Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

HJT Log Check please.

Started by Freebird, Mar 09 2012 12:47 PM

This topic is locked

15 replies to this topic

#1 Freebird

Advanced Member

Full Member
192 posts

Posted 09 March 2012 - 12:47 PM

I have been having problems with my 3 Mobile Broadband service.

Having trouble updating from MS and connection hangs quite a lot.

Could someone have a look at my HJT log to see if there are any problems there, before I get on to my service provider.

Many thanx in advance.

Freebird

HJT Log:
========================================================================================================================
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:41:27, on 09/03/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\3 Mobile Broadband\3Connect\Wilog.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQNOT/2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQNOT/2
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download with GetRight - C:\Program Files (x86)\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files (x86)\GetRight\GRbrowse.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6FF9059F-E5C7-4695-A1B8-C767F177A0FE}: NameServer = 217.171.135.1 217.171.132.1
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BecHelperService - Unknown owner - C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6393 bytes
==============================================================================================================================================

EDIT: Please read the Instructions http://www.spywarein...showtopic=79038 and post logs... We have changed them because HijackThis does not work properly with Win7 64bit and our helpers need more details to review in order to help...

Edited by Budfred, 10 March 2012 - 12:07 AM.

We know the speed of light......but, whats the speed of dark? Steven Wright - Scientist and Comedian

Back to top

#2 cnm

Mother Lion of SWI

Administrators
23,397 posts

Posted 11 March 2012 - 11:35 AM

Hello Freebird.

HijackThis isn't reliable for 64-bit systems, but it shows searchCentrix.

You can try this: run HijackThis again and select 'Do a system scan only'.
Place a checkmark next to these lines:
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

Close all other windows, then click 'Fix checked'.
Reboot.

Then: Please read the Instructions and post the other requested logs. We need the information in order to help you.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
Alliance of Security Analysis Professionals

Back to top

#3 Freebird

Advanced Member

Full Member
192 posts

Posted 12 March 2012 - 03:17 PM

Hi cnm,

I removed the 04 HJT entries you specified.

Here are the logs you required:

DDS

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Albert at 20:24:15 on 2012-03-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.1979.809 [GMT 0:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe
C:\Windows\SysWOW64\svchost.exe -k netsvcs
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\3 Mobile Broadband\3Connect\Wilog.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
c:\PROGRA~1\MICROS~4\msseces.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/
uSearch Bar = Preserve
mWinlogon: Userinit=C:\Windows\system32\userinit.exe
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: HideFastUserSwitching = 0 (0x0)
IE: Download with GetRight - C:\Program Files (x86)\GetRight\GRdownload.htm
IE: Open with GetRight Browser - C:\Program Files (x86)\GetRight\GRbrowse.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: Interfaces\{0C52A04E-465A-46E3-B613-BA3357E0B199} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{6FF9059F-E5C7-4695-A1B8-C767F177A0FE} : NameServer = 217.171.135.1 217.171.132.1
AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
AppInit_DLLs-X64: C:\Windows\SysWOW64\guard32.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\mza3jx6y.default\
FF - prefs.js: browser.search.selectedEngine - Google.com (in English)
FF - prefs.js: browser.startup.homepage - hxxp://www.theregister.co.uk/
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys --> C:\Windows\system32\DRIVERS\cmdguard.sys [?]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys --> C:\Windows\system32\DRIVERS\cmdhlp.sys [?]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Program Files\HWiNFO64\HWiNFO64A.SYS [2011-6-26 28032]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 networx;networx;C:\Windows\system32\drivers\networx.sys --> C:\Windows\system32\drivers\networx.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-3-2 89600]
R2 BecHelperService;BecHelperService;C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe [2012-2-16 1737464]
R2 ezSharedSvc;Easybits Shared Services for Windows;C:\Windows\system32\svchost.exe -k netsvcs [2009-7-13 20992]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]
R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 massfilter;ZTE Mass Storage Filter Driver;C:\Windows\system32\drivers\massfilter.sys --> C:\Windows\system32\drivers\massfilter.sys [?]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
S3 NETw1v64;Intel® Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETw1v64.sys --> C:\Windows\system32\DRIVERS\NETw1v64.sys [?]
S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?]
S3 PSSDK42;PSSDK42;\??\C:\Windows\system32\Drivers\pssdk42.sys --> C:\Windows\system32\Drivers\pssdk42.sys [?]
S3 PSSDKLBF;PSSDKLBF;\??\C:\Windows\system32\Drivers\pssdklbf.sys --> C:\Windows\system32\Drivers\pssdklbf.sys [?]
S3 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-10-14 994360]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S4 DAZContentManagementService;DAZ Content Management Service;C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe [2011-6-11 22528]
S4 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-4 136176]
S4 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-4 136176]
S4 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080]
.
=============== Created Last 30 ================
.
2012-03-12 13:52:51 8643640 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E021E5C7-225D-4BB7-8C71-0C67CA203C96}\mpengine.dll
2012-03-05 15:51:55 116016 ----a-w- C:\Windows\System32\drivers\15175057.sys
2012-03-05 15:29:29 -------- d-----w- C:\Program Files (x86)\Secunia
2012-03-04 12:11:59 116016 ----a-w- C:\Windows\System32\drivers\58478565.sys
2012-03-01 14:02:58 116016 ----a-w- C:\Windows\System32\drivers\46951718.sys
2012-02-20 16:46:14 -------- d-----w- C:\TrueCrypt
2012-02-20 15:59:43 116016 ----a-w- C:\Windows\System32\drivers\30805191.sys
2012-02-19 16:47:19 -------- d-----w- C:\GHOST TOWN
2012-02-16 20:45:04 116016 ----a-w- C:\Windows\System32\drivers\77791039.sys
2012-02-16 20:35:14 116016 ----a-w- C:\Windows\System32\drivers\12442499.sys
2012-02-16 15:29:45 -------- d-----w- C:\Users\Albert\AppData\Roaming\Birdstep Technology
2012-02-16 15:29:20 10240 ----a-w- C:\Windows\SysWow64\drivers\mdvrmng.sys
2012-02-15 03:45:49 -------- d-----w- C:\004
2012-02-14 22:58:59 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-14 22:58:58 887296 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll
2012-02-14 22:58:58 678912 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll
2012-02-14 22:33:59 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-02-14 22:33:59 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-02-14 22:33:10 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-02-14 22:33:08 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-02-14 22:33:08 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2012-02-14 22:33:05 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-02-14 22:33:05 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2012-02-14 22:33:04 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-02-14 14:18:36 476904 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
2012-02-13 14:55:10 116016 ----a-w- C:\Windows\System32\drivers\05522324.sys
.
==================== Find3M ====================
.
2012-03-06 15:06:02 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-17 22:41:37 750488 ----a-w- C:\Windows\System32\npdeployJava1.dll
2012-02-17 22:41:37 660368 ----a-w- C:\Windows\System32\deployJava1.dll
2012-02-16 19:54:21 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-02-10 23:01:27 116016 ----a-w- C:\Windows\System32\drivers\67738109.sys
2012-02-06 23:38:32 116016 ----a-w- C:\Windows\System32\drivers\73548036.sys
2012-01-31 12:44:20 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-01-29 14:27:41 116016 ----a-w- C:\Windows\System32\drivers\58571122.sys
2012-01-17 23:47:14 116016 ----a-w- C:\Windows\System32\drivers\17117145.sys
2012-01-17 21:00:44 577824 ----a-w- C:\Windows\System32\drivers\cmdGuard.sys
2012-01-14 18:53:57 115504 ----a-w- C:\Windows\System32\drivers\94753812.sys
2012-01-12 18:01:26 115504 ----a-w- C:\Windows\System32\drivers\88313789.sys
2012-01-09 19:11:13 111408 ----a-w- C:\Windows\System32\drivers\82856772.sys
2012-01-09 16:48:21 111408 ----a-w- C:\Windows\System32\drivers\13173780.sys
2012-01-06 16:40:35 111408 ----a-w- C:\Windows\System32\drivers\50783271.sys
2011-12-26 20:30:00 111408 ----a-w- C:\Windows\System32\drivers\08585028.sys
2011-12-19 18:59:17 43248 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2011-12-19 18:59:15 22696 ----a-w- C:\Windows\System32\drivers\cmderd.sys
2011-12-19 18:58:57 41200 ----a-w- C:\Windows\System32\cmdcsr.dll
2011-12-19 18:58:55 301224 ----a-w- C:\Windows\SysWow64\guard32.dll
2011-12-19 18:58:54 389840 ----a-w- C:\Windows\System32\guard64.dll
2011-12-14 13:02:22 111408 ----a-w- C:\Windows\System32\drivers\98233365.sys
2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll
2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2008-04-13 18:12:14 102912 ----a-w- C:\Program Files (x86)\clipbrd.exe
2006-05-03 11:06:54 163328 --sha-r- C:\Windows\SysWOW64\flvDX.dll
2007-02-21 12:47:16 31232 --sha-r- C:\Windows\SysWOW64\msfDX.dll
2008-03-16 14:30:52 216064 --sha-r- C:\Windows\SysWOW64\nbDX.dll
.
============= FINISH: 20:25:10.43 ===============

