Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BSoD OVER AND OVER AGAIN! HELP ME PLEASE!!


  • Please log in to reply
20 replies to this topic

#1 JohnDoeIII

JohnDoeIII

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:19 PM

Posted 11 March 2012 - 06:51 PM

I did look into a hardware failure issue and ran test and they passed. I dont have recovery CD's. I think it has something to do with a root or registry problem. Thanks in advanced.

Here are stop codes on BSoD: 0x0000008e (0XC0000005,0X836441A7,OX8DAF391C,0x00000000)



I was able to preform a log with HJT here it is:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:32:01 AM, on 3/12/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\office depot\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111012123631.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [MaxtorCombo] "C:\PROGRA~1\Dantz\RETROS~1\ComboButton.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MRT] "C:\Windows\system32\MRT.exe" /R
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Mega Manager] C:\Program Files\Megaupload\Mega Manager\MegaManager.exe /Tray
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = office depot\AppData\Local\Temp\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: GameConsoleService - Unknown owner - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe (file missing)
O23 - Service: Google Update Service (gupdate1c98d50de04dad0) (gupdate1c98d50de04dad0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe (file missing)
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - Unknown owner - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (file missing)
O23 - Service: McAfee Services (mcmscsvc) - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing)
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing)
O23 - Service: McAfee Network Agent (McNASvc) - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing)
O23 - Service: McAfee Scanner (McODS) - Unknown owner - C:\Program Files\McAfee\VirusScan\mcods.exe (file missing)
O23 - Service: McAfee Proxy Service (McProxy) - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing)
O23 - Service: McAfee McShield (McShield) - Unknown owner - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe (file missing)
O23 - Service: McAfee Firewall Core Service (mfefire) - Unknown owner - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe (file missing)
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe (file missing)
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Remote Procedure Call (RPC) Net (Rpcnet) - Absolute Software Corp. - C:\Windows\System32\rpcnet.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 12236 bytes



I have never posted on here but Im at wits end. Let me know if you need any more information. Also the computer was bought as a display at officedepot and it wont let me change it for somereason.

Any Help??????!!!

BC AdBot (Login to Remove)

 


#2 JohnDoeIII

JohnDoeIII
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:19 PM

Posted 11 March 2012 - 09:03 PM

Oh and I forgot to mention that I did not listen and ran the combofix before instructed to do so. I have a log of malwarebytes because I read from another site and didnt know how important it was. It obviously didnt work. Hopefully my computer is not to f'd up. I can post that as well if needed.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,942 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:19 PM

Posted 13 March 2012 - 09:22 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Please download and run this DDS Scanning Tool. Nothing will be deleted. It will just give me some additional information about your system.

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
Please note: You may have to disable any script protection running if the scan fails to run.

Please just paste the contents of the DDS.txt log in your next post. DO NOT attach the log.

If needed.
The scan will also create this Attach.txt log I would also like to see the content.
Please post it in a other post for my review, do not attach the file.

Posted Image
===

Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it

  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

===

Please post the logs for my review.

#4 JohnDoeIII

JohnDoeIII
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:19 PM

Posted 13 March 2012 - 09:52 AM

DDS Log:

.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 9.0.8112.16421
Run by office depot at 22:47:31 on 2012-03-13
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3062.2505 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Megaupload\Mega Manager\MegaManager.exe
C:\Program Files\Megaupload\Mega Manager\MegaManager.exe
C:\Windows\explorer.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
mStart Page = hxxp://www.yahoo.com
mDefault_Page_URL = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s%s
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20111012123631.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: IeMonitorBho Class: {bf00e119-21a3-4fd1-b178-3b8537e75c92} - c:\program files\megaupload\mega manager\MegaIEMn.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll
BHO: HP Print Clips: {ffffffff-ff12-44c5-91ec-068e3aa1b2d7} - c:\program files\hp\smart web printing\hpswp_framework.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe"
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Mega Manager] c:\program files\megaupload\mega manager\MegaManager.exe /Tray
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10e.exe
mRun: [SMSERIAL] c:\program files\motorola\smserial\sm56hlpr.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [OnScreenDisplay] c:\program files\hewlett-packard\hp quicktouch\HPKBDAPP.exe
mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" update "software\cyberlink\youcam\1.0"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [hpqSRMon]
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [WAWifiMessage] c:\program files\hewlett-packard\hp wireless assistant\WiFiMsg.exe
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [MaxtorCombo] "c:\progra~1\dantz\retros~1\ComboButton.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MRT] "c:\windows\system32\MRT.exe" /R
StartupFolder: c:\users\office~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\users\office depot\appdata\local\temp\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
TCP: Interfaces\{D50BBE60-5170-4E02-9A30-5F2C60ED25F0} : DhcpNameServer = 192.168.0.1 192.168.1.254
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\office depot\appdata\roaming\mozilla\firefox\profiles\72i0i7af.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com
FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\users\office depot\appdata\local\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\users\office depot\appdata\roaming\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\users\office depot\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\office depot\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Mega Manager Integration: {40a1f5d7-afc2-498f-b264-02668d616ff6} - %profile%\extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6}
FF - Ext: XULRunner: {047969BA-B571-407A-9197-76FE0045DECF} - c:\users\office depot\appdata\local\{047969BA-B571-407A-9197-76FE0045DECF}
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-6-7 64288]
R3 easytether;easytether;c:\windows\system32\drivers\easytthr.sys [2010-3-26 10496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S2 gupdate1c98d50de04dad0;Google Update Service (gupdate1c98d50de04dad0);c:\program files\google\update\GoogleUpdate.exe [2009-2-12 133104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\lavasoft\ad-aware\aawservice.exe" --> c:\program files\lavasoft\ad-aware\AAWService.exe [?]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\mcafee\siteadvisor\mcsacore.exe" --> c:\program files\mcafee\siteadvisor\McSACore.exe [?]
S2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]
S2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]
S2 McProxy;McAfee Proxy Service;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]
S2 McShield;McAfee McShield;"c:\program files\common files\mcafee\systemcore\\mcshield.exe" --> c:\program files\common files\mcafee\systemcore\\mcshield.exe [?]
S2 mfefire;McAfee Firewall Core Service;"c:\program files\common files\mcafee\systemcore\\mfefire.exe" --> c:\program files\common files\mcafee\systemcore\\mfefire.exe [?]
S2 mfevtp;McAfee Validation Trust Protection Service;"c:\program files\common files\mcafee\systemcore\mfevtps.exe" --> c:\program files\common files\mcafee\systemcore\mfevtps.exe [?]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-10-7 24652]
S3 A5AGU;D-Link Wireless LAN 802.11 USB device driver;c:\windows\system32\drivers\AGUx86.sys [2008-8-6 905728]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-2-12 133104]
S3 NWUSBCDFIL;Novatel Wireless Installation CD;c:\windows\system32\drivers\NwUsbCdFil.sys [2009-12-18 20480]
S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2009-12-18 174720]
S3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\verizo~1\vzacce~1\SMSIVZAM5.SYS [2009-5-25 32408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-03-12 05:09:13 -------- d-----w- c:\users\office depot\appdata\local\temp
2012-03-12 05:08:48 -------- d-sh--w- C:\$RECYCLE.BIN
2012-03-12 02:27:04 709968 ----a-w- c:\windows\is-DVG4O.exe
2012-03-11 23:31:42 98816 ----a-w- c:\windows\sed.exe
2012-03-11 23:31:42 518144 ----a-w- c:\windows\SWREG.exe
2012-03-11 23:31:42 256000 ----a-w- c:\windows\PEV.exe
2012-03-11 23:31:42 208896 ----a-w- c:\windows\MBR.exe
2012-03-10 19:15:32 -------- d--h--w- c:\programdata\Common Files
2012-03-10 19:14:33 -------- d-----w- c:\programdata\MFAData
2012-03-09 13:37:58 -------- d-----w- c:\users\office depot\appdata\roaming\PC-FAX TX
2012-03-08 19:58:15 -------- d-----w- c:\users\office depot\appdata\roaming\ControlCenter4
2012-03-08 19:39:45 -------- d-----w- c:\program files\Browny02
2012-03-08 19:39:44 -------- d-----w- c:\programdata\ControlCenter4
2012-03-08 19:38:39 -------- d-----w- c:\program files\ControlCenter4
2012-03-08 19:37:17 -------- d-----w- c:\program files\Brother
2012-03-08 19:20:29 -------- d-----w- c:\programdata\Brother
2012-03-02 15:23:56 -------- d-----w- c:\users\office depot\appdata\roaming\pdfforge
2012-03-02 15:23:43 -------- d-----w- c:\program files\PDFCreator
2012-02-15 06:23:00 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-15 06:17:16 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-02-15 06:17:10 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
.
==================== Find3M ====================
.
2012-03-12 12:53:16 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2012-03-01 02:52:01 58288 ----a-w- c:\windows\system32\rpcnet.dll
2012-03-01 02:52:01 17408 ----a-w- c:\windows\system32\rpcnetp.dll
.
============= FINISH: 22:49:54.18 ===============

