wizkid-0
2010-10-23, 12:22
Hi,
I am having problems with my laptop as of late the laptop is taking ages to start up it will boot to the log in screen and then once I have typed my password in it will show a black screen and just sit there for ages and sometimes hang and I have to turn off and try again. I have attached a HJT Log and MBR Check logs for you to check through for me to see if there are any nasties in the system?
Thanks
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:20:13, on 23/10/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.7930.16406)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Spotify\spotify.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKCU\..\Run: [EPSON SX510W Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE /FU "C:\Windows\TEMP\E_SA088.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8954 bytes
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Sony Corporation
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: Sony Corporation
System Product Name: VPCEC1M1E
Logical Drives Mask: 0x0000001c
Kernel Drivers (total 160):
0x03057000 \SystemRoot\system32\ntoskrnl.exe
0x0300E000 \SystemRoot\system32\hal.dll
0x00BD1000 \SystemRoot\system32\kdcom.dll
0x00C50000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00C94000 \SystemRoot\system32\PSHED.dll
0x00CA8000 \SystemRoot\system32\CLFS.SYS
0x00D06000 \SystemRoot\system32\CI.dll
0x00ED2000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F76000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F85000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00FDC000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00FE5000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00E00000 \SystemRoot\system32\DRIVERS\pci.sys
0x00E33000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00E40000 \SystemRoot\System32\drivers\partmgr.sys
0x00E55000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00E5E000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00E6A000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x01001000 \SystemRoot\System32\drivers\volmgrx.sys
0x0105D000 \SystemRoot\System32\drivers\mountmgr.sys
0x012A2000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x014AC000 \SystemRoot\system32\DRIVERS\atapi.sys
0x014B5000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x014DF000 \SystemRoot\system32\DRIVERS\msahci.sys
0x014EA000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x014FA000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x01505000 \SystemRoot\system32\drivers\fltmgr.sys
0x01551000 \SystemRoot\system32\drivers\fileinfo.sys
0x01615000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01565000 \SystemRoot\System32\Drivers\msrpc.sys
0x017B8000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01200000 \SystemRoot\System32\Drivers\cng.sys
0x017D2000 \SystemRoot\System32\drivers\pcw.sys
0x017E3000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01077000 \SystemRoot\system32\drivers\ndis.sys
0x01169000 \SystemRoot\system32\drivers\NETIO.SYS
0x01273000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01802000 \SystemRoot\System32\drivers\tcpip.sys
0x00E7F000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01A5E000 \SystemRoot\system32\DRIVERS\timntr.sys
0x01B06000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x01B52000 \SystemRoot\System32\Drivers\spldr.sys
0x01B5A000 \SystemRoot\system32\DRIVERS\snapman.sys
0x01B8D000 \SystemRoot\System32\drivers\rdyboost.sys
0x01BC7000 \SystemRoot\System32\Drivers\mup.sys
0x01C54000 \SystemRoot\system32\DRIVERS\kl1.sys
0x023B3000 \SystemRoot\System32\drivers\hwpolicy.sys
0x023BC000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01C00000 \SystemRoot\system32\DRIVERS\disk.sys
0x01C16000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x01A00000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x036EE000 \SystemRoot\system32\DRIVERS\klif.sys
0x03784000 \SystemRoot\System32\Drivers\Null.SYS
0x0378D000 \SystemRoot\System32\Drivers\Beep.SYS
0x03794000 \SystemRoot\System32\drivers\vga.sys
0x037A2000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x037C7000 \SystemRoot\System32\drivers\watchdog.sys
0x037D7000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x037E0000 \SystemRoot\system32\drivers\rdpencdd.sys
0x037E9000 \SystemRoot\system32\drivers\rdprefmp.sys
0x037F2000 \SystemRoot\System32\Drivers\Msfs.SYS
0x03600000 \SystemRoot\System32\Drivers\Npfs.SYS
0x03611000 \SystemRoot\system32\DRIVERS\tdx.sys
0x0362F000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x0363C000 \SystemRoot\system32\DRIVERS\kl2.sys
0x03643000 \SystemRoot\system32\drivers\afd.sys
0x00C00000 \SystemRoot\System32\DRIVERS\netbt.sys
0x036CD000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x01A2A000 \SystemRoot\system32\DRIVERS\pacer.sys
0x036D6000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x023F6000 \SystemRoot\system32\DRIVERS\klim6.sys
