referred here after posting in Vista forum for recurrent BSOD

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

confused89

Thread Starter
Joined
Oct 4, 2011
Messages
19
Tech Support Guy System Info Utility version 1.0.0.1
OS Version: Microsoft® Windows Vista™ Home Premium , Service Pack 2, 32 bit
Processor: Genuine Intel(R) CPU T2080 @ 1.73GHz, x86 Family 6 Model 14 Stepping 12
Processor Count: 2
RAM: 1013 Mb
Graphics Card: Mobile Intel(R) 945GM Express Chipset Family, 224 Mb
Hard Drives: C: Total - 112971 MB, Free - 73404 MB; E: Total - 1499 MB, Free - 1347 MB;
Motherboard: TOSHIBA, IAKAA, 1.00, 0123456789AB
Antivirus: AVG Anti-Virus Free Edition 2011, Updated and Enabled
--------------------------------------------------------------------------------------------------
I did a System Restore a couple of months ago. Then i started getting messages saying "Host Process for Windows Services has stopped working"(seems to be the main problem in Event Viewer), so I deleted Qmgr.dat files because I heard that might help, but I can't check for updates in Windows Update because I'm in Safe Mode.
BSOD used to come only once in while and not right after logging in. Now It comes up every time right after the desktop starts loading.
These are the parameters:
STOP 0x0000008E (0xC0000005, 0x8262BF71,0xBOC8091C,0x00000000)

I've tried a couple of troubleshooting things:
-I dont think there is the option to disable BIOS memory options on my system
-the Windows Memory Diagnostic Tool found no errors
-Startup Repair Diagnosis found that the ACL's on system32 files are not proper
-SytemFileChecker found no corrupt files but 'duplicate ownership for directory was ignored' for some entries
-Problem Reports and Solutions said there's a USB Driver problem so i disabled the 'USB selective suspend setting'.
-AVG reported an 'Internal software conflict' of
taskmgr.exe
egedit.exe
md.exe
mplayer.exe
winamp.exe
vlc.exe
mpc.exe
msmsgs.exe
msn.exe
- I also tried deleting AVG and installing Avast but I'm not sure AVG uninstalled completely.
-----------------------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:48:40 AM, on 11/28/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Shilpa\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [Mfinokekegasu] rundll32.exe "C:\Windows\system32\config\systemprofile\AppData\Local\edefucip.dll",Startup
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Privacy Protection] C:\ProgramData\privacy.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O4 - HKLM\..\Policies\Explorer\Run: [hacrib] rundll32 "C:\Windows\system32\KBDINTELO.dll",Scrqcwjwatb
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Oricuwiqino] rundll32.exe "C:\Windows\system32\config\systemprofile\AppData\Local\kbnsep.dll",Startup (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Oricuwiqino] rundll32.exe "C:\Windows\system32\config\systemprofile\AppData\Local\kbnsep.dll",Startup (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (file missing)
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVGIDSAgent - Unknown owner - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (file missing)
O23 - Service: AVG WatchDog (avgwd) - Unknown owner - C:\Program Files\AVG\AVG10\avgwdsvc.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: pinger - Unknown owner - C:\TOSHIBA\IVP\ISM\pinger.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 11219 bytes
-------------------------------------------------------------------------------------------------------

.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_17
Run by Shilpa at 7:54:17 on 2011-11-28
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1013.543 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\notepad.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
BHO: HP Print Clips: {053f9267-dc04-4294-a72c-58f732d338c0} - c:\program files\hp\smart web printing\hpswp_framework.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {089fd14d-132b-48fc-8861-0048ae113215} - c:\program files\siteadvisor\6066\SiteAdv.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor: {0bf43445-2f28-4351-9252-17fe6e806aa0} - c:\program files\siteadvisor\6066\SiteAdv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe
uRun: [Aim6]
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Privacy Protection] c:\programdata\privacy.exe
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\NPSWF32_FlashUtil.exe -p
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [HWSetup] c:\program files\toshiba\utilities\HWSetup.exe hwSetUP
mRun: [SVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTIL
mRun: [KeNotify] c:\program files\toshiba\utilities\KeNotify.exe
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [SiteAdvisor] c:\program files\siteadvisor\6066\SiteAdv.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [PMBVolumeWatcher] c:\program files\sony\pmb\PMBVolumeWatcher.exe
mRun: [Mfinokekegasu] rundll32.exe "c:\windows\system32\config\systemprofile\appdata\local\edefucip.dll",Startup
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
dRun: [Oricuwiqino] rundll32.exe "c:\windows\system32\config\systemprofile\appdata\local\kbnsep.dll",Startup
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
dRun: [mllsic70nb.exe] "c:\windows\system32\config\systemprofile\appdata\roaming\ac8c4a9878e8a4dae965da17c1c6bd8f\mllsic70nb.exe"
mExplorerRun: [hacrib] rundll32 "c:\windows\system32\KBDINTELO.dll",Scrqcwjwatb
StartupFolder: c:\users\shilpa\appdata\roaming\micros~1\windows\startm~1\programs\startup\limewi~1.lnk - c:\program files\limewire\LimeWire.exe
StartupFolder: c:\users\shilpa\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
dPolicies-explorer: HideSCAHealth = 1 (0x1)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{10E6AA1D-EFD4-4AB0-9149-D7E0F4D10111} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{1BEA4248-FC11-4CF9-A154-DA4CD291A7A4} : DhcpNameServer = 192.168.1.1
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - c:\program files\siteadvisor\6066\SiteAdv.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\shilpa\appdata\roaming\mozilla\firefox\profiles\lpcuhxsd.default\
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\shilpa\appdata\roaming\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\users\shilpa\appdata\roaming\move networks\plugins\npqmp071701000002.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: XULRunner: {FBB253E6-C8A2-4BC4-B22E-574A57CE5F89} - c:\windows\system32\config\systemprofile\appdata\local\{FBB253E6-C8A2-4BC4-B22E-574A57CE5F89}
FF - Ext: Move Media Player: [email protected] - c:\users\shilpa\appdata\roaming\Move Networks
.
============= SERVICES / DRIVERS ===============
.
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-8-24 441176]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-8-24 309848]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-8-24 19544]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-8-24 54104]
S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-8-24 42184]
S2 AVGIDSAgent;AVGIDSAgent;"c:\program files\avg\avg10\identity protection\agent\bin\avgidsagent.exe" --> c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [?]
S2 avgwd;AVG WatchDog;"c:\program files\avg\avg10\avgwdsvc.exe" --> c:\program files\avg\avg10\avgwdsvc.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-6-12 135664]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2011-3-15 428384]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-10-29 24652]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-9-15 54632]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-5-22 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-6-12 135664]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-11-25 23:26:23 817152 ----a-w- c:\programdata\privacy.exe
.
==================== Find3M ====================
.
2011-10-04 16:29:11 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-11 18:52:23 701952 ----a-w- c:\windows\system32\.dll
2011-08-14 03:44:05 70144 --sha-r- c:\windows\system32\iasrad3.dll
2011-08-14 03:44:05 70144 --sha-r- c:\windows\system32\KBDINTELO.dll
.
============= FINISH: 7:56:01.53 ===============
--------------------------------------------------------------------------------------------------------------

