Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

svchost and other major problems


  • This topic is locked This topic is locked
6 replies to this topic

#1 kaml20

kaml20

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:31 AM

Posted 14 November 2011 - 09:54 PM

a week ago I had a problem where windows update would not download any updates, I installed and ran superantispyware and malwarebytes anti malware and thought I removed the problem as i was able to download and install updates. Now whenever I open google chrome (which is set to open last tabs that were closed) it goes to the gmail login screen, on top of that I get multiple svchost blocks from the malwarebytes software. My computer has also slowed down alot and every now and then my windows resets to different settings (such as large icons in the taskbar instead of the set small icons and my pinned icons would be changed to internet explorer, a documents folder and another icon). I run the scans from superantispyware and malwarebytes as well as my avast anti virus and they all come back clean. When I run the dds tool it just hangs and i have to manually reset the computer. therefor i have attached the ark.txt file. any and all help would be greatly appreciated.

Attached Files

  • Attached File  ark.txt   86.88KB   3 downloads


BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,768 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:06:31 PM

Posted 19 November 2011 - 04:32 PM

Hi,

could you please run OTL instead:
We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 kaml20

kaml20
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:31 AM

Posted 20 November 2011 - 07:26 PM

HERES THE OTL FILE :


OTL logfile created on: 11/20/2011 4:58:27 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\kamal patel\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.07 Gb Available Physical Memory | 53.62% Memory free
3.98 Gb Paging File | 2.86 Gb Available in Paging File | 71.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29.12 Gb Total Space | 9.68 Gb Free Space | 33.24% Space Free | Partition Type: NTFS
Drive D: | 30.22 Gb Total Space | 25.13 Gb Free Space | 83.15% Space Free | Partition Type: FAT32

Computer Name: TIIP | User Name: kamal patel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/20 16:57:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\kamal patel\Downloads\OTL.exe
PRC - [2011/11/10 19:23:52 | 000,490,840 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2011/09/06 15:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/09/06 15:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2010/11/20 07:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/15 00:39:54 | 000,420,920 | ---- | M] () -- C:\Users\kamal patel\AppData\Local\Google\Chrome\Application\15.0.874.121\ppgooglenaclpluginchrome.dll
MOD - [2011/11/15 00:39:53 | 003,702,840 | ---- | M] () -- C:\Users\kamal patel\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
MOD - [2011/11/15 00:38:16 | 000,122,952 | ---- | M] () -- C:\Users\kamal patel\AppData\Local\Google\Chrome\Application\15.0.874.121\avutil-51.dll
MOD - [2011/11/15 00:38:15 | 000,222,280 | ---- | M] () -- C:\Users\kamal patel\AppData\Local\Google\Chrome\Application\15.0.874.121\avformat-53.dll
MOD - [2011/11/15 00:38:14 | 001,746,504 | ---- | M] () -- C:\Users\kamal patel\AppData\Local\Google\Chrome\Application\15.0.874.121\avcodec-53.dll
MOD - [2011/11/14 21:36:18 | 008,593,056 | ---- | M] () -- C:\Users\kamal patel\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (NisSrv)
SRV - File not found [Disabled | Stopped] -- -- (MsMpSvc)
SRV - [2011/11/10 19:23:52 | 000,490,840 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2011/09/06 15:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/08/31 16:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/09/06 15:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 15:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 15:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 15:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 15:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/09/06 15:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/08/31 16:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/04/12 12:01:38 | 000,045,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV - [2010/11/26 18:02:20 | 000,015,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/11/20 07:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 07:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 07:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 04:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 04:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/10/24 21:25:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/10/24 21:25:38 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2009/09/15 03:36:26 | 000,807,936 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2009/07/22 19:25:06 | 000,014,336 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ffirel.sys -- (ffire)
DRV - [2009/07/13 19:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/07/13 18:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 18:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\serial.sys -- (Serial)
DRV - [2008/09/09 11:58:32 | 000,099,216 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008/07/18 01:01:00 | 000,269,760 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA004Vid.sys -- (OA004Vid)
DRV - [2008/06/03 17:30:24 | 000,144,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA004Ufd.sys -- (OA004Ufd)
DRV - [2008/05/06 15:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2007/04/19 15:21:14 | 000,009,856 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\EMSC.SYS -- (EMSC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2860463767-3579220854-3533538991-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2860463767-3579220854-3533538991-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2860463767-3579220854-3533538991-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-2860463767-3579220854-3533538991-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2D 1F 90 4E 05 9C CC 01 [binary data]
IE - HKU\S-1-5-21-2860463767-3579220854-3533538991-1000\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
IE - HKU\S-1-5-21-2860463767-3579220854-3533538991-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2860463767-3579220854-3533538991-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-2860463767-3579220854-3533538991-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.nyit.edu:80

========== FireFox ==========

FF - prefs.js..network.proxy.ftp: "proxy.nyit.edu"
FF - prefs.js..network.proxy.ftp_port: 80
FF - prefs.js..network.proxy.gopher: "proxy.nyit.edu"
FF - prefs.js..network.proxy.gopher_port: 80
FF - prefs.js..network.proxy.http: "proxy.nyit.edu"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.ssl: "proxy.nyit.edu"
FF - prefs.js..network.proxy.ssl_port: 80
FF - prefs.js..network.proxy.type: 4

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files\OnLive\Plugin\npolgdet.dll (OnLive)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\kamal patel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\kamal patel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\kamal patel\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\kamal patel\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/14 13:52:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/18 14:44:37 | 000,000,000 | ---D | M]

