 2332 A2DDA (f7eabca8375ea2dc6f35c4bca4757515) C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys 09:55:17.0793 2332 A2DDA - ok 09:55:17.0825 2332 a2injectiondriver (23aac49133765eeaa86a65452d21ef1c) C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys 09:55:17.0833 2332 a2injectiondriver - ok 09:55:17.0863 2332 a2util (2da26eb05b5495d3b2ee36456c239fb7) C:\Program Files\Emsisoft Anti-Malware\a2util32.sys 09:55:17.0873 2332 a2util - ok 09:55:17.0971 2332 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 09:55:17.0986 2332 ACPI - ok 09:55:18.0025 2332 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 09:55:18.0085 2332 AcpiPmi - ok 09:55:18.0235 2332 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 09:55:18.0255 2332 adp94xx - ok 09:55:18.0288 2332 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 09:55:18.0304 2332 adpahci - ok 09:55:18.0329 2332 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 09:55:18.0399 2332 adpu320 - ok 09:55:18.0491 2332 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 09:55:18.0537 2332 AFD - ok 09:55:18.0607 2332 AgereSoftModem (07758c2196a62f207f77556311e7459a) C:\Windows\system32\DRIVERS\AGRSM.sys 09:55:18.0677 2332 AgereSoftModem - ok 09:55:18.0794 2332 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 09:55:18.0804 2332 agp440 - ok 09:55:18.0837 2332 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 09:55:18.0847 2332 aic78xx - ok 09:55:18.0899 2332 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 09:55:18.0909 2332 aliide - ok 09:55:18.0959 2332 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 09:55:18.0969 2332 amdagp - ok 09:55:18.0989 2332 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 09:55:18.0999 2332 amdide - ok 09:55:19.0039 2332 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 09:55:19.0089 2332 AmdK8 - ok 09:55:19.0139 2332 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 09:55:19.0179 2332 AmdPPM - ok 09:55:19.0239 2332 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 09:55:19.0249 2332 amdsata - ok 09:55:19.0269 2332 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 09:55:19.0279 2332 amdsbs - ok 09:55:19.0309 2332 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 09:55:19.0319 2332 amdxata - ok 09:55:19.0371 2332 ApfiltrService (7df70a08b56cbbc874744d9b0b396272) C:\Windows\system32\DRIVERS\Apfiltr.sys 09:55:19.0391 2332 ApfiltrService - ok 09:55:19.0431 2332 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 09:55:19.0551 2332 AppID - ok 09:55:19.0733 2332 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 09:55:19.0743 2332 arc - ok 09:55:19.0783 2332 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 09:55:19.0793 2332 arcsas - ok 09:55:19.0883 2332 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 09:55:19.0983 2332 AsyncMac - ok 09:55:20.0095 2332 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 09:55:20.0105 2332 atapi - ok 09:55:20.0175 2332 athr (6a661d017c4e5cd313f6a55acf1d7465) C:\Windows\system32\DRIVERS\athr.sys 09:55:20.0255 2332 athr - ok 09:55:20.0405 2332 AtiHdmiService (e2398389648b5d44dc63ca43fdd5b3f8) C:\Windows\system32\drivers\AtiHdmi.sys 09:55:20.0415 2332 AtiHdmiService - ok 09:55:20.0535 2332 atikmdag (bcb9cf3b087dd15a8f33a149296e6183) C:\Windows\system32\DRIVERS\atikmdag.sys 09:55:20.0719 2332 atikmdag - ok 09:55:20.0829 2332 AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\Windows\system32\DRIVERS\AtiPcie.sys 09:55:20.0839 2332 AtiPcie - ok 09:55:20.0929 2332 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 09:55:20.0979 2332 b06bdrv - ok 09:55:21.0019 2332 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 09:55:21.0039 2332 b57nd60x - ok 09:55:21.0119 2332 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 09:55:21.0169 2332 Beep - ok 09:55:21.0231 2332 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 09:55:21.0261 2332 blbdrive - ok 09:55:21.0321 2332 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 09:55:21.0341 2332 bowser - ok 09:55:21.0371 2332 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 09:55:21.0421 2332 BrFiltLo - ok 09:55:21.0491 2332 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 09:55:21.0531 2332 BrFiltUp - ok 09:55:21.0641 2332 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys 09:55:21.0691 2332 BridgeMP - ok 09:55:21.0743 2332 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 09:55:21.0793 2332 Brserid - ok 09:55:21.0803 2332 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 09:55:21.0833 2332 BrSerWdm - ok 09:55:21.0863 2332 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 09:55:21.0903 2332 BrUsbMdm - ok 09:55:21.0937 2332 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 09:55:21.0975 2332 BrUsbSer - ok 09:55:22.0037 2332 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys 09:55:22.0077 2332 BthEnum - ok 09:55:22.0097 2332 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 09:55:22.0137 2332 BTHMODEM - ok 09:55:22.0177 2332 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys 09:55:22.0207 2332 BthPan - ok 09:55:22.0267 2332 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys 09:55:22.0317 2332 BTHPORT - ok 09:55:22.0367 2332 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys 09:55:22.0387 2332 BTHUSB - ok 09:55:22.0517 2332 catchme - ok 09:55:22.0562 2332 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 09:55:22.0934 2332 cdfs - ok 09:55:23.0000 2332 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys 09:55:23.0028 2332 cdrom - ok 09:55:23.0070 2332 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 09:55:23.0156 2332 circlass - ok 09:55:23.0189 2332 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 09:55:23.0204 2332 CLFS - ok 09:55:23.0265 