#5 JohnDoeIII

JohnDoeIII
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:19 PM

Posted 13 March 2012 - 09:54 AM

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 3/12/2008 6:46:42 AM
System Uptime: 3/13/2012 10:42:38 PM (0 hours ago)
.
Motherboard: Quanta | | 30CC
Processor: Intel® Core™2 Duo CPU T5550 @ 1.83GHz | U2E1 | 1828/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 221 GiB total, 49.39 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 1.533 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
µTorrent
1500
1500_Help
1500Trb
32 Bit HP CIO Components Installer
abgx360 v1.0.3
Activation Assistant for the 2007 Microsoft Office suites
Ad-Aware
Ad-Aware Email Scanner for Outlook
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.4
Adobe Shockwave Player
Adobe Shockwave Player 11
Adolix Wallpaper Changer 2.2
AIM 7
AIO_CDB_ProductContext
AIO_CDB_Software
AIO_Scan
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Print Creations
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Calendar
Ask Toolbar
Auslogics BoostSpeed
Bonjour
Broadcom 802.11 Wireless LAN Adapter
BufferChm
Cards_Calendar_OrderGift_DoMorePlugout
Combined Community Codec Pack 2009-09-09
Compatibility Pack for the 2007 Office system
Copy
CustomerResearchQFolder
CyberLink YouCam
Destinations
DeviceManagementQFolder
DocProc
DocProcQFolder
Download Updater (AOL LLC)
DVD Suite
EasyTether
eMule
eSupportQFolder
Fax
Full Tilt Poker
G-Force
Google Chrome
Google Earth
Google Talk Plugin
Google Update Helper
Google Updater
Hauppauge MCE XP/Vista Software Encoder (2.0.25149)
Hewlett-Packard Active Check for Health Check
Hewlett-Packard Asset Agent for Health Check
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Participation Program 8.0
HP Doc Viewer
HP Easy Setup - Frontend
HP Help and Support
HP Imaging Device Functions 8.0
HP Integrated Module with Bluetooth wireless technology 6.0.1.5500
HP OCR Software 8.0
HP Photosmart Essential
HP Photosmart Essential 2.5
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
HP Quick Launch Buttons 6.30 E1
HP QuickPlay 3.6
HP QuickTouch 1.00 C4
HP Smart Web Printing
HP Solution Center 8.0
HP Update
HP User Guides 0087
HP Wireless Assistant
HPNetworkAssistant
HPPhotoSmartDiscLabel_PaperLabel
HPPhotoSmartDiscLabel_PrintOnDisc
HPPhotoSmartDiscLabel_Tattoo
HPPhotoSmartDiscLabelContent1
hpphotosmartdisclabelplugin
HPPhotoSmartPhotobookHolidayPack1
HPPhotoSmartPhotobookModernPack1
HPPhotoSmartPhotobookPlayfulPack1
HPPhotoSmartPhotobookScrapbookPack1
HPPhotoSmartPhotobookWebPack1
HPProductAssistant
HPSSupply
ImgBurn
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Internet Download Manager 5.18.8.0
iTunes
Java™ 6 Update 2
LabelPrint
LightScribe System Software 1.10.13.1
LightScribe Template Labeler
Malwarebytes' Anti-Malware
MarketResearch
McAfee AntiVirus Plus
Mega Manager
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mobile Broadband Generic Drivers
Motorola SM56 Data Fax Modem
Move Media Player
Mozilla Firefox (3.6.27)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 6.1
OGA Notifier 2.0.0048.0
Populus
Power2Go
PSSWCORE
Punch Clock v3.0
QuickTime
RapidShare Manager
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
Realtek High Definition Audio Driver
Retrospect 5.6
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
RocketDock 1.3.5
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skype™ 4.2
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 8
Status
support.com Support Connection
Toolbox
TrayApp
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Verizon Wireless MiFi-2200 Firmware Updates
VideoToolkit01
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VZAccess Manager
WeatherBug Gadget
WebReg
WinRAR archiver
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== End Of File ===========================