[2011/10/22 16:13:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/02/14 19:34:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/03/13 13:56:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/09 21:06:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/10/22 16:13:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/10/03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/02/19 11:33:59 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\kamal patel\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\kamal patel\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\kamal patel\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\kamal patel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\kamal patel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - MRI_DISABLED - No CLSID value found.
O3 - HKU\S-1-5-21-2860463767-3579220854-3533538991-1000\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKU\S-1-5-21-2860463767-3579220854-3533538991-1000\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-21-2860463767-3579220854-3533538991-1000..\Run: [Advanced SystemCare 5] C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-2860463767-3579220854-3533538991-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\All Users\Adobe [2011/11/18 14:45:02 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\AIM [2009/12/24 15:19:30 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Alwil Software [2011/02/19 11:24:39 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Apple [2010/07/14 14:04:03 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Apple Computer [2010/07/14 13:55:56 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Application Data [2009/11/22 13:14:31 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Desktop [2009/11/22 13:14:31 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\DivX [2011/11/18 14:49:25 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Documents [2009/11/22 13:14:31 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\ezsidmv.dat ()
O4 - Startup: C:\Users\All Users\Favorites [2009/11/22 13:14:31 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Geek Squad [2010/07/17 10:42:58 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\IObit [2011/11/17 22:10:25 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\kinoma [2011/02/23 13:21:43 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Macrovision [2011/05/16 08:36:15 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Malwarebytes [2011/11/05 15:17:59 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\McAfee [2011/03/13 13:49:38 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Microsoft [2011/02/10 00:15:45 | 000,000,000 | --SD | M]
O4 - Startup: C:\Users\All Users\Microsoft Help [2011/11/07 23:26:10 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Norton [2009/12/28 05:05:19 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\NortonInstaller [2009/12/28 05:01:13 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Skype [2010/12/08 17:22:06 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Start Menu [2009/11/22 13:14:31 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Sun [2011/02/14 19:40:20 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\SUPERAntiSpyware.com [2011/11/05 14:28:44 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Symantec [2009/12/28 05:01:19 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Templates [2009/11/22 13:14:31 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\All Users\Vista32 [2011/11/06 10:31:10 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\Vista64 [2011/11/06 10:31:06 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\XP32 [2011/11/06 12:21:18 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\All Users\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2010/07/14 14:00:12 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Default\AppData [2009/07/13 21:37:05 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\Default\Application Data [2009/11/22 13:14:28 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Cookies [2009/11/22 13:14:28 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Desktop [2009/07/13 21:04:25 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Documents [2009/11/22 13:14:27 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Downloads [2009/07/13 21:04:25 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Favorites [2009/07/13 21:04:25 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Links [2009/07/13 21:04:25 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\Local Settings [2009/11/22 13:14:30 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Music [2009/07/13 21:04:25 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\My Documents [2009/11/22 13:14:27 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\NetHood [2009/11/22 13:14:28 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\NTUSER.DAT ()
O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG1 ()
O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG2 ()
O4 - Startup: C:\Users\Default\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf ()
O4 - Startup: C:\Users\Default\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Users\Default\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Users\Default\Pictures [2009/07/13 21:04:25 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Default\PrintHood [2009/11/22 13:14:28 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Recent [2009/11/22 13:14:29 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Saved Games [2009/07/13 21:04:25 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\Default\SendTo [2009/11/22 13:14:29 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Start Menu [2009/11/22 13:14:30 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Templates [2009/11/22 13:14:30 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\Default\Videos [2009/07/13 21:04:25 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\kamal patel\.pdfsam [2011/05/11 08:12:16 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\kamal patel\AppData [2009/11/22 13:22:38 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\kamal patel\Application Data [2009/11/22 13:22:37 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\kamal patel\Contacts [2011/04/16 14:06:23 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\kamal patel\Cookies [2009/11/22 13:22:37 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\kamal patel\Desktop [2011/11/20 11:36:02 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\kamal patel\My Documents [2009/11/22 13:22:37 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\kamal patel\Downloads [2011/11/20 16:57:47 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\kamal patel\Favorites [2011/04/16 14:06:23 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\kamal patel\Library [2011/02/23 13:21:44 | 000,000,000 | ---D | M]
O4 - Startup: C:\Users\kamal patel\Links [2011/11/17 22:16:45 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\kamal patel\Local Settings [2009/11/22 13:22:38 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\kamal patel\Music [2011/04/21 22:46:03 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\kamal patel\My Documents [2009/11/22 13:22:37 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\kamal patel\NetHood [2009/11/22 13:22:37 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\kamal patel\NTUSER.DAT ()
O4 - Startup: C:\Users\kamal patel\ntuser.dat.LOG1 ()
O4 - Startup: C:\Users\kamal patel\ntuser.dat.LOG2 ()
O4 - Startup: C:\Users\kamal patel\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf ()
O4 - Startup: C:\Users\kamal patel\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Users\kamal patel\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Users\kamal patel\NTUSER.DAT{7d244c0e-e0fd-11de-8148-0024e8b23e36}.TM.blf ()
O4 - Startup: C:\Users\kamal patel\NTUSER.DAT{7d244c0e-e0fd-11de-8148-0024e8b23e36}.TMContainer00000000000000000001.regtrans-ms ()
O4 - Startup: C:\Users\kamal patel\NTUSER.DAT{7d244c0e-e0fd-11de-8148-0024e8b23e36}.TMContainer00000000000000000002.regtrans-ms ()
O4 - Startup: C:\Users\kamal patel\ntuser.ini ()
O4 - Startup: C:\Users\kamal patel\Pictures [2011/04/16 14:06:23 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\kamal patel\PrintHood [2009/11/22 13:22:37 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\kamal patel\Recent [2009/11/22 13:22:37 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\kamal patel\Saved Games [2011/04/16 14:06:24 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\kamal patel\Searches [2011/04/16 14:06:23 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\kamal patel\SendTo [2009/11/22 13:22:37 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\kamal patel\Start Menu [2009/11/22 13:22:38 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\kamal patel\Templates [2009/11/22 13:22:38 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Users\kamal patel\Videos [2011/10/25 15:07:33 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Desktop [2011/11/20 11:38:09 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Users\Public\Documents [2009/11/22 13:14:32 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Downloads [2009/07/13 23:41:57 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Favorites [2009/07/13 21:04:25 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Users\Public\Libraries [2010/10/26 12:54:41 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Users\Public\Music [2011/04/21 22:46:03 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Pictures [2011/04/21 22:45:53 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Recorded TV [2011/11/20 13:50:48 | 000,000,000 | R--D | M]
O4 - Startup: C:\Users\Public\Videos [2011/04/21 22:45:49 | 000,000,000 | R--D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2BC27FEB-8260-43D6-B81F-C08BAB77F851}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/20 11:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OnLive
[2011/11/20 11:37:58 | 000,000,000 | ---D | C] -- C:\Program Files\OnLive
[2011/11/20 11:01:57 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/11/18 21:37:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
[2011/11/18 21:36:53 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2011/11/18 21:22:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
[2011/11/18 20:57:56 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011/11/18 16:30:54 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011/11/18 06:47:49 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2011/11/17 22:10:25 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2011/11/17 22:08:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 5
[2011/11/17 22:07:09 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2011/11/14 20:01:01 | 000,000,000 | -HSD | C] -- C:\found.007
[2011/11/14 20:01:01 | 000,000,000 | -HSD | C] -- \found.007
[2011/11/07 01:47:02 | 000,000,000 | ---D | C] -- C:\20bfc4f9ef7e6da3fd
[2011/11/07 01:47:02 | 000,000,000 | ---D | C] -- \20bfc4f9ef7e6da3fd
[2011/11/06 18:24:52 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Resource Kits
[2011/11/06 14:11:51 | 006,216,032 | ---- | C] (Microsoft Corporation) -- C:\windowsupdateagent30-x86.exe
[2011/11/06 10:31:07 | 000,000,000 | ---D | C] -- C:\ProgramData\XP32
[2011/11/06 10:31:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Vista64
[2011/11/06 10:31:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Vista32
[2011/11/06 10:28:29 | 000,000,000 | ---D | C] -- C:\Program Files\Battery Meter
[2011/11/06 09:33:14 | 000,000,000 | ---D | C] -- C:\Program Files\Dell
[2011/11/06 09:33:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\Dell
[2011/11/05 21:51:49 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2011/11/05 17:28:42 | 000,000,000 | ---D | C] -- C:\a91a918572e6cedd86fa
[2011/11/05 17:28:42 | 000,000,000 | ---D | C] -- \a91a918572e6cedd86fa
[2011/11/05 15:18:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/05 15:17:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/11/05 15:17:53 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/11/05 15:17:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/11/05 14:28:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/11/05 14:28:44 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011/11/05 14:28:41 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/11/05 12:46:40 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/11/05 12:46:40 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/11/05 12:46:40 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/11/05 12:46:18 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/11/05 12:44:41 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/11/05 12:44:41 | 000,000,000 | ---D | C] -- \Qoobox
[2011/10/26 18:24:06 | 000,000,000 | -HSD | C] -- C:\found.006
[2011/10/26 18:24:06 | 000,000,000 | -HSD | C] -- \found.006
[2011/10/25 14:50:07 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011/10/23 01:08:02 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2011/10/22 16:13:10 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/10/22 16:13:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/10/22 16:13:10 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