2332 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 09:55:23.0299 2332 CmBatt - ok 09:55:23.0337 2332 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 09:55:23.0346 2332 cmdide - ok 09:55:23.0391 2332 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys 09:55:23.0409 2332 CNG - ok 09:55:23.0491 2332 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 09:55:23.0501 2332 Compbatt - ok 09:55:23.0571 2332 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 09:55:23.0611 2332 CompositeBus - ok 09:55:23.0651 2332 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 09:55:23.0661 2332 crcdisk - ok 09:55:23.0741 2332 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 09:55:23.0783 2332 DfsC - ok 09:55:23.0835 2332 dg_ssudbus (919f338fd36f47d860775368d0748780) C:\Windows\system32\DRIVERS\ssudbus.sys 09:55:23.0855 2332 dg_ssudbus - ok 09:55:23.0895 2332 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 09:55:23.0945 2332 discache - ok 09:55:24.0007 2332 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 09:55:24.0017 2332 Disk - ok 09:55:24.0061 2332 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 09:55:24.0089 2332 drmkaud - ok 09:55:24.0149 2332 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 09:55:24.0169 2332 DXGKrnl - ok 09:55:24.0271 2332 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 09:55:24.0361 2332 ebdrv - ok 09:55:24.0513 2332 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 09:55:24.0543 2332 elxstor - ok 09:55:24.0574 2332 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 09:55:24.0598 2332 ErrDev - ok 09:55:24.0643 2332 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 09:55:24.0673 2332 exfat - ok 09:55:24.0695 2332 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 09:55:24.0743 2332 fastfat - ok 09:55:24.0786 2332 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 09:55:24.0815 2332 fdc - ok 09:55:24.0860 2332 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 09:55:24.0865 2332 FileInfo - ok 09:55:24.0885 2332 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 09:55:24.0935 2332 Filetrace - ok 09:55:24.0975 2332 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 09:55:24.0997 2332 flpydisk - ok 09:55:25.0027 2332 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 09:55:25.0037 2332 FltMgr - ok 09:55:25.0087 2332 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 09:55:25.0107 2332 FsDepends - ok 09:55:25.0127 2332 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 09:55:25.0146 2332 Fs_Rec - ok 09:55:25.0189 2332 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 09:55:25.0209 2332 fvevol - ok 09:55:25.0253 2332 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 09:55:25.0261 2332 gagp30kx - ok 09:55:25.0291 2332 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 09:55:25.0331 2332 hcw85cir - ok 09:55:25.0381 2332 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 09:55:25.0421 2332 HdAudAddService - ok 09:55:25.0451 2332 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys 09:55:25.0481 2332 HDAudBus - ok 09:55:25.0521 2332 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 09:55:25.0551 2332 HidBatt - ok 09:55:25.0581 2332 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 09:55:25.0621 2332 HidBth - ok 09:55:25.0671 2332 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 09:55:25.0701 2332 HidIr - ok 09:55:25.0771 2332 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys 09:55:25.0801 2332 HidUsb - ok 09:55:25.0893 2332 HpqKbFiltr (1210960ff8928950d2a786895b0c424a) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys 09:55:25.0933 2332 HpqKbFiltr - ok 09:55:25.0983 2332 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 09:55:25.0993 2332 HpSAMD - ok 09:55:26.0053 2332 HTCAND32 (950cc1e6ae3a6cd23e0945cde089b02c) C:\Windows\system32\Drivers\ANDROIDUSB.sys 09:55:26.0113 2332 HTCAND32 - ok 09:55:26.0165 2332 htcnprot (339adefad60353f960e3ca67ce468c24) C:\Windows\system32\DRIVERS\htcnprot.sys 09:55:26.0205 2332 htcnprot - ok 09:55:26.0255 2332 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 09:55:26.0317 2332 HTTP - ok 09:55:26.0347 2332 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 09:55:26.0357 2332 hwpolicy - ok 09:55:26.0397 2332 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 09:55:26.0427 2332 i8042prt - ok 09:55:26.0477 2332 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 09:55:26.0497 2332 iaStorV - ok 09:55:26.0649 2332 igfx (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys 09:55:26.0793 2332 igfx - ok 09:55:26.0913 2332 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 09:55:26.0913 2332 iirsp - ok 09:55:26.0964 2332 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 09:55:26.0973 2332 intelide - ok 09:55:27.0005 2332 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 09:55:27.0025 2332 intelppm - ok 09:55:27.0065 2332 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 09:55:27.0095 2332 IpFilterDriver - ok 09:55:27.0151 2332 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 09:55:27.0217 2332 IPMIDRV - ok 09:55:27.0267 2332 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 09:55:27.0307 2332 IPNAT - ok 09:55:27.0347 2332 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 09:55:27.0397 2332 IRENUM - ok 09:55:27.0437 2332 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 09:55:27.0448 2332 isapnp - ok 09:55:27.0478 2332 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 09:55:27.0488 2332 iScsiPrt - ok 09:55:27.0528 2332 JMCR (8c17deb1995e593853373c30485e7368) C:\Windows\system32\DRIVERS\jmcr.sys 09:55:27.0568 2332 JMCR - ok 09:55:27.0618 2332 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys 09:55:27.0628 2332 kbdclass - ok 09:55:27.0668 2332 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys 09:55:27.0688 2332 kbdhid - ok 09:55:27.0738 2332 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys 09:55:27.0740 2332 KSecDD - ok 09:55:27.0770 2332 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys 09:55:27.0780 2332 KSecPkg - ok 09:55:27.0882 2332 Lavasoft Kernexplorer - ok 09:55:28.0034 2332 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 09:55:28.0084 2332 lltdio - ok 09:55:28.0136 2332 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 09:55:28.0156 2332 LSI_FC - ok 09:55:28.0187 2332 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 09:55:28.0198 2332 LSI_SAS - ok 09:55:28.0208 2332 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 09:55:28.0218 2332 LSI_SAS2 - ok 09:55:28.0258 2332 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 09:55:28.0268 2332 LSI_SCSI - ok 09:55:28.0288 2332 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 09:55:28.0328 2332 luafv - ok 09:55:28.0348 2332 MBAMProtector - ok 09:55:28.0400 2332 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 09:55:28.0410 2332 megasas - ok 09:55:28.0440 2332 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 09:55:28.0450 2332 MegaSR - ok 09:55:28.0500 2332 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 09:55:28.0540 2332 Modem - ok 09:55:28.0592 2332 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 09:55:28.0622 2332 monitor - ok 09:55:28.0672 2332 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys 09:55:28.0672 2332 mouclass - ok 09:55:28.0712 2332 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 09:55:28.0742 2332 mouhid - ok 09:55:28.0782 2332 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 09:55:28.0812 2332 mountmgr - ok 09:55:28.0847 2332 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 09:55:28.0854 2332 mpio - ok 09:55:28.0884 2332 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 09:55:28.0914 2332 mpsdrv - ok 09:55:28.0966 2332 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 09:55:29.0016 2332 MRxDAV - ok 09:55:29.0066 2332 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 09:55:29.0106 2332 mrxsmb - ok 09:55:29.0146 2332 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 09:55:29.0166 2332 mrxsmb10 - ok 09:55:29.0206 2332 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 09:55:29.0226 2332 mrxsmb20 - ok 09:55:29.0286 2332 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 09:55:29.0296 2332 msahci - ok 09:55:29.0336 2332 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 09:55:29.0346 2332 msdsm - ok 09:55:29.0396 2332 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 09:55:29.0426 2332 Msfs - ok 09:55:29.0468 2332 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 09:55:29.0538 2332 mshidkmdf - ok 09:55:29.0610 2332 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 09:55:29.0630 2332 msisadrv - ok 09:55:29.0732 2332 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 09:55:29.0772 2332 MSKSSRV - ok 09:55:29.0805 2332 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 09:55:29.0844 2332 MSPCLOCK - ok 09:55:29.0854 2332 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 09:55:29.0896 2332 MSPQM - ok 09:55:29.0926 2332 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 09:55:29.0936 2332 MsRPC - ok 09:55:29.0986 2332 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 09:55:29.0986 2332 mssmbios - ok 09:55:30.0006 2332 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 09:55:30.0046 2332 MSTEE - ok 09:55:30.0090 2332 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 09:55:30.0098 2332 MTConfig - ok 09:55:30.0118 2332 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 09:55:30.0128 2332 Mup - ok 09:55:30.0188 2332 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 09:55:30.0238 2332 NativeWifiP - ok 09:55:30.0331 2332 NBVol (e240f3204e86b7b6ccf266b2a2ad32b4) C:\Windows\system32\DRIVERS\NBVol.sys 09:55:30.0367 2332 NBVol - ok 09:55:30.0400 2332 NBVolUp (c0cf3cccce3c75f7280c89029ab47866) C:\Windows\system32\DRIVERS\NBVolUp.sys 09:55:30.0410 2332 NBVolUp - ok 09:55:30.0470 2332 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 09:55:30.0490 2332 NDIS - ok 09:55:30.0542 2332 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 09:55:30.0572 2332 NdisCap - ok 09:55:30.0614 2332 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 09:55:30.0644 2332 NdisTapi - ok 09:55:30.0706 2332 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 09:55:30.0770 2332 Ndisuio - ok 09:55:30.0798 2332 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 09:55:30.0838 2332 NdisWan - ok 09:55:30.0885 2332 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 09:55:30.0910 2332 NDProxy - ok 09:55:30.0952 2332 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 09:55:31.0002 2332 NetBIOS - ok 09:55:31.0042 2332 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 09:55:31.0072 2332 NetBT - ok 09:55:31.0257 2332 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys 09:55:31.0420 2332 netw5v32 - ok 09:55:31.0546 2332 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 09:55:31.0566 2332 nfrd960 - ok 09:55:31.0626 2332 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 09:55:31.0686 2332 Npfs - ok 09:55:31.0728 2332 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 09:55:31.0768 2332 nsiproxy - ok 09:55:31.0830 2332 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 09:55:31.0870 2332 Ntfs - ok 09:55:31.0907 2332 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 09:55:31.0952 2332 Null - ok 09:55:31.0993 2332 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 09:55:32.0004 2332 nvraid - ok 09:55:32.0024 2332 