Jump to content


Photo

Computer Randomly freezing


  • This topic is locked This topic is locked
14 replies to this topic

#1 DimitriK

DimitriK

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 28 October 2011 - 11:31 PM

Hi all,

My Windows Vista Ultimate 64-bit computer is freezing randomly and I hope someone here can help. Here is my HijackThis log... many, many thanks in advance.

Dimitri Katsaros


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:30:41 PM, on 10/28/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
C:\Program Files (x86)\SanDisk ImageMate\SanDisk Transfer Button.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files (x86)\Creative\Entertainment Center\EAXLoadr.exe
C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
C:\Program Files (x86)\ASUS\AI Suite\EnergySaving\PwSave.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HostsMan\hm.exe
C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [Module Loader] "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -StartUpRun
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files (x86)\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files (x86)\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] "C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe"
O4 - HKLM\..\Run: [ASUS Energy Saving] "C:\Program Files (x86)\ASUS\AI Suite\EnergySaving\PwSave.exe"
O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunesHelper.exe"
O4 - HKLM\..\Run: [SwitchBoard] "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [SanDisk Transfer Button] C:\Windows\system32\Starter.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Google Update] "C:\Users\Dimitri\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [HostsMan] "C:\Program Files (x86)\HostsMan\hm.exe" -s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3692413737-2501699460-3204623115-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3692413737-2501699460-3204623115-500\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Administrator')
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office10\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset...lineScanner.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{09CFFD12-193B-43C0-B06D-0688F27597A6}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{09CFFD12-193B-43C0-B06D-0688F27597A6}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{09CFFD12-193B-43C0-B06D-0688F27597A6}: NameServer = 8.8.8.8,8.8.4.4
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: APC PBE Agent (APCPBEAgent) - APC - C:\PROGRA~2\APC\POWERC~1\agent\pbeagent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cacheman Service (CachemanService) - Unknown owner - (no file)
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1a\RpcAgentSrv.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 15001 bytes

Edit: HijackThis is not able to understand 64-bit systems very well.
Please read the SpywareInfo Forum FAQ and post the other requested logs: MBAM, DDS, and Security Check. We need the information in order to help you

Edited by cnm, 29 October 2011 - 01:23 AM.


#2 DimitriK

DimitriK

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 29 October 2011 - 11:05 AM

As requested, here are the additional log files:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8039

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

10/29/2011 2:05:49 AM
mbam-log-2011-10-29 (02-05-49).txt

Scan type: Full scan (C:\|E:\|F:\|G:\|I:\|)
Objects scanned: 618334
Time elapsed: 1 hour(s), 54 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by Dimitri at 9:00:15 on 2011-10-29
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.4094.1121 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\PROGRA~2\APC\POWERC~1\agent\pbeagent.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\SanDisk ImageMate\SanDisk Transfer Button.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files (x86)\Creative\Entertainment Center\EAXLoadr.exe
C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\ASUS\AI Suite\EnergySaving\PwSave.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\HostsMan\hm.exe
C:\Program Files\NetWorx\networx.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\mobsync.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
uRun: [Google Update] "C:\Users\Dimitri\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [HostsMan] "C:\Program Files (x86)\HostsMan\hm.exe" -s
uRun: [AdobeBridge]
mRun: [VolPanel] "C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe" /r
mRun: [Module Loader] "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -StartUpRun
mRun: [AudioDrvEmulator] "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files (x86)\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
mRun: [Ai Nap] "C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe"
mRun: [CPU Power Monitor] "C:\Program Files (x86)\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe"
mRun: [Cpu Level Up help] "C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe"
mRun: [ASUS Energy Saving] "C:\Program Files (x86)\ASUS\AI Suite\EnergySaving\PwSave.exe"
mRun: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files\iTunesHelper.exe"
mRun: [SwitchBoard] "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce: [SanDisk Transfer Button] C:\Windows\system32\Starter.exe
mRunOnce: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office10\EXCEL.EXE/3000
Trusted Zone: intuit.com\ttlc
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{09CFFD12-193B-43C0-B06D-0688F27597A6} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{09CFFD12-193B-43C0-B06D-0688F27597A6} : DhcpNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{C57E12B7-26E4-46C2-B697-B65D358BC51C} : DhcpNameServer = 192.168.0.1
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO-X64: Search Helper - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB-X64: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB-X64: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [VolPanel] "C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe" /r
mRun-x64: [Module Loader] "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -StartUpRun
mRun-x64: [AudioDrvEmulator] "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files (x86)\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
mRun-x64: [Ai Nap] "C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe"
mRun-x64: [CPU Power Monitor] "C:\Program Files (x86)\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe"
mRun-x64: [Cpu Level Up help] "C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe"
mRun-x64: [ASUS Energy Saving] "C:\Program Files (x86)\ASUS\AI Suite\EnergySaving\PwSave.exe"
mRun-x64: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
mRun-x64: [CTxfiHlp] CTXFIHLP.EXE
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files\iTunesHelper.exe"
mRun-x64: [SwitchBoard] "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRunOnce-x64: [SanDisk Transfer Button] C:\Windows\system32\Starter.exe
mRunOnce-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\1onmqbbh.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - component: C:\Users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\1onmqbbh.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: C:\Users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\1onmqbbh.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - component: C:\Users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\1onmqbbh.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\FFExternalAlert.dll
FF - component: C:\Users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\1onmqbbh.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCore.dll
FF - component: C:\Users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\1onmqbbh.default\extensions\piclens@cooliris.com\components\cooliris.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\NOS\bin\np_gp.dll
FF - plugin: C:\Program Files\Mozilla Plugins\npitunes.dll
FF - plugin: C:\Users\Dimitri\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Users\Dimitri\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
FF - plugin: C:\Users\Dimitri\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Dimitri\AppData\Roaming\Mozilla\plugins\npcoolirisplugin.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 networx;networx;C:\Windows\system32\drivers\networx.sys --> C:\Windows\system32\drivers\networx.sys [?]
R1 SBRE;SBRE;\??\C:\Windows\system32\drivers\SBREdrv.sys --> C:\Windows\system32\drivers\SBREdrv.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 APCPBEAgent;APC PBE Agent;C:\PROGRA~2\APC\POWERC~1\agent\pbeagent.exe [2009-3-2 34104]
R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-10-29 21504]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-4-26 2214504]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-4-18 993848]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-4-18 399416]
R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]
R3 dc3d;MS Hardware Device Detection Driver;C:\Windows\system32\DRIVERS\dc3d.sys --> C:\Windows\system32\DRIVERS\dc3d.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 Point64;Microsoft IntelliPoint Filter Driver;C:\Windows\system32\DRIVERS\point64.sys --> C:\Windows\system32\DRIVERS\point64.sys [?]
R3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?]
R3 USTOR2K;Genesys USB Mass Storage Windows Driver;C:\Windows\system32\DRIVERS\ustor2k.sys --> C:\Windows\system32\DRIVERS\ustor2k.sys [?]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x64.sys --> C:\Windows\system32\DRIVERS\yk60x64.sys [?]
S2 CachemanService;Cacheman Service; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-14 136176]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2008-10-29 79360]
S3 CT20XUT;CT20XUT;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]
S3 CTEXFIFX;CTEXFIFX;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]
S3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]
S3 CTHWIUT;CTHWIUT;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-14 136176]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-10-29 19968]
S3 PSSDK42;PSSDK42;C:\Windows\system32\drivers\PSSDK42.sys --> C:\Windows\system32\drivers\PSSDK42.sys [?]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1a\RpcAgentSrv.exe [2011-3-31 93848]
S3 SWDUMon;SWDUMon;C:\Windows\system32\DRIVERS\SWDUMon.sys --> C:\Windows\system32\DRIVERS\SWDUMon.sys [?]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TVICHW64;TVICHW64;C:\Windows\SysWOW64\drivers\TVICHW64.SYS [2008-11-21 21200]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-6-9 89920]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.txt=GetDiz.TextFile
.
=============== Created Last 30 ================
.
2011-10-29 06:56:50 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-10-29 04:14:49 388096 ----a-r- C:\Users\Dimitri\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-10-29 03:35:22 -------- d-----w- C:\rei
2011-10-29 03:35:10 -------- d-----w- C:\Program Files\Reimage
2011-10-28 23:36:07 -------- d-----w- C:\Users\Dimitri\AppData\Roaming\Adobe Mini Bridge CS5.1
2011-10-28 23:35:53 -------- d-----w- C:\Users\Dimitri\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2011-10-28 05:08:37 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2E901717-F222-4824-8583-52DB8E63D58D}\offreg.dll
2011-10-28 05:07:52 8570192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2E901717-F222-4824-8583-52DB8E63D58D}\mpengine.dll
2011-10-21 17:41:43 -------- d-----w- C:\BDR206
2011-10-19 21:42:58 -------- d-----w- C:\Users\Dimitri\AppData\Roaming\AdobeSupportAdvisor.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
2011-10-19 21:42:56 -------- d-----w- C:\Program Files (x86)\Adobe Support Advisor
2011-10-17 17:09:03 -------- d-----w- C:\Program Files\Mozilla Plugins
2011-10-17 17:09:01 -------- d-----w- C:\Program Files\iTunesHelper.Resources
2011-10-17 17:05:11 -------- d-----w- C:\Program Files\iTunes.Resources
2011-10-17 17:05:09 -------- d-----w- C:\Program Files\iPod
2011-10-17 17:05:05 -------- d-----w- C:\Program Files\iTunes
2011-10-17 17:05:05 -------- d-----w- C:\Program Files\CD Configuration
2011-10-17 16:56:03 -------- d-----w- C:\Program Files\Bonjour
2011-10-17 03:05:40 -------- d-----w- C:\Program Files (x86)\Adobe Download Assistant
2011-10-17 00:41:42 -------- dc-h--w- C:\ProgramData\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2011-10-12 22:31:21 2764288 ----a-w- C:\Windows\System32\win32k.sys
2011-10-12 06:55:39 917840 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{29C6A2DF-DAC3-4F8A-9E59-7352D6470E70}\gapaengine.dll
2011-10-10 01:06:44 293736 ----a-w- C:\Program Files\iTunesOutlookAddIn.dll
2011-10-10 01:06:40 421736 ----a-w- C:\Program Files\iTunesHelper.exe
2011-10-10 01:06:40 403304 ----a-w- C:\Program Files\iTunesAdmin.dll
2011-10-10 01:06:40 156520 ----a-w- C:\Program Files\iTunesHelper.dll
2011-10-10 01:06:36 9777000 ----a-w- C:\Program Files\iTunes.exe
2011-10-10 01:06:32 20708712 ----a-w- C:\Program Files\iTunes.dll
2011-10-10 01:06:30 796520 ----a-w- C:\Program Files\gnsdk_sdkmanager.dll
2011-10-10 01:06:30 276328 ----a-w- C:\Program Files\gnsdk_submit.dll
2011-10-10 01:06:30 2152296 ----a-w- C:\Program Files\gnsdk_dsp.dll
2011-10-10 01:06:30 198504 ----a-w- C:\Program Files\gnsdk_musicid.dll
.
==================== Find3M ====================
.
2011-10-17 01:18:16 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-03 12:06:03 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-09-23 07:09:03 15672 ----a-w- C:\Windows\System32\drivers\SWDUMon.sys
2011-09-20 04:58:44 57480 ----a-w- C:\Windows\System32\drivers\networx.sys
2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll
2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-09-01 00:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-08-31 06:05:32 96104 ----a-w- C:\Windows\System32\dns-sd.exe
2011-08-31 06:05:32 85864 ----a-w- C:\Windows\System32\dnssd.dll
2011-08-31 06:05:04 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2011-08-31 06:05:04 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-08-25 16:20:38 735744 ----a-w- C:\Windows\System32\UIAutomationCore.dll
2011-08-25 16:19:32 847360 ----a-w- C:\Windows\System32\oleaut32.dll
2011-08-25 16:19:32 332288 ----a-w- C:\Windows\System32\oleacc.dll
2011-08-25 16:15:04 555520 ----a-w- C:\Windows\SysWow64\UIAutomationCore.dll
2011-08-25 16:14:01 563712 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-08-25 16:14:01 238080 ----a-w- C:\Windows\SysWow64\oleacc.dll
2011-08-25 13:54:14 4096 ----a-w- C:\Windows\System32\oleaccrc.dll
2011-08-25 13:31:01 4096 ----a-w- C:\Windows\SysWow64\oleaccrc.dll
2011-06-10 08:13:12 111904 ----a-w- C:\Program Files\ITDetector.ocx
.
============= FINISH: 9:01:13.42 ===============