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-11-28 12:21:16
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_MK1237GSX rev.DL130M
Running: bu39lb6j.exe; Driver: C:\Users\Shilpa\AppData\Local\Temp\pwliqpob.sys


---- Kernel code sections - GMER 1.0.15 ----

? C:\Users\Shilpa\AppData\Local\Temp\mbr.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\firefox.exe[360] ntdll.dll!LdrLoadDll 77629390 5 Bytes JMP 002E131F C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[1692] USER32.dll!TrackPopupMenu 777E14F3 5 Bytes JMP 6FF16996 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp aswRdr.SYS (avast! TDI RDR Driver/AVAST Software)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control\[email protected] 684
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory [email protected] \??\C:\pagefile.sys?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\[email protected] 1222
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\[email protected] 328061199
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\[email protected] 234
Reg HKLM\SYSTEM\CurrentControlSet\Control\Terminal [email protected] f6b638dc-8d35-4b2e-a15c-82eeb40
Reg HKLM\SYSTEM\CurrentControlSet\Control\[email protected] 240
Reg HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\[email protected] 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\Ecache\[email protected] 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\Ecache\Pa[email protected] 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\[email protected] 3112
Reg HKLM\SYSTEM\CurrentControlSet\Services\SynTP\[email protected] 663
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1BEA4248-FC11-4CF9-A154-DA4CD291A7A4}@DhcpIPAddress 192.168.1.4
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1BEA4248-FC11-4CF9-A154-DA4CD291A7A4}@LeaseObtainedTime 1314241976
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1BEA4248-FC11-4CF9-A154-DA4CD291A7A4}@T1 1314285176
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1BEA4248-FC11-4CF9-A154-DA4CD291A7A4}@T2 1314317576
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1BEA4248-FC11-4CF9-A154-DA4CD291A7A4}@LeaseTerminatesTime 1314328376
Reg HKLM\SYSTEM\CurrentControlSet\Services\Winmgmt\[email protected] 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\[email protected] Counter 5566
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\[email protected] Help 5567
Reg HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpl\[email protected] List 5372 5378 5390 5400 5410 5430 5474 5484 5522 5528 5544 5552
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedUserData\[email protected] gfedcba
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected] Counter 5566
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected] Help 5567
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\[email protected] 0
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\[email protected] 0
Reg HKLM\SOFTWARE\Classes\CLSID\{3F4DACA4-160D-11D2-A8E9-00104B365C9F}\[email protected]
Reg HKLM\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\Implemented Categories\{F0B7A1A1-9847-11CF-8F20-00805F2CD064}@
Reg HKLM\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\Implemented Categories\{F0B7A1A2-9847-11CF-8F20-00805F2CD064}@
Reg HKLM\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\[email protected] C:\Program Files\AVAST Software\Avast\AhAScr.dll
Reg HKLM\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\[email protected] Engine C:\Windows\system32\VBScript.dll
Reg HKLM\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\[email protected]
Reg HKLM\SOFTWARE\Classes\CLSID\{B54F3742-5B07-11cf-A4B0-00AA004A55E8}\Implemented Categories\{0AEE2A92-BCBB-11D0-8C72-00C04FC2B085}@
Reg HKLM\SOFTWARE\Classes\CLSID\{B54F3742-5B07-11cf-A4B0-00AA004A55E8}\[email protected]
Reg HKLM\SOFTWARE\Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8}\Implemented Categories\{F0B7A1A1-9847-11CF-8F20-00805F2CD064}@
Reg HKLM\SOFTWARE\Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8}\Implemented Categories\{F0B7A1A2-9847-11CF-8F20-00805F2CD064}@
Reg HKLM\SOFTWARE\Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8}\Implemented Categories\{F0B7A1A3-9847-11CF-8F20-00805F2CD064}@
Reg HKLM\SOFTWARE\Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8}\[email protected] C:\Program Files\AVAST Software\Avast\AhAScr.dll
Reg HKLM\SOFTWARE\Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8}\[email protected]
Reg HKLM\SOFTWARE\Classes\VBS\[email protected]
Reg HKLM\SOFTWARE\Classes\VBS Author\[email protected]
Reg HKLM\SOFTWARE\Classes\VBScript\[email protected]
Reg HKLM\SOFTWARE\Classes\VBScript Author\[email protected]
Reg HKLM\SOFTWARE\Classes\VBScript.Encode\[email protected]
Reg HKLM\SOFTWARE\Classes\VBScript.RegExp\[email protected]

---- EOF - GMER 1.0.15 ----
 

Attachments

Joined
Aug 9, 2011
Messages
808
Hy there and sorry for the delay.
If you still need help,

Please launch DDS
  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt
  • Save both reports to your desktop and post both in your next reply
 

confused89

Thread Starter
Joined
Oct 4, 2011
Messages
19
Hi,
thanks for the reply!
I still need help, but I already posted the DDS and attach file. Do I need to re-do it?
 

confused89

Thread Starter
Joined
Oct 4, 2011
Messages
19
Ok, here are the new versions :) Thanks for your help!

