itsjinx

Members
  • Content Count

    43
  • Joined

  • Last visited

Community Reputation

0 Neutral

About itsjinx

  • Rank
    Advanced Member
  1. thanks! I still can't install adaware. I think there is something that I need to fix like windows installer .MSI ?
  2. THAT FIXED IT! HERE IS THE VIRUS: 11/30/2011 12:48:47 AM Deleted Trojans Exploit.Java.CVE-2010-4452.a High Exact C:\Documents and Settings\derek\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\daf7b1-52c9ff55 Now everything is working correctly and also my google instant search is working which before didn't work at all! Please help me remove combofix and any other programs that I need to remove!
  3. COMBO FIX LOG: ComboFix 11-11-27.02 - derek 11/27/2011 21:28:15.7.8 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.8174.5738 [GMT -5:00] Running from: c:\users\derek\Desktop\ComboFix.exe SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((( Files Created from 2011-10-28 to 2011-11-28 ))))))))))))))))))))))))))))))) . . 2011-11-28 02:38 . 2011-11-28 02:38 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp 2011-11-28 02:38 . 2011-11-28 02:38 -------- d-----w- c:\users\TEMP\AppData\Local\temp 2011-11-28 02:38 . 2011-11-28 02:38 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-11-27 03:59 . 2011-11-27 03:59 25160 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2011-11-27 03:59 . 2011-11-27 03:59 -------- d-----w- c:\programdata\Hitman Pro 2011-11-23 02:53 . 2011-11-23 02:53 -------- d-----w- c:\windows\system32\Macromed 2011-11-19 22:37 . 2011-11-19 22:37 -------- d-----w- c:\program files (x86)\ESET 2011-11-18 04:08 . 2011-09-06 21:45 254400 ----a-w- c:\windows\system32\aswBoot.exe 2011-11-18 04:08 . 2011-11-18 17:11 -------- d-----w- c:\programdata\AVAST Software 2011-11-18 04:08 . 2011-11-18 04:08 -------- d-----w- c:\program files\AVAST Software 2011-11-16 22:27 . 2011-11-16 22:27 -------- d-----w- c:\users\derek\AppData\Local\TechSmith 2011-11-16 22:25 . 2011-11-16 22:25 -------- d-----w- c:\windows\SysWow64\QuickTime 2011-11-16 22:25 . 2011-11-16 22:25 -------- d-----w- c:\program files (x86)\Common Files\TechSmith Shared 2011-11-16 22:25 . 2011-11-16 22:25 -------- d-----w- c:\programdata\TechSmith 2011-11-16 22:25 . 2011-11-16 22:25 -------- d-----w- c:\program files (x86)\TechSmith 2011-11-15 22:20 . 2011-11-16 03:51 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection 2011-11-15 22:20 . 2011-11-15 22:20 -------- d-----w- c:\program files (x86)\Toolbar Cleaner 2011-11-15 17:54 . 2011-11-15 17:54 675416 ----a-w- c:\windows\system32\drivers\avc3.sys 2011-11-09 22:35 . 2011-11-09 22:35 -------- d-----w- c:\users\derek\AppData\Roaming\Malwarebytes 2011-11-09 22:35 . 2011-11-09 22:35 -------- d-----w- c:\programdata\Malwarebytes 2011-11-09 22:35 . 2011-08-31 22:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-09 22:12 . 2011-11-09 22:37 -------- d-----w- c:\windows\89A072791DB3485AB1DF584DF86774B9.TMP 2011-11-09 22:12 . 2011-11-09 22:12 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2011-11-08 04:14 . 2011-11-08 04:14 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\BitDefender 2011-11-08 00:05 . 2011-11-08 00:05 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\QuickScan 2011-11-07 23:45 . 2011-11-09 22:28 134104 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll 2011-11-07 23:45 . 2011-11-09 22:28 89048 ----a-w- c:\program files (x86)\Mozilla Firefox\libEGL.dll 2011-11-07 23:45 . 2011-11-09 22:28 801752 ----a-w- c:\program files (x86)\Mozilla Firefox\mozsqlite3.dll 2011-11-07 23:45 . 2011-11-09 22:28 478168 ----a-w- c:\program files (x86)\Mozilla Firefox\libGLESv2.dll 2011-11-07 23:45 . 2011-11-09 22:28 1989592 ----a-w- c:\program files (x86)\Mozilla Firefox\mozjs.dll 2011-11-07 23:45 . 2011-11-09 22:28 15832 ----a-w- c:\program files (x86)\Mozilla Firefox\mozalloc.dll 2011-11-07 00:21 . 2010-09-01 21:59 835656 ----a-w- c:\windows\SysWow64\WINCTL5.OCX 2011-11-07 00:21 . 2009-04-14 16:50 495689 ----a-w- c:\windows\SysWow64\WINUTIL6.DLL 2011-11-07 00:21 . 2006-03-31 20:36 393216 ----a-w- c:\windows\SysWow64\WINLCTL5.DLL 2011-11-07 00:21 . 2003-09-23 06:00 608448 ----a-w- c:\windows\SysWow64\COMCTL32.OCX 2011-11-07 00:21 . 2008-06-02 15:38 212240 ----a-w- c:\windows\SysWow64\Richtx32.ocx 2011-11-06 23:06 . 2011-11-07 00:07 -------- d-----w- c:\users\derek\AppData\Roaming\FreeFixer 2011-11-06 23:06 . 2011-11-06 23:06 -------- d-----w- c:\users\derek\AppData\Local\FreeFixer 2011-11-06 23:06 . 2011-11-06 23:06 -------- d-----w- c:\program files\FreeFixer 2011-11-04 23:09 . 2011-11-04 23:09 -------- d-----w- c:\users\derek\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1 2011-11-04 23:09 . 2011-11-04 23:09 -------- d-----w- c:\program files (x86)\Market Samurai . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-23 02:53 . 2011-05-17 00:38 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-11-22 12:32 . 2011-03-01 22:45 90192 ----a-w- c:\windows\system32\drivers\bdfndisf6.sys 2011-10-07 23:58 . 2011-05-03 00:05 34688 ----a-w- c:\windows\system32\LMIport.dll 2011-10-07 23:58 . 2011-05-03 00:05 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2011-10-07 23:58 . 2011-05-03 00:04 80768 ----a-w- c:\windows\system32\LMIinit.dll 2011-10-01 20:49 . 2011-10-01 20:49 0 ----a-w- c:\windows\SysWow64\sho9564.tmp 2011-09-30 22:40 . 2011-09-30 22:40 0 ----a-w- c:\windows\SysWow64\sho78B0.tmp 2011-09-29 21:09 . 2011-09-29 21:09 79952 ----a-w- c:\windows\system32\drivers\bdsandbox.sys 2011-09-16 23:25 . 2011-09-16 23:25 0 ----a-w- c:\windows\SysWow64\sho8A99.tmp 2011-09-09 19:25 . 2011-09-09 19:25 0 ----a-w- c:\windows\SysWow64\shoB3C6.tmp 2011-09-01 16:15 . 2011-09-01 16:15 553280 ----a-w- c:\windows\system32\drivers\avckf.sys 2011-08-31 22:43 . 2011-08-31 22:43 0 ----a-w- c:\windows\SysWow64\shoC64B.tmp . . ((((((((((((((((((((((((((((( [email protected]_01.55.10 ))))))))))))))))))))))))))))))))))))))))) . - 2011-11-10 22:20 . 2011-11-10 22:20 13585 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat + 2011-11-27 23:20 . 2011-11-27 23:20 13585 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat + 2009-07-14 04:54 . 2011-11-27 23:24 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2011-11-10 22:20 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2011-11-27 23:24 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2011-11-10 22:20 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2011-11-27 23:24 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2011-11-10 22:20 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-03-25 22:01 . 2011-11-27 23:26 63842 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2011-11-27 23:26 34948 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-05-03 02:44 . 2011-11-28 02:39 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-05-03 02:44 . 2011-11-10 22:20 49152 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-11-11 21:52 . 2011-11-28 02:39 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2011-11-10 22:20 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2011-11-28 02:39 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2010-07-13 23:19 . 2011-11-11 01:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2010-07-13 23:19 . 2011-11-27 19:48 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-07-13 23:19 . 2011-11-11 01:05 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2010-07-13 23:19 . 2011-11-27 19:48 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2010-07-13 23:19 . 2011-11-27 19:48 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2010-07-13 23:19 . 2011-11-11 01:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2010-07-12 23:17 . 2011-11-10 22:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2010-07-12 23:17 . 2011-11-28 02:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2010-07-12 23:17 . 2011-11-28 02:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2010-07-12 23:17 . 2011-11-10 22:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-07-21 23:51 . 2011-11-18 05:04 5676 c:\windows\system32\wdi\ERCQueuedResolutions.dat + 2010-07-12 23:20 . 2011-11-27 23:26 6886 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1620454023-599415270-3658004543-1004_UserData.bin + 2010-07-19 20:34 . 2010-07-19 20:34 625664 c:\windows\SysWOW64\tsccvid64.dll + 2010-07-19 20:33 . 2010-07-19 20:33 594944 c:\windows\SysWOW64\tsccvid.dll + 2011-11-23 02:53 . 2011-11-23 02:53 247968 c:\windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe + 2011-11-23 02:53 . 2011-11-23 02:53 335520 c:\windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.dll + 2010-07-13 22:34 . 2011-11-27 22:48 420206 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2009-07-14 02:36 . 2011-11-27 03:27 283016 c:\windows\system32\perfc009.dat + 2011-11-23 02:53 . 2011-11-23 02:53 461984 c:\windows\system32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.exe + 2011-11-23 02:53 . 2011-11-23 02:53 376480 c:\windows\system32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.dll + 2010-10-19 22:36 . 2011-11-18 04:52 262144 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat - 2010-10-19 22:36 . 