#6 JohnDoeIII

JohnDoeIII
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:19 PM

Posted 13 March 2012 - 10:05 AM

23:01:48.0199 0344 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
23:01:48.0727 0344 ============================================================
23:01:48.0727 0344 Current date / time: 2012/03/13 23:01:48.0727
23:01:48.0727 0344 SystemInfo:
23:01:48.0727 0344
23:01:48.0727 0344 OS Version: 6.0.6002 ServicePack: 2.0
23:01:48.0727 0344 Product type: Workstation
23:01:48.0727 0344 ComputerName: ZACHSLAPTOP
23:01:48.0727 0344 UserName: office depot
23:01:48.0727 0344 Windows directory: C:\Windows
23:01:48.0727 0344 System windows directory: C:\Windows
23:01:48.0727 0344 Processor architecture: Intel x86
23:01:48.0727 0344 Number of processors: 2
23:01:48.0727 0344 Page size: 0x1000
23:01:48.0727 0344 Boot type: Safe boot with network
23:01:48.0727 0344 ============================================================
23:01:49.0077 0344 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:01:49.0079 0344 \Device\Harddisk0\DR0:
23:01:49.0079 0344 MBR used
23:01:49.0079 0344 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1BA341C0
23:01:49.0079 0344 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1BA341FF, BlocksNum 0x1790382
23:01:49.0134 0344 Initialize success
23:01:49.0134 0344 ============================================================
23:02:15.0986 0456 ============================================================
23:02:15.0986 0456 Scan started
23:02:15.0986 0456 Mode: Manual;
23:02:15.0986 0456 ============================================================
23:02:16.0309 0456 A5AGU (d829323fbf23348ae6f34a89241648b9) C:\Windows\system32\DRIVERS\AGUx86.sys
23:02:16.0330 0456 A5AGU - ok
23:02:16.0406 0456 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
23:02:16.0411 0456 ACPI - ok
23:02:16.0468 0456 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
23:02:16.0475 0456 adp94xx - ok
23:02:16.0533 0456 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
23:02:16.0539 0456 adpahci - ok
23:02:16.0565 0456 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
23:02:16.0567 0456 adpu160m - ok
23:02:16.0598 0456 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
23:02:16.0601 0456 adpu320 - ok
23:02:16.0678 0456 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
23:02:16.0683 0456 AFD - ok
23:02:16.0722 0456 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
23:02:16.0723 0456 agp440 - ok
23:02:16.0780 0456 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
23:02:16.0782 0456 aic78xx - ok
23:02:16.0817 0456 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
23:02:16.0818 0456 aliide - ok
23:02:16.0837 0456 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
23:02:16.0839 0456 amdagp - ok
23:02:16.0860 0456 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
23:02:16.0862 0456 amdide - ok
23:02:16.0914 0456 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
23:02:16.0915 0456 AmdK7 - ok
23:02:16.0947 0456 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
23:02:16.0948 0456 AmdK8 - ok
23:02:17.0027 0456 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
23:02:17.0029 0456 arc - ok
23:02:17.0067 0456 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
23:02:17.0069 0456 arcsas - ok
23:02:17.0103 0456 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
23:02:17.0104 0456 AsyncMac - ok
23:02:17.0153 0456 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
23:02:17.0154 0456 atapi - ok
23:02:17.0258 0456 BCM43XV (58da4a879daedc2ef91c0694415417d9) C:\Windows\system32\DRIVERS\bcmwl6.sys
23:02:17.0265 0456 BCM43XV - ok
23:02:17.0324 0456 BCM43XX (58da4a879daedc2ef91c0694415417d9) C:\Windows\system32\DRIVERS\bcmwl6.sys
23:02:17.0331 0456 BCM43XX - ok
23:02:17.0407 0456 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
23:02:17.0408 0456 Beep - ok
23:02:17.0453 0456 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
23:02:17.0454 0456 blbdrive - ok
23:02:17.0544 0456 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
23:02:17.0545 0456 bowser - ok
23:02:17.0588 0456 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
23:02:17.0589 0456 BrFiltLo - ok
23:02:17.0614 0456 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
23:02:17.0615 0456 BrFiltUp - ok
23:02:17.0654 0456 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
23:02:17.0656 0456 Brserid - ok
23:02:17.0682 0456 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
23:02:17.0684 0456 BrSerWdm - ok
23:02:17.0712 0456 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
23:02:17.0713 0456 BrUsbMdm - ok
23:02:17.0741 0456 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
23:02:17.0742 0456 BrUsbSer - ok
23:02:17.0806 0456 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
23:02:17.0807 0456 BthEnum - ok
23:02:17.0849 0456 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
23:02:17.0850 0456 BTHMODEM - ok
23:02:17.0891 0456 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
23:02:17.0893 0456 BthPan - ok
23:02:17.0931 0456 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
23:02:17.0941 0456 BTHPORT - ok
23:02:17.0967 0456 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
23:02:17.0968 0456 BTHUSB - ok
23:02:18.0028 0456 btwaudio (99aeea7cefdfc6e4151a8f620d682088) C:\Windows\system32\drivers\btwaudio.sys
23:02:18.0030 0456 btwaudio - ok
23:02:18.0076 0456 btwavdt (195872e48a7fb01f8bc9b800f70f4054) C:\Windows\system32\drivers\btwavdt.sys
23:02:18.0078 0456 btwavdt - ok
23:02:18.0142 0456 btwrchid (0724e7d6c9b6a289eddda33fa8176e80) C:\Windows\system32\DRIVERS\btwrchid.sys
23:02:18.0143 0456 btwrchid - ok
23:02:18.0202 0456 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
23:02:18.0203 0456 cdfs - ok
23:02:18.0263 0456 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
23:02:18.0265 0456 cdrom - ok
23:02:18.0316 0456 cfwids - ok
23:02:18.0344 0456 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
23:02:18.0345 0456 circlass - ok
23:02:18.0396 0456 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
23:02:18.0401 0456 CLFS - ok
23:02:18.0458 0456 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
23:02:18.0459 0456 CmBatt - ok
23:02:18.0483 0456 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
23:02:18.0484 0456 cmdide - ok
23:02:18.0556 0456 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
23:02:18.0557 0456 Compbatt - ok
23:02:18.0578 0456 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
23:02:18.0580 0456 crcdisk - ok
23:02:18.0617 0456 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
23:02:18.0618 0456 Crusoe - ok
23:02:18.0683 0456 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
23:02:18.0685 0456 DfsC - ok
23:02:18.0757 0456 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
23:02:18.0759 0456 disk - ok
23:02:18.0829 0456 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
23:02:18.0832 0456 Dot4 - ok
23:02:18.0883 0456 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:02:18.0884 0456 Dot4Print - ok
23:02:18.0935 0456 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
23:02:18.0937 0456 dot4usb - ok
23:02:19.0005 0456 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
23:02:19.0006 0456 drmkaud - ok
23:02:19.0075 0456 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
23:02:19.0094 0456 DXGKrnl - ok
23:02:19.0124 0456 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
23:02:19.0126 0456 E1G60 - ok
23:02:19.0196 0456 easytether (a51ac24cadc84f4650113580d4b2da54) C:\Windows\system32\DRIVERS\easytthr.sys
23:02:19.0197 0456 easytether - ok
23:02:19.0259 0456 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
23:02:19.0262 0456 Ecache - ok
23:02:19.0322 0456 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
23:02:19.0329 0456 elxstor - ok
23:02:19.0371 0456 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
23:02:19.0372 0456 ErrDev - ok
23:02:19.0444 0456 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
23:02:19.0447 0456 exfat - ok
23:02:19.0501 0456 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
23:02:19.0504 0456 fastfat - ok
23:02:19.0544 0456 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
23:02:19.0545 0456 fdc - ok
23:02:19.0599 0456 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
23:02:19.0601 0456 FileInfo - ok
23:02:19.0622 0456 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
23:02:19.0623 0456 Filetrace - ok
23:02:19.0653 0456 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
23:02:19.0654 0456 flpydisk - ok
23:02:19.0692 0456 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
23:02:19.0696 0456 FltMgr - ok
23:02:19.0755 0456 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
23:02:19.0756 0456 Fs_Rec - ok
23:02:19.0786 0456 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
23:02:19.0788 0456 gagp30kx - ok
23:02:19.0833 0456 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:02:19.0833 0456 GEARAspiWDM - ok
23:02:19.0945 0456 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
23:02:19.0949 0456 HdAudAddService - ok
23:02:20.0017 0456 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:02:20.0027 0456 HDAudBus - ok
23:02:20.0047 0456 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
23:02:20.0048 0456 HidBth - ok
23:02:20.0076 0456 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
23:02:20.0077 0456 HidIr - ok
23:02:20.0139 0456 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
23:02:20.0140 0456 HidUsb - ok
23:02:20.0188 0456 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
23:02:20.0190 0456 HpCISSs - ok
23:02:20.0244 0456 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
23:02:20.0245 0456 HpqKbFiltr - ok
23:02:20.0276 0456 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys
23:02:20.0276 0456 HpqRemHid - ok
23:02:20.0331 0456 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
23:02:20.0335 0456 HSFHWAZL - ok
23:02:20.0392 0456 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
23:02:20.0424 0456 HSF_DPV - ok
23:02:20.0476 0456 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
23:02:20.0484 0456 HTTP - ok
23:02:20.0514 0456 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
23:02:20.0516 0456 i2omp - ok
23:02:20.0564 0456 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
23:02:20.0566 0456 i8042prt - ok
23:02:20.0652 0456 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys
23:02:20.0654 0456 iaStor - ok
23:02:20.0687 0456 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
23:02:20.0692 0456 iaStorV - ok
23:02:20.0806 0456 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
23:02:20.0863 0456 igfx - ok
23:02:20.0893 0456 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
23:02:20.0894 0456 iirsp - ok
23:02:20.0975 0456 IntcAzAudAddService (8d7eb1fd498fd0a34c95a298685ec1c7) C:\Windows\system32\drivers\RTKVHDA.sys
23:02:21.0019 0456 IntcAzAudAddService - ok
23:02:21.0038 0456 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
23:02:21.0039 0456 intelide - ok
23:02:21.0076 0456 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
23:02:21.0078 0456 intelppm - ok
23:02:21.0123 0456 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:02:21.0124 0456 IpFilterDriver - ok
23:02:21.0138 0456 IpInIp - ok
23:02:21.0166 0456 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
23:02:21.0168 0456 IPMIDRV - ok
23:02:21.0206 0456 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
23:02:21.0209 0456 IPNAT - ok
23:02:21.0240 0456 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
23:02:21.0241 0456 IRENUM - ok
23:02:21.0276 0456 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
23:02:21.0278 0456 isapnp - ok
23:02:21.0339 0456 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
23:02:21.0341 0456 iScsiPrt - ok
23:02:21.0359 0456 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
23:02:21.0361 0456 iteatapi - ok
23:02:21.0398 0456 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
23:02:21.0399 0456 iteraid - ok
23:02:21.0422 0456 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
23:02:21.0422 0456 kbdclass - ok
23:02:21.0480 0456 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
23:02:21.0481 0456 kbdhid - ok
23:02:21.0523 0456 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
23:02:21.0531 0456 KSecDD - ok
23:02:21.0615 0456 Lbd (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\Windows\system32\DRIVERS\Lbd.sys
23:02:21.0617 0456 Lbd - ok
23:02:21.0659 0456 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
23:02:21.0661 0456 lltdio - ok
23:02:21.0705 0456 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
23:02:21.0707 0456 LSI_FC - ok
23:02:21.0733 0456 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
23:02:21.0735 0456 LSI_SAS - ok
23:02:21.0761 0456 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
23:02:21.0763 0456 LSI_SCSI - ok
23:02:21.0792 0456 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
23:02:21.0794 0456 luafv - ok
23:02:21.0883 0456 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
23:02:21.0884 0456 megasas - ok
23:02:21.0937 0456 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
23:02:21.0944 0456 MegaSR - ok
23:02:21.0962 0456 mfeapfk - ok
23:02:21.0975 0456 mfeavfk - ok
23:02:21.0980 0456 Suspicious service (Hidden): mfeavfk01
23:02:22.0000 0456 mfeavfk01 ( HiddenService.Multi.Generic ) - warning
23:02:22.0000 0456 mfeavfk01 - detected HiddenService.Multi.Generic (1)
23:02:22.0013 0456 mfebopk - ok
23:02:22.0029 0456 mfefirek - ok
23:02:22.0060 0456 mfehidk - ok
23:02:22.0073 0456 mfenlfk - ok
23:02:22.0086 0456 mferkdet - ok
23:02:22.0125 0456 mfewfpk - ok
23:02:22.0159 0456 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
23:02:22.0160 0456 Modem - ok
23:02:22.0182 0456 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
23:02:22.0183 0456 monitor - ok
23:02:22.0213 0456 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\Windows\system32\DRIVERS\motmodem.sys
23:02:22.0215 0456 motmodem - ok
23:02:22.0240 0456 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
23:02:22.0240 0456 mouclass - ok
23:02:22.0273 0456 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
23:02:22.0274 0456 mouhid - ok
23:02:22.0295 0456 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
23:02:22.0297 0456 MountMgr - ok
23:02:22.0339 0456 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
23:02:22.0341 0456 mpio - ok
23:02:22.0370 0456 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
23:02:22.0372 0456 mpsdrv - ok
23:02:22.0397 0456 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
23:02:22.0399 0456 Mraid35x - ok
23:02:22.0459 0456 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
23:02:22.0462 0456 MRxDAV - ok
23:02:22.0516 0456 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:02:22.0518 0456 mrxsmb - ok
23:02:22.0556 0456 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:02:22.0560 0456 mrxsmb10 - ok
