Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: HP Laptop with redirector

  1. #1
    Member
    Join Date
    May 2009
    Posts
    32

    Default HP Laptop with redirector

    Hi again, this time my laptop has a bug. It's an HP G62 runnung Windows 7 Home Premium SP1 with AMD Athlon II p320 dual core 2.09 GHz, 64 bit.
    I have WIN 7 Security 2012 popping up all over the place. I ran Registry Mechanic and SpyBot S&D, but no help. I've booted up in safe mode and run ERUNT ans DDS.
    Thanks in advance for your help.

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64 MINIMAL
    Internet Explorer: 9.0.8112.16421
    Run by John at 19:28:20 on 2011-12-20
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2811.1935 [GMT -5:00]
    .
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\Explorer.EXE
    C:\Windows\system32\ctfmon.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\system32\wbem\wmiprvse.exe
    \\?\C:\Windows\system32\wbem\WMIADAP.EXE
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.yahoo.com/
    mWinlogon: Userinit=userinit.exe
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No File
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    {555d4d79-4bd2-4094-a395-cfc534424a05}
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [OCAEBNDVDUpdate] C:\Program Files (x86)\ObjectCube\XXX2Burn DVD Wizard\xxx2burn.exe /update
    uRun: [SanDiskSecureAccess_Manager.exe] C:\Users\John\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun: [<NO NAME>]
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: Interfaces\{D6927469-24A5-41E6-B6BC-40C4FADE1F7C} : NameServer = 192.168.2.1
    TCP: Interfaces\{D6927469-24A5-41E6-B6BC-40C4FADE1F7C}\2427566716274675962756C6563737D2843523 : DhcpNameServer = 192.168.192.1
    TCP: Interfaces\{D6927469-24A5-41E6-B6BC-40C4FADE1F7C}\24C657563456461627D27657563747 : DhcpNameServer = 69.1.30.11 69.1.30.10
    TCP: Interfaces\{D6927469-24A5-41E6-B6BC-40C4FADE1F7C}\2656C6B696E6E2266616 : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{D6927469-24A5-41E6-B6BC-40C4FADE1F7C}\37471697262796467656 : DhcpNameServer = 69.1.30.10 69.1.30.11 8.8.8.8
    TCP: Interfaces\{D6927469-24A5-41E6-B6BC-40C4FADE1F7C}\75169707F62747F5143636563737 : DhcpNameServer = 192.168.5.1 64.134.255.2 64.134.255.10
    TCP: Interfaces\{D6927469-24A5-41E6-B6BC-40C4FADE1F7C}\C696E6B6379737 : DhcpNameServer = 69.1.30.11 69.1.30.10
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
    BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO-X64: 0x1 - No File
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO-X64: SkypeIEPluginBHO - No File
    BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO-X64: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No File
    TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    TB-X64: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
    TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
    mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun-x64: [(Default)]
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ============= SERVICES / DRIVERS ===============
    .
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
    S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
    S2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-10-18 98208]
    S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    S2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-5-21 140272]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
    S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560]
