• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
DimitriK

Computer Randomly freezing

15 posts in this topic

Hi all,

 

My Windows Vista Ultimate 64-bit computer is freezing randomly and I hope someone here can help. Here is my HijackThis log... many, many thanks in advance.

 

Dimitri Katsaros

 

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 9:30:41 PM, on 10/28/2011

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe

C:\Program Files (x86)\SanDisk ImageMate\SanDisk Transfer Button.exe

C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe

C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe

C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe

C:\Windows\SysWOW64\CTXFISPI.EXE

C:\Program Files (x86)\Creative\Entertainment Center\EAXLoadr.exe

C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe

C:\Program Files (x86)\ASUS\AI Suite\EnergySaving\PwSave.exe

C:\Windows\SysWOW64\Ctxfihlp.exe

C:\Program Files\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\HostsMan\hm.exe

C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

C:\Program Files (x86)\Trend Micro\HijackThis\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)

O1 - Hosts: ::1 localhost

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe" /r

O4 - HKLM\..\Run: [Module Loader] "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -StartUpRun

O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files (x86)\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"

O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe"

O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files (x86)\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe"

O4 - HKLM\..\Run: [Cpu Level Up help] "C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe"

O4 - HKLM\..\Run: [ASUS Energy Saving] "C:\Program Files (x86)\ASUS\AI Suite\EnergySaving\PwSave.exe"

O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL

O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunesHelper.exe"

O4 - HKLM\..\Run: [switchBoard] "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"

O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\RunOnce: [sanDisk Transfer Button] C:\Windows\system32\Starter.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet

O4 - HKCU\..\Run: [Google Update] "C:\Users\Dimitri\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [HostsMan] "C:\Program Files (x86)\HostsMan\hm.exe" -s

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-3692413737-2501699460-3204623115-1002\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-3692413737-2501699460-3204623115-500\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Administrator')

O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office10\EXCEL.EXE/3000

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{09CFFD12-193B-43C0-B06D-0688F27597A6}: NameServer = 8.8.8.8,8.8.4.4

O17 - HKLM\System\CS1\Services\Tcpip\..\{09CFFD12-193B-43C0-B06D-0688F27597A6}: NameServer = 8.8.8.8,8.8.4.4

O17 - HKLM\System\CS2\Services\Tcpip\..\{09CFFD12-193B-43C0-B06D-0688F27597A6}: NameServer = 8.8.8.8,8.8.4.4

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: APC PBE Agent (APCPBEAgent) - APC - C:\PROGRA~2\APC\POWERC~1\agent\pbeagent.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Cacheman Service (CachemanService) - Unknown owner - (no file)

O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1a\RpcAgentSrv.exe

O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe

O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

 

--

End of file - 15001 bytes

 

Edit: HijackThis is not able to understand 64-bit systems very well.

Please read the SpywareInfo Forum FAQ and post the other requested logs: MBAM, DDS, and Security Check. We need the information in order to help you

Edited by cnm

Share this post


Link to post
Share on other sites

As requested, here are the additional log files:

 

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

 

Database version: 8039

 

Windows 6.0.6002 Service Pack 2

Internet Explorer 9.0.8112.16421

 

10/29/2011 2:05:49 AM

mbam-log-2011-10-29 (02-05-49).txt

 

Scan type: Full scan (C:\|E:\|F:\|G:\|I:\|)

Objects scanned: 618334

Time elapsed: 1 hour(s), 54 minute(s), 16 second(s)

 

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

 

Memory Processes Infected:

(No malicious items detected)

 

Memory Modules Infected:

(No malicious items detected)

 

Registry Keys Infected:

(No malicious items detected)

 

Registry Values Infected:

(No malicious items detected)

 

Registry Data Items Infected:

(No malicious items detected)

 

Folders Infected:

(No malicious items detected)

 

Files Infected:

(No malicious items detected)

 

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29

Run by Dimitri at 9:00:15 on 2011-10-29

Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.4094.1121 [GMT -7:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe

C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\PROGRA~2\APC\POWERC~1\agent\pbeagent.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Secunia\PSI\PSIA.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\SanDisk ImageMate\SanDisk Transfer Button.exe

C:\Program Files (x86)\Secunia\PSI\sua.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe

C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe

C:\Windows\SysWOW64\CTXFISPI.EXE

C:\Program Files (x86)\Creative\Entertainment Center\EAXLoadr.exe

C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\ASUS\AI Suite\EnergySaving\PwSave.exe

C:\Windows\SysWOW64\Ctxfihlp.exe

C:\Program Files\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\HostsMan\hm.exe

C:\Program Files\NetWorx\networx.exe

C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

C:\Windows\sysWOW64\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Windows\System32\mobsync.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

uURLSearchHooks: H - No File

mURLSearchHooks: H - No File

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File

TB: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File

TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet

uRun: [Google Update] "C:\Users\Dimitri\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [HostsMan] "C:\Program Files (x86)\HostsMan\hm.exe" -s

uRun: [AdobeBridge]

mRun: [VolPanel] "C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe" /r

mRun: [Module Loader] "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -StartUpRun

mRun: [AudioDrvEmulator] "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files (x86)\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"

mRun: [Ai Nap] "C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe"

mRun: [CPU Power Monitor] "C:\Program Files (x86)\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe"

mRun: [Cpu Level Up help] "C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe"

mRun: [ASUS Energy Saving] "C:\Program Files (x86)\ASUS\AI Suite\EnergySaving\PwSave.exe"

mRun: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL

mRun: [CTxfiHlp] CTXFIHLP.EXE

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files\iTunesHelper.exe"

mRun: [switchBoard] "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"

mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRunOnce: [sanDisk Transfer Button] C:\Windows\system32\Starter.exe

mRunOnce: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office10\EXCEL.EXE/3000

Trusted Zone: intuit.com\ttlc

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.0.1 205.171.3.25

TCP: Interfaces\{09CFFD12-193B-43C0-B06D-0688F27597A6} : NameServer = 8.8.8.8,8.8.4.4

TCP: Interfaces\{09CFFD12-193B-43C0-B06D-0688F27597A6} : DhcpNameServer = 192.168.0.1 205.171.3.25

TCP: Interfaces\{C57E12B7-26E4-46C2-B697-B65D358BC51C} : DhcpNameServer = 192.168.0.1

BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

BHO-X64: 0x1 - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO-X64: Search Helper - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

TB-X64: {A057A204-BACC-4D26-9990-79A187E2698E} - No File

TB-X64: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File

TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

mRun-x64: [VolPanel] "C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe" /r

mRun-x64: [Module Loader] "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -StartUpRun

mRun-x64: [AudioDrvEmulator] "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files (x86)\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"

mRun-x64: [Ai Nap] "C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe"

mRun-x64: [CPU Power Monitor] "C:\Program Files (x86)\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe"

mRun-x64: [Cpu Level Up help] "C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe"

mRun-x64: [ASUS Energy Saving] "C:\Program Files (x86)\ASUS\AI Suite\EnergySaving\PwSave.exe"

mRun-x64: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL

mRun-x64: [CTxfiHlp] CTXFIHLP.EXE

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [iTunesHelper] "C:\Program Files\iTunesHelper.exe"

mRun-x64: [switchBoard] "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"

mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRunOnce-x64: [sanDisk Transfer Button] C:\Windows\system32\Starter.exe

mRunOnce-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\1onmqbbh.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - component: C:\Users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\1onmqbbh.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll

FF - component: C:\Users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\1onmqbbh.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll

FF - component: C:\Users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\1onmqbbh.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\FFExternalAlert.dll

FF - component: C:\Users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\1onmqbbh.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCore.dll

FF - component: C:\Users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\1onmqbbh.default\extensions\piclens@cooliris.com\components\cooliris.dll

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\NOS\bin\np_gp.dll

FF - plugin: C:\Program Files\Mozilla Plugins\npitunes.dll

FF - plugin: C:\Users\Dimitri\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: C:\Users\Dimitri\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll

FF - plugin: C:\Users\Dimitri\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Users\Dimitri\AppData\Roaming\Mozilla\plugins\npcoolirisplugin.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

============= SERVICES / DRIVERS ===============

.

R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]

R1 networx;networx;C:\Windows\system32\drivers\networx.sys --> C:\Windows\system32\drivers\networx.sys [?]

R1 SBRE;SBRE;\??\C:\Windows\system32\drivers\SBREdrv.sys --> C:\Windows\system32\drivers\SBREdrv.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]

R2 APCPBEAgent;APC PBE Agent;C:\PROGRA~2\APC\POWERC~1\agent\pbeagent.exe [2009-3-2 34104]

R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]

R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-10-29 21504]

R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-4-26 2214504]

R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-4-18 993848]

R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-4-18 399416]

R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]

R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]

R3 dc3d;MS Hardware Device Detection Driver;C:\Windows\system32\DRIVERS\dc3d.sys --> C:\Windows\system32\DRIVERS\dc3d.sys [?]

R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]

R3 Point64;Microsoft IntelliPoint Filter Driver;C:\Windows\system32\DRIVERS\point64.sys --> C:\Windows\system32\DRIVERS\point64.sys [?]

R3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?]

R3 USTOR2K;Genesys USB Mass Storage Windows Driver;C:\Windows\system32\DRIVERS\ustor2k.sys --> C:\Windows\system32\DRIVERS\ustor2k.sys [?]

R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x64.sys --> C:\Windows\system32\DRIVERS\yk60x64.sys [?]

S2 CachemanService;Cacheman Service; [x]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-14 136176]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2008-10-29 79360]

S3 CT20XUT;CT20XUT;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]

S3 CTEXFIFX;CTEXFIFX;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]

S3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]

S3 CTHWIUT;CTHWIUT;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-14 136176]

S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]

S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-10-29 19968]

S3 PSSDK42;PSSDK42;C:\Windows\system32\drivers\PSSDK42.sys --> C:\Windows\system32\drivers\PSSDK42.sys [?]

S3 SandraAgentSrv;SiSoftware Deployment Agent Service;C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1a\RpcAgentSrv.exe [2011-3-31 93848]

S3 SWDUMon;SWDUMon;C:\Windows\system32\DRIVERS\SWDUMon.sys --> C:\Windows\system32\DRIVERS\SWDUMon.sys [?]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TVICHW64;TVICHW64;C:\Windows\SysWOW64\drivers\TVICHW64.SYS [2008-11-21 21200]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]

S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-6-9 89920]

.

=============== File Associations ===============

.

JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*

.txt=GetDiz.TextFile

.

=============== Created Last 30 ================

.