23:02:22.0573 0456 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:02:22.0575 0456 mrxsmb20 - ok
23:02:22.0636 0456 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
23:02:22.0637 0456 msahci - ok
23:02:22.0668 0456 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
23:02:22.0670 0456 msdsm - ok
23:02:22.0699 0456 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
23:02:22.0700 0456 Msfs - ok
23:02:22.0726 0456 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
23:02:22.0727 0456 msisadrv - ok
23:02:22.0766 0456 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
23:02:22.0767 0456 MSKSSRV - ok
23:02:22.0801 0456 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
23:02:22.0802 0456 MSPCLOCK - ok
23:02:22.0827 0456 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
23:02:22.0828 0456 MSPQM - ok
23:02:22.0890 0456 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
23:02:22.0893 0456 MsRPC - ok
23:02:22.0913 0456 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
23:02:22.0914 0456 mssmbios - ok
23:02:22.0947 0456 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
23:02:22.0948 0456 MSTEE - ok
23:02:22.0961 0456 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
23:02:22.0962 0456 Mup - ok
23:02:23.0033 0456 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
23:02:23.0037 0456 NativeWifiP - ok
23:02:23.0082 0456 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
23:02:23.0091 0456 NDIS - ok
23:02:23.0114 0456 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
23:02:23.0115 0456 NdisTapi - ok
23:02:23.0153 0456 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
23:02:23.0154 0456 Ndisuio - ok
23:02:23.0203 0456 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
23:02:23.0205 0456 NdisWan - ok
23:02:23.0226 0456 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
23:02:23.0228 0456 NDProxy - ok
23:02:23.0278 0456 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
23:02:23.0279 0456 NetBIOS - ok
23:02:23.0326 0456 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
23:02:23.0329 0456 netbt - ok
23:02:23.0364 0456 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
23:02:23.0366 0456 nfrd960 - ok
23:02:23.0408 0456 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
23:02:23.0410 0456 Npfs - ok
23:02:23.0439 0456 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
23:02:23.0440 0456 nsiproxy - ok
23:02:23.0517 0456 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
23:02:23.0551 0456 Ntfs - ok
23:02:23.0581 0456 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
23:02:23.0582 0456 ntrigdigi - ok
23:02:23.0603 0456 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
23:02:23.0604 0456 Null - ok
23:02:23.0647 0456 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys
23:02:23.0655 0456 NVENETFD - ok
23:02:23.0679 0456 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
23:02:23.0682 0456 nvraid - ok
23:02:23.0706 0456 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
23:02:23.0707 0456 nvstor - ok
23:02:23.0731 0456 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
23:02:23.0734 0456 nv_agp - ok
23:02:23.0809 0456 NWADI (fc2a8aaa0f3321f41231ede0af1968ae) C:\Windows\system32\DRIVERS\NWADIenum.sys
23:02:23.0812 0456 NWADI - ok
23:02:23.0823 0456 NwlnkFlt - ok
23:02:23.0836 0456 NwlnkFwd - ok
23:02:23.0895 0456 NWUSBCDFIL (224131778c92aee8c13afac5fbff19ca) C:\Windows\system32\DRIVERS\NwUsbCdFil.sys
23:02:23.0896 0456 NWUSBCDFIL - ok
23:02:23.0957 0456 NWUSBModem (b7112f30d7eff4b5052eba879f46228f) C:\Windows\system32\DRIVERS\nwusbmdm.sys
23:02:23.0960 0456 NWUSBModem - ok
23:02:23.0991 0456 NWUSBPort (b7112f30d7eff4b5052eba879f46228f) C:\Windows\system32\DRIVERS\nwusbser.sys
23:02:23.0994 0456 NWUSBPort - ok
23:02:24.0028 0456 NWUSBPort2 (b7112f30d7eff4b5052eba879f46228f) C:\Windows\system32\DRIVERS\nwusbser2.sys
23:02:24.0032 0456 NWUSBPort2 - ok
23:02:24.0091 0456 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
23:02:24.0092 0456 ohci1394 - ok
23:02:24.0148 0456 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
23:02:24.0150 0456 Parport - ok
23:02:24.0205 0456 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
23:02:24.0207 0456 partmgr - ok
23:02:24.0234 0456 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
23:02:24.0235 0456 Parvdm - ok
23:02:24.0291 0456 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
23:02:24.0294 0456 pci - ok
23:02:24.0340 0456 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
23:02:24.0341 0456 pciide - ok
23:02:24.0369 0456 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
23:02:24.0372 0456 pcmcia - ok
23:02:24.0437 0456 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
23:02:24.0457 0456 PEAUTH - ok
23:02:24.0552 0456 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
23:02:24.0554 0456 PptpMiniport - ok
23:02:24.0582 0456 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
23:02:24.0584 0456 Processor - ok
23:02:24.0643 0456 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
23:02:24.0644 0456 PSched - ok
23:02:24.0726 0456 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
23:02:24.0759 0456 ql2300 - ok
23:02:24.0790 0456 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
23:02:24.0792 0456 ql40xx - ok
23:02:24.0821 0456 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
23:02:24.0822 0456 QWAVEdrv - ok
23:02:24.0843 0456 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
23:02:24.0844 0456 RasAcd - ok
23:02:24.0865 0456 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:02:24.0867 0456 Rasl2tp - ok
23:02:24.0908 0456 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
23:02:24.0910 0456 RasPppoe - ok
23:02:24.0939 0456 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
23:02:24.0941 0456 RasSstp - ok
23:02:24.0991 0456 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
23:02:24.0996 0456 rdbss - ok
23:02:25.0018 0456 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:02:25.0019 0456 RDPCDD - ok
23:02:25.0055 0456 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
23:02:25.0060 0456 rdpdr - ok
23:02:25.0072 0456 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
23:02:25.0073 0456 RDPENCDD - ok
23:02:25.0109 0456 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
23:02:25.0113 0456 RDPWD - ok
23:02:25.0206 0456 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
23:02:25.0209 0456 RFCOMM - ok
23:02:25.0248 0456 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
23:02:25.0250 0456 rimmptsk - ok
23:02:25.0281 0456 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
23:02:25.0283 0456 rimsptsk - ok
23:02:25.0322 0456 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
23:02:25.0323 0456 RimUsb - ok
23:02:25.0350 0456 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
23:02:25.0351 0456 rismxdp - ok
23:02:25.0415 0456 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
23:02:25.0416 0456 rspndr - ok
23:02:25.0464 0456 RTL8169 (9a929308a64183d3d9dccbb6df4badae) C:\Windows\system32\DRIVERS\Rtlh86.sys
23:02:25.0466 0456 RTL8169 - ok
23:02:25.0490 0456 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
23:02:25.0492 0456 sbp2port - ok
23:02:25.0577 0456 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
23:02:25.0579 0456 sdbus - ok
23:02:25.0600 0456 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
23:02:25.0601 0456 secdrv - ok
23:02:25.0636 0456 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
23:02:25.0637 0456 Serenum - ok
23:02:25.0661 0456 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
23:02:25.0663 0456 Serial - ok
23:02:25.0686 0456 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
23:02:25.0688 0456 sermouse - ok
23:02:25.0725 0456 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
23:02:25.0726 0456 sffdisk - ok
23:02:25.0763 0456 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
23:02:25.0764 0456 sffp_mmc - ok
23:02:25.0793 0456 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
23:02:25.0794 0456 sffp_sd - ok
23:02:25.0818 0456 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
23:02:25.0820 0456 sfloppy - ok
23:02:25.0852 0456 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
23:02:25.0854 0456 sisagp - ok
23:02:25.0885 0456 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
23:02:25.0886 0456 SiSRaid2 - ok
23:02:25.0914 0456 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
23:02:25.0916 0456 SiSRaid4 - ok
23:02:25.0979 0456 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
23:02:25.0981 0456 Smb - ok
23:02:26.0050 0456 smserial (63b3b77bdb67ee674771c0e6fb96da9e) C:\Windows\system32\DRIVERS\smserial.sys
23:02:26.0082 0456 smserial - ok
23:02:26.0205 0456 SMSIVZAM5 (1e715247efffdda938c085913045d599) C:\PROGRA~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS
23:02:26.0207 0456 SMSIVZAM5 - ok
23:02:26.0257 0456 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
23:02:26.0259 0456 spldr - ok
23:02:26.0316 0456 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
23:02:26.0322 0456 srv - ok
23:02:26.0376 0456 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
23:02:26.0380 0456 srv2 - ok
23:02:26.0430 0456 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
23:02:26.0432 0456 srvnet - ok
23:02:26.0514 0456 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
23:02:26.0514 0456 swenum - ok
23:02:26.0536 0456 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
23:02:26.0537 0456 Symc8xx - ok
23:02:26.0562 0456 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
23:02:26.0563 0456 Sym_hi - ok
23:02:26.0588 0456 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
23:02:26.0589 0456 Sym_u3 - ok
23:02:26.0658 0456 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
23:02:26.0688 0456 Tcpip - ok
23:02:26.0714 0456 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
23:02:26.0720 0456 Tcpip6 - ok
23:02:26.0781 0456 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
23:02:26.0782 0456 tcpipreg - ok
23:02:26.0810 0456 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
23:02:26.0812 0456 TDPIPE - ok
23:02:26.0839 0456 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
23:02:26.0840 0456 TDTCP - ok
23:02:26.0893 0456 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
23:02:26.0895 0456 tdx - ok
23:02:26.0947 0456 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
23:02:26.0948 0456 TermDD - ok
23:02:26.0988 0456 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:02:26.0989 0456 tssecsrv - ok
23:02:27.0012 0456 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
23:02:27.0013 0456 tunmp - ok
23:02:27.0073 0456 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
23:02:27.0074 0456 tunnel - ok
23:02:27.0105 0456 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
23:02:27.0107 0456 uagp35 - ok
23:02:27.0173 0456 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
23:02:27.0178 0456 udfs - ok
23:02:27.0215 0456 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
23:02:27.0216 0456 uliagpkx - ok
23:02:27.0243 0456 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
23:02:27.0248 0456 uliahci - ok
23:02:27.0277 0456 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
23:02:27.0279 0456 UlSata - ok
23:02:27.0317 0456 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
23:02:27.0320 0456 ulsata2 - ok
23:02:27.0350 0456 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
23:02:27.0351 0456 umbus - ok
23:02:27.0421 0456 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
23:02:27.0423 0456 USBAAPL - ok
23:02:27.0494 0456 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
23:02:27.0497 0456 usbaudio - ok
23:02:27.0556 0456 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
23:02:27.0558 0456 usbccgp - ok
23:02:27.0586 0456 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
23:02:27.0588 0456 usbcir - ok
23:02:27.0612 0456 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
23:02:27.0613 0456 usbehci - ok
23:02:27.0669 0456 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
23:02:27.0673 0456 usbhub - ok
23:02:27.0701 0456 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
23:02:27.0703 0456 usbohci - ok
23:02:27.0727 0456 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
23:02:27.0728 0456 usbprint - ok
23:02:27.0773 0456 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
23:02:27.0775 0456 usbscan - ok
23:02:27.0810 0456 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:02:27.0812 0456 USBSTOR - ok
23:02:27.0845 0456 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
23:02:27.0846 0456 usbuhci - ok
23:02:27.0898 0456 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
23:02:27.0901 0456 usbvideo - ok
23:02:27.0943 0456 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
23:02:27.0944 0456 vga - ok
23:02:27.0965 0456 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
23:02:27.0966 0456 VgaSave - ok
23:02:27.0987 0456 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
23:02:27.0989 0456 viaagp - ok
23:02:28.0009 0456 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
23:02:28.0011 0456 ViaC7 - ok
23:02:28.0033 0456 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
23:02:28.0034 0456 viaide - ok
23:02:28.0065 0456 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
23:02:28.0067 0456 volmgr - ok
23:02:28.0117 0456 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
23:02:28.0123 0456 volmgrx - ok
23:02:28.0179 0456 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
23:02:28.0183 0456 volsnap - ok
23:02:28.0212 0456 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
23:02:28.0215 0456 vsmraid - ok
23:02:28.0246 0456 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
23:02:28.0247 0456 WacomPen - ok
23:02:28.0272 0456 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
23:02:28.0274 0456 Wanarp - ok
23:02:28.0279 0456 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
23:02:28.0280 0456 Wanarpv6 - ok
23:02:28.0317 0456 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
23:02:28.0319 0456 Wd - ok
23:02:28.0391 0456 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
23:02:28.0399 0456 Wdf01000 - ok
23:02:28.0469 0456 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
23:02:28.0499 0456 winachsf - ok
23:02:28.0569 0456 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
23:02:28.0571 0456 WinUsb - ok
23:02:28.0598 0456 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
23:02:28.0599 0456 WmiAcpi - ok
23:02:28.0676 0456 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
23:02:28.0677 0456 WpdUsb - ok
23:02:28.0707 0456 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
23:02:28.0708 0456 ws2ifsl - ok
23:02:28.0760 0456 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:02:28.0763 0456 WUDFRd - ok
23:02:28.0832 0456 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0
23:02:28.0873 0456 \Device\Harddisk0\DR0 - ok
23:02:28.0877 0456 Boot (0x1200) (8e5471cb302eee77bfdefccc1f1646de) \Device\Harddisk0\DR0\Partition0