.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_17
Run by Shilpa at 19:33:58 on 2011-12-13
Microsoft® Windows Vista&#8482; Home Premium 6.0.6002.2.1252.1.1033.18.1013.507 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
BHO: HP Print Clips: {053f9267-dc04-4294-a72c-58f732d338c0} - c:\program files\hp\smart web printing\hpswp_framework.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {089fd14d-132b-48fc-8861-0048ae113215} - c:\program files\siteadvisor\6066\SiteAdv.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor: {0bf43445-2f28-4351-9252-17fe6e806aa0} - c:\program files\siteadvisor\6066\SiteAdv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe
uRun: [Aim6]
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Privacy Protection] c:\programdata\privacy.exe
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\NPSWF32_FlashUtil.exe -p
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [HWSetup] c:\program files\toshiba\utilities\HWSetup.exe hwSetUP
mRun: [SVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTIL
mRun: [KeNotify] c:\program files\toshiba\utilities\KeNotify.exe
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [SiteAdvisor] c:\program files\siteadvisor\6066\SiteAdv.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [PMBVolumeWatcher] c:\program files\sony\pmb\PMBVolumeWatcher.exe
mRun: [Mfinokekegasu] rundll32.exe "c:\windows\system32\config\systemprofile\appdata\local\edefucip.dll",Startup
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
dRun: [Oricuwiqino] rundll32.exe "c:\windows\system32\config\systemprofile\appdata\local\kbnsep.dll",Startup
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
dRun: [mllsic70nb.exe] "c:\windows\system32\config\systemprofile\appdata\roaming\ac8c4a9878e8a4dae965da17c1c6bd8f\mllsic70nb.exe"
mExplorerRun: [hacrib] rundll32 "c:\windows\system32\KBDINTELO.dll",Scrqcwjwatb
StartupFolder: c:\users\shilpa\appdata\roaming\micros~1\windows\startm~1\programs\startup\limewi~1.lnk - c:\program files\limewire\LimeWire.exe
StartupFolder: c:\users\shilpa\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
dPolicies-explorer: HideSCAHealth = 1 (0x1)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{10E6AA1D-EFD4-4AB0-9149-D7E0F4D10111} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{1BEA4248-FC11-4CF9-A154-DA4CD291A7A4} : DhcpNameServer = 192.168.1.1
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - c:\program files\siteadvisor\6066\SiteAdv.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\shilpa\appdata\roaming\mozilla\firefox\profiles\lpcuhxsd.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\shilpa\appdata\roaming\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\users\shilpa\appdata\roaming\move networks\plugins\npqmp071701000002.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: XULRunner: {FBB253E6-C8A2-4BC4-B22E-574A57CE5F89} - c:\windows\system32\config\systemprofile\appdata\local\{FBB253E6-C8A2-4BC4-B22E-574A57CE5F89}
FF - Ext: Move Media Player: [email protected] - c:\users\shilpa\appdata\roaming\Move Networks
.
============= SERVICES / DRIVERS ===============
.
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-8-24 441176]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-8-24 309848]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-8-24 19544]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-8-24 54104]
S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-8-24 42184]
S2 AVGIDSAgent;AVGIDSAgent;"c:\program files\avg\avg10\identity protection\agent\bin\avgidsagent.exe" --> c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [?]
S2 avgwd;AVG WatchDog;"c:\program files\avg\avg10\avgwdsvc.exe" --> c:\program files\avg\avg10\avgwdsvc.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-6-12 135664]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2011-3-15 428384]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-10-29 24652]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-9-15 54632]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-5-22 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-6-12 135664]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-12-07 11:11:30 -------- d-----w- c:\users\shilpa\appdata\roaming\SiteAdvisor
2011-11-25 23:26:23 817152 ----a-w- c:\programdata\privacy.exe
.
==================== Find3M ====================
.
2011-10-04 16:29:11 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-14 03:44:05 70144 --sha-r- c:\windows\system32\iasrad3.dll
2011-08-14 03:44:05 70144 --sha-r- c:\windows\system32\KBDINTELO.dll
.
============= FINISH: 19:35:46.54 ===============
--------------------------------------------------------------------------------

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista&#8482; Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 6/24/2007 10:30:19 AM
System Uptime: 12/13/2011 3:54:23 PM (4 hours ago)
.
Motherboard: TOSHIBA | | IAKAA
Processor: Genuine Intel(R) CPU T2080 @ 1.73GHz | U2E1 | 1729/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 110 GiB total, 71.74 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 1 GiB total, 1.316 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Activation Assistant for the 2007 Microsoft Office suites
Adobe Reader 8.1.0
Adobe Shockwave Player
AIM 6
AIO_Scan
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Driver Installation Program
avast! Free Antivirus
AVG 2011
Bejeweled 2 Deluxe
Blackhawk Striker 2
Blasterball 3
Bluetooth Stack for Windows by Toshiba
Bonjour
BufferChm
C4200
C4200_doccd
c4200_Help
CCleaner
CD/DVD Drive Acoustic Silencer
Copy
CustomerResearchQFolder
Desktop Dialer
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DivX Plus Web Player
DocProc
DocProcQFolder
DVD MovieFactory for TOSHIBA
eSupportQFolder
FATE
Google Desktop
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 9.0
HP Imaging Device Functions 9.0
HP OCR Software 9.0
HP Photosmart All-In-One Software 9.0
HP Photosmart Essential 2.01
HP Photosmart Essential2.01
HP Smart Web Printing
HP Solution Center 9.0
HP Update
HPProductAssistant
Intel(R) Graphics Media Accelerator Driver
Internet Offers
iTunes
Java(TM) 6 Update 17
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Junk Mail filter update
LimeWire 5.3.6
Logger Pro 3.5.0
MarketResearch
McAfee SecurityCenter
Media Player Codec Pack 1.1.0
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Microsoft XML Parser
Move Media Player
Mozilla Firefox (3.6.20)
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
OGA Notifier 2.0.0048.0
oggcodecs 0.71.0946
OpenOffice.org Installer 1.0
Performance Maximizer Incrediads.
Picasa 3
PMB
PS_AIO_ProductContext
PS_AIO_Software
PS_AIO_Software_min
PSSWCORE
QuickTime
RealPlayer
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
Realtek High Definition Audio Driver
Rhapsody Player Engine
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SolutionCenter
Status
Street-Ads Browser Enhancer
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
Toolbox
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Flash Cards Support Utility
TOSHIBA Game Console
TOSHIBA Hardware Setup
TOSHIBA Media Center Game Console
TOSHIBA Music
Toshiba Registration
TOSHIBA SD Memory Utilities
TOSHIBA Software Modem
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TrayApp
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Utility Common Driver
VC80CRTRedist - 8.0.50727.4053
VideoToolkit01
Viewpoint Media Player
WebReg
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
WinDVD for TOSHIBA
WinZip 15.5
.
==== End Of File ===========================
 
Joined
Aug 9, 2011
Messages
808
You are welcome.


Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.exe and save it to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

Please post the contents of that log in your next reply.