0x01BD9000 \SystemRoot\system32\DRIVERS\netbios.sys
0x015C3000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x04920000 \SystemRoot\System32\Drivers\UimFIO.SYS
0x049A0000 \SystemRoot\system32\DRIVERS\termdd.sys
0x049B4000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
0x049BE000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
0x04800000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x04851000 \SystemRoot\system32\drivers\nsiproxy.sys
0x0485D000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x04868000 \SystemRoot\System32\drivers\discache.sys
0x04877000 \SystemRoot\System32\Drivers\dfsc.sys
0x04895000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x048A6000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x048CC000 \SystemRoot\system32\DRIVERS\atikmpag.sys
0x0526A000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x04A40000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x04B34000 \SystemRoot\System32\drivers\dxgmms1.sys
0x04B7A000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x04B9E000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x04BAF000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x05200000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x04C61000 \SystemRoot\system32\DRIVERS\athrx.sys
0x04DEC000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x04C00000 \SystemRoot\system32\DRIVERS\risdsne64.sys
0x04C19000 \SystemRoot\system32\DRIVERS\rimssne64.sys
0x04C39000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x04BC0000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x05A98000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0x05ADC000 \SystemRoot\system32\DRIVERS\klmouflt.sys
0x05AE6000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x05AF5000 \SystemRoot\system32\DRIVERS\SFEP.sys
0x05AF8000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x05B05000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x05B1B000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x05B20000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x05B30000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x05B46000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x05B6A000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x05B76000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x05BA5000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x05BC0000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x05BE1000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x05BFB000 \SystemRoot\system32\DRIVERS\swenum.sys
0x05A00000 \SystemRoot\system32\DRIVERS\ks.sys
0x05A43000 \SystemRoot\system32\DRIVERS\umbus.sys
0x05CA7000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x05D01000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x05D16000 \SystemRoot\system32\drivers\HdAudio.sys
0x05D72000 \SystemRoot\system32\drivers\portcls.sys
0x05DAF000 \SystemRoot\system32\drivers\drmk.sys
0x05DD1000 \SystemRoot\system32\drivers\ksthunk.sys
0x0684C000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x06AB6000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x06AD3000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x06AD5000 \SystemRoot\System32\Drivers\usbvideo.sys
0x00030000 \SystemRoot\System32\win32k.sys
0x06B03000 \SystemRoot\System32\drivers\Dxapi.sys
0x06B0F000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00560000 \SystemRoot\System32\TSDDD.dll
0x00730000 \SystemRoot\System32\cdd.dll
0x00810000 \SystemRoot\System32\ATMFD.DLL
0x06B1D000 \SystemRoot\system32\drivers\luafv.sys
0x06B40000 \SystemRoot\system32\DRIVERS\tifsfilt.sys
0x06B55000 \SystemRoot\system32\drivers\WudfPf.sys
0x06B76000 \SystemRoot\System32\Drivers\DefragFS.SYS
0x06B9B000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x05C00000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x06BB0000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x06BC3000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x0506E000 \SystemRoot\system32\drivers\HTTP.sys
0x05136000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x05140000 \SystemRoot\system32\DRIVERS\bowser.sys
0x0515E000 \SystemRoot\System32\drivers\mpsdrv.sys
0x05176000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x051A3000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x05000000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x07675000 \SystemRoot\system32\drivers\peauth.sys
0x0771B000 \SystemRoot\System32\Drivers\secdrv.SYS
0x07726000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x07753000 \SystemRoot\System32\drivers\tcpipreg.sys
0x07765000 \SystemRoot\System32\DRIVERS\srv2.sys
0x07A6E000 \SystemRoot\System32\DRIVERS\srv.sys
0x07B75000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x07B80000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x07B9B000 \SystemRoot\System32\Drivers\fastfat.SYS
0x07A00000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x778F0000 \Windows\System32\ntdll.dll