    S2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]
    S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
    S2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
    S2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
    S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-3-14 632792]
    S2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-6-24 315392]
    S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-3-14 1153368]
    S2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-4-19 993848]
    S2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-4-19 399416]
    S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]
    S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
    S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
    S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
    S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
    S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    S3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
    S3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
    S3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
    S3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
    S3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2011-12-21 00:26:22 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0EEB740A-0034-4066-B636-6B455B2CF609}\offreg.dll
    2011-12-20 01:25:24 -------- d-----we C:\Windows\system64
    2011-12-20 01:25:05 337408 ----a-w- C:\Users\John\AppData\Local\eqb.exe
    2011-12-20 01:25:04 337408 ----a-w- C:\Users\John\AppData\Local\eqy.exe
    2011-12-19 23:57:47 -------- d-----w- C:\Users\John\AppData\Local\{99D0F5F1-5DE7-4ADB-A373-DC1B84194381}
    2011-12-19 23:57:35 -------- d-----w- C:\Users\John\AppData\Local\{50CC582F-FE5C-42C8-9F56-D7488F8E07A0}
    2011-12-18 17:14:24 -------- d-----w- C:\Users\John\AppData\Local\{51C2C4EE-E09F-4E70-8911-EA335DC06FE0}
    2011-12-18 17:14:12 -------- d-----w- C:\Users\John\AppData\Local\{7A7477AE-7AE1-4B0E-B2B5-471E63864151}
    2011-12-18 02:12:55 -------- d-----w- C:\Users\John\AppData\Local\{2E2CC646-C1FA-41C2-855F-FFBED5192AC4}
    2011-12-18 02:12:43 -------- d-----w- C:\Users\John\AppData\Local\{AC05147B-0B13-4DE2-9498-1B2C560F6EC7}
    2011-12-18 01:10:03 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0EEB740A-0034-4066-B636-6B455B2CF609}\mpengine.dll
    2011-12-16 01:07:30 -------- d-----w- C:\Users\John\AppData\Local\{98C8B4BC-D646-429C-99EE-A41DBDBF87A9}
    2011-12-16 01:07:18 -------- d-----w- C:\Users\John\AppData\Local\{838F1832-3563-4FDE-9B4B-4551B3012D78}
    2011-12-15 01:53:21 -------- d-----w- C:\Users\John\AppData\Local\{AABFC1F2-D1AF-438F-9F03-52FAE652141B}
    2011-12-15 01:53:09 -------- d-----w- C:\Users\John\AppData\Local\{BAAE2F96-DC15-4046-9943-A237D07A272F}
    2011-12-15 01:31:28 723456 ----a-w- C:\Windows\System32\EncDec.dll
    2011-12-15 01:31:28 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
    2011-12-15 01:31:26 3145216 ----a-w- C:\Windows\System32\win32k.sys
    2011-12-15 01:31:24 43520 ----a-w- C:\Windows\System32\csrsrv.dll
    2011-12-15 01:31:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2011-12-15 01:31:10 2048 ----a-w- C:\Windows\System32\tzres.dll
    2011-12-14 00:40:44 -------- d-----w- C:\Users\John\AppData\Local\{0ADA6A77-F4A0-4AD8-88F7-B6740C803C9A}
    2011-12-14 00:40:32 -------- d-----w- C:\Users\John\AppData\Local\{09D89E92-A46C-43A5-8D56-5A4DC0A203A3}
    2011-12-09 22:17:56 -------- d-----w- C:\Users\John\AppData\Local\{CAF47799-95A2-46EE-903D-668DC1B317E2}