Results of screen317's Security Check version 0.99.31
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Secunia PSI (2.0.0.4003)
Java™ 6 Update 31
Adobe Flash Player 11.1.102.63
Mozilla Firefox (10.0.2)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSMpEng.exe
Comodo Firewall cmdagent.exe
Comodo Firewall cfp.exe
Microsoft Security Essentials msseces.exe
Microsoft Security Client Antimalware MsMpEng.exe
Microsoft Security Client Antimalware NisSrv.exe
``````````End of Log````````````

Many thanx

Freebird

Edited by Freebird, 12 March 2012 - 03:27 PM.

We know the speed of light......but, whats the speed of dark? Steven Wright - Scientist and Comedian

Back to top

#4 cnm

Mother Lion of SWI

Administrators
23,397 posts

Posted 12 March 2012 - 05:38 PM

We also need the Malwarebytes' Anti-Malware (MBAM) log, please.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
Alliance of Security Analysis Professionals

Back to top

#5 Freebird

Advanced Member

Full Member
192 posts

Posted 13 March 2012 - 12:47 PM

Sorry cnm, I forgot to post it. :blush2:

Here it is:

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.12.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Albert :: BLACKHOLE [administrator]

12/03/2012 18:59:56
mbam-log-2012-03-12 (18-59-56).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 387605
Time elapsed: 55 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

We know the speed of light......but, whats the speed of dark? Steven Wright - Scientist and Comedian

Back to top

#6 cnm

Mother Lion of SWI

Administrators
23,397 posts

Posted 13 March 2012 - 02:55 PM

Please scan your machine with ESET OnlineScan

Hold down Control and click on this link to open ESET OnlineScan in a new window.
Click the button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
- Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
- Double click on the
  icon on your desktop.
Check "YES, I accept the Terms of Use."
Click the Start button.
Accept any security warnings from your browser.
Under scan settings, check "Scan Archives" and "Remove found threats"
Click Advanced settings and select the following:
- Scan potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth technology
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click List Threats
Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Click the Back button.
Click the Finish button.

Please let me know if any problems remain.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
Alliance of Security Analysis Professionals

Back to top

#7 Freebird

Advanced Member

Full Member
192 posts

Posted 14 March 2012 - 05:26 PM

Hi cnm,

Here is the ESET log. None of these files have been run on this machine so I doubt they are the source of my flaky net connection problems.

============================================================================================================================
C:\Documents and Settings\Albert\Downloads\AxCrypt-1.7.2867.0-Setup.exe Win32/OpenCandy application deleted - quarantined
C:\Install\MultiMedia\avc-free.exe Win32/OpenCandy application deleted - quarantined
C:\Install\MultiMedia\cdbxp_setup_4.4.0.2838.exe Win32/OpenCandy application deleted - quarantined
============================================================================================================================

Well, If you don't see any other problems, I guess I will have to contact 3 Broadband, :ugh:

I will know that my machine is clean, at least. :wub:

Many thanx cnm for your help.

Freebird :wave:

We know the speed of light......but, whats the speed of dark? Steven Wright - Scientist and Comedian

Back to top

#8 cnm

Mother Lion of SWI

Administrators
23,397 posts

Posted 14 March 2012 - 05:33 PM

One more scan to check for rootkit -

Please download tdsskiller.exe and save it to your Desktop. Go here for information.

Double-click on TDSSKiller.exe to run the application.
Click on the Start Scan button and wait for the scan and disinfection process to be over.
If an infected file is detected, the default action will be Cure, click on Continue
If a suspicious file is detected, the default action will be Skip, click on Continue
If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file in your next reply.
If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
Alliance of Security Analysis Professionals

Back to top

#9 Freebird

Advanced Member

Full Member
192 posts

Posted 15 March 2012 - 07:12 PM

Hello cnm, here is the TDSSKiller Log:

00:02:19.0488 3408 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
00:02:20.0705 3408 ============================================================
00:02:20.0705 3408 Current date / time: 2012/03/16 00:02:20.0705
00:02:20.0705 3408 SystemInfo:
00:02:20.0705 3408
00:02:20.0705 3408 OS Version: 6.1.7601 ServicePack: 1.0
00:02:20.0705 3408 Product type: Workstation
00:02:20.0705 3408 ComputerName: BLACKHOLE
00:02:20.0705 3408 UserName: Albert
00:02:20.0705 3408 Windows directory: C:\Windows
00:02:20.0705 3408 System windows directory: C:\Windows
00:02:20.0705 3408 Running under WOW64
00:02:20.0705 3408 Processor architecture: Intel x64
00:02:20.0705 3408 Number of processors: 1
00:02:20.0705 3408 Page size: 0x1000
00:02:20.0705 3408 Boot type: Normal boot
00:02:20.0705 3408 ============================================================
00:02:21.0735 3408 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:02:21.0750 3408 \Device\Harddisk0\DR0:
00:02:21.0750 3408 MBR used
00:02:21.0750 3408 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
00:02:21.0750 3408 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x110C3800
00:02:21.0750 3408 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x11127800, BlocksNum 0x18F1800
00:02:21.0844 3408 Initialize success
00:02:21.0844 3408 ============================================================
00:02:31.0188 3500 ============================================================
00:02:31.0188 3500 Scan started
00:02:31.0188 3500 Mode: Manual; SigCheck; TDLFS;
00:02:31.0188 3500 ============================================================
00:02:31.0921 3500 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
00:02:32.0077 3500 1394ohci - ok
00:02:32.0109 3500 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
00:02:32.0140 3500 ACPI - ok
00:02:32.0187 3500 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
00:02:32.0265 3500 AcpiPmi - ok
00:02:32.0296 3500 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
00:02:32.0343 3500 adp94xx - ok
00:02:32.0374 3500 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
00:02:32.0405 3500 adpahci - ok
00:02:32.0452 3500 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
00:02:32.0467 3500 adpu320 - ok
00:02:32.0530 3500 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
00:02:32.0592 3500 AFD - ok
00:02:32.0639 3500 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
00:02:32.0733 3500 AgereSoftModem - ok