Results of screen317's Security Check version 0.99.24
Windows Vista x64 (UAC is enabled)
Out of date service pack!!
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
Java™ 6 Update 29
Adobe Flash Player ( 10.3.183.10) Flash Player Out of Date!
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
Microsoft Security Client Antimalware MsMpEng.exe
Microsoft Security Client Antimalware NisSrv.exe
``````````End of Log````````````

#3 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,257 posts

Posted 29 October 2011 - 02:20 PM

The only thing I see that could cause freezes: you have more than 30 tabs open in Chrome. I've found that it is best not to have more than 20 open. Right-click a tab and select 'Close tabs to the right' is handy.

Aside from that, get Service Pack 1. Conceivably that will help solve the problem.

Or it could have to do with settings or hardware. What make and model of PC do you have? Belarc Advisor will provide a lot of info about your system. Please run it and copy the main information into your next reply.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#4 DimitriK

DimitriK

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 29 October 2011 - 08:53 PM

That was incorrectly reported, I actually do have SP2 installed... dunno why it said SP1... as for tabs, I've had many more open in the past... this freezing only started a few days ago. Here is the main section of the Belarc page... if you need more, please let me know... Thanks!

Operating System new – server roles System Model
Windows Vista Ultimate (x64) Service Pack 2 (build 6002)
Install Language: English (United States)
System Locale: English (United States)
Installed: 10/29/2008 12:33:06 AM No details available
Processor a Main Circuit Board b
2.67 gigahertz Intel Core 2 Duo
64 kilobyte primary memory cache
4096 kilobyte secondary memory cache
64-bit ready
Multi-core (2 total)
Not hyper-threaded Board: ASUSTeK Computer INC. P5B-Premium Rev 1.xx
Bus Clock: 400 megahertz
BIOS: American Megatrends Inc. 1001 02/22/2008
new USB Storage Use in past 30 Days (mouse over last used for details) new Hosted Virtual Machines (mouse over name for details)
Last Used
Generic STORAGE DEVICE -- drive 3, s/n 0300943333, rev 9312 10/29/2011 5:33:39 PM None discovered
Drives new – drive encryption Memory Modules c,d
4000.67 Gigabytes Usable Hard Drive Capacity
2595.15 Gigabytes Hard Drive Free Space

PIONEER BD-RW BDR-206 ATA Device [Optical drive]

Generic STORAGE DEVICE USB Device [Hard drive] (8.19 GB) -- drive 3
WDC WD30EZRS-11J99B0 [Hard drive] (3000.59 GB) -- drive 2, s/n WD-WMAWZ0022831, rev 80.00A80, SMART Status: Healthy
WDC WD5000AAKS-00TMA0 [Hard drive] (500.11 GB) -- drive 1, s/n WD-WMAPW1171537, rev 12.01C01, SMART Status: Healthy
WDC WD5000AAKS-00YGA0 [Hard drive] (500.11 GB) -- drive 0, s/n WD-WCAS80943798, rev 12.01C02, SMART Status: Healthy 4096 Megabytes Usable Installed Memory

Slot 'DIMM0' has 2048 MB
Slot 'DIMM1' is Empty
Slot 'DIMM2' has 2048 MB
Slot 'DIMM3' is Empty
Local Drive Volumes new – volume encryption

c: (NTFS on drive 0) * 500.11 GB 44.93 GB free
e: (NTFS on drive 1) 500.11 GB 58.41 GB free
g: (NTFS on drive 2) 3000.46 GB 2491.81 GB free

* Operating System is installed on c:
Network Drives
None discovered
Users (mouse over user name for details) Printers
local user accounts last logon
Administrator 10/12/2011 9:36:28 PM (admin)
Dimitri 10/29/2011 6:39:06 PM (admin)
UpdatusUser 10/29/2011 5:36:27 PM
local system accounts
Guest 10/21/2011 10:30:14 AM

Marks a disabled account; Marks a locked account

EPSON Stylus Pro 7800 on USB001
HP LaserJet 4250 PS on 192.168.0.197
HP Universal Printing PS on 192.168.0.197_1
Microsoft XPS Document Writer on XPSPort:
Controllers Display
ATA Channel 0 [Controller]
ATA Channel 1 [Controller]
IDE Channel [Controller] (4x)
Intel® ICH8 2 port Serial ATA Storage Controller - 2825
Intel® ICH8 4 port Serial ATA Storage Controller - 2820
Standard AHCI 1.0 Serial ATA Controller NVIDIA GeForce 7950 GT [Display adapter]
NEC FP2141SB [Monitor] (19.7"vis, s/n 49107235YA, September 2004)
Bus Adapters Multimedia
Microsoft iSCSI Initiator
Intel® ICH8 Family USB Universal Host Controller - 2830
Intel® ICH8 Family USB Universal Host Controller - 2831
Intel® ICH8 Family USB Universal Host Controller - 2832
Intel® ICH8 Family USB Universal Host Controller - 2834
Intel® ICH8 Family USB Universal Host Controller - 2835
Intel® ICH8 Family USB2 Enhanced Host Controller - 2836
Intel® ICH8 Family USB2 Enhanced Host Controller - 283A Creative SB X-Fi
High Definition Audio Device
Virus Protection [Back to Top] Group Policies
Microsoft Security Essentials Version 3.0.8402.0
Scan Engine Version 1.1.7801.0
Virus Definitions Version 1.115.831.0
Realtime File Scanning On
None discovered
Communications new – connection speed & status Other Devices
↑ Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller
primary Auto IP Address: 192.168.0.3 / 24
Gateway: 192.168.0.1
Dhcp Server: 192.168.0.1
Physical Address: 00:1A:92:7E:03:81
Connection Speed: 100 Mbps
↓ Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
Status: Cable unplugged
Dhcp Server: none responded
Physical Address: 00:1A:92:7E:0A:ED
Connection Speed: 1 Gbps
Microsoft ISATAP Adapter
Teredo Tunneling Pseudo-Interface

Networking Dns Servers: 192.168.0.1
8.8.8.8
8.8.4.4
Texas Instruments OHCI Compliant IEEE 1394 Host Controller
HID Non-User Input Data Filter (KB 911895)
Standard PS/2 Keyboard
Microsoft USB Wireless Mouse (IntelliPoint)
TG_iMON (x64)
USB Mass Storage Device (2x)
USB Root Hub (7x)
Generic volume shadow copy
STORAGE DEVICE

#5 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,257 posts

Posted 29 October 2011 - 10:16 PM

A Google search for "random freeze asus P5B-Premium Rev 1.xx" didn't turn up any solutions. What is the brand of your PC? Random freezes seem to be most common on Dell.

If we find no malware you might want to post at PC Guide forum. They are more hardware oriented.

Please run these two scans for rootkits:

Please download tdsskiller.exe and save it to your Desktop. Go here for information.
  • Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
  • If a suspicious file is detected, the default action will be Skip, click on Continue
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file in your next reply.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.
Please download MBRCheck by a_d_13 to your Desktop from one of these locations:
http://ad13.geekstogo.com/MBRCheck.exe
http://download.blee...al/MBRCheck.exe
http://www.kernelmod...fo/MBRCheck.exe
Close all opened programs/ windows and double-click on MBRCheck.exe.
It will produce a log file saved automatically on your Desktop as "MBRCheck_[Date]_[Time].txt".
Press the "Enter" key to close the MBRCheck window and post the contents of the log file.

After that =======================
Please download ComboFix.exe to your Desktop. Visit this webpage for download links, and instructions for running the tool:
how-to-use-combofix
* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Please go here to see a list of programs that should be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**

Please include the C:\ComboFix.txt in your next reply for further review, and let me know if you're still getting freezes or any other problems. Note that if ComboFix leaves the PC in an odd state, another reboot and/or running ComboFix again should fix it.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#6 DimitriK

DimitriK

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 31 October 2011 - 01:58 PM

Hey again... I tried fewer tabs and when that didn't help, I even switched to Firefox thinking it may be Chome's special version of flash, but to no avail. I ran tds, mbr, and combofix (making sure to disable the programs listed in the combofix doc) and here are those logfiles:

MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows Vista Ultimate Edition
Windows Information: Service Pack 2 (build 6002), 64-bit
Base Board Manufacturer: ASUSTeK Computer INC.
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: System manufacturer
System Product Name: System Product Name
Logical Drives Mask: 0x0000015c

Kernel Drivers (total 167):
0x01A12000 \SystemRoot\system32\ntoskrnl.exe
0x01F2A000 \SystemRoot\system32\hal.dll
0x00600000 \SystemRoot\system32\kdcom.dll
0x0060A000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00645000 \SystemRoot\system32\PSHED.dll
0x00659000 \SystemRoot\system32\CLFS.SYS
0x006B6000 \SystemRoot\system32\CI.dll
0x00807000 \SystemRoot\system32\drivers\Wdf01000.sys
0x008AB000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x008BA000 \SystemRoot\system32\drivers\acpi.sys
0x00910000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00919000 \SystemRoot\system32\drivers\msisadrv.sys
0x00923000 \SystemRoot\system32\drivers\pci.sys
0x00953000 \SystemRoot\System32\drivers\partmgr.sys
0x00968000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x0096C000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00978000 \SystemRoot\system32\drivers\volmgr.sys
0x0098C000 \SystemRoot\System32\drivers\volmgrx.sys
0x009F2000 \SystemRoot\system32\drivers\intelide.sys
0x00768000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x00800000 \SystemRoot\system32\drivers\pciide.sys
0x00778000 \SystemRoot\system32\DRIVERS\jraid.sys