    2011-12-09 22:17:44 -------- d-----w- C:\Users\John\AppData\Local\{11DBD611-83DE-426A-93AB-39EDB7367AE1}
    2011-12-08 01:16:42 -------- d-----w- C:\Users\John\AppData\Local\{EAE4756C-2562-4BE1-B555-C681B28FBA9D}
    2011-12-08 01:16:30 -------- d-----w- C:\Users\John\AppData\Local\{7C427E85-C635-4DCB-8046-58AE52B9EA87}
    2011-12-07 02:21:36 -------- d-----w- C:\Users\John\AppData\Local\{6ED50E27-5BDF-401B-91AA-EC046ADE5FD4}
    2011-12-07 02:21:24 -------- d-----w- C:\Users\John\AppData\Local\{B32846B8-61C1-4F77-B435-DFA4AE6D6B95}
    2011-12-05 23:49:54 -------- d-----w- C:\Users\John\AppData\Local\{53EE16BA-3630-4FDA-BE72-32D531683F41}
    2011-12-05 23:49:42 -------- d-----w- C:\Users\John\AppData\Local\{1C18891E-905E-43BA-A335-7EB644A4215C}
    2011-12-05 01:18:44 -------- d-----w- C:\Users\John\AppData\Local\{644B3241-3050-4FAA-A924-52FFF974511C}
    2011-12-04 00:30:55 -------- d-----w- C:\Users\John\AppData\Local\{3EE0D181-BDC3-41CA-AAA6-C101600669FD}
    2011-12-04 00:30:43 -------- d-----w- C:\Users\John\AppData\Local\{B59A586F-ABD0-4440-B6BE-3AE927F54C55}
    2011-12-03 00:53:23 -------- d-----w- C:\Users\John\AppData\Local\{703877FB-8E99-4F86-9115-175AD5CFCBA0}
    2011-12-03 00:53:10 -------- d-----w- C:\Users\John\AppData\Local\{1970521A-C4E0-42B8-8B91-138CEF36FE17}
    2011-12-01 23:12:41 -------- d-----w- C:\Users\John\AppData\Local\{A7675990-E740-4573-8A6F-E5259968A586}
    2011-12-01 23:12:29 -------- d-----w- C:\Users\John\AppData\Local\{52168579-FE60-4585-AE60-7C31758893D8}
    2011-11-30 23:35:05 -------- d-----w- C:\Users\John\AppData\Local\{BD35689A-9278-4CAF-B72F-6971DBD38D81}
    2011-11-30 23:34:53 -------- d-----w- C:\Users\John\AppData\Local\{F9071B22-B45E-4636-A92A-B544D9918283}
    2011-11-29 23:47:46 -------- d-----w- C:\Users\John\AppData\Local\{B75B7BAB-48FC-460A-B12F-FFB171D136A5}
    2011-11-29 23:47:34 -------- d-----w- C:\Users\John\AppData\Local\{2E2AC596-B5B1-477D-9F01-BF85C893D9FA}
    2011-11-28 23:17:33 -------- d-----w- C:\Users\John\AppData\Local\{CE2694E4-2580-493C-B504-B12E8396CD76}
    2011-11-28 23:17:20 -------- d-----w- C:\Users\John\AppData\Local\{439C3738-8B98-4DAB-B61D-830F3D256927}
    2011-11-25 23:47:19 -------- d-----w- C:\Users\John\AppData\Local\{7BFDF869-B904-4B82-B42E-51D56C0E8F51}
    2011-11-25 23:47:05 -------- d-----w- C:\Users\John\AppData\Local\{DE0FEC84-662D-4495-A983-A241B0CBF14C}
    2011-11-23 23:52:21 -------- d-----w- C:\Users\John\AppData\Local\{ED7E149F-6ADC-4FE2-BA1B-604BA44B8B9E}
    2011-11-23 23:52:08 -------- d-----w- C:\Users\John\AppData\Local\{EC7EF1F4-11A2-431E-98EA-8C3FA4F850FF}
    2011-11-21 23:48:02 -------- d-----w- C:\Users\John\AppData\Local\{7362F4B4-4ACD-447F-BC80-7A2BF9C023ED}
    2011-11-21 23:47:49 -------- d-----w- C:\Users\John\AppData\Local\{1CD7C4ED-1577-4137-B3E8-33249F393FE6}
    2011-11-21 01:24:55 -------- d-----w- C:\Users\John\AppData\Local\{F9F340F8-A29B-4D79-A82F-BF2507A0F976}
    2011-11-21 01:24:43 -------- d-----w- C:\Users\John\AppData\Local\{8F4B6251-8ABD-4104-BB96-1900C92AB249}
    .
    ==================== Find3M ====================
    .
    2011-11-11 01:40:37 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll
    2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll
    2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
    2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
    2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2011-09-29 16:29:28 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    .
    ============= FINISH: 19:30:02.47 ===============