2011-10-29 06:56:50 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-10-29 04:14:49 388096 ----a-r- C:\Users\Dimitri\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-10-29 03:35:22 -------- d-----w- C:\rei

2011-10-29 03:35:10 -------- d-----w- C:\Program Files\Reimage

2011-10-28 23:36:07 -------- d-----w- C:\Users\Dimitri\AppData\Roaming\Adobe Mini Bridge CS5.1

2011-10-28 23:35:53 -------- d-----w- C:\Users\Dimitri\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

2011-10-28 05:08:37 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2E901717-F222-4824-8583-52DB8E63D58D}\offreg.dll

2011-10-28 05:07:52 8570192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2E901717-F222-4824-8583-52DB8E63D58D}\mpengine.dll

2011-10-21 17:41:43 -------- d-----w- C:\BDR206

2011-10-19 21:42:58 -------- d-----w- C:\Users\Dimitri\AppData\Roaming\AdobeSupportAdvisor.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1

2011-10-19 21:42:56 -------- d-----w- C:\Program Files (x86)\Adobe Support Advisor

2011-10-17 17:09:03 -------- d-----w- C:\Program Files\Mozilla Plugins

2011-10-17 17:09:01 -------- d-----w- C:\Program Files\iTunesHelper.Resources

2011-10-17 17:05:11 -------- d-----w- C:\Program Files\iTunes.Resources

2011-10-17 17:05:09 -------- d-----w- C:\Program Files\iPod

2011-10-17 17:05:05 -------- d-----w- C:\Program Files\iTunes

2011-10-17 17:05:05 -------- d-----w- C:\Program Files\CD Configuration

2011-10-17 16:56:03 -------- d-----w- C:\Program Files\Bonjour

2011-10-17 03:05:40 -------- d-----w- C:\Program Files (x86)\Adobe Download Assistant

2011-10-17 00:41:42 -------- dc-h--w- C:\ProgramData\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}

2011-10-12 22:31:21 2764288 ----a-w- C:\Windows\System32\win32k.sys

2011-10-12 06:55:39 917840 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{29C6A2DF-DAC3-4F8A-9E59-7352D6470E70}\gapaengine.dll

2011-10-10 01:06:44 293736 ----a-w- C:\Program Files\iTunesOutlookAddIn.dll

2011-10-10 01:06:40 421736 ----a-w- C:\Program Files\iTunesHelper.exe

2011-10-10 01:06:40 403304 ----a-w- C:\Program Files\iTunesAdmin.dll

2011-10-10 01:06:40 156520 ----a-w- C:\Program Files\iTunesHelper.dll

2011-10-10 01:06:36 9777000 ----a-w- C:\Program Files\iTunes.exe

2011-10-10 01:06:32 20708712 ----a-w- C:\Program Files\iTunes.dll

2011-10-10 01:06:30 796520 ----a-w- C:\Program Files\gnsdk_sdkmanager.dll

2011-10-10 01:06:30 276328 ----a-w- C:\Program Files\gnsdk_submit.dll

2011-10-10 01:06:30 2152296 ----a-w- C:\Program Files\gnsdk_dsp.dll

2011-10-10 01:06:30 198504 ----a-w- C:\Program Files\gnsdk_musicid.dll

.

==================== Find3M ====================

.

2011-10-17 01:18:16 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-10-03 12:06:03 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2011-09-23 07:09:03 15672 ----a-w- C:\Windows\System32\drivers\SWDUMon.sys

2011-09-20 04:58:44 57480 ----a-w- C:\Windows\System32\drivers\networx.sys

2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll

2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll

2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll

2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-09-01 00:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-08-31 06:05:32 96104 ----a-w- C:\Windows\System32\dns-sd.exe

2011-08-31 06:05:32 85864 ----a-w- C:\Windows\System32\dnssd.dll

2011-08-31 06:05:04 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe

2011-08-31 06:05:04 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll

2011-08-25 16:20:38 735744 ----a-w- C:\Windows\System32\UIAutomationCore.dll

2011-08-25 16:19:32 847360 ----a-w- C:\Windows\System32\oleaut32.dll

2011-08-25 16:19:32 332288 ----a-w- C:\Windows\System32\oleacc.dll

2011-08-25 16:15:04 555520 ----a-w- C:\Windows\SysWow64\UIAutomationCore.dll

2011-08-25 16:14:01 563712 ----a-w- C:\Windows\SysWow64\oleaut32.dll

2011-08-25 16:14:01 238080 ----a-w- C:\Windows\SysWow64\oleacc.dll

2011-08-25 13:54:14 4096 ----a-w- C:\Windows\System32\oleaccrc.dll

2011-08-25 13:31:01 4096 ----a-w- C:\Windows\SysWow64\oleaccrc.dll

2011-06-10 08:13:12 111904 ----a-w- C:\Program Files\ITDetector.ocx

.

============= FINISH: 9:01:13.42 ===============

 

 

Results of screen317's Security Check version 0.99.24

Windows Vista x64 (UAC is enabled)

Out of date service pack!!

Internet Explorer 9

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

Java 6 Update 29

Adobe Flash Player ( 10.3.183.10) Flash Player Out of Date!

Mozilla Firefox (x86 en-US..)

````````````````````````````````

Process Check:

objlist.exe by Laurent

Windows Defender MSMpEng.exe

Microsoft Security Essentials msseces.exe

Microsoft Security Client Antimalware MsMpEng.exe

Microsoft Security Client Antimalware NisSrv.exe

``````````End of Log````````````

Share this post


Link to post
Share on other sites

The only thing I see that could cause freezes: you have more than 30 tabs open in Chrome. I've found that it is best not to have more than 20 open. Right-click a tab and select 'Close tabs to the right' is handy.

 

Aside from that, get Service Pack 1. Conceivably that will help solve the problem.

 

Or it could have to do with settings or hardware. What make and model of PC do you have? Belarc Advisor will provide a lot of info about your system. Please run it and copy the main information into your next reply.

Share this post


Link to post
Share on other sites

That was incorrectly reported, I actually do have SP2 installed... dunno why it said SP1... as for tabs, I've had many more open in the past... this freezing only started a few days ago. Here is the main section of the Belarc page... if you need more, please let me know... Thanks!

 

Operating System new – server roles System Model

Windows Vista Ultimate (x64) Service Pack 2 (build 6002)

Install Language: English (United States)

System Locale: English (United States)

Installed: 10/29/2008 12:33:06 AM No details available

Processor a Main Circuit Board b

2.67 gigahertz Intel Core 2 Duo

64 kilobyte primary memory cache

4096 kilobyte secondary memory cache

64-bit ready

Multi-core (2 total)

Not hyper-threaded Board: ASUSTeK Computer INC. P5B-Premium Rev 1.xx

Bus Clock: 400 megahertz

BIOS: American Megatrends Inc. 1001 02/22/2008

new USB Storage Use in past 30 Days (mouse over last used for details) new Hosted Virtual Machines (mouse over name for details)

Last Used

Generic STORAGE DEVICE -- drive 3, s/n 0300943333, rev 9312 10/29/2011 5:33:39 PM None discovered

Drives new – drive encryption Memory Modules c,d

4000.67 Gigabytes Usable Hard Drive Capacity

2595.15 Gigabytes Hard Drive Free Space

 

PIONEER BD-RW BDR-206 ATA Device [Optical drive]

 

Generic STORAGE DEVICE USB Device [Hard drive] (8.19 GB) -- drive 3

WDC WD30EZRS-11J99B0 [Hard drive] (3000.59 GB) -- drive 2, s/n WD-WMAWZ0022831, rev 80.00A80, SMART Status: Healthy

WDC WD5000AAKS-00TMA0 [Hard drive] (500.11 GB) -- drive 1, s/n WD-WMAPW1171537, rev 12.01C01, SMART Status: Healthy

WDC WD5000AAKS-00YGA0 [Hard drive] (500.11 GB) -- drive 0, s/n WD-WCAS80943798, rev 12.01C02, SMART Status: Healthy 4096 Megabytes Usable Installed Memory

 

Slot 'DIMM0' has 2048 MB

Slot 'DIMM1' is Empty

Slot 'DIMM2' has 2048 MB

Slot 'DIMM3' is Empty

Local Drive Volumes new – volume encryption

 

c: (NTFS on drive 0) * 500.11 GB 44.93 GB free

e: (NTFS on drive 1) 500.11 GB 58.41 GB free

g: (NTFS on drive 2) 3000.46 GB 2491.81 GB free

 

* Operating System is installed on c:

Network Drives

None discovered

Users (mouse over user name for details) Printers

local user accounts last logon

Administrator 10/12/2011 9:36:28 PM (admin)

Dimitri 10/29/2011 6:39:06 PM (admin)

UpdatusUser 10/29/2011 5:36:27 PM

local system accounts

Guest 10/21/2011 10:30:14 AM

 

Marks a disabled account; Marks a locked account

 

EPSON Stylus Pro 7800 on USB001

HP LaserJet 4250 PS on 192.168.0.197

HP Universal Printing PS on 192.168.0.197_1

Microsoft XPS Document Writer on XPSPort:

Controllers Display

ATA Channel 0 [Controller]

ATA Channel 1 [Controller]

IDE Channel [Controller] (4x)

Intel® ICH8 2 port Serial ATA Storage Controller - 2825

Intel® ICH8 4 port Serial ATA Storage Controller - 2820

Standard AHCI 1.0 Serial ATA Controller NVIDIA GeForce 7950 GT [Display adapter]

NEC FP2141SB [Monitor] (19.7"vis, s/n 49107235YA, September 2004)

Bus Adapters Multimedia

Microsoft iSCSI Initiator

Intel® ICH8 Family USB Universal Host Controller - 2830

Intel® ICH8 Family USB Universal Host Controller - 2831

Intel® ICH8 Family USB Universal Host Controller - 2832

Intel® ICH8 Family USB Universal Host Controller - 2834

Intel® ICH8 Family USB Universal Host Controller - 2835

Intel® ICH8 Family USB2 Enhanced Host Controller - 2836

Intel® ICH8 Family USB2 Enhanced Host Controller - 283A Creative SB X-Fi

High Definition Audio Device

Virus Protection [back to Top] Group Policies

Microsoft Security Essentials Version 3.0.8402.0

Scan Engine Version 1.1.7801.0

Virus Definitions Version 1.115.831.0

Realtime File Scanning On

None discovered

Communications new – connection speed & status Other Devices

↑ Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller

primary Auto IP Address: 192.168.0.3 / 24

Gateway: 192.168.0.1

Dhcp Server: 192.168.0.1

Physical Address: 00:1A:92:7E:03:81

Connection Speed: 100 Mbps

↓ Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller

Status: Cable unplugged

Dhcp Server: none responded

Physical Address: 00:1A:92:7E:0A:ED

Connection Speed: 1 Gbps

Microsoft ISATAP Adapter

Teredo Tunneling Pseudo-Interface

 

Networking Dns Servers: 192.168.0.1

8.8.8.8

8.8.4.4

Texas Instruments OHCI Compliant IEEE 1394 Host Controller

HID Non-User Input Data Filter (KB 911895)

Standard PS/2 Keyboard

Microsoft USB Wireless Mouse (IntelliPoint)

TG_iMON (x64)

USB Mass Storage Device (2x)

USB Root Hub (7x)

Generic volume shadow copy

STORAGE DEVICE

Share this post


Link to post
Share on other sites

A Google search for "random freeze asus P5B-Premium Rev 1.xx" didn't turn up any solutions. What is the brand of your PC? Random freezes seem to be most common on Dell.

 

If we find no malware you might want to post at PC Guide forum. They are more hardware oriented.

 

Please run these two scans for rootkits:

 

Please download tdsskiller.exe and save it to your Desktop. Go here for information.


  • Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
  • If a suspicious file is detected, the default action will be Skip, click on Continue
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file in your next reply.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Please download MBRCheck by a_d_13 to your Desktop from one of these locations:

http://ad13.geekstogo.com/MBRCheck.exe

http://download.bleepingcomputer.com/rootrepeal/MBRCheck.exe

http://www.kernelmode.info/MBRCheck.exe

Close all opened programs/ windows and double-click on MBRCheck.exe.