========== Files - Modified Within 30 Days ==========

[2011/11/20 17:05:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/20 16:46:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2860463767-3579220854-3533538991-1000UA.job
[2011/11/20 16:36:45 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/20 14:46:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2860463767-3579220854-3533538991-1000Core.job
[2011/11/20 11:38:09 | 000,001,799 | ---- | M] () -- C:\Users\Public\Desktop\OnLive Launcher.lnk
[2011/11/20 11:01:57 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/11/20 09:13:01 | 000,634,588 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/20 09:13:01 | 000,109,802 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/20 09:04:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/20 09:04:28 | 1603,084,288 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/18 20:57:59 | 000,000,941 | ---- | M] () -- C:\Users\kamal patel\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/11/17 22:48:49 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/17 22:48:48 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/16 18:00:00 | 000,000,486 | ---- | M] () -- C:\Windows\tasks\Norton Security Scan for kamal patel.job
[2011/11/08 04:27:18 | 000,410,856 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/11/07 22:46:37 | 000,002,141 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/11/06 14:12:04 | 006,216,032 | ---- | M] (Microsoft Corporation) -- C:\windowsupdateagent30-x86.exe
[2011/11/01 13:39:22 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

========== Files Created - No Company Name ==========

[2011/11/20 11:38:09 | 000,001,799 | ---- | C] () -- C:\Users\Public\Desktop\OnLive Launcher.lnk
[2011/11/18 21:23:04 | 000,025,944 | ---- | C] () -- C:\Windows\System32\SmartDefragBootTime.exe
[2011/11/18 21:22:55 | 000,015,672 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
[2011/11/18 20:57:59 | 000,000,941 | ---- | C] () -- C:\Users\kamal patel\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/11/18 16:31:50 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011/11/17 22:39:19 | 000,020,312 | ---- | C] () -- C:\Windows\System32\RegistryDefragBootTime.exe
[2011/11/06 14:11:51 | 006,216,032 | ---- | C] () -- \windowsupdateagent30-x86.exe
[2011/11/05 12:46:41 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/11/05 12:46:40 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/11/05 12:46:40 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/11/05 12:46:40 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/11/05 12:46:40 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/09/26 17:58:16 | 000,004,745 | ---- | C] () -- C:\Windows\SigPlus.ini
[2011/04/16 11:57:49 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/04/16 11:55:24 | 000,193,536 | ---- | C] () -- C:\Windows\System32\sppcomapi.dll
[2011/04/16 11:54:11 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2010/12/08 17:24:19 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/24 15:19:02 | 000,000,694 | -H-- | C] () -- \IPH.PH
[2009/12/07 17:58:48 | 000,000,209 | ---- | C] () -- C:\Windows\Setuplog.ini
[2009/11/22 15:52:51 | 1603,084,288 | -HS- | C] () -- \hiberfil.sys
[2009/11/22 15:51:59 | 000,000,211 | -H-- | C] () -- \Boot.BAK
[2009/11/22 13:16:17 | 000,171,136 | RHS- | C] () -- \w7ldr
[2009/11/22 12:18:57 | 000,008,192 | RHS- | C] () -- \BOOTSECT.BAK
[2009/11/22 12:18:51 | 000,383,786 | RHS- | C] () -- \bootmgr
[2009/11/04 22:34:28 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2009/11/04 22:34:28 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2009/11/04 14:22:09 | 000,000,210 | RHS- | C] () -- \BOOT.001
[2009/11/04 14:21:20 | 000,000,355 | RHS- | C] () -- \Boot.ini.saved
[2009/10/21 20:43:31 | 000,047,564 | RHS- | C] () -- \NTDETECT.COM
[2009/10/21 20:18:14 | 000,250,048 | RHS- | C] () -- \ntldr
[2009/09/15 03:35:56 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 000,410,856 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,634,588 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,109,802 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 21:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2009/07/13 21:04:04 | 000,000,010 | ---- | C] () -- \config.sys
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2007/04/19 15:21:14 | 000,266,240 | ---- | C] () -- C:\Windows\System32\EMSC.DLL
[2007/04/19 15:21:14 | 000,009,856 | ---- | C] () -- C:\Windows\System32\drivers\EMSC.sys

< End of report >


























HERES THE EXTRAS FILE:


OTL Extras logfile created on: 11/20/2011 4:58:27 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\kamal patel\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.07 Gb Available Physical Memory | 53.62% Memory free
3.98 Gb Paging File | 2.86 Gb Available in Paging File | 71.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29.12 Gb Total Space | 9.68 Gb Free Space | 33.24% Space Free | Partition Type: NTFS
Drive D: | 30.22 Gb Total Space | 25.13 Gb Free Space | 83.15% Space Free | Partition Type: FAT32

Computer Name: TIIP | User Name: kamal patel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\WinHlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\WinHlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java™ 6 Update 29
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{449A16C4-83B3-426C-AA4A-00A34E80C093}" = Smart Battery
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{543A4F31-9590-416A-A621-42CEB4C6A694}" = Battery Meter
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{82705358-3BD6-3CD5-AA9A-B8F058BE3A29}" = Google Talk Plugin
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C2F9B2C-1585-43AD-9EF9-48AAD60DFC04}" = Microsoft IntelliPoint 8.1
"{A212E6C2-20F7-4A8E-BD8E-DC3EE7483FA2}" = PRS-500 USB driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4CFC5F3-481C-40AA-9944-E7E4E732136C}" = Microsoft IntelliType Pro 8.0
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEF06E73-A519-4510-8CF3-B66041B91D8A}" = EMSC
"75070B1806113224B16C70296B90DD1AD8A53479" = Windows Driver Package - Sony Corporation (PRSUSB) USB (08/08/2006 1.0.03.08080)
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 5_is1" = Advanced SystemCare 5
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Creative OA004" = Integrated Webcam Driver (1.00.03.0720)
"DivX Setup" = DivX Setup
"FlashFire" = FlashFire
"Foxit Creator" = Foxit Creator
"Foxit Reader" = Foxit Reader
"HDMI" = Intel® Graphics Media Accelerator Driver
"InstallShield_{449A16C4-83B3-426C-AA4A-00A34E80C093}" = Smart Battery
"InstallShield_{543A4F31-9590-416A-A621-42CEB4C6A694}" = Battery Meter
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"OnLive" = OnLive
"SMALLBUSINESSR" = Microsoft Office Small Business 2007
"Smart Defrag 2_is1" = Smart Defrag 2
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.10
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2860463767-3579220854-3533538991-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/20/2011 3:56:34 PM | Computer Name = tiip | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 47440