23:02:28.0878 0456 \Device\Harddisk0\DR0\Partition0 - ok
23:02:28.0883 0456 Boot (0x1200) (6cbcd68c96587045018bbb7f651cb99b) \Device\Harddisk0\DR0\Partition1
23:02:28.0885 0456 \Device\Harddisk0\DR0\Partition1 - ok
23:02:28.0886 0456 ============================================================
23:02:28.0886 0456 Scan finished
23:02:28.0886 0456 ============================================================
23:02:28.0898 1324 Detected object count: 1
23:02:28.0898 1324 Actual detected object count: 1
23:03:06.0059 1324 mfeavfk01 ( HiddenService.Multi.Generic ) - skipped by user
23:03:06.0059 1324 mfeavfk01 ( HiddenService.Multi.Generic ) - User select action: Skip
23:03:12.0590 1780 ============================================================
23:03:12.0590 1780 Scan started
23:03:12.0590 1780 Mode: Manual;
23:03:12.0590 1780 ============================================================
23:03:12.0741 1780 A5AGU (d829323fbf23348ae6f34a89241648b9) C:\Windows\system32\DRIVERS\AGUx86.sys
23:03:12.0748 1780 A5AGU - ok
23:03:12.0817 1780 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
23:03:12.0819 1780 ACPI - ok
23:03:12.0856 1780 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
23:03:12.0860 1780 adp94xx - ok
23:03:12.0888 1780 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
23:03:12.0890 1780 adpahci - ok
23:03:12.0920 1780 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
23:03:12.0921 1780 adpu160m - ok
23:03:12.0954 1780 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
23:03:12.0955 1780 adpu320 - ok
23:03:13.0011 1780 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
23:03:13.0012 1780 AFD - ok
23:03:13.0032 1780 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
23:03:13.0033 1780 agp440 - ok
23:03:13.0069 1780 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
23:03:13.0070 1780 aic78xx - ok
23:03:13.0094 1780 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
23:03:13.0095 1780 aliide - ok
23:03:13.0126 1780 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
23:03:13.0126 1780 amdagp - ok
23:03:13.0149 1780 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
23:03:13.0149 1780 amdide - ok
23:03:13.0191 1780 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
23:03:13.0192 1780 AmdK7 - ok
23:03:13.0224 1780 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
23:03:13.0225 1780 AmdK8 - ok
23:03:13.0259 1780 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
23:03:13.0260 1780 arc - ok
23:03:13.0289 1780 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
23:03:13.0289 1780 arcsas - ok
23:03:13.0314 1780 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
23:03:13.0314 1780 AsyncMac - ok
23:03:13.0363 1780 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
23:03:13.0364 1780 atapi - ok
23:03:13.0423 1780 BCM43XV (58da4a879daedc2ef91c0694415417d9) C:\Windows\system32\DRIVERS\bcmwl6.sys
23:03:13.0431 1780 BCM43XV - ok
23:03:13.0468 1780 BCM43XX (58da4a879daedc2ef91c0694415417d9) C:\Windows\system32\DRIVERS\bcmwl6.sys
23:03:13.0476 1780 BCM43XX - ok
23:03:13.0495 1780 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
23:03:13.0496 1780 Beep - ok
23:03:13.0530 1780 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
23:03:13.0531 1780 blbdrive - ok
23:03:13.0587 1780 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
23:03:13.0588 1780 bowser - ok
23:03:13.0620 1780 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
23:03:13.0621 1780 BrFiltLo - ok
23:03:13.0646 1780 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
23:03:13.0647 1780 BrFiltUp - ok
23:03:13.0675 1780 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
23:03:13.0676 1780 Brserid - ok
23:03:13.0703 1780 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
23:03:13.0704 1780 BrSerWdm - ok
23:03:13.0722 1780 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
23:03:13.0723 1780 BrUsbMdm - ok
23:03:13.0751 1780 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
23:03:13.0751 1780 BrUsbSer - ok
23:03:13.0794 1780 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
23:03:13.0795 1780 BthEnum - ok
23:03:13.0815 1780 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
23:03:13.0816 1780 BTHMODEM - ok
23:03:13.0856 1780 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
23:03:13.0858 1780 BthPan - ok
23:03:13.0897 1780 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
23:03:13.0900 1780 BTHPORT - ok
23:03:13.0933 1780 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
23:03:13.0933 1780 BTHUSB - ok
23:03:13.0972 1780 btwaudio (99aeea7cefdfc6e4151a8f620d682088) C:\Windows\system32\drivers\btwaudio.sys
23:03:13.0973 1780 btwaudio - ok
23:03:13.0987 1780 btwavdt (195872e48a7fb01f8bc9b800f70f4054) C:\Windows\system32\drivers\btwavdt.sys
23:03:13.0987 1780 btwavdt - ok
23:03:14.0008 1780 btwrchid (0724e7d6c9b6a289eddda33fa8176e80) C:\Windows\system32\DRIVERS\btwrchid.sys
23:03:14.0008 1780 btwrchid - ok
23:03:14.0045 1780 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
23:03:14.0046 1780 cdfs - ok
23:03:14.0076 1780 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
23:03:14.0077 1780 cdrom - ok
23:03:14.0099 1780 cfwids - ok
23:03:14.0121 1780 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
23:03:14.0121 1780 circlass - ok
23:03:14.0173 1780 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
23:03:14.0175 1780 CLFS - ok
23:03:14.0201 1780 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
23:03:14.0202 1780 CmBatt - ok
23:03:14.0226 1780 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
23:03:14.0226 1780 cmdide - ok
23:03:14.0265 1780 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
23:03:14.0266 1780 Compbatt - ok
23:03:14.0286 1780 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
23:03:14.0287 1780 crcdisk - ok
23:03:14.0315 1780 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
23:03:14.0316 1780 Crusoe - ok
23:03:14.0370 1780 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
23:03:14.0371 1780 DfsC - ok
23:03:14.0412 1780 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
23:03:14.0413 1780 disk - ok
23:03:14.0461 1780 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
23:03:14.0462 1780 Dot4 - ok
23:03:14.0515 1780 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:03:14.0515 1780 Dot4Print - ok
23:03:14.0534 1780 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
23:03:14.0535 1780 dot4usb - ok
23:03:14.0559 1780 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
23:03:14.0559 1780 drmkaud - ok
23:03:14.0640 1780 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
23:03:14.0645 1780 DXGKrnl - ok
23:03:14.0689 1780 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
23:03:14.0690 1780 E1G60 - ok
23:03:14.0750 1780 easytether (a51ac24cadc84f4650113580d4b2da54) C:\Windows\system32\DRIVERS\easytthr.sys
23:03:14.0750 1780 easytether - ok
23:03:14.0813 1780 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
23:03:14.0814 1780 Ecache - ok
23:03:14.0854 1780 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
23:03:14.0857 1780 elxstor - ok
23:03:14.0892 1780 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
23:03:14.0892 1780 ErrDev - ok
23:03:14.0953 1780 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
23:03:14.0955 1780 exfat - ok
23:03:15.0010 1780 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
23:03:15.0012 1780 fastfat - ok
23:03:15.0032 1780 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
23:03:15.0032 1780 fdc - ok
23:03:15.0053 1780 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
23:03:15.0054 1780 FileInfo - ok
23:03:15.0087 1780 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
23:03:15.0088 1780 Filetrace - ok
23:03:15.0118 1780 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
23:03:15.0118 1780 flpydisk - ok
23:03:15.0150 1780 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
23:03:15.0151 1780 FltMgr - ok
23:03:15.0197 1780 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
23:03:15.0198 1780 Fs_Rec - ok
23:03:15.0229 1780 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
23:03:15.0230 1780 gagp30kx - ok
23:03:15.0275 1780 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:03:15.0276 1780 GEARAspiWDM - ok
23:03:15.0332 1780 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
23:03:15.0334 1780 HdAudAddService - ok
23:03:15.0393 1780 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:03:15.0397 1780 HDAudBus - ok
23:03:15.0423 1780 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
23:03:15.0423 1780 HidBth - ok
23:03:15.0441 1780 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
23:03:15.0442 1780 HidIr - ok
23:03:15.0492 1780 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
23:03:15.0493 1780 HidUsb - ok
23:03:15.0520 1780 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
23:03:15.0521 1780 HpCISSs - ok
23:03:15.0564 1780 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
23:03:15.0565 1780 HpqKbFiltr - ok
23:03:15.0585 1780 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys
23:03:15.0585 1780 HpqRemHid - ok
23:03:15.0618 1780 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
23:03:15.0620 1780 HSFHWAZL - ok
23:03:15.0679 1780 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
23:03:15.0686 1780 HSF_DPV - ok
23:03:15.0741 1780 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
23:03:15.0744 1780 HTTP - ok
23:03:15.0768 1780 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
23:03:15.0769 1780 i2omp - ok
23:03:15.0796 1780 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
23:03:15.0796 1780 i8042prt - ok
23:03:15.0850 1780 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys
23:03:15.0853 1780 iaStor - ok
23:03:15.0885 1780 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
23:03:15.0887 1780 iaStorV - ok
23:03:16.0004 1780 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
23:03:16.0019 1780 igfx - ok
23:03:16.0046 1780 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
23:03:16.0047 1780 iirsp - ok
23:03:16.0129 1780 IntcAzAudAddService (8d7eb1fd498fd0a34c95a298685ec1c7) C:\Windows\system32\drivers\RTKVHDA.sys
23:03:16.0141 1780 IntcAzAudAddService - ok
23:03:16.0169 1780 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
23:03:16.0170 1780 intelide - ok
23:03:16.0185 1780 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
23:03:16.0186 1780 intelppm - ok
23:03:16.0209 1780 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:03:16.0210 1780 IpFilterDriver - ok
23:03:16.0231 1780 IpInIp - ok
23:03:16.0253 1780 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
23:03:16.0254 1780 IPMIDRV - ok
23:03:16.0282 1780 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
23:03:16.0283 1780 IPNAT - ok
23:03:16.0315 1780 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
23:03:16.0316 1780 IRENUM - ok
23:03:16.0341 1780 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
23:03:16.0341 1780 isapnp - ok
23:03:16.0393 1780 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
23:03:16.0394 1780 iScsiPrt - ok
23:03:16.0424 1780 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
23:03:16.0425 1780 iteatapi - ok
23:03:16.0451 1780 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
23:03:16.0452 1780 iteraid - ok
23:03:16.0486 1780 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
23:03:16.0487 1780 kbdclass - ok
23:03:16.0533 1780 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
23:03:16.0534 1780 kbdhid - ok
23:03:16.0576 1780 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
23:03:16.0580 1780 KSecDD - ok
23:03:16.0657 1780 Lbd (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\Windows\system32\DRIVERS\Lbd.sys
23:03:16.0658 1780 Lbd - ok
23:03:16.0679 1780 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
23:03:16.0680 1780 lltdio - ok
23:03:16.0714 1780 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
23:03:16.0715 1780 LSI_FC - ok
23:03:16.0742 1780 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
23:03:16.0743 1780 LSI_SAS - ok
23:03:16.0770 1780 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
23:03:16.0771 1780 LSI_SCSI - ok
23:03:16.0801 1780 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
23:03:16.0802 1780 luafv - ok
23:03:16.0859 1780 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
23:03:16.0860 1780 megasas - ok
23:03:16.0890 1780 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
23:03:16.0893 1780 MegaSR - ok
23:03:16.0909 1780 mfeapfk - ok
23:03:16.0921 1780 mfeavfk - ok
23:03:16.0926 1780 Suspicious service (Hidden): mfeavfk01
23:03:16.0935 1780 mfeavfk01 ( HiddenService.Multi.Generic ) - warning
23:03:16.0935 1780 mfeavfk01 - detected HiddenService.Multi.Generic (1)
23:03:16.0948 1780 mfebopk - ok
23:03:16.0970 1780 mfefirek - ok
23:03:16.0982 1780 mfehidk - ok
23:03:16.0995 1780 mfenlfk - ok
23:03:17.0008 1780 mferkdet - ok
23:03:17.0031 1780 mfewfpk - ok
23:03:17.0068 1780 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
23:03:17.0068 1780 Modem - ok
23:03:17.0090 1780 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
23:03:17.0091 1780 monitor - ok
23:03:17.0122 1780 motmodem (fe80c18ba448ddd76b7bead9eb203d37) C:\Windows\system32\DRIVERS\motmodem.sys
23:03:17.0123 1780 motmodem - ok
23:03:17.0148 1780 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
23:03:17.0149 1780 mouclass - ok
23:03:17.0181 1780 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
23:03:17.0182 1780 mouhid - ok
23:03:17.0204 1780 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
23:03:17.0204 1780 MountMgr - ok
23:03:17.0236 1780 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
23:03:17.0238 1780 mpio - ok
23:03:17.0267 1780 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
23:03:17.0268 1780 mpsdrv - ok
23:03:17.0295 1780 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
23:03:17.0296 1780 Mraid35x - ok
23:03:17.0346 1780 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
23:03:17.0347 1780 MRxDAV - ok
23:03:17.0402 1780 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:03:17.0403 1780 mrxsmb - ok
23:03:17.0442 1780 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:03:17.0444 1780 mrxsmb10 - ok
23:03:17.0457 1780 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:03:17.0458 1780 mrxsmb20 - ok
23:03:17.0478 1780 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
23:03:17.0479 1780 msahci - ok
23:03:17.0510 1780 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
23:03:17.0511 1780 msdsm - ok
23:03:17.0533 1780 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
23:03:17.0534 1780 Msfs - ok
23:03:17.0556 1780 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
23:03:17.0557 1780 msisadrv - ok
23:03:17.0596 1780 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
23:03:17.0597 1780 MSKSSRV - ok
23:03:17.0621 1780 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
23:03:17.0622 1780 MSPCLOCK - ok
