Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

WIN32:DNS Changer Trojan


  • This topic is locked This topic is locked
30 replies to this topic

#1 verkie

verkie

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 30 December 2011 - 12:53 AM

Recently I scanned using Avast and around 20 of the same Trojans popped up and I couldn't move to the chest. I also can't turn on the firewall and programs slowly down a lot. Thanks in advance.

.
DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_21
Run by Harvey at 16:43:36 on 2011-12-30
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.4094.1478 [GMT 11:00]
.
AV: avast! Antivirus *Enabled/Outdated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\WTouch\WTouchService.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\Explorer.EXE
C:\Program Files\WTouch\WTouchUser.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\TP-LINK\QSS\HwBtnSvc.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\TP-LINK\QSS\HwBtnDetector.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Pen_Tablet.exe
C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\WTablet\Pen_TabletUser.exe
C:\Windows\system32\Pen_Tablet.exe
C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
C:\Users\Harvey\AppData\Local\Akamai\netsession_win.exe
C:\Windows\system32\WUDFHost.exe
C:\Users\Harvey\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe
C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\splwow64.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Harvey\AppData\Local\Google\Update\1.3.21.79\GoogleCrashHandler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\Harvey\Desktop\OTL.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2801948
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_AU&c=94&bd=Presario&pf=cndt
uInternet Settings,ProxyServer = http=127.0.0.1:56323
uURLSearchHooks: Messenger Plus Live Toolbar: {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Program Files (x86)\Messenger_Plus_Live\tbMess.dll
mURLSearchHooks: Messenger Plus Live Toolbar: {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Program Files (x86)\Messenger_Plus_Live\tbMess.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: AOL Toolbar BHO: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Messenger Plus Live Toolbar: {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Program Files (x86)\Messenger_Plus_Live\tbMess.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
TB: Messenger Plus Live Toolbar: {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Program Files (x86)\Messenger_Plus_Live\tbMess.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
uRun: [Akamai NetSession Interface] "C:\Users\Harvey\AppData\Local\Akamai\netsession_win.exe"
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun: [jswtrayutil] "C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mPolicies-explorer: HideSCAHealth = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &AOL Toolbar Search - C:\ProgramData\AOL\ieToolbar\resources\en-AU\local\search.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: Interfaces\{681CC664-085B-4D5C-9EAF-77E509431443} : DhcpNameServer = 10.0.0.138
TCP: Interfaces\{FC90F14E-9A54-4CD5-99A9-FB2CA99F12B3} : NameServer = 202.136.43.208 202.136.42.208
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
BHO-X64: Conduit Engine - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: AOL Toolbar BHO: {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
BHO-X64: AOL Toolbar BHO - No File
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Messenger Plus Live Toolbar: {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Program Files (x86)\Messenger_Plus_Live\tbMess.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: AOL Toolbar: {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll
TB-X64: Messenger Plus Live Toolbar: {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Program Files (x86)\Messenger_Plus_Live\tbMess.dll
TB-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun-x64: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun-x64: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun-x64: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun-x64: [jswtrayutil] "C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe"
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun-x64: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun-x64: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Harvey\AppData\Roaming\Mozilla\Firefox\Profiles\bm0zzvjc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms}
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&q=
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
FF - component: C:\Users\Harvey\AppData\Roaming\Mozilla\Firefox\Profiles\bm0zzvjc.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll
FF - component: C:\Users\Harvey\AppData\Roaming\Mozilla\Firefox\Profiles\bm0zzvjc.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\components\RadioWMPCore.dll
FF - component: C:\Users\Harvey\AppData\Roaming\Mozilla\Firefox\Profiles\bm0zzvjc.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\Harvey\AppData\Roaming\Mozilla\Firefox\Profiles\bm0zzvjc.default\extensions\{9b339f6e-ddcd-401b-8764-230adbd01761}\components\FFExternalAlert.dll
FF - component: C:\Users\Harvey\AppData\Roaming\Mozilla\Firefox\Profiles\bm0zzvjc.default\extensions\{9b339f6e-ddcd-401b-8764-230adbd01761}\components\RadioWMPCore.dll
FF - component: C:\Users\Harvey\AppData\Roaming\Mozilla\Firefox\Profiles\bm0zzvjc.default\extensions\engine@conduit.com\components\RadioWMPCore.dll
FF - component: C:\Users\Harvey\AppData\Roaming\Mozilla\Firefox\Profiles\bm0zzvjc.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Users\Harvey\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Click to call with Skype: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: 1-Click YouTube Video Downloader: YoutubeDownloader@PeterOlayev.com - %profile%\extensions\YoutubeDownloader@PeterOlayev.com
FF - Ext: ColorfulTabs: {0545b830-f0aa-4d7e-8820-50a4629a56fe} - %profile%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF - Ext: FireShot: {0b457cAA-602d-484a-8fe7-c1d894a011ba} - %profile%\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
FF - Ext: Messenger Plus Live Toolbar: {9b339f6e-ddcd-401b-8764-230adbd01761} - %profile%\extensions\{9b339f6e-ddcd-401b-8764-230adbd01761}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: FlashGot: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - %profile%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
FF - Ext: DownThemAll!: {DDC359D1-844A-42a7-9AA1-88A850A938A8} - %profile%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
FF - Ext: All-in-One Sidebar: {097d3191-e6fa-4728-9826-b533d755359d} - %profile%\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: NCH EN Community Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - %profile%\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}
FF - Ext: avast! WebRep: wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 JSWPSLWF;JumpStart Wireless Filter Driver;C:\Windows\system32\DRIVERS\jswpslwfx.sys --> C:\Windows\system32\DRIVERS\jswpslwfx.sys [?]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/04/06 20:25:56];C:\Program Files (x86)\Cyberlink\PowerDVD10\NavFilter\000.fcl [2010-3-13 146928]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-14 20992]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-6-1 42184]
R2 JSWHwBtn;JSW Hardware Button Service;C:\Program Files (x86)\TP-LINK\QSS\HwBtnSvc.exe [2010-3-5 16384]
R2 TabletServicePen;TabletServicePen;C:\Windows\system32\Pen_Tablet.exe --> C:\Windows\system32\Pen_Tablet.exe [?]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2009-12-18 1394504]
R2 WTouchService;WTouch Service;C:\Program Files\WTouch\WTouchService.exe [2010-3-10 127784]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]
R3 wacmoumonitor;Wacom Mode Helper;C:\Windows\system32\DRIVERS\wacmoumonitor.sys --> C:\Windows\system32\DRIVERS\wacmoumonitor.sys [?]
S3 arusb_lhx;TP-LINK TL-WN821N 11N Wireless device driver;C:\Windows\system32\DRIVERS\arusb_lhx.sys --> C:\Windows\system32\DRIVERS\arusb_lhx.sys [?]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-2-23 1038088]
S3 jswpsapi;Jumpstart Wifi Protected Setup;C:\Program Files (x86)\TP-LINK\QSS\jswpsapi.exe [2010-3-5 954368]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== File Associations ===============
.
.scr=AutoCADScriptFile
.
=============== Created Last 30 ================
.
2011-12-30 03:17:32 -------- d-sh--w- C:\$RECYCLE.BIN
2011-12-30 02:34:02 98816 ----a-w- C:\Windows\sed.exe
2011-12-30 02:34:02 518144 ----a-w- C:\Windows\SWREG.exe
2011-12-30 02:34:02 256000 ----a-w- C:\Windows\PEV.exe
2011-12-30 02:34:02 208896 ----a-w- C:\Windows\MBR.exe
2011-12-30 02:25:33 -------- d-----w- C:\_OTL
2011-12-30 00:32:04 -------- d-----w- C:\Windows\SysWow64\directx
2011-12-29 23:55:52 292352 ----a-w- C:\Users\Harvey\AppData\Roaming\Microsoft\95D9\021.exe
2011-12-28 07:33:34 29696 ----a-w- C:\Windows\System32\drivers\ewdcsc.sys
2011-12-28 07:33:34 119296 ----a-w- C:\Windows\System32\drivers\ewusbnet.sys
2011-12-28 07:33:34 117120 ----a-w- C:\Windows\System32\drivers\ewusbfake.sys
2011-12-28 07:33:34 115328 ----a-w- C:\Windows\System32\drivers\ewusbmdm.sys
2011-12-28 07:33:34 1003008 ----a-w- C:\Windows\System32\drivers\mod7700.sys
2011-12-26 08:55:29 -------- d-----w- C:\Users\Harvey\AppData\Roaming\FAB23
2011-12-26 08:55:15 103424 ----a-w- C:\Users\Harvey\AppData\Roaming\Microsoft\A129\4066.tmp
2011-12-26 08:55:05 -------- d-----w- C:\Users\Harvey\AppData\Roaming\98FFA
2011-12-26 07:10:27 -------- d-----w- C:\Users\Harvey\AppData\Roaming\calibre
2011-12-26 07:10:15 -------- d-----w- C:\Program Files (x86)\Calibre2
2011-12-26 06:29:39 -------- d-----w- C:\Program Files (x86)\Wondershare
2011-12-24 12:14:27 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9460ECC2-FA31-47B3-80A0-5E45C3DF09BE}\mpengine.dll
2011-12-16 21:16:32 37888 ----a-w- C:\Windows\System32\drivers\taphss.sys
2011-12-15 06:42:06 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2011-12-15 06:40:18 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-12-15 06:40:15 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-12-15 06:40:15 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-12-15 06:40:03 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-12-15 06:40:03 2048 ----a-w- C:\Windows\System32\tzres.dll
.
==================== Find3M ====================
.
2011-11-21 07:53:54 2516 --sha-w- C:\ProgramData\KGyGaAvL.sys
2011-11-05 05:41:43 1188864 ----a-w- C:\Windows\System32\wininet.dll
2011-11-05 04:35:00 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-05 03:32:47 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-05 02:48:51 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-11-04 23:30:43 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
.
============= FINISH: 16:45:45.63 ===============

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:38 AM

Posted 03 January 2012 - 01:45 PM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.
  • Do not run any other tool untill instructed to do so!


Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 verkie

verkie
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 03 January 2012 - 08:02 PM

Hey, thank you for replying! I didn't run into any trouble while running combofix, my computer is pretty much the same as stated in the first post. Here is my combofix log.