Please post in your next reply
TDSSKiller Log
 

confused89

Thread Starter
Joined
Oct 4, 2011
Messages
19
Hey,
there were no threats found. here's the log:

06:37:34.0332 1964 TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31
06:37:34.0579 1964 ============================================================
06:37:34.0580 1964 Current date / time: 2011/12/14 06:37:34.0579
06:37:34.0580 1964 SystemInfo:
06:37:34.0580 1964
06:37:34.0580 1964 OS Version: 6.0.6002 ServicePack: 2.0
06:37:34.0580 1964 Product type: Workstation
06:37:34.0580 1964 ComputerName: SHILPA-PC
06:37:34.0580 1964 UserName: Shilpa
06:37:34.0580 1964 Windows directory: C:\Windows
06:37:34.0580 1964 System windows directory: C:\Windows
06:37:34.0580 1964 Processor architecture: Intel x86
06:37:34.0580 1964 Number of processors: 2
06:37:34.0580 1964 Page size: 0x1000
06:37:34.0580 1964 Boot type: Safe boot with network
06:37:34.0580 1964 ============================================================
06:37:34.0895 1964 Initialize success
06:38:29.0302 1464 ============================================================
06:38:29.0302 1464 Scan started
06:38:29.0302 1464 Mode: Manual;
06:38:29.0302 1464 ============================================================
06:38:29.0737 1464 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
06:38:29.0742 1464 ACPI - ok
06:38:29.0808 1464 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
06:38:29.0817 1464 adp94xx - ok
06:38:29.0865 1464 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
06:38:29.0872 1464 adpahci - ok
06:38:29.0974 1464 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
06:38:29.0977 1464 adpu160m - ok
06:38:30.0011 1464 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
06:38:30.0019 1464 adpu320 - ok
06:38:30.0102 1464 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
06:38:30.0108 1464 AFD - ok
06:38:30.0281 1464 AgereSoftModem (4e6294a06be883c9bd685a8dfd9fcd4e) C:\Windows\system32\DRIVERS\AGRSM.sys
06:38:30.0304 1464 AgereSoftModem - ok
06:38:30.0378 1464 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
06:38:30.0381 1464 agp440 - ok
06:38:30.0482 1464 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
06:38:30.0484 1464 aic78xx - ok
06:38:30.0533 1464 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
06:38:30.0534 1464 aliide - ok
06:38:30.0589 1464 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
06:38:30.0591 1464 amdagp - ok
06:38:30.0615 1464 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
06:38:30.0616 1464 amdide - ok
06:38:30.0700 1464 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
06:38:30.0702 1464 AmdK7 - ok
06:38:30.0735 1464 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
06:38:30.0736 1464 AmdK8 - ok
06:38:30.0828 1464 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
06:38:30.0830 1464 arc - ok
06:38:30.0874 1464 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
06:38:30.0880 1464 arcsas - ok
06:38:31.0009 1464 aswFsBlk (861cb512e4e850e87dd2316f88d69330) C:\Windows\system32\drivers\aswFsBlk.sys
06:38:31.0010 1464 aswFsBlk - ok
06:38:31.0087 1464 aswMonFlt (ff83c93aeee8b0cf4b464ca667a67acd) C:\Windows\system32\drivers\aswMonFlt.sys
06:38:31.0089 1464 aswMonFlt - ok
06:38:31.0142 1464 aswRdr (8db043bf96bb6d334e5b4888e709e1c7) C:\Windows\system32\drivers\aswRdr.sys
06:38:31.0142 1464 aswRdr - ok
06:38:31.0205 1464 aswSnx (17230708a2028cd995656df455f2e303) C:\Windows\system32\drivers\aswSnx.sys
06:38:31.0215 1464 aswSnx - ok
06:38:31.0334 1464 aswSP (dbedd9d43b00630966ef05d2d8d04cee) C:\Windows\system32\drivers\aswSP.sys
06:38:31.0341 1464 aswSP - ok
06:38:31.0431 1464 aswTdi (984cfce2168286c2511695c2f9621475) C:\Windows\system32\drivers\aswTdi.sys
06:38:31.0432 1464 aswTdi - ok
06:38:31.0487 1464 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
06:38:31.0489 1464 AsyncMac - ok
06:38:31.0589 1464 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
06:38:31.0589 1464 atapi - ok
06:38:31.0670 1464 athr (0c8dfa21b1d9d2ef14b692104ae68a69) C:\Windows\system32\DRIVERS\athr.sys
06:38:31.0684 1464 athr - ok
06:38:31.0821 1464 AVGIDSDriver - ok
06:38:31.0839 1464 AVGIDSEH - ok
06:38:31.0857 1464 AVGIDSFilter - ok
06:38:31.0883 1464 AVGIDSShim - ok
06:38:31.0901 1464 Avgldx86 - ok
06:38:31.0919 1464 Avgmfx86 - ok
06:38:31.0937 1464 Avgrkx86 - ok
06:38:31.0964 1464 Avgtdix - ok
06:38:32.0019 1464 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
06:38:32.0020 1464 Beep - ok
06:38:32.0056 1464 blbdrive - ok
06:38:32.0220 1464 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
06:38:32.0222 1464 bowser - ok
06:38:32.0278 1464 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
06:38:32.0279 1464 BrFiltLo - ok
06:38:32.0306 1464 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
06:38:32.0307 1464 BrFiltUp - ok
06:38:32.0362 1464 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
06:38:32.0364 1464 Brserid - ok
06:38:32.0455 1464 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
06:38:32.0458 1464 BrSerWdm - ok
06:38:32.0495 1464 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
06:38:32.0497 1464 BrUsbMdm - ok
06:38:32.0522 1464 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
06:38:32.0525 1464 BrUsbSer - ok
06:38:32.0554 1464 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
06:38:32.0555 1464 BTHMODEM - ok
06:38:32.0691 1464 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
06:38:32.0694 1464 cdfs - ok
06:38:32.0754 1464 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
06:38:32.0756 1464 cdrom - ok
06:38:32.0806 1464 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
06:38:32.0808 1464 circlass - ok
06:38:32.0860 1464 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
06:38:32.0883 1464 CLFS - ok
06:38:33.0015 1464 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
06:38:33.0016 1464 CmBatt - ok
06:38:33.0057 1464 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
06:38:33.0058 1464 cmdide - ok
06:38:33.0096 1464 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
06:38:33.0097 1464 Compbatt - ok
06:38:33.0117 1464 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
06:38:33.0119 1464 crcdisk - ok
06:38:33.0153 1464 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
06:38:33.0155 1464 Crusoe - ok
06:38:33.0317 1464 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
06:38:33.0319 1464 DfsC - ok
06:38:33.0518 1464 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
06:38:33.0520 1464 disk - ok
06:38:33.0584 1464 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
06:38:33.0588 1464 Dot4 - ok
06:38:33.0639 1464 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
06:38:33.0640 1464 Dot4Print - ok
06:38:33.0750 1464 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
06:38:33.0752 1464 dot4usb - ok
06:38:33.0794 1464 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
06:38:33.0795 1464 drmkaud - ok
06:38:33.0856 1464 DXGKrnl (fb85f7f69e9b109820409243f578cc4d) C:\Windows\System32\drivers\dxgkrnl.sys