2010-10-18 23:46 262144 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat - 2009-07-14 05:01 . 2011-11-10 22:16 306360 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2011-11-27 23:20 306360 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-11-16 22:25 . 2011-11-16 22:25 680448 c:\windows\Installer\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}\IconEF5C48881.exe + 2001-09-06 02:00 . 2001-09-06 02:00 1700352 c:\windows\SysWOW64\gdiplus.dll + 2009-07-14 02:36 . 2011-11-27 03:27 1121076 c:\windows\system32\perfh009.dat + 2010-07-13 17:27 . 2011-11-27 23:20 1932232 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1620454023-599415270-3658004543-1004-12288.dat - 2010-07-13 17:27 . 2011-11-10 22:16 1932232 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1620454023-599415270-3658004543-1004-12288.dat + 2011-11-03 17:08 . 2011-11-03 17:08 15544320 c:\windows\Installer\16b463.msi + 2011-11-16 22:09 . 2011-11-16 22:09 195687424 c:\windows\Installer\a186c80.msi . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green] @="{95A27763-F62A-4114-9072-E81D87DE3B68}" [HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}] 2011-10-21 01:03 991888 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial] @="{E300CD91-100F-4E67-9AF3-1384A6124015}" [HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}] 2011-10-21 01:03 991888 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow] @="{5E529433-B50E-4bef-A63B-16A6B71B071A}" [HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}] 2011-10-21 01:03 991888 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" "ControlCenter3"=c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun . R0 szkg5;szkg5;c:\windows\SySWOW64\DRIVERS\szkg64.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 MSSQL$DDNI;SQL Server (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392] R2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe64.sys [x] R2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x] R3 bdsandbox;bdsandbox;c:\windows\system32\drivers\bdsandbox.sys [x] R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 PCTINDIS5X64;PCTINDIS5X64 NDIS Protocol Driver;c:\windows\system32\PCTINDIS5X64.SYS [x] R3 SampleCollector;Intel(R) Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2009-12-23 168448] R3 SWNC8U56;Sierra Wireless MUX NDIS Driver (UMTS56);c:\windows\system32\DRIVERS\swnc8u56.sys [x] R3 SWUMX56;Sierra Wireless USB MUX Driver (UMTS56);c:\windows\system32\DRIVERS\swumx56.sys [x] R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [2011-10-15 466736] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x] R4 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [x] R4 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [x] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128] R4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224] R4 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [2011-09-13 74336] R4 SMPDiskOptimizer;SMPDiskOptimizer;c:\program files (x86)\System Optimizer\SMPDefragSrv64.exe [2010-10-19 275456] R4 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-02-24 108400] R4 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-02-24 422768] R4 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-02-24 67952] R4 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe [2010-02-08 302448] R4 SQLAgent$DDNI;SQL Server Agent (DDNI);c:\program files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936] R4 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-01-20 574320] R4 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-03-18 852336] R4 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-02-20 529776] R4 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-02-20 386416] R4 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-02-20 115568] R4 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-06-09 1223024] S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2011-11-22 90192] S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-22 103504] S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336] S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-10-07 375176] S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2010-09-17 15928] S2 regi;regi;c:\windows\system32\drivers\regi.sys [x] S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-03 483688] S2 UPDATESRV;BitDefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2012\updatesrv.exe [2011-11-15 62512] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x] S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [x] S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [x] S3 NMgamingmsFltr;USB Optical Mouse;c:\windows\system32\drivers\NMgamingms.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-03 209768] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 22251439 *Deregistered* - 22251439 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}] 2009-07-14 01:14 301568 ----a-w- c:\windows\System32\cmd.exe . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green] @="{95A27763-F62A-4114-9072-E81D87DE3B68}" [HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}] 2011-10-21 00:56 1256592 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial] @="{E300CD91-100F-4E67-9AF3-1384A6124015}" [HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}] 2011-10-21 00:56 1256592 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow] @="{5E529433-B50E-4bef-A63B-16A6B71B071A}" [HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}] 2011-10-21 00:56 1256592 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1] @="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}" [HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}] 2011-09-13 16:23 260760 ------w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2] @="{342DAA0B-D796-460D-8566-901E08A1CCAD}" [HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}] 2011-09-13 16:23 260760 ------w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3] @="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}" [HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}] 2011-09-13 16:23 260760 ------w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4] @="{33816773-98AE-4723-ADE0-EBE54C8B5A67}" [HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}] 2011-09-13 16:23 260760 ------w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = about:blank mStart Page = about:blank mLocal Page = c:\windows\SYSTEM32\blank.htm TCP: DhcpNameServer = 192.168.1.1 64.233.217.5 64.233.217.2 CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll FF - ProfilePath - c:\users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\ocwvh1o7.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com FF - prefs.js: browser.search.selectedEngine - Search The Web FF - prefs.js: browser.startup.homepage - hxxp://www.google.com FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=en&q= FF - prefs.js: network.proxy.type - 0 FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . . ------- File Associations ------- . JSEFile=NOTEPAD.EXE %1 . - - - - ORPHANS REMOVED - - - - . Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) . . . [HKEY_LOCAL_MACHINE\system\ControlSet003\services\SampleCollector] "ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\"" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2447568~31bf3856ad364e35~amd64~~6.1.1.0] @DACL=(02 0000) "ApplicabilityState"=dword:00000070 "CurrentState"=dword:00000000 . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB947821~31bf3856ad364e35~amd64~~6.1.8.0] @DACL=(02 0000) "ApplicabilityState"=dword:00000070 "CurrentState"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2011-11-27 21:55:37 ComboFix-quarantined-files.txt 2011-11-28 02:55 ComboFix2.txt 2011-11-19 04:16 ComboFix3.txt 2011-11-17 23:53 ComboFix4.txt 2011-11-14 23:48 ComboFix5.txt 2011-11-28 02:25 . Pre-Run: 487,060,541,440 bytes free Post-Run: 486,926,700,544 bytes free . - - End Of File - - 1C0F373EB5E6849D04E59731ED33AAD1