It will produce a log file saved automatically on your Desktop as "MBRCheck_[Date]_[Time].txt".

Press the "Enter" key to close the MBRCheck window and post the contents of the log file.

 

After that =======================

Please download ComboFix.exe to your Desktop. Visit this webpage for download links, and instructions for running the tool:

how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please go here to see a list of programs that should be disabled.

 

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**

 

Please include the C:\ComboFix.txt in your next reply for further review, and let me know if you're still getting freezes or any other problems. Note that if ComboFix leaves the PC in an odd state, another reboot and/or running ComboFix again should fix it.

Share this post


Link to post
Share on other sites

Hey again... I tried fewer tabs and when that didn't help, I even switched to Firefox thinking it may be Chome's special version of flash, but to no avail. I ran tds, mbr, and combofix (making sure to disable the programs listed in the combofix doc) and here are those logfiles:

 

MBRCheck, version 1.2.3

© 2010, AD

 

Command-line:

Windows Version: Windows Vista Ultimate Edition

Windows Information: Service Pack 2 (build 6002), 64-bit

Base Board Manufacturer: ASUSTeK Computer INC.

BIOS Manufacturer: American Megatrends Inc.

System Manufacturer: System manufacturer

System Product Name: System Product Name

Logical Drives Mask: 0x0000015c

 

Kernel Drivers (total 167):