06:38:33.0869 1464 DXGKrnl - ok
06:38:34.0010 1464 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
06:38:34.0014 1464 E1G60 - ok
06:38:34.0086 1464 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
06:38:34.0090 1464 Ecache - ok
06:38:34.0253 1464 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
06:38:34.0261 1464 elxstor - ok
06:38:34.0348 1464 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
06:38:34.0352 1464 exfat - ok
06:38:34.0531 1464 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
06:38:34.0568 1464 fastfat - ok
06:38:34.0659 1464 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
06:38:34.0660 1464 fdc - ok
06:38:34.0721 1464 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
06:38:34.0723 1464 FileInfo - ok
06:38:34.0842 1464 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
06:38:34.0844 1464 Filetrace - ok
06:38:34.0879 1464 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
06:38:34.0881 1464 flpydisk - ok
06:38:34.0945 1464 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
06:38:34.0949 1464 FltMgr - ok
06:38:35.0089 1464 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys
06:38:35.0091 1464 fssfltr - ok
06:38:35.0135 1464 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
06:38:35.0136 1464 Fs_Rec - ok
06:38:35.0177 1464 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
06:38:35.0179 1464 gagp30kx - ok
06:38:35.0229 1464 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
06:38:35.0230 1464 GEARAspiWDM - ok
06:38:35.0398 1464 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
06:38:35.0404 1464 HdAudAddService - ok
06:38:35.0478 1464 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
06:38:35.0490 1464 HDAudBus - ok
06:38:35.0515 1464 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
06:38:35.0517 1464 HidBth - ok
06:38:35.0565 1464 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
06:38:35.0567 1464 HidIr - ok
06:38:35.0674 1464 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
06:38:35.0677 1464 HidUsb - ok
06:38:35.0718 1464 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
06:38:35.0720 1464 HpCISSs - ok
06:38:35.0835 1464 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
06:38:35.0844 1464 HTTP - ok
06:38:35.0954 1464 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
06:38:35.0956 1464 i2omp - ok
06:38:36.0008 1464 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
06:38:36.0009 1464 i8042prt - ok
06:38:36.0121 1464 ialm (14f477463246e35f1dc932be6225598c) C:\Windows\system32\DRIVERS\igdkmd32.sys
06:38:36.0152 1464 ialm - ok
06:38:36.0260 1464 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
06:38:36.0266 1464 iaStorV - ok
06:38:36.0409 1464 igfx (14f477463246e35f1dc932be6225598c) C:\Windows\system32\DRIVERS\igdkmd32.sys
06:38:36.0420 1464 igfx - ok
06:38:36.0523 1464 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
06:38:36.0526 1464 iirsp - ok
06:38:36.0668 1464 IntcAzAudAddService (a47b2875680ad67b35c6150bd0203056) C:\Windows\system32\drivers\RTKVHDA.sys
06:38:36.0701 1464 IntcAzAudAddService - ok
06:38:36.0790 1464 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
06:38:36.0791 1464 intelide - ok
06:38:36.0857 1464 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
06:38:36.0859 1464 intelppm - ok
06:38:36.0904 1464 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:38:36.0906 1464 IpFilterDriver - ok
06:38:36.0939 1464 IpInIp - ok
06:38:36.0992 1464 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
06:38:36.0995 1464 IPMIDRV - ok
06:38:37.0070 1464 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
06:38:37.0073 1464 IPNAT - ok
06:38:37.0133 1464 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
06:38:37.0135 1464 IRENUM - ok
06:38:37.0161 1464 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
06:38:37.0163 1464 isapnp - ok
06:38:37.0224 1464 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
06:38:37.0226 1464 iScsiPrt - ok
06:38:37.0310 1464 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
06:38:37.0312 1464 iteatapi - ok
06:38:37.0369 1464 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
06:38:37.0371 1464 iteraid - ok
06:38:37.0415 1464 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
06:38:37.0416 1464 kbdclass - ok
06:38:37.0461 1464 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
06:38:37.0463 1464 kbdhid - ok
06:38:37.0497 1464 KR10I (823a7d1bfc7d53c57a39d12128c790bf) C:\Windows\system32\drivers\kr10i.sys
06:38:37.0502 1464 KR10I - ok
06:38:37.0582 1464 KR10N (7cf60c802131c27e03ed985cd2f67837) C:\Windows\system32\drivers\kr10n.sys
06:38:37.0588 1464 KR10N - ok
06:38:37.0652 1464 KR3NPXP (485e005cd51ff502fb16483eb4b69c17) C:\Windows\system32\drivers\kr3npxp.sys
06:38:37.0663 1464 KR3NPXP - ok
06:38:37.0746 1464 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
06:38:37.0757 1464 KSecDD - ok
06:38:37.0849 1464 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
06:38:37.0851 1464 lltdio - ok
06:38:37.0924 1464 LPCFilter (515fc18cabee0158a324b08b1c2667cf) C:\Windows\system32\DRIVERS\LPCFilter.sys
06:38:37.0926 1464 LPCFilter - ok
06:38:38.0001 1464 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
06:38:38.0003 1464 LSI_FC - ok
06:38:38.0027 1464 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
06:38:38.0029 1464 LSI_SAS - ok
06:38:38.0097 1464 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
06:38:38.0100 1464 LSI_SCSI - ok
06:38:38.0165 1464 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
06:38:38.0168 1464 luafv - ok
06:38:38.0257 1464 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
06:38:38.0259 1464 megasas - ok
06:38:38.0335 1464 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
06:38:38.0336 1464 Modem - ok
06:38:38.0407 1464 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
06:38:38.0409 1464 monitor - ok
06:38:38.0447 1464 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
06:38:38.0448 1464 mouclass - ok
06:38:38.0489 1464 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
06:38:38.0491 1464 mouhid - ok
06:38:38.0572 1464 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
06:38:38.0576 1464 MountMgr - ok
06:38:38.0657 1464 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
06:38:38.0659 1464 mpio - ok
06:38:38.0722 1464 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
06:38:38.0723 1464 mpsdrv - ok
06:38:38.0772 1464 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
06:38:38.0774 1464 Mraid35x - ok
06:38:38.0823 1464 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
06:38:38.0826 1464 MRxDAV - ok
06:38:38.0909 1464 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
06:38:38.0912 1464 mrxsmb - ok
06:38:38.0979 1464 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:38:38.0985 1464 mrxsmb10 - ok
06:38:39.0011 1464 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:38:39.0013 1464 mrxsmb20 - ok
06:38:39.0067 1464 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
06:38:39.0068 1464 msahci - ok