  4. Okay here are new logs: TDSKiller LOG: 21:25:00.0371 3424 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44 21:25:00.0669 3424 ============================================================ 21:25:00.0669 3424 Current date / time: 2011/11/27 21:25:00.0669 21:25:00.0669 3424 SystemInfo: 21:25:00.0669 3424 21:25:00.0669 3424 OS Version: 6.1.7600 ServicePack: 0.0 21:25:00.0669 3424 Product type: Workstation 21:25:00.0669 3424 ComputerName: DEREK-VAIO 21:25:00.0669 3424 UserName: derek 21:25:00.0669 3424 Windows directory: C:\Windows 21:25:00.0669 3424 System windows directory: C:\Windows 21:25:00.0669 3424 Running under WOW64 21:25:00.0669 3424 Processor architecture: Intel x64 21:25:00.0669 3424 Number of processors: 8 21:25:00.0669 3424 Page size: 0x1000 21:25:00.0669 3424 Boot type: Normal boot 21:25:00.0669 3424 ============================================================ 21:25:01.0028 3424 Initialize success 21:25:05.0675 5748 ============================================================ 21:25:05.0676 5748 Scan started 21:25:05.0676 5748 Mode: Manual; 21:25:05.0676 5748 ============================================================ 21:25:07.0054 5748 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys 21:25:07.0062 5748 1394ohci - ok 21:25:07.0197 5748 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys 21:25:07.0208 5748 ACPI - ok 21:25:07.0318 5748 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys 21:25:07.0322 5748 AcpiPmi - ok 21:25:07.0415 5748 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 21:25:07.0424 5748 adp94xx - ok 21:25:07.0549 5748 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 21:25:07.0556 5748 adpahci - ok 21:25:07.0647 5748 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 21:25:07.0654 5748 adpu320 - ok 21:25:07.0781 5748 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys 21:25:07.0786 5748 AFD - ok 21:25:07.0882 5748 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 21:25:07.0887 5748 agp440 - ok 21:25:07.0962 5748 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 21:25:07.0966 5748 aliide - ok 21:25:07.0998 5748 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 21:25:08.0002 5748 amdide - ok 21:25:08.0025 5748 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 21:25:08.0030 5748 AmdK8 - ok 21:25:08.0063 5748 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 21:25:08.0068 5748 AmdPPM - ok 21:25:08.0097 5748 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys 21:25:08.0102 5748 amdsata - ok 21:25:08.0145 5748 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 21:25:08.0151 5748 amdsbs - ok 21:25:08.0180 5748 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys 21:25:08.0184 5748 amdxata - ok 21:25:08.0303 5748 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\drivers\Apfiltr.sys 21:25:08.0312 5748 ApfiltrService - ok 21:25:08.0424 5748 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 21:25:08.0429 5748 AppID - ok 21:25:08.0543 5748 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 21:25:08.0549 5748 arc - ok 21:25:08.0589 5748 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 21:25:08.0595 5748 arcsas - ok 21:25:08.0669 5748 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys 21:25:08.0671 5748 ArcSoftKsUFilter - ok 21:25:08.0718 5748 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 21:25:08.0722 5748 AsyncMac - ok 21:25:08.0744 5748 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 21:25:08.0748 5748 atapi - ok 21:25:08.0816 5748 athr (08baaa2432e81031a6c3b11ad5a67e2b) C:\Windows\system32\DRIVERS\athrx.sys 21:25:08.0829 5748 athr - ok 21:25:08.0936 5748 avc3 (d74652996dfcd53d8a2fa1c6e45e39cf) C:\Windows\system32\DRIVERS\avc3.sys 21:25:08.0940 5748 avc3 - ok 21:25:09.0062 5748 avchv (9bb5c4987545c77c27a7e5471f635f88) C:\Windows\system32\DRIVERS\avchv.sys 21:25:09.0066 5748 avchv - ok 21:25:09.0204 5748 avckf (8e33e9175ae2f6cee4e77fc40d4c8f40) C:\Windows\system32\DRIVERS\avckf.sys 21:25:09.0209 5748 avckf - ok 21:25:09.0331 5748 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 21:25:09.0340 5748 b06bdrv - ok 21:25:09.0442 5748 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 21:25:09.0450 5748 b57nd60a - ok 21:25:09.0593 5748 BdfNdisf (707ac68f86f97c17c30498aaf3c7e27e) c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys 21:25:09.0599 5748 BdfNdisf - ok 21:25:09.0709 5748 bdfsfltr (66116e0a4da8407ff7f2aaace52b8b54) C:\Windows\system32\DRIVERS\bdfsfltr.sys 21:25:09.0714 5748 bdfsfltr - ok 21:25:09.0825 5748 bdfwfpf (4ce4b0098fc315c237fa8867f07886c4) C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys 21:25:09.0828 5748 bdfwfpf - ok 21:25:09.0948 5748 bdsandbox (afda933f10d5b536b8713f119eba6912) C:\Windows\system32\drivers\bdsandbox.sys 21:25:09.0951 5748 bdsandbox - ok 21:25:10.0001 5748 BDVEDISK (b89deff4817b4cc6fc2bcd8f83b4e75d) C:\Windows\system32\DRIVERS\bdvedisk.sys 21:25:10.0004 5748 BDVEDISK - ok 21:25:10.0047 5748 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 21:25:10.0050 5748 Beep - ok 21:25:10.0103 5748 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 21:25:10.0107 5748 blbdrive - ok 21:25:10.0176 5748 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 21:25:10.0179 5748 bowser - ok 21:25:10.0215 5748 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 21:25:10.0218 5748 BrFiltLo - ok 21:25:10.0265 5748 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 21:25:10.0267 5748 BrFiltUp - ok 21:25:10.0324 5748 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 21:25:10.0334 5748 Brserid - ok 21:25:10.0388 5748 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 21:25:10.0392 5748 BrSerWdm - ok 21:25:10.0428 5748 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 21:25:10.0431 5748 BrUsbMdm - ok 21:25:10.0455 5748 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 21:25:10.0458 5748 BrUsbSer - ok 21:25:10.0502 5748 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys 21:25:10.0504 5748 BthEnum - ok 21:25:10.0546 5748 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 21:25:10.0552 5748 BTHMODEM - ok 21:25:10.0619 5748 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 21:25:10.0622 5748 BthPan - ok 21:25:10.0664 5748 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\Windows\system32\Drivers\BTHport.sys 21:25:10.0668 5748 BTHPORT - ok 21:25:10.0717 5748 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\Windows\system32\Drivers\BTHUSB.sys 21:25:10.0720 5748 BTHUSB - ok 21:25:10.0746 5748 btwampfl - ok 21:25:10.0764 5748 btwaudio - ok 21:25:10.0774 5748 btwavdt - ok 21:25:10.0784 5748 btwl2cap - ok 21:25:10.0794 5748 btwrchid - ok 21:25:10.0812 5748 catchme - ok 21:25:10.0845 5748 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 21:25:10.0850 5748 cdfs - ok 21:25:10.0891 5748 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 21:25:10.0894 5748 cdrom - ok 21:25:10.0918 5748 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 21:25:10.0922 5748 circlass - ok 21:25:11.0001 5748 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 21:25:11.0005 5748 CLFS - ok 21:25:11.0036 5748 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 21:25:11.0040 5748 CmBatt - ok 21:25:11.0071 5748 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 21:25:11.0075 5748 cmdide - ok 21:25:11.0131 5748 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys 21:25:11.0140 5748 CNG - ok 21:25:11.0214 5748 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 21:25:11.0219 5748 Compbatt - ok 21:25:11.0252 5748 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys 21:25:11.0256 5748 CompositeBus - ok 21:25:11.0289 5748 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 21:25:11.0293 5748 crcdisk - ok 21:25:11.0340 5748 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys 21:25:11.0342 5748 DfsC - ok 21:25:11.0372 5748 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 21:25:11.0373 5748 discache - ok 21:25:11.0388 5748 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 21:25:11.0394 5748 Disk - ok 21:25:11.0422 5748 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 21:25:11.0424 5748 drmkaud - ok 21:25:11.0467 5748 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys 21:25:11.0483 5748 DXGKrnl - ok 21:25:11.0565 5748 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 21:25:11.0600 5748 ebdrv - ok 21:25:11.0716 5748 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 21:25:11.0725 5748 elxstor - ok 21:25:11.0756 5748 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 21:25:11.0759 5748 ErrDev - ok 21:25:11.0790 5748 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 21:25:11.0796 5748 exfat - ok 21:25:11.0850 5748 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 21:25:11.0856 5748 fastfat - ok 21:25:11.0906 5748 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 21:25:11.0910 5748 fdc - ok 21:25:11.0962 5748 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 21:25:11.0968 5748 FileInfo - ok 21:25:11.0987 5748 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 21:25:11.0990 5748 Filetrace - ok 21:25:12.0011 5748 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 21:25:12.0014 5748 flpydisk - ok 21:25:12.0036 5748 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 21:25:12.0040 5748 FltMgr - ok 21:25:12.0067 5748 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 21:25:12.0072 5748 FsDepends - ok 21:25:12.0120 5748 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 21:25:12.0123 5748 Fs_Rec - ok 21:25:12.0165 5748 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 21:25:12.0168 5748 fvevol - ok 21:25:12.0214 5748 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 21:25:12.0219 5748 gagp30kx - ok 21:25:12.0254 5748 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 21:25:12.0256 5748 GEARAspiWDM - ok 21:25:12.0294 5748 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 21:25:12.0297 5748 hcw85cir - ok 21:25:12.0326 5748 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 21:25:12.0335 5748 HdAudAddService - ok 21:25:12.0359 5748 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys 21:25:12.0364 5748 HDAudBus - ok 21:25:12.0386 5748 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 