0x01A12000 \SystemRoot\system32\ntoskrnl.exe

0x01F2A000 \SystemRoot\system32\hal.dll

0x00600000 \SystemRoot\system32\kdcom.dll

0x0060A000 \SystemRoot\system32\mcupdate_GenuineIntel.dll

0x00645000 \SystemRoot\system32\PSHED.dll

0x00659000 \SystemRoot\system32\CLFS.SYS

0x006B6000 \SystemRoot\system32\CI.dll

0x00807000 \SystemRoot\system32\drivers\Wdf01000.sys

0x008AB000 \SystemRoot\system32\drivers\WDFLDR.SYS

0x008BA000 \SystemRoot\system32\drivers\acpi.sys

0x00910000 \SystemRoot\system32\drivers\WMILIB.SYS

0x00919000 \SystemRoot\system32\drivers\msisadrv.sys

0x00923000 \SystemRoot\system32\drivers\pci.sys

0x00953000 \SystemRoot\System32\drivers\partmgr.sys

0x00968000 \SystemRoot\system32\DRIVERS\compbatt.sys

0x0096C000 \SystemRoot\system32\DRIVERS\BATTC.SYS

0x00978000 \SystemRoot\system32\drivers\volmgr.sys

0x0098C000 \SystemRoot\System32\drivers\volmgrx.sys

0x009F2000 \SystemRoot\system32\drivers\intelide.sys

0x00768000 \SystemRoot\system32\drivers\PCIIDEX.SYS

0x00800000 \SystemRoot\system32\drivers\pciide.sys

0x00778000 \SystemRoot\system32\DRIVERS\jraid.sys

0x00799000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS

0x007C7000 \SystemRoot\System32\drivers\mountmgr.sys

0x007DA000 \SystemRoot\system32\drivers\atapi.sys

0x00A02000 \SystemRoot\system32\drivers\ataport.SYS

0x00A26000 \SystemRoot\system32\DRIVERS\msahci.sys

0x00A30000 \SystemRoot\system32\drivers\fltmgr.sys

0x00A77000 \SystemRoot\system32\drivers\fileinfo.sys

0x00A8B000 \SystemRoot\System32\Drivers\ksecdd.sys

0x00C07000 \SystemRoot\system32\drivers\ndis.sys

0x00B12000 \SystemRoot\system32\drivers\msrpc.sys

0x00B62000 \SystemRoot\system32\drivers\NETIO.SYS

0x00E06000 \SystemRoot\System32\Drivers\Ntfs.sys

0x00F86000 \SystemRoot\system32\drivers\volsnap.sys

0x00FCA000 \SystemRoot\System32\Drivers\spldr.sys

0x00FD2000 \SystemRoot\System32\Drivers\mup.sys

0x00DCA000 \SystemRoot\System32\drivers\ecache.sys

0x00BBB000 \SystemRoot\System32\DRIVERS\fvevol.sys

0x00FEB000 \SystemRoot\system32\drivers\disk.sys

0x0100D000 \SystemRoot\system32\drivers\CLASSPNP.SYS

0x01039000 \SystemRoot\system32\drivers\crcdisk.sys

0x01078000 \SystemRoot\system32\DRIVERS\tunnel.sys

0x01085000 \SystemRoot\system32\DRIVERS\tunmp.sys

0x0108E000 \SystemRoot\system32\DRIVERS\intelppm.sys

0x02406000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys

0x030B4000 \SystemRoot\System32\Drivers\nvBridge.kmd

0x030B9000 \SystemRoot\System32\drivers\dxgkrnl.sys

0x0319C000 \SystemRoot\System32\drivers\watchdog.sys

0x031AC000 \SystemRoot\system32\DRIVERS\usbuhci.sys

0x031B8000 \SystemRoot\system32\DRIVERS\USBPORT.SYS

0x010A1000 \SystemRoot\system32\DRIVERS\usbehci.sys

0x010B2000 \SystemRoot\system32\DRIVERS\HDAudBus.sys

0x03207000 \SystemRoot\system32\DRIVERS\yk60x64.sys

0x03269000 \SystemRoot\system32\drivers\ctaud2k.sys

0x0330F000 \SystemRoot\system32\drivers\portcls.sys

0x0334A000 \SystemRoot\system32\drivers\drmk.sys

0x0336D000 \SystemRoot\system32\drivers\ks.sys

0x033A1000 \SystemRoot\system32\drivers\ctoss2k.sys

0x033D2000 \SystemRoot\system32\drivers\ctprxy2k.sys

0x033DA000 \SystemRoot\system32\drivers\ksthunk.sys

0x033E0000 \SystemRoot\system32\DRIVERS\ohci1394.sys

0x0119F000 \SystemRoot\system32\DRIVERS\1394BUS.SYS

0x033F2000 \SystemRoot\system32\DRIVERS\ASACPI.sys

0x011AF000 \SystemRoot\system32\DRIVERS\serial.sys

0x011CC000 \SystemRoot\system32\DRIVERS\serenum.sys

0x011D8000 \SystemRoot\system32\DRIVERS\i8042prt.sys

0x011EE000 \SystemRoot\system32\DRIVERS\kbdclass.sys

0x00BE4000 \SystemRoot\system32\DRIVERS\cdrom.sys

0x01000000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys

0x03405000 \SystemRoot\system32\DRIVERS\msiscsi.sys

0x0343E000 \SystemRoot\system32\DRIVERS\storport.sys

0x0349B000 \SystemRoot\system32\DRIVERS\TDI.SYS

0x034A8000 \SystemRoot\system32\DRIVERS\rasl2tp.sys

0x034CB000 \SystemRoot\system32\DRIVERS\ndistapi.sys

0x034D7000 \SystemRoot\system32\DRIVERS\ndiswan.sys

0x03508000 \SystemRoot\system32\DRIVERS\raspppoe.sys

0x03518000 \SystemRoot\system32\DRIVERS\raspptp.sys

0x03536000 \SystemRoot\system32\DRIVERS\rassstp.sys

0x0354E000 \SystemRoot\system32\DRIVERS\rdpdr.sys

0x035E8000 \SystemRoot\system32\DRIVERS\termdd.sys

0x007E2000 \SystemRoot\system32\DRIVERS\mouclass.sys

0x035FB000 \SystemRoot\system32\DRIVERS\swenum.sys

0x007EE000 \SystemRoot\system32\DRIVERS\mssmbios.sys

0x03605000 \SystemRoot\system32\DRIVERS\umbus.sys

0x03615000 \SystemRoot\system32\DRIVERS\usbhub.sys

0x0365D000 \SystemRoot\System32\Drivers\NDProxy.SYS

0x03671000 \SystemRoot\system32\drivers\ha20x2k.sys

0x08201000 \SystemRoot\system32\drivers\emupia2k.sys

0x0824B000 \SystemRoot\system32\drivers\ctsfm2k.sys

0x08283000 \SystemRoot\system32\drivers\ctac32k.sys

0x0834C000 \SystemRoot\System32\drivers\CT20XUT.SYS

0x08609000 \SystemRoot\System32\drivers\CTEXFIFX.SYS

0x08766000 \SystemRoot\system32\drivers\HdAudio.sys

0x087AF000 \SystemRoot\system32\DRIVERS\MpFilter.sys

0x087E0000 \SystemRoot\System32\Drivers\Fs_Rec.SYS

0x087EA000 \SystemRoot\System32\Drivers\Null.SYS

0x08381000 \??\C:\Windows\system32\drivers\SBREdrv.sys

0x08392000 \SystemRoot\System32\drivers\vga.sys

0x083A0000 \SystemRoot\System32\drivers\VIDEOPRT.SYS

0x087F3000 \SystemRoot\System32\DRIVERS\RDPCDD.sys

0x08600000 \SystemRoot\system32\drivers\rdpencdd.sys

0x083C5000 \SystemRoot\System32\Drivers\Msfs.SYS

0x083D0000 \SystemRoot\System32\Drivers\Npfs.SYS

0x083E1000 \SystemRoot\System32\DRIVERS\rasacd.sys

0x08808000 \SystemRoot\System32\drivers\tcpip.sys

0x0897C000 \SystemRoot\System32\drivers\fwpkclnt.sys

0x089A8000 \SystemRoot\system32\DRIVERS\tdx.sys

0x089C5000 \SystemRoot\system32\drivers\networx.sys

0x089D7000 \SystemRoot\system32\DRIVERS\smb.sys

0x08A06000 \SystemRoot\System32\DRIVERS\netbt.sys

0x08A4A000 \SystemRoot\system32\drivers\afd.sys

0x08AB5000 \SystemRoot\system32\DRIVERS\pacer.sys

0x08AD3000 \SystemRoot\system32\DRIVERS\netbios.sys

0x08AE2000 \SystemRoot\system32\DRIVERS\wanarp.sys

0x08AFD000 \SystemRoot\system32\DRIVERS\rdbss.sys

0x08B4A000 \SystemRoot\system32\drivers\tgimonx64.sys

0x08B59000 \SystemRoot\system32\drivers\USBD.SYS

0x08B5B000 \SystemRoot\system32\drivers\nsiproxy.sys

0x08B67000 \SystemRoot\System32\Drivers\dfsc.sys

0x08B84000 \SystemRoot\SysWow64\drivers\AsIO.sys

0x08B8B000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS

0x08BA3000 \SystemRoot\system32\DRIVERS\dc3d.sys

0x08BB5000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS

0x08BBD000 \SystemRoot\system32\DRIVERS\hidusb.sys

0x08BC6000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS

0x08BD8000 \SystemRoot\system32\DRIVERS\NuidFltr.sys

0x08BE4000 \SystemRoot\system32\DRIVERS\mouhid.sys

0x08BEF000 \SystemRoot\system32\DRIVERS\point64.sys

0x089F2000 \SystemRoot\system32\DRIVERS\ustor2k.sys

0x01043000 \SystemRoot\System32\Drivers\fastfat.SYS

0x083EA000 \SystemRoot\System32\Drivers\crashdmp.sys

0x037F2000 \SystemRoot\System32\Drivers\dump_dumpata.sys

0x08800000 \SystemRoot\System32\Drivers\dump_atapi.sys

0x08C08000 \SystemRoot\System32\Drivers\dump_dumpfve.sys

0x000C0000 \SystemRoot\System32\win32k.sys

0x08C1B000 \SystemRoot\System32\drivers\Dxapi.sys

0x08C27000 \SystemRoot\system32\DRIVERS\monitor.sys

0x004F0000 \SystemRoot\System32\TSDDD.dll

0x00830000 \SystemRoot\System32\ATMFD.DLL

0x006B0000 \SystemRoot\System32\cdd.dll

0x08C3A000 \SystemRoot\system32\drivers\luafv.sys

0x08C65000 \SystemRoot\system32\DRIVERS\lltdio.sys

0x08C79000 \SystemRoot\system32\DRIVERS\rspndr.sys

0x08C91000 \SystemRoot\system32\drivers\HTTP.sys

0x08D34000 \SystemRoot\System32\DRIVERS\srvnet.sys

0x08D5D000 \SystemRoot\system32\DRIVERS\bowser.sys

0x08D7B000 \SystemRoot\System32\drivers\mpsdrv.sys

0x08D95000 \SystemRoot\system32\DRIVERS\mrxsmb.sys

0x0C80B000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys

0x0C854000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys

0x0C873000 \SystemRoot\System32\DRIVERS\srv2.sys

0x0C8A5000 \SystemRoot\System32\DRIVERS\srv.sys

0x0C938000 \SystemRoot\system32\drivers\spsys.sys

0x0C9D2000 \SystemRoot\system32\DRIVERS\asyncmac.sys

0x0C9DD000 \SystemRoot\System32\Drivers\adfs.SYS

0x0C9F5000 \??\C:\Windows\system32\drivers\cpuz135_x64.sys

0x0CE0C000 \SystemRoot\system32\drivers\peauth.sys

0x0CEC2000 \SystemRoot\System32\Drivers\secdrv.SYS

0x0CECD000 \SystemRoot\System32\drivers\tcpipreg.sys

0x0CEDD000 \SystemRoot\system32\DRIVERS\WUDFRd.sys

0x0CEFD000 \SystemRoot\system32\DRIVERS\WUDFPf.sys

0x0CF13000 \SystemRoot\system32\DRIVERS\NisDrvWFP.sys

0x0CF2B000 \SystemRoot\system32\DRIVERS\psi_mf.sys

0x0CFA0000 \SystemRoot\system32\DRIVERS\cdfs.sys

0x0CFBC000 \SystemRoot\system32\DRIVERS\MpNWMon.sys

0x771E0000 \Windows\System32\ntdll.dll

 

Processes (total 73):

0 System Idle Process

4 System

488 C:\Windows\System32\smss.exe

580 csrss.exe

624 C:\Windows\System32\wininit.exe

644 csrss.exe

680 C:\Windows\System32\services.exe

692 C:\Windows\System32\lsass.exe

700 C:\Windows\System32\lsm.exe

776 C:\Windows\System32\winlogon.exe

900 C:\Windows\System32\svchost.exe

944 C:\Windows\System32\nvvsvc.exe

976 C:\Windows\System32\svchost.exe

1020 C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

572 C:\Windows\System32\svchost.exe

584 C:\Windows\System32\svchost.exe

1052 C:\Windows\System32\svchost.exe

1120 C:\Windows\System32\audiodg.exe

1156 C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

1344 C:\Windows\System32\svchost.exe

1360 C:\Windows\System32\SLsvc.exe

1408 C:\Windows\System32\svchost.exe

1492 C:\Windows\System32\svchost.exe

1628 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

1644 C:\Windows\System32\nvvsvc.exe

1716 C:\Windows\System32\spoolsv.exe

1752 C:\Windows\System32\svchost.exe

2036 C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe

1792 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

1228 C:\PROGRA~2\APC\POWERC~1\agent\pbeagent.exe

1884 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

1916 C:\Program Files\Bonjour\mDNSResponder.exe

1964 C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe

2072 C:\Windows\System32\svchost.exe

2180 C:\Windows\System32\svchost.exe

2200 C:\Windows\System32\svchost.exe

2292 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

2344 C:\Program Files (x86)\Secunia\PSI\psia.exe

2548 C:\Windows\System32\taskeng.exe

2580 C:\Windows\System32\dwm.exe

2628 C:\Windows\System32\taskeng.exe

2672 C:\Windows\System32\taskeng.exe

2684 C:\Windows\explorer.exe

3000 C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe

2644 C:\Windows\System32\svchost.exe

2892 C:\Windows\System32\svchost.exe

2260 C:\Windows\System32\SearchIndexer.exe

3112 C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

3164 WUDFHost.exe

3308 C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

3712 C:\Program Files (x86)\SanDisk ImageMate\SanDisk Transfer Button.exe

3900 C:\Program Files (x86)\Secunia\PSI\sua.exe

4092 C:\Program Files\Microsoft IntelliPoint\ipoint.exe

2868 C:\Program Files\Microsoft Security Client\msseces.exe

428 C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe

2512 C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe

3516 C:\Windows\SysWOW64\CTxfispi.exe

4020 C:\Program Files (x86)\Creative\Entertainment Center\EAXLoadr.exe

2240 C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe

3616 C:\Program Files (x86)\ASUS\AI Suite\EnergySaving\PwSave.exe

1176 C:\Windows\SysWOW64\Ctxfihlp.exe

876 WmiPrvSE.exe

3960 C:\Program Files\iTunesHelper.exe

4104 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

4204 C:\Program Files\iPod\bin\iPodService.exe

4548 C:\Windows\System32\svchost.exe

4384 C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

5820 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

1876 WmiPrvSE.exe

5444 C:\Windows\splwow64.exe

5264 C:\Windows\System32\SearchProtocolHost.exe

2756 C:\Windows\System32\SearchFilterHost.exe

2408 C:\Users\Dimitri\Desktop\MBRCheck.exe

 

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)

\\.\E: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000 (NTFS)

\\.\G: --> \\.\PhysicalDrive2 at offset 0x00000000`08100000 (NTFS)

 

PhysicalDrive0 Model Number: WDCWD5000AAKS-00YGA0, Rev: 12.01C02

PhysicalDrive1 Model Number: WDCWD5000AAKS-00TMA0, Rev: 12.01C01

PhysicalDrive2 Model Number: WDCWD30EZRS-11J99B0, Rev: 80.00A80

 

Size Device Name MBR Status

--------------------------------------------

465 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected

SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979

465 GB \\.\PhysicalDrive1 Windows 2008 MBR code detected

SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979

2794 GB \\.\PhysicalDrive2 Windows Vista MBR code detected

SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979

 

 

Done!

 

 

ComboFix 11-10-30.04 - Dimitri 10/31/2011 11:12:30.1.2 - x64

Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.4094.2196 [GMT -7:00]

Running from: c:\users\Dimitri\Downloads\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\xml413D.tmp

c:\programdata\xml466C.tmp

c:\programdata\xml4969.tmp

c:\users\Dimitri\AppData\Roaming\EurekaLog

c:\users\Dimitri\AppData\Roaming\EurekaLog\TreeSize\TreeSize.elf

c:\windows\SysWow64\AutoRun.exe

c:\windows\SysWow64\CF15429.exe

c:\windows\SysWow64\CF24626.exe

c:\windows\SysWow64\uninstall.exe

c:\windows\SysWow64\X86

c:\windows\SysWow64\X86\License.rtf

c:\windows\SysWow64\X86\Readme.txt

c:\windows\SysWow64\X86\setup.exe

.

.

((((((((((((((((((((((((( Files Created from 2011-09-28 to 2011-10-31 )))))))))))))))))))))))))))))))

.

.

2011-10-31 18:25 . 2011-10-31 18:26 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C2AC6E40-1E53-41AC-B925-B9026B5B7A72}\offreg.dll

2011-10-31 18:25 . 2011-10-31 18:25 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{65E2D8EC-5C2D-4901-9A83-F5FA676B637A}\offreg.dll

2011-10-31 18:04 . 2011-10-18 09:27 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C2AC6E40-1E53-41AC-B925-B9026B5B7A72}\mpengine.dll

2011-10-31 15:57 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{65E2D8EC-5C2D-4901-9A83-F5FA676B637A}\mpengine.dll

2011-10-30 01:44 . 2011-10-30 01:44 -------- d-----w- c:\program files (x86)\Belarc

2011-10-29 06:56 . 2011-10-29 06:57 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-10-29 04:14 . 2011-10-29 04:14 388096 ----a-r- c:\users\Dimitri\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-10-29 03:35 . 2011-10-29 03:36 -------- d-----w- C:\rei

2011-10-29 03:35 . 2011-10-29 03:35 -------- d-----w- c:\program files\Reimage

2011-10-28 23:36 . 2011-10-28 23:36 -------- d-----w- c:\users\Dimitri\AppData\Roaming\Adobe Mini Bridge CS5.1

2011-10-28 23:35 . 2011-10-28 23:35 -------- d-----w- c:\users\Dimitri\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

2011-10-25 00:43 . 2011-10-25 00:43 -------- d-----w- c:\program files (x86)\Common Files\Java

2011-10-24 21:29 . 2011-10-24 21:29 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx

2011-10-24 21:29 . 2011-10-24 21:29 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts

2011-10-21 17:41 . 2011-10-21 17:41 -------- d-----w- C:\BDR206

2011-10-19 21:42 . 2011-10-19 21:42 -------- d-----w- c:\users\Dimitri\AppData\Roaming\AdobeSupportAdvisor.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1

2011-10-19 21:42 . 2011-10-19 21:42 -------- d-----w- c:\program files (x86)\Adobe Support Advisor

2011-10-17 17:09 . 2011-10-17 17:09 -------- d-----w- c:\program files\Mozilla Plugins

2011-10-17 17:05 . 2011-10-17 17:05 -------- d-----w- c:\program files\iPod

2011-10-17 17:05 . 2011-10-17 17:09 -------- d-----w- c:\program files\iTunes

2011-10-17 17:05 . 2011-10-17 17:05 -------- d-----w- c:\program files\CD Configuration

2011-10-17 16:56 . 2011-10-17 16:56 -------- d-----w- c:\program files\Bonjour

2011-10-17 03:05 . 2011-10-17 03:05 -------- d-----w- c:\program files (x86)\Adobe Download Assistant

2011-10-17 00:41 . 2011-10-17 00:41 -------- dc-h--w- c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}

2011-10-13 04:36 . 2011-10-30 01:45 -------- d-----w- c:\users\Administrator

2011-10-12 22:31 . 2011-09-06 13:56 2764288 ----a-w- c:\windows\system32\win32k.sys

2011-10-12 06:55 . 2011-10-12 06:54 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{29C6A2DF-DAC3-4F8A-9E59-7352D6470E70}\gapaengine.dll

2011-10-10 01:06 . 2011-10-10 01:06 796520 ----a-w- c:\program files\gnsdk_sdkmanager.dll

2011-10-10 01:06 . 2011-10-10 01:06 276328 ----a-w- c:\program files\gnsdk_submit.dll