00:02:32.0795 3500 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
00:02:32.0811 3500 agp440 - ok
00:02:32.0873 3500 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
00:02:32.0889 3500 aliide - ok
00:02:32.0904 3500 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
00:02:32.0935 3500 amdide - ok
00:02:32.0967 3500 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
00:02:32.0998 3500 AmdK8 - ok
00:02:33.0045 3500 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
00:02:33.0091 3500 AmdPPM - ok
00:02:33.0123 3500 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
00:02:33.0154 3500 amdsata - ok
00:02:33.0185 3500 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
00:02:33.0216 3500 amdsbs - ok
00:02:33.0232 3500 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
00:02:33.0247 3500 amdxata - ok
00:02:33.0294 3500 AnyDVD (7ce7d6019d0d73f9203ba4ff4ba35b6a) C:\Windows\system32\Drivers\AnyDVD.sys
00:02:33.0403 3500 AnyDVD - ok
00:02:33.0435 3500 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
00:02:33.0606 3500 AppID - ok
00:02:33.0637 3500 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
00:02:33.0669 3500 arc - ok
00:02:33.0700 3500 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
00:02:33.0731 3500 arcsas - ok
00:02:33.0762 3500 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
00:02:33.0934 3500 AsyncMac - ok
00:02:33.0981 3500 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
00:02:33.0996 3500 atapi - ok
00:02:34.0059 3500 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\Windows\system32\DRIVERS\athrx.sys
00:02:34.0137 3500 athr - ok
00:02:34.0183 3500 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
00:02:34.0246 3500 b06bdrv - ok
00:02:34.0277 3500 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
00:02:34.0324 3500 b57nd60a - ok
00:02:34.0402 3500 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
00:02:34.0464 3500 Beep - ok
00:02:34.0495 3500 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
00:02:34.0542 3500 blbdrive - ok
00:02:34.0573 3500 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
00:02:34.0636 3500 bowser - ok
00:02:34.0667 3500 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:02:34.0714 3500 BrFiltLo - ok
00:02:34.0745 3500 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:02:34.0776 3500 BrFiltUp - ok
00:02:34.0823 3500 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
00:02:34.0870 3500 Brserid - ok
00:02:34.0901 3500 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
00:02:34.0948 3500 BrSerWdm - ok
00:02:34.0963 3500 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
00:02:35.0010 3500 BrUsbMdm - ok
00:02:35.0057 3500 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
00:02:35.0088 3500 BrUsbSer - ok
00:02:35.0135 3500 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
00:02:35.0197 3500 BthEnum - ok
00:02:35.0229 3500 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
00:02:35.0275 3500 BTHMODEM - ok
00:02:35.0307 3500 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
00:02:35.0353 3500 BthPan - ok
00:02:35.0400 3500 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
00:02:35.0463 3500 BTHPORT - ok
00:02:35.0509 3500 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
00:02:35.0541 3500 BTHUSB - ok
00:02:35.0572 3500 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
00:02:35.0634 3500 cdfs - ok
00:02:35.0665 3500 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
00:02:35.0712 3500 cdrom - ok
00:02:35.0759 3500 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
00:02:35.0806 3500 circlass - ok
00:02:35.0853 3500 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
00:02:35.0899 3500 CLFS - ok
00:02:35.0946 3500 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
00:02:35.0977 3500 CmBatt - ok
00:02:36.0040 3500 cmdGuard (0599d5a458d4e0e37ab84e9d1c5c73e5) C:\Windows\system32\DRIVERS\cmdguard.sys
00:02:36.0149 3500 cmdGuard - ok
00:02:36.0227 3500 cmdHlp (2d3e08c7106f748f9eff3dec14142d3e) C:\Windows\system32\DRIVERS\cmdhlp.sys
00:02:36.0258 3500 cmdHlp - ok
00:02:36.0274 3500 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
00:02:36.0305 3500 cmdide - ok
00:02:36.0336 3500 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
00:02:36.0399 3500 CNG - ok
00:02:36.0414 3500 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
00:02:36.0430 3500 Compbatt - ok
00:02:36.0461 3500 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
00:02:36.0508 3500 CompositeBus - ok
00:02:36.0539 3500 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
00:02:36.0570 3500 crcdisk - ok
00:02:36.0648 3500 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
00:02:36.0711 3500 DfsC - ok
00:02:36.0757 3500 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
00:02:36.0835 3500 discache - ok
00:02:36.0882 3500 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
00:02:36.0898 3500 Disk - ok
00:02:36.0945 3500 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
00:02:36.0976 3500 drmkaud - ok
00:02:37.0038 3500 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
00:02:37.0085 3500 DXGKrnl - ok
00:02:37.0194 3500 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
00:02:37.0257 3500 ebdrv - ok
00:02:37.0319 3500 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
00:02:37.0350 3500 ElbyCDIO - ok
00:02:37.0381 3500 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
00:02:37.0413 3500 elxstor - ok
00:02:37.0444 3500 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
00:02:37.0491 3500 ErrDev - ok
00:02:37.0553 3500 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
00:02:37.0615 3500 exfat - ok
00:02:37.0662 3500 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
00:02:37.0725 3500 fastfat - ok
00:02:37.0756 3500 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
00:02:37.0803 3500 fdc - ok
00:02:37.0865 3500 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
00:02:37.0881 3500 FileInfo - ok
00:02:37.0912 3500 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
00:02:37.0974 3500 Filetrace - ok
00:02:38.0005 3500 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
00:02:38.0037 3500 flpydisk - ok
00:02:38.0083 3500 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
00:02:38.0115 3500 FltMgr - ok
00:02:38.0161 3500 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
00:02:38.0177 3500 FsDepends - ok
00:02:38.0208 3500 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
00:02:38.0239 3500 Fs_Rec - ok
00:02:38.0271 3500 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
00:02:38.0302 3500 fvevol - ok
00:02:38.0395 3500 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
00:02:38.0427 3500 gagp30kx - ok
00:02:38.0505 3500 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
00:02:38.0567 3500 hcw85cir - ok
00:02:38.0739 3500 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
00:02:38.0926 3500 HdAudAddService - ok