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 09:55:32.0042 2332 nvstor - ok 09:55:32.0076 2332 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 09:55:32.0086 2332 nv_agp - ok 09:55:32.0116 2332 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 09:55:32.0146 2332 ohci1394 - ok 09:55:32.0248 2332 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 09:55:32.0258 2332 Parport - ok 09:55:32.0288 2332 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 09:55:32.0298 2332 partmgr - ok 09:55:32.0331 2332 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 09:55:32.0368 2332 Parvdm - ok 09:55:32.0439 2332 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 09:55:32.0452 2332 pci - ok 09:55:32.0473 2332 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 09:55:32.0483 2332 pciide - ok 09:55:32.0528 2332 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 09:55:32.0542 2332 pcmcia - ok 09:55:32.0602 2332 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 09:55:32.0618 2332 pcw - ok 09:55:32.0655 2332 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 09:55:32.0710 2332 PEAUTH - ok 09:55:32.0800 2332 Point32 (896d916de06f5502d301e8c4dc442ae8) C:\Windows\system32\DRIVERS\point32.sys 09:55:32.0815 2332 Point32 - ok 09:55:32.0866 2332 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 09:55:32.0904 2332 PptpMiniport - ok 09:55:32.0932 2332 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 09:55:32.0956 2332 Processor - ok 09:55:33.0016 2332 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 09:55:33.0066 2332 Psched - ok 09:55:33.0128 2332 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 09:55:33.0158 2332 ql2300 - ok 09:55:33.0190 2332 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 09:55:33.0200 2332 ql40xx - ok 09:55:33.0230 2332 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 09:55:33.0250 2332 QWAVEdrv - ok 09:55:33.0280 2332 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 09:55:33.0330 2332 RasAcd - ok 09:55:33.0382 2332 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 09:55:33.0412 2332 RasAgileVpn - ok 09:55:33.0456 2332 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 09:55:33.0494 2332 Rasl2tp - ok 09:55:33.0546 2332 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 09:55:33.0596 2332 RasPppoe - ok 09:55:33.0638 2332 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 09:55:33.0688 2332 RasSstp - ok 09:55:33.0730 2332 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 09:55:33.0780 2332 rdbss - ok 09:55:33.0822 2332 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 09:55:33.0842 2332 rdpbus - ok 09:55:33.0882 2332 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 09:55:33.0922 2332 RDPCDD - ok 09:55:33.0968 2332 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 09:55:33.0994 2332 RDPENCDD - ok 09:55:34.0036 2332 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 09:55:34.0076 2332 RDPREFMP - ok 09:55:34.0127 2332 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys 09:55:34.0168 2332 RDPWD - ok 09:55:34.0240 2332 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 09:55:34.0270 2332 rdyboost - ok 09:55:34.0332 2332 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys 09:55:34.0342 2332 RFCOMM - ok 09:55:34.0422 2332 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 09:55:34.0452 2332 rspndr - ok 09:55:34.0504 2332 RTL8167 (26a9d6227d12b9d9da5a81bb9b55d810) C:\Windows\system32\DRIVERS\Rt86win7.sys 09:55:34.0554 2332 RTL8167 - ok 09:55:34.0611 2332 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 09:55:34.0616 2332 sbp2port - ok 09:55:34.0666 2332 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 09:55:34.0716 2332 scfilter - ok 09:55:34.0778 2332 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys 09:55:34.0808 2332 sdbus - ok 09:55:34.0858 2332 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 09:55:34.0898 2332 secdrv - ok 09:55:34.0960 2332 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 09:55:34.0990 2332 Serenum - ok 09:55:35.0020 2332 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 09:55:35.0254 2332 Serial - ok 09:55:35.0292 2332 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 09:55:35.0537 2332 sermouse - ok 09:55:35.0591 2332 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 09:55:35.0865 2332 sffdisk - ok 09:55:35.0887 2332 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 09:55:36.0042 2332 sffp_mmc - ok 09:55:36.0072 2332 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 09:55:36.0242 2332 sffp_sd - ok 09:55:36.0276 2332 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 09:55:36.0306 2332 sfloppy - ok 09:55:36.0372 2332 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 09:55:36.0382 2332 sisagp - ok 09:55:36.0418 2332 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 09:55:36.0428 2332 SiSRaid2 - ok 09:55:36.0448 2332 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 09:55:36.0458 2332 SiSRaid4 - ok 09:55:36.0501 2332 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 09:55:36.0740 2332 Smb - ok 09:55:36.0780 2332 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 09:55:36.0790 2332 spldr - ok 09:55:36.0850 2332 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 09:55:36.0902 2332 srv - ok 09:55:36.0942 2332 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 09:55:36.0962 2332 srv2 - ok 09:55:36.0999 2332 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS 09:55:37.0034 2332 SrvHsfHDA - ok 09:55:37.0074 2332 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS 09:55:37.0134 2332 SrvHsfV92 - ok 09:55:37.0174 2332 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS 09:55:37.0204 2332 SrvHsfWinac - ok 09:55:37.0242 2332 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 