ComboFix 12-01-03.07 - Harvey 04/01/2012 11:47:55.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.4094.2623 [GMT 11:00]
Running from: c:\users\Harvey\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Outdated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2011-12-04 to 2012-01-04 )))))))))))))))))))))))))))))))
.
.
2012-01-04 00:53 . 2012-01-04 00:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-01 09:23 . 2012-01-01 09:23 -------- d-----w- c:\programdata\hssff
2012-01-01 08:48 . 2012-01-01 08:48 -------- d-----w- C:\Expat Shield
2012-01-01 08:48 . 2011-12-29 00:53 597320 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor90.dll
2012-01-01 08:48 . 2011-12-28 23:57 610432 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor.dll
2012-01-01 08:48 . 2011-12-28 23:57 594560 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor80.dll
2012-01-01 08:48 . 2011-12-28 23:57 594560 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor70.dll
2012-01-01 08:48 . 2011-12-28 23:57 594560 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor60.dll
2012-01-01 08:48 . 2011-12-28 23:57 594560 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor50.dll
2012-01-01 08:48 . 2012-01-01 08:48 -------- d-----w- c:\program files (x86)\Expat Shield
2011-12-30 02:25 . 2011-12-30 02:25 -------- d-----w- C:\_OTL
2011-12-29 23:55 . 2011-12-29 23:55 292352 ----a-w- c:\users\Harvey\AppData\Roaming\Microsoft\95D9\021.exe
2011-12-28 23:57 . 2011-12-28 23:57 56832 ----a-w- c:\windows\system32\drivers\HssDrv.sys
2011-12-28 07:33 . 2008-04-17 04:48 1003008 ----a-w- c:\windows\system32\drivers\mod7700.sys
2011-12-28 07:33 . 2008-04-17 04:47 119296 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2011-12-28 07:33 . 2008-04-17 04:47 115328 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2011-12-28 07:33 . 2008-04-17 04:47 117120 ----a-w- c:\windows\system32\drivers\ewusbfake.sys
2011-12-28 07:33 . 2008-04-17 04:45 29696 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2011-12-26 10:08 . 2011-12-26 10:08 204288 ----a-w- c:\users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\eqgezi.exe
2011-12-26 08:55 . 2011-12-26 08:56 -------- d-----w- c:\users\Harvey\AppData\Roaming\FAB23
2011-12-26 08:55 . 2011-12-26 08:55 103424 ----a-w- c:\users\Harvey\AppData\Roaming\Microsoft\A129\4066.tmp
2011-12-26 08:55 . 2011-12-30 00:23 -------- d-----w- c:\users\Harvey\AppData\Roaming\98FFA
2011-12-26 07:10 . 2011-12-26 07:11 -------- d-----w- c:\users\Harvey\AppData\Roaming\calibre
2011-12-26 07:10 . 2011-12-26 07:10 -------- d-----w- c:\program files (x86)\Calibre2
2011-12-26 06:29 . 2011-12-26 06:29 -------- d-----w- c:\program files (x86)\Wondershare
2011-12-24 12:14 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9460ECC2-FA31-47B3-80A0-5E45C3DF09BE}\mpengine.dll
2011-12-16 21:16 . 2011-12-16 21:16 37888 ----a-w- c:\windows\system32\drivers\taphss.sys
2011-12-15 06:42 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-15 06:40 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-12-15 06:40 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2011-12-15 06:40 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-15 06:40 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-15 06:40 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-21 07:53 . 2010-03-17 08:47 2516 --sha-w- c:\programdata\KGyGaAvL.sys
2011-11-04 23:30 . 2011-08-16 10:25 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-30_03.17.33 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-12-30 03:16 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-01-04 00:13 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-12-30 03:16 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-04 00:13 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-01-04 00:13 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-12-30 03:16 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-08-27 06:10 . 2012-01-04 00:11 60576 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-01-04 00:11 31608 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-01-27 22:38 . 2012-01-04 00:11 19776 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-315001830-3485863345-2222576576-1000_UserData.bin
+ 2009-07-14 05:30 . 2012-01-01 08:48 86016 c:\windows\system32\DriverStore\infpub.dat
- 2009-07-14 05:30 . 2011-12-28 07:34 86016 c:\windows\system32\DriverStore\infpub.dat
+ 2010-04-27 03:58 . 2012-01-04 00:11 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-04-27 03:58 . 2011-12-30 02:29 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2011-12-30 06:14 94000 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2010-04-27 03:58 . 2012-01-04 00:11 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-04-27 03:58 . 2011-12-30 02:29 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-04-27 03:58 . 2011-12-30 02:29 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-04-27 03:58 . 2012-01-04 00:11 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-27 04:14 . 2012-01-04 00:17 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-01-27 04:14 . 2011-12-30 02:28 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-01-27 04:14 . 2012-01-04 00:17 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-01-27 04:14 . 2011-12-30 02:28 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-12-30 03:41 . 2011-12-30 03:41 10134 c:\windows\Installer\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}\ARPPRODUCTICON.exe
- 2011-12-30 01:44 . 2011-12-30 01:44 10134 c:\windows\Installer\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}\ARPPRODUCTICON.exe
- 2011-12-30 01:44 . 2011-12-30 01:44 10134 c:\windows\Installer\{D1A19B02-817E-4296-A45B-07853FD74D57}\ARPPRODUCTICON.exe
+ 2011-12-30 03:41 . 2011-12-30 03:41 10134 c:\windows\Installer\{D1A19B02-817E-4296-A45B-07853FD74D57}\ARPPRODUCTICON.exe
+ 2011-12-30 03:44 . 2011-12-30 03:44 10134 c:\windows\Installer\{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}\ARPPRODUCTICON.exe
- 2011-12-30 01:49 . 2011-12-30 01:49 10134 c:\windows\Installer\{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}\ARPPRODUCTICON.exe
+ 2011-12-30 03:44 . 2011-12-30 03:44 10134 c:\windows\Installer\{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}\ARPPRODUCTICON.exe
- 2011-12-30 01:49 . 2011-12-30 01:49 10134 c:\windows\Installer\{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}\ARPPRODUCTICON.exe
- 2011-12-30 01:43 . 2011-12-30 01:43 10134 c:\windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}\ARPPRODUCTICON.exe
+ 2011-12-30 03:41 . 2011-12-30 03:41 10134 c:\windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}\ARPPRODUCTICON.exe
+ 2011-12-30 03:42 . 2011-12-30 03:42 10134 c:\windows\Installer\{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}\ARPPRODUCTICON.exe
- 2011-12-30 01:46 . 2011-12-30 01:46 10134 c:\windows\Installer\{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}\ARPPRODUCTICON.exe
+ 2011-12-30 03:43 . 2011-12-30 03:43 10134 c:\windows\Installer\{925D058B-564A-443A-B4B2-7E90C6432E55}\ARPPRODUCTICON.exe
- 2011-12-30 01:48 . 2011-12-30 01:48 10134 c:\windows\Installer\{925D058B-564A-443A-B4B2-7E90C6432E55}\ARPPRODUCTICON.exe
- 2011-12-30 01:49 . 2011-12-30 01:49 10134 c:\windows\Installer\{8557397C-A42D-486F-97B3-A2CBC2372593}\ARPPRODUCTICON.exe
+ 2011-12-30 03:44 . 2011-12-30 03:44 10134 c:\windows\Installer\{8557397C-A42D-486F-97B3-A2CBC2372593}\ARPPRODUCTICON.exe
+ 2011-12-30 03:42 . 2011-12-30 03:42 10134 c:\windows\Installer\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}\ARPPRODUCTICON.exe
- 2011-12-30 01:44 . 2011-12-30 01:44 10134 c:\windows\Installer\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}\ARPPRODUCTICON.exe
- 2011-12-30 01:48 . 2011-12-30 01:48 10134 c:\windows\Installer\{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}\ARPPRODUCTICON.exe
+ 2011-12-30 03:43 . 2011-12-30 03:43 10134 c:\windows\Installer\{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}\ARPPRODUCTICON.exe
- 2011-12-30 01:48 . 2011-12-30 01:48 10134 c:\windows\Installer\{1E9FC118-651D-4934-97BE-E53CAE5C7D45}\ARPPRODUCTICON.exe
+ 2011-12-30 03:44 . 2011-12-30 03:44 10134 c:\windows\Installer\{1E9FC118-651D-4934-97BE-E53CAE5C7D45}\ARPPRODUCTICON.exe
- 2011-12-30 01:44 . 2011-12-30 01:44 10134 c:\windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}\ARPPRODUCTICON.exe
+ 2011-12-30 03:41 . 2011-12-30 03:41 10134 c:\windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}\ARPPRODUCTICON.exe
- 2011-12-30 01:44 . 2011-12-30 01:44 10134 c:\windows\Installer\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}\ARPPRODUCTICON.exe
+ 2011-12-30 03:41 . 2011-12-30 03:41 10134 c:\windows\Installer\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}\ARPPRODUCTICON.exe
+ 2012-01-04 00:09 . 2012-01-04 00:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-12-30 02:27 . 2011-12-30 03:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-12-30 02:27 . 2011-12-30 03:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-01-04 00:09 . 2012-01-04 00:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2011-12-29 02:58 619206 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-01-04 00:32 619206 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-01-04 00:32 107388 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2011-12-29 02:58 107388 c:\windows\system32\perfc009.dat
+ 2009-07-14 05:30 . 2012-01-01 08:48 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:30 . 2011-12-28 07:34 143360 c:\windows\system32\DriverStore\infstrng.dat
- 2009-07-14 05:01 . 2011-12-30 02:26 608528 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-01-03 09:45 608528 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-04-07 13:08 . 2010-04-07 13:08 532992 c:\windows\Installer\f5d7c.msi
+ 2010-04-07 13:08 . 2010-04-07 13:08 620032 c:\windows\Installer\f5d6c.msi
+ 2010-04-07 13:08 . 2010-04-07 13:08 510976 c:\windows\Installer\f5d5c.msi
+ 2011-01-29 07:58 . 2011-01-29 07:58 606208 c:\windows\Installer\f5d44.msi
+ 2011-01-29 07:58 . 2011-01-29 07:58 725504 c:\windows\Installer\f5d34.msi
+ 2010-01-27 07:24 . 2012-01-03 09:45 5993248 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2010-04-07 13:08 . 2010-04-07 13:08 9998336 c:\windows\Installer\f5d84.msi
+ 2010-04-07 13:08 . 2010-04-07 13:08 3123200 c:\windows\Installer\f5d74.msi
+ 2010-04-07 13:08 . 2010-04-07 13:08 1911808 c:\windows\Installer\f5d64.msi
+ 2010-04-07 13:08 . 2010-04-07 13:08 1528320 c:\windows\Installer\f5d54.msi
+ 2011-01-29 07:58 . 2011-01-29 07:58 3670016 c:\windows\Installer\f5d3c.msi
+ 2011-01-29 07:58 . 2011-01-29 07:58 1997312 c:\windows\Installer\f5d2c.msi
+ 2011-01-29 07:58 . 2011-01-29 07:58 2211328 c:\windows\Installer\f5d24.msi
+ 2011-01-29 07:58 . 2011-01-29 07:58 12719104 c:\windows\Installer\f5d4c.msi
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{9b339f6e-ddcd-401b-8764-230adbd01761}"= "c:\program files (x86)\Messenger_Plus_Live\tbMess.dll" [2010-02-22 2353176]
.
[HKEY_CLASSES_ROOT\clsid\{9b339f6e-ddcd-401b-8764-230adbd01761}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 06:54 175912 ----a-w- c:\program files (x86)\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}]
2011-12-28 23:57 233288 ----a-w- c:\program files (x86)\Expat Shield\HssIE\ExpatIE.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{9b339f6e-ddcd-401b-8764-230adbd01761}]
2010-02-22 01:05 2353176 ----a-w- c:\program files (x86)\Messenger_Plus_Live\tbMess.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{9b339f6e-ddcd-401b-8764-230adbd01761}"= "c:\program files (x86)\Messenger_Plus_Live\tbMess.dll" [2010-02-22 2353176]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{9b339f6e-ddcd-401b-8764-230adbd01761}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-07-15 1668664]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2010-09-18 2969496]
"Akamai NetSession Interface"="c:\users\Harvey\AppData\Local\Akamai\netsession_win.exe" [2011-12-12 3305760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-05-26 656896]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-05-12 581480]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"jswtrayutil"="c:\program files (x86)\TP-LINK\QSS\jswtrayutil.exe" [2008-05-11 36949]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-03-13 75048]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-01 1185112]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-12-13 421160]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-21 406992]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
eqgezi.exe [2011-12-26 204288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 JSWHwBtn;JSW Hardware Button Service;c:\program files (x86)\TP-LINK\QSS\HwBtnSvc.exe [2008-02-29 16384]
R3 arusb_lhx;TP-LINK TL-WN821N 11N Wireless device driver;c:\windows\system32\DRIVERS\arusb_lhx.sys [x]
R3 ExpatTrayService;Expat Shield Tray Service;c:\program files (x86)\Expat Shield\bin\ExpatTrayService.EXE [2011-12-29 77520]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-02-23 1038088]
R3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files (x86)\TP-LINK\QSS\jswpsapi.exe [2008-04-16 954368]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 JSWPSLWF;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwfx.sys [x]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/04/06 20:25];c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 02:58 146928]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 ExpatShieldService;Expat Shield Service;c:\program files (x86)\Expat Shield\bin\openvpnas.exe [2011-12-29 331608]
S2 ExpatSrv;Expat Shield Routing Service;c:\program files (x86)\Expat Shield\HssWPR\hsssrv.exe [2011-12-28 363336]
S2 ExpatWd;Expat Shield Monitoring Service;c:\program files (x86)\Expat Shield\bin\hsswd.exe [2011-12-28 329544]
S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2009-12-17 1394504]
S2 WTouchService;WTouch Service;c:\program files\WTouch\WTouchService.exe [2009-11-23 127784]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-13 11856]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-315001830-3485863345-2222576576-1000Core.job
- c:\users\Harvey\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-05 11:56]
.
2012-01-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-315001830-3485863345-2222576576-1000UA.job
- c:\users\Harvey\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-05 11:56]
.
2011-12-31 c:\windows\Tasks\HPCeeScheduleForHarvey.job
- c:\program files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [2009-08-27 04:38]
.
2010-04-30 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-06-10 11:04]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}]
2011-12-28 23:57 287048 ----a-w- c:\program files (x86)\Expat Shield\HssIE\ExpatIE_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 16:04 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-26 16327712]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2726728]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-11 689488]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-05 500208]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2801948
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_AU&c=94&bd=Presario&pf=cndt
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = http=127.0.0.1:56323
uInternet Settings,ProxyOverride = local
IE: &AOL Toolbar Search - c:\programdata\AOL\ieToolbar\resources\en-AU\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: Interfaces\{110F66B1-3465-4E5F-822C-F2A927856521}: NameServer = 125.168.254.14 61.88.88.88
FF - ProfilePath - c:\users\Harvey\AppData\Roaming\Mozilla\Firefox\Profiles\bm0zzvjc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms}
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Click to call with Skype: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Expat Shield Helper (Please allow this installation): afurladvisor@anchorfree.com - c:\program files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
FF - Ext: 1-Click YouTube Video Downloader: YoutubeDownloader@PeterOlayev.com - %profile%\extensions\YoutubeDownloader@PeterOlayev.com
FF - Ext: ColorfulTabs: {0545b830-f0aa-4d7e-8820-50a4629a56fe} - %profile%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF - Ext: FireShot: {0b457cAA-602d-484a-8fe7-c1d894a011ba} - %profile%\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
FF - Ext: Messenger Plus Live Toolbar: {9b339f6e-ddcd-401b-8764-230adbd01761} - %profile%\extensions\{9b339f6e-ddcd-401b-8764-230adbd01761}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: FlashGot: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - %profile%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
FF - Ext: DownThemAll!: {DDC359D1-844A-42a7-9AA1-88A850A938A8} - %profile%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
FF - Ext: Easy Youtube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
FF - Ext: All-in-One Sidebar: {097d3191-e6fa-4728-9826-b533d755359d} - %profile%\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: NCH EN Community Toolbar: {37483b40-c254-4a72-bda4-22ee90182c1e} - %profile%\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{9B339F6E-DDCD-401B-8764-230ADBD01761} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_b427739.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BFE]
"ImagePath"="NADA"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-01-04 11:55:03
ComboFix-quarantined-files.txt 2012-01-04 00:55
ComboFix2.txt 2011-12-30 03:22
.
Pre-Run: 621,412,585,472 bytes free
Post-Run: 621,363,015,680 bytes free
.
- - End Of File - - 85C19063B252FD1A6539BEAFC20E0959