Error - 11/20/2011 3:56:34 PM | Computer Name = tiip | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 47440

Error - 11/20/2011 3:56:50 PM | Computer Name = tiip | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 11/20/2011 3:56:50 PM | Computer Name = tiip | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 63040

Error - 11/20/2011 3:56:50 PM | Computer Name = tiip | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 63040

Error - 11/20/2011 3:57:06 PM | Computer Name = tiip | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 11/20/2011 3:57:06 PM | Computer Name = tiip | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 78625

Error - 11/20/2011 3:57:06 PM | Computer Name = tiip | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 78625

Error - 11/20/2011 5:57:55 PM | Computer Name = tiip | Source = Microsoft-Windows-User Profiles Service | ID = 1542
Description = Windows cannot load classes registry file. DETAIL - The system cannot
find the file specified.

Error - 11/20/2011 5:57:56 PM | Computer Name = tiip | Source = Microsoft-Windows-User Profiles Service | ID = 1542
Description = Windows cannot load classes registry file. DETAIL - The system cannot
find the file specified.

[ OSession Events ]
Error - 4/1/2011 8:41:46 PM | Computer Name = kamalpatel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 289
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 11/19/2011 8:04:29 PM | Computer Name = tiip | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the IPBusEnum service.

Error - 11/19/2011 8:04:59 PM | Computer Name = tiip | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Wlansvc service.

Error - 11/19/2011 8:05:29 PM | Computer Name = tiip | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the AudioEndpointBuilder service.

Error - 11/20/2011 3:07:39 AM | Computer Name = tiip | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
cdrom

Error - 11/20/2011 10:05:09 AM | Computer Name = tiip | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
cdrom

Error - 11/20/2011 10:08:55 AM | Computer Name = tiip | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Media Player Network Sharing Service service to connect.

Error - 11/20/2011 10:08:55 AM | Computer Name = tiip | Source = Service Control Manager | ID = 7000
Description = The Windows Media Player Network Sharing Service service failed to
start due to the following error: %%1053

Error - 11/20/2011 12:47:53 PM | Computer Name = tiip | Source = Service Control Manager | ID = 7034
Description = The MBAMService service terminated unexpectedly. It has done this
1 time(s).

Error - 11/20/2011 12:58:05 PM | Computer Name = tiip | Source = DCOM | ID = 10001
Description =

Error - 11/20/2011 2:54:17 PM | Computer Name = tiip | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 30000 milliseconds: Restart the service.


< End of report >

#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,768 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:06:31 PM

Posted 20 November 2011 - 08:04 PM

Hi,

could you please also run TDSSKiller:
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.
  • Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.

    "%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt

  • If it says "Hidden service detected" DO NOT type anything in. Just press Enter on your keyboard to not do anything to the file.
  • When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here.