06:38:39.0145 1464 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
06:38:39.0147 1464 msdsm - ok
06:38:39.0219 1464 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
06:38:39.0220 1464 Msfs - ok
06:38:39.0258 1464 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
06:38:39.0259 1464 msisadrv - ok
06:38:39.0312 1464 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
06:38:39.0314 1464 MSKSSRV - ok
06:38:39.0398 1464 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
06:38:39.0399 1464 MSPCLOCK - ok
06:38:39.0457 1464 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
06:38:39.0458 1464 MSPQM - ok
06:38:39.0639 1464 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
06:38:39.0643 1464 MsRPC - ok
06:38:39.0708 1464 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
06:38:39.0709 1464 mssmbios - ok
06:38:39.0761 1464 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
06:38:39.0762 1464 MSTEE - ok
06:38:39.0797 1464 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
06:38:39.0799 1464 Mup - ok
06:38:39.0881 1464 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
06:38:39.0885 1464 NativeWifiP - ok
06:38:39.0974 1464 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
06:38:39.0984 1464 NDIS - ok
06:38:40.0043 1464 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
06:38:40.0045 1464 NdisTapi - ok
06:38:40.0094 1464 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
06:38:40.0095 1464 Ndisuio - ok
06:38:40.0172 1464 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
06:38:40.0175 1464 NdisWan - ok
06:38:40.0240 1464 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
06:38:40.0242 1464 NDProxy - ok
06:38:40.0292 1464 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
06:38:40.0293 1464 NetBIOS - ok
06:38:40.0361 1464 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
06:38:40.0365 1464 netbt - ok
06:38:40.0434 1464 netr28u - ok
06:38:40.0550 1464 NETw3v32 (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys
06:38:40.0587 1464 NETw3v32 - ok
06:38:40.0675 1464 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
06:38:40.0677 1464 nfrd960 - ok
06:38:40.0741 1464 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
06:38:40.0743 1464 Npfs - ok
06:38:40.0783 1464 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
06:38:40.0785 1464 nsiproxy - ok
06:38:40.0862 1464 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
06:38:40.0885 1464 Ntfs - ok
06:38:40.0977 1464 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
06:38:40.0979 1464 ntrigdigi - ok
06:38:41.0019 1464 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
06:38:41.0019 1464 Null - ok
06:38:41.0049 1464 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
06:38:41.0053 1464 nvraid - ok
06:38:41.0079 1464 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
06:38:41.0081 1464 nvstor - ok
06:38:41.0115 1464 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
06:38:41.0121 1464 nv_agp - ok
06:38:41.0194 1464 NwlnkFlt - ok
06:38:41.0230 1464 NwlnkFwd - ok
06:38:41.0300 1464 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
06:38:41.0301 1464 ohci1394 - ok
06:38:41.0380 1464 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
06:38:41.0382 1464 Parport - ok
06:38:41.0429 1464 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
06:38:41.0432 1464 partmgr - ok
06:38:41.0524 1464 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
06:38:41.0525 1464 Parvdm - ok
06:38:41.0600 1464 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
06:38:41.0604 1464 pci - ok
06:38:41.0645 1464 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
06:38:41.0646 1464 pciide - ok
06:38:41.0696 1464 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys
06:38:41.0701 1464 pcmcia - ok
06:38:41.0826 1464 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
06:38:41.0853 1464 PEAUTH - ok
06:38:42.0049 1464 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
06:38:42.0052 1464 PptpMiniport - ok
06:38:42.0087 1464 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
06:38:42.0089 1464 Processor - ok
06:38:42.0189 1464 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
06:38:42.0191 1464 PSched - ok
06:38:42.0275 1464 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
06:38:42.0294 1464 ql2300 - ok
06:38:42.0409 1464 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
06:38:42.0412 1464 ql40xx - ok
06:38:42.0449 1464 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
06:38:42.0451 1464 QWAVEdrv - ok
06:38:42.0480 1464 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
06:38:42.0481 1464 RasAcd - ok
06:38:42.0527 1464 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
06:38:42.0530 1464 Rasl2tp - ok
06:38:42.0661 1464 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
06:38:42.0662 1464 RasPppoe - ok
06:38:42.0715 1464 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
06:38:42.0717 1464 RasSstp - ok
06:38:42.0774 1464 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
06:38:42.0780 1464 rdbss - ok
06:38:42.0820 1464 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
06:38:42.0821 1464 RDPCDD - ok
06:38:42.0956 1464 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
06:38:42.0962 1464 rdpdr - ok
06:38:42.0992 1464 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
06:38:42.0993 1464 RDPENCDD - ok
06:38:43.0047 1464 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
06:38:43.0052 1464 RDPWD - ok
06:38:43.0197 1464 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
06:38:43.0199 1464 rspndr - ok
06:38:43.0235 1464 RTL8169 (455f7f7974211ea11b81f0f4e528e258) C:\Windows\system32\DRIVERS\Rtlh86.sys
06:38:43.0237 1464 RTL8169 - ok
06:38:43.0281 1464 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
06:38:43.0284 1464 sbp2port - ok
06:38:43.0381 1464 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
06:38:43.0384 1464 sdbus - ok
06:38:43.0479 1464 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
06:38:43.0480 1464 secdrv - ok
06:38:43.0521 1464 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
06:38:43.0537 1464 Serenum - ok
06:38:43.0571 1464 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
06:38:43.0574 1464 Serial - ok
06:38:43.0637 1464 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
06:38:43.0639 1464 sermouse - ok
06:38:43.0753 1464 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
06:38:43.0755 1464 sffdisk - ok
06:38:43.0776 1464 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
06:38:43.0793 1464 sffp_mmc - ok
06:38:43.0824 1464 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
06:38:43.0825 1464 sffp_sd - ok
06:38:43.0853 1464 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
06:38:43.0854 1464 sfloppy - ok
06:38:43.0941 1464 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
06:38:43.0943 1464 sisagp - ok
06:38:44.0029 1464 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
06:38:44.0031 1464 SiSRaid2 - ok
06:38:44.0105 1464 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
06:38:44.0136 1464 SiSRaid4 - ok