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:38 AM

Posted 03 January 2012 - 08:29 PM

Hello

I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 verkie

verkie
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 03 January 2012 - 09:21 PM

13:20:18.0375 3084 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
13:20:19.0344 3084 ============================================================
13:20:19.0344 3084 Current date / time: 2012/01/04 13:20:19.0344
13:20:19.0344 3084 SystemInfo:
13:20:19.0344 3084
13:20:19.0344 3084 OS Version: 6.1.7601 ServicePack: 1.0
13:20:19.0344 3084 Product type: Workstation
13:20:19.0344 3084 ComputerName: VERONICA
13:20:19.0345 3084 UserName: Harvey
13:20:19.0345 3084 Windows directory: C:\Windows
13:20:19.0345 3084 System windows directory: C:\Windows
13:20:19.0345 3084 Running under WOW64
13:20:19.0345 3084 Processor architecture: Intel x64
13:20:19.0345 3084 Number of processors: 4
13:20:19.0345 3084 Page size: 0x1000
13:20:19.0345 3084 Boot type: Normal boot
13:20:19.0345 3084 ============================================================
13:20:20.0069 3084 Initialize success
13:20:26.0698 1044 ============================================================
13:20:26.0698 1044 Scan started
13:20:26.0698 1044 Mode: Manual;
13:20:26.0698 1044 ============================================================
13:20:27.0428 1044 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:20:27.0431 1044 1394ohci - ok
13:20:27.0468 1044 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:20:27.0471 1044 ACPI - ok
13:20:27.0488 1044 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:20:27.0489 1044 AcpiPmi - ok
13:20:27.0540 1044 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
13:20:27.0541 1044 adfs - ok
13:20:27.0578 1044 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:20:27.0583 1044 adp94xx - ok
13:20:27.0603 1044 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:20:27.0607 1044 adpahci - ok
13:20:27.0621 1044 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:20:27.0623 1044 adpu320 - ok
13:20:27.0662 1044 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
13:20:27.0668 1044 AFD - ok
13:20:27.0685 1044 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:20:27.0686 1044 agp440 - ok
13:20:27.0722 1044 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:20:27.0727 1044 aliide - ok
13:20:27.0762 1044 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:20:27.0763 1044 amdide - ok
13:20:27.0779 1044 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:20:27.0780 1044 AmdK8 - ok
13:20:27.0805 1044 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:20:27.0806 1044 AmdPPM - ok
13:20:27.0820 1044 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
13:20:27.0822 1044 amdsata - ok
13:20:27.0841 1044 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:20:27.0843 1044 amdsbs - ok
13:20:27.0859 1044 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
13:20:27.0860 1044 amdxata - ok
13:20:27.0879 1044 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:20:27.0881 1044 AppID - ok
13:20:27.0935 1044 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:20:27.0936 1044 arc - ok
13:20:27.0948 1044 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:20:27.0949 1044 arcsas - ok
13:20:27.0991 1044 arusb_lhx (fec1f5da49c4d693ccd1b922b7f3b22f) C:\Windows\system32\DRIVERS\arusb_lhx.sys
13:20:27.0996 1044 arusb_lhx - ok
13:20:28.0036 1044 aswFsBlk (f810e3ea3d1f3c3ba26f2f4719bdca4f) C:\Windows\system32\drivers\aswFsBlk.sys
13:20:28.0037 1044 aswFsBlk - ok
13:20:28.0066 1044 aswMonFlt (3687fd9cedf56d3b9f18923f4e14f3f9) C:\Windows\system32\drivers\aswMonFlt.sys
13:20:28.0067 1044 aswMonFlt - ok
13:20:28.0077 1044 aswRdr (e99e48596b35e5d5240104bcd61b3471) C:\Windows\system32\drivers\aswRdr.sys
13:20:28.0078 1044 aswRdr - ok
13:20:28.0102 1044 aswSnx (84ad8fb3fd2efa52d8599a0028bbb6fe) C:\Windows\system32\drivers\aswSnx.sys
13:20:28.0107 1044 aswSnx - ok
13:20:28.0126 1044 aswSP (8cba6cc5dca9e3829f1792bf98f06901) C:\Windows\system32\drivers\aswSP.sys
13:20:28.0130 1044 aswSP - ok
13:20:28.0142 1044 aswTdi (184248f2ded7b1641c7f3b30381baa2a) C:\Windows\system32\drivers\aswTdi.sys
13:20:28.0144 1044 aswTdi - ok
13:20:28.0164 1044 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:20:28.0165 1044 AsyncMac - ok
13:20:28.0193 1044 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:20:28.0193 1044 atapi - ok
13:20:28.0226 1044 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:20:28.0230 1044 b06bdrv - ok
13:20:28.0248 1044 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:20:28.0251 1044 b57nd60a - ok
13:20:28.0273 1044 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:20:28.0274 1044 Beep - ok
13:20:28.0298 1044 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:20:28.0299 1044 blbdrive - ok
13:20:28.0336 1044 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:20:28.0338 1044 bowser - ok
13:20:28.0345 1044 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:20:28.0346 1044 BrFiltLo - ok
13:20:28.0364 1044 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:20:28.0365 1044 BrFiltUp - ok
13:20:28.0376 1044 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:20:28.0380 1044 Brserid - ok
13:20:28.0387 1044 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:20:28.0388 1044 BrSerWdm - ok
13:20:28.0395 1044 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:20:28.0395 1044 BrUsbMdm - ok
13:20:28.0415 1044 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:20:28.0416 1044 BrUsbSer - ok
13:20:28.0432 1044 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:20:28.0434 1044 BTHMODEM - ok
13:20:28.0450 1044 catchme - ok
13:20:28.0471 1044 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:20:28.0473 1044 cdfs - ok
13:20:28.0489 1044 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
13:20:28.0491 1044 cdrom - ok
13:20:28.0501 1044 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:20:28.0502 1044 circlass - ok
13:20:28.0528 1044 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:20:28.0532 1044 CLFS - ok
13:20:28.0544 1044 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:20:28.0545 1044 CmBatt - ok
13:20:28.0565 1044 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:20:28.0566 1044 cmdide - ok
13:20:28.0589 1044 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
13:20:28.0593 1044 CNG - ok
13:20:28.0601 1044 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:20:28.0602 1044 Compbatt - ok
13:20:28.0622 1044 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
13:20:28.0623 1044 CompositeBus - ok
13:20:28.0632 1044 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:20:28.0633 1044 crcdisk - ok
13:20:28.0671 1044 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:20:28.0673 1044 DfsC - ok
13:20:28.0688 1044 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:20:28.0689 1044 discache - ok
13:20:28.0704 1044 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:20:28.0706 1044 Disk - ok
13:20:28.0735 1044 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:20:28.0736 1044 drmkaud - ok
13:20:28.0784 1044 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:20:28.0794 1044 DXGKrnl - ok
13:20:28.0857 1044 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:20:28.0910 1044 ebdrv - ok
13:20:28.0939 1044 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:20:28.0944 1044 elxstor - ok
13:20:28.0964 1044 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:20:28.0966 1044 ErrDev - ok
13:20:28.0990 1044 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:20:28.0993 1044 exfat - ok
13:20:29.0035 1044 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:20:29.0038 1044 fastfat - ok
13:20:29.0057 1044 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:20:29.0058 1044 fdc - ok
13:20:29.0077 1044 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:20:29.0079 1044 FileInfo - ok
13:20:29.0095 1044 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:20:29.0097 1044 Filetrace - ok
13:20:29.0124 1044 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:20:29.0126 1044 flpydisk - ok
13:20:29.0163 1044 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:20:29.0166 1044 FltMgr - ok
13:20:29.0188 1044 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:20:29.0190 1044 FsDepends - ok
13:20:29.0203 1044 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
13:20:29.0205 1044 Fs_Rec - ok
13:20:29.0237 1044 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:20:29.0240 1044 fvevol - ok
13:20:29.0257 1044 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:20:29.0259 1044 gagp30kx - ok
13:20:29.0297 1044 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:20:29.0298 1044 GEARAspiWDM - ok
13:20:29.0317 1044 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:20:29.0318 1044 hcw85cir - ok
13:20:29.0344 1044 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
13:20:29.0346 1044 HDAudBus - ok
13:20:29.0359 1044 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:20:29.0368 1044 HidBatt - ok
13:20:29.0380 1044 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:20:29.0381 1044 HidBth - ok
13:20:29.0389 1044 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:20:29.0390 1044 HidIr - ok
13:20:29.0426 1044 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
13:20:29.0428 1044 HidUsb - ok
13:20:29.0462 1044 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:20:29.0464 1044 HpSAMD - ok
13:20:29.0498 1044 HssDrv (80b0c0d39178e80905e30fa92c0f6d43) C:\Windows\system32\DRIVERS\HssDrv.sys
13:20:29.0499 1044 HssDrv - ok
13:20:29.0603 1044 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:20:29.0634 1044 HTTP - ok
13:20:29.0684 1044 hwdatacard (c8f3119ad72a507d12ef389df4c266ef) C:\Windows\system32\DRIVERS\ewusbmdm.sys
13:20:29.0685 1044 hwdatacard - ok
13:20:29.0703 1044 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:20:29.0704 1044 hwpolicy - ok
13:20:29.0743 1044 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
13:20:29.0745 1044 i8042prt - ok
13:20:29.0760 1044 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
13:20:29.0764 1044 iaStorV - ok
13:20:29.0789 1044 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:20:29.0790 1044 iirsp - ok
13:20:29.0857 1044 IntcAzAudAddService (31c32bc56d85d109ebb0c526be5caca7) C:\Windows\system32\drivers\RTKVHD64.sys
13:20:29.0892 1044 IntcAzAudAddService - ok
13:20:29.0924 1044 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:20:29.0926 1044 intelide - ok
13:20:29.0952 1044 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:20:29.0954 1044 intelppm - ok
13:20:29.0981 1044 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:20:29.0983 1044 IpFilterDriver - ok
13:20:29.0990 1044 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:20:29.0992 1044 IPMIDRV - ok
13:20:30.0014 1044 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:20:30.0016 1044 IPNAT - ok
13:20:30.0035 1044 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:20:30.0037 1044 IRENUM - ok
13:20:30.0048 1044 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:20:30.0049 1044 isapnp - ok
13:20:30.0067 1044 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:20:30.0070 1044 iScsiPrt - ok