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 kaml20

kaml20
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:31 AM

Posted 20 November 2011 - 10:47 PM

22:45:02.0609 3952 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50
22:45:03.0794 3952 ============================================================
22:45:03.0794 3952 Current date / time: 2011/11/20 22:45:03.0794
22:45:03.0794 3952 SystemInfo:
22:45:03.0794 3952
22:45:03.0794 3952 OS Version: 6.1.7601 ServicePack: 1.0
22:45:03.0794 3952 Product type: Workstation
22:45:03.0794 3952 ComputerName: TIIP
22:45:03.0794 3952 UserName: kamal patel
22:45:03.0794 3952 Windows directory: C:\Windows
22:45:03.0794 3952 System windows directory: C:\Windows
22:45:03.0794 3952 Processor architecture: Intel x86
22:45:03.0794 3952 Number of processors: 2
22:45:03.0794 3952 Page size: 0x1000
22:45:03.0794 3952 Boot type: Normal boot
22:45:03.0794 3952 ============================================================
22:45:04.0855 3952 Initialize success
22:45:20.0907 1252 ============================================================
22:45:20.0907 1252 Scan started
22:45:20.0907 1252 Mode: Manual;
22:45:20.0907 1252 ============================================================
22:45:23.0357 1252 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
22:45:23.0388 1252 1394ohci - ok
22:45:23.0450 1252 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
22:45:23.0450 1252 ACPI - ok
22:45:23.0513 1252 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
22:45:23.0528 1252 AcpiPmi - ok
22:45:23.0637 1252 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
22:45:23.0653 1252 adp94xx - ok
22:45:23.0731 1252 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
22:45:23.0747 1252 adpahci - ok
22:45:23.0793 1252 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
22:45:23.0809 1252 adpu320 - ok
22:45:23.0949 1252 AFD (1151fd4fb0216cfed887bfde29ebd516) C:\Windows\system32\drivers\afd.sys
22:45:23.0981 1252 AFD - ok
22:45:24.0012 1252 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
22:45:24.0027 1252 agp440 - ok
22:45:24.0074 1252 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
22:45:24.0090 1252 aic78xx - ok
22:45:24.0152 1252 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
22:45:24.0168 1252 aliide - ok
22:45:24.0230 1252 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
22:45:24.0230 1252 amdagp - ok
22:45:24.0277 1252 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
22:45:24.0293 1252 amdide - ok
22:45:24.0339 1252 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
22:45:24.0355 1252 AmdK8 - ok
22:45:24.0417 1252 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
22:45:24.0417 1252 AmdPPM - ok
22:45:24.0480 1252 amdsata (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
22:45:24.0495 1252 amdsata - ok
22:45:24.0558 1252 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
22:45:24.0573 1252 amdsbs - ok
22:45:24.0620 1252 amdxata (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
22:45:24.0620 1252 amdxata - ok
22:45:24.0683 1252 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
22:45:24.0698 1252 AppID - ok
22:45:24.0807 1252 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
22:45:24.0823 1252 arc - ok
22:45:24.0885 1252 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
22:45:24.0901 1252 arcsas - ok
22:45:24.0948 1252 aswFsBlk (c47623ffd181a1e7d63574dde2a0a711) C:\Windows\system32\drivers\aswFsBlk.sys
22:45:24.0963 1252 aswFsBlk - ok
22:45:25.0010 1252 aswMonFlt (4804753a4ec7d67cc22d226bffd1c1e3) C:\Windows\system32\drivers\aswMonFlt.sys
22:45:25.0026 1252 aswMonFlt - ok
22:45:25.0088 1252 aswRdr (36239e24470a3dd81fae37510953cc6c) C:\Windows\system32\drivers\aswRdr.sys
22:45:25.0088 1252 aswRdr - ok
22:45:25.0182 1252 aswSnx (caa846e9c83836bdc3d2d700c678db65) C:\Windows\system32\drivers\aswSnx.sys
22:45:25.0197 1252 aswSnx - ok
22:45:25.0260 1252 aswSP (748ae7f2d7da33adb063fe05704a9969) C:\Windows\system32\drivers\aswSP.sys
22:45:25.0275 1252 aswSP - ok
22:45:25.0322 1252 aswTdi (ca9925ce1dbd07ffe1eb357752cf5577) C:\Windows\system32\drivers\aswTdi.sys
22:45:25.0338 1252 aswTdi - ok
22:45:25.0400 1252 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
22:45:25.0400 1252 AsyncMac - ok
22:45:25.0447 1252 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
22:45:25.0463 1252 atapi - ok
22:45:25.0619 1252 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
22:45:25.0650 1252 b06bdrv - ok
22:45:25.0712 1252 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
22:45:25.0728 1252 b57nd60x - ok
22:45:25.0915 1252 BCM43XX (f9ce9b5e049efc66b8e6c73c18ee8438) C:\Windows\system32\DRIVERS\bcmwl6.sys
22:45:25.0993 1252 BCM43XX - ok
22:45:26.0087 1252 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
22:45:26.0102 1252 Beep - ok
22:45:26.0180 1252 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
22:45:26.0196 1252 blbdrive - ok
22:45:26.0289 1252 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
22:45:26.0289 1252 bowser - ok
22:45:26.0352 1252 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:45:26.0367 1252 BrFiltLo - ok
22:45:26.0399 1252 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:45:26.0414 1252 BrFiltUp - ok
22:45:26.0508 1252 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
22:45:26.0539 1252 Brserid - ok
22:45:26.0586 1252 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
22:45:26.0601 1252 BrSerWdm - ok
22:45:26.0648 1252 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:45:26.0664 1252 BrUsbMdm - ok
22:45:26.0711 1252 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
22:45:26.0726 1252 BrUsbSer - ok
22:45:26.0773 1252 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
22:45:26.0789 1252 BTHMODEM - ok
22:45:26.0898 1252 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
22:45:26.0898 1252 cdfs - ok
22:45:26.0960 1252 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
22:45:26.0976 1252 cdrom - ok
22:45:27.0054 1252 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
22:45:27.0069 1252 circlass - ok
22:45:27.0116 1252 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
22:45:27.0163 1252 CLFS - ok
22:45:27.0241 1252 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
22:45:27.0257 1252 CmBatt - ok
22:45:27.0319 1252 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
22:45:27.0319 1252 cmdide - ok
22:45:27.0397 1252 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
22:45:27.0428 1252 CNG - ok
22:45:27.0475 1252 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
22:45:27.0491 1252 Compbatt - ok
22:45:27.0537 1252 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
22:45:27.0537 1252 CompositeBus - ok
22:45:27.0615 1252 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
22:45:27.0615 1252 crcdisk - ok
22:45:27.0740 1252 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
22:45:27.0771 1252 CSC - ok
22:45:27.0834 1252 dc3d (734bbe7c66e6fd6047a1bd29b9343b30) C:\Windows\system32\DRIVERS\dc3d.sys
22:45:27.0849 1252 dc3d - ok
22:45:27.0959 1252 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
22:45:27.0974 1252 DfsC - ok
22:45:28.0037 1252 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
22:45:28.0037 1252 discache - ok
22:45:28.0099 1252 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
22:45:28.0115 1252 Disk - ok
22:45:28.0255 1252 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
22:45:28.0255 1252 drmkaud - ok
22:45:28.0349 1252 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
22:45:28.0395 1252 DXGKrnl - ok
22:45:28.0442 1252 E1G60 (22ef8965101685add128f03a2b03ce16) C:\Windows\system32\DRIVERS\E1G60I32.sys
22:45:28.0458 1252 E1G60 - ok
22:45:28.0692 1252 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
22:45:28.0832 1252 ebdrv - ok
22:45:28.0988 1252 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
22:45:29.0004 1252 elxstor - ok
22:45:29.0066 1252 EMSC (553cff6cf3622de0d7fefdebe72a6395) C:\Windows\system32\DRIVERS\EMSC.SYS
22:45:29.0082 1252 EMSC - ok
22:45:29.0129 1252 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
22:45:29.0144 1252 ErrDev - ok
22:45:29.0253 1252 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
22:45:29.0285 1252 exfat - ok
22:45:29.0347 1252 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
22:45:29.0363 1252 fastfat - ok
22:45:29.0441 1252 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
22:45:29.0441 1252 fdc - ok
22:45:29.0534 1252 ffire (769a8b96332dbbc2ec9fae9f4c99902b) C:\Windows\system32\DRIVERS\ffirel.sys
22:45:29.0550 1252 ffire - ok
22:45:29.0612 1252 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
22:45:29.0628 1252 FileInfo - ok
22:45:29.0690 1252 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
22:45:29.0706 1252 Filetrace - ok
22:45:29.0753 1252 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
22:45:29.0768 1252 flpydisk - ok
22:45:29.0831 1252 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
22:45:29.0846 1252 FltMgr - ok
22:45:29.0940 1252 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
22:45:29.0940 1252 FsDepends - ok
22:45:30.0002 1252 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
22:45:30.0018 1252 Fs_Rec - ok
22:45:30.0080 1252 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
22:45:30.0080 1252 fvevol - ok
22:45:30.0143 1252 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:45:30.0158 1252 gagp30kx - ok
22:45:30.0299 1252 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
22:45:30.0299 1252 hcw85cir - ok
22:45:30.0361 1252 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
22:45:30.0377 1252 HdAudAddService - ok
22:45:30.0455 1252 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
22:45:30.0455 1252 HDAudBus - ok
22:45:30.0517 1252 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
22:45:30.0533 1252 HidBatt - ok
22:45:30.0595 1252 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
22:45:30.0611 1252 HidBth - ok
22:45:30.0673 1252 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
22:45:30.0673 1252 HidIr - ok
22:45:30.0767 1252 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
22:45:30.0767 1252 HidUsb - ok
22:45:30.0891 1252 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
22:45:30.0907 1252 HpSAMD - ok
22:45:30.0985 1252 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
22:45:31.0016 1252 HTTP - ok
22:45:31.0063 1252 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
22:45:31.0063 1252 hwpolicy - ok
22:45:31.0125 1252 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
22:45:31.0157 1252 i8042prt - ok