  2. #2
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,066

    Default

    hi drjohnamy,

    Your post is a few days old. If you still need help with the problem simply reply back.
    How Can I Reduce My Risk?

  3. #3
    Member
    Join Date
    May 2009
    Posts
    32

    Default yes, I still need help...

    I have not booted the computer since I ran DDS.

  4. #4
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,066

    Default

    hi,

    I have not booted the computer since I ran DDS.
    Ok, thats a good thing.

    see if you can download and install Malwarebytes and we will start with that.
    Please download the free version of Malwarebytes to your desktop.

    Double-click mbam-setup.exe and follow the prompts to install the program.

    Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

    If an update is found, it will download and install the latest version.

    Once the program has loaded, select Perform FULL SCAN, then click Scan.

    When the scan is complete, click OK, then Show Results to view the results.

    Be sure that everything is checked, and click *Remove Selected.*

    *A restart of your computer may be required to remove some items. If prompted please restart your computer to complete the fix.*

    When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt

    Post the log in your reply.

    You may have problems trying to run a .exe. Try the above and we will go from there.
    How Can I Reduce My Risk?

  5. #5
    Member
    Join Date
    May 2009
    Posts
    32

    Default MBAM scan

    Hi,
    I downloaded MBAM to a jump drive, booted the HP in safemode wth networking, it updated MBAM and ran the scan. When it rebooted I saw my real homepage for the first time in days...

    Malwarebytes' Anti-Malware 1.51.2.1300
    www.malwarebytes.org

    Database version: 911122503

    Windows 6.1.7601 Service Pack 1 (Safe Mode)
    Internet Explorer 9.0.8112.16421

    12/25/2011 4:20:01 PM
    mbam-log-2011-12-25 (16-20-01).txt

    Scan type: Full scan (C:\|D:\|F:\|)
    Objects scanned: 374615
    Time elapsed: 44 minute(s), 14 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 1
    Registry Data Items Infected: 1
    Folders Infected: 0
    Files Infected: 6

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    HKEY_CLASSES_ROOT\.exe\shell\open\command\(default) (Hijack.ExeFile) -> Value: (default) -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Users\John\AppData\Local\eqy.exe" -a "C:\Program Files (x86)\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully.

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    c:\Users\John\AppData\Local\eqb.exe (Trojan.ExeShell.Gen) -> Quarantined and deleted successfully.
    c:\Users\John\AppData\Local\eqy.exe (Trojan.ExeShell.Gen) -> Quarantined and deleted successfully.
    c:\Users\John\AppData\Local\Temp\trfjqtwnkh (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    c:\Users\John\AppData\Local\Temp\ynp.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    c:\Users\John\documents\rB2HY.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    c:\Windows\assembly\temp\kwrd.dll (PUP.BitMiner) -> Quarantined and deleted successfully.

  6. #6
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,066

    Default

    ok good. We will continue with combofix. There is a guide to read first, read through the guide then apply the directions on your own machine. Please run it after a normal boot up. If you have problems then run it in safe mode. Post the log:

    Guide to using Combofix
    How Can I Reduce My Risk?

  7. #7
    Member
    Join Date
    May 2009
    Posts
    32

    Default

    ok ran combofix, but cannot open Internet Explorer "illegal operation attempted on a registry key that has been marked for deletion"