13:20:30.0105 1044 JSWPSLWF (9d86c5091209ca4bd3762bed6f654501) C:\Windows\system32\DRIVERS\jswpslwfx.sys
13:20:30.0106 1044 JSWPSLWF - ok
13:20:30.0116 1044 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
13:20:30.0116 1044 kbdclass - ok
13:20:30.0130 1044 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
13:20:30.0131 1044 kbdhid - ok
13:20:30.0147 1044 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
13:20:30.0149 1044 KSecDD - ok
13:20:30.0179 1044 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
13:20:30.0181 1044 KSecPkg - ok
13:20:30.0195 1044 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:20:30.0196 1044 ksthunk - ok
13:20:30.0254 1044 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:20:30.0256 1044 lltdio - ok
13:20:30.0290 1044 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:20:30.0292 1044 LSI_FC - ok
13:20:30.0309 1044 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:20:30.0310 1044 LSI_SAS - ok
13:20:30.0325 1044 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:20:30.0326 1044 LSI_SAS2 - ok
13:20:30.0344 1044 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:20:30.0346 1044 LSI_SCSI - ok
13:20:30.0362 1044 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:20:30.0364 1044 luafv - ok
13:20:30.0383 1044 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:20:30.0385 1044 megasas - ok
13:20:30.0408 1044 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:20:30.0412 1044 MegaSR - ok
13:20:30.0458 1044 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:20:30.0459 1044 Modem - ok
13:20:30.0471 1044 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:20:30.0472 1044 monitor - ok
13:20:30.0487 1044 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:20:30.0492 1044 mouclass - ok
13:20:30.0529 1044 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:20:30.0531 1044 mouhid - ok
13:20:30.0557 1044 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:20:30.0559 1044 mountmgr - ok
13:20:30.0575 1044 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:20:30.0577 1044 mpio - ok
13:20:30.0598 1044 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:20:30.0600 1044 mpsdrv - ok
13:20:30.0623 1044 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:20:30.0625 1044 MRxDAV - ok
13:20:30.0652 1044 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:20:30.0654 1044 mrxsmb - ok
13:20:30.0683 1044 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:20:30.0717 1044 mrxsmb10 - ok
13:20:30.0878 1044 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:20:30.0880 1044 mrxsmb20 - ok
13:20:30.0896 1044 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:20:30.0897 1044 msahci - ok
13:20:30.0910 1044 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:20:30.0912 1044 msdsm - ok
13:20:30.0933 1044 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:20:30.0935 1044 Msfs - ok
13:20:30.0951 1044 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:20:30.0952 1044 mshidkmdf - ok
13:20:30.0979 1044 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:20:30.0981 1044 msisadrv - ok
13:20:31.0003 1044 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:20:31.0004 1044 MSKSSRV - ok
13:20:31.0022 1044 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:20:31.0023 1044 MSPCLOCK - ok
13:20:31.0040 1044 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:20:31.0042 1044 MSPQM - ok
13:20:31.0066 1044 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:20:31.0069 1044 MsRPC - ok
13:20:31.0083 1044 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:20:31.0084 1044 mssmbios - ok
13:20:31.0096 1044 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:20:31.0098 1044 MSTEE - ok
13:20:31.0115 1044 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:20:31.0116 1044 MTConfig - ok
13:20:31.0141 1044 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:20:31.0143 1044 Mup - ok
13:20:31.0177 1044 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:20:31.0181 1044 NativeWifiP - ok
13:20:31.0224 1044 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:20:31.0230 1044 NDIS - ok
13:20:31.0250 1044 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:20:31.0251 1044 NdisCap - ok
13:20:31.0270 1044 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:20:31.0271 1044 NdisTapi - ok
13:20:31.0289 1044 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:20:31.0290 1044 Ndisuio - ok
13:20:31.0325 1044 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:20:31.0328 1044 NdisWan - ok
13:20:31.0355 1044 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:20:31.0356 1044 NDProxy - ok
13:20:31.0366 1044 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:20:31.0368 1044 NetBIOS - ok
13:20:31.0384 1044 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:20:31.0386 1044 NetBT - ok
13:20:31.0414 1044 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:20:31.0415 1044 nfrd960 - ok
13:20:31.0436 1044 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:20:31.0437 1044 Npfs - ok
13:20:31.0455 1044 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:20:31.0456 1044 nsiproxy - ok
13:20:31.0504 1044 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
13:20:31.0514 1044 Ntfs - ok
13:20:31.0538 1044 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:20:31.0538 1044 Null - ok
13:20:31.0565 1044 NVHDA (6574620a7d7549bb72ea26c162025909) C:\Windows\system32\drivers\nvhda64v.sys
13:20:31.0567 1044 NVHDA - ok
13:20:31.0745 1044 nvlddmkm (51bd7ef17f0b525994ad5b3748c8288b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:20:31.0816 1044 nvlddmkm - ok
13:20:31.0849 1044 NVNET (9c3024e48db4c98e50af7d8b72d0ef89) C:\Windows\system32\DRIVERS\nvmf6264.sys
13:20:31.0851 1044 NVNET - ok
13:20:31.0879 1044 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
13:20:31.0880 1044 nvraid - ok
13:20:31.0894 1044 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
13:20:31.0895 1044 nvstor - ok
13:20:31.0924 1044 nvstor64 (6ba747b1a9297a6c0271700d12fdd495) C:\Windows\system32\DRIVERS\nvstor64.sys
13:20:31.0926 1044 nvstor64 - ok
13:20:31.0956 1044 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:20:31.0958 1044 nv_agp - ok
13:20:31.0979 1044 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:20:31.0980 1044 ohci1394 - ok
13:20:32.0039 1044 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:20:32.0040 1044 Parport - ok
13:20:32.0069 1044 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
13:20:32.0070 1044 partmgr - ok
13:20:32.0085 1044 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:20:32.0087 1044 pci - ok
13:20:32.0109 1044 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:20:32.0110 1044 pciide - ok
13:20:32.0133 1044 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:20:32.0134 1044 pcmcia - ok
13:20:32.0155 1044 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:20:32.0156 1044 pcw - ok
13:20:32.0174 1044 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:20:32.0177 1044 PEAUTH - ok
13:20:32.0219 1044 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:20:32.0220 1044 PptpMiniport - ok
13:20:32.0236 1044 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:20:32.0237 1044 Processor - ok
13:20:32.0263 1044 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:20:32.0265 1044 Psched - ok
13:20:32.0310 1044 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:20:32.0319 1044 ql2300 - ok
13:20:32.0341 1044 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:20:32.0342 1044 ql40xx - ok
13:20:32.0364 1044 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:20:32.0365 1044 QWAVEdrv - ok
13:20:32.0382 1044 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:20:32.0382 1044 RasAcd - ok
13:20:32.0410 1044 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:20:32.0410 1044 RasAgileVpn - ok
13:20:32.0428 1044 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:20:32.0430 1044 Rasl2tp - ok
13:20:32.0450 1044 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:20:32.0451 1044 RasPppoe - ok
13:20:32.0463 1044 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:20:32.0464 1044 RasSstp - ok
13:20:32.0496 1044 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:20:32.0498 1044 rdbss - ok
13:20:32.0513 1044 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:20:32.0514 1044 rdpbus - ok
13:20:32.0527 1044 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:20:32.0528 1044 RDPCDD - ok
13:20:32.0560 1044 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:20:32.0560 1044 RDPENCDD - ok
13:20:32.0574 1044 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:20:32.0575 1044 RDPREFMP - ok
13:20:32.0599 1044 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
13:20:32.0600 1044 RDPWD - ok
13:20:32.0633 1044 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:20:32.0635 1044 rdyboost - ok
13:20:32.0662 1044 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:20:32.0663 1044 rspndr - ok
13:20:32.0685 1044 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:20:32.0686 1044 sbp2port - ok
13:20:32.0712 1044 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:20:32.0713 1044 scfilter - ok
13:20:32.0735 1044 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:20:32.0735 1044 secdrv - ok
13:20:32.0764 1044 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:20:32.0765 1044 Serenum - ok
13:20:32.0781 1044 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:20:32.0782 1044 Serial - ok
13:20:32.0801 1044 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:20:32.0801 1044 sermouse - ok
13:20:32.0824 1044 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:20:32.0824 1044 sffdisk - ok
13:20:32.0836 1044 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:20:32.0836 1044 sffp_mmc - ok
13:20:32.0852 1044 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:20:32.0853 1044 sffp_sd - ok
13:20:32.0874 1044 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:20:32.0875 1044 sfloppy - ok
13:20:32.0893 1044 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:20:32.0894 1044 SiSRaid2 - ok
13:20:32.0914 1044 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:20:32.0915 1044 SiSRaid4 - ok
13:20:32.0931 1044 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:20:32.0932 1044 Smb - ok
13:20:32.0952 1044 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:20:32.0952 1044 spldr - ok
13:20:32.0989 1044 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:20:32.0992 1044 srv - ok
13:20:33.0014 1044 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:20:33.0017 1044 srv2 - ok
13:20:33.0035 1044 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:20:33.0036 1044 srvnet - ok
13:20:33.0053 1044 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:20:33.0054 1044 stexstor - ok
13:20:33.0062 1044 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:20:33.0063 1044 swenum - ok
13:20:33.0122 1044 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
13:20:33.0123 1044 taphss - ok
13:20:33.0171 1044 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
13:20:33.0182 1044 Tcpip - ok
13:20:33.0221 1044 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
13:20:33.0232 1044 TCPIP6 - ok