22:45:31.0235 1252 iaStorV (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
22:45:31.0266 1252 iaStorV - ok
22:45:31.0593 1252 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
22:45:31.0812 1252 igfx - ok
22:45:31.0874 1252 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
22:45:31.0874 1252 iirsp - ok
22:45:31.0999 1252 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
22:45:32.0015 1252 intelide - ok
22:45:32.0093 1252 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
22:45:32.0093 1252 intelppm - ok
22:45:32.0186 1252 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:45:32.0202 1252 IpFilterDriver - ok
22:45:32.0280 1252 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
22:45:32.0295 1252 IPMIDRV - ok
22:45:32.0358 1252 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
22:45:32.0389 1252 IPNAT - ok
22:45:32.0467 1252 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
22:45:32.0483 1252 IRENUM - ok
22:45:32.0545 1252 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
22:45:32.0561 1252 isapnp - ok
22:45:32.0623 1252 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
22:45:32.0639 1252 iScsiPrt - ok
22:45:32.0701 1252 JMCR (8da4444217d286fdd3a4ed6b4ac5c635) C:\Windows\system32\DRIVERS\jmcr.sys
22:45:32.0701 1252 JMCR - ok
22:45:32.0763 1252 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:45:32.0779 1252 kbdclass - ok
22:45:32.0841 1252 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
22:45:32.0857 1252 kbdhid - ok
22:45:32.0935 1252 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
22:45:32.0951 1252 KSecDD - ok
22:45:33.0013 1252 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
22:45:33.0013 1252 KSecPkg - ok
22:45:33.0153 1252 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
22:45:33.0153 1252 lltdio - ok
22:45:33.0263 1252 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:45:33.0294 1252 LSI_FC - ok
22:45:33.0325 1252 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:45:33.0356 1252 LSI_SAS - ok
22:45:33.0419 1252 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:45:33.0419 1252 LSI_SAS2 - ok
22:45:33.0481 1252 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:45:33.0497 1252 LSI_SCSI - ok
22:45:33.0543 1252 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
22:45:33.0575 1252 luafv - ok
22:45:33.0606 1252 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
22:45:33.0621 1252 MBAMProtector - ok
22:45:33.0731 1252 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
22:45:33.0746 1252 megasas - ok
22:45:33.0793 1252 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
22:45:33.0824 1252 MegaSR - ok
22:45:33.0887 1252 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
22:45:33.0902 1252 Modem - ok
22:45:33.0980 1252 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
22:45:33.0980 1252 monitor - ok
22:45:34.0043 1252 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
22:45:34.0058 1252 mouclass - ok
22:45:34.0105 1252 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
22:45:34.0121 1252 mouhid - ok
22:45:34.0183 1252 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
22:45:34.0199 1252 mountmgr - ok
22:45:34.0261 1252 MpFilter (7e34bfa1a7b60bba1da03d677f16cd63) C:\Windows\system32\DRIVERS\MpFilter.sys
22:45:34.0277 1252 MpFilter - ok
22:45:34.0323 1252 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
22:45:34.0339 1252 mpio - ok
22:45:34.0401 1252 MpNWMon (f32e2d6a1640a469a9ed4f1929a4a861) C:\Windows\system32\DRIVERS\MpNWMon.sys
22:45:34.0417 1252 MpNWMon - ok
22:45:34.0495 1252 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
22:45:34.0495 1252 mpsdrv - ok
22:45:34.0589 1252 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
22:45:34.0604 1252 MRxDAV - ok
22:45:34.0682 1252 mrxsmb (ed3d3419b064f28d812995ed8cadc541) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:45:34.0682 1252 mrxsmb - ok
22:45:34.0760 1252 mrxsmb10 (dc914446049169a964e27fd8888ffaee) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:45:34.0776 1252 mrxsmb10 - ok
22:45:34.0854 1252 mrxsmb20 (e7d90388d14fae057c166c1801e0bf94) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:45:34.0854 1252 mrxsmb20 - ok
22:45:34.0916 1252 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
22:45:34.0947 1252 msahci - ok
22:45:35.0010 1252 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
22:45:35.0010 1252 msdsm - ok
22:45:35.0150 1252 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
22:45:35.0166 1252 Msfs - ok
22:45:35.0259 1252 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
22:45:35.0275 1252 mshidkmdf - ok
22:45:35.0322 1252 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
22:45:35.0337 1252 msisadrv - ok
22:45:35.0478 1252 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
22:45:35.0478 1252 MSKSSRV - ok
22:45:35.0571 1252 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
22:45:35.0587 1252 MSPCLOCK - ok
22:45:35.0649 1252 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
22:45:35.0665 1252 MSPQM - ok
22:45:35.0727 1252 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
22:45:35.0743 1252 MsRPC - ok
22:45:35.0821 1252 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
22:45:35.0821 1252 mssmbios - ok
22:45:35.0883 1252 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
22:45:35.0883 1252 MSTEE - ok
22:45:35.0961 1252 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
22:45:35.0977 1252 MTConfig - ok
22:45:36.0039 1252 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
22:45:36.0055 1252 Mup - ok
22:45:36.0164 1252 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
22:45:36.0180 1252 NativeWifiP - ok
22:45:36.0273 1252 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
22:45:36.0289 1252 NDIS - ok
22:45:36.0351 1252 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
22:45:36.0367 1252 NdisCap - ok
22:45:36.0414 1252 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
22:45:36.0414 1252 NdisTapi - ok
22:45:36.0476 1252 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
22:45:36.0492 1252 Ndisuio - ok
22:45:36.0585 1252 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
22:45:36.0601 1252 NdisWan - ok
22:45:36.0648 1252 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
22:45:36.0663 1252 NDProxy - ok
22:45:36.0710 1252 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
22:45:36.0726 1252 NetBIOS - ok
22:45:36.0788 1252 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
22:45:36.0804 1252 NetBT - ok
22:45:36.0991 1252 netr28u (954e3565a7d6951af3da5b0f649e42fb) C:\Windows\system32\DRIVERS\netr28u.sys
22:45:37.0038 1252 netr28u - ok
22:45:37.0131 1252 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
22:45:37.0147 1252 nfrd960 - ok
22:45:37.0194 1252 NisDrv (17e2c08c5ecfbe94a7c67b1c275ee9d9) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:45:37.0225 1252 NisDrv - ok
22:45:37.0334 1252 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
22:45:37.0350 1252 Npfs - ok
22:45:37.0443 1252 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
22:45:37.0443 1252 nsiproxy - ok
22:45:37.0599 1252 Ntfs (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
22:45:37.0646 1252 Ntfs - ok
22:45:37.0693 1252 NuidFltr (ef2b9a14ec5dd74ade3417faf1b45e16) C:\Windows\system32\DRIVERS\NuidFltr.sys
22:45:37.0709 1252 NuidFltr - ok
22:45:37.0771 1252 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
22:45:37.0787 1252 Null - ok
22:45:37.0849 1252 nvraid (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
22:45:37.0865 1252 nvraid - ok
22:45:37.0927 1252 nvstor (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
22:45:38.0021 1252 nvstor - ok
22:45:38.0067 1252 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
22:45:38.0083 1252 nv_agp - ok
22:45:38.0145 1252 OA004Ufd (a015dd2ba6009c8bdd00a6c431302d06) C:\Windows\system32\DRIVERS\OA004Ufd.sys
22:45:38.0161 1252 OA004Ufd - ok
22:45:38.0223 1252 OA004Vid (12a4366ff51befbdf018f654ff8b22b8) C:\Windows\system32\DRIVERS\OA004Vid.sys
22:45:38.0255 1252 OA004Vid - ok
22:45:38.0333 1252 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
22:45:38.0348 1252 ohci1394 - ok
22:45:38.0473 1252 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
22:45:38.0473 1252 Parport - ok
22:45:38.0551 1252 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
22:45:38.0567 1252 partmgr - ok
22:45:38.0629 1252 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
22:45:38.0629 1252 Parvdm - ok
22:45:38.0738 1252 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
22:45:38.0754 1252 pci - ok
22:45:38.0816 1252 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
22:45:38.0832 1252 pciide - ok
22:45:38.0894 1252 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
22:45:38.0910 1252 pcmcia - ok
22:45:38.0972 1252 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
22:45:38.0972 1252 pcw - ok
22:45:39.0081 1252 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
22:45:39.0113 1252 PEAUTH - ok
22:45:39.0425 1252 Point32 (60a044879c4fa76314494f5fddc43b93) C:\Windows\system32\DRIVERS\point32.sys
22:45:39.0440 1252 Point32 - ok
22:45:39.0612 1252 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
22:45:39.0643 1252 PptpMiniport - ok
22:45:39.0690 1252 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
22:45:39.0721 1252 Processor - ok
22:45:39.0830 1252 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
22:45:39.0830 1252 Psched - ok
22:45:40.0080 1252 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
22:45:40.0392 1252 ql2300 - ok
22:45:40.0454 1252 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
22:45:40.0470 1252 ql40xx - ok
22:45:40.0595 1252 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
22:45:40.0610 1252 QWAVEdrv - ok
22:45:40.0688 1252 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
22:45:40.0704 1252 RasAcd - ok
22:45:40.0766 1252 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:45:40.0766 1252 RasAgileVpn - ok
22:45:40.0891 1252 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:45:40.0891 1252 Rasl2tp - ok
22:45:41.0000 1252 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
22:45:41.0016 1252 RasPppoe - ok
22:45:41.0109 1252 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
22:45:41.0125 1252 RasSstp - ok
22:45:41.0172 1252 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
22:45:41.0203 1252 rdbss - ok
22:45:41.0265 1252 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
22:45:41.0265 1252 rdpbus - ok
22:45:41.0328 1252 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:45:41.0343 1252 RDPCDD - ok
22:45:41.0437 1252 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