2011-10-10 01:06 . 2011-10-10 01:06 2152296 ----a-w- c:\program files\gnsdk_dsp.dll

2011-10-10 01:06 . 2011-10-10 01:06 198504 ----a-w- c:\program files\gnsdk_musicid.dll

2011-10-07 19:27 . 2011-10-07 19:27 -------- d-----w- c:\users\Dimitri\AppData\Roaming\ArcSoft

2011-10-07 19:27 . 2011-10-07 19:27 -------- d-----w- c:\program files (x86)\ArcSoft

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-30 06:03 . 2011-07-10 06:37 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-10-07 04:16 . 2011-05-31 05:16 8570192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-10-03 12:06 . 2010-04-29 19:50 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

2011-09-23 07:09 . 2011-04-27 04:10 15672 ----a-w- c:\windows\system32\drivers\SWDUMon.sys

2011-09-20 04:58 . 2011-02-11 09:56 57480 ----a-w- c:\windows\system32\drivers\networx.sys

2011-09-01 00:00 . 2009-06-12 23:27 25416 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-08-31 06:05 . 2011-08-31 06:05 96104 ----a-w- c:\windows\system32\dns-sd.exe

2011-08-31 06:05 . 2011-08-31 06:05 85864 ----a-w- c:\windows\system32\dnssd.dll

2011-08-31 06:05 . 2011-08-31 06:05 83816 ----a-w- c:\windows\SysWow64\dns-sd.exe

2011-08-31 06:05 . 2011-08-31 06:05 73064 ----a-w- c:\windows\SysWow64\dnssd.dll

2011-06-10 08:13 . 2011-06-10 08:13 111904 ----a-w- c:\program files\ITDetector.ocx

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]

"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\MESSEN~1\YahooMessenger.exe" [2011-08-22 6276408]

"HostsMan"="c:\program files (x86)\HostsMan\hm.exe" [2010-02-06 3043840]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"VolPanel"="c:\program files (x86)\Creative\Volume Panel\VolPanlu.exe" [2008-08-06 233576]

"Module Loader"="c:\program files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" [2007-07-23 57344]

"AudioDrvEmulator"="c:\program files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" [2007-07-23 57344]

"Ai Nap"="c:\program files (x86)\ASUS\AI Suite\AiNap\AiNap.exe" [2008-01-28 1413120]

"CPU Power Monitor"="c:\program files (x86)\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe" [2008-01-09 627200]

"Cpu Level Up help"="c:\program files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe" [2007-12-01 881152]

"ASUS Energy Saving"="c:\program files (x86)\ASUS\AI Suite\EnergySaving\PwSave.exe" [2008-01-28 1352704]

"AsioThk32Reg"="CTASIO.DLL" [2010-05-06 51712]

"CTxfiHlp"="CTXFIHLP.EXE" [2010-05-06 25600]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

"iTunesHelper"="c:\program files\iTunesHelper.exe" [2011-10-10 421736]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"SanDisk Transfer Button"="c:\windows\system32\Starter.exe" [2008-11-05 155714]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-4-18 291896]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R2 CachemanService;Cacheman Service; [x]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-14 136176]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2008-10-29 79360]

R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [x]

R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [x]

R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [x]

R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [x]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-14 136176]

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]

R3 NDSPCIIO;NDSPCIIO; [x]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-28 288272]

R3 PSSDK42;PSSDK42; [x]

R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2011.SP1a\RpcAgentSrv.exe [2009-08-10 93848]

R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]

R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 TVICHW64;TVICHW64;c:\windows\SysWOW64\Drivers\TVICHW64.SYS [2008-11-21 21200]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]

R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]

S1 networx;networx;c:\windows\system32\drivers\networx.sys [x]

S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S2 APCPBEAgent;APC PBE Agent;c:\progra~2\APC\POWERC~1\agent\pbeagent.exe [2008-12-01 34104]

S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [x]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]

S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]

S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-04-19 399416]

S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [x]

S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [x]

S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [x]

S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]

S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]

S3 USTOR2K;Genesys USB Mass Storage Windows Driver;c:\windows\system32\DRIVERS\ustor2k.sys [x]

S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk60x64.sys [x]

.

.

Contents of the 'Scheduled Tasks' folder

.

2011-10-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-14 21:08]

.

2011-10-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-14 21:08]

.

2011-10-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3692413737-2501699460-3204623115-1000Core.job

- c:\users\Dimitri\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-24 08:18]

.

2011-10-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3692413737-2501699460-3204623115-1000UA.job

- c:\users\Dimitri\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-24 08:18]

.

2011-10-31 c:\windows\Tasks\RegistryBooster.job

- c:\program files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2011-10-17 09:48]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NetWorx"="c:\program files\NetWorx\networx.exe" [2011-10-19 4756992]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-01-08 2328944]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-16 499608]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office10\EXCEL.EXE/3000

Trusted Zone: intuit.com\ttlc

TCP: DhcpNameServer = 192.168.0.1 205.171.3.25

TCP: Interfaces\{09CFFD12-193B-43C0-B06D-0688F27597A6}: NameServer = 8.8.8.8,8.8.4.4

CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll

FF - ProfilePath - c:\users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\1onmqbbh.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

.

.

------- File Associations -------

.

.txt=GetDiz.TextFile

.

- - - - ORPHANS REMOVED - - - -

.

URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

Wow6432Node-HKCU-Run-msnmsgr - c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe

Wow6432Node-HKCU-Run-AdobeBridge - (no file)

SafeBoot-mcmscsvc

SafeBoot-MCODS

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)

HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:51,66,7a,6c,4c,1d,38,12,5c,be,8a,

eb,c9,8f,bc,54,f6,39,43,d0,22,43,0b,9c

"{02478D38-C3F9-4EFB-9B51-7695ECA05670}"=hex:51,66,7a,6c,4c,1d,38,12,56,8e,54,

06,cb,8d,95,0b,e4,47,35,d5,e9,fe,12,64

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

"{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}"=hex:51,66,7a,6c,4c,1d,38,12,eb,77,ac,

6a,ad,5b,91,0e,de,59,fa,a3,af,9a,02,4f

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,

9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

"{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}"=hex:51,66,7a,6c,4c,1d,38,12,cf,4e,be,

f9,90,2f,b6,0a,e3,01,c5,b7,a9,7a,14,95

"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,

b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:ec,7f,ce,35,c4,07,cc,01

.

[HKEY_USERS\S-1-5-21-3692413737-2501699460-3204623115-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-3692413737-2501699460-3204623115-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_USERS\S-1-5-21-3692413737-2501699460-3204623115-1000\Software\SecuROM\License information*]

"datasecu"=hex:db,df,8f,0b,62,c5,1e,33,01,5c,f7,ec,ef,c5,4a,da,d5,e7,d3,b9,39,

b0,bd,4a,08,f9,dd,34,3d,d8,c8,75,00,04,cd,1f,8c,00,b5,c4,d6,60,3e,dc,76,a2,\

"rkeysecu"=hex:7f,48,34,8c,5e,c9,96,f7,a9,7e,f0,ba,2c,d6,88,55

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]

@Denied: (A 2) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]

@="Shockwave Flash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]

@Denied: (A 2) (Everyone)

@=""

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]

@="FlashBroker"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]

"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe

c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe

c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

c:\windows\SysWOW64\CTXFISPI.EXE

c:\program files (x86)\Creative\Entertainment Center\EAXLoadr.exe

c:\program files (x86)\Creative\ShareDLL\CADI\NotiMan.exe

c:\windows\SysWOW64\Ctxfihlp.exe

c:\program files (x86)\Internet Explorer\IELowutil.exe

.

**************************************************************************

.

Completion time: 2011-10-31 11:45:21 - machine was rebooted

ComboFix-quarantined-files.txt 2011-10-31 18:45

.

Pre-Run: 44,181,598,208 bytes free

Post-Run: 61,223,018,496 bytes free

.

- - End Of File - - D1ABBF2DB7DCC7AC04B9C78D90AF5330

Share this post


Link to post
Share on other sites

oops.. I forgot to add the tdsskiller log since it didn't catch anything... here's that log too:

 

11:59:21.0995 5840 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01

11:59:22.0495 5840 ============================================================

11:59:22.0495 5840 Current date / time: 2011/10/31 11:59:22.0495

11:59:22.0495 5840 SystemInfo:

11:59:22.0495 5840

11:59:22.0496 5840 OS Version: 6.0.6002 ServicePack: 2.0

11:59:22.0496 5840 Product type: Workstation

11:59:22.0496 5840 ComputerName: SILENTBUTDEADLY

11:59:22.0496 5840 UserName: Dimitri

11:59:22.0496 5840 Windows directory: C:\Windows

11:59:22.0496 5840 System windows directory: C:\Windows

11:59:22.0496 5840 Running under WOW64

11:59:22.0496 5840 Processor architecture: Intel x64

11:59:22.0496 5840 Number of processors: 2

11:59:22.0496 5840 Page size: 0x1000

11:59:22.0496 5840 Boot type: Normal boot

11:59:22.0496 5840 ============================================================

11:59:23.0833 5840 Initialize success

11:59:30.0801 5892 ============================================================

11:59:30.0801 5892 Scan started

11:59:30.0801 5892 Mode: Manual; SigCheck; TDLFS;

11:59:30.0801 5892 ============================================================

11:59:31.0794 5892 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys

11:59:31.0872 5892 ACPI - ok

11:59:31.0910 5892 adfs (d44bcaf639e4e45307c2bc80715273d5) C:\Windows\system32\drivers\adfs.sys

11:59:31.0939 5892 adfs - ok

11:59:32.0008 5892 adp94xx (9137451d37ba1c325cd6c2def3d2d692) C:\Windows\system32\drivers\adp94xx.sys

11:59:32.0024 5892 adp94xx - ok

11:59:32.0087 5892 adpahci (01f80898df5cc7df19b3b11351846263) C:\Windows\system32\drivers\adpahci.sys

11:59:32.0100 5892 adpahci - ok

11:59:32.0149 5892 adpu160m (da001db13fff45dfe9109936e265b7cc) C:\Windows\system32\drivers\adpu160m.sys

11:59:32.0158 5892 adpu160m - ok

11:59:32.0174 5892 adpu320 (2b10c35c5b7c5c0c28f572e035319602) C:\Windows\system32\drivers\adpu320.sys

11:59:32.0183 5892 adpu320 - ok

11:59:32.0242 5892 AFD (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys

11:59:32.0291 5892 AFD - ok

11:59:32.0332 5892 agp440 (5ccdd13bc602ae33cd8b62d33c29ab72) C:\Windows\system32\drivers\agp440.sys

11:59:32.0339 5892 agp440 - ok

11:59:32.0386 5892 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys

11:59:32.0394 5892 aic78xx - ok

11:59:32.0412 5892 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys

11:59:32.0419 5892 aliide - ok

11:59:32.0432 5892 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys

11:59:32.0441 5892 amdide - ok

11:59:32.0454 5892 AmdK8 (de55dc52f7ceb89a967572d6b491ada2) C:\Windows\system32\drivers\amdk8.sys

11:59:32.0511 5892 AmdK8 - ok

11:59:32.0540 5892 arc (2e8623f2fed998a97129a3db919551c8) C:\Windows\system32\drivers\arc.sys