0x47B80000 \Windows\System32\smss.exe
0xFFC10000 \Windows\System32\apisetschema.dll
Processes (total 54):
0 System Idle Process
4 System
420 C:\Windows\System32\smss.exe
600 csrss.exe
652 C:\Windows\System32\wininit.exe
676 csrss.exe
720 C:\Windows\System32\services.exe
744 C:\Windows\System32\lsass.exe
752 C:\Windows\System32\lsm.exe
884 C:\Windows\System32\svchost.exe
972 C:\Windows\System32\svchost.exe
336 C:\Windows\System32\svchost.exe
560 C:\Windows\System32\svchost.exe
592 C:\Windows\System32\svchost.exe
1048 C:\Windows\System32\audiodg.exe
1088 C:\Windows\System32\svchost.exe
1160 C:\Windows\System32\winlogon.exe
1300 C:\Windows\System32\svchost.exe
1596 C:\Windows\System32\spoolsv.exe
1636 C:\Windows\System32\svchost.exe
1744 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1792 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
1832 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
1884 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
1916 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
1952 C:\Windows\System32\svchost.exe
1128 C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
1328 C:\Windows\System32\svchost.exe
1680 C:\Windows\System32\svchost.exe
1264 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2080 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2652 C:\Windows\System32\taskhost.exe
2912 WmiPrvSE.exe
1688 C:\Windows\System32\SearchIndexer.exe
2600 C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
1968 C:\Windows\System32\svchost.exe
684 C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe
3724 C:\Windows\System32\dwm.exe
3732 C:\Windows\explorer.exe
4020 C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
3168 C:\Program Files\Windows Sidebar\sidebar.exe
3228 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
3280 C:\Windows\System32\svchost.exe
1960 C:\Program Files\Windows Media Player\wmpnetwk.exe
1736 C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
4304 dllhost.exe
3836 WUDFHost.exe
4988 C:\Program Files (x86)\Spotify\spotify.exe
3488 C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
1648 C:\Windows\SysWOW64\dllhost.exe
4624 C:\Windows\System32\SearchProtocolHost.exe
3188 C:\Windows\System32\SearchFilterHost.exe
3764 C:\Users\Chris\Downloads\MBRCheck.exe
1420 C:\Windows\System32\conhost.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000 (NTFS)
PhysicalDrive0 Model Number: SAMSUNGHM500JI, Rev: 2AC101C4
Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
Done!
I am having problems with my laptop as of late the laptop is taking ages to start up it will boot to the log in screen and then once I have typed my password in it will show a black screen and just sit there for ages and sometimes hang and I have to turn off and try again. I have attached a HJT Log and MBR Check logs for you to check through for me to see if there are any nasties in the system?
Thanks
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:20:13, on 23/10/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.7930.16406)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Spotify\spotify.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKCU\..\Run: [EPSON SX510W Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE /FU "C:\Windows\TEMP\E_SA088.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8954 bytes
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: Sony Corporation
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: Sony Corporation
System Product Name: VPCEC1M1E
Logical Drives Mask: 0x0000001c
Kernel Drivers (total 160):
0x03057000 \SystemRoot\system32\ntoskrnl.exe
0x0300E000 \SystemRoot\system32\hal.dll
0x00BD1000 \SystemRoot\system32\kdcom.dll
0x00C50000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00C94000 \SystemRoot\system32\PSHED.dll
0x00CA8000 \SystemRoot\system32\CLFS.SYS
0x00D06000 \SystemRoot\system32\CI.dll
0x00ED2000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F76000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F85000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x00FDC000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x00FE5000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x00E00000 \SystemRoot\system32\DRIVERS\pci.sys
0x00E33000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00E40000 \SystemRoot\System32\drivers\partmgr.sys
0x00E55000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00E5E000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00E6A000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x01001000 \SystemRoot\System32\drivers\volmgrx.sys
0x0105D000 \SystemRoot\System32\drivers\mountmgr.sys
0x012A2000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x014AC000 \SystemRoot\system32\DRIVERS\atapi.sys
0x014B5000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x014DF000 \SystemRoot\system32\DRIVERS\msahci.sys
0x014EA000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x014FA000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x01505000 \SystemRoot\system32\drivers\fltmgr.sys