00:02:38.0973 3500 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
00:02:39.0051 3500 HDAudBus - ok
00:02:39.0129 3500 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
00:02:39.0175 3500 HidBatt - ok
00:02:39.0285 3500 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
00:02:39.0394 3500 HidBth - ok
00:02:39.0425 3500 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
00:02:39.0456 3500 HidIr - ok
00:02:39.0534 3500 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
00:02:39.0581 3500 HidUsb - ok
00:02:39.0628 3500 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
00:02:39.0721 3500 HpqKbFiltr - ok
00:02:39.0768 3500 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
00:02:39.0799 3500 HpSAMD - ok
00:02:39.0862 3500 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
00:02:39.0987 3500 HTTP - ok
00:02:40.0189 3500 HWiNFO32 (17eff7b20f4d110baec9652f126a8379) C:\Program Files\HWiNFO64\HWiNFO64A.SYS
00:02:40.0205 3500 HWiNFO32 - ok
00:02:40.0314 3500 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
00:02:40.0330 3500 hwpolicy - ok
00:02:40.0392 3500 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
00:02:40.0423 3500 i8042prt - ok
00:02:40.0470 3500 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
00:02:40.0501 3500 iaStorV - ok
00:02:40.0735 3500 igfx (3c3f27002abc69c5afe29cbe6cf7addf) C:\Windows\system32\DRIVERS\igdkmd64.sys
00:02:41.0016 3500 igfx - ok
00:02:41.0079 3500 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
00:02:41.0110 3500 iirsp - ok
00:02:41.0157 3500 inspect (efff0afd27cc97bf0e5e0bab78419de7) C:\Windows\system32\DRIVERS\inspect.sys
00:02:41.0172 3500 inspect - ok
00:02:41.0203 3500 IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\Windows\system32\drivers\IntcHdmi.sys
00:02:41.0250 3500 IntcHdmiAddService - ok
00:02:41.0281 3500 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
00:02:41.0313 3500 intelide - ok
00:02:41.0344 3500 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
00:02:41.0391 3500 intelppm - ok
00:02:41.0437 3500 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:02:41.0500 3500 IpFilterDriver - ok
00:02:41.0547 3500 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
00:02:41.0593 3500 IPMIDRV - ok
00:02:41.0640 3500 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
00:02:41.0703 3500 IPNAT - ok
00:02:41.0718 3500 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
00:02:41.0781 3500 IRENUM - ok
00:02:41.0827 3500 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
00:02:41.0843 3500 isapnp - ok
00:02:41.0890 3500 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
00:02:41.0921 3500 iScsiPrt - ok
00:02:41.0952 3500 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
00:02:41.0983 3500 kbdclass - ok
00:02:42.0015 3500 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
00:02:42.0046 3500 kbdhid - ok
00:02:42.0093 3500 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
00:02:42.0124 3500 KSecDD - ok
00:02:42.0139 3500 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
00:02:42.0171 3500 KSecPkg - ok
00:02:42.0186 3500 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
00:02:42.0264 3500 ksthunk - ok
00:02:42.0311 3500 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
00:02:42.0389 3500 lltdio - ok
00:02:42.0436 3500 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
00:02:42.0467 3500 LSI_FC - ok
00:02:42.0483 3500 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
00:02:42.0514 3500 LSI_SAS - ok
00:02:42.0545 3500 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:02:42.0561 3500 LSI_SAS2 - ok
00:02:42.0607 3500 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:02:42.0623 3500 LSI_SCSI - ok
00:02:42.0639 3500 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
00:02:42.0717 3500 luafv - ok
00:02:42.0795 3500 massfilter (23488767cb18fc3ff39e3af1db3fb02c) C:\Windows\system32\drivers\massfilter.sys
00:02:42.0888 3500 massfilter - ok
00:02:42.0935 3500 mdvrmng - ok
00:02:42.0966 3500 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
00:02:42.0997 3500 megasas - ok
00:02:43.0013 3500 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
00:02:43.0060 3500 MegaSR - ok
00:02:43.0075 3500 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
00:02:43.0138 3500 Modem - ok
00:02:43.0169 3500 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
00:02:43.0216 3500 monitor - ok
00:02:43.0263 3500 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
00:02:43.0278 3500 mouclass - ok
00:02:43.0294 3500 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
00:02:43.0341 3500 mouhid - ok
00:02:43.0387 3500 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
00:02:43.0419 3500 mountmgr - ok
00:02:43.0481 3500 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
00:02:43.0512 3500 MpFilter - ok
00:02:43.0543 3500 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
00:02:43.0575 3500 mpio - ok
00:02:43.0606 3500 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
00:02:43.0637 3500 MpNWMon - ok
00:02:43.0653 3500 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
00:02:43.0731 3500 mpsdrv - ok
00:02:43.0777 3500 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
00:02:43.0824 3500 MRxDAV - ok
00:02:43.0887 3500 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:02:43.0933 3500 mrxsmb - ok
00:02:43.0980 3500 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:02:44.0027 3500 mrxsmb10 - ok
00:02:44.0058 3500 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:02:44.0089 3500 mrxsmb20 - ok
00:02:44.0121 3500 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
00:02:44.0136 3500 msahci - ok
00:02:44.0167 3500 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
00:02:44.0199 3500 msdsm - ok
00:02:44.0230 3500 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
00:02:44.0292 3500 Msfs - ok
00:02:44.0308 3500 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
00:02:44.0370 3500 mshidkmdf - ok
00:02:44.0417 3500 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
00:02:44.0433 3500 msisadrv - ok
00:02:44.0479 3500 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
00:02:44.0542 3500 MSKSSRV - ok
00:02:44.0573 3500 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
00:02:44.0635 3500 MSPCLOCK - ok
00:02:44.0667 3500 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
00:02:44.0729 3500 MSPQM - ok
00:02:44.0760 3500 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
00:02:44.0807 3500 MsRPC - ok
00:02:44.0854 3500 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
00:02:44.0885 3500 mssmbios - ok
00:02:44.0901 3500 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
00:02:44.0963 3500 MSTEE - ok
00:02:45.0010 3500 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
00:02:45.0041 3500 MTConfig - ok
00:02:45.0072 3500 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
00:02:45.0103 3500 Mup - ok
00:02:45.0150 3500 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