13:20:33.0260 1044 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:20:33.0261 1044 tcpipreg - ok
13:20:33.0278 1044 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:20:33.0279 1044 TDPIPE - ok
13:20:33.0296 1044 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
13:20:33.0297 1044 TDTCP - ok
13:20:33.0324 1044 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:20:33.0325 1044 tdx - ok
13:20:33.0339 1044 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
13:20:33.0340 1044 TermDD - ok
13:20:33.0370 1044 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:20:33.0371 1044 tssecsrv - ok
13:20:33.0412 1044 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:20:33.0413 1044 TsUsbFlt - ok
13:20:33.0471 1044 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
13:20:33.0472 1044 TuneUpUtilitiesDrv - ok
13:20:33.0505 1044 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:20:33.0506 1044 tunnel - ok
13:20:33.0521 1044 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:20:33.0522 1044 uagp35 - ok
13:20:33.0548 1044 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:20:33.0550 1044 udfs - ok
13:20:33.0570 1044 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:20:33.0571 1044 uliagpkx - ok
13:20:33.0593 1044 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
13:20:33.0594 1044 umbus - ok
13:20:33.0608 1044 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:20:33.0609 1044 UmPass - ok
13:20:33.0636 1044 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
13:20:33.0637 1044 USBAAPL64 - ok
13:20:33.0655 1044 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
13:20:33.0656 1044 usbccgp - ok
13:20:33.0685 1044 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:20:33.0686 1044 usbcir - ok
13:20:33.0701 1044 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys
13:20:33.0702 1044 usbehci - ok
13:20:33.0729 1044 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
13:20:33.0732 1044 usbhub - ok
13:20:33.0744 1044 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
13:20:33.0745 1044 usbohci - ok
13:20:33.0772 1044 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:20:33.0773 1044 usbprint - ok
13:20:33.0809 1044 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
13:20:33.0810 1044 usbscan - ok
13:20:33.0822 1044 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:20:33.0823 1044 USBSTOR - ok
13:20:33.0837 1044 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
13:20:33.0838 1044 usbuhci - ok
13:20:33.0884 1044 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:20:33.0885 1044 vdrvroot - ok
13:20:33.0911 1044 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:20:33.0911 1044 vga - ok
13:20:33.0919 1044 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:20:33.0920 1044 VgaSave - ok
13:20:33.0950 1044 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:20:33.0952 1044 vhdmp - ok
13:20:33.0995 1044 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:20:33.0996 1044 viaide - ok
13:20:34.0015 1044 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:20:34.0016 1044 volmgr - ok
13:20:34.0051 1044 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:20:34.0053 1044 volmgrx - ok
13:20:34.0072 1044 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:20:34.0074 1044 volsnap - ok
13:20:34.0088 1044 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:20:34.0090 1044 vsmraid - ok
13:20:34.0107 1044 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
13:20:34.0108 1044 vwifibus - ok
13:20:34.0139 1044 wacmoumonitor (6b6718dc4b4597ec10f4f8c614282ee1) C:\Windows\system32\DRIVERS\wacmoumonitor.sys
13:20:34.0139 1044 wacmoumonitor - ok
13:20:34.0163 1044 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys
13:20:34.0164 1044 wacommousefilter - ok
13:20:34.0184 1044 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:20:34.0185 1044 WacomPen - ok
13:20:34.0210 1044 wacomvhid (26b430e7c5f598fe7353e3bc4b261321) C:\Windows\system32\DRIVERS\wacomvhid.sys
13:20:34.0211 1044 wacomvhid - ok
13:20:34.0245 1044 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:20:34.0246 1044 WANARP - ok
13:20:34.0250 1044 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:20:34.0251 1044 Wanarpv6 - ok
13:20:34.0290 1044 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:20:34.0291 1044 Wd - ok
13:20:34.0320 1044 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:20:34.0324 1044 Wdf01000 - ok
13:20:34.0350 1044 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:20:34.0351 1044 WfpLwf - ok
13:20:34.0359 1044 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:20:34.0360 1044 WIMMount - ok
13:20:34.0414 1044 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
13:20:34.0415 1044 WinUsb - ok
13:20:34.0448 1044 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:20:34.0449 1044 WmiAcpi - ok
13:20:34.0471 1044 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:20:34.0472 1044 ws2ifsl - ok
13:20:34.0517 1044 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:20:34.0518 1044 WudfPf - ok
13:20:34.0554 1044 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:20:34.0556 1044 WUDFRd - ok
13:20:34.0646 1044 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl
13:20:34.0647 1044 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
13:20:34.0681 1044 MBR (0x1B8) (29f62ac05e88ca61cd5a8e40b3773784) \Device\Harddisk0\DR0
13:20:34.0788 1044 \Device\Harddisk0\DR0 - ok
13:20:34.0791 1044 Boot (0x1200) (90907db0b0958cd2bcb740968798bd90) \Device\Harddisk0\DR0\Partition0
13:20:34.0791 1044 \Device\Harddisk0\DR0\Partition0 - ok
13:20:34.0800 1044 Boot (0x1200) (88f1479680a5e9b9ee614cea7779f56b) \Device\Harddisk0\DR0\Partition1
13:20:34.0801 1044 \Device\Harddisk0\DR0\Partition1 - ok
13:20:34.0828 1044 Boot (0x1200) (a634b8ffb4b481146ae2237f21e91d52) \Device\Harddisk0\DR0\Partition2
13:20:34.0829 1044 \Device\Harddisk0\DR0\Partition2 - ok
13:20:34.0829 1044 ============================================================
13:20:34.0829 1044 Scan finished
13:20:34.0829 1044 ============================================================
13:20:34.0838 3596 Detected object count: 0
13:20:34.0838 3596 Actual detected object count: 0
13:20:39.0853 3768 ============================================================
13:20:39.0853 3768 Scan started
13:20:39.0853 3768 Mode: Manual;
13:20:39.0853 3768 ============================================================
13:20:40.0199 3768 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:20:40.0200 3768 1394ohci - ok
13:20:40.0230 3768 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:20:40.0232 3768 ACPI - ok
13:20:40.0251 3768 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:20:40.0251 3768 AcpiPmi - ok
13:20:40.0277 3768 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
13:20:40.0278 3768 adfs - ok
13:20:40.0315 3768 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:20:40.0318 3768 adp94xx - ok
13:20:40.0341 3768 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:20:40.0342 3768 adpahci - ok
13:20:40.0358 3768 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:20:40.0360 3768 adpu320 - ok
13:20:40.0400 3768 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
13:20:40.0403 3768 AFD - ok
13:20:40.0422 3768 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:20:40.0423 3768 agp440 - ok
13:20:40.0443 3768 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:20:40.0443 3768 aliide - ok
13:20:40.0458 3768 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:20:40.0458 3768 amdide - ok
13:20:40.0474 3768 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:20:40.0475 3768 AmdK8 - ok
13:20:40.0492 3768 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:20:40.0493 3768 AmdPPM - ok
13:20:40.0508 3768 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
13:20:40.0509 3768 amdsata - ok
13:20:40.0536 3768 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:20:40.0538 3768 amdsbs - ok
13:20:40.0555 3768 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
13:20:40.0555 3768 amdxata - ok
13:20:40.0584 3768 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:20:40.0584 3768 AppID - ok
13:20:40.0605 3768 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:20:40.0606 3768 arc - ok
13:20:40.0618 3768 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:20:40.0619 3768 arcsas - ok
13:20:40.0653 3768 arusb_lhx (fec1f5da49c4d693ccd1b922b7f3b22f) C:\Windows\system32\DRIVERS\arusb_lhx.sys
13:20:40.0656 3768 arusb_lhx - ok
13:20:40.0682 3768 aswFsBlk (f810e3ea3d1f3c3ba26f2f4719bdca4f) C:\Windows\system32\drivers\aswFsBlk.sys
13:20:40.0683 3768 aswFsBlk - ok
13:20:40.0695 3768 aswMonFlt (3687fd9cedf56d3b9f18923f4e14f3f9) C:\Windows\system32\drivers\aswMonFlt.sys
13:20:40.0696 3768 aswMonFlt - ok
13:20:40.0706 3768 aswRdr (e99e48596b35e5d5240104bcd61b3471) C:\Windows\system32\drivers\aswRdr.sys
13:20:40.0707 3768 aswRdr - ok
13:20:40.0732 3768 aswSnx (84ad8fb3fd2efa52d8599a0028bbb6fe) C:\Windows\system32\drivers\aswSnx.sys
13:20:40.0734 3768 aswSnx - ok
13:20:40.0747 3768 aswSP (8cba6cc5dca9e3829f1792bf98f06901) C:\Windows\system32\drivers\aswSP.sys
13:20:40.0749 3768 aswSP - ok
13:20:40.0763 3768 aswTdi (184248f2ded7b1641c7f3b30381baa2a) C:\Windows\system32\drivers\aswTdi.sys
13:20:40.0764 3768 aswTdi - ok
13:20:40.0777 3768 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:20:40.0777 3768 AsyncMac - ok
13:20:40.0797 3768 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:20:40.0797 3768 atapi - ok
13:20:40.0838 3768 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:20:40.0841 3768 b06bdrv - ok
13:20:40.0852 3768 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:20:40.0854 3768 b57nd60a - ok
13:20:40.0877 3768 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:20:40.0878 3768 Beep - ok
13:20:40.0889 3768 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:20:40.0890 3768 blbdrive - ok
13:20:40.0915 3768 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:20:40.0916 3768 bowser - ok
13:20:40.0923 3768 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:20:40.0923 3768 BrFiltLo - ok
13:20:40.0944 3768 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:20:40.0944 3768 BrFiltUp - ok
13:20:40.0955 3768 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:20:40.0957 3768 Brserid - ok
13:20:40.0964 3768 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:20:40.0965 3768 BrSerWdm - ok
13:20:40.0972 3768 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:20:40.0973 3768 BrUsbMdm - ok
13:20:40.0985 3768 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:20:40.0986 3768 BrUsbSer - ok
13:20:40.0994 3768 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:20:40.0994 3768 BTHMODEM - ok
13:20:41.0012 3768 catchme - ok
13:20:41.0033 3768 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:20:41.0034 3768 cdfs - ok
13:20:41.0060 3768 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
13:20:41.0061 3768 cdrom - ok
13:20:41.0070 3768 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:20:41.0071 3768 circlass - ok
13:20:41.0099 3768 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:20:41.0101 3768 CLFS - ok
13:20:41.0113 3768 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:20:41.0113 3768 CmBatt - ok