09:55:37.0378 2332 srvnet - ok 09:55:37.0458 2332 ssudmdm (8f299012ef58246f1c98de7b7e48dbf0) C:\Windows\system32\DRIVERS\ssudmdm.sys 09:55:37.0478 2332 ssudmdm - ok 09:55:37.0520 2332 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 09:55:37.0530 2332 stexstor - ok 09:55:37.0580 2332 STHDA (dadb74bf26766757dbba9c5912969ebf) C:\Windows\system32\DRIVERS\stwrt.sys 09:55:37.0610 2332 STHDA - ok 09:55:37.0659 2332 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 09:55:37.0667 2332 swenum - ok 09:55:37.0782 2332 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys 09:55:37.0812 2332 Tcpip - ok 09:55:37.0996 2332 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys 09:55:38.0026 2332 TCPIP6 - ok 09:55:38.0145 2332 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 09:55:38.0185 2332 tcpipreg - ok 09:55:38.0228 2332 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 09:55:38.0270 2332 TDPIPE - ok 09:55:38.0290 2332 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys 09:55:38.0330 2332 TDTCP - ok 09:55:38.0382 2332 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 09:55:38.0422 2332 tdx - ok 09:55:38.0470 2332 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 09:55:38.0474 2332 TermDD - ok 09:55:38.0556 2332 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 09:55:38.0586 2332 tssecsrv - ok 09:55:38.0628 2332 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 09:55:38.0668 2332 TsUsbFlt - ok 09:55:38.0739 2332 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 09:55:38.0799 2332 tunnel - ok 09:55:38.0839 2332 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 09:55:38.0841 2332 uagp35 - ok 09:55:38.0891 2332 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 09:55:38.0941 2332 udfs - ok 09:55:39.0003 2332 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 09:55:39.0014 2332 uliagpkx - ok 09:55:39.0053 2332 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys 09:55:39.0283 2332 umbus - ok 09:55:39.0309 2332 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 09:55:39.0565 2332 UmPass - ok 09:55:39.0626 2332 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys 09:55:39.0668 2332 USBAAPL - ok 09:55:39.0708 2332 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 09:55:39.0728 2332 usbccgp - ok 09:55:39.0778 2332 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 09:55:39.0788 2332 usbcir - ok 09:55:39.0818 2332 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 09:55:39.0848 2332 usbehci - ok 09:55:39.0918 2332 usbfilter (0150b06d3e73f6c27afcb963fd931820) C:\Windows\system32\DRIVERS\usbfilter.sys 09:55:39.0952 2332 usbfilter - ok 09:55:39.0990 2332 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 09:55:40.0020 2332 usbhub - ok 09:55:40.0070 2332 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys 09:55:40.0100 2332 usbohci - ok 09:55:40.0150 2332 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 09:55:40.0170 2332 usbprint - ok 09:55:40.0230 2332 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 09:55:40.0242 2332 usbscan - ok 09:55:40.0282 2332 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 09:55:40.0322 2332 USBSTOR - ok 09:55:40.0362 2332 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys 09:55:40.0372 2332 usbuhci - ok 09:55:40.0412 2332 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys 09:55:40.0452 2332 usbvideo - ok 09:55:40.0504 2332 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 09:55:40.0514 2332 vdrvroot - ok 09:55:40.0544 2332 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 09:55:40.0586 2332 vga - ok 09:55:40.0626 2332 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 09:55:40.0648 2332 VgaSave - ok 09:55:40.0683 2332 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 09:55:40.0695 2332 vhdmp - ok 09:55:40.0726 2332 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 09:55:40.0736 2332 viaagp - ok 09:55:40.0762 2332 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 09:55:40.0790 2332 ViaC7 - ok 09:55:40.0837 2332 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 09:55:40.0846 2332 viaide - ok 09:55:40.0873 2332 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 09:55:40.0882 2332 volmgr - ok 09:55:40.0912 2332 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 09:55:40.0929 2332 volmgrx - ok 09:55:40.0976 2332 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 09:55:40.0990 2332 volsnap - ok 09:55:41.0034 2332 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 09:55:41.0044 2332 vsmraid - ok 09:55:41.0083 2332 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys 09:55:41.0116 2332 vwifibus - ok 09:55:41.0146 2332 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys 09:55:41.0186 2332 vwififlt - ok 09:55:41.0227 2332 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 09:55:41.0268 2332 WacomPen - ok 09:55:41.0328 2332 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 09:55:41.0368 2332 WANARP - ok 09:55:41.0378 2332 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 09:55:41.0418 2332 Wanarpv6 - ok 09:55:41.0492 2332 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 09:55:41.0502 2332 Wd - ok 09:55:41.0533 2332 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 09:55:41.0542 2332 Wdf01000 - ok 09:55:41.0624 2332 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 09:55:41.0644 2332 WfpLwf - ok 09:55:41.0664 2332 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 09:55:41.0681 2332 WIMMount - ok 09:55:41.0776 2332 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys 09:55:41.0796 2332 WinUsb - ok 09:55:41.0837 2332 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 09:55:41.0858 2332 WmiAcpi - ok 09:55:41.0921 2332 