21:25:12.0390 5748 HidBatt - ok 21:25:12.0414 5748 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 21:25:12.0419 5748 HidBth - ok 21:25:12.0443 5748 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 21:25:12.0447 5748 HidIr - ok 21:25:12.0484 5748 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 21:25:12.0486 5748 HidUsb - ok 21:25:12.0529 5748 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys 21:25:12.0534 5748 HpSAMD - ok 21:25:12.0587 5748 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 21:25:12.0590 5748 HTTP - ok 21:25:12.0611 5748 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 21:25:12.0612 5748 hwpolicy - ok 21:25:12.0635 5748 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 21:25:12.0640 5748 i8042prt - ok 21:25:12.0685 5748 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys 21:25:12.0687 5748 iaStor - ok 21:25:12.0757 5748 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys 21:25:12.0766 5748 iaStorV - ok 21:25:12.0788 5748 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 21:25:12.0792 5748 iirsp - ok 21:25:12.0831 5748 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\drivers\Impcd.sys 21:25:12.0837 5748 Impcd - ok 21:25:12.0920 5748 IntcAzAudAddService (2e3b99e8c23be2bf32ebe1db5261f275) C:\Windows\system32\drivers\RTKVHD64.sys 21:25:12.0932 5748 IntcAzAudAddService - ok 21:25:13.0007 5748 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 21:25:13.0010 5748 intelide - ok 21:25:13.0035 5748 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys 21:25:13.0040 5748 intelppm - ok 21:25:13.0098 5748 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:25:13.0103 5748 IpFilterDriver - ok 21:25:13.0138 5748 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys 21:25:13.0143 5748 IPMIDRV - ok 21:25:13.0164 5748 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 21:25:13.0169 5748 IPNAT - ok 21:25:13.0221 5748 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 21:25:13.0225 5748 IRENUM - ok 21:25:13.0260 5748 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 21:25:13.0263 5748 isapnp - ok 21:25:13.0290 5748 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys 21:25:13.0297 5748 iScsiPrt - ok 21:25:13.0316 5748 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 21:25:13.0319 5748 kbdclass - ok 21:25:13.0376 5748 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 21:25:13.0379 5748 kbdhid - ok 21:25:13.0425 5748 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys 21:25:13.0431 5748 KSecDD - ok 21:25:13.0467 5748 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys 21:25:13.0474 5748 KSecPkg - ok 21:25:13.0508 5748 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 21:25:13.0512 5748 ksthunk - ok 21:25:13.0570 5748 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 21:25:13.0572 5748 lltdio - ok 21:25:13.0720 5748 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys 21:25:13.0721 5748 LMIInfo - ok 21:25:13.0735 5748 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys 21:25:13.0737 5748 lmimirr - ok 21:25:13.0747 5748 LMIRfsClientNP - ok 21:25:13.0797 5748 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys 21:25:13.0803 5748 LMIRfsDriver - ok 21:25:13.0839 5748 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 21:25:13.0845 5748 LSI_FC - ok 21:25:13.0880 5748 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 21:25:13.0885 5748 LSI_SAS - ok 21:25:13.0922 5748 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 21:25:13.0926 5748 LSI_SAS2 - ok 21:25:13.0965 5748 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 21:25:13.0970 5748 LSI_SCSI - ok 21:25:14.0052 5748 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 21:25:14.0058 5748 luafv - ok 21:25:14.0085 5748 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 21:25:14.0089 5748 megasas - ok 21:25:14.0114 5748 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 21:25:14.0122 5748 MegaSR - ok 21:25:14.0161 5748 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 21:25:14.0165 5748 Modem - ok 21:25:14.0200 5748 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 21:25:14.0202 5748 monitor - ok 21:25:14.0249 5748 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 21:25:14.0252 5748 mouclass - ok 21:25:14.0298 5748 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 21:25:14.0300 5748 mouhid - ok 21:25:14.0323 5748 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 21:25:14.0325 5748 mountmgr - ok 21:25:14.0355 5748 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys 21:25:14.0361 5748 mpio - ok 21:25:14.0404 5748 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 21:25:14.0406 5748 mpsdrv - ok 21:25:14.0431 5748 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 21:25:14.0436 5748 MRxDAV - ok 21:25:14.0486 5748 mrxsmb (b7f3d2c40bdf8ffb73ebfb19c77734e2) C:\Windows\system32\DRIVERS\mrxsmb.sys 21:25:14.0490 5748 mrxsmb - ok 21:25:14.0544 5748 mrxsmb10 (86c6f88b5168ce21cf8d69d0b3ff5d19) C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:25:14.0548 5748 mrxsmb10 - ok 21:25:14.0565 5748 mrxsmb20 (b081069251c8e9f42cb8769d07148f9c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:25:14.0568 5748 mrxsmb20 - ok 21:25:14.0593 5748 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys 21:25:14.0597 5748 msahci - ok 21:25:14.0630 5748 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys 21:25:14.0635 5748 msdsm - ok 21:25:14.0702 5748 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 21:25:14.0705 5748 Msfs - ok 21:25:14.0729 5748 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 21:25:14.0731 5748 mshidkmdf - ok 21:25:14.0783 5748 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 21:25:14.0787 5748 msisadrv - ok 21:25:14.0811 5748 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 21:25:14.0814 5748 MSKSSRV - ok 21:25:14.0861 5748 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 21:25:14.0864 5748 MSPCLOCK - ok 21:25:14.0896 5748 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 21:25:14.0899 5748 MSPQM - ok 21:25:14.0933 5748 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 21:25:14.0941 5748 MsRPC - ok 21:25:14.0979 5748 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 21:25:14.0983 5748 mssmbios - ok 21:25:15.0013 5748 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 21:25:15.0015 5748 MSTEE - ok 21:25:15.0046 5748 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 21:25:15.0049 5748 MTConfig - ok 21:25:15.0090 5748 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 21:25:15.0095 5748 Mup - ok 21:25:15.0150 5748 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 21:25:15.0154 5748 NativeWifiP - ok 21:25:15.0192 5748 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 21:25:15.0200 5748 NDIS - ok 21:25:15.0220 5748 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 21:25:15.0223 5748 NdisCap - ok 21:25:15.0241 5748 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 21:25:15.0243 5748 NdisTapi - ok 21:25:15.0259 5748 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 21:25:15.0261 5748 Ndisuio - ok 21:25:15.0285 5748 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 21:25:15.0288 5748 NdisWan - ok 21:25:15.0324 5748 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 21:25:15.0328 5748 NDProxy - ok 21:25:15.0352 5748 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 21:25:15.0354 5748 NetBIOS - ok 21:25:15.0418 5748 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 21:25:15.0420 5748 NetBT - ok 21:25:15.0487 5748 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 21:25:15.0492 5748 nfrd960 - ok 21:25:15.0521 5748 NMgamingmsFltr (fbca3fd51604147770eb4fb53d6144a8) C:\Windows\system32\drivers\NMgamingms.sys 21:25:15.0523 5748 NMgamingmsFltr - ok 21:25:15.0570 5748 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 21:25:15.0573 5748 Npfs - ok 21:25:15.0594 5748 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 21:25:15.0595 5748 nsiproxy - ok 21:25:15.0661 5748 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys 21:25:15.0684 5748 Ntfs - ok 21:25:15.0803 5748 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 21:25:15.0806 5748 Null - ok 21:25:15.0859 5748 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys 21:25:15.0862 5748 NVHDA - ok 21:25:16.0075 5748 nvlddmkm (db2bee926e7dfc59896a2d6800eb13f7) C:\Windows\system32\DRIVERS\nvlddmkm.sys 21:25:16.0123 5748 nvlddmkm - ok 21:25:16.0211 5748 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys 21:25:16.0218 5748 nvraid - ok 21:25:16.0273 5748 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys 21:25:16.0279 5748 nvstor - ok 21:25:16.0318 5748 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 21:25:16.0325 5748 nv_agp - ok 21:25:16.0360 5748 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 21:25:16.0364 5748 ohci1394 - ok 21:25:16.0408 5748 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 21:25:16.0413 5748 Parport - ok 21:25:16.0462 5748 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 21:25:16.0467 5748 partmgr - ok 21:25:16.0510 5748 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys 21:25:16.0516 5748 pci - ok 21:25:16.0555 5748 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 21:25:16.0558 5748 pciide - ok 21:25:16.0596 5748 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 21:25:16.0604 5748 pcmcia - ok 21:25:16.0613 5748 PCTINDIS5X64 - ok 21:25:16.0665 5748 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 21:25:16.0670 5748 pcw - ok 21:25:16.0697 5748 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 21:25:16.0702 5748 PEAUTH - ok 21:25:16.0772 5748 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 21:25:16.0775 5748 PptpMiniport - ok 21:25:16.0802 5748 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 21:25:16.0807 5748 Processor - ok 21:25:16.0848 5748 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 21:25:16.0849 5748 Psched - ok 21:25:16.0902 5748 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys 21:25:16.0907 5748 PxHlpa64 - ok 21:25:16.0968 5748 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 21:25:16.0985 5748 ql2300 - ok 21:25:17.0019 5748 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 21:25:17.0024 5748 ql40xx - ok 21:25:17.0067 5748 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 21:25:17.0071 5748 QWAVEdrv - ok 21:25:17.0096 5748 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 21:25:17.0100 5748 RasAcd - ok 21:25:17.0162 5748 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 21:25:17.0164 5748 RasAgileVpn - ok 21:25:17.0191 5748 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 21:25:17.0194 5748 Rasl2tp - ok 21:25:17.0217 5748 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 21:25:17.0220 5748 RasPppoe - ok 21:25:17.0241 5748 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 21:25:17.0244 5748 RasSstp - ok 21:25:17.0293 5748 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 21:25:17.0297 5748 rdbss - ok 21:25:17.0319 5748 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 21:25:17.0322 5748 rdpbus - ok 21:25:17.0360 5748 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 21:25:17.0361 5748 RDPCDD - ok 21:25:17.0383 5748 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 21:25:17.0384 5748 RDPENCDD - ok 21:25:17.0406 5748 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 21:25:17.0406 5748 RDPREFMP - ok 21:25:17.0432 5748 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 21:25:17.0438 5748 RDPWD - ok 21:25:17.0482 5748 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 21:25:17.0490 5748 rdyboost - ok 21:25:17.0544 5748 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys 21:25:17.0548 5748 regi - ok 21:25:17.0611 5748 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 21:25:17.0614 5748 RFCOMM - ok 21:25:17.0651 5748 rimspci (6ded176a14770339f1415cfdbcc9e07f) C:\Windows\system32\drivers\rimssne64.sys 21:25:17.0656 5748 rimspci - ok 21:25:17.0696 5748 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys 21:25:17.0700 5748 RimVSerPort - ok 21:25:17.0734 5748 risdpcie (2eea929b8c4b6241bc945a3b173d9f71) C:\Windows\system32\DRIVERS\risdpe64.sys 21:25:17.0738 5748 risdpcie - ok 21:25:17.0773 5748 risdsnpe (ddf5f666c2a5b3729e8bea01fb999cc0) C:\Windows\system32\drivers\risdsne64.sys 21:25:17.0777 5748 risdsnpe - ok 21:25:17.0805 5748 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys 21:25:17.0808 5748 ROOTMODEM - ok 21:25:17.0851 5748 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 21:25:17.0854 5748 rspndr - ok 21:25:17.0919 5748 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys 21:25:17.0925 5748 sbp2port - ok 21:25:17.0948 5748 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 21:25:17.0951 5748 scfilter - ok 21:25:17.0991 5748 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\Windows\system32\drivers\sdbus.sys 21:25:17.0996 5748 sdbus - ok 21:25:18.0042 5748 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 21:25:18.0045 5748 secdrv - ok 21:25:18.0076 5748 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 21:25:18.0080 5748 Serenum - ok 21:25:18.0107 5748 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 21:25:18.0112 5748 Serial - ok 21:25:18.0147 5748 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 21:25:18.0150 5748 sermouse - ok 21:25:18.0216 5748 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys 21:25:18.0219 5748 SFEP - ok 21:25:18.0243 5748 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 21:25:18.0246 5748 sffdisk - ok 21:25:18.0283 5748 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 21:25:18.0286 5748 sffp_mmc - ok 21:25:18.0307 5748 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys 21:25:18.0310 5748 sffp_sd - ok 21:25:18.0339 5748 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 21:25:18.0342 5748 sfloppy - ok 21:25:18.0397 5748 Sftfs (d5183ed285d2795491dc15bddcbee5ad) C:\Windows\system32\DRIVERS\Sftfslh.sys 21:25:18.0403 5748 Sftfs - ok 21:25:18.0445 5748 Sftplay (00f118b68c50d2206dd51634f9142b83) C:\Windows\system32\DRIVERS\Sftplaylh.sys 21:25:18.0449 5748 Sftplay - ok 21:25:18.0470 5748 Sftredir (76a827df5640bfe16a0cdbb4108adeca) C:\Windows\system32\DRIVERS\Sftredirlh.sys 21:25:18.0472 5748 Sftredir - ok 21:25:18.0524 5748 Sftvol (1b4c9701645086bab8cafffce30ed284) C:\Windows\system32\DRIVERS\Sftvollh.sys 21:25:18.0527 5748 Sftvol - ok 21:25:18.0609 5748 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 21:25:18.0613 5748 SiSRaid2 - ok 21:25:18.0648 5748 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 21:25:18.0653 5748 SiSRaid4 - ok 21:25:18.0687 5748 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 21:25:18.0693 5748 Smb - ok 21:25:18.0730 5748 smbusp (3b47f81c3c3b4742221a5391ef8d499d) C:\Windows\system32\DRIVERS\intelsmb.sys 21:25:18.0732 5748 smbusp - ok 21:25:18.0815 5748 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 21:25:18.0819 5748 spldr - ok 21:25:18.0906 5748 srv (148d50904d2a0df29a19778715eb35bb) C:\Windows\system32\DRIVERS\srv.sys 21:25:18.0910 5748 srv - ok 21:25:18.0960 5748 srv2 (ce2189fe31d36678ac9eb7ddee08ec96) C:\Windows\system32\DRIVERS\srv2.sys 21:25:18.0964 5748 srv2 - ok 21:25:19.0010 5748 srvnet (cb69edeb069a49577592835659cd0e46) C:\Windows\system32\DRIVERS\srvnet.sys 21:25:19.0014 5748 srvnet - ok 21:25:19.0061 5748 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 21:25:19.0064 5748 stexstor - ok 21:25:19.0125 5748 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys 21:25:19.0127 5748 StillCam - ok 21:25:19.0184 5748 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 21:25:19.0187 5748 swenum - ok 21:25:19.0256 5748 swmsflt (851681f7d3200e2a646c5ee4d4e9883d) C:\Windows\System32\drivers\swmsflt.sys 21:25:19.0264 5748 swmsflt - ok 21:25:19.0303 5748 SWNC8U56 (c2ad3936249199c9d8187dcdea17ac25) C:\Windows\system32\DRIVERS\swnc8u56.sys 21:25:19.0308 5748 SWNC8U56 - ok 21:25:19.0355 5748 SWUMX56 (cc97ec73094cf0f47cd89aafba6d26f1) C:\Windows\system32\DRIVERS\swumx56.sys 21:25:19.0360 5748 SWUMX56 - ok 21:25:19.0378 5748 szkg5 - ok 21:25:19.0477 5748 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys 21:25:19.0521 5748 Tcpip - ok 21:25:19.0602 5748 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys 21:25:19.0611 5748 TCPIP6 - ok 21:25:19.0667 5748 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 21:25:19.0669 5748 tcpipreg - ok 21:25:19.0699 5748 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 21:25:19.0702 5748 TDPIPE - ok 21:25:19.0721 5748 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 21:25:19.0725 5748 TDTCP - ok 21:25:19.0772 5748 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 21:25:19.0775 5748 tdx - ok 21:25:19.0828 5748 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys 21:25:19.0834 5748 TermDD - ok 21:25:19.0927 5748 trufos (df219721ddffcbe03aa894b6b6742ba1) C:\Windows\system32\DRIVERS\trufos.sys 21:25:19.0932 5748 trufos - ok 21:25:20.0106 5748 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 21:25:20.0110 5748 tssecsrv - ok 21:25:20.0161 5748 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 21:25:20.0165 5748 tunnel - ok 21:25:20.0207 5748 TVICHW32 (1a006963644c7fde5be60036f3a43e68) C:\Windows\system32\DRIVERS\TVICHW32.SYS 21:25:20.0211 5748 TVICHW32 - ok 21:25:20.0268 5748 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 21:25:20.0284 5748 uagp35 - ok 21:25:20.0395 5748 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys 21:25:20.0412 5748 udfs - ok 21:25:20.0457 5748 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 21:25:20.0462 5748 uliagpkx - ok 21:25:20.0500 5748 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 21:25:20.0504 5748 umbus - ok 21:25:20.0556 5748 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 21:25:20.0560 5748 UmPass - ok 21:25:20.0616 5748 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 21:25:20.0620 5748 USBAAPL64 - ok 21:25:20.0657 5748 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys 21:25:20.0660 5748 usbccgp - ok 21:25:20.0735 5748 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 21:25:20.0741 5748 usbcir - ok 21:25:20.0795 5748 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys 21:25:20.0799 5748 usbehci - ok 