22:45:41.0453 1252 RDPDR - ok
22:45:41.0515 1252 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
22:45:41.0531 1252 RDPENCDD - ok
22:45:41.0655 1252 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
22:45:41.0655 1252 RDPREFMP - ok
22:45:41.0765 1252 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
22:45:41.0765 1252 RdpVideoMiniport - ok
22:45:41.0843 1252 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
22:45:41.0858 1252 RDPWD - ok
22:45:41.0952 1252 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
22:45:41.0983 1252 rdyboost - ok
22:45:42.0186 1252 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
22:45:42.0186 1252 rspndr - ok
22:45:42.0279 1252 RTL8167 (3849d5d73bdd9b7bc4e3305ddc345b2c) C:\Windows\system32\DRIVERS\Rt86win7.sys
22:45:42.0311 1252 RTL8167 - ok
22:45:42.0357 1252 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
22:45:42.0373 1252 s3cap - ok
22:45:42.0420 1252 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:45:42.0420 1252 SASDIFSV - ok
22:45:42.0482 1252 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
22:45:42.0498 1252 SASKUTIL - ok
22:45:42.0560 1252 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
22:45:42.0576 1252 sbp2port - ok
22:45:42.0638 1252 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
22:45:42.0654 1252 scfilter - ok
22:45:42.0763 1252 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
22:45:42.0779 1252 sdbus - ok
22:45:42.0857 1252 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:45:42.0872 1252 secdrv - ok
22:45:42.0997 1252 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
22:45:43.0028 1252 Serenum - ok
22:45:43.0106 1252 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
22:45:43.0122 1252 Serial - ok
22:45:43.0262 1252 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
22:45:43.0371 1252 sermouse - ok
22:45:43.0621 1252 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
22:45:43.0683 1252 sffdisk - ok
22:45:43.0761 1252 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
22:45:43.0761 1252 sffp_mmc - ok
22:45:43.0964 1252 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
22:45:44.0042 1252 sffp_sd - ok
22:45:44.0120 1252 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
22:45:44.0136 1252 sfloppy - ok
22:45:44.0276 1252 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
22:45:44.0292 1252 sisagp - ok
22:45:44.0370 1252 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:45:44.0385 1252 SiSRaid2 - ok
22:45:44.0713 1252 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
22:45:44.0807 1252 SiSRaid4 - ok
22:45:44.0916 1252 SmartDefragDriver (bf302072dc8374cf4e118fd88aa817a2) C:\Windows\system32\Drivers\SmartDefragDriver.sys
22:45:44.0931 1252 SmartDefragDriver - ok
22:45:44.0994 1252 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
22:45:45.0009 1252 Smb - ok
22:45:45.0134 1252 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
22:45:45.0150 1252 spldr - ok
22:45:45.0306 1252 srv (4e636465a8653ba3bf29f929aa578e6f) C:\Windows\system32\DRIVERS\srv.sys
22:45:45.0321 1252 srv - ok
22:45:45.0462 1252 srv2 (4e4e17a3865f650ee8c67726872d9431) C:\Windows\system32\DRIVERS\srv2.sys
22:45:45.0477 1252 srv2 - ok
22:45:45.0633 1252 srvnet (1346dff5be932939997d373d61a35626) C:\Windows\system32\DRIVERS\srvnet.sys
22:45:45.0649 1252 srvnet - ok
22:45:45.0774 1252 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
22:45:45.0789 1252 stexstor - ok
22:45:45.0867 1252 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
22:45:45.0899 1252 storflt - ok
22:45:46.0039 1252 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
22:45:46.0257 1252 storvsc - ok
22:45:46.0335 1252 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
22:45:46.0335 1252 swenum - ok
22:45:46.0413 1252 Synth3dVsc - ok
22:45:46.0663 1252 Tcpip (37e8fa3779668837ca9e2c36d2415949) C:\Windows\system32\drivers\tcpip.sys
22:45:46.0710 1252 Tcpip - ok
22:45:46.0835 1252 TCPIP6 (37e8fa3779668837ca9e2c36d2415949) C:\Windows\system32\DRIVERS\tcpip.sys
22:45:46.0881 1252 TCPIP6 - ok
22:45:46.0991 1252 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
22:45:47.0006 1252 tcpipreg - ok
22:45:47.0131 1252 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
22:45:47.0147 1252 TDPIPE - ok
22:45:47.0209 1252 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
22:45:47.0225 1252 TDTCP - ok
22:45:47.0287 1252 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
22:45:47.0303 1252 tdx - ok
22:45:47.0396 1252 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
22:45:47.0396 1252 TermDD - ok
22:45:47.0661 1252 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:45:47.0677 1252 tssecsrv - ok
22:45:47.0739 1252 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
22:45:47.0739 1252 TsUsbFlt - ok
22:45:47.0802 1252 tsusbhub - ok
22:45:47.0911 1252 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
22:45:47.0927 1252 tunnel - ok
22:45:48.0020 1252 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
22:45:48.0020 1252 uagp35 - ok
22:45:48.0176 1252 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
22:45:48.0207 1252 udfs - ok
22:45:48.0379 1252 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
22:45:48.0410 1252 uliagpkx - ok
22:45:48.0488 1252 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
22:45:48.0488 1252 umbus - ok
22:45:48.0566 1252 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
22:45:48.0582 1252 UmPass - ok
22:45:48.0707 1252 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
22:45:48.0738 1252 USBAAPL - ok
22:45:48.0800 1252 usbccgp (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\DRIVERS\usbccgp.sys
22:45:48.0816 1252 usbccgp - ok
22:45:48.0878 1252 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
22:45:48.0894 1252 usbcir - ok
22:45:48.0956 1252 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
22:45:48.0972 1252 usbehci - ok
22:45:49.0065 1252 usbhub (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\drivers\usbhub.sys
22:45:49.0097 1252 usbhub - ok
22:45:49.0143 1252 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
22:45:49.0159 1252 usbohci - ok
22:45:49.0221 1252 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
22:45:49.0221 1252 usbprint - ok
22:45:49.0315 1252 USBSTOR (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:45:49.0331 1252 USBSTOR - ok
22:45:49.0409 1252 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
22:45:49.0409 1252 usbuhci - ok
22:45:49.0487 1252 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
22:45:49.0502 1252 usbvideo - ok
22:45:49.0627 1252 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
22:45:49.0643 1252 vdrvroot - ok
22:45:49.0752 1252 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
22:45:49.0767 1252 vga - ok
22:45:49.0877 1252 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
22:45:49.0877 1252 VgaSave - ok
22:45:49.0939 1252 VGPU - ok
22:45:50.0048 1252 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
22:45:50.0064 1252 vhdmp - ok
22:45:50.0142 1252 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
22:45:50.0173 1252 viaagp - ok
22:45:50.0220 1252 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
22:45:50.0235 1252 ViaC7 - ok
22:45:50.0298 1252 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
22:45:50.0313 1252 viaide - ok
22:45:50.0407 1252 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
22:45:50.0423 1252 vmbus - ok
22:45:50.0485 1252 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
22:45:50.0501 1252 VMBusHID - ok
22:45:50.0563 1252 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
22:45:50.0579 1252 volmgr - ok
22:45:50.0641 1252 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
22:45:50.0672 1252 volmgrx - ok
22:45:50.0735 1252 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
22:45:50.0766 1252 volsnap - ok
22:45:50.0828 1252 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
22:45:50.0859 1252 vsmraid - ok
22:45:50.0953 1252 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
22:45:50.0953 1252 vwifibus - ok
22:45:51.0031 1252 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
22:45:51.0047 1252 vwififlt - ok
22:45:51.0125 1252 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
22:45:51.0125 1252 vwifimp - ok
22:45:51.0265 1252 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
22:45:51.0281 1252 WacomPen - ok
22:45:51.0359 1252 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:45:51.0374 1252 WANARP - ok
22:45:51.0421 1252 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:45:51.0437 1252 Wanarpv6 - ok
22:45:51.0639 1252 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
22:45:51.0639 1252 Wd - ok
22:45:51.0702 1252 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
22:45:51.0717 1252 WDC_SAM - ok
22:45:51.0842 1252 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
22:45:51.0873 1252 Wdf01000 - ok
22:45:52.0139 1252 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
22:45:52.0139 1252 WfpLwf - ok
22:45:52.0201 1252 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
22:45:52.0217 1252 WIMMount - ok
22:45:52.0513 1252 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
22:45:52.0529 1252 WinUsb - ok
22:45:52.0669 1252 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
22:45:52.0685 1252 WmiAcpi - ok
22:45:52.0887 1252 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
22:45:52.0903 1252 ws2ifsl - ok
22:45:52.0997 1252 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\Windows\system32\DRIVERS\WSDPrint.sys
22:45:53.0012 1252 WSDPrintDevice - ok
22:45:53.0153 1252 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
22:45:53.0168 1252 WudfPf - ok
22:45:53.0262 1252 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:45:53.0262 1252 WUDFRd - ok
22:45:53.0496 1252 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:45:53.0558 1252 \Device\Harddisk0\DR0 - ok
22:45:53.0574 1252 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
22:45:53.0621 1252 \Device\Harddisk1\DR1 - ok
22:45:53.0636 1252 Boot (0x1200) (7cd39f2b6cea51600c34e6d11f15b144) \Device\Harddisk0\DR0\Partition0
22:45:53.0652 1252 \Device\Harddisk0\DR0\Partition0 - ok
22:45:53.0667 1252 Boot (0x1200) (010bba0134814f554fab64d048387411) \Device\Harddisk1\DR1\Partition0
22:45:53.0667 1252 \Device\Harddisk1\DR1\Partition0 - ok
22:45:53.0683 1252 ============================================================
22:45:53.0683 1252 Scan finished
22:45:53.0683 1252 ============================================================
22:45:53.0777 1088 Detected object count: 0
22:45:53.0777 1088 Actual detected object count: 0