0x00799000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
0x007C7000 \SystemRoot\System32\drivers\mountmgr.sys
0x007DA000 \SystemRoot\system32\drivers\atapi.sys
0x00A02000 \SystemRoot\system32\drivers\ataport.SYS
0x00A26000 \SystemRoot\system32\DRIVERS\msahci.sys
0x00A30000 \SystemRoot\system32\drivers\fltmgr.sys
0x00A77000 \SystemRoot\system32\drivers\fileinfo.sys
0x00A8B000 \SystemRoot\System32\Drivers\ksecdd.sys
0x00C07000 \SystemRoot\system32\drivers\ndis.sys
0x00B12000 \SystemRoot\system32\drivers\msrpc.sys
0x00B62000 \SystemRoot\system32\drivers\NETIO.SYS
0x00E06000 \SystemRoot\System32\Drivers\Ntfs.sys
0x00F86000 \SystemRoot\system32\drivers\volsnap.sys
0x00FCA000 \SystemRoot\System32\Drivers\spldr.sys
0x00FD2000 \SystemRoot\System32\Drivers\mup.sys
0x00DCA000 \SystemRoot\System32\drivers\ecache.sys
0x00BBB000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x00FEB000 \SystemRoot\system32\drivers\disk.sys
0x0100D000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x01039000 \SystemRoot\system32\drivers\crcdisk.sys
0x01078000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x01085000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x0108E000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x02406000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x030B4000 \SystemRoot\System32\Drivers\nvBridge.kmd
0x030B9000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x0319C000 \SystemRoot\System32\drivers\watchdog.sys
0x031AC000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x031B8000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x010A1000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x010B2000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x03207000 \SystemRoot\system32\DRIVERS\yk60x64.sys
0x03269000 \SystemRoot\system32\drivers\ctaud2k.sys
0x0330F000 \SystemRoot\system32\drivers\portcls.sys
0x0334A000 \SystemRoot\system32\drivers\drmk.sys
0x0336D000 \SystemRoot\system32\drivers\ks.sys
0x033A1000 \SystemRoot\system32\drivers\ctoss2k.sys
0x033D2000 \SystemRoot\system32\drivers\ctprxy2k.sys
0x033DA000 \SystemRoot\system32\drivers\ksthunk.sys
0x033E0000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x0119F000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x033F2000 \SystemRoot\system32\DRIVERS\ASACPI.sys
0x011AF000 \SystemRoot\system32\DRIVERS\serial.sys
0x011CC000 \SystemRoot\system32\DRIVERS\serenum.sys
0x011D8000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x011EE000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x00BE4000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x01000000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x03405000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x0343E000 \SystemRoot\system32\DRIVERS\storport.sys
0x0349B000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x034A8000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x034CB000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x034D7000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x03508000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x03518000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x03536000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x0354E000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0x035E8000 \SystemRoot\system32\DRIVERS\termdd.sys
0x007E2000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x035FB000 \SystemRoot\system32\DRIVERS\swenum.sys
0x007EE000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x03605000 \SystemRoot\system32\DRIVERS\umbus.sys
0x03615000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x0365D000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x03671000 \SystemRoot\system32\drivers\ha20x2k.sys
0x08201000 \SystemRoot\system32\drivers\emupia2k.sys
0x0824B000 \SystemRoot\system32\drivers\ctsfm2k.sys
0x08283000 \SystemRoot\system32\drivers\ctac32k.sys
0x0834C000 \SystemRoot\System32\drivers\CT20XUT.SYS
0x08609000 \SystemRoot\System32\drivers\CTEXFIFX.SYS
0x08766000 \SystemRoot\system32\drivers\HdAudio.sys
0x087AF000 \SystemRoot\system32\DRIVERS\MpFilter.sys
0x087E0000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x087EA000 \SystemRoot\System32\Drivers\Null.SYS
0x08381000 \??\C:\Windows\system32\drivers\SBREdrv.sys
0x08392000 \SystemRoot\System32\drivers\vga.sys
0x083A0000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x087F3000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x08600000 \SystemRoot\system32\drivers\rdpencdd.sys
0x083C5000 \SystemRoot\System32\Drivers\Msfs.SYS
0x083D0000 \SystemRoot\System32\Drivers\Npfs.SYS
0x083E1000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x08808000 \SystemRoot\System32\drivers\tcpip.sys
0x0897C000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x089A8000 \SystemRoot\system32\DRIVERS\tdx.sys
0x089C5000 \SystemRoot\system32\drivers\networx.sys
0x089D7000 \SystemRoot\system32\DRIVERS\smb.sys
0x08A06000 \SystemRoot\System32\DRIVERS\netbt.sys
0x08A4A000 \SystemRoot\system32\drivers\afd.sys
0x08AB5000 \SystemRoot\system32\DRIVERS\pacer.sys
0x08AD3000 \SystemRoot\system32\DRIVERS\netbios.sys
0x08AE2000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x08AFD000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x08B4A000 \SystemRoot\system32\drivers\tgimonx64.sys
0x08B59000 \SystemRoot\system32\drivers\USBD.SYS
0x08B5B000 \SystemRoot\system32\drivers\nsiproxy.sys
0x08B67000 \SystemRoot\System32\Drivers\dfsc.sys
0x08B84000 \SystemRoot\SysWow64\drivers\AsIO.sys
0x08B8B000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x08BA3000 \SystemRoot\system32\DRIVERS\dc3d.sys
0x08BB5000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x08BBD000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x08BC6000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x08BD8000 \SystemRoot\system32\DRIVERS\NuidFltr.sys
0x08BE4000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x08BEF000 \SystemRoot\system32\DRIVERS\point64.sys
0x089F2000 \SystemRoot\system32\DRIVERS\ustor2k.sys
0x01043000 \SystemRoot\System32\Drivers\fastfat.SYS
0x083EA000 \SystemRoot\System32\Drivers\crashdmp.sys
0x037F2000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x08800000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x08C08000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x000C0000 \SystemRoot\System32\win32k.sys
0x08C1B000 \SystemRoot\System32\drivers\Dxapi.sys
0x08C27000 \SystemRoot\system32\DRIVERS\monitor.sys
0x004F0000 \SystemRoot\System32\TSDDD.dll
0x00830000 \SystemRoot\System32\ATMFD.DLL
0x006B0000 \SystemRoot\System32\cdd.dll
0x08C3A000 \SystemRoot\system32\drivers\luafv.sys
0x08C65000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x08C79000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x08C91000 \SystemRoot\system32\drivers\HTTP.sys
0x08D34000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x08D5D000 \SystemRoot\system32\DRIVERS\bowser.sys
0x08D7B000 \SystemRoot\System32\drivers\mpsdrv.sys
0x08D95000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x0C80B000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x0C854000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x0C873000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0C8A5000 \SystemRoot\System32\DRIVERS\srv.sys
0x0C938000 \SystemRoot\system32\drivers\spsys.sys
0x0C9D2000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x0C9DD000 \SystemRoot\System32\Drivers\adfs.SYS
0x0C9F5000 \??\C:\Windows\system32\drivers\cpuz135_x64.sys
0x0CE0C000 \SystemRoot\system32\drivers\peauth.sys
0x0CEC2000 \SystemRoot\System32\Drivers\secdrv.SYS
0x0CECD000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0CEDD000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x0CEFD000 \SystemRoot\system32\DRIVERS\WUDFPf.sys
0x0CF13000 \SystemRoot\system32\DRIVERS\NisDrvWFP.sys
0x0CF2B000 \SystemRoot\system32\DRIVERS\psi_mf.sys
0x0CFA0000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x0CFBC000 \SystemRoot\system32\DRIVERS\MpNWMon.sys
0x771E0000 \Windows\System32\ntdll.dll

Processes (total 73):
0 System Idle Process
4 System
488 C:\Windows\System32\smss.exe
580 csrss.exe
624 C:\Windows\System32\wininit.exe
644 csrss.exe
680 C:\Windows\System32\services.exe
692 C:\Windows\System32\lsass.exe
700 C:\Windows\System32\lsm.exe
776 C:\Windows\System32\winlogon.exe
900 C:\Windows\System32\svchost.exe
944 C:\Windows\System32\nvvsvc.exe
976 C:\Windows\System32\svchost.exe
1020 C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
572 C:\Windows\System32\svchost.exe
584 C:\Windows\System32\svchost.exe
1052 C:\Windows\System32\svchost.exe
1120 C:\Windows\System32\audiodg.exe
1156 C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
1344 C:\Windows\System32\svchost.exe
1360 C:\Windows\System32\SLsvc.exe
1408 C:\Windows\System32\svchost.exe
1492 C:\Windows\System32\svchost.exe
1628 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
1644 C:\Windows\System32\nvvsvc.exe
1716 C:\Windows\System32\spoolsv.exe
1752 C:\Windows\System32\svchost.exe
2036 C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
1792 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1228 C:\PROGRA~2\APC\POWERC~1\agent\pbeagent.exe
1884 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1916 C:\Program Files\Bonjour\mDNSResponder.exe
1964 C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe
2072 C:\Windows\System32\svchost.exe
2180 C:\Windows\System32\svchost.exe