00:02:45.0197 3500 NativeWifiP - ok
00:02:45.0306 3500 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
00:02:45.0353 3500 NDIS - ok
00:02:45.0384 3500 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
00:02:45.0431 3500 NdisCap - ok
00:02:45.0462 3500 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
00:02:45.0525 3500 NdisTapi - ok
00:02:45.0556 3500 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
00:02:45.0618 3500 Ndisuio - ok
00:02:45.0649 3500 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
00:02:45.0712 3500 NdisWan - ok
00:02:45.0743 3500 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
00:02:45.0821 3500 NDProxy - ok
00:02:45.0868 3500 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
00:02:45.0915 3500 NetBIOS - ok
00:02:45.0961 3500 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
00:02:46.0039 3500 NetBT - ok
00:02:46.0242 3500 NETw1v64 (e72f4522801ffb8f0456924fb0017bff) C:\Windows\system32\DRIVERS\NETw1v64.sys
00:02:46.0383 3500 NETw1v64 - ok
00:02:46.0585 3500 NETw5s64 (39ede676d17f37af4573c2b33ec28aca) C:\Windows\system32\DRIVERS\NETw5s64.sys
00:02:46.0773 3500 NETw5s64 - ok
00:02:46.0913 3500 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
00:02:47.0053 3500 netw5v64 - ok
00:02:47.0272 3500 NETwNs64 (9ec1edebba8cf6a30899ee38ab1352cc) C:\Windows\system32\DRIVERS\NETwNs64.sys
00:02:47.0428 3500 NETwNs64 - ok
00:02:47.0506 3500 networx (59eca71689d7db79ae1ea39d5e67d866) C:\Windows\system32\drivers\networx.sys
00:02:47.0537 3500 networx - ok
00:02:47.0584 3500 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
00:02:47.0599 3500 nfrd960 - ok
00:02:47.0646 3500 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
00:02:47.0662 3500 NisDrv - ok
00:02:47.0740 3500 npf (3ceee0be85d24d911b9c02714817774c) C:\Windows\system32\drivers\npf.sys
00:02:47.0771 3500 npf - ok
00:02:47.0818 3500 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
00:02:47.0880 3500 Npfs - ok
00:02:47.0911 3500 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
00:02:47.0989 3500 nsiproxy - ok
00:02:48.0052 3500 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
00:02:48.0114 3500 Ntfs - ok
00:02:48.0145 3500 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
00:02:48.0208 3500 Null - ok
00:02:48.0239 3500 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
00:02:48.0270 3500 nvraid - ok
00:02:48.0317 3500 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
00:02:48.0333 3500 nvstor - ok
00:02:48.0379 3500 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
00:02:48.0411 3500 nv_agp - ok
00:02:48.0457 3500 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
00:02:48.0489 3500 ohci1394 - ok
00:02:48.0535 3500 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
00:02:48.0582 3500 Parport - ok
00:02:48.0613 3500 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
00:02:48.0629 3500 partmgr - ok
00:02:48.0660 3500 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
00:02:48.0691 3500 pci - ok
00:02:48.0707 3500 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
00:02:48.0738 3500 pciide - ok
00:02:48.0785 3500 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
00:02:48.0816 3500 pcmcia - ok
00:02:48.0863 3500 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
00:02:48.0879 3500 pcw - ok
00:02:48.0925 3500 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
00:02:49.0003 3500 PEAUTH - ok
00:02:49.0113 3500 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
00:02:49.0144 3500 Point64 - ok
00:02:49.0191 3500 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
00:02:49.0253 3500 PptpMiniport - ok
00:02:49.0284 3500 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
00:02:49.0331 3500 Processor - ok
00:02:49.0393 3500 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
00:02:49.0456 3500 Psched - ok
00:02:49.0503 3500 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
00:02:49.0518 3500 PSI - ok
00:02:49.0565 3500 PSSDK42 (cd33cb6fecf65520466f95ab89cc4af5) C:\Windows\system32\Drivers\pssdk42.sys
00:02:49.0596 3500 PSSDK42 - ok
00:02:49.0627 3500 PSSDKLBF (07a3500cf1c3325568d1b85683ce4517) C:\Windows\system32\Drivers\pssdklbf.sys
00:02:49.0643 3500 PSSDKLBF - ok
00:02:49.0721 3500 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
00:02:49.0768 3500 ql2300 - ok
00:02:49.0815 3500 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
00:02:49.0846 3500 ql40xx - ok
00:02:49.0893 3500 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
00:02:49.0939 3500 QWAVEdrv - ok
00:02:49.0955 3500 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
00:02:50.0017 3500 RasAcd - ok
00:02:50.0049 3500 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
00:02:50.0111 3500 RasAgileVpn - ok
00:02:50.0158 3500 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:02:50.0236 3500 Rasl2tp - ok
00:02:50.0283 3500 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
00:02:50.0345 3500 RasPppoe - ok
00:02:50.0376 3500 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
00:02:50.0454 3500 RasSstp - ok
00:02:50.0485 3500 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
00:02:50.0563 3500 rdbss - ok
00:02:50.0610 3500 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
00:02:50.0641 3500 rdpbus - ok
00:02:50.0673 3500 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:02:50.0735 3500 RDPCDD - ok
00:02:50.0766 3500 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
00:02:50.0829 3500 RDPENCDD - ok
00:02:50.0875 3500 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
00:02:50.0938 3500 RDPREFMP - ok
00:02:50.0969 3500 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
00:02:51.0031 3500 RDPWD - ok
00:02:51.0078 3500 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
00:02:51.0109 3500 rdyboost - ok
00:02:51.0156 3500 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
00:02:51.0203 3500 RFCOMM - ok
00:02:51.0250 3500 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
00:02:51.0312 3500 rspndr - ok
00:02:51.0312 3500 RSUSBSTOR - ok
00:02:51.0359 3500 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys
00:02:51.0421 3500 RTL8167 - ok
00:02:51.0453 3500 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
00:02:51.0484 3500 sbp2port - ok
00:02:51.0515 3500 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
00:02:51.0577 3500 scfilter - ok
00:02:51.0609 3500 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
00:02:51.0640 3500 sdbus - ok
00:02:51.0671 3500 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
00:02:51.0733 3500 secdrv - ok
00:02:51.0796 3500 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
00:02:51.0858 3500 Serenum - ok
00:02:51.0905 3500 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
00:02:51.0936 3500 Serial - ok
00:02:51.0967 3500 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
00:02:51.0999 3500 sermouse - ok
00:02:52.0061 3500 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