23:03:17.0647 1780 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
23:03:17.0647 1780 MSPQM - ok
23:03:17.0709 1780 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
23:03:17.0711 1780 MsRPC - ok
23:03:17.0744 1780 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
23:03:17.0745 1780 mssmbios - ok
23:03:17.0767 1780 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
23:03:17.0768 1780 MSTEE - ok
23:03:17.0796 1780 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
23:03:17.0797 1780 Mup - ok
23:03:17.0842 1780 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
23:03:17.0843 1780 NativeWifiP - ok
23:03:17.0869 1780 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
23:03:17.0872 1780 NDIS - ok
23:03:17.0889 1780 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
23:03:17.0889 1780 NdisTapi - ok
23:03:17.0917 1780 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
23:03:17.0917 1780 Ndisuio - ok
23:03:17.0967 1780 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
23:03:17.0968 1780 NdisWan - ok
23:03:17.0990 1780 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
23:03:17.0991 1780 NDProxy - ok
23:03:18.0008 1780 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
23:03:18.0009 1780 NetBIOS - ok
23:03:18.0056 1780 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
23:03:18.0058 1780 netbt - ok
23:03:18.0095 1780 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
23:03:18.0095 1780 nfrd960 - ok
23:03:18.0128 1780 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
23:03:18.0128 1780 Npfs - ok
23:03:18.0159 1780 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
23:03:18.0159 1780 nsiproxy - ok
23:03:18.0236 1780 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
23:03:18.0244 1780 Ntfs - ok
23:03:18.0267 1780 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
23:03:18.0268 1780 ntrigdigi - ok
23:03:18.0289 1780 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
23:03:18.0290 1780 Null - ok
23:03:18.0322 1780 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys
23:03:18.0326 1780 NVENETFD - ok
23:03:18.0354 1780 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
23:03:18.0355 1780 nvraid - ok
23:03:18.0381 1780 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
23:03:18.0382 1780 nvstor - ok
23:03:18.0406 1780 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
23:03:18.0407 1780 nv_agp - ok
23:03:18.0462 1780 NWADI (fc2a8aaa0f3321f41231ede0af1968ae) C:\Windows\system32\DRIVERS\NWADIenum.sys
23:03:18.0464 1780 NWADI - ok
23:03:18.0478 1780 NwlnkFlt - ok
23:03:18.0491 1780 NwlnkFwd - ok
23:03:18.0547 1780 NWUSBCDFIL (224131778c92aee8c13afac5fbff19ca) C:\Windows\system32\DRIVERS\NwUsbCdFil.sys
23:03:18.0548 1780 NWUSBCDFIL - ok
23:03:18.0609 1780 NWUSBModem (b7112f30d7eff4b5052eba879f46228f) C:\Windows\system32\DRIVERS\nwusbmdm.sys
23:03:18.0611 1780 NWUSBModem - ok
23:03:18.0643 1780 NWUSBPort (b7112f30d7eff4b5052eba879f46228f) C:\Windows\system32\DRIVERS\nwusbser.sys
23:03:18.0645 1780 NWUSBPort - ok
23:03:18.0681 1780 NWUSBPort2 (b7112f30d7eff4b5052eba879f46228f) C:\Windows\system32\DRIVERS\nwusbser2.sys
23:03:18.0683 1780 NWUSBPort2 - ok
23:03:18.0733 1780 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
23:03:18.0733 1780 ohci1394 - ok
23:03:18.0789 1780 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
23:03:18.0790 1780 Parport - ok
23:03:18.0836 1780 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
23:03:18.0837 1780 partmgr - ok
23:03:18.0865 1780 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
23:03:18.0866 1780 Parvdm - ok
23:03:18.0932 1780 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
23:03:18.0934 1780 pci - ok
23:03:18.0959 1780 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
23:03:18.0960 1780 pciide - ok
23:03:18.0999 1780 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
23:03:19.0000 1780 pcmcia - ok
23:03:19.0045 1780 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
23:03:19.0051 1780 PEAUTH - ok
23:03:19.0116 1780 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
23:03:19.0117 1780 PptpMiniport - ok
23:03:19.0146 1780 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
23:03:19.0147 1780 Processor - ok
23:03:19.0207 1780 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
23:03:19.0208 1780 PSched - ok
23:03:19.0267 1780 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
23:03:19.0276 1780 ql2300 - ok
23:03:19.0298 1780 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
23:03:19.0299 1780 ql40xx - ok
23:03:19.0319 1780 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
23:03:19.0320 1780 QWAVEdrv - ok
23:03:19.0351 1780 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
23:03:19.0351 1780 RasAcd - ok
23:03:19.0373 1780 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:03:19.0374 1780 Rasl2tp - ok
23:03:19.0405 1780 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
23:03:19.0406 1780 RasPppoe - ok
23:03:19.0436 1780 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
23:03:19.0437 1780 RasSstp - ok
23:03:19.0488 1780 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
23:03:19.0490 1780 rdbss - ok
23:03:19.0503 1780 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:03:19.0504 1780 RDPCDD - ok
23:03:19.0541 1780 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
23:03:19.0543 1780 rdpdr - ok
23:03:19.0559 1780 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
23:03:19.0560 1780 RDPENCDD - ok
23:03:19.0595 1780 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
23:03:19.0597 1780 RDPWD - ok
23:03:19.0647 1780 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
23:03:19.0649 1780 RFCOMM - ok
23:03:19.0679 1780 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
23:03:19.0679 1780 rimmptsk - ok
23:03:19.0712 1780 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
23:03:19.0713 1780 rimsptsk - ok
23:03:19.0741 1780 RimUsb (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
23:03:19.0741 1780 RimUsb - ok
23:03:19.0769 1780 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
23:03:19.0770 1780 rismxdp - ok
23:03:19.0823 1780 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
23:03:19.0824 1780 rspndr - ok
23:03:19.0849 1780 RTL8169 (9a929308a64183d3d9dccbb6df4badae) C:\Windows\system32\DRIVERS\Rtlh86.sys
23:03:19.0851 1780 RTL8169 - ok
23:03:19.0876 1780 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
23:03:19.0877 1780 sbp2port - ok
23:03:19.0940 1780 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
23:03:19.0942 1780 sdbus - ok
23:03:19.0964 1780 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
23:03:19.0964 1780 secdrv - ok
23:03:20.0000 1780 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
23:03:20.0000 1780 Serenum - ok
23:03:20.0025 1780 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
23:03:20.0026 1780 Serial - ok
23:03:20.0050 1780 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
23:03:20.0051 1780 sermouse - ok
23:03:20.0088 1780 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
23:03:20.0089 1780 sffdisk - ok
23:03:20.0115 1780 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
23:03:20.0116 1780 sffp_mmc - ok
23:03:20.0145 1780 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
23:03:20.0146 1780 sffp_sd - ok
23:03:20.0171 1780 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
23:03:20.0172 1780 sfloppy - ok
23:03:20.0204 1780 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
23:03:20.0205 1780 sisagp - ok
23:03:20.0226 1780 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
23:03:20.0227 1780 SiSRaid2 - ok
23:03:20.0255 1780 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
23:03:20.0256 1780 SiSRaid4 - ok
23:03:20.0309 1780 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
23:03:20.0310 1780 Smb - ok
23:03:20.0369 1780 smserial (63b3b77bdb67ee674771c0e6fb96da9e) C:\Windows\system32\DRIVERS\smserial.sys
23:03:20.0376 1780 smserial - ok
23:03:20.0502 1780 SMSIVZAM5 (1e715247efffdda938c085913045d599) C:\PROGRA~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS
23:03:20.0502 1780 SMSIVZAM5 - ok
23:03:20.0543 1780 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
23:03:20.0544 1780 spldr - ok
23:03:20.0602 1780 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
23:03:20.0604 1780 srv - ok
23:03:20.0662 1780 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
23:03:20.0663 1780 srv2 - ok
23:03:20.0715 1780 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
23:03:20.0717 1780 srvnet - ok
23:03:20.0744 1780 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
23:03:20.0744 1780 swenum - ok
23:03:20.0766 1780 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
23:03:20.0766 1780 Symc8xx - ok
23:03:20.0791 1780 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
23:03:20.0792 1780 Sym_hi - ok
23:03:20.0818 1780 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
23:03:20.0819 1780 Sym_u3 - ok
23:03:20.0899 1780 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
23:03:20.0906 1780 Tcpip - ok
23:03:20.0943 1780 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
23:03:20.0950 1780 Tcpip6 - ok
23:03:21.0011 1780 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
23:03:21.0011 1780 tcpipreg - ok
23:03:21.0040 1780 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
23:03:21.0041 1780 TDPIPE - ok
23:03:21.0069 1780 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
23:03:21.0069 1780 TDTCP - ok
23:03:21.0123 1780 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
23:03:21.0124 1780 tdx - ok
23:03:21.0177 1780 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
23:03:21.0178 1780 TermDD - ok
23:03:21.0229 1780 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:03:21.0229 1780 tssecsrv - ok
23:03:21.0253 1780 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
23:03:21.0254 1780 tunmp - ok
23:03:21.0303 1780 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
23:03:21.0304 1780 tunnel - ok
23:03:21.0324 1780 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
23:03:21.0325 1780 uagp35 - ok
23:03:21.0369 1780 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
23:03:21.0371 1780 udfs - ok
23:03:21.0411 1780 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
23:03:21.0412 1780 uliagpkx - ok
23:03:21.0440 1780 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
23:03:21.0442 1780 uliahci - ok
23:03:21.0474 1780 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
23:03:21.0475 1780 UlSata - ok
23:03:21.0503 1780 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
23:03:21.0504 1780 ulsata2 - ok
23:03:21.0536 1780 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
23:03:21.0536 1780 umbus - ok
23:03:21.0584 1780 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
23:03:21.0585 1780 USBAAPL - ok
23:03:21.0635 1780 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
23:03:21.0636 1780 usbaudio - ok
23:03:21.0686 1780 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
23:03:21.0687 1780 usbccgp - ok
23:03:21.0716 1780 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
23:03:21.0717 1780 usbcir - ok
23:03:21.0742 1780 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
23:03:21.0743 1780 usbehci - ok
23:03:21.0799 1780 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
23:03:21.0801 1780 usbhub - ok
23:03:21.0820 1780 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
23:03:21.0821 1780 usbohci - ok
23:03:21.0845 1780 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
23:03:21.0846 1780 usbprint - ok
23:03:21.0870 1780 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
23:03:21.0870 1780 usbscan - ok
23:03:21.0907 1780 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:03:21.0908 1780 USBSTOR - ok
23:03:21.0941 1780 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
23:03:21.0942 1780 usbuhci - ok
23:03:21.0964 1780 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
23:03:21.0966 1780 usbvideo - ok
23:03:21.0995 1780 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
23:03:21.0996 1780 vga - ok
23:03:22.0017 1780 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
23:03:22.0018 1780 VgaSave - ok
23:03:22.0050 1780 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
23:03:22.0051 1780 viaagp - ok
23:03:22.0072 1780 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
23:03:22.0073 1780 ViaC7 - ok
23:03:22.0096 1780 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
23:03:22.0097 1780 viaide - ok
23:03:22.0128 1780 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
23:03:22.0129 1780 volmgr - ok
23:03:22.0180 1780 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
23:03:22.0183 1780 volmgrx - ok
23:03:22.0242 1780 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
23:03:22.0244 1780 volsnap - ok
23:03:22.0275 1780 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
23:03:22.0277 1780 vsmraid - ok
23:03:22.0309 1780 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
23:03:22.0310 1780 WacomPen - ok
23:03:22.0335 1780 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
23:03:22.0336 1780 Wanarp - ok
23:03:22.0341 1780 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
23:03:22.0342 1780 Wanarpv6 - ok
23:03:22.0369 1780 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
23:03:22.0370 1780 Wd - ok
23:03:22.0431 1780 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
23:03:22.0435 1780 Wdf01000 - ok
23:03:22.0510 1780 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
23:03:22.0515 1780 winachsf - ok
23:03:22.0576 1780 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
23:03:22.0577 1780 WinUsb - ok
23:03:22.0606 1780 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
23:03:22.0606 1780 WmiAcpi - ok
23:03:22.0672 1780 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
23:03:22.0673 1780 WpdUsb - ok
23:03:22.0704 1780 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
23:03:22.0704 1780 ws2ifsl - ok
23:03:22.0746 1780 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:03:22.0747 1780 WUDFRd - ok
23:03:22.0795 1780 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0
23:03:22.0836 1780 \Device\Harddisk0\DR0 - ok
23:03:22.0840 1780 Boot (0x1200) (8e5471cb302eee77bfdefccc1f1646de) \Device\Harddisk0\DR0\Partition0
23:03:22.0841 1780 \Device\Harddisk0\DR0\Partition0 - ok
23:03:22.0846 1780 Boot (0x1200) (6cbcd68c96587045018bbb7f651cb99b) \Device\Harddisk0\DR0\Partition1
23:03:22.0847 1780 \Device\Harddisk0\DR0\Partition1 - ok
23:03:22.0849 1780 ============================================================
23:03:22.0849 1780 Scan finished
23:03:22.0849 1780 ============================================================
23:03:22.0860 1728 Detected object count: 1
23:03:22.0860 1728 Actual detected object count: 1
23:03:56.0203 1728 mfeavfk01 ( HiddenService.Multi.Generic ) - skipped by user
23:03:56.0203 1728 mfeavfk01 ( HiddenService.Multi.Generic ) - User select action: Skip