06:38:44.0260 1464 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
06:38:44.0262 1464 Smb - ok
06:38:44.0309 1464 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
06:38:44.0311 1464 spldr - ok
06:38:44.0388 1464 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
06:38:44.0395 1464 srv - ok
06:38:44.0481 1464 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
06:38:44.0485 1464 srv2 - ok
06:38:44.0513 1464 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
06:38:44.0516 1464 srvnet - ok
06:38:44.0587 1464 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
06:38:44.0588 1464 swenum - ok
06:38:44.0644 1464 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
06:38:44.0646 1464 Symc8xx - ok
06:38:44.0693 1464 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
06:38:44.0695 1464 Sym_hi - ok
06:38:44.0774 1464 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
06:38:44.0776 1464 Sym_u3 - ok
06:38:44.0833 1464 SynTP (2d2c815364a878c7e358d5f549711197) C:\Windows\system32\DRIVERS\SynTP.sys
06:38:44.0835 1464 SynTP - ok
06:38:44.0951 1464 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
06:38:44.0970 1464 Tcpip - ok
06:38:45.0068 1464 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
06:38:45.0075 1464 Tcpip6 - ok
06:38:45.0107 1464 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
06:38:45.0109 1464 tcpipreg - ok
06:38:45.0159 1464 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
06:38:45.0160 1464 tdcmdpst - ok
06:38:45.0192 1464 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
06:38:45.0194 1464 TDPIPE - ok
06:38:45.0231 1464 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
06:38:45.0232 1464 TDTCP - ok
06:38:45.0331 1464 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
06:38:45.0333 1464 tdx - ok
06:38:45.0399 1464 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
06:38:45.0400 1464 TermDD - ok
06:38:45.0479 1464 tifm21 (f779ba4cd37963ab4600c9871b7752a3) C:\Windows\system32\drivers\tifm21.sys
06:38:45.0484 1464 tifm21 - ok
06:38:45.0628 1464 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\Windows\system32\drivers\Tosrfcom.sys
06:38:45.0631 1464 Tosrfcom - ok
06:38:45.0711 1464 tosrfec (5c4103544612e5011ef46301b93d1aa6) C:\Windows\system32\DRIVERS\tosrfec.sys
06:38:45.0712 1464 tosrfec - ok
06:38:45.0781 1464 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
06:38:45.0783 1464 tssecsrv - ok
06:38:45.0880 1464 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
06:38:45.0881 1464 tunmp - ok
06:38:45.0926 1464 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
06:38:45.0927 1464 tunnel - ok
06:38:45.0983 1464 TVALZ (521c5f39829875adf5466dd94c6282c7) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
06:38:45.0985 1464 TVALZ - ok
06:38:46.0025 1464 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
06:38:46.0027 1464 uagp35 - ok
06:38:46.0142 1464 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
06:38:46.0148 1464 udfs - ok
06:38:46.0236 1464 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
06:38:46.0238 1464 uliagpkx - ok
06:38:46.0278 1464 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
06:38:46.0284 1464 uliahci - ok
06:38:46.0389 1464 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
06:38:46.0393 1464 UlSata - ok
06:38:46.0424 1464 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
06:38:46.0428 1464 ulsata2 - ok
06:38:46.0483 1464 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
06:38:46.0485 1464 umbus - ok
06:38:46.0553 1464 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
06:38:46.0555 1464 usbccgp - ok
06:38:46.0680 1464 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
06:38:46.0683 1464 usbcir - ok
06:38:46.0751 1464 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
06:38:46.0753 1464 usbehci - ok
06:38:46.0809 1464 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
06:38:46.0814 1464 usbhub - ok
06:38:46.0852 1464 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
06:38:46.0854 1464 usbohci - ok
06:38:46.0956 1464 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
06:38:46.0958 1464 usbprint - ok
06:38:47.0032 1464 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
06:38:47.0034 1464 usbscan - ok
06:38:47.0076 1464 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:38:47.0078 1464 USBSTOR - ok
06:38:47.0105 1464 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
06:38:47.0106 1464 usbuhci - ok
06:38:47.0218 1464 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
06:38:47.0219 1464 vga - ok
06:38:47.0265 1464 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
06:38:47.0267 1464 VgaSave - ok
06:38:47.0300 1464 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
06:38:47.0302 1464 viaagp - ok
06:38:47.0334 1464 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
06:38:47.0336 1464 ViaC7 - ok
06:38:47.0366 1464 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
06:38:47.0368 1464 viaide - ok
06:38:47.0466 1464 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
06:38:47.0468 1464 volmgr - ok
06:38:47.0545 1464 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
06:38:47.0552 1464 volmgrx - ok
06:38:47.0595 1464 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
06:38:47.0602 1464 volsnap - ok
06:38:47.0660 1464 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
06:38:47.0663 1464 vsmraid - ok
06:38:47.0775 1464 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
06:38:47.0777 1464 WacomPen - ok
06:38:47.0831 1464 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
06:38:47.0834 1464 Wanarp - ok
06:38:47.0840 1464 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
06:38:47.0841 1464 Wanarpv6 - ok
06:38:47.0886 1464 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
06:38:47.0888 1464 Wd - ok
06:38:47.0953 1464 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
06:38:47.0965 1464 Wdf01000 - ok
06:38:48.0111 1464 WinDriver6 (097a8291df541f9b9af2c500797cdcaa) C:\Windows\system32\drivers\windrvr6.sys
06:38:48.0115 1464 WinDriver6 - ok
06:38:48.0196 1464 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
06:38:48.0198 1464 WmiAcpi - ok
06:38:48.0285 1464 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
06:38:48.0287 1464 WpdUsb - ok
06:38:48.0401 1464 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
06:38:48.0403 1464 ws2ifsl - ok
06:38:48.0502 1464 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
06:38:48.0505 1464 WUDFRd - ok
06:38:48.0546 1464 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
06:38:48.0561 1464 \Device\Harddisk0\DR0 - ok
06:38:48.0566 1464 Boot (0x1200) (2beb6907451d0feae22b225533cae8ab) \Device\Harddisk0\DR0\Partition0
06:38:48.0567 1464 \Device\Harddisk0\DR0\Partition0 - ok
06:38:48.0570 1464 ============================================================
06:38:48.0570 1464 Scan finished
06:38:48.0570 1464 ============================================================
06:38:48.0586 1872 Detected object count: 0
06:38:48.0586 1872 Actual detected object count: 0