2200 C:\Windows\System32\svchost.exe
2292 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
2344 C:\Program Files (x86)\Secunia\PSI\psia.exe
2548 C:\Windows\System32\taskeng.exe
2580 C:\Windows\System32\dwm.exe
2628 C:\Windows\System32\taskeng.exe
2672 C:\Windows\System32\taskeng.exe
2684 C:\Windows\explorer.exe
3000 C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
2644 C:\Windows\System32\svchost.exe
2892 C:\Windows\System32\svchost.exe
2260 C:\Windows\System32\SearchIndexer.exe
3112 C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
3164 WUDFHost.exe
3308 C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
3712 C:\Program Files (x86)\SanDisk ImageMate\SanDisk Transfer Button.exe
3900 C:\Program Files (x86)\Secunia\PSI\sua.exe
4092 C:\Program Files\Microsoft IntelliPoint\ipoint.exe
2868 C:\Program Files\Microsoft Security Client\msseces.exe
428 C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe
2512 C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe
3516 C:\Windows\SysWOW64\CTxfispi.exe
4020 C:\Program Files (x86)\Creative\Entertainment Center\EAXLoadr.exe
2240 C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
3616 C:\Program Files (x86)\ASUS\AI Suite\EnergySaving\PwSave.exe
1176 C:\Windows\SysWOW64\Ctxfihlp.exe
876 WmiPrvSE.exe
3960 C:\Program Files\iTunesHelper.exe
4104 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
4204 C:\Program Files\iPod\bin\iPodService.exe
4548 C:\Windows\System32\svchost.exe
4384 C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
5820 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
1876 WmiPrvSE.exe
5444 C:\Windows\splwow64.exe
5264 C:\Windows\System32\SearchProtocolHost.exe
2756 C:\Windows\System32\SearchFilterHost.exe
2408 C:\Users\Dimitri\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)
\\.\E: --> \\.\PhysicalDrive1 at offset 0x00000000`00100000 (NTFS)
\\.\G: --> \\.\PhysicalDrive2 at offset 0x00000000`08100000 (NTFS)

PhysicalDrive0 Model Number: WDCWD5000AAKS-00YGA0, Rev: 12.01C02
PhysicalDrive1 Model Number: WDCWD5000AAKS-00TMA0, Rev: 12.01C01
PhysicalDrive2 Model Number: WDCWD30EZRS-11J99B0, Rev: 80.00A80

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979
465 GB \\.\PhysicalDrive1 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979
2794 GB \\.\PhysicalDrive2 Windows Vista MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979


Done!


ComboFix 11-10-30.04 - Dimitri 10/31/2011 11:12:30.1.2 - x64
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.4094.2196 [GMT -7:00]
Running from: c:\users\Dimitri\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\xml413D.tmp
c:\programdata\xml466C.tmp
c:\programdata\xml4969.tmp
c:\users\Dimitri\AppData\Roaming\EurekaLog
c:\users\Dimitri\AppData\Roaming\EurekaLog\TreeSize\TreeSize.elf
c:\windows\SysWow64\AutoRun.exe
c:\windows\SysWow64\CF15429.exe
c:\windows\SysWow64\CF24626.exe
c:\windows\SysWow64\uninstall.exe
c:\windows\SysWow64\X86
c:\windows\SysWow64\X86\License.rtf
c:\windows\SysWow64\X86\Readme.txt
c:\windows\SysWow64\X86\setup.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-09-28 to 2011-10-31 )))))))))))))))))))))))))))))))
.
.
2011-10-31 18:25 . 2011-10-31 18:26 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C2AC6E40-1E53-41AC-B925-B9026B5B7A72}\offreg.dll
2011-10-31 18:25 . 2011-10-31 18:25 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{65E2D8EC-5C2D-4901-9A83-F5FA676B637A}\offreg.dll
2011-10-31 18:04 . 2011-10-18 09:27 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C2AC6E40-1E53-41AC-B925-B9026B5B7A72}\mpengine.dll
2011-10-31 15:57 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{65E2D8EC-5C2D-4901-9A83-F5FA676B637A}\mpengine.dll
2011-10-30 01:44 . 2011-10-30 01:44 -------- d-----w- c:\program files (x86)\Belarc
2011-10-29 06:56 . 2011-10-29 06:57 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-10-29 04:14 . 2011-10-29 04:14 388096 ----a-r- c:\users\Dimitri\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-10-29 03:35 . 2011-10-29 03:36 -------- d-----w- C:\rei
2011-10-29 03:35 . 2011-10-29 03:35 -------- d-----w- c:\program files\Reimage
2011-10-28 23:36 . 2011-10-28 23:36 -------- d-----w- c:\users\Dimitri\AppData\Roaming\Adobe Mini Bridge CS5.1
2011-10-28 23:35 . 2011-10-28 23:35 -------- d-----w- c:\users\Dimitri\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2011-10-25 00:43 . 2011-10-25 00:43 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-10-24 21:29 . 2011-10-24 21:29 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 21:29 . 2011-10-24 21:29 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2011-10-21 17:41 . 2011-10-21 17:41 -------- d-----w- C:\BDR206
2011-10-19 21:42 . 2011-10-19 21:42 -------- d-----w- c:\users\Dimitri\AppData\Roaming\AdobeSupportAdvisor.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
2011-10-19 21:42 . 2011-10-19 21:42 -------- d-----w- c:\program files (x86)\Adobe Support Advisor
2011-10-17 17:09 . 2011-10-17 17:09 -------- d-----w- c:\program files\Mozilla Plugins
2011-10-17 17:05 . 2011-10-17 17:05 -------- d-----w- c:\program files\iPod
2011-10-17 17:05 . 2011-10-17 17:09 -------- d-----w- c:\program files\iTunes
2011-10-17 17:05 . 2011-10-17 17:05 -------- d-----w- c:\program files\CD Configuration
2011-10-17 16:56 . 2011-10-17 16:56 -------- d-----w- c:\program files\Bonjour
2011-10-17 03:05 . 2011-10-17 03:05 -------- d-----w- c:\program files (x86)\Adobe Download Assistant
2011-10-17 00:41 . 2011-10-17 00:41 -------- dc-h--w- c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2011-10-13 04:36 . 2011-10-30 01:45 -------- d-----w- c:\users\Administrator
2011-10-12 22:31 . 2011-09-06 13:56 2764288 ----a-w- c:\windows\system32\win32k.sys
2011-10-12 06:55 . 2011-10-12 06:54 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{29C6A2DF-DAC3-4F8A-9E59-7352D6470E70}\gapaengine.dll
2011-10-10 01:06 . 2011-10-10 01:06 796520 ----a-w- c:\program files\gnsdk_sdkmanager.dll
2011-10-10 01:06 . 2011-10-10 01:06 276328 ----a-w- c:\program files\gnsdk_submit.dll
2011-10-10 01:06 . 2011-10-10 01:06 2152296 ----a-w- c:\program files\gnsdk_dsp.dll
2011-10-10 01:06 . 2011-10-10 01:06 198504 ----a-w- c:\program files\gnsdk_musicid.dll
2011-10-07 19:27 . 2011-10-07 19:27 -------- d-----w- c:\users\Dimitri\AppData\Roaming\ArcSoft
2011-10-07 19:27 . 2011-10-07 19:27 -------- d-----w- c:\program files (x86)\ArcSoft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-30 06:03 . 2011-07-10 06:37 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-07 04:16 . 2011-05-31 05:16 8570192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-10-03 12:06 . 2010-04-29 19:50 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-09-23 07:09 . 2011-04-27 04:10 15672 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2011-09-20 04:58 . 2011-02-11 09:56 57480 ----a-w- c:\windows\system32\drivers\networx.sys
2011-09-01 00:00 . 2009-06-12 23:27 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-31 06:05 . 2011-08-31 06:05 96104 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-31 06:05 . 2011-08-31 06:05 85864 ----a-w- c:\windows\system32\dnssd.dll
2011-08-31 06:05 . 2011-08-31 06:05 83816 ----a-w- c:\windows\SysWow64\dns-sd.exe
2011-08-31 06:05 . 2011-08-31 06:05 73064 ----a-w- c:\windows\SysWow64\dnssd.dll
2011-06-10 08:13 . 2011-06-10 08:13 111904 ----a-w- c:\program files\ITDetector.ocx
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\MESSEN~1\YahooMessenger.exe" [2011-08-22 6276408]
"HostsMan"="c:\program files (x86)\HostsMan\hm.exe" [2010-02-06 3043840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"="c:\program files (x86)\Creative\Volume Panel\VolPanlu.exe" [2008-08-06 233576]
"Module Loader"="c:\program files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" [2007-07-23 57344]
"AudioDrvEmulator"="c:\program files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" [2007-07-23 57344]
"Ai Nap"="c:\program files (x86)\ASUS\AI Suite\AiNap\AiNap.exe" [2008-01-28 1413120]
"CPU Power Monitor"="c:\program files (x86)\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe" [2008-01-09 627200]
"Cpu Level Up help"="c:\program files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe" [2007-12-01 881152]
"ASUS Energy Saving"="c:\program files (x86)\ASUS\AI Suite\EnergySaving\PwSave.exe" [2008-01-28 1352704]
"AsioThk32Reg"="CTASIO.DLL" [2010-05-06 51712]
"CTxfiHlp"="CTXFIHLP.EXE" [2010-05-06 25600]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files\iTunesHelper.exe" [2011-10-10 421736]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"SanDisk Transfer Button"="c:\windows\system32\Starter.exe" [2008-11-05 155714]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-4-18 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 CachemanService;Cacheman Service; [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-14 136176]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2008-10-29 79360]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-14 136176]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NDSPCIIO;NDSPCIIO; [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-28 288272]