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 09:55:41.0960 2332 ws2ifsl - ok 09:55:42.0032 2332 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 09:55:42.0062 2332 WudfPf - ok 09:55:42.0114 2332 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 09:55:42.0164 2332 WUDFRd - ok 09:55:42.0246 2332 yukonw7 (b07c5b7efdf936ff93d4f540938725be) C:\Windows\system32\DRIVERS\yk62x86.sys 09:55:42.0266 2332 yukonw7 - ok 09:55:42.0311 2332 MBR (0x1B8) (87b60ba824650a5a22043915b40a338e) \Device\Harddisk0\DR0 09:55:42.0338 2332 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected 09:55:42.0338 2332 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0) 09:55:42.0408 2332 Boot (0x1200) (ab9c3f458846aa4505070124e9456fc2) \Device\Harddisk0\DR0\Partition0 09:55:42.0408 2332 \Device\Harddisk0\DR0\Partition0 - ok 09:55:42.0418 2332 Boot (0x1200) (95e78351fccb63d801d16fcf6567be26) \Device\Harddisk0\DR0\Partition1 09:55:42.0418 2332 \Device\Harddisk0\DR0\Partition1 - ok 09:55:42.0461 2332 Boot (0x1200) (7b080ef081319fc5937d01f29cf41bff) \Device\Harddisk0\DR0\Partition2 09:55:42.0462 2332 \Device\Harddisk0\DR0\Partition2 - ok 09:55:42.0470 2332 Boot (0x1200) (91b00e461e6114437d77a1c5480e260e) \Device\Harddisk0\DR0\Partition3 09:55:42.0480 2332 \Device\Harddisk0\DR0\Partition3 - ok 09:55:42.0480 2332 ============================================================ 09:55:42.0480 2332 Scan finished 09:55:42.0480 2332 ============================================================ 09:55:42.0500 3748 Detected object count: 1 09:55:42.0500 3748 Actual detected object count: 1 09:56:25.0785 3748 \Device\Harddisk0\DR0\# - copied to quarantine 09:56:25.0786 3748 \Device\Harddisk0\DR0 - copied to quarantine 09:56:25.0824 3748 \Device\Harddisk0\DR0 - processing error 09:56:41.0825 3748 \Device\Harddisk0\DR0 - will be restored on reboot 09:56:42.0317 3748 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Cure Restore 09:56:45.0269 6128 Deinitialize success
-
ok after all that, combofix was able to tell me I are infected with rootkit.zeroaccess combofix kept crashing during scanning/removal, it also stated that it is in my tcp/ip settings my pc still disables a few of the my startup programs, like catcalyst control centre, malwarebytes (see the screen shot on post 1) everytime I open firefox it asks if I want it to be the default browser (even though I chose yes and tick the box) I get random popups from "webpage" stating either just "thankyou" or "congratulations you have won a ipad2" or "are you sure you want to navigate away from this page" I always shut them down with alt + F4
-
as requested . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31 Run by Matthew at 10:20:28 on 2012-03-20 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.1788.835 [GMT 11:00] . AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} . ============== Running Processes =============== . C:\PROGRA~1\AVG\AVG2012\avgrsx.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files\Emsisoft Anti-Malware\a2service.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe C:\Program Files\LSI SoftModem\agrsmsvc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files\AVG\AVG2012\avgnsx.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files\Hp\HP Software Update\hpwuschd2.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Windows\system32\conhost.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Users\Matthew\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files\Nero\Update\NASvc.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Users\Matthew\Downloads\ATF_Cleaner.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://friendly-google-search.blogspot.com uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~4\office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~4\office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll" TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll uRun: [Google Update] "c:\users\matthew\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [Apoint] c:\program files\apoint2k\Apoint.exe mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [<NO NAME>] mRun: [WirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe mRun: [sysTrayApp] c:\program files\idt\wdm\sttray.exe mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe" mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon mRun: [CanonSolutionMenuEx] c:\program files\canon\solution menu ex\CNSEMAIN.EXE /logon mRun: [iJNetworkScanUtility] c:\program files\canon\canon ij network scan utility\CNMNSUT.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [sSDMonitor] c:\program files\common files\pc tools\smonitor\SSDMonitor.exe uPolicies-explorer: NoInstrumentation = 1 mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) mPolicies-system: EnableLinkedConnections = 1 (0x1) IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105 IE: Upload to Facebook - c:\program files\uploadrabbitforfacebook\iecontext.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: DhcpNameServer = 203.12.160.35 203.12.160.36 192.168.1.1 TCP: Interfaces\{0C22E69E-3C0B-449F-8EC6-12F9AB67FC80} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{6E9E60BE-0811-410A-BA40-9D94B19AE934} : DhcpNameServer = 203.12.160.35 203.12.160.36 192.168.1.1 TCP: Interfaces\{6E9E60BE-0811-410A-BA40-9D94B19AE934}\E43435 : DhcpNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~4\office14\GROOVEEX.DLL mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe" . ================= FIREFOX =================== . FF - ProfilePath - c:\users\matthew\appdata\roaming\mozilla\firefox\profiles\0llz4515.