0x01551000 \SystemRoot\system32\drivers\fileinfo.sys
0x01615000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01565000 \SystemRoot\System32\Drivers\msrpc.sys
0x017B8000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01200000 \SystemRoot\System32\Drivers\cng.sys
0x017D2000 \SystemRoot\System32\drivers\pcw.sys
0x017E3000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01077000 \SystemRoot\system32\drivers\ndis.sys
0x01169000 \SystemRoot\system32\drivers\NETIO.SYS
0x01273000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01802000 \SystemRoot\System32\drivers\tcpip.sys
0x00E7F000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01A5E000 \SystemRoot\system32\DRIVERS\timntr.sys
0x01B06000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x01B52000 \SystemRoot\System32\Drivers\spldr.sys
0x01B5A000 \SystemRoot\system32\DRIVERS\snapman.sys
0x01B8D000 \SystemRoot\System32\drivers\rdyboost.sys
0x01BC7000 \SystemRoot\System32\Drivers\mup.sys
0x01C54000 \SystemRoot\system32\DRIVERS\kl1.sys
0x023B3000 \SystemRoot\System32\drivers\hwpolicy.sys
0x023BC000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01C00000 \SystemRoot\system32\DRIVERS\disk.sys
0x01C16000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x01A00000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x036EE000 \SystemRoot\system32\DRIVERS\klif.sys
0x03784000 \SystemRoot\System32\Drivers\Null.SYS
0x0378D000 \SystemRoot\System32\Drivers\Beep.SYS
0x03794000 \SystemRoot\System32\drivers\vga.sys
0x037A2000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x037C7000 \SystemRoot\System32\drivers\watchdog.sys
0x037D7000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x037E0000 \SystemRoot\system32\drivers\rdpencdd.sys
0x037E9000 \SystemRoot\system32\drivers\rdprefmp.sys
0x037F2000 \SystemRoot\System32\Drivers\Msfs.SYS
0x03600000 \SystemRoot\System32\Drivers\Npfs.SYS
0x03611000 \SystemRoot\system32\DRIVERS\tdx.sys
0x0362F000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x0363C000 \SystemRoot\system32\DRIVERS\kl2.sys
0x03643000 \SystemRoot\system32\drivers\afd.sys
0x00C00000 \SystemRoot\System32\DRIVERS\netbt.sys
0x036CD000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x01A2A000 \SystemRoot\system32\DRIVERS\pacer.sys
0x036D6000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x023F6000 \SystemRoot\system32\DRIVERS\klim6.sys
0x01BD9000 \SystemRoot\system32\DRIVERS\netbios.sys
0x015C3000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x04920000 \SystemRoot\System32\Drivers\UimFIO.SYS
0x049A0000 \SystemRoot\system32\DRIVERS\termdd.sys
0x049B4000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
0x049BE000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
0x04800000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x04851000 \SystemRoot\system32\drivers\nsiproxy.sys
0x0485D000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x04868000 \SystemRoot\System32\drivers\discache.sys
0x04877000 \SystemRoot\System32\Drivers\dfsc.sys
0x04895000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x048A6000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x048CC000 \SystemRoot\system32\DRIVERS\atikmpag.sys
0x0526A000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x04A40000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x04B34000 \SystemRoot\System32\drivers\dxgmms1.sys
0x04B7A000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x04B9E000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x04BAF000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x05200000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x04C61000 \SystemRoot\system32\DRIVERS\athrx.sys
0x04DEC000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x04C00000 \SystemRoot\system32\DRIVERS\risdsne64.sys
0x04C19000 \SystemRoot\system32\DRIVERS\rimssne64.sys
0x04C39000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x04BC0000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x05A98000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0x05ADC000 \SystemRoot\system32\DRIVERS\klmouflt.sys
0x05AE6000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x05AF5000 \SystemRoot\system32\DRIVERS\SFEP.sys
0x05AF8000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x05B05000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x05B1B000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x05B20000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x05B30000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x05B46000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x05B6A000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x05B76000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x05BA5000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x05BC0000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x05BE1000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x05BFB000 \SystemRoot\system32\DRIVERS\swenum.sys