R3 PSSDK42;PSSDK42; [x]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2011.SP1a\RpcAgentSrv.exe [2009-08-10 93848]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TVICHW64;TVICHW64;c:\windows\SysWOW64\Drivers\TVICHW64.SYS [2008-11-21 21200]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 networx;networx;c:\windows\system32\drivers\networx.sys [x]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 APCPBEAgent;APC PBE Agent;c:\progra~2\APC\POWERC~1\agent\pbeagent.exe [2008-12-01 34104]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-04-19 399416]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [x]
S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
S3 USTOR2K;Genesys USB Mass Storage Windows Driver;c:\windows\system32\DRIVERS\ustor2k.sys [x]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk60x64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-14 21:08]
.
2011-10-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-14 21:08]
.
2011-10-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3692413737-2501699460-3204623115-1000Core.job
- c:\users\Dimitri\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-24 08:18]
.
2011-10-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3692413737-2501699460-3204623115-1000UA.job
- c:\users\Dimitri\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-24 08:18]
.
2011-10-31 c:\windows\Tasks\RegistryBooster.job
- c:\program files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2011-10-17 09:48]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NetWorx"="c:\program files\NetWorx\networx.exe" [2011-10-19 4756992]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-01-08 2328944]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-16 499608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office10\EXCEL.EXE/3000
Trusted Zone: intuit.com\ttlc
TCP: DhcpNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{09CFFD12-193B-43C0-B06D-0688F27597A6}: NameServer = 8.8.8.8,8.8.4.4
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\1onmqbbh.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
.
------- File Associations -------
.
.txt=GetDiz.TextFile
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Wow6432Node-HKCU-Run-msnmsgr - c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=hex:51,66,7a,6c,4c,1d,38,12,5c,be,8a,
eb,c9,8f,bc,54,f6,39,43,d0,22,43,0b,9c
"{02478D38-C3F9-4EFB-9B51-7695ECA05670}"=hex:51,66,7a,6c,4c,1d,38,12,56,8e,54,
06,cb,8d,95,0b,e4,47,35,d5,e9,fe,12,64
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}"=hex:51,66,7a,6c,4c,1d,38,12,eb,77,ac,
6a,ad,5b,91,0e,de,59,fa,a3,af,9a,02,4f
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}"=hex:51,66,7a,6c,4c,1d,38,12,cf,4e,be,
f9,90,2f,b6,0a,e3,01,c5,b7,a9,7a,14,95
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:ec,7f,ce,35,c4,07,cc,01
.
[HKEY_USERS\S-1-5-21-3692413737-2501699460-3204623115-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3692413737-2501699460-3204623115-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-3692413737-2501699460-3204623115-1000\Software\SecuROM\License information*]
"datasecu"=hex:db,df,8f,0b,62,c5,1e,33,01,5c,f7,ec,ef,c5,4a,da,d5,e7,d3,b9,39,
b0,bd,4a,08,f9,dd,34,3d,d8,c8,75,00,04,cd,1f,8c,00,b5,c4,d6,60,3e,dc,76,a2,\
"rkeysecu"=hex:7f,48,34,8c,5e,c9,96,f7,a9,7e,f0,ba,2c,d6,88,55
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
c:\windows\SysWOW64\CTXFISPI.EXE
c:\program files (x86)\Creative\Entertainment Center\EAXLoadr.exe
c:\program files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
c:\windows\SysWOW64\Ctxfihlp.exe
c:\program files (x86)\Internet Explorer\IELowutil.exe
.
**************************************************************************
.
Completion time: 2011-10-31 11:45:21 - machine was rebooted
ComboFix-quarantined-files.txt 2011-10-31 18:45
.
Pre-Run: 44,181,598,208 bytes free
Post-Run: 61,223,018,496 bytes free
.
- - End Of File - - D1ABBF2DB7DCC7AC04B9C78D90AF5330

#7 DimitriK

DimitriK

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 31 October 2011 - 02:00 PM

oops.. I forgot to add the tdsskiller log since it didn't catch anything... here's that log too:

11:59:21.0995 5840 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01
11:59:22.0495 5840 ============================================================
11:59:22.0495 5840 Current date / time: 2011/10/31 11:59:22.0495
11:59:22.0495 5840 SystemInfo:
11:59:22.0495 5840
11:59:22.0496 5840 OS Version: 6.0.6002 ServicePack: 2.0
11:59:22.0496 5840 Product type: Workstation
11:59:22.0496 5840 ComputerName: SILENTBUTDEADLY
11:59:22.0496 5840 UserName: Dimitri
11:59:22.0496 5840 Windows directory: C:\Windows
11:59:22.0496 5840 System windows directory: C:\Windows
11:59:22.0496 5840 Running under WOW64
11:59:22.0496 5840 Processor architecture: Intel x64
11:59:22.0496 5840 Number of processors: 2
11:59:22.0496 5840 Page size: 0x1000
11:59:22.0496 5840 Boot type: Normal boot
11:59:22.0496 5840 ============================================================
11:59:23.0833 5840 Initialize success
11:59:30.0801 5892 ============================================================
11:59:30.0801 5892 Scan started
11:59:30.0801 5892 Mode: Manual; SigCheck; TDLFS;
11:59:30.0801 5892 ============================================================
11:59:31.0794 5892 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
11:59:31.0872 5892 ACPI - ok
11:59:31.0910 5892 adfs (d44bcaf639e4e45307c2bc80715273d5) C:\Windows\system32\drivers\adfs.sys
11:59:31.0939 5892 adfs - ok
11:59:32.0008 5892 adp94xx (9137451d37ba1c325cd6c2def3d2d692) C:\Windows\system32\drivers\adp94xx.sys
11:59:32.0024 5892 adp94xx - ok
11:59:32.0087 5892 adpahci (01f80898df5cc7df19b3b11351846263) C:\Windows\system32\drivers\adpahci.sys
11:59:32.0100 5892 adpahci - ok
11:59:32.0149 5892 adpu160m (da001db13fff45dfe9109936e265b7cc) C:\Windows\system32\drivers\adpu160m.sys
11:59:32.0158 5892 adpu160m - ok
11:59:32.0174 5892 adpu320 (2b10c35c5b7c5c0c28f572e035319602) C:\Windows\system32\drivers\adpu320.sys
11:59:32.0183 5892 adpu320 - ok
11:59:32.0242 5892 AFD (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys
11:59:32.0291 5892 AFD - ok
11:59:32.0332 5892 agp440 (5ccdd13bc602ae33cd8b62d33c29ab72) C:\Windows\system32\drivers\agp440.sys
11:59:32.0339 5892 agp440 - ok
11:59:32.0386 5892 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
11:59:32.0394 5892 aic78xx - ok
11:59:32.0412 5892 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
11:59:32.0419 5892 aliide - ok
11:59:32.0432 5892 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
11:59:32.0441 5892 amdide - ok
11:59:32.0454 5892 AmdK8 (de55dc52f7ceb89a967572d6b491ada2) C:\Windows\system32\drivers\amdk8.sys
11:59:32.0511 5892 AmdK8 - ok
11:59:32.0540 5892 arc (2e8623f2fed998a97129a3db919551c8) C:\Windows\system32\drivers\arc.sys
11:59:32.0548 5892 arc - ok
11:59:32.0559 5892 arcsas (741a003c041a3ec480a2e71af71e9654) C:\Windows\system32\drivers\arcsas.sys
11:59:32.0567 5892 arcsas - ok
11:59:32.0569 5892 AsIO - ok
11:59:32.0617 5892 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
11:59:32.0679 5892 AsyncMac - ok
11:59:32.0714 5892 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
11:59:32.0722 5892 atapi - ok
11:59:32.0746 5892 Beep - ok
11:59:32.0759 5892 blbdrive - ok
11:59:32.0792 5892 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
11:59:32.0836 5892 bowser - ok
11:59:32.0856 5892 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
11:59:32.0890 5892 BrFiltLo - ok
11:59:32.0911 5892 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
11:59:32.0929 5892 BrFiltUp - ok
11:59:32.0951 5892 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
11:59:32.0991 5892 Brserid - ok
11:59:33.0009 5892 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
11:59:33.0068 5892 BrSerWdm - ok
11:59:33.0088 5892 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
11:59:33.0140 5892 BrUsbMdm - ok
11:59:33.0166 5892 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
11:59:33.0221 5892 BrUsbSer - ok
11:59:33.0241 5892 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
11:59:33.0281 5892 BTHMODEM - ok
11:59:33.0302 5892 catchme - ok
11:59:33.0333 5892 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
11:59:33.0360 5892 cdfs - ok
11:59:33.0398 5892 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
11:59:33.0417 5892 cdrom - ok
11:59:33.0439 5892 circlass (f28f00596824058bc61d5edf434c9b82) C:\Windows\system32\drivers\circlass.sys
11:59:33.0496 5892 circlass - ok
11:59:33.0538 5892 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
11:59:33.0555 5892 CLFS - ok
11:59:33.0579 5892 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
11:59:33.0587 5892 cmdide - ok
11:59:33.0616 5892 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
11:59:33.0624 5892 Compbatt - ok
11:59:33.0659 5892 cpuz135 (ccb09eb78e047c931708149992c2e435) C:\Windows\system32\drivers\cpuz135_x64.sys
11:59:33.0666 5892 cpuz135 - ok
11:59:33.0674 5892 crcdisk (b1192dcd5b9cf46beed0e2a9e5bcf59a) C:\Windows\system32\drivers\crcdisk.sys
11:59:33.0683 5892 crcdisk - ok
11:59:33.0731 5892 CSC (f60f50c8ed3fcbe358430b95fe27d09c) C:\Windows\system32\drivers\csc.sys
11:59:33.0773 5892 CSC - ok
11:59:33.0817 5892 CT20XUT (229e3b8f266abdafd54e4a372b9d5ddc) C:\Windows\system32\drivers\CT20XUT.SYS
11:59:33.0828 5892 CT20XUT - ok
11:59:33.0835 5892 CT20XUT.DLL - ok
11:59:33.0859 5892 CT20XUT.SYS (229e3b8f266abdafd54e4a372b9d5ddc) C:\Windows\System32\drivers\CT20XUT.SYS
11:59:33.0866 5892 CT20XUT.SYS - ok
11:59:33.0914 5892 ctac32k (eb3843a91a10150c9e05607cbcb44090) C:\Windows\system32\drivers\ctac32k.sys