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/ FF - plugin: c:\progra~1\common~1\nero\browse~1\npBrowserPlugin.dll FF - plugin: c:\progra~1\micros~4\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~4\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\users\matthew\appdata\local\google\update\1.3.21.99\npGoogleUpdate3.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2012-3-11 64512] R0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\drivers\NBVol.sys [2012-1-31 56496] R0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\drivers\NBVolUp.sys [2012-1-31 12464] R1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files\emsisoft anti-malware\a2ddax86.sys [2012-3-12 17904] R1 a2injectiondriver;a2injectiondriver;c:\program files\emsisoft anti-malware\a2dix86.sys [2012-3-12 34768] R1 a2util;a-squared Malware-IDS utility driver;c:\program files\emsisoft anti-malware\a2util32.sys [2012-3-12 11776] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-18 12872] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-11 67656] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2012-1-5 167936] R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2012-1-5 27320] S3 a2acc;a2acc;c:\program files\emsisoft anti-malware\a2accx86.sys [2012-3-12 51632] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2012-2-2 80184] S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-10-26 25088] S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2010-6-23 23040] S3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2009-7-29 116064] S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-12-23 15232] S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-11 4231168] S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-14 207360] S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-14 980992] S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-14 661504] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2012-2-2 181432] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-1-9 52224] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-7-14 311296] . =============== Created Last 30 ================ . 2012-03-17 06:01:10 -------- d-----w- c:\users\matthew\appdata\local\Wizards of the Coast 2012-03-17 06:00:25 -------- d-----w- c:\users\matthew\appdata\local\IsolatedStorage 2012-03-17 05:56:44 -------- d-----w- c:\users\matthew\appdata\local\Apps 2012-03-17 05:56:43 -------- d-----w- c:\users\matthew\appdata\local\Deployment 2012-03-17 04:21:51 -------- d-----w- c:\users\matthew\appdata\local\CyberLink 2012-03-13 13:53:22 -------- d-----w- c:\users\matthew\appdata\roaming\Registry Mechanic 2012-03-13 10:54:34 -------- d-----w- c:\users\matthew\appdata\roaming\SUPERAntiSpyware.com 2012-03-13 10:54:34 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-03-13 10:54:24 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-03-12 09:48:41 -------- d-----w- c:\program files\Emsisoft Anti-Malware 2012-03-12 00:11:24 880640 ----a-w- c:\windows\system32\UniBox10.ocx 2012-03-12 00:11:24 512472 ----a-w- c:\windows\system32\msxml.dll 2012-03-12 00:11:24 37336 ----a-w- c:\windows\system32\CleanMFT32.exe 2012-03-12 00:11:24 212992 ----a-w- c:\windows\system32\UniBoxVB12.ocx 2012-03-12 00:11:24 1101824 ----a-w- c:\windows\system32\UniBox210.ocx 2012-03-12 00:11:23 658432 ----a-w- c:\windows\system32\MSCOMCT2.OCX 2012-03-12 00:11:20 -------- d-----w- c:\program files\PC Tools 2012-03-12 00:11:20 -------- d-----w- c:\program files\common files\PC Tools 2012-03-12 00:07:59 -------- d-----w- c:\programdata\PC Tools 2012-03-12 00:07:58 -------- d-----w- c:\users\matthew\appdata\roaming\Product_RM 2012-03-11 11:56:00 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2012-03-11 11:51:24 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys 2012-03-11 11:51:11 -------- d-----w- c:\program files\Lavasoft 2012-03-11 07:59:40 -------- d-----w- c:\users\matthew\appdata\roaming\Malwarebytes 2012-03-11 07:59:29 -------- d-----w- c:\programdata\Malwarebytes 2012-03-11 07:59:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-03-11 06:15:07 -------- d--h--w- C:\$AVG 2012-03-11 06:13:43 -------- d-----w- c:\program files\DA2CE 2012-03-11 06:13:40 -------- d-----w- c:\program files\LP 2012-03-11 06:13:11 -------- d--h--w- c:\users\matthew\appdata\roaming\C4ADA 2012-03-03 09:52:17 -------- d--h--w- c:\users\matthew\appdata\local\Apple Computer 2012-03-03 09:51:14 -------- d-----w- c:\program files\iPod 2012-03-03 09:51:13 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2012-03-03 09:51:13 -------- d-----w- c:\program files\iTunes 2012-03-03 09:50:14 -------- d--h--w- c:\users\matthew\appdata\local\Apple 2012-03-03 09:48:29 -------- d-----w- c:\program files\Bonjour 2012-03-02 13:45:50 -------- d-----w- c:\programdata\PopCap Games 2012-03-02 12:44:01 -------- d-----w- c:\program files\Plants vs. Zombies 2 Zombatar 2012-02-29 10:09:27 -------- d--h--w- c:\users\matthew\appdata\roaming\Natural Threat.Ominous Shores 2012-02-29 06:06:40 -------- d-----w- c:\program files\Microsoft Synchronization Services 2012-02-29 06:04:26 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2012-02-29 06:03:29 -------- d-----w- c:\program files\Microsoft Analysis Services 2012-02-29 06:03:10 -------- d-----w- c:\windows\SHELLNEW 2012-02-27 07:39:28 -------- d--h--w- c:\users\matthew\appdata\roaming\GameInvest 2012-02-25 11:12:12 -------- d-----w- c:\users\matthew\appdata\roaming\JoyBits 2012-02-25 11:10:08 -------- d-----w- c:\program files\Foxy Games 2012-02-25 11:10:05 -------- d-----w- C:\Downloads 2012-02-23 19:20:33 -------- d--h--w- c:\users\matthew\appdata\roaming\Temp 2012-02-23 02:44:12 -------- d--h--w- c:\users\matthew\appdata\roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 2012-02-23 02:44:01 -------- d--h--w- c:\users\matthew\appdata\local\Htc 2012-02-23 02:43:04 -------- d-----w- c:\users\matthew\appdata\roaming\HTC 2012-02-23 02:41:15 -------- d-----w- c:\program files\Spirent Communications 2012-02-23 02:40:47 -------- d-----w- c:\program files\HTC 2012-02-23 02:39:37 -------- d-----w- c:\program files\MSXML 4.0 2012-02-19 09:44:47 -------- d-----w- c:\users\matthew\appdata\roaming\Friday's games . ==================== Find3M ==================== . 