00:02:52.0092 3500 sffdisk - ok
00:02:52.0123 3500 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
00:02:52.0170 3500 sffp_mmc - ok
00:02:52.0186 3500 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
00:02:52.0217 3500 sffp_sd - ok
00:02:52.0248 3500 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
00:02:52.0279 3500 sfloppy - ok
00:02:52.0342 3500 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:02:52.0373 3500 SiSRaid2 - ok
00:02:52.0389 3500 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
00:02:52.0420 3500 SiSRaid4 - ok
00:02:52.0451 3500 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
00:02:52.0498 3500 Smb - ok
00:02:52.0545 3500 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
00:02:52.0576 3500 spldr - ok
00:02:52.0623 3500 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
00:02:52.0685 3500 srv - ok
00:02:52.0716 3500 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
00:02:52.0763 3500 srv2 - ok
00:02:52.0810 3500 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
00:02:52.0857 3500 SrvHsfHDA - ok
00:02:52.0903 3500 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
00:02:52.0966 3500 SrvHsfV92 - ok
00:02:52.0997 3500 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
00:02:53.0044 3500 SrvHsfWinac - ok
00:02:53.0075 3500 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
00:02:53.0106 3500 srvnet - ok
00:02:53.0169 3500 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
00:02:53.0184 3500 stexstor - ok
00:02:53.0247 3500 STHDA (dffbc024dfc7bb05b2129e05cbc7a201) C:\Windows\system32\DRIVERS\stwrt64.sys
00:02:53.0309 3500 STHDA - ok
00:02:53.0356 3500 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
00:02:53.0387 3500 swenum - ok
00:02:53.0434 3500 SynTP (772493a8945495f1a287bf6c4ca25b48) C:\Windows\system32\DRIVERS\SynTP.sys
00:02:53.0481 3500 SynTP - ok
00:02:53.0559 3500 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
00:02:53.0637 3500 Tcpip - ok
00:02:53.0699 3500 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
00:02:53.0777 3500 TCPIP6 - ok
00:02:53.0824 3500 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
00:02:53.0902 3500 tcpipreg - ok
00:02:53.0949 3500 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
00:02:53.0980 3500 TDPIPE - ok
00:02:54.0011 3500 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
00:02:54.0042 3500 TDTCP - ok
00:02:54.0089 3500 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
00:02:54.0136 3500 tdx - ok
00:02:54.0167 3500 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
00:02:54.0198 3500 TermDD - ok
00:02:54.0261 3500 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:02:54.0323 3500 tssecsrv - ok
00:02:54.0385 3500 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
00:02:54.0432 3500 TsUsbFlt - ok
00:02:54.0463 3500 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
00:02:54.0510 3500 tunnel - ok
00:02:54.0557 3500 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
00:02:54.0588 3500 uagp35 - ok
00:02:54.0651 3500 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
00:02:54.0697 3500 udfs - ok
00:02:54.0744 3500 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
00:02:54.0775 3500 uliagpkx - ok
00:02:54.0822 3500 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
00:02:54.0869 3500 umbus - ok
00:02:54.0900 3500 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
00:02:54.0931 3500 UmPass - ok
00:02:54.0994 3500 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
00:02:55.0025 3500 usbccgp - ok
00:02:55.0072 3500 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
00:02:55.0103 3500 usbcir - ok
00:02:55.0134 3500 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
00:02:55.0181 3500 usbehci - ok
00:02:55.0212 3500 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
00:02:55.0259 3500 usbhub - ok
00:02:55.0306 3500 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
00:02:55.0337 3500 usbohci - ok
00:02:55.0353 3500 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
00:02:55.0384 3500 usbprint - ok
00:02:55.0415 3500 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:02:55.0477 3500 USBSTOR - ok
00:02:55.0509 3500 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
00:02:55.0540 3500 usbuhci - ok
00:02:55.0571 3500 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
00:02:55.0602 3500 usbvideo - ok
00:02:55.0649 3500 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
00:02:55.0680 3500 vdrvroot - ok
00:02:55.0727 3500 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
00:02:55.0758 3500 vga - ok
00:02:55.0805 3500 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
00:02:55.0883 3500 VgaSave - ok
00:02:55.0930 3500 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
00:02:55.0961 3500 vhdmp - ok
00:02:55.0992 3500 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
00:02:56.0008 3500 viaide - ok
00:02:56.0039 3500 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
00:02:56.0070 3500 volmgr - ok
00:02:56.0117 3500 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
00:02:56.0148 3500 volmgrx - ok
00:02:56.0164 3500 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
00:02:56.0195 3500 volsnap - ok
00:02:56.0242 3500 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys
00:02:56.0289 3500 vpcbus - ok
00:02:56.0335 3500 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys
00:02:56.0382 3500 vpcnfltr - ok
00:02:56.0413 3500 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys
00:02:56.0445 3500 vpcusb - ok
00:02:56.0507 3500 vpcvmm (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys
00:02:56.0538 3500 vpcvmm - ok
00:02:56.0585 3500 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
00:02:56.0616 3500 vsmraid - ok
00:02:56.0663 3500 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
00:02:56.0679 3500 vwifibus - ok
00:02:56.0710 3500 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
00:02:56.0757 3500 vwififlt - ok
00:02:56.0788 3500 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
00:02:56.0819 3500 vwifimp - ok
00:02:56.0881 3500 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
00:02:56.0913 3500 WacomPen - ok
00:02:56.0944 3500 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
00:02:57.0006 3500 WANARP - ok
00:02:57.0022 3500 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
00:02:57.0084 3500 Wanarpv6 - ok
00:02:57.0147 3500 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
00:02:57.0162 3500 Wd - ok
00:02:57.0209 3500 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
00:02:57.0256 3500 Wdf01000 - ok
00:02:57.0318 3500 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
00:02:57.0365 3500 WfpLwf - ok
00:02:57.0396 3500 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
00:02:57.0427 3500 WIMMount - ok
00:02:57.0521 3500 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
00:02:57.0552 3500 WmiAcpi - ok
00:02:57.0615 3500 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