11:59:33.0939 5892 ctac32k - ok
11:59:33.0975 5892 ctaud2k (bc06efb59a2316537765462dfe40f764) C:\Windows\system32\drivers\ctaud2k.sys
11:59:34.0039 5892 ctaud2k - ok
11:59:34.0125 5892 CTEXFIFX (63b2b6ce9d3ef182981fb64bd5433da4) C:\Windows\system32\drivers\CTEXFIFX.SYS
11:59:34.0262 5892 CTEXFIFX - ok
11:59:34.0270 5892 CTEXFIFX.DLL - ok
11:59:34.0311 5892 CTEXFIFX.SYS (63b2b6ce9d3ef182981fb64bd5433da4) C:\Windows\System32\drivers\CTEXFIFX.SYS
11:59:34.0358 5892 CTEXFIFX.SYS - ok
11:59:34.0393 5892 CTHWIUT (6d115cc80873b85fd80dda1c41f75a2c) C:\Windows\system32\drivers\CTHWIUT.SYS
11:59:34.0400 5892 CTHWIUT - ok
11:59:34.0407 5892 CTHWIUT.DLL - ok
11:59:34.0418 5892 CTHWIUT.SYS (6d115cc80873b85fd80dda1c41f75a2c) C:\Windows\System32\drivers\CTHWIUT.SYS
11:59:34.0425 5892 CTHWIUT.SYS - ok
11:59:34.0469 5892 ctprxy2k (ebc9548ef5838cb5aa8f18b3ac28af12) C:\Windows\system32\drivers\ctprxy2k.sys
11:59:34.0475 5892 ctprxy2k - ok
11:59:34.0524 5892 ctsfm2k (459bee1682121842285c162e2d98d81a) C:\Windows\system32\drivers\ctsfm2k.sys
11:59:34.0534 5892 ctsfm2k - ok
11:59:34.0593 5892 dc3d (23d4b856725f5fc3c4f410c150ab107b) C:\Windows\system32\DRIVERS\dc3d.sys
11:59:34.0601 5892 dc3d - ok
11:59:34.0664 5892 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
11:59:34.0702 5892 DfsC - ok
11:59:34.0728 5892 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
11:59:34.0737 5892 disk - ok
11:59:34.0767 5892 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
11:59:34.0795 5892 drmkaud - ok
11:59:34.0849 5892 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
11:59:34.0873 5892 DXGKrnl - ok
11:59:34.0933 5892 E1G60 (d57fe09b575545738a73a0c193d0616a) C:\Windows\system32\DRIVERS\E1G6032E.sys
11:59:34.0991 5892 E1G60 - ok
11:59:35.0035 5892 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
11:59:35.0046 5892 Ecache - ok
11:59:35.0088 5892 elxstor (3d6298aff3fe06c0616ce5d090a3eeaa) C:\Windows\system32\drivers\elxstor.sys
11:59:35.0127 5892 elxstor - ok
11:59:35.0184 5892 emupia (c26133b6165928fbd156c6fe570f9ed2) C:\Windows\system32\drivers\emupia2k.sys
11:59:35.0192 5892 emupia - ok
11:59:35.0249 5892 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
11:59:35.0286 5892 exfat - ok
11:59:35.0327 5892 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
11:59:35.0348 5892 fastfat - ok
11:59:35.0377 5892 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
11:59:35.0403 5892 fdc - ok
11:59:35.0433 5892 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
11:59:35.0442 5892 FileInfo - ok
11:59:35.0472 5892 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
11:59:35.0514 5892 Filetrace - ok
11:59:35.0538 5892 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
11:59:35.0565 5892 flpydisk - ok
11:59:35.0613 5892 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
11:59:35.0627 5892 FltMgr - ok
11:59:35.0675 5892 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
11:59:35.0693 5892 Fs_Rec - ok
11:59:35.0858 5892 fvevol (849e38db7d829962d0233a0a252b60c3) C:\Windows\system32\DRIVERS\fvevol.sys
11:59:35.0911 5892 fvevol - ok
11:59:36.0023 5892 gagp30kx (b54520cc7b4b55134d7527b1cd3fc1f2) C:\Windows\system32\drivers\gagp30kx.sys
11:59:36.0060 5892 gagp30kx - ok
11:59:36.0133 5892 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:59:36.0139 5892 GEARAspiWDM - ok
11:59:36.0210 5892 ha20x2k (a3f010d5dbfb589a3b3288c05c2ea3f9) C:\Windows\system32\drivers\ha20x2k.sys
11:59:36.0337 5892 ha20x2k - ok
11:59:36.0410 5892 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
11:59:36.0449 5892 HdAudAddService - ok
11:59:36.0500 5892 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:59:36.0597 5892 HDAudBus - ok
11:59:36.0646 5892 HidBatt (68214c82fa6222591873677a72df2a66) C:\Windows\system32\DRIVERS\HidBatt.sys
11:59:36.0672 5892 HidBatt - ok
11:59:36.0743 5892 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
11:59:36.0797 5892 HidBth - ok
11:59:36.0819 5892 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
11:59:36.0891 5892 HidIr - ok
11:59:36.0912 5892 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
11:59:36.0948 5892 HidUsb - ok
11:59:36.0976 5892 HpCISSs (8edc820115df1e04763b2923676ea5b2) C:\Windows\system32\drivers\hpcisss.sys
11:59:36.0984 5892 HpCISSs - ok
11:59:37.0043 5892 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
11:59:37.0162 5892 HTTP - ok
11:59:37.0179 5892 i2omp (f2901763845570ecac48e6a50ec50812) C:\Windows\system32\drivers\i2omp.sys
11:59:37.0188 5892 i2omp - ok
11:59:37.0254 5892 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
11:59:37.0286 5892 i8042prt - ok
11:59:37.0317 5892 iaStorV (72c3ee7ea3cd75a772e62ae0e5df8b8c) C:\Windows\system32\drivers\iastorv.sys
11:59:37.0331 5892 iaStorV - ok
11:59:37.0352 5892 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
11:59:37.0360 5892 iirsp - ok
11:59:37.0406 5892 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
11:59:37.0413 5892 intelide - ok
11:59:37.0453 5892 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
11:59:37.0491 5892 intelppm - ok
11:59:37.0540 5892 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:59:37.0575 5892 IpFilterDriver - ok
11:59:37.0584 5892 IpInIp - ok
11:59:37.0610 5892 IPMIDRV (eacdbbe429c6d170bdeee0effcbc317b) C:\Windows\system32\drivers\ipmidrv.sys
11:59:37.0650 5892 IPMIDRV - ok
11:59:37.0698 5892 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
11:59:37.0739 5892 IPNAT - ok
11:59:37.0788 5892 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
11:59:37.0814 5892 IRENUM - ok
11:59:37.0832 5892 isapnp (d3bb520b31f28c1a065cd058e762ee73) C:\Windows\system32\drivers\isapnp.sys
11:59:37.0840 5892 isapnp - ok
11:59:37.0890 5892 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
11:59:37.0900 5892 iScsiPrt - ok
11:59:37.0919 5892 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
11:59:37.0928 5892 iteatapi - ok
11:59:37.0947 5892 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
11:59:37.0955 5892 iteraid - ok
11:59:38.0001 5892 JGOGO (7ff7db8466da74da7ad64a55f31221f6) C:\Windows\system32\DRIVERS\JGOGO.sys
11:59:38.0032 5892 JGOGO - ok
11:59:38.0074 5892 JRAID (79a55e8907f34ab569029505418c35ef) C:\Windows\system32\DRIVERS\jraid.sys
11:59:38.0083 5892 JRAID - ok
11:59:38.0099 5892 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
11:59:38.0107 5892 kbdclass - ok
11:59:38.0128 5892 kbdhid (2b08052372c1f0dffc31cdd6e5abc4b5) C:\Windows\system32\drivers\kbdhid.sys
11:59:38.0183 5892 kbdhid - ok
11:59:38.0229 5892 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys
11:59:38.0267 5892 KSecDD - ok
11:59:38.0322 5892 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
11:59:38.0364 5892 ksthunk - ok
11:59:38.0405 5892 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
11:59:38.0447 5892 lltdio - ok
11:59:38.0480 5892 LSI_FC (1572f8d999c0ab4376afdce058a78df9) C:\Windows\system32\drivers\lsi_fc.sys
11:59:38.0489 5892 LSI_FC - ok
11:59:38.0509 5892 LSI_SAS (64470979c3e3c9ff60edfb5230c56e0e) C:\Windows\system32\drivers\lsi_sas.sys
11:59:38.0518 5892 LSI_SAS - ok
11:59:38.0566 5892 LSI_SCSI (4ced7d3b54bfc5bbae75c4a73c7f7428) C:\Windows\system32\drivers\lsi_scsi.sys
11:59:38.0575 5892 LSI_SCSI - ok
11:59:38.0600 5892 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
11:59:38.0639 5892 luafv - ok
11:59:38.0663 5892 megasas (2f631c2939d5f2e8958935ee701d70d7) C:\Windows\system32\drivers\megasas.sys
11:59:38.0670 5892 megasas - ok
11:59:38.0720 5892 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
11:59:38.0761 5892 Modem - ok
11:59:38.0800 5892 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
11:59:38.0841 5892 monitor - ok
11:59:38.0876 5892 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
11:59:38.0884 5892 mouclass - ok
11:59:38.0895 5892 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
11:59:38.0937 5892 mouhid - ok
11:59:38.0976 5892 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
11:59:38.0985 5892 MountMgr - ok
11:59:39.0025 5892 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
11:59:39.0036 5892 MpFilter - ok
11:59:39.0060 5892 mpio (ed48eac719ee28db773359eb1b06e2b5) C:\Windows\system32\drivers\mpio.sys
11:59:39.0070 5892 mpio - ok
11:59:39.0119 5892 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
11:59:39.0126 5892 MpNWMon - ok
11:59:39.0166 5892 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
11:59:39.0195 5892 mpsdrv - ok
11:59:39.0222 5892 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
11:59:39.0233 5892 Mraid35x - ok
11:59:39.0300 5892 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
11:59:39.0349 5892 MRxDAV - ok
11:59:39.0424 5892 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:59:39.0448 5892 mrxsmb - ok
11:59:39.0496 5892 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:59:39.0510 5892 mrxsmb10 - ok
11:59:39.0519 5892 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:59:39.0530 5892 mrxsmb20 - ok
11:59:39.0567 5892 msahci (aa459f2ab3ab603c357ff117cae3d818) C:\Windows\system32\DRIVERS\msahci.sys
11:59:39.0575 5892 msahci - ok
11:59:39.0596 5892 msdsm (96d7c0a1b98434c6e4ff0c2e26a0e20a) C:\Windows\system32\drivers\msdsm.sys
11:59:39.0606 5892 msdsm - ok
11:59:39.0664 5892 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
11:59:39.0706 5892 Msfs - ok
11:59:39.0741 5892 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
11:59:39.0748 5892 msisadrv - ok