#6 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,768 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:06:31 PM

Posted 21 November 2011 - 06:34 PM

Hi,

do you have a linux live-cd or dual boot? If so please let me know.

If not please follow these instructions:
Try this please. You will need a USB drive.

Download http://unetbootin.sourceforge.net/unetbootin-xpud-windows-latest.exe & http://noahdfear.net/downloads/bootable/xPUD/xpud-0.9.2.iso to the desktop of your clean computer
  • Insert your USB drive
  • Press Start > My Computer > right click your USB drive > choose Format > Quick format
  • Double click the unetbootin-xpud-windows-387.exe that you just downloaded
  • Press Run then OK
  • It will install a little bootable OS on your USB
  • After it has completed do not choose to reboot the clean computer simply close the installer
  • Download xPUDtestdisk.exe and save it to the USB device
  • Double click xPUDtestdisk.exe to extract the contents to your USB device
  • Remove the USB and insert it in the sick computer
  • Boot the Sick computer
  • Press F12 and choose to boot from the USB
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Press Tool at the top
  • Choose Open Terminal
  • Type in: dd if=/dev/sda of=MBRbackup.zip bs=512 count=1 and hit Enter.

MBRbackup.zip should be created on your flash drive, please attach it to your next reply.

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#7 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,768 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:06:31 PM

Posted 03 December 2011 - 09:26 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users