00:02:57.0677 3500 ws2ifsl - ok
00:02:57.0755 3500 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
00:02:57.0817 3500 WudfPf - ok
00:02:57.0864 3500 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:02:57.0927 3500 WUDFRd - ok
00:02:57.0973 3500 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
00:02:58.0005 3500 yukonw7 - ok
00:02:58.0067 3500 ZTEusbmdm6k (ff5a03a65b68db7e02a12880399d40d4) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
00:02:58.0114 3500 ZTEusbmdm6k - ok
00:02:58.0176 3500 ZTEusbnmea (ff5a03a65b68db7e02a12880399d40d4) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
00:02:58.0207 3500 ZTEusbnmea - ok
00:02:58.0223 3500 ZTEusbser6k (ff5a03a65b68db7e02a12880399d40d4) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
00:02:58.0254 3500 ZTEusbser6k - ok
00:02:58.0285 3500 MBR (0x1B8) (5558862e67e04cc1be5f08c52e227ce6) \Device\Harddisk0\DR0
00:02:58.0348 3500 \Device\Harddisk0\DR0 - ok
00:02:58.0379 3500 Boot (0x1200) (00792850ec1839bf0aaf0e6d60a5cef5) \Device\Harddisk0\DR0\Partition0
00:02:58.0379 3500 \Device\Harddisk0\DR0\Partition0 - ok
00:02:58.0395 3500 Boot (0x1200) (8c7d3705fae9cdf7a71a24d035f3b00b) \Device\Harddisk0\DR0\Partition1
00:02:58.0395 3500 \Device\Harddisk0\DR0\Partition1 - ok
00:02:58.0426 3500 Boot (0x1200) (707154ce4cf4b9563ad4acef6e4773dc) \Device\Harddisk0\DR0\Partition2
00:02:58.0426 3500 \Device\Harddisk0\DR0\Partition2 - ok
00:02:58.0426 3500 ============================================================
00:02:58.0426 3500 Scan finished
00:02:58.0426 3500 ============================================================
00:02:58.0441 3488 Detected object count: 0
00:02:58.0441 3488 Actual detected object count: 0
00:03:02.0139 3372 Deinitialize success

Thanx

Freebird

We know the speed of light......but, whats the speed of dark? Steven Wright - Scientist and Comedian

Back to top

#10 cnm

Mother Lion of SWI

Administrators
23,397 posts

Posted 15 March 2012 - 07:18 PM

Nice and clean.

How is your PC running now?

I do see a few puzzles in your DDS.txt. If you are still experiencing any problems, run ComboFix. However it is a very powerful program and best not run if not necessary.
Please download ComboFix.exe to your Desktop. Visit this webpage for download links, and instructions for running the tool:
how-to-use-combofix. Be sure to read the whole page and note the graphics so you know what to expect.

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please go here to see a list of programs that should be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**

Please include the C:\ComboFix.txt in your next reply for further review, and let me know what problems remain. If ComboFix caused any error message, reboot again should fix it.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
Alliance of Security Analysis Professionals

Back to top

#11 Freebird

Advanced Member

Full Member
192 posts

Posted 17 March 2012 - 10:42 PM

Hi cnm, ComboFix log as requested. Can you elaborate on your.. "I do see a few puzzles in your DDS.txt" comment? Net connection still flaky.

Thanx

Freebird

ComboFix.txt
==============================================================================================================

ComboFix 12-03-17.01 - Albert 18/03/2012 3:06.1.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.1979.1187 [GMT 0:00]
Running from: c:\users\Albert\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-02-18 to 2012-03-18 )))))))))))))))))))))))))))))))
.
.
2012-03-18 03:16 . 2012-03-18 03:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-18 03:16 . 2012-03-18 03:16 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-03-18 01:41 . 2012-03-18 01:41 -------- d-----w- c:\users\Albert\AppData\Local\Mozilla
2012-03-18 01:04 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{04D823A9-A056-4632-AD67-D65DA661DEC6}\mpengine.dll
2012-03-15 10:01 . 2012-03-15 10:01 116016 ----a-w- c:\windows\system32\drivers\60423372.sys
2012-03-14 23:26 . 2012-03-14 23:26 116016 ----a-w- c:\windows\system32\drivers\09599404.sys
2012-03-13 19:22 . 2012-03-15 15:16 -------- d-----w- c:\program files (x86)\Aurora
2012-03-13 17:52 . 2012-03-13 17:52 116016 ----a-w- c:\windows\system32\drivers\91361998.sys
2012-03-13 17:17 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-13 17:11 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-13 17:11 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-13 17:11 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-13 17:07 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-13 17:07 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-13 17:07 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-13 17:07 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-13 17:07 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-13 17:07 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-13 17:07 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-13 17:07 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-13 17:07 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-13 05:25 . 2012-03-13 05:25 116016 ----a-w- c:\windows\system32\drivers\30424337.sys
2012-03-05 15:51 . 2012-03-05 15:51 116016 ----a-w- c:\windows\system32\drivers\15175057.sys
2012-03-05 15:29 . 2012-03-05 15:29 -------- d-----w- c:\program files (x86)\Secunia
2012-03-04 12:11 . 2012-03-04 12:11 116016 ----a-w- c:\windows\system32\drivers\58478565.sys
2012-03-01 14:02 . 2012-03-01 14:02 116016 ----a-w- c:\windows\system32\drivers\46951718.sys
2012-02-29 15:10 . 2012-03-17 05:17 -------- d-----w- c:\users\Albert\AppData\Roaming\vlc
2012-02-20 16:46 . 2012-02-20 16:49 -------- d-----w- C:\TrueCrypt
2012-02-20 15:59 . 2012-02-20 15:59 116016 ----a-w- c:\windows\system32\drivers\30805191.sys
2012-02-19 16:47 . 2012-02-19 16:56 -------- d-----w- C:\GHOST TOWN
2012-02-17 22:38 . 2012-02-17 22:38 -------- d-----w- c:\users\Public\Pixologic
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-11 21:13 . 2011-06-30 08:38 43248 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-03-11 21:13 . 2011-06-30 08:38 577824 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-03-11 21:13 . 2011-06-30 08:38 22696 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-03-11 21:13 . 2011-12-15 09:43 41200 ----a-w- c:\windows\system32\cmdcsr.dll
2012-03-11 21:13 . 2011-06-30 08:37 301224 ----a-w- c:\windows\SysWow64\guard32.dll
2012-03-11 21:13 . 2011-06-30 08:37 389840 ----a-w- c:\windows\system32\guard64.dll
2012-03-06 15:06 . 2011-06-12 15:21 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-17 22:41 . 2011-12-13 12:31 750488 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-02-17 22:41 . 2010-11-30 17:05 660368 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-16 20:45 . 2012-02-16 20:45 116016 ----a-w- c:\windows\system32\drivers\77791039.sys
2012-02-16 20:35 . 2012-02-16 20:35 116016 ----a-w- c:\windows\system32\drivers\12442499.sys