11:59:39.0787 5892 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
11:59:39.0814 5892 MSKSSRV - ok
11:59:39.0827 5892 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
11:59:39.0873 5892 MSPCLOCK - ok
11:59:39.0882 5892 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
11:59:39.0915 5892 MSPQM - ok
11:59:39.0957 5892 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
11:59:39.0970 5892 MsRPC - ok
11:59:39.0987 5892 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
11:59:39.0994 5892 mssmbios - ok
11:59:40.0023 5892 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
11:59:40.0060 5892 MSTEE - ok
11:59:40.0096 5892 MTsensor (6936198f2cc25b39cf5262436c80df46) C:\Windows\system32\DRIVERS\ASACPI.sys
11:59:40.0103 5892 MTsensor - ok
11:59:40.0116 5892 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
11:59:40.0124 5892 Mup - ok
11:59:40.0172 5892 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
11:59:40.0202 5892 NativeWifiP - ok
11:59:40.0251 5892 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
11:59:40.0293 5892 NDIS - ok
11:59:40.0329 5892 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
11:59:40.0362 5892 NdisTapi - ok
11:59:40.0419 5892 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
11:59:40.0444 5892 Ndisuio - ok
11:59:40.0494 5892 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
11:59:40.0527 5892 NdisWan - ok
11:59:40.0579 5892 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
11:59:40.0598 5892 NDProxy - ok
11:59:40.0607 5892 NDSPCIIO - ok
11:59:40.0649 5892 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
11:59:40.0676 5892 NetBIOS - ok
11:59:40.0734 5892 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
11:59:40.0756 5892 netbt - ok
11:59:40.0810 5892 networx (b7d5310bdf435ab01d6300f1a7e1330c) C:\Windows\system32\drivers\networx.sys
11:59:40.0822 5892 networx - ok
11:59:40.0868 5892 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
11:59:40.0877 5892 nfrd960 - ok
11:59:40.0926 5892 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:59:40.0951 5892 NisDrv - ok
11:59:40.0979 5892 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
11:59:41.0012 5892 Npfs - ok
11:59:41.0058 5892 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
11:59:41.0098 5892 nsiproxy - ok
11:59:41.0173 5892 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
11:59:41.0231 5892 Ntfs - ok
11:59:41.0277 5892 NuidFltr (4c08a14d04e62963e96e0bb57bbc953b) C:\Windows\system32\DRIVERS\NuidFltr.sys
11:59:41.0284 5892 NuidFltr - ok
11:59:41.0297 5892 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
11:59:41.0325 5892 Null - ok
11:59:41.0595 5892 nvlddmkm (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:59:43.0314 5892 nvlddmkm - ok
11:59:43.0471 5892 nvraid (840eeb44dc49317a6161961f7682cd99) C:\Windows\system32\drivers\nvraid.sys
11:59:43.0480 5892 nvraid - ok
11:59:43.0520 5892 nvstor (94c5334040a5d500897f4c5fd12aeede) C:\Windows\system32\drivers\nvstor.sys
11:59:43.0528 5892 nvstor - ok
11:59:43.0644 5892 nv_agp (aa1b6c86a4763502e20b65c025f39bad) C:\Windows\system32\drivers\nv_agp.sys
11:59:43.0654 5892 nv_agp - ok
11:59:43.0662 5892 NwlnkFlt - ok
11:59:43.0671 5892 NwlnkFwd - ok
11:59:43.0748 5892 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
11:59:43.0780 5892 ohci1394 - ok
11:59:43.0914 5892 ossrv (0e2de427ebe106e7e5b52869d5c99f68) C:\Windows\system32\drivers\ctoss2k.sys
11:59:43.0923 5892 ossrv - ok
11:59:44.0002 5892 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
11:59:44.0059 5892 Parport - ok
11:59:44.0107 5892 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
11:59:44.0116 5892 partmgr - ok
11:59:44.0134 5892 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
11:59:44.0145 5892 pci - ok
11:59:44.0159 5892 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
11:59:44.0167 5892 pciide - ok
11:59:44.0192 5892 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
11:59:44.0204 5892 pcmcia - ok
11:59:44.0235 5892 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
11:59:44.0358 5892 PEAUTH - ok
11:59:44.0412 5892 Point64 (b23f79e41e30ed500586151a9ef27d8f) C:\Windows\system32\DRIVERS\point64.sys
11:59:44.0419 5892 Point64 - ok
11:59:44.0479 5892 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
11:59:44.0509 5892 PptpMiniport - ok
11:59:44.0533 5892 Processor (6bc78e5f12cbb74e7930aaaa4a0db387) C:\Windows\system32\drivers\processr.sys
11:59:44.0585 5892 Processor - ok
11:59:44.0627 5892 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
11:59:44.0646 5892 PSched - ok
11:59:44.0679 5892 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
11:59:44.0685 5892 PSI - ok
11:59:44.0724 5892 PSSDK42 (cd33cb6fecf65520466f95ab89cc4af5) C:\Windows\system32\drivers\PSSDK42.sys
11:59:44.0731 5892 PSSDK42 - ok
11:59:44.0775 5892 ql2300 (4a29d25704917161bad9b4659a248dfd) C:\Windows\system32\drivers\ql2300.sys
11:59:44.0857 5892 ql2300 - ok
11:59:45.0062 5892 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
11:59:45.0072 5892 ql40xx - ok
11:59:45.0220 5892 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
11:59:45.0249 5892 QWAVEdrv - ok
11:59:45.0288 5892 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
11:59:45.0314 5892 RasAcd - ok
11:59:45.0362 5892 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:59:45.0396 5892 Rasl2tp - ok
11:59:45.0422 5892 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
11:59:45.0441 5892 RasPppoe - ok
11:59:45.0467 5892 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
11:59:45.0495 5892 RasSstp - ok
11:59:45.0532 5892 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
11:59:45.0569 5892 rdbss - ok
11:59:45.0604 5892 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:59:45.0630 5892 RDPCDD - ok
11:59:45.0662 5892 rdpdr (ae23e79b13feb62939e2ca1189e71735) C:\Windows\system32\DRIVERS\rdpdr.sys
11:59:45.0702 5892 rdpdr - ok
11:59:45.0711 5892 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
11:59:45.0736 5892 RDPENCDD - ok
11:59:45.0763 5892 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
11:59:45.0796 5892 RDPWD - ok
11:59:45.0848 5892 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
11:59:45.0876 5892 rspndr - ok
11:59:46.0006 5892 SANDRA (5efbbfcc6adac121c8e2fe76641ed329) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1a\WNt500x64\Sandra.sys
11:59:46.0012 5892 SANDRA - ok
11:59:46.0036 5892 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
11:59:46.0046 5892 sbp2port - ok
11:59:46.0078 5892 SBRE (575afb2909d1a7f0dc4396c6025a98a5) C:\Windows\system32\drivers\SBREdrv.sys
11:59:46.0085 5892 SBRE - ok
11:59:46.0110 5892 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:59:46.0164 5892 secdrv - ok
11:59:46.0247 5892 Serenum (2449316316411d65bd2c761a6ffb2ce2) C:\Windows\system32\DRIVERS\serenum.sys
11:59:46.0275 5892 Serenum - ok
11:59:46.0298 5892 Serial (4b438170be2fc8e0bd35ee87a960f84f) C:\Windows\system32\DRIVERS\serial.sys
11:59:46.0342 5892 Serial - ok
11:59:46.0386 5892 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
11:59:46.0412 5892 sermouse - ok
11:59:46.0439 5892 sffdisk (541b32f8d6b2dcb92ec43bab267e79ea) C:\Windows\system32\drivers\sffdisk.sys
11:59:46.0495 5892 sffdisk - ok
11:59:46.0517 5892 sffp_mmc (446e7cca3325c7e0ae0fde7f73cdd9c2) C:\Windows\system32\drivers\sffp_mmc.sys
11:59:46.0557 5892 sffp_mmc - ok
11:59:46.0572 5892 sffp_sd (67edc221348911e895af51c57d9a3725) C:\Windows\system32\drivers\sffp_sd.sys
11:59:46.0612 5892 sffp_sd - ok
11:59:46.0624 5892 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
11:59:46.0677 5892 sfloppy - ok
11:59:46.0701 5892 SGHIDI (fde6dbe319f8f00ab3f540a87907234d) C:\Windows\system32\drivers\tgimonx64.sys
11:59:46.0742 5892 SGHIDI - ok
11:59:46.0761 5892 SiSRaid2 (08dda16573fa44f8b13afe74597ad2e5) C:\Windows\system32\drivers\sisraid2.sys
11:59:46.0769 5892 SiSRaid2 - ok
11:59:46.0813 5892 SiSRaid4 (c52259e9daaf3890d572d87ffee0979e) C:\Windows\system32\drivers\sisraid4.sys
11:59:46.0822 5892 SiSRaid4 - ok
11:59:46.0875 5892 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
11:59:46.0894 5892 Smb - ok
11:59:46.0939 5892 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
11:59:46.0947 5892 spldr - ok
11:59:46.0956 5892 sptd - ok
11:59:47.0004 5892 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
11:59:47.0048 5892 srv - ok
11:59:47.0092 5892 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
11:59:47.0136 5892 srv2 - ok
11:59:47.0181 5892 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
11:59:47.0202 5892 srvnet - ok
11:59:47.0256 5892 SWDUMon (0cd5e2c59264fad184685d2a61ad8473) C:\Windows\system32\DRIVERS\SWDUMon.sys
11:59:47.0264 5892 SWDUMon - ok
11:59:47.0282 5892 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
11:59:47.0290 5892 swenum - ok
11:59:47.0311 5892 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
11:59:47.0320 5892 Symc8xx - ok
11:59:47.0337 5892 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
11:59:47.0345 5892 Sym_hi - ok
11:59:47.0360 5892 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
11:59:47.0368 5892 Sym_u3 - ok
11:59:47.0440 5892 Tcpip (19a7321e3a5f1ddb215d2815dcc8f8e4) C:\Windows\system32\drivers\tcpip.sys
11:59:47.0561 5892 Tcpip - ok
11:59:47.0601 5892 Tcpip6 (19a7321e3a5f1ddb215d2815dcc8f8e4) C:\Windows\system32\DRIVERS\tcpip.sys
11:59:47.0704 5892 Tcpip6 - ok