#7 JohnDoeIII

JohnDoeIII
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:19 PM

Posted 13 March 2012 - 10:11 AM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-13 23:09:25
-----------------------------
23:09:25.868 OS Version: Windows 6.0.6002 Service Pack 2
23:09:25.868 Number of processors: 2 586 0xF0D
23:09:25.868 ComputerName: ZACHSLAPTOP UserName:
23:09:26.818 Initialize success
23:09:42.523 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
23:09:42.525 Disk 0 Vendor: WDC_WD25 01.0 Size: 238475MB BusType: 3
23:09:42.538 Disk 0 MBR read successfully
23:09:42.541 Disk 0 MBR scan
23:09:42.544 Disk 0 unknown MBR code
23:09:42.556 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 226408 MB offset 63
23:09:42.590 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 12064 MB offset 463684095
23:09:42.595 Disk 0 scanning sectors +488392065
23:09:42.648 Disk 0 scanning C:\Windows\system32\drivers
23:09:50.366 Service scanning
23:09:56.965 Service mfeavfk01 C:\Windows\System32\Drivers\mfeavfk01.sys **HIDDEN**
23:10:05.523 Modules scanning
23:10:09.651 Disk 0 trace - called modules:
23:10:09.675 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys
23:10:09.681 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x874149f8]
23:10:09.697 3 CLASSPNP.SYS[8bb9f8b3] -> nt!IofCallDriver -> [0x8691a600]
23:10:09.703 5 acpi.sys[806956bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8691b028]
23:10:09.710 Scan finished successfully
23:10:36.746 Disk 0 MBR has been saved successfully to "C:\Users\office depot\Desktop\MBR.dat"
23:10:36.752 The log file has been saved successfully to "C:\Users\office depot\Desktop\aswMBR.txt"

Attached File  MBR.zip   553bytes   0 downloads

#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,942 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:19 PM

Posted 13 March 2012 - 12:31 PM

You are clear to run these tools.

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop

IMPORTANT....