2012-02-16 19:54 . 2010-11-17 14:54 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-02-13 14:55 . 2012-02-13 14:55 116016 ----a-w- c:\windows\system32\drivers\05522324.sys
2012-02-10 23:01 . 2012-02-10 23:01 116016 ----a-w- c:\windows\system32\drivers\67738109.sys
2012-02-10 22:50 . 2012-02-10 22:51 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EA43D434-DC41-4B29-B0F4-02243D416F6E}\gapaengine.dll
2012-02-08 07:13 . 2010-12-13 17:47 8643640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-02-06 23:38 . 2012-02-06 23:38 116016 ----a-w- c:\windows\system32\drivers\73548036.sys
2012-01-31 12:44 . 2010-11-17 14:26 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-01-29 14:27 . 2012-01-29 14:27 116016 ----a-w- c:\windows\system32\drivers\58571122.sys
2012-01-17 23:47 . 2012-01-17 23:47 116016 ----a-w- c:\windows\system32\drivers\17117145.sys
2012-01-14 18:53 . 2012-01-14 18:53 115504 ----a-w- c:\windows\system32\drivers\94753812.sys
2012-01-12 18:01 . 2012-01-12 18:01 115504 ----a-w- c:\windows\system32\drivers\88313789.sys
2012-01-09 19:11 . 2012-01-09 19:11 111408 ----a-w- c:\windows\system32\drivers\82856772.sys
2012-01-09 16:48 . 2012-01-09 16:48 111408 ----a-w- c:\windows\system32\drivers\13173780.sys
2012-01-06 16:40 . 2012-01-06 16:40 111408 ----a-w- c:\windows\system32\drivers\50783271.sys
2012-01-04 10:44 . 2012-02-14 22:33 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-14 22:33 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2011-12-30 06:26 . 2012-02-14 22:33 515584 ----a-w- c:\windows\system32\timedate.cpl
2011-12-30 05:27 . 2012-02-14 22:33 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2011-12-28 03:59 . 2012-02-14 22:33 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2011-12-26 20:30 . 2011-12-26 20:30 111408 ----a-w- c:\windows\system32\drivers\08585028.sys
2011-12-19 18:59 . 2011-06-30 08:38 93200 ----a-w- c:\windows\system32\drivers\inspect.sys
2008-04-13 18:12 . 2011-07-10 21:45 102912 ----a-w- c:\program files (x86)\clipbrd.exe
2006-05-03 11:06 163328 --sha-r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 12:47 31232 --sha-r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 14:30 216064 --sha-r- c:\windows\SysWOW64\nbDX.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NETw1v64;Intel® Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw1v64.sys [x]
R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
R3 PSSDK42;PSSDK42;c:\windows\system32\Drivers\pssdk42.sys [x]
R3 PSSDKLBF;PSSDKLBF;c:\windows\system32\Drivers\pssdklbf.sys [x]
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-10-14 994360]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
R4 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-04 136176]
R4 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-04 136176]
R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files\HWiNFO64\HWiNFO64A.SYS [2011-05-22 28032]
S1 networx;networx;c:\windows\system32\drivers\networx.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
S2 BecHelperService;BecHelperService;c:\program files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe [2010-01-28 1737464]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-04 17:29]
.
2012-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-04 17:29]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Download with GetRight - c:\program files (x86)\GetRight\GRdownload.htm
IE: Open with GetRight Browser - c:\program files (x86)\GetRight\GRbrowse.htm
FF - ProfilePath - c:\users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\7elsyu82.default\
FF - prefs.js: browser.search.selectedEngine - DuckDuckGo
FF - prefs.js: browser.startup.homepage - hxxp://www.theregister.co.uk/
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-CoreAAC Audio Decoder - c:\windows\system32\CoreAAC-uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-03-18 03:25:30
ComboFix-quarantined-files.txt 2012-03-18 03:25
.
Pre-Run: 44,188,794,880 bytes free
Post-Run: 45,150,138,368 bytes free
.
- - End Of File - - 2B1B153E49E3309BC80005849C97DCA8

Edited by Freebird, 17 March 2012 - 10:44 PM.

We know the speed of light......but, whats the speed of dark? Steven Wright - Scientist and Comedian

Back to top

#12 cnm

Mother Lion of SWI

Administrators
23,397 posts

Posted 17 March 2012 - 11:14 PM

DDS lines with [?] are worth a second glance. Ones like this:

S3 massfilter;ZTE Mass Storage Filter Driver;C:\Windows\system32\drivers\massfilter.sys --> C:\Windows\system32\drivers\massfilter.sys [?]

I also wondered about the numerically named drivers like

C:\Windows\System32\drivers\67738109.sys

However both ESET and ComboFix have ignored them, as did MBAM, so they are presumed OK.

How is the PC running? Are you seeing any problems?

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
Alliance of Security Analysis Professionals

Back to top

#13 Freebird

Advanced Member

Full Member
192 posts

Posted 18 March 2012 - 11:53 AM

Hi cnm, the drivers you highlighted are:

--> C:\Windows\system32\drivers\massfilter.sys [?] This belongs to my Mobile Broadband. ZTE is the manufacturer/provider of the dongle/installation software.

C:\Windows\System32\drivers\67738109.sys This file belongs to Kaspersky Labs, and is digitally signed. (Probably part of TDSSKiller as I do not have any other Kaspersky products on this machine.)

Thanx for all your help.

I will have to contact my broadband provider to see what is going on with my connection/speed problems.

Regards

Freebird

We know the speed of light......but, whats the speed of dark? Steven Wright - Scientist and Comedian

Back to top

#14 cnm

Mother Lion of SWI

Administrators
23,397 posts

Posted 18 March 2012 - 12:38 PM

Let me know how this turns out..

Please clean up our tools:
Start > Run and enter 'combofix /uninstall'. Note the space after 'combofix'. Among other things your Restore Points will be purged and a new clean one created.

Delete the DDS files and Security Check folder from your Desktop. Also TDSSKiller.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
Alliance of Security Analysis Professionals

Back to top

#15 Freebird

Advanced Member

Full Member
192 posts

Posted 21 March 2012 - 11:26 AM

Thanx for all your help cnm, much appreciated.

ComboFix uninstalled and all other tools deleted.

I will let you know what my ISP says regarding my Broadband service.

Please close this thread.

Regards

Freebird :wave:

We know the speed of light......but, whats the speed of dark? Steven Wright - Scientist and Comedian

Back to top

#16 cnm

Mother Lion of SWI

Administrators
23,397 posts

Posted 21 March 2012 - 11:52 AM

Glad we could help.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
Alliance of Security Analysis Professionals

Back to top

Back to Resolved or inactive PC Troubleshooting

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

HJT Log Check please.

1 user(s) are reading this topic

Sign In