13:20:41.0128 3768 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:20:41.0128 3768 cmdide - ok
13:20:41.0151 3768 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
13:20:41.0154 3768 CNG - ok
13:20:41.0161 3768 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:20:41.0162 3768 Compbatt - ok
13:20:41.0176 3768 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
13:20:41.0177 3768 CompositeBus - ok
13:20:41.0185 3768 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:20:41.0186 3768 crcdisk - ok
13:20:41.0234 3768 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:20:41.0235 3768 DfsC - ok
13:20:41.0267 3768 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:20:41.0268 3768 discache - ok
13:20:41.0283 3768 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:20:41.0284 3768 Disk - ok
13:20:41.0306 3768 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:20:41.0306 3768 drmkaud - ok
13:20:41.0347 3768 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:20:41.0353 3768 DXGKrnl - ok
13:20:41.0429 3768 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:20:41.0446 3768 ebdrv - ok
13:20:41.0485 3768 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:20:41.0488 3768 elxstor - ok
13:20:41.0502 3768 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:20:41.0503 3768 ErrDev - ok
13:20:41.0528 3768 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:20:41.0529 3768 exfat - ok
13:20:41.0565 3768 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:20:41.0566 3768 fastfat - ok
13:20:41.0586 3768 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:20:41.0587 3768 fdc - ok
13:20:41.0606 3768 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:20:41.0607 3768 FileInfo - ok
13:20:41.0624 3768 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:20:41.0625 3768 Filetrace - ok
13:20:41.0634 3768 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:20:41.0635 3768 flpydisk - ok
13:20:41.0659 3768 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:20:41.0661 3768 FltMgr - ok
13:20:41.0676 3768 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:20:41.0677 3768 FsDepends - ok
13:20:41.0691 3768 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
13:20:41.0692 3768 Fs_Rec - ok
13:20:41.0708 3768 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:20:41.0710 3768 fvevol - ok
13:20:41.0717 3768 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:20:41.0718 3768 gagp30kx - ok
13:20:41.0751 3768 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:20:41.0752 3768 GEARAspiWDM - ok
13:20:41.0788 3768 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:20:41.0788 3768 hcw85cir - ok
13:20:41.0815 3768 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
13:20:41.0816 3768 HDAudBus - ok
13:20:41.0823 3768 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:20:41.0823 3768 HidBatt - ok
13:20:41.0831 3768 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:20:41.0832 3768 HidBth - ok
13:20:41.0839 3768 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:20:41.0840 3768 HidIr - ok
13:20:41.0855 3768 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
13:20:41.0856 3768 HidUsb - ok
13:20:41.0892 3768 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:20:41.0893 3768 HpSAMD - ok
13:20:41.0919 3768 HssDrv (80b0c0d39178e80905e30fa92c0f6d43) C:\Windows\system32\DRIVERS\HssDrv.sys
13:20:41.0920 3768 HssDrv - ok
13:20:41.0961 3768 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:20:41.0966 3768 HTTP - ok
13:20:41.0997 3768 hwdatacard (c8f3119ad72a507d12ef389df4c266ef) C:\Windows\system32\DRIVERS\ewusbmdm.sys
13:20:41.0998 3768 hwdatacard - ok
13:20:42.0094 3768 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:20:42.0095 3768 hwpolicy - ok
13:20:42.0120 3768 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
13:20:42.0121 3768 i8042prt - ok
13:20:42.0132 3768 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
13:20:42.0134 3768 iaStorV - ok
13:20:42.0160 3768 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:20:42.0161 3768 iirsp - ok
13:20:42.0219 3768 IntcAzAudAddService (31c32bc56d85d109ebb0c526be5caca7) C:\Windows\system32\drivers\RTKVHD64.sys
13:20:42.0229 3768 IntcAzAudAddService - ok
13:20:42.0254 3768 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:20:42.0255 3768 intelide - ok
13:20:42.0273 3768 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:20:42.0274 3768 intelppm - ok
13:20:42.0336 3768 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:20:42.0336 3768 IpFilterDriver - ok
13:20:42.0383 3768 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:20:42.0384 3768 IPMIDRV - ok
13:20:42.0552 3768 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:20:42.0553 3768 IPNAT - ok
13:20:42.0623 3768 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:20:42.0623 3768 IRENUM - ok
13:20:42.0635 3768 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:20:42.0636 3768 isapnp - ok
13:20:42.0654 3768 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:20:42.0656 3768 iScsiPrt - ok
13:20:42.0693 3768 JSWPSLWF (9d86c5091209ca4bd3762bed6f654501) C:\Windows\system32\DRIVERS\jswpslwfx.sys
13:20:42.0693 3768 JSWPSLWF - ok
13:20:42.0703 3768 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
13:20:42.0704 3768 kbdclass - ok
13:20:42.0717 3768 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
13:20:42.0718 3768 kbdhid - ok
13:20:42.0751 3768 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
13:20:42.0752 3768 KSecDD - ok
13:20:42.0783 3768 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
13:20:42.0784 3768 KSecPkg - ok
13:20:42.0807 3768 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:20:42.0808 3768 ksthunk - ok
13:20:42.0833 3768 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:20:42.0834 3768 lltdio - ok
13:20:42.0853 3768 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:20:42.0854 3768 LSI_FC - ok
13:20:42.0862 3768 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:20:42.0863 3768 LSI_SAS - ok
13:20:42.0879 3768 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:20:42.0880 3768 LSI_SAS2 - ok
13:20:42.0888 3768 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:20:42.0889 3768 LSI_SCSI - ok
13:20:42.0907 3768 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:20:42.0909 3768 luafv - ok
13:20:42.0929 3768 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:20:42.0930 3768 megasas - ok
13:20:42.0954 3768 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:20:42.0956 3768 MegaSR - ok
13:20:42.0987 3768 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:20:42.0988 3768 Modem - ok
13:20:43.0000 3768 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:20:43.0001 3768 monitor - ok
13:20:43.0016 3768 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:20:43.0017 3768 mouclass - ok
13:20:43.0033 3768 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:20:43.0034 3768 mouhid - ok
13:20:43.0062 3768 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:20:43.0063 3768 mountmgr - ok
13:20:43.0079 3768 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:20:43.0080 3768 mpio - ok
13:20:43.0102 3768 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:20:43.0103 3768 mpsdrv - ok
13:20:43.0127 3768 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:20:43.0128 3768 MRxDAV - ok
13:20:43.0156 3768 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:20:43.0157 3768 mrxsmb - ok
13:20:43.0187 3768 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:20:43.0188 3768 mrxsmb10 - ok
13:20:43.0216 3768 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:20:43.0217 3768 mrxsmb20 - ok
13:20:43.0233 3768 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:20:43.0234 3768 msahci - ok
13:20:43.0257 3768 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:20:43.0258 3768 msdsm - ok
13:20:43.0280 3768 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:20:43.0280 3768 Msfs - ok
13:20:43.0305 3768 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:20:43.0306 3768 mshidkmdf - ok
13:20:43.0326 3768 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:20:43.0326 3768 msisadrv - ok
13:20:43.0349 3768 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:20:43.0349 3768 MSKSSRV - ok
13:20:43.0360 3768 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:20:43.0361 3768 MSPCLOCK - ok
13:20:43.0370 3768 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:20:43.0371 3768 MSPQM - ok
13:20:43.0395 3768 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:20:43.0397 3768 MsRPC - ok
13:20:43.0413 3768 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:20:43.0413 3768 mssmbios - ok
13:20:43.0426 3768 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:20:43.0426 3768 MSTEE - ok
13:20:43.0436 3768 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:20:43.0436 3768 MTConfig - ok
13:20:43.0454 3768 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:20:43.0455 3768 Mup - ok
13:20:43.0482 3768 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:20:43.0484 3768 NativeWifiP - ok
13:20:43.0520 3768 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:20:43.0526 3768 NDIS - ok
13:20:43.0538 3768 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:20:43.0539 3768 NdisCap - ok
13:20:43.0558 3768 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:20:43.0559 3768 NdisTapi - ok
13:20:43.0576 3768 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:20:43.0577 3768 Ndisuio - ok
13:20:43.0605 3768 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:20:43.0606 3768 NdisWan - ok
13:20:43.0626 3768 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:20:43.0627 3768 NDProxy - ok
13:20:43.0637 3768 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:20:43.0638 3768 NetBIOS - ok
13:20:43.0655 3768 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:20:43.0657 3768 NetBT - ok
13:20:43.0677 3768 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:20:43.0678 3768 nfrd960 - ok
13:20:43.0687 3768 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:20:43.0688 3768 Npfs - ok
13:20:43.0710 3768 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:20:43.0710 3768 nsiproxy - ok
13:20:43.0750 3768 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
13:20:43.0760 3768 Ntfs - ok
13:20:43.0792 3768 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:20:43.0793 3768 Null - ok
13:20:43.0820 3768 NVHDA (6574620a7d7549bb72ea26c162025909) C:\Windows\system32\drivers\nvhda64v.sys
13:20:43.0821 3768 NVHDA - ok
13:20:43.0991 3768 nvlddmkm (51bd7ef17f0b525994ad5b3748c8288b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:20:44.0051 3768 nvlddmkm - ok
13:20:44.0079 3768 NVNET (9c3024e48db4c98e50af7d8b72d0ef89) C:\Windows\system32\DRIVERS\nvmf6264.sys
13:20:44.0081 3768 NVNET - ok
13:20:44.0109 3768 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
13:20:44.0110 3768 nvraid - ok
13:20:44.0123 3768 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
13:20:44.0125 3768 nvstor - ok
13:20:44.0154 3768 nvstor64 (6ba747b1a9297a6c0271700d12fdd495) C:\Windows\system32\DRIVERS\nvstor64.sys
13:20:44.0156 3768 nvstor64 - ok
13:20:44.0186 3768 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:20:44.0187 3768 nv_agp - ok