11:59:32.0548 5892 arc - ok

11:59:32.0559 5892 arcsas (741a003c041a3ec480a2e71af71e9654) C:\Windows\system32\drivers\arcsas.sys

11:59:32.0567 5892 arcsas - ok

11:59:32.0569 5892 AsIO - ok

11:59:32.0617 5892 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys

11:59:32.0679 5892 AsyncMac - ok

11:59:32.0714 5892 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys

11:59:32.0722 5892 atapi - ok

11:59:32.0746 5892 Beep - ok

11:59:32.0759 5892 blbdrive - ok

11:59:32.0792 5892 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys

11:59:32.0836 5892 bowser - ok

11:59:32.0856 5892 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys

11:59:32.0890 5892 BrFiltLo - ok

11:59:32.0911 5892 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys

11:59:32.0929 5892 BrFiltUp - ok

11:59:32.0951 5892 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys

11:59:32.0991 5892 Brserid - ok

11:59:33.0009 5892 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys

11:59:33.0068 5892 BrSerWdm - ok

11:59:33.0088 5892 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys

11:59:33.0140 5892 BrUsbMdm - ok

11:59:33.0166 5892 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys

11:59:33.0221 5892 BrUsbSer - ok

11:59:33.0241 5892 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys

11:59:33.0281 5892 BTHMODEM - ok

11:59:33.0302 5892 catchme - ok

11:59:33.0333 5892 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys

11:59:33.0360 5892 cdfs - ok

11:59:33.0398 5892 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys

11:59:33.0417 5892 cdrom - ok

11:59:33.0439 5892 circlass (f28f00596824058bc61d5edf434c9b82) C:\Windows\system32\drivers\circlass.sys

11:59:33.0496 5892 circlass - ok

11:59:33.0538 5892 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys

11:59:33.0555 5892 CLFS - ok

11:59:33.0579 5892 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys

11:59:33.0587 5892 cmdide - ok

11:59:33.0616 5892 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys

11:59:33.0624 5892 Compbatt - ok

11:59:33.0659 5892 cpuz135 (ccb09eb78e047c931708149992c2e435) C:\Windows\system32\drivers\cpuz135_x64.sys

11:59:33.0666 5892 cpuz135 - ok

11:59:33.0674 5892 crcdisk (b1192dcd5b9cf46beed0e2a9e5bcf59a) C:\Windows\system32\drivers\crcdisk.sys

11:59:33.0683 5892 crcdisk - ok

11:59:33.0731 5892 CSC (f60f50c8ed3fcbe358430b95fe27d09c) C:\Windows\system32\drivers\csc.sys

11:59:33.0773 5892 CSC - ok

11:59:33.0817 5892 CT20XUT (229e3b8f266abdafd54e4a372b9d5ddc) C:\Windows\system32\drivers\CT20XUT.SYS

11:59:33.0828 5892 CT20XUT - ok

11:59:33.0835 5892 CT20XUT.DLL - ok

11:59:33.0859 5892 CT20XUT.SYS (229e3b8f266abdafd54e4a372b9d5ddc) C:\Windows\System32\drivers\CT20XUT.SYS

11:59:33.0866 5892 CT20XUT.SYS - ok

11:59:33.0914 5892 ctac32k (eb3843a91a10150c9e05607cbcb44090) C:\Windows\system32\drivers\ctac32k.sys

11:59:33.0939 5892 ctac32k - ok

11:59:33.0975 5892 ctaud2k (bc06efb59a2316537765462dfe40f764) C:\Windows\system32\drivers\ctaud2k.sys

11:59:34.0039 5892 ctaud2k - ok

11:59:34.0125 5892 CTEXFIFX (63b2b6ce9d3ef182981fb64bd5433da4) C:\Windows\system32\drivers\CTEXFIFX.SYS

11:59:34.0262 5892 CTEXFIFX - ok

11:59:34.0270 5892 CTEXFIFX.DLL - ok

11:59:34.0311 5892 CTEXFIFX.SYS (63b2b6ce9d3ef182981fb64bd5433da4) C:\Windows\System32\drivers\CTEXFIFX.SYS

11:59:34.0358 5892 CTEXFIFX.SYS - ok

11:59:34.0393 5892 CTHWIUT (6d115cc80873b85fd80dda1c41f75a2c) C:\Windows\system32\drivers\CTHWIUT.SYS

11:59:34.0400 5892 CTHWIUT - ok

11:59:34.0407 5892 CTHWIUT.DLL - ok

11:59:34.0418 5892 CTHWIUT.SYS (6d115cc80873b85fd80dda1c41f75a2c) C:\Windows\System32\drivers\CTHWIUT.SYS

11:59:34.0425 5892 CTHWIUT.SYS - ok

11:59:34.0469 5892 ctprxy2k (ebc9548ef5838cb5aa8f18b3ac28af12) C:\Windows\system32\drivers\ctprxy2k.sys

11:59:34.0475 5892 ctprxy2k - ok

11:59:34.0524 5892 ctsfm2k (459bee1682121842285c162e2d98d81a) C:\Windows\system32\drivers\ctsfm2k.sys

11:59:34.0534 5892 ctsfm2k - ok

11:59:34.0593 5892 dc3d (23d4b856725f5fc3c4f410c150ab107b) C:\Windows\system32\DRIVERS\dc3d.sys

11:59:34.0601 5892 dc3d - ok

11:59:34.0664 5892 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys

11:59:34.0702 5892 DfsC - ok

11:59:34.0728 5892 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys

11:59:34.0737 5892 disk - ok

11:59:34.0767 5892 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys

11:59:34.0795 5892 drmkaud - ok

11:59:34.0849 5892 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys

11:59:34.0873 5892 DXGKrnl - ok

11:59:34.0933 5892 E1G60 (d57fe09b575545738a73a0c193d0616a) C:\Windows\system32\DRIVERS\E1G6032E.sys

11:59:34.0991 5892 E1G60 - ok

11:59:35.0035 5892 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys

11:59:35.0046 5892 Ecache - ok

11:59:35.0088 5892 elxstor (3d6298aff3fe06c0616ce5d090a3eeaa) C:\Windows\system32\drivers\elxstor.sys

11:59:35.0127 5892 elxstor - ok

11:59:35.0184 5892 emupia (c26133b6165928fbd156c6fe570f9ed2) C:\Windows\system32\drivers\emupia2k.sys

11:59:35.0192 5892 emupia - ok

11:59:35.0249 5892 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys

11:59:35.0286 5892 exfat - ok

11:59:35.0327 5892 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys

11:59:35.0348 5892 fastfat - ok

11:59:35.0377 5892 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys

11:59:35.0403 5892 fdc - ok

11:59:35.0433 5892 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys

11:59:35.0442 5892 FileInfo - ok

11:59:35.0472 5892 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys

11:59:35.0514 5892 Filetrace - ok

11:59:35.0538 5892 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

11:59:35.0565 5892 flpydisk - ok

11:59:35.0613 5892 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys

11:59:35.0627 5892 FltMgr - ok

11:59:35.0675 5892 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys

11:59:35.0693 5892 Fs_Rec - ok

11:59:35.0858 5892 fvevol (849e38db7d829962d0233a0a252b60c3) C:\Windows\system32\DRIVERS\fvevol.sys

11:59:35.0911 5892 fvevol - ok

11:59:36.0023 5892 gagp30kx (b54520cc7b4b55134d7527b1cd3fc1f2) C:\Windows\system32\drivers\gagp30kx.sys

11:59:36.0060 5892 gagp30kx - ok

11:59:36.0133 5892 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

11:59:36.0139 5892 GEARAspiWDM - ok

11:59:36.0210 5892 ha20x2k (a3f010d5dbfb589a3b3288c05c2ea3f9) C:\Windows\system32\drivers\ha20x2k.sys

11:59:36.0337 5892 ha20x2k - ok

11:59:36.0410 5892 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys

11:59:36.0449 5892 HdAudAddService - ok

11:59:36.0500 5892 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys

11:59:36.0597 5892 HDAudBus - ok

11:59:36.0646 5892 HidBatt (68214c82fa6222591873677a72df2a66) C:\Windows\system32\DRIVERS\HidBatt.sys

11:59:36.0672 5892 HidBatt - ok

11:59:36.0743 5892 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys

11:59:36.0797 5892 HidBth - ok

11:59:36.0819 5892 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys

11:59:36.0891 5892 HidIr - ok

11:59:36.0912 5892 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys

11:59:36.0948 5892 HidUsb - ok

11:59:36.0976 5892 HpCISSs (8edc820115df1e04763b2923676ea5b2) C:\Windows\system32\drivers\hpcisss.sys

11:59:36.0984 5892 HpCISSs - ok

11:59:37.0043 5892 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys

11:59:37.0162 5892 HTTP - ok

11:59:37.0179 5892 i2omp (f2901763845570ecac48e6a50ec50812) C:\Windows\system32\drivers\i2omp.sys

11:59:37.0188 5892 i2omp - ok

11:59:37.0254 5892 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys

11:59:37.0286 5892 i8042prt - ok

11:59:37.0317 5892 iaStorV (72c3ee7ea3cd75a772e62ae0e5df8b8c) C:\Windows\system32\drivers\iastorv.sys

11:59:37.0331 5892 iaStorV - ok

11:59:37.0352 5892 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys

11:59:37.0360 5892 iirsp - ok

11:59:37.0406 5892 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys

11:59:37.0413 5892 intelide - ok

11:59:37.0453 5892 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys

11:59:37.0491 5892 intelppm - ok

11:59:37.0540 5892 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys

11:59:37.0575 5892 IpFilterDriver - ok

11:59:37.0584 5892 IpInIp - ok

11:59:37.0610 5892 IPMIDRV (eacdbbe429c6d170bdeee0effcbc317b) C:\Windows\system32\drivers\ipmidrv.sys

11:59:37.0650 5892 IPMIDRV - ok

11:59:37.0698 5892 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys

11:59:37.0739 5892 IPNAT - ok

11:59:37.0788 5892 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys

11:59:37.0814 5892 IRENUM - ok

11:59:37.0832 5892 isapnp (d3bb520b31f28c1a065cd058e762ee73) C:\Windows\system32\drivers\isapnp.sys

11:59:37.0840 5892 isapnp - ok

11:59:37.0890 5892 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys

11:59:37.0900 5892 iScsiPrt - ok

11:59:37.0919 5892 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys

11:59:37.0928 5892 iteatapi - ok

11:59:37.0947 5892 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys

11:59:37.0955 5892 iteraid - ok

11:59:38.0001 5892 JGOGO (7ff7db8466da74da7ad64a55f31221f6) C:\Windows\system32\DRIVERS\JGOGO.sys

11:59:38.0032 5892 JGOGO - ok

11:59:38.0074 5892 JRAID (79a55e8907f34ab569029505418c35ef) C:\Windows\system32\DRIVERS\jraid.sys

11:59:38.0083 5892 JRAID - ok

11:59:38.0099 5892 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys

11:59:38.0107 5892 kbdclass - ok

11:59:38.0128 5892 kbdhid (2b08052372c1f0dffc31cdd6e5abc4b5) C:\Windows\system32\drivers\kbdhid.sys