21:25:20.0827 5748 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys 21:25:20.0831 5748 usbhub - ok 21:25:20.0882 5748 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys 21:25:20.0885 5748 usbohci - ok 21:25:20.0928 5748 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys 21:25:20.0931 5748 usbprint - ok 21:25:20.0987 5748 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:25:20.0992 5748 USBSTOR - ok 21:25:21.0030 5748 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys 21:25:21.0033 5748 usbuhci - ok 21:25:21.0064 5748 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys 21:25:21.0069 5748 usbvideo - ok 21:25:21.0199 5748 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 21:25:21.0204 5748 vdrvroot - ok 21:25:21.0239 5748 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 21:25:21.0242 5748 vga - ok 21:25:21.0263 5748 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 21:25:21.0266 5748 VgaSave - ok 21:25:21.0299 5748 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys 21:25:21.0307 5748 vhdmp - ok 21:25:21.0340 5748 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 21:25:21.0343 5748 viaide - ok 21:25:21.0370 5748 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys 21:25:21.0376 5748 volmgr - ok 21:25:21.0406 5748 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 21:25:21.0410 5748 volmgrx - ok 21:25:21.0450 5748 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys 21:25:21.0459 5748 volsnap - ok 21:25:21.0483 5748 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 21:25:21.0489 5748 vsmraid - ok 21:25:21.0540 5748 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 21:25:21.0543 5748 vwifibus - ok 21:25:21.0584 5748 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 21:25:21.0587 5748 vwififlt - ok 21:25:21.0736 5748 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 21:25:21.0739 5748 vwifimp - ok 21:25:21.0867 5748 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 21:25:21.0871 5748 WacomPen - ok 21:25:21.0901 5748 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 21:25:21.0905 5748 WANARP - ok 21:25:21.0913 5748 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 21:25:21.0914 5748 Wanarpv6 - ok 21:25:21.0974 5748 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 21:25:21.0978 5748 Wd - ok 21:25:22.0023 5748 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 21:25:22.0036 5748 Wdf01000 - ok 21:25:22.0088 5748 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 21:25:22.0091 5748 WfpLwf - ok 21:25:22.0127 5748 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 21:25:22.0131 5748 WIMMount - ok 21:25:22.0200 5748 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 21:25:22.0203 5748 WinUsb - ok 21:25:22.0279 5748 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 21:25:22.0293 5748 WmiAcpi - ok 21:25:22.0367 5748 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 21:25:22.0371 5748 ws2ifsl - ok 21:25:22.0503 5748 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 21:25:22.0507 5748 WudfPf - ok 21:25:22.0542 5748 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 21:25:22.0548 5748 WUDFRd - ok 21:25:22.0610 5748 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys 21:25:22.0619 5748 yukonw7 - ok 21:25:22.0681 5748 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 21:25:22.0933 5748 \Device\Harddisk0\DR0 - ok 21:25:22.0935 5748 Boot (0x1200) (ca1e0484e3abdd2c416ddfe2962c1845) \Device\Harddisk0\DR0\Partition0 21:25:22.0936 5748 \Device\Harddisk0\DR0\Partition0 - ok 21:25:22.0952 5748 Boot (0x1200) (d4b3b9b4d7e609a14c583c8d47894237) \Device\Harddisk0\DR0\Partition1 21:25:22.0953 5748 \Device\Harddisk0\DR0\Partition1 - ok 21:25:22.0953 5748 ============================================================ 21:25:22.0953 5748 Scan finished 21:25:22.0953 5748 ============================================================ 21:25:22.0964 1148 Detected object count: 0 21:25:22.0964 1148 Actual detected object count: 0
  5. I did the MBR commands and everything and then scanned aswMBR again. here is log: aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-11-26 22:29:43 ----------------------------- 22:29:43.141 OS Version: Windows x64 6.1.7600 22:29:43.141 Number of processors: 8 586 0x1E05 22:29:43.141 ComputerName: DEREK-VAIO UserName: derek 22:29:48.882 Initialize success 22:30:59.792 AVAST engine defs: 11112601 22:33:57.961 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 22:33:57.961 Disk 0 Vendor: SAMSUNG_ 2AJ1 Size: 610480MB BusType: 3 22:33:57.961 Disk 0 MBR read successfully 22:33:57.961 Disk 0 MBR scan 22:33:57.977 Disk 0 unknown MBR code 22:33:57.977 Disk 0 MBR hidden 22:33:57.993 Service scanning 22:34:02.096 Modules scanning 22:34:02.096 Disk 0 trace - called modules: 22:34:02.111 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8007bfc334]<< 22:34:02.111 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007be9060] 22:34:02.127 3 CLASSPNP.SYS[fffff880015d143f] -> nt!IofCallDriver -> [0xfffffa800747e480] 22:34:02.127 5 ACPI.sys[fffff88000fa4781] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007483050] 22:34:02.142 \Driver\iaStor[0xfffffa8007460570] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0xfffffa8007bfc334 22:34:06.729 AVAST engine scan C:\Windows 22:34:12.048 AVAST engine scan C:\Windows\system32 22:36:25.522 AVAST engine scan C:\Windows\system32\drivers 22:36:37.534 AVAST engine scan C:\Users\derek 01:01:21.374 AVAST engine scan C:\ProgramData 01:19:20.537 Scan finished successfully 14:22:54.044 Disk 0 MBR has been saved successfully to "C:\Users\derek\Desktop\MBR.dat" 14:22:54.060 The log file has been saved successfully to "C:\Users\derek\Desktop\aswMBR.txt"
  6. My computer came with my version of Windows... I have whatever the basic installation is. I have never modified partitions or two operating systems. Just the OEM installation of windows 7..
  7. [quote name='CeciliaB' timestamp='1321901200' post='130666'] I suspected that. I think the only solution is to rewrite MBR. [/quote] how do I rewrite MBR? And can you explain any risk involved? I dont understand what you mean about what I will "lose" if I rewrite MBR....?
  8. I noticed something interesting... Like I said before, everytime I click on a link from google, there is about a 1 second "pause" and the screen is white... I noticed that the HTML code on that actual screen looked like this on the last redirect: <html><body><form id="mfrm" name="myform" action="http://www.elegantclothingonline.com" method="post"><input type="hidden" name="url" value="http://doramounski.com/go.php?id=6b486c4b1382e879fb43bc59de8bdb60&aid=569&said=direc40&lastpage=BxsbH1VAQBgYGEEIAAAIAwpBDAACQBwKDh0MB1AcDAMGCgEbUh8cFkIODUkHA1IKAUkcBhsKUkkcABodDApSBx9JHlIfBx9EAg4XRAoXCgwaGwYAAUQbBgIKSQ0bAShSPAoOHQwH"></form><script type="text/javascript">document.forms["myform"].submit();</script></body></html> But yet the "URL" that I am viewing the "source" code from to get that code is the google result that I'm trying to visit. What i mean is that while the screen is white for 1 second, the URL it shows in the TITLE of the browser is the website that I'm TRYING to visit, so its almost as if this code is always 'injected' into the page quickly.
  9. [quote name='CeciliaB' timestamp='1321898566' post='130663'] Do you find XOL Cache among installed add-ons in Firefox? But deleting the folder should be enough. [/quote] No there never was anything like that... I checked all addon dates and none of them are september 9th. Anyway, I deleted it and restarted my computer and the problem still exists on both firefox and IE... Every link I click from google redirects me to an ads website
  10. How do I uninstall XUL cache? I deleted that whole folder "{8faa99f2-0cd0-4b79-a717-cab1d1a50ba5}" after firefox was closed. is that good enough?
  11. Also, if I run MBRCheck.exe and click Y for options, it gives me option to "restore the MBR of a physical disk with a standard boot code". Should I try that? Is there any risks of doing that?
  12. [quote name='CeciliaB' timestamp='1321782207' post='130647'] C:\Users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\iysioyqt.default\extensions\{8faa99f2-0cd0-4b79-a717-cab1d1a50ba5}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan That is the extension XUL Cache, which seems to be installed September 9th. Did you install it on purpose? Do you know from where you downloaded it? Is it possible to press the "Fix" button in aswMBR? Would it be a problem to write a standard MBR to the hard disk? Do you have a Windows 7 installation DVD? [/quote] I dont know what XUL cache is, so I can't say if I installed it on purpose or not... could this be the virus? There was no Fix button to click in aswMBR i dont think. Should I scan again and try "fix"? Do you think the MBR has anything to do with the virus? I dont see how that could be the virus because most MBR viruses cause problems when booting up I thought, not problems with google search? Yes I have a windows 7 installation DVD, but it always gives error when I try to "repair Windows". Should I try again?