2012-03-13 12:25:19 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-02-16 07:11:31 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-01-31 04:51:49 152576 ----a-w- c:\windows\system32\msclmd.dll 2012-01-31 03:10:05 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-01-31 03:10:05 161792 ----a-w- c:\windows\system32\msls31.dll 2012-01-31 03:10:04 86528 ----a-w- c:\windows\system32\iesysprep.dll 2012-01-31 03:10:04 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-01-31 03:10:04 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-01-31 03:10:04 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-01-31 03:10:01 63488 ----a-w- c:\windows\system32\tdc.ocx 2012-01-31 03:10:01 367104 ----a-w- c:\windows\system32\html.iec 2012-01-31 03:10:00 74752 ----a-w- c:\windows\system32\iesetup.dll 2012-01-31 03:09:59 23552 ----a-w- c:\windows\system32\licmgr10.dll 2012-01-31 03:09:59 152064 ----a-w- c:\windows\system32\wextract.exe 2012-01-31 03:09:58 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-01-31 03:09:58 150528 ----a-w- c:\windows\system32\iexpress.exe 2012-01-31 03:09:58 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-01-31 03:09:57 35840 ----a-w- c:\windows\system32\imgutil.dll 2012-01-31 03:09:57 11776 ----a-w- c:\windows\system32\mshta.exe 2012-01-31 03:09:57 101888 ----a-w- c:\windows\system32\admparse.dll 2012-01-14 03:35:54 2343424 ----a-w- c:\windows\system32\win32k.sys 2012-01-04 21:38:10 505128 ----a-w- c:\windows\system32\msvcp71.dll 2012-01-04 21:38:10 353576 ----a-w- c:\windows\system32\msvcr71.dll 2012-01-04 21:38:10 29480 ----a-w- c:\windows\system32\msxml3a.dll 2012-01-04 21:28:54 0 ----a-w- c:\windows\ativpsrm.bin 2012-01-04 08:58:41 442880 ----a-w- c:\windows\system32\ntshrui.dll 2011-12-30 05:27:56 478720 ----a-w- c:\windows\system32\timedate.cpl . ============= FINISH: 10:29:32.10 ===============
-
Merged post Hi guys and gals, I really need some help, I have been infected with some unknown virus. I have run numerous scans with AVG and malwarebytes all coming back with nothing, The symptoms I am getting at are: Slow pc pop up messages on my desktop randomly "message from webpage, congrats you have won a ipad 2" everytime I start firefox I get "this is not your default browser, will you make it" I tick yes and dont ask me again. Have attached the 2 dds files, And Hijackthis Log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:06:46 PM, on 14/03/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files\Hp\HP Software Update\hpwuschd2.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Apoint2K\Apntex.exe C:\Windows\system32\conhost.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Users\Matthew\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe C:\Windows\system32\taskeng.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe C:\Users\Matthew\Downloads\HijackThis.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/CQALL/13 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://friendly-goog...ch.blogspot.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/CQALL/13 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/CQALL/13 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [sSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Upload to Facebook - C:\Program Files\UploadRabbitforFacebook\iecontext.htm O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Emsisoft Anti-Malware 6.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe -- End of file - 11092 bytesDDS.txtAttach.txt And I am now getting this error from Malwarebytes
-
Hi guys and gals, I really need some help, I have been infected with some unknown virus. I have run numerous scans with AVG and malwarebytes all coming back with nothing, The symptoms I am getting at are: Slow pc pop up messages on my desktop randomly "message from webpage, congrats you have won a ipad 2" everytime I start firefox I get "this is not your default browser, will you make it" I tick yes and dont ask me again. I have a hijackthis log below, but have no idea what to look for, hoping someone can help me Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:06:46 PM, on 14/03/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files\Hp\HP Software Update\hpwuschd2.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Apoint2K\Apntex.exe C:\Windows\system32\conhost.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Users\Matthew\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe C:\Windows\system32\taskeng.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe C:\Users\Matthew\Downloads\HijackThis.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/CQALL/13 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://friendly-google-search.blogspot.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/CQALL/13 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/CQALL/13 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing) O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [sSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Matthew\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Upload to Facebook - C:\Program Files\UploadRabbitforFacebook\iecontext.htm O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Emsisoft Anti-Malware 6.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe -- End of file - 11092 bytes