13:20:44.0209 3768 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:20:44.0210 3768 ohci1394 - ok
13:20:44.0235 3768 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:20:44.0236 3768 Parport - ok
13:20:44.0265 3768 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
13:20:44.0266 3768 partmgr - ok
13:20:44.0282 3768 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:20:44.0283 3768 pci - ok
13:20:44.0306 3768 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:20:44.0307 3768 pciide - ok
13:20:44.0329 3768 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:20:44.0330 3768 pcmcia - ok
13:20:44.0351 3768 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:20:44.0352 3768 pcw - ok
13:20:44.0378 3768 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:20:44.0382 3768 PEAUTH - ok
13:20:44.0424 3768 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:20:44.0425 3768 PptpMiniport - ok
13:20:44.0440 3768 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:20:44.0441 3768 Processor - ok
13:20:44.0468 3768 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:20:44.0469 3768 Psched - ok
13:20:44.0515 3768 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:20:44.0523 3768 ql2300 - ok
13:20:44.0546 3768 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:20:44.0547 3768 ql40xx - ok
13:20:44.0569 3768 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:20:44.0570 3768 QWAVEdrv - ok
13:20:44.0586 3768 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:20:44.0587 3768 RasAcd - ok
13:20:44.0614 3768 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:20:44.0615 3768 RasAgileVpn - ok
13:20:44.0633 3768 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:20:44.0634 3768 Rasl2tp - ok
13:20:44.0654 3768 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:20:44.0656 3768 RasPppoe - ok
13:20:44.0668 3768 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:20:44.0669 3768 RasSstp - ok
13:20:44.0700 3768 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:20:44.0702 3768 rdbss - ok
13:20:44.0717 3768 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:20:44.0718 3768 rdpbus - ok
13:20:44.0749 3768 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:20:44.0749 3768 RDPCDD - ok
13:20:44.0764 3768 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:20:44.0765 3768 RDPENCDD - ok
13:20:44.0779 3768 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:20:44.0779 3768 RDPREFMP - ok
13:20:44.0804 3768 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
13:20:44.0805 3768 RDPWD - ok
13:20:44.0838 3768 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:20:44.0840 3768 rdyboost - ok
13:20:44.0858 3768 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:20:44.0859 3768 rspndr - ok
13:20:44.0881 3768 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:20:44.0883 3768 sbp2port - ok
13:20:44.0909 3768 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:20:44.0910 3768 scfilter - ok
13:20:44.0931 3768 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:20:44.0932 3768 secdrv - ok
13:20:44.0952 3768 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:20:44.0953 3768 Serenum - ok
13:20:44.0969 3768 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:20:44.0970 3768 Serial - ok
13:20:44.0997 3768 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:20:44.0998 3768 sermouse - ok
13:20:45.0028 3768 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:20:45.0029 3768 sffdisk - ok
13:20:45.0040 3768 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:20:45.0041 3768 sffp_mmc - ok
13:20:45.0057 3768 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:20:45.0057 3768 sffp_sd - ok
13:20:45.0071 3768 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:20:45.0071 3768 sfloppy - ok
13:20:45.0089 3768 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:20:45.0090 3768 SiSRaid2 - ok
13:20:45.0111 3768 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:20:45.0112 3768 SiSRaid4 - ok
13:20:45.0127 3768 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:20:45.0128 3768 Smb - ok
13:20:45.0148 3768 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:20:45.0149 3768 spldr - ok
13:20:45.0185 3768 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:20:45.0188 3768 srv - ok
13:20:45.0211 3768 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:20:45.0213 3768 srv2 - ok
13:20:45.0231 3768 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:20:45.0232 3768 srvnet - ok
13:20:45.0249 3768 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:20:45.0250 3768 stexstor - ok
13:20:45.0259 3768 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:20:45.0260 3768 swenum - ok
13:20:45.0293 3768 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
13:20:45.0294 3768 taphss - ok
13:20:45.0360 3768 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
13:20:45.0370 3768 Tcpip - ok
13:20:45.0418 3768 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
13:20:45.0428 3768 TCPIP6 - ok
13:20:45.0465 3768 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:20:45.0466 3768 tcpipreg - ok
13:20:45.0483 3768 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:20:45.0484 3768 TDPIPE - ok
13:20:45.0500 3768 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
13:20:45.0501 3768 TDTCP - ok
13:20:45.0528 3768 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:20:45.0529 3768 tdx - ok
13:20:45.0544 3768 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
13:20:45.0545 3768 TermDD - ok
13:20:45.0575 3768 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:20:45.0576 3768 tssecsrv - ok
13:20:45.0600 3768 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:20:45.0601 3768 TsUsbFlt - ok
13:20:45.0659 3768 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
13:20:45.0660 3768 TuneUpUtilitiesDrv - ok
13:20:45.0685 3768 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:20:45.0686 3768 tunnel - ok
13:20:45.0709 3768 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:20:45.0710 3768 uagp35 - ok
13:20:45.0736 3768 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:20:45.0738 3768 udfs - ok
13:20:45.0766 3768 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:20:45.0767 3768 uliagpkx - ok
13:20:45.0797 3768 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
13:20:45.0798 3768 umbus - ok
13:20:45.0813 3768 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:20:45.0813 3768 UmPass - ok
13:20:45.0832 3768 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
13:20:45.0833 3768 USBAAPL64 - ok
13:20:45.0851 3768 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys
13:20:45.0853 3768 usbccgp - ok
13:20:45.0881 3768 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:20:45.0882 3768 usbcir - ok
13:20:45.0898 3768 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys
13:20:45.0898 3768 usbehci - ok
13:20:45.0917 3768 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
13:20:45.0920 3768 usbhub - ok
13:20:45.0932 3768 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
13:20:45.0933 3768 usbohci - ok
13:20:45.0944 3768 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:20:45.0945 3768 usbprint - ok
13:20:45.0972 3768 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
13:20:45.0973 3768 usbscan - ok
13:20:46.0002 3768 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:20:46.0003 3768 USBSTOR - ok
13:20:46.0017 3768 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
13:20:46.0018 3768 usbuhci - ok
13:20:46.0039 3768 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:20:46.0040 3768 vdrvroot - ok
13:20:46.0065 3768 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:20:46.0066 3768 vga - ok
13:20:46.0074 3768 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:20:46.0075 3768 VgaSave - ok
13:20:46.0096 3768 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:20:46.0098 3768 vhdmp - ok
13:20:46.0116 3768 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:20:46.0117 3768 viaide - ok
13:20:46.0137 3768 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:20:46.0138 3768 volmgr - ok
13:20:46.0172 3768 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:20:46.0175 3768 volmgrx - ok
13:20:46.0193 3768 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:20:46.0195 3768 volsnap - ok
13:20:46.0218 3768 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:20:46.0220 3768 vsmraid - ok
13:20:46.0236 3768 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
13:20:46.0237 3768 vwifibus - ok
13:20:46.0268 3768 wacmoumonitor (6b6718dc4b4597ec10f4f8c614282ee1) C:\Windows\system32\DRIVERS\wacmoumonitor.sys
13:20:46.0269 3768 wacmoumonitor - ok
13:20:46.0293 3768 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys
13:20:46.0294 3768 wacommousefilter - ok
13:20:46.0314 3768 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:20:46.0315 3768 WacomPen - ok
13:20:46.0340 3768 wacomvhid (26b430e7c5f598fe7353e3bc4b261321) C:\Windows\system32\DRIVERS\wacomvhid.sys
13:20:46.0341 3768 wacomvhid - ok
13:20:46.0366 3768 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:20:46.0368 3768 WANARP - ok
13:20:46.0371 3768 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:20:46.0372 3768 Wanarpv6 - ok
13:20:46.0403 3768 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:20:46.0404 3768 Wd - ok
13:20:46.0433 3768 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:20:46.0437 3768 Wdf01000 - ok
13:20:46.0457 3768 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:20:46.0458 3768 WfpLwf - ok
13:20:46.0468 3768 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:20:46.0468 3768 WIMMount - ok
13:20:46.0502 3768 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
13:20:46.0503 3768 WinUsb - ok
13:20:46.0528 3768 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:20:46.0529 3768 WmiAcpi - ok
13:20:46.0559 3768 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:20:46.0560 3768 ws2ifsl - ok
13:20:46.0622 3768 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:20:46.0623 3768 WudfPf - ok
13:20:46.0642 3768 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:20:46.0644 3768 WUDFRd - ok
13:20:46.0717 3768 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl
13:20:46.0718 3768 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
13:20:46.0736 3768 MBR (0x1B8) (29f62ac05e88ca61cd5a8e40b3773784) \Device\Harddisk0\DR0
13:20:46.0834 3768 \Device\Harddisk0\DR0 - ok
13:20:46.0837 3768 Boot (0x1200) (90907db0b0958cd2bcb740968798bd90) \Device\Harddisk0\DR0\Partition0
13:20:46.0838 3768 \Device\Harddisk0\DR0\Partition0 - ok
13:20:46.0846 3768 Boot (0x1200) (88f1479680a5e9b9ee614cea7779f56b) \Device\Harddisk0\DR0\Partition1
13:20:46.0847 3768 \Device\Harddisk0\DR0\Partition1 - ok
13:20:46.0874 3768 Boot (0x1200) (a634b8ffb4b481146ae2237f21e91d52) \Device\Harddisk0\DR0\Partition2
13:20:46.0875 3768 \Device\Harddisk0\DR0\Partition2 - ok
13:20:46.0875 3768 ============================================================
13:20:46.0875 3768 Scan finished
13:20:46.0875 3768 ============================================================
13:20:46.0883 3612 Detected object count: 0
13:20:46.0883 3612 Actual detected object count: 0