  13. [quote name='CeciliaB' timestamp='1321748223' post='130641'] Those are suspicious lines. Very similar to [url="http://www.cybertechhelp.com/forums/showthread.php?p=1225310"]http://www.cybertech...d.php?p=1225310[/url] Were any of the lines in aswMBR log in another colour? Like on [url="http://public.avast.com/~gmerek/aswMBR.htm"]http://public.avast....erek/aswMBR.htm[/url] The normal way to clean a bad MBR is to overwrite it with a standard MBR. But that usually means that you no longer can start an installation of Windows by pressing a button while BIOS is running or other special functions reached from BIOS that your computer manufacturer has created. [/quote] this line was RED: 23:57:42.288 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8007c00334]<<
  14. Eset said it found one virus: C:\Users\derek\AppData\Roaming\Mozilla\Firefox\Profiles\iysioyqt.default\extensions\{8faa99f2-0cd0-4b79-a717-cab1d1a50ba5}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan
  15. MBRCheck log: MBRCheck, version 1.2.3 (c) 2010, AD Command-line: Windows Version: Windows 7 Home Premium Edition Windows Information: (build 7600), 64-bit Base Board Manufacturer: Sony Corporation BIOS Manufacturer: American Megatrends Inc. System Manufacturer: Sony Corporation System Product Name: VPCF127FX Logical Drives Mask: 0x00010014 Kernel Drivers (total 212): 0x0484B000 \SystemRoot\system32\ntoskrnl.exe 0x04802000 \SystemRoot\system32\hal.dll 0x00BB5000 \SystemRoot\system32\kdcom.dll 0x00C11000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x00C55000 \SystemRoot\system32\PSHED.dll 0x00C69000 \SystemRoot\system32\CLFS.SYS 0x00CC7000 \SystemRoot\system32\CI.dll 0x00EF5000 \SystemRoot\system32\drivers\Wdf01000.sys 0x00F99000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x00FA8000 \SystemRoot\system32\drivers\ACPI.sys 0x00E00000 \SystemRoot\system32\drivers\WMILIB.SYS 0x00E09000 \SystemRoot\system32\drivers\msisadrv.sys 0x00E13000 \SystemRoot\system32\drivers\pci.sys 0x00E46000 \SystemRoot\system32\drivers\vdrvroot.sys 0x00E53000 \SystemRoot\System32\drivers\partmgr.sys 0x00E68000 \SystemRoot\system32\drivers\compbatt.sys 0x00E71000 \SystemRoot\system32\drivers\BATTC.SYS 0x00E7D000 \SystemRoot\system32\drivers\volmgr.sys 0x00E92000 \SystemRoot\System32\drivers\volmgrx.sys 0x00D87000 \SystemRoot\System32\drivers\mountmgr.sys 0x01097000 \SystemRoot\system32\drivers\iaStor.sys 0x011EB000 \SystemRoot\system32\drivers\amdxata.sys 0x01000000 \SystemRoot\system32\drivers\fltmgr.sys 0x0104C000 \SystemRoot\system32\drivers\fileinfo.sys 0x01206000 \SystemRoot\system32\DRIVERS\avc3.sys 0x012B0000 \SystemRoot\system32\DRIVERS\bdfsfltr.sys 0x0137B000 \SystemRoot\System32\Drivers\PxHlpa64.sys 0x01433000 \SystemRoot\System32\Drivers\Ntfs.sys 0x01387000 \SystemRoot\System32\Drivers\msrpc.sys 0x015D5000 \SystemRoot\System32\Drivers\ksecdd.sys 0x0169A000 \SystemRoot\System32\Drivers\cng.sys 0x0170D000 \SystemRoot\System32\drivers\pcw.sys 0x0171E000 \SystemRoot\System32\Drivers\Fs_Rec.sys 0x01887000 \SystemRoot\system32\drivers\ndis.sys 0x01979000 \SystemRoot\system32\drivers\NETIO.SYS 0x01800000 \SystemRoot\System32\Drivers\ksecpkg.sys 0x01A01000 \SystemRoot\System32\drivers\tcpip.sys 0x0182B000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x01728000 \SystemRoot\system32\drivers\volsnap.sys 0x01875000 \SystemRoot\System32\Drivers\spldr.sys 0x01774000 \SystemRoot\System32\drivers\rdyboost.sys 0x019D9000 \SystemRoot\System32\Drivers\mup.sys 0x019EB000 \SystemRoot\System32\drivers\hwpolicy.sys 0x017AE000 \SystemRoot\System32\DRIVERS\fvevol.sys 0x017E8000 \SystemRoot\system32\drivers\disk.sys 0x01600000 \SystemRoot\system32\drivers\CLASSPNP.SYS 0x02F95000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x02FBF000 \SystemRoot\System32\Drivers\Null.SYS 0x02FC8000 \SystemRoot\System32\Drivers\Beep.SYS 0x02FCF000 \SystemRoot\System32\drivers\vga.sys 0x02E00000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x02FDD000 \SystemRoot\System32\drivers\watchdog.sys 0x02FED000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x02FF6000 \SystemRoot\system32\drivers\rdpencdd.sys 0x02E25000 \SystemRoot\system32\drivers\rdprefmp.sys 0x019F4000 \SystemRoot\System32\Drivers\Msfs.SYS 0x0163E000 \SystemRoot\System32\Drivers\Npfs.SYS 0x0164F000 \??\c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys 0x0167B000 \SystemRoot\system32\DRIVERS\tdx.sys 0x015EF000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x042E6000 \SystemRoot\system32\drivers\afd.sys 0x04370000 \SystemRoot\System32\DRIVERS\netbt.sys 0x043B5000 \SystemRoot\system32\DRIVERS\wfplwf.sys 0x043BE000 \SystemRoot\system32\DRIVERS\pacer.sys 0x043E4000 \SystemRoot\system32\DRIVERS\vwififlt.sys 0x04200000 \SystemRoot\system32\DRIVERS\netbios.sys 0x0420F000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x0422A000 \SystemRoot\system32\drivers\termdd.sys 0x0423E000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x0428F000 \SystemRoot\system32\drivers\nsiproxy.sys 0x0429B000 \SystemRoot\system32\drivers\mssmbios.sys 0x042A6000 \SystemRoot\System32\drivers\discache.sys 0x042B5000 \SystemRoot\System32\Drivers\dfsc.sys 0x042D3000 \SystemRoot\system32\drivers\blbdrive.sys 0x01400000 \SystemRoot\system32\DRIVERS\bdvedisk.sys 0x01320000 \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys 0x01348000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x04AD9000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys 0x04A00000 \SystemRoot\system32\DRIVERS\nvBridge.kmd 0x044E4000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x04400000 \SystemRoot\System32\drivers\dxgmms1.sys 0x04446000 \SystemRoot\system32\drivers\HDAudBus.sys 0x0446A000 \SystemRoot\system32\drivers\usbehci.sys 0x0447B000 \SystemRoot\system32\drivers\USBPORT.SYS 0x0582E000 \SystemRoot\system32\DRIVERS\athrx.sys 0x05A53000 \SystemRoot\system32\DRIVERS\vwifibus.sys 0x05A60000 \SystemRoot\system32\drivers\rimssne64.sys 0x05A80000 \SystemRoot\system32\drivers\1394ohci.sys 0x05ABE000 \SystemRoot\system32\drivers\i8042prt.sys 0x05ADC000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x05AEB000 \SystemRoot\system32\drivers\Apfiltr.sys 0x05B3A000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x05B49000 \SystemRoot\system32\drivers\SFEP.sys 0x05B4C000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys 0x05B59000 \SystemRoot\system32\DRIVERS\intelsmb.sys 0x05B62000 \SystemRoot\system32\drivers\wmiacpi.sys 0x05B6B000 \SystemRoot\system32\drivers\intelppm.sys 0x05B81000 \SystemRoot\system32\drivers\CmBatt.sys 0x05B86000 \SystemRoot\system32\drivers\CompositeBus.sys 0x05B96000 \SystemRoot\system32\DRIVERS\lmimirr.sys 0x05B9D000 \SystemRoot\system32\DRIVERS\serscan.sys 0x05BA5000 \SystemRoot\system32\drivers\ksthunk.sys 0x05BAB000 \SystemRoot\system32\drivers\ks.sys 0x05BEE000 \SystemRoot\system32\DRIVERS\ArcSoftKsUFilter.sys 0x05800000 \SystemRoot\system32\DRIVERS\AgileVpn.sys 0x045D8000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x05816000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x04A02000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x04A31000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x04A4C000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x04A6D000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x05822000 \SystemRoot\system32\drivers\swenum.sys 0x04A87000 \SystemRoot\system32\DRIVERS\avchv.sys 0x044D1000 \SystemRoot\system32\DRIVERS\umbus.sys 0x00DA1000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x0141D000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x013E5000 \SystemRoot\system32\drivers\nvhda64v.sys 0x06A01000 \SystemRoot\system32\drivers\portcls.sys 0x06A3E000 \SystemRoot\system32\drivers\drmk.sys 