11:59:47.0749 5892 tcpipreg (2aa1b7ebc271e995f3358c1fa7a1d35b) C:\Windows\system32\drivers\tcpipreg.sys
11:59:47.0772 5892 tcpipreg - ok
11:59:47.0816 5892 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
11:59:47.0855 5892 TDPIPE - ok
11:59:47.0895 5892 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
11:59:47.0937 5892 TDTCP - ok
11:59:48.0020 5892 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
11:59:48.0055 5892 tdx - ok
11:59:48.0094 5892 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
11:59:48.0103 5892 TermDD - ok
11:59:48.0152 5892 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:59:48.0196 5892 tssecsrv - ok
11:59:48.0234 5892 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
11:59:48.0267 5892 tunmp - ok
11:59:48.0306 5892 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
11:59:48.0327 5892 tunnel - ok
11:59:48.0412 5892 TVICHW64 (1a006963644c7fde5be60036f3a43e68) C:\Windows\SysWOW64\Drivers\TVICHW64.SYS
11:59:48.0419 5892 TVICHW64 - ok
11:59:48.0463 5892 uagp35 (e4722dfbd6232acf17543ef2c2dce8d2) C:\Windows\system32\drivers\uagp35.sys
11:59:48.0471 5892 uagp35 - ok
11:59:48.0520 5892 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
11:59:48.0543 5892 udfs - ok
11:59:48.0565 5892 uliagpkx (5663d7696abbe71f8c9d915c5374118a) C:\Windows\system32\drivers\uliagpkx.sys
11:59:48.0574 5892 uliagpkx - ok
11:59:48.0594 5892 uliahci (6030b68e86a30d1b315b51c4d7778b16) C:\Windows\system32\drivers\uliahci.sys
11:59:48.0607 5892 uliahci - ok
11:59:48.0625 5892 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
11:59:48.0635 5892 UlSata - ok
11:59:48.0656 5892 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
11:59:48.0667 5892 ulsata2 - ok
11:59:48.0697 5892 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
11:59:48.0736 5892 umbus - ok
11:59:48.0774 5892 usbccgp (66627c6008319def7909f21fb75a8991) C:\Windows\system32\drivers\usbccgp.sys
11:59:48.0816 5892 usbccgp - ok
11:59:48.0832 5892 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
11:59:48.0892 5892 usbcir - ok
11:59:48.0932 5892 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
11:59:48.0950 5892 usbehci - ok
11:59:48.0975 5892 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
11:59:48.0999 5892 usbhub - ok
11:59:49.0022 5892 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
11:59:49.0080 5892 usbohci - ok
11:59:49.0118 5892 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
11:59:49.0162 5892 usbprint - ok
11:59:49.0203 5892 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:59:49.0236 5892 USBSTOR - ok
11:59:49.0297 5892 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
11:59:49.0315 5892 usbuhci - ok
11:59:49.0341 5892 USTOR2K (446dfcd93349a44043f1902468bbafc0) C:\Windows\system32\DRIVERS\ustor2k.sys
11:59:49.0380 5892 USTOR2K - ok
11:59:49.0400 5892 vga (2998dc48905e9b4821ad8fd75b3e070c) C:\Windows\system32\DRIVERS\vgapnp.sys
11:59:49.0441 5892 vga - ok
11:59:49.0489 5892 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
11:59:49.0515 5892 VgaSave - ok
11:59:49.0533 5892 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
11:59:49.0541 5892 viaide - ok
11:59:49.0581 5892 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
11:59:49.0590 5892 volmgr - ok
11:59:49.0653 5892 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
11:59:49.0670 5892 volmgrx - ok
11:59:49.0702 5892 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
11:59:49.0715 5892 volsnap - ok
11:59:49.0743 5892 vsmraid (410ae2c141142c58bc617fc2c677f8b0) C:\Windows\system32\drivers\vsmraid.sys
11:59:49.0752 5892 vsmraid - ok
11:59:49.0772 5892 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
11:59:49.0827 5892 WacomPen - ok
11:59:49.0871 5892 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
11:59:49.0901 5892 Wanarp - ok
11:59:49.0904 5892 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
11:59:49.0923 5892 Wanarpv6 - ok
11:59:49.0956 5892 Wd (59b501b0a04c9672142b7ffa2bdbf663) C:\Windows\system32\drivers\wd.sys
11:59:49.0964 5892 Wd - ok
11:59:50.0031 5892 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:59:50.0076 5892 Wdf01000 - ok
11:59:50.0115 5892 WinUsb (7f2f9e48566b2087f2aaad258cb2a8d4) C:\Windows\system32\DRIVERS\WinUSB.sys
11:59:50.0133 5892 WinUsb - ok
11:59:50.0154 5892 WmiAcpi (ae34218455d5dc12d1e45de85f160346) C:\Windows\system32\drivers\wmiacpi.sys
11:59:50.0194 5892 WmiAcpi - ok
11:59:50.0230 5892 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
11:59:50.0259 5892 WpdUsb - ok
11:59:50.0300 5892 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
11:59:50.0326 5892 ws2ifsl - ok
11:59:50.0380 5892 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:59:50.0407 5892 WUDFRd - ok
11:59:50.0460 5892 yukonx64 (54f02c6e9d72b2a6166e018c76517be9) C:\Windows\system32\DRIVERS\yk60x64.sys
11:59:50.0489 5892 yukonx64 - ok
11:59:50.0499 5892 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk2\DR2
11:59:50.0996 5892 \Device\Harddisk2\DR2 - ok
11:59:51.0003 5892 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
11:59:51.0062 5892 \Device\Harddisk0\DR0 - ok
11:59:51.0065 5892 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
11:59:51.0126 5892 \Device\Harddisk1\DR1 - ok
11:59:51.0130 5892 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk3\DR3
11:59:51.0265 5892 \Device\Harddisk3\DR3 - ok
11:59:51.0268 5892 Boot (0x1200) (b1e27aa018409de6bfd73f8afb883a65) \Device\Harddisk2\DR2\Partition0
11:59:51.0268 5892 \Device\Harddisk2\DR2\Partition0 - ok
11:59:51.0271 5892 Boot (0x1200) (58f795d3b5e984d3aecf9dba320d2fe2) \Device\Harddisk2\DR2\Partition1
11:59:51.0272 5892 \Device\Harddisk2\DR2\Partition1 - ok
11:59:51.0275 5892 Boot (0x1200) (4c40f6ad72dbab24c3e5e5b83f10fb9e) \Device\Harddisk0\DR0\Partition0
11:59:51.0276 5892 \Device\Harddisk0\DR0\Partition0 - ok
11:59:51.0278 5892 Boot (0x1200) (d081c0bc43270d0009b266e9a441c76e) \Device\Harddisk1\DR1\Partition0
11:59:51.0279 5892 \Device\Harddisk1\DR1\Partition0 - ok
11:59:51.0282 5892 Boot (0x1200) (bc29d274480b5419745f7ffa318abee2) \Device\Harddisk3\DR3\Partition0
11:59:51.0283 5892 \Device\Harddisk3\DR3\Partition0 - ok
11:59:51.0283 5892 ============================================================
11:59:51.0284 5892 Scan finished
11:59:51.0284 5892 ============================================================
11:59:51.0292 4896 Detected object count: 0
11:59:51.0292 4896 Actual detected object count: 0

#8 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,257 posts

Posted 31 October 2011 - 03:00 PM

Chrome is much better than Firefox (my opinion).

ComboFix made quite a few changes. Are you still getting the freezes and can you see any pattern at all? For instance, mostly when doing media listening or watching?

And again - what is the brand of PC? Often the most useful information will be at the manufacturer's website or forum.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#9 DimitriK

DimitriK

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 31 October 2011 - 03:24 PM

I just did the fix, but if I notice any freezes or pattern to them, I'll definitely post... One thing I did have to do is run Combofix twice as suggested as even a reboot didn't allow me to start Windows Defender.

As for brand of computer, I built this one from scratch: Asus Mobo, Mushkin memory, Zalman Fanless case, XFX Graphics card... it's been working pretty well 'til now.

Thanks!

#10 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,257 posts

Posted 31 October 2011 - 03:42 PM

Nice PC! Do you remember roughly when (what date) the freezing started?

And, have you thought about overheating? Could any of the heat transfer things have come loose?
http://www.bit-tech....NN300_fanless/3

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#11 DimitriK

DimitriK

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 31 October 2011 - 04:46 PM

Thanks! :D ... I don't remember exactly when, but the past couple of weeks...

As for the overheating... I haven't moved anything, so nothing should've come loose plus I don't have any system warnings or noticed any speed throttling. I think I'm good in terms of thermal mass as that review is of the "little brother"... I have the TNN-500AF.

#12 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,257 posts

Posted 31 October 2011 - 05:01 PM

DDS listed =============== Created Last 30 ================.
That shows everything that was added in the last 30 days. Nothing leaps to my eye, but see if you spot any likely suspects.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#13 DimitriK

DimitriK

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 01 November 2011 - 12:24 PM

I looked the list over, but everything there seems to be what I actually installed.

#14 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,257 posts

Posted 01 November 2011 - 12:51 PM

Still puzzling then.
If it freezes again, make a note of what you were doing at the time and what applications were running.

Another far out thought: any large motors such as refrigerator near the PC? If necessary move it to a cool location away from all machinery. Have to admit it's unlikely that the location or neighbors of the PC changed..

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#15 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,257 posts

Posted 26 November 2011 - 12:25 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button