11:59:38.0183 5892 kbdhid - ok

11:59:38.0229 5892 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys

11:59:38.0267 5892 KSecDD - ok

11:59:38.0322 5892 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys

11:59:38.0364 5892 ksthunk - ok

11:59:38.0405 5892 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys

11:59:38.0447 5892 lltdio - ok

11:59:38.0480 5892 LSI_FC (1572f8d999c0ab4376afdce058a78df9) C:\Windows\system32\drivers\lsi_fc.sys

11:59:38.0489 5892 LSI_FC - ok

11:59:38.0509 5892 LSI_SAS (64470979c3e3c9ff60edfb5230c56e0e) C:\Windows\system32\drivers\lsi_sas.sys

11:59:38.0518 5892 LSI_SAS - ok

11:59:38.0566 5892 LSI_SCSI (4ced7d3b54bfc5bbae75c4a73c7f7428) C:\Windows\system32\drivers\lsi_scsi.sys

11:59:38.0575 5892 LSI_SCSI - ok

11:59:38.0600 5892 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys

11:59:38.0639 5892 luafv - ok

11:59:38.0663 5892 megasas (2f631c2939d5f2e8958935ee701d70d7) C:\Windows\system32\drivers\megasas.sys

11:59:38.0670 5892 megasas - ok

11:59:38.0720 5892 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys

11:59:38.0761 5892 Modem - ok

11:59:38.0800 5892 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys

11:59:38.0841 5892 monitor - ok

11:59:38.0876 5892 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys

11:59:38.0884 5892 mouclass - ok

11:59:38.0895 5892 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys

11:59:38.0937 5892 mouhid - ok

11:59:38.0976 5892 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys

11:59:38.0985 5892 MountMgr - ok

11:59:39.0025 5892 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys

11:59:39.0036 5892 MpFilter - ok

11:59:39.0060 5892 mpio (ed48eac719ee28db773359eb1b06e2b5) C:\Windows\system32\drivers\mpio.sys

11:59:39.0070 5892 mpio - ok

11:59:39.0119 5892 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys

11:59:39.0126 5892 MpNWMon - ok

11:59:39.0166 5892 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys

11:59:39.0195 5892 mpsdrv - ok

11:59:39.0222 5892 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys

11:59:39.0233 5892 Mraid35x - ok

11:59:39.0300 5892 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys

11:59:39.0349 5892 MRxDAV - ok

11:59:39.0424 5892 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys

11:59:39.0448 5892 mrxsmb - ok

11:59:39.0496 5892 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys

11:59:39.0510 5892 mrxsmb10 - ok

11:59:39.0519 5892 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys

11:59:39.0530 5892 mrxsmb20 - ok

11:59:39.0567 5892 msahci (aa459f2ab3ab603c357ff117cae3d818) C:\Windows\system32\DRIVERS\msahci.sys

11:59:39.0575 5892 msahci - ok

11:59:39.0596 5892 msdsm (96d7c0a1b98434c6e4ff0c2e26a0e20a) C:\Windows\system32\drivers\msdsm.sys

11:59:39.0606 5892 msdsm - ok

11:59:39.0664 5892 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys

11:59:39.0706 5892 Msfs - ok

11:59:39.0741 5892 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys

11:59:39.0748 5892 msisadrv - ok

11:59:39.0787 5892 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys

11:59:39.0814 5892 MSKSSRV - ok

11:59:39.0827 5892 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys

11:59:39.0873 5892 MSPCLOCK - ok

11:59:39.0882 5892 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys

11:59:39.0915 5892 MSPQM - ok

11:59:39.0957 5892 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys

11:59:39.0970 5892 MsRPC - ok

11:59:39.0987 5892 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys

11:59:39.0994 5892 mssmbios - ok

11:59:40.0023 5892 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys

11:59:40.0060 5892 MSTEE - ok

11:59:40.0096 5892 MTsensor (6936198f2cc25b39cf5262436c80df46) C:\Windows\system32\DRIVERS\ASACPI.sys

11:59:40.0103 5892 MTsensor - ok

11:59:40.0116 5892 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys

11:59:40.0124 5892 Mup - ok

11:59:40.0172 5892 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys

11:59:40.0202 5892 NativeWifiP - ok

11:59:40.0251 5892 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys

11:59:40.0293 5892 NDIS - ok

11:59:40.0329 5892 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys

11:59:40.0362 5892 NdisTapi - ok

11:59:40.0419 5892 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys

11:59:40.0444 5892 Ndisuio - ok

11:59:40.0494 5892 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys

11:59:40.0527 5892 NdisWan - ok

11:59:40.0579 5892 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys

11:59:40.0598 5892 NDProxy - ok

11:59:40.0607 5892 NDSPCIIO - ok

11:59:40.0649 5892 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys

11:59:40.0676 5892 NetBIOS - ok

11:59:40.0734 5892 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys

11:59:40.0756 5892 netbt - ok

11:59:40.0810 5892 networx (b7d5310bdf435ab01d6300f1a7e1330c) C:\Windows\system32\drivers\networx.sys

11:59:40.0822 5892 networx - ok

11:59:40.0868 5892 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys

11:59:40.0877 5892 nfrd960 - ok

11:59:40.0926 5892 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

11:59:40.0951 5892 NisDrv - ok

11:59:40.0979 5892 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys

11:59:41.0012 5892 Npfs - ok

11:59:41.0058 5892 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys

11:59:41.0098 5892 nsiproxy - ok

11:59:41.0173 5892 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys

11:59:41.0231 5892 Ntfs - ok

11:59:41.0277 5892 NuidFltr (4c08a14d04e62963e96e0bb57bbc953b) C:\Windows\system32\DRIVERS\NuidFltr.sys

11:59:41.0284 5892 NuidFltr - ok

11:59:41.0297 5892 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys

11:59:41.0325 5892 Null - ok

11:59:41.0595 5892 nvlddmkm (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys

11:59:43.0314 5892 nvlddmkm - ok

11:59:43.0471 5892 nvraid (840eeb44dc49317a6161961f7682cd99) C:\Windows\system32\drivers\nvraid.sys

11:59:43.0480 5892 nvraid - ok

11:59:43.0520 5892 nvstor (94c5334040a5d500897f4c5fd12aeede) C:\Windows\system32\drivers\nvstor.sys

11:59:43.0528 5892 nvstor - ok

11:59:43.0644 5892 nv_agp (aa1b6c86a4763502e20b65c025f39bad) C:\Windows\system32\drivers\nv_agp.sys

11:59:43.0654 5892 nv_agp - ok

11:59:43.0662 5892 NwlnkFlt - ok

11:59:43.0671 5892 NwlnkFwd - ok

11:59:43.0748 5892 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys

11:59:43.0780 5892 ohci1394 - ok

11:59:43.0914 5892 ossrv (0e2de427ebe106e7e5b52869d5c99f68) C:\Windows\system32\drivers\ctoss2k.sys

11:59:43.0923 5892 ossrv - ok

11:59:44.0002 5892 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys

11:59:44.0059 5892 Parport - ok

11:59:44.0107 5892 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys

11:59:44.0116 5892 partmgr - ok

11:59:44.0134 5892 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys

11:59:44.0145 5892 pci - ok

11:59:44.0159 5892 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys

11:59:44.0167 5892 pciide - ok

11:59:44.0192 5892 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys

11:59:44.0204 5892 pcmcia - ok

11:59:44.0235 5892 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys

11:59:44.0358 5892 PEAUTH - ok

11:59:44.0412 5892 Point64 (b23f79e41e30ed500586151a9ef27d8f) C:\Windows\system32\DRIVERS\point64.sys

11:59:44.0419 5892 Point64 - ok

11:59:44.0479 5892 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys

11:59:44.0509 5892 PptpMiniport - ok

11:59:44.0533 5892 Processor (6bc78e5f12cbb74e7930aaaa4a0db387) C:\Windows\system32\drivers\processr.sys

11:59:44.0585 5892 Processor - ok

11:59:44.0627 5892 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys

11:59:44.0646 5892 PSched - ok

11:59:44.0679 5892 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys

11:59:44.0685 5892 PSI - ok

11:59:44.0724 5892 PSSDK42 (cd33cb6fecf65520466f95ab89cc4af5) C:\Windows\system32\drivers\PSSDK42.sys

11:59:44.0731 5892 PSSDK42 - ok

11:59:44.0775 5892 ql2300 (4a29d25704917161bad9b4659a248dfd) C:\Windows\system32\drivers\ql2300.sys

11:59:44.0857 5892 ql2300 - ok

11:59:45.0062 5892 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys

11:59:45.0072 5892 ql40xx - ok

11:59:45.0220 5892 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys

11:59:45.0249 5892 QWAVEdrv - ok

11:59:45.0288 5892 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys

11:59:45.0314 5892 RasAcd - ok

11:59:45.0362 5892 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys

11:59:45.0396 5892 Rasl2tp - ok

11:59:45.0422 5892 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys

11:59:45.0441 5892 RasPppoe - ok

11:59:45.0467 5892 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys

11:59:45.0495 5892 RasSstp - ok

11:59:45.0532 5892 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys

11:59:45.0569 5892 rdbss - ok

11:59:45.0604 5892 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys

11:59:45.0630 5892 RDPCDD - ok

11:59:45.0662 5892 rdpdr (ae23e79b13feb62939e2ca1189e71735) C:\Windows\system32\DRIVERS\rdpdr.sys

11:59:45.0702 5892 rdpdr - ok

11:59:45.0711 5892 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys

11:59:45.0736 5892 RDPENCDD - ok

11:59:45.0763 5892 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys

11:59:45.0796 5892 RDPWD - ok

11:59:45.0848 5892 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys

11:59:45.0876 5892 rspndr - ok

11:59:46.0006 5892 SANDRA (5efbbfcc6adac121c8e2fe76641ed329) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1a\WNt500x64\Sandra.sys

11:59:46.0012 5892 SANDRA - ok

11:59:46.0036 5892 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys

11:59:46.0046 5892 sbp2port - ok

11:59:46.0078 5892 SBRE (575afb2909d1a7f0dc4396c6025a98a5) C:\Windows\system32\drivers\SBREdrv.sys

11:59:46.0085 5892 SBRE - ok

11:59:46.0110 5892 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

11:59:46.0164 5892 secdrv - ok

11:59:46.0247 5892 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys

11:59:46.0275 5892 Serenum - ok

11:59:46.0298 5892 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys

11:59:46.0342 5892 Serial - ok

11:59:46.0386 5892 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys

11:59:46.0412 5892 sermouse - ok

11:59:46.0439 5892 sffdisk (541b32f8d6b2dcb92ec43bab267e79ea) C:\Windows\system32\drivers\sffdisk.sys

11:59:46.0495 5892 sffdisk - ok

11:59:46.0517 5892 sffp_mmc (446e7cca3325c7e0ae0fde7f73cdd9c2) C:\Windows\system32\drivers\sffp_mmc.sys

11:59:46.0557 5892 sffp_mmc - ok

11:59:46.0572 5892 sffp_sd (67edc221348911e895af51c57d9a3725) C:\Windows\system32\drivers\sffp_sd.sys