0x05A00000 \SystemRoot\system32\DRIVERS\ks.sys
0x05A43000 \SystemRoot\system32\DRIVERS\umbus.sys
0x05CA7000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x05D01000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x05D16000 \SystemRoot\system32\drivers\HdAudio.sys
0x05D72000 \SystemRoot\system32\drivers\portcls.sys
0x05DAF000 \SystemRoot\system32\drivers\drmk.sys
0x05DD1000 \SystemRoot\system32\drivers\ksthunk.sys
0x0684C000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x06AB6000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x06AD3000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x06AD5000 \SystemRoot\System32\Drivers\usbvideo.sys
0x00030000 \SystemRoot\System32\win32k.sys
0x06B03000 \SystemRoot\System32\drivers\Dxapi.sys
0x06B0F000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00560000 \SystemRoot\System32\TSDDD.dll
0x00730000 \SystemRoot\System32\cdd.dll
0x00810000 \SystemRoot\System32\ATMFD.DLL
0x06B1D000 \SystemRoot\system32\drivers\luafv.sys
0x06B40000 \SystemRoot\system32\DRIVERS\tifsfilt.sys
0x06B55000 \SystemRoot\system32\drivers\WudfPf.sys
0x06B76000 \SystemRoot\System32\Drivers\DefragFS.SYS
0x06B9B000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x05C00000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x06BB0000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x06BC3000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x0506E000 \SystemRoot\system32\drivers\HTTP.sys
0x05136000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x05140000 \SystemRoot\system32\DRIVERS\bowser.sys
0x0515E000 \SystemRoot\System32\drivers\mpsdrv.sys
0x05176000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x051A3000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x05000000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x07675000 \SystemRoot\system32\drivers\peauth.sys
0x0771B000 \SystemRoot\System32\Drivers\secdrv.SYS
0x07726000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x07753000 \SystemRoot\System32\drivers\tcpipreg.sys
0x07765000 \SystemRoot\System32\DRIVERS\srv2.sys
0x07A6E000 \SystemRoot\System32\DRIVERS\srv.sys
0x07B75000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0x07B80000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x07B9B000 \SystemRoot\System32\Drivers\fastfat.SYS
0x07A00000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x778F0000 \Windows\System32\ntdll.dll
0x47B80000 \Windows\System32\smss.exe
0xFFC10000 \Windows\System32\apisetschema.dll
Processes (total 54):
0 System Idle Process
4 System
420 C:\Windows\System32\smss.exe
600 csrss.exe
652 C:\Windows\System32\wininit.exe
676 csrss.exe
720 C:\Windows\System32\services.exe
744 C:\Windows\System32\lsass.exe
752 C:\Windows\System32\lsm.exe
884 C:\Windows\System32\svchost.exe
972 C:\Windows\System32\svchost.exe
336 C:\Windows\System32\svchost.exe
560 C:\Windows\System32\svchost.exe
592 C:\Windows\System32\svchost.exe
1048 C:\Windows\System32\audiodg.exe
1088 C:\Windows\System32\svchost.exe
1160 C:\Windows\System32\winlogon.exe
1300 C:\Windows\System32\svchost.exe
1596 C:\Windows\System32\spoolsv.exe
1636 C:\Windows\System32\svchost.exe
1744 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1792 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
1832 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
1884 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
1916 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
1952 C:\Windows\System32\svchost.exe
1128 C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
1328 C:\Windows\System32\svchost.exe
1680 C:\Windows\System32\svchost.exe
1264 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2080 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2652 C:\Windows\System32\taskhost.exe
2912 WmiPrvSE.exe
1688 C:\Windows\System32\SearchIndexer.exe
2600 C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
1968 C:\Windows\System32\svchost.exe
684 C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe
3724 C:\Windows\System32\dwm.exe
3732 C:\Windows\explorer.exe
4020 C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
3168 C:\Program Files\Windows Sidebar\sidebar.exe
3228 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
3280 C:\Windows\System32\svchost.exe
1960 C:\Program Files\Windows Media Player\wmpnetwk.exe
1736 C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
4304 dllhost.exe
3836 WUDFHost.exe
4988 C:\Program Files (x86)\Spotify\spotify.exe
3488 C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
1648 C:\Windows\SysWOW64\dllhost.exe
4624 C:\Windows\System32\SearchProtocolHost.exe
3188 C:\Windows\System32\SearchFilterHost.exe
3764 C:\Users\Chris\Downloads\MBRCheck.exe
1420 C:\Windows\System32\conhost.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000 (NTFS)
PhysicalDrive0 Model Number: SAMSUNGHM500JI, Rev: 2AC101C4
Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
Done!