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note:
Do not mouse click ComboFix's window while it's running. That may cause it to stall


Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html
===

Third party programs if not up to date can be the cause infiltration of an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.

Please post the logs for my review.

Let me know what problem persists.

#9 JohnDoeIII

JohnDoeIII
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:19 PM

Posted 13 March 2012 - 12:53 PM

I understand. I looked at the links on how to disable or turn off antivirus but combofix has dectected real time scanners to be active.
Antivirus: McAfee Anti-Virus and Anti-spyware
Antispyware: Lavasoft Ad-watch Live!
Antispyware: McAfee anti-virus and anti-spyware

I went and followed the directions and I also went into the services and none of the programs listed above have been started. I cant figure it out its like mcafee has tricked the computer and wont let me change the properties!

Should I still run the combofix????

#10 JohnDoeIII

JohnDoeIII
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:19 PM

Posted 13 March 2012 - 01:44 PM

It may be inbeded in mcafee becasue the program has expired. Let me know what I should do.
Thanks

#11 JohnDoeIII

JohnDoeIII
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:19 PM

Posted 13 March 2012 - 02:02 PM

I just ran it. Computer didnt ask to restart. Here is the info you requested for combofix.

ComboFix 12-03-13.01 - office depot 03/14/2012 2:48.1.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3062.2316 [GMT -4:00]
Running from: c:\users\office depot\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-02-14 to 2012-03-14 )))))))))))))))))))))))))))))))
.
.
2012-03-14 06:55 . 2012-03-14 06:55 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-03-14 06:55 . 2012-03-14 06:55 -------- d-----w- c:\users\office depot\AppData\Local\temp
2012-03-14 06:55 . 2012-03-14 06:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-12 02:27 . 2012-03-12 02:27 709968 ----a-w- c:\windows\is-DVG4O.exe
2012-03-10 19:15 . 2012-03-10 19:15 -------- d--h--w- c:\programdata\Common Files
2012-03-10 19:14 . 2012-03-10 19:15 -------- d-----w- c:\programdata\MFAData
2012-03-09 20:44 . 2012-03-09 20:44 -------- d-----w- c:\windows\Sun
2012-03-09 13:37 . 2012-03-09 13:37 -------- d-----w- c:\users\office depot\AppData\Roaming\PC-FAX TX
2012-03-08 19:58 . 2012-03-08 19:58 -------- d-----w- c:\users\office depot\AppData\Roaming\ControlCenter4
2012-03-08 19:39 . 2012-03-08 19:39 -------- d-----w- c:\program files\Browny02
2012-03-08 19:39 . 2012-03-08 19:39 -------- d-----w- c:\programdata\ControlCenter4
2012-03-08 19:38 . 2012-03-08 19:39 -------- d-----w- c:\program files\ControlCenter4
2012-03-08 19:37 . 2012-03-08 19:38 -------- d-----w- c:\program files\Brother
2012-03-08 19:20 . 2012-03-08 19:46 -------- d-----w- c:\programdata\Brother
2012-03-02 15:23 . 2012-03-02 15:23 -------- d-----w- c:\users\office depot\AppData\Roaming\pdfforge
2012-03-02 15:23 . 2012-03-10 22:50 -------- d-----w- c:\program files\PDFCreator
2012-02-15 06:23 . 2011-12-14 16:17 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-15 06:17 . 2012-01-12 19:52 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-02-15 06:17 . 2011-12-20 10:56 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-12 12:53 . 2008-08-19 20:48 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2012-03-01 02:52 . 2008-08-19 20:48 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2012-03-01 02:52 . 2008-08-08 04:00 58288 ----a-w- c:\windows\system32\rpcnet.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-07-17 22:20 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944]
.
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944]
.
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-24 455968]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2010-01-29 3179952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Mega Manager"="c:\program files\Megaupload\Mega Manager\MegaManager.exe" [2010-11-03 2113024]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-09-02 13351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-01-17 634880]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-10 4390912]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-15 178712]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-12-20 468264]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-17 218408]
"hpqSRMon"="" [BU]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-16 75008]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-11 49152]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-22 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-22 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-22 133656]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-09-16 1318552]
"MaxtorCombo"="c:\progra~1\Dantz\RETROS~1\ComboButton.exe" [2002-07-16 40960]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"MRT"="c:\windows\system32\MRT.exe" [2012-02-15 52550552]
.
c:\users\office depot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\users\office depot\AppData\Local\Temp\ONENOTEM.EXE [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-9-5 727592]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKLM\~\startupfolder\C:^Users^office depot^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Smartway Leasing Calc.lnk]
path=c:\users\office depot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smartway Leasing Calc.lnk
backup=c:\windows\pss\Smartway Leasing Calc.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-21 02:25 125952 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R3 A5AGU;D-Link Wireless LAN 802.11 USB device driver;c:\windows\system32\DRIVERS\AGUx86.sys [2008-08-06 905728]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 91646675
*NewlyCreated* - ASWMBR
*NewlyCreated* - ECACHE
*NewlyCreated* - LAVASOFT_AD-AWARE_SERVICE
*NewlyCreated* - MFEFIRE
*Deregistered* - 91646675
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-24 00:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-01 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-12 01:41]
.
2012-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-12 20:31]
.
2012-03-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-12 20:31]
.
2012-03-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1566114643-2624690211-1528274434-1000Core.job
- c:\users\office depot\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-20 01:24]
.
2012-03-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1566114643-2624690211-1528274434-1000UA.job
- c:\users\office depot\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-20 01:24]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s%s
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
TCP: DhcpNameServer = 192.168.0.1 192.168.1.254
FF - ProfilePath - c:\users\office depot\AppData\Roaming\Mozilla\Firefox\Profiles\72i0i7af.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Mega Manager Integration: {40a1f5d7-afc2-498f-b264-02668d616ff6} - %profile%\extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6}
FF - Ext: XULRunner: {047969BA-B571-407A-9197-76FE0045DECF} - c:\users\office depot\AppData\Local\{047969BA-B571-407A-9197-76FE0045DECF}
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-14 02:56
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mfeavfk01]
.
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\msiserver]
"ImagePath"="%systemroot%\system32\msiexec /V"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1566114643-2624690211-1528274434-1000_Classes\CLSID\{7759f0c1-d771-4850-9026-fc6c4d538204}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:000000fa
"Therad"=dword:00000015
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-1566114643-2624690211-1528274434-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):83,c8,21,7e,2a,25,92,10,1e,36,f9,c1,05,8e,27,4e,a9,a8,94,ab,4e,
c2,11,f4,95,b2,2b,23,02,16,42,a8,88,f1,25,75,b3,d7,00,9b,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2012-03-14 02:58:57
ComboFix-quarantined-files.txt 2012-03-14 06:58
ComboFix2.txt 2012-03-12 05:09
ComboFix3.txt 2012-03-12 00:11
.
Pre-Run: 53,248,249,856 bytes free
Post-Run: 53,034,598,400 bytes free
.
- - End Of File - - 2C54E313AF280E4E090E4E1F50914C09

#12 JohnDoeIII

JohnDoeIII
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:19 PM

Posted 13 March 2012 - 02:07 PM

Here is the security check info:

Results of screen317's Security Check version 0.99.31
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Disabled!
McAfee AntiVirus Plus
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Ad-Aware
Malwarebytes' Anti-Malware
Java™ 6 Update 2
Java version out of date!
Adobe Flash Player 10.3.183.7 Flash Player out of Date!
Adobe Reader 8 Adobe Reader out of date!
Mozilla Firefox (3.6.27) Firefox out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
``````````End of Log````````````

#13 JohnDoeIII

JohnDoeIII
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:19 PM

Posted 13 March 2012 - 02:11 PM

Problem not fixed. The Computer is doing the same thing. It starts up and the bar goes like its fine then the mouse pointer comes up and then 10secs later it gives me the BSoD.

#14 JohnDoeIII

JohnDoeIII
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:09:19 PM

Posted 13 March 2012 - 05:10 PM

I havent heard from you in a while what is going on????

#15 nasdaq

nasdaq

  • Malware Response Team
  • 38,942 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:19 PM

Posted 14 March 2012 - 08:33 AM

I havent heard from you in a while what is going on????

As are the other helpers I'm a volunteer and work for free.
I do have other obligations.
If I do not answer within 24 to 36 hours you can PM me otherwise stay cool.

===

Update these 3rd party programs as soon as you can.

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

Check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

If present remove the old version(s) of Java using the Add/Remove Programs applet.


Java™ 6 Update 2


===

Critical vulnerabilities have been identified in Adobe Flash Player 10.3.183.10 and earlier versions... being exploited in the wild in active targeted attacks...

Get the latest Flash Player

On the top of the page you will be given an opportunity to download the version for your operating system.
Make sure you select appropriate version.

You will also have an option to install the Free! McAfee Security Scan Plus Un-check the box if you are NOT using McAfee's virus protection software.

For the users of Internet Explorer download version 11.
Flash Player 11 (64 bit)
Flash Player 11 (32 bit)
===

Get the latest version of the Adobe Reader.
http://get.adobe.com/reader/
Before your download I suggest you unckeck the box on the top right "Include in your download" this is not required. While the installation is in progress you can also deny the installation of any other programs that may be suggested.

When installed remove your old version of the Reader using the Add/Remove Programs applet if present.
===

Problem not fixed. The Computer is doing the same thing. It starts up and the bar goes like its fine then the mouse pointer comes up and then 10secs later it gives me the BSoD.


Can you make a note of the exact error message and post it.
All I need is the first line that should look like this.
STOP: 0x0000008E (0xC0000005, 0x804EE3D73, 0xF897D60C, 0x00000000)
Post the numbers you get.
===

In you DDS log all of the services for McAfee are ending with a ? mark.
Meaning they are stopped, registry problem or the files are missing.
Your last ComboFix would normally list them but the Driver/Service field is empty of any entry. Strange!

Any way you can reinstall McAfee?

====

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your next reply for my review.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users