11:59:46.0612 5892 sffp_sd - ok

11:59:46.0624 5892 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys

11:59:46.0677 5892 sfloppy - ok

11:59:46.0701 5892 SGHIDI (fde6dbe319f8f00ab3f540a87907234d) C:\Windows\system32\drivers\tgimonx64.sys

11:59:46.0742 5892 SGHIDI - ok

11:59:46.0761 5892 SiSRaid2 (08dda16573fa44f8b13afe74597ad2e5) C:\Windows\system32\drivers\sisraid2.sys

11:59:46.0769 5892 SiSRaid2 - ok

11:59:46.0813 5892 SiSRaid4 (c52259e9daaf3890d572d87ffee0979e) C:\Windows\system32\drivers\sisraid4.sys

11:59:46.0822 5892 SiSRaid4 - ok

11:59:46.0875 5892 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys

11:59:46.0894 5892 Smb - ok

11:59:46.0939 5892 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys

11:59:46.0947 5892 spldr - ok

11:59:46.0956 5892 sptd - ok

11:59:47.0004 5892 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys

11:59:47.0048 5892 srv - ok

11:59:47.0092 5892 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys

11:59:47.0136 5892 srv2 - ok

11:59:47.0181 5892 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys

11:59:47.0202 5892 srvnet - ok

11:59:47.0256 5892 SWDUMon (0cd5e2c59264fad184685d2a61ad8473) C:\Windows\system32\DRIVERS\SWDUMon.sys

11:59:47.0264 5892 SWDUMon - ok

11:59:47.0282 5892 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys

11:59:47.0290 5892 swenum - ok

11:59:47.0311 5892 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys

11:59:47.0320 5892 Symc8xx - ok

11:59:47.0337 5892 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys

11:59:47.0345 5892 Sym_hi - ok

11:59:47.0360 5892 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys

11:59:47.0368 5892 Sym_u3 - ok

11:59:47.0440 5892 Tcpip (19a7321e3a5f1ddb215d2815dcc8f8e4) C:\Windows\system32\drivers\tcpip.sys

11:59:47.0561 5892 Tcpip - ok

11:59:47.0601 5892 Tcpip6 (19a7321e3a5f1ddb215d2815dcc8f8e4) C:\Windows\system32\DRIVERS\tcpip.sys

11:59:47.0704 5892 Tcpip6 - ok

11:59:47.0749 5892 tcpipreg (2aa1b7ebc271e995f3358c1fa7a1d35b) C:\Windows\system32\drivers\tcpipreg.sys

11:59:47.0772 5892 tcpipreg - ok

11:59:47.0816 5892 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys

11:59:47.0855 5892 TDPIPE - ok

11:59:47.0895 5892 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys

11:59:47.0937 5892 TDTCP - ok

11:59:48.0020 5892 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys

11:59:48.0055 5892 tdx - ok

11:59:48.0094 5892 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys

11:59:48.0103 5892 TermDD - ok

11:59:48.0152 5892 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys

11:59:48.0196 5892 tssecsrv - ok

11:59:48.0234 5892 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys

11:59:48.0267 5892 tunmp - ok

11:59:48.0306 5892 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys

11:59:48.0327 5892 tunnel - ok

11:59:48.0412 5892 TVICHW64 (1a006963644c7fde5be60036f3a43e68) C:\Windows\SysWOW64\Drivers\TVICHW64.SYS

11:59:48.0419 5892 TVICHW64 - ok

11:59:48.0463 5892 uagp35 (e4722dfbd6232acf17543ef2c2dce8d2) C:\Windows\system32\drivers\uagp35.sys

11:59:48.0471 5892 uagp35 - ok

11:59:48.0520 5892 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys

11:59:48.0543 5892 udfs - ok

11:59:48.0565 5892 uliagpkx (5663d7696abbe71f8c9d915c5374118a) C:\Windows\system32\drivers\uliagpkx.sys

11:59:48.0574 5892 uliagpkx - ok

11:59:48.0594 5892 uliahci (6030b68e86a30d1b315b51c4d7778b16) C:\Windows\system32\drivers\uliahci.sys

11:59:48.0607 5892 uliahci - ok

11:59:48.0625 5892 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys

11:59:48.0635 5892 UlSata - ok

11:59:48.0656 5892 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys

11:59:48.0667 5892 ulsata2 - ok

11:59:48.0697 5892 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys

11:59:48.0736 5892 umbus - ok

11:59:48.0774 5892 usbccgp (66627c6008319def7909f21fb75a8991) C:\Windows\system32\drivers\usbccgp.sys

11:59:48.0816 5892 usbccgp - ok

11:59:48.0832 5892 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys

11:59:48.0892 5892 usbcir - ok

11:59:48.0932 5892 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys

11:59:48.0950 5892 usbehci - ok

11:59:48.0975 5892 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys

11:59:48.0999 5892 usbhub - ok

11:59:49.0022 5892 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys

11:59:49.0080 5892 usbohci - ok

11:59:49.0118 5892 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys

11:59:49.0162 5892 usbprint - ok

11:59:49.0203 5892 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS

11:59:49.0236 5892 USBSTOR - ok

11:59:49.0297 5892 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys

11:59:49.0315 5892 usbuhci - ok

11:59:49.0341 5892 USTOR2K (446dfcd93349a44043f1902468bbafc0) C:\Windows\system32\DRIVERS\ustor2k.sys

11:59:49.0380 5892 USTOR2K - ok

11:59:49.0400 5892 vga (2998dc48905e9b4821ad8fd75b3e070c) C:\Windows\system32\DRIVERS\vgapnp.sys

11:59:49.0441 5892 vga - ok

11:59:49.0489 5892 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys

11:59:49.0515 5892 VgaSave - ok

11:59:49.0533 5892 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys

11:59:49.0541 5892 viaide - ok

11:59:49.0581 5892 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys

11:59:49.0590 5892 volmgr - ok

11:59:49.0653 5892 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys

11:59:49.0670 5892 volmgrx - ok

11:59:49.0702 5892 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys

11:59:49.0715 5892 volsnap - ok

11:59:49.0743 5892 vsmraid (410ae2c141142c58bc617fc2c677f8b0) C:\Windows\system32\drivers\vsmraid.sys

11:59:49.0752 5892 vsmraid - ok

11:59:49.0772 5892 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys

11:59:49.0827 5892 WacomPen - ok

11:59:49.0871 5892 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys

11:59:49.0901 5892 Wanarp - ok

11:59:49.0904 5892 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys

11:59:49.0923 5892 Wanarpv6 - ok

11:59:49.0956 5892 Wd (59b501b0a04c9672142b7ffa2bdbf663) C:\Windows\system32\drivers\wd.sys

11:59:49.0964 5892 Wd - ok

11:59:50.0031 5892 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

11:59:50.0076 5892 Wdf01000 - ok

11:59:50.0115 5892 WinUsb (7f2f9e48566b2087f2aaad258cb2a8d4) C:\Windows\system32\DRIVERS\WinUSB.sys

11:59:50.0133 5892 WinUsb - ok

11:59:50.0154 5892 WmiAcpi (ae34218455d5dc12d1e45de85f160346) C:\Windows\system32\drivers\wmiacpi.sys

11:59:50.0194 5892 WmiAcpi - ok

11:59:50.0230 5892 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys

11:59:50.0259 5892 WpdUsb - ok

11:59:50.0300 5892 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys

11:59:50.0326 5892 ws2ifsl - ok

11:59:50.0380 5892 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys

11:59:50.0407 5892 WUDFRd - ok

11:59:50.0460 5892 yukonx64 (54f02c6e9d72b2a6166e018c76517be9) C:\Windows\system32\DRIVERS\yk60x64.sys

11:59:50.0489 5892 yukonx64 - ok

11:59:50.0499 5892 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk2\DR2

11:59:50.0996 5892 \Device\Harddisk2\DR2 - ok

11:59:51.0003 5892 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

11:59:51.0062 5892 \Device\Harddisk0\DR0 - ok

11:59:51.0065 5892 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1

11:59:51.0126 5892 \Device\Harddisk1\DR1 - ok

11:59:51.0130 5892 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk3\DR3

11:59:51.0265 5892 \Device\Harddisk3\DR3 - ok

11:59:51.0268 5892 Boot (0x1200) (b1e27aa018409de6bfd73f8afb883a65) \Device\Harddisk2\DR2\Partition0

11:59:51.0268 5892 \Device\Harddisk2\DR2\Partition0 - ok

11:59:51.0271 5892 Boot (0x1200) (58f795d3b5e984d3aecf9dba320d2fe2) \Device\Harddisk2\DR2\Partition1

11:59:51.0272 5892 \Device\Harddisk2\DR2\Partition1 - ok

11:59:51.0275 5892 Boot (0x1200) (4c40f6ad72dbab24c3e5e5b83f10fb9e) \Device\Harddisk0\DR0\Partition0

11:59:51.0276 5892 \Device\Harddisk0\DR0\Partition0 - ok

11:59:51.0278 5892 Boot (0x1200) (d081c0bc43270d0009b266e9a441c76e) \Device\Harddisk1\DR1\Partition0

11:59:51.0279 5892 \Device\Harddisk1\DR1\Partition0 - ok

11:59:51.0282 5892 Boot (0x1200) (bc29d274480b5419745f7ffa318abee2) \Device\Harddisk3\DR3\Partition0

11:59:51.0283 5892 \Device\Harddisk3\DR3\Partition0 - ok

11:59:51.0283 5892 ============================================================

11:59:51.0284 5892 Scan finished

11:59:51.0284 5892 ============================================================

11:59:51.0292 4896 Detected object count: 0

11:59:51.0292 4896 Actual detected object count: 0

Share this post


Link to post
Share on other sites

Chrome is much better than Firefox (my opinion).

 

ComboFix made quite a few changes. Are you still getting the freezes and can you see any pattern at all? For instance, mostly when doing media listening or watching?

 

And again - what is the brand of PC? Often the most useful information will be at the manufacturer's website or forum.

Share this post


Link to post
Share on other sites

I just did the fix, but if I notice any freezes or pattern to them, I'll definitely post... One thing I did have to do is run Combofix twice as suggested as even a reboot didn't allow me to start Windows Defender.

 

As for brand of computer, I built this one from scratch: Asus Mobo, Mushkin memory, Zalman Fanless case, XFX Graphics card... it's been working pretty well 'til now.

 

Thanks!

Share this post


Link to post
Share on other sites

Thanks! :D ... I don't remember exactly when, but the past couple of weeks...

 

As for the overheating... I haven't moved anything, so nothing should've come loose plus I don't have any system warnings or noticed any speed throttling. I think I'm good in terms of thermal mass as that review is of the "little brother"... I have the TNN-500AF.

Share this post


Link to post
Share on other sites

DDS listed =============== Created Last 30 ================.

That shows everything that was added in the last 30 days. Nothing leaps to my eye, but see if you spot any likely suspects.

Share this post


Link to post
Share on other sites

Still puzzling then.

If it freezes again, make a note of what you were doing at the time and what applications were running.

 

Another far out thought: any large motors such as refrigerator near the PC? If necessary move it to a cool location away from all machinery. Have to admit it's unlikely that the location or neighbors of the PC changed..

Share this post


Link to post
Share on other sites

Due to the lack of feedback this Topic is closed.

 

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

 

Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0