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:38 AM

Posted 03 January 2012 - 10:33 PM

Hello

This is the tool I would like you to try and run next.

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.



Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 verkie

verkie
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 03 January 2012 - 11:08 PM

aswMBR version 0.9.9.1156 Copyright© 2011 AVAST Software
Run date: 2012-01-04 14:46:19
-----------------------------
14:46:19.429 OS Version: Windows x64 6.1.7601 Service Pack 1
14:46:19.429 Number of processors: 4 586 0x402
14:46:19.430 ComputerName: VERONICA UserName: Harvey
14:46:21.423 Initialize success
14:46:21.648 AVAST engine defs: 11022300
14:47:01.350 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000065
14:47:01.353 Disk 0 Vendor: ST375052 HP22 Size: 715404MB BusType: 3
14:47:01.369 Disk 0 MBR read successfully
14:47:01.371 Disk 0 MBR scan
14:47:01.385 Disk 0 unknown MBR code
14:47:01.392 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:47:01.404 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 704264 MB offset 206848
14:47:01.432 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 11038 MB offset 1442539520
14:47:01.435 Service scanning
14:47:02.801 Modules scanning
14:47:02.804 Disk 0 trace - called modules:
14:47:02.842 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
14:47:02.845 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004d5f060]
14:47:02.849 3 CLASSPNP.SYS[fffff8800199643f] -> nt!IofCallDriver -> [0xfffffa8003d7cd30]
14:47:02.853 5 ACPI.sys[fffff88000e727a1] -> nt!IofCallDriver -> \Device\00000065[0xfffffa8003e2f510]
14:47:06.330 AVAST engine scan C:\Windows
14:47:11.283 AVAST engine scan C:\Windows\system32
14:48:20.006 AVAST engine scan C:\Windows\system32\drivers
14:48:27.532 AVAST engine scan C:\Users\Harvey
15:03:51.163 AVAST engine scan C:\ProgramData
15:06:21.879 Scan finished successfully
15:07:05.573 Disk 0 MBR has been saved successfully to "C:\Users\Harvey\Desktop\MBR.dat"
15:07:05.577 The log file has been saved successfully to "C:\Users\Harvey\Desktop\aswMBR.txt"

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:38 AM

Posted 03 January 2012 - 11:15 PM

Download both the registry files

http://www.mediafire.com/?317ea53a883288d

http://www.mediafire.com/?z6aw8j7997qa7j9

Launch and import them to registry

Restart your PC

Now,open RUN and type

regedit and click ok

go to

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE

Right click on it-permissions

Click on ADD and type

Everyone and click ok

Now Click on Everyone

Below you have permission for users

Select full control and click ok

Now,open RUN and type

services.msc and click ok

start base filtering engine service and then windows firewall service
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 verkie

verkie
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 03 January 2012 - 11:21 PM

How do you import them into registry..? Also, the two files are appearing as notepad files, is there something wrong with that?

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:38 AM

Posted 03 January 2012 - 11:25 PM

you need to save them as .reg files


if they open as a notepad then click on file and then save as

under file type save them as all files

and save them with a .reg extention


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 verkie

verkie
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 03 January 2012 - 11:40 PM

Sorry, it comes up with 'Error 1083: The executable problem that this service is configured to run in does not implement the service' when I try to start base filtering engine

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:38 AM

Posted 04 January 2012 - 03:23 AM

hello

try running this and see if it helps

http://download.bleepingcomputer.com/sUBs/MiniFixes/RestoreBFE.exe


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 verkie

verkie
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 04 January 2012 - 04:02 AM

Okay I ran it, rebooted and it's started now.

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:38 AM

Posted 04 January 2012 - 04:59 AM

Hello

How is the rest of the computer doing now?

I would like to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 verkie

verkie
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 04 January 2012 - 05:09 AM

It's doing better, the firewall is on now. Thanks!


Update for Microsoft Office 2007 (KB2508958)
Activate Norton Online Backup
Activation Assistant for the 2007 Microsoft Office suites
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Community Help
Adobe Digital Editions
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Illustrator CS5
Adobe Media Player
Adobe Photoshop CS5
Adobe Reader 9.3.3
Adobe Shockwave Player 11.5
Akamai NetSession Interface
Akamai NetSession Interface Service
AOL Toolbar 5.0
Apple Application Support
Apple Software Update
µTorrent
avast! Pro Antivirus
AVS Update Manager 1.0
AVS Video Converter 6
AVS4YOU Software Navigator 1.4
Bamboo
BannedStory
BitTorrent
calibre
Canon Easy-PhotoPrint EX
Canon MP Navigator EX 2.0
Canon My Printer
Canon Solution Menu EX
Canon Utilities Solution Menu
CD-LabelPrint
Chinese Simplified Fonts Support For Adobe Reader 9
Click to Call with Skype
Compatibility Pack for the 2007 Office system
Conduit Engine
Content
Corel Painter 11
Corel Painter 11 - ICA
Corel Painter 11 - IPM
CyberLink DVD Suite Deluxe
CyberLink PowerDVD 10
DERNI LCD Promo
DirectX for Managed Code Update (Summer 2004)
Dodo Wireless Broadband
Download Updater (AOL LLC)
eReader
Expat Shield 2.23
GOM Player
Google Chrome
Google SketchUp 8
HP Advisor
HP Customer Experience Enhancements
HP Games
HP Odometer
HP Remote Solution
HP Setup
HP Support Assistant
HP Support Information
HP Update
HPAsset component for HP Active Support Library
IconHandler 32 bit
Ink-Squared Deluxe 1.0
Java Auto Updater
Java™ 6 Update 21
Junk Mail filter update
Langauge
LightScribe System Software
Malwarebytes' Anti-Malware
Messenger Plus! Live
Messenger_Plus_Live Toolbar
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox (3.6.25)
MSVCRT
MyScript Notes
Pando Media Booster
Power Presenter RE
Power2Go
PowerDirector
PowerRecover
QSS Installation Program
QuickTime
Real Alternative 2.0.2
Realtek High Definition Audio Driver
RehanFX Shader Transitions and Effects (ShaderTFX)
Screenshot Studio
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype™ 5.5
TL-WN821N Wireless Utility
TuneUp Utilities
TuneUp Utilities Language Pack (en-US)
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Outlook 2007 Junk Email Filter (KB2596560)
VLC media player 1.0.1
WebTablet IE Plugin
WebTablet Netscape Plugin
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Movie Maker 6.0
WinRAR archiver
Wireless Broadband
Wondershare PDF Converter (Build 3.0.0)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users