0x06C08000 \SystemRoot\system32\drivers\RTKVHD64.sys 0x06E31000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x06E4E000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x06E50000 \SystemRoot\System32\Drivers\usbvideo.sys 0x00070000 \SystemRoot\System32\win32k.sys 0x06E7E000 \SystemRoot\System32\drivers\Dxapi.sys 0x06E8A000 \SystemRoot\system32\DRIVERS\hidusb.sys 0x06E98000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0x06EB1000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0x06EBA000 \SystemRoot\system32\drivers\NMgamingms.sys 0x06EBD000 \SystemRoot\system32\DRIVERS\kbdhid.sys 0x06ECB000 \SystemRoot\system32\DRIVERS\mouhid.sys 0x06ED8000 \SystemRoot\System32\Drivers\crashdmp.sys 0x06A60000 \SystemRoot\System32\Drivers\dump_iaStor.sys 0x06EE6000 \SystemRoot\System32\Drivers\dump_dumpfve.sys 0x06EF9000 \SystemRoot\system32\DRIVERS\monitor.sys 0x00520000 \SystemRoot\System32\TSDDD.dll 0x006C0000 \SystemRoot\System32\cdd.dll 0x008E0000 \SystemRoot\System32\ATMFD.DLL 0x06F07000 \SystemRoot\system32\drivers\luafv.sys 0x06F2A000 \SystemRoot\system32\DRIVERS\Sftvollh.sys 0x06F35000 \SystemRoot\system32\drivers\WudfPf.sys 0x06F56000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x06F6B000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x06FBE000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x06FD1000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x02E2E000 \SystemRoot\system32\DRIVERS\trufos.sys 0x0486B000 \SystemRoot\system32\drivers\HTTP.sys 0x04933000 \SystemRoot\system32\DRIVERS\bowser.sys 0x04951000 \SystemRoot\System32\drivers\mpsdrv.sys 0x04969000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x04996000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x04800000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x04823000 \SystemRoot\system32\DRIVERS\vwifimp.sys 0x0482D000 \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys 0x04834000 \??\C:\Windows\system32\drivers\LMIRfsDriver.sys 0x078AA000 \SystemRoot\system32\drivers\peauth.sys 0x07950000 \??\C:\Windows\system32\drivers\regi.sys 0x07971000 \SystemRoot\System32\Drivers\secdrv.SYS 0x07C5B000 \SystemRoot\system32\DRIVERS\Sftfslh.sys 0x07D12000 \SystemRoot\system32\DRIVERS\Sftplaylh.sys 0x07D5F000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x07D8C000 \SystemRoot\System32\drivers\tcpipreg.sys 0x0797C000 \SystemRoot\System32\DRIVERS\srv2.sys 0x07800000 \SystemRoot\System32\DRIVERS\srv.sys 0x07D9E000 \SystemRoot\system32\DRIVERS\Sftredirlh.sys 0x07DA9000 \SystemRoot\System32\Drivers\BTHUSB.sys 0x0AE7D000 \SystemRoot\System32\Drivers\bthport.sys 0x0AF09000 \SystemRoot\system32\DRIVERS\rfcomm.sys 0x0AF35000 \SystemRoot\system32\DRIVERS\BthEnum.sys 0x0AF45000 \SystemRoot\system32\DRIVERS\bthpan.sys 0x0AFD6000 \??\C:\Users\derek\AppData\Local\Temp\aswMBR.sys 0x02E89000 \SystemRoot\system32\DRIVERS\avckf.sys 0x779E0000 \Windows\System32\ntdll.dll 0x48470000 \Windows\System32\smss.exe 0xFFD00000 \Windows\System32\apisetschema.dll 0xFFC20000 \Windows\System32\autochk.exe 0x778C0000 \Windows\System32\kernel32.dll 0xFFB70000 \Windows\System32\urlmon.dll 0xFFA40000 \Windows\System32\rpcrt4.dll 0xFF9F0000 \Windows\System32\ws2_32.dll 0xFF970000 \Windows\System32\shlwapi.dll 0xFF920000 \Windows\System32\Wldap32.dll 0xFF8F0000 \Windows\System32\imm32.dll 0xFF870000 \Windows\System32\difxapi.dll 0xFF610000 \Windows\System32\iertutil.dll 0x77BB0000 \Windows\System32\psapi.dll 0xFF4E0000 \Windows\System32\wininet.dll 0xFF440000 \Windows\System32\clbcatq.dll 0xFF260000 \Windows\System32\setupapi.dll 0xFF1C0000 \Windows\System32\msvcrt.dll 0xFF1A0000 \Windows\System32\imagehlp.dll 0x77BA0000 \Windows\System32\normaliz.dll 0xFF190000 \Windows\System32\nsi.dll 0xFF170000 \Windows\System32\sechost.dll 0xFF090000 \Windows\System32\oleaut32.dll 0xFE300000 \Windows\System32\shell32.dll 0xFE290000 \Windows\System32\gdi32.dll 0xFE280000 \Windows\System32\lpk.dll 0xFE170000 \Windows\System32\msctf.dll 0xFE0A0000 \Windows\System32\usp10.dll 0xFDFC0000 \Windows\System32\advapi32.dll 0xFDF20000 \Windows\System32\comdlg32.dll 0x777C0000 \Windows\System32\user32.dll 0xFDD10000 \Windows\System32\ole32.dll 0xFDC70000 \Windows\System32\comctl32.dll 0xFDC00000 \Windows\System32\KernelBase.dll 0xFDBC0000 \Windows\System32\cfgmgr32.dll 0xFDBA0000 \Windows\System32\devobj.dll 0xFDA30000 \Windows\System32\crypt32.dll 0xFD9F0000 \Windows\System32\wintrust.dll 0xFD9E0000 \Windows\System32\msasn1.dll 0x75EF0000 \Windows\SysWOW64\normaliz.dll Processes (total 62): 0 System Idle Process 4 System 420 C:\Windows\System32\smss.exe 680 csrss.exe 756 C:\Windows\System32\wininit.exe 776 csrss.exe 816 C:\Windows\System32\services.exe 836 C:\Windows\System32\lsass.exe 844 C:\Windows\System32\lsm.exe 952 C:\Windows\System32\svchost.exe 1012 C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe 136 C:\Windows\System32\nvvsvc.exe 472 C:\Windows\System32\svchost.exe 968 C:\Windows\System32\svchost.exe 1052 C:\Windows\System32\svchost.exe 1088 C:\Windows\System32\svchost.exe 1188 C:\Windows\System32\svchost.exe 1280 C:\Windows\System32\svchost.exe 1772 C:\Windows\System32\winlogon.exe 1892 C:\Windows\System32\spoolsv.exe 1920 C:\Windows\System32\svchost.exe 2016 C:\Windows\System32\svchost.exe 2124 C:\Windows\System32\nvvsvc.exe 2228 C:\Windows\System32\svchost.exe 2268 C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe 2320 C:\Program Files (x86)\LogMeIn\x64\ramaint.exe 2356 C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe 2912 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 2932 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 2964 C:\Windows\System32\svchost.exe 3036 C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe 2484 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 3800 C:\Windows\System32\taskhost.exe 3812 C:\Windows\System32\taskeng.exe 3844 C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe 3956 C:\Windows\System32\dwm.exe 3968 C:\Program Files\Sony\VAIO Care\VCSpt.exe 4032 C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe 4056 C:\Windows\explorer.exe 3652 C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe 3564 C:\Program Files\Sony\VAIO Power Management\SPMgr.exe 4044 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE 3824 C:\Program Files\Bitdefender\Bitdefender 2012\pchooklaunch64.exe 4120 C:\Program Files\Bitdefender\Bitdefender 2012\Antispam32\pchooklaunch32.exe 4688 C:\Windows\System32\svchost.exe 5032 C:\Windows\System32\SearchIndexer.exe 4920 C:\Program Files\Sony\VAIO Care\VCsystray.exe 5320 C:\Windows\System32\vds.exe 5132 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 3920 C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe 4040 C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE 5464 C:\Windows\System32\svchost.exe 1828 C:\Users\derek\Documents\Programs\aswMBR.exe 3452 C:\Program Files (x86)\Mozilla Firefox\firefox.exe 3384 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe 4240 C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE 4340 C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe 5232 C:\Windows\System32\audiodg.exe 3628 C:\Windows\System32\SearchProtocolHost.exe 6024 C:\Windows\System32\SearchFilterHost.exe 4392 C:\Users\derek\Desktop\MBRCheck.exe 5100 C:\Windows\System32\conhost.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`70700000 (NTFS) \\.\Q: --> error 5 PhysicalDrive0 Model Number: SAMSUNGHM641JI, Rev: 2AJ10001 Size Device Name MBR Status -------------------------------------------- 596 GB \\.\PhysicalDrive0 MBR Code Faked! SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A Found non-standard or infected MBR. Enter 'Y' and hit ENTER for more options, or 'N' to exit: Done!