---------------------------------------------------------------------------
I'm guessing the malware (or whatever it is) has messed with the clock, because the log and the computer show 6:38 but it's really 12:48. I tried changing the clock two different times, but when I start the computer up again,it just goes back to the wrong time.
 

confused89

Thread Starter
Joined
Oct 4, 2011
Messages
19
One more thing...don't know if this showed up in any of the logs so far, but in the Avast 'Virus Chest' there's 3 items:
Ad-Rotator B(Adw)
Renos-BJI(Trj)
Renos-BJJ(Trj)
 
Joined
Aug 9, 2011
Messages
808
Download ComboFix from one of these locations:

Link 1
Link 2


* IMPORTANT- Save ComboFix.exe to your Desktop

====================================================


Disable your AntiVirus and AntiSpyware applications as they will interfere with our tools and the removal. If you are unsure how to do this, please refer to this topic How to disable your security applications


====================================================


Double click on combofix.exe & follow the prompts.


When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.

*Note - if after running ComboFix you see a message similar to 'registry key marked for deletion..' rebooting the machine will resolve that.



Please post in your next reply
Combofix.txt
 

confused89

Thread Starter
Joined
Oct 4, 2011
Messages
19
-Before running Combofix, a warning message came up that said AVG anti-virus and anti-spyware 2011 were running. I never downloaded the 2011 version though I did have the 2010 version. I uninstalled it from the Control Panel and I used the AVG removal tool, but still that warning message came up. I decided to run Combofix anyway. Hope that was okay.
-After that, and before Stage 1 started, another message came up that said access is denied and that I should perform the action as an Administrator, even though the taskbar shows it as an Administrator Command Prompt. Is this because I'm in safe mode?
-Here's the log:
ComboFix 11-12-13.03 - Shilpa 12/14/2011 14:23:20.1.2 - x86 NETWORK
Microsoft® Windows Vista&#8482; Home Premium 6.0.6002.2.1252.1.1033.18.1013.490 [GMT -5:00]
Running from: c:\users\Shilpa\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.dat
c:\programdata\privacy.exe
c:\programdata\xp
c:\programdata\xp\EBLib.dll
c:\programdata\xp\TPwSav.sys
c:\users\Shilpa\AppData\Local\{F5D20CD2-94FA-43AC-8CD1-1EDE34228586}
c:\users\Shilpa\AppData\Local\{F5D20CD2-94FA-43AC-8CD1-1EDE34228586}\chrome\content\overlay.xul
c:\users\Shilpa\AppData\Local\{F5D20CD2-94FA-43AC-8CD1-1EDE34228586}\install.rdf
c:\windows\$xntuninstall643$
c:\windows\$xntuninstall643$\apUninstall.exe
c:\windows\$xntuninstall643$\bgjhu.dll
c:\windows\$xntuninstall643$\zrpt.xml
c:\windows\system32\.dll
c:\windows\system32\0.7578901702091335.exe
c:\windows\system32\AutoRun.inf
c:\windows\system32\config\systemprofile\AppData\Local\edefucip.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-11-14 to 2011-12-14 )))))))))))))))))))))))))))))))
.
.
2011-12-14 19:29 . 2011-12-14 19:29 -------- d-----w- c:\users\Shilpa\AppData\Local\temp
2011-12-14 19:29 . 2011-12-14 19:29 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2011-12-14 19:29 . 2011-12-14 19:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-07 11:11 . 2011-12-07 11:11 -------- d-----w- c:\users\Shilpa\AppData\Roaming\SiteAdvisor
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-04 16:29 . 2011-10-04 16:29 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2010-08-30 20:09 . 2008-08-21 14:48 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2011-08-14 03:44 70144 --sha-r- c:\windows\System32\iasrad3.dll
2011-08-14 03:44 70144 --sha-r- c:\windows\System32\KBDINTELO.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2006-11-10 417792]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-21 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-11-29 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-11-29 106496]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-11-29 81920]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-27 815104]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704]
"LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2005-12-16 188416]
"NDSTray.exe"="NDSTray.exe" [BU]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2006-11-01 413696]
"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-01-18 421888]
"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2006-11-07 34352]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2006-12-20 411768]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-07 55416]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2006-12-12 448632]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2006-12-15 530552]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-30 30192]
"SiteAdvisor"="c:\program files\SiteAdvisor\6066\SiteAdv.exe" [2006-10-18 35928]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-06-10 1218008]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-02-29 185896]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120]
"PMBVolumeWatcher"="c:\program files\Sony\PMB\PMBVolumeWatcher.exe" [2011-03-15 650080]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgRemover"="c:\users\Shilpa\Desktop\avg_remover_stf_x86_2012_1796.exe" [2011-12-14 1692968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2006-11-02 8704]
.
c:\users\Shilpa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2011-6-23 610120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GOEC62~1.DLL
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswboot.exe /a:"*" /l:"1033" /kbd:2 /dir:"c:\program files\avast software\avast"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ECACHE
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-12 21:10]
.
2011-08-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-12 21:10]
.
2009-12-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2011-08-23 16:22]
.
2010-03-01 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2011-08-23 16:22]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Shilpa\AppData\Roaming\Mozilla\Firefox\Profiles\lpcuhxsd.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: XULRunner: {FBB253E6-C8A2-4BC4-B22E-574A57CE5F89} - c:\windows\system32\config\systemprofile\AppData\Local\{FBB253E6-C8A2-4BC4-B22E-574A57CE5F89}
FF - Ext: Move Media Player: [email protected] - c:\users\Shilpa\AppData\Roaming\Move Networks
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-Aim6 - (no file)
HKCU-Run-Privacy Protection - c:\programdata\privacy.exe
SafeBoot-MCODS
AddRemove-$XNTUninstall643$ - c:\windows\$XNTUninstall643$\apUninstall.exe
AddRemove-LimeWire - c:\program files\LimeWire\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-14 14:29
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i?????Z#6_??????U?8?U?p?U???U???
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Avg]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AVGIDSAgent]
"ImagePath"="\"c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AVGIDSDriver]
"ImagePath"="system32\DRIVERS\AVGIDSDriver.Sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AVGIDSEH]
"ImagePath"="system32\DRIVERS\AVGIDSEH.Sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AVGIDSFilter]
"ImagePath"="system32\DRIVERS\AVGIDSFilter.Sys"
--
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Avgldx86]
"ImagePath"="system32\DRIVERS\avgldx86.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Avgmfx86]
"ImagePath"="system32\DRIVERS\avgmfx86.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Avgrkx86]
"ImagePath"="system32\DRIVERS\avgrkx86.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Avgtdix]
"ImagePath"="system32\DRIVERS\avgtdix.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\avgwd]
"ImagePath"="\"c:\program files\AVG\AVG10\avgwdsvc.exe\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\msiserver]
"ImagePath"="%systemroot%\system32\msiexec /V"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Completion time: 2011-12-14 14:31:50
ComboFix-quarantined-files.txt 2011-12-14 19:31
.
Pre-Run: 77,101,056,000 bytes free
Post-Run: 77,117,984,768 bytes free
.
- - End Of File - - 36A997E862FAC7B368C0EC9BE04E4A41
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top