    ComboFix 11-12-25.01 - John 12/25/2011 20:46:38.1.2 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2811.1214 [GMT -5:00]
    Running from: c:\users\John\Desktop\ComboFix.exe
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\John\AppData\Roaming\.#
    c:\users\John\AppData\Roaming\.#\MBX@135C@3E1C40.###
    c:\users\John\AppData\Roaming\.#\MBX@135C@3E1C50.###
    c:\users\John\AppData\Roaming\.#\MBX@135C@3E1C60.###
    c:\users\John\AppData\Roaming\.#\MBX@135C@3E1C70.###
    c:\users\John\AppData\Roaming\.#\MBX@1368@22A1C00.###
    c:\users\John\AppData\Roaming\.#\MBX@1368@22A1C10.###
    c:\users\John\AppData\Roaming\.#\MBX@1368@22A1C20.###
    c:\users\John\AppData\Roaming\.#\MBX@1368@22A1C30.###
    c:\users\John\AppData\Roaming\.#\MBX@1378@2D1C40.###
    c:\users\John\AppData\Roaming\.#\MBX@1378@2D1C50.###
    c:\users\John\AppData\Roaming\.#\MBX@1378@2D1C60.###
    c:\users\John\AppData\Roaming\.#\MBX@1378@2D1C70.###
    c:\users\John\AppData\Roaming\.#\MBX@1734@2341C40.###
    c:\users\John\AppData\Roaming\.#\MBX@1734@2341C50.###
    c:\users\John\AppData\Roaming\.#\MBX@1734@2341C60.###
    c:\users\John\AppData\Roaming\.#\MBX@1734@2341C70.###
    c:\users\John\AppData\Roaming\.#\MBX@17D0@9C1C40.###
    c:\users\John\AppData\Roaming\.#\MBX@17D0@9C1C50.###
    c:\users\John\AppData\Roaming\.#\MBX@17D0@9C1C60.###
    c:\users\John\AppData\Roaming\.#\MBX@17D0@9C1C70.###
    c:\users\John\AppData\Roaming\.#\MBX@18BC@231C40.###
    c:\users\John\AppData\Roaming\.#\MBX@18BC@231C50.###
    c:\users\John\AppData\Roaming\.#\MBX@18BC@231C60.###
    c:\users\John\AppData\Roaming\.#\MBX@18BC@231C70.###
    c:\users\John\AppData\Roaming\.#\MBX@19F4@281C40.###
    c:\users\John\AppData\Roaming\.#\MBX@19F4@281C50.###
    c:\users\John\AppData\Roaming\.#\MBX@19F4@281C60.###
    c:\users\John\AppData\Roaming\.#\MBX@19F4@281C70.###
    c:\users\John\AppData\Roaming\.#\MBX@1A10@2181C40.###
    c:\users\John\AppData\Roaming\.#\MBX@1A10@2181C50.###
    c:\users\John\AppData\Roaming\.#\MBX@1A10@2181C60.###
    c:\users\John\AppData\Roaming\.#\MBX@1A10@2181C70.###
    c:\users\John\AppData\Roaming\.#\MBX@1B38@3E1C00.###
    c:\users\John\AppData\Roaming\.#\MBX@1B38@3E1C10.###
    c:\users\John\AppData\Roaming\.#\MBX@1B38@3E1C20.###
    c:\users\John\AppData\Roaming\.#\MBX@1B38@3E1C30.###
    c:\users\John\AppData\Roaming\.#\MBX@A9C@2301C40.###
    c:\users\John\AppData\Roaming\.#\MBX@A9C@2301C50.###
    c:\users\John\AppData\Roaming\.#\MBX@A9C@2301C60.###
    c:\users\John\AppData\Roaming\.#\MBX@A9C@2301C70.###
    c:\users\John\AppData\Roaming\.#\MBX@B44@23F1C40.###
    c:\users\John\AppData\Roaming\.#\MBX@B44@23F1C50.###
    c:\users\John\AppData\Roaming\.#\MBX@B44@23F1C60.###
    c:\users\John\AppData\Roaming\.#\MBX@B44@23F1C70.###
    c:\users\John\AppData\Roaming\.#\MBX@E04@2351C40.###
    c:\users\John\AppData\Roaming\.#\MBX@E04@2351C50.###
    c:\users\John\AppData\Roaming\.#\MBX@E04@2351C60.###
    c:\users\John\AppData\Roaming\.#\MBX@E04@2351C70.###
    c:\users\John\AppData\Roaming\.#\MBX@E04@251C40.###
    c:\users\John\AppData\Roaming\.#\MBX@E04@251C50.###
    c:\users\John\AppData\Roaming\.#\MBX@E04@251C60.###
    c:\users\John\AppData\Roaming\.#\MBX@E04@251C70.###
    c:\windows\security\Database\tmp.edb
    c:\windows\system32\java.exe
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-11-26 to 2011-12-26 )))))))))))))))))))))))))))))))
    .
    .
    2011-12-26 03:12 . 2011-12-26 03:12 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F338FDAD-1D8E-4E5C-81C9-9543B65D64A6}\offreg.dll
    2011-12-26 03:07 . 2011-12-26 03:07 -------- d-----w- c:\users\Guest\AppData\Local\temp
    2011-12-26 03:07 . 2011-12-26 03:07 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-12-25 21:33 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F338FDAD-1D8E-4E5C-81C9-9543B65D64A6}\mpengine.dll
    2011-12-25 20:32 . 2011-12-25 20:32 -------- d-----w- c:\users\John\AppData\Roaming\Malwarebytes
    2011-12-25 20:32 . 2011-12-25 20:32 -------- d-----w- c:\programdata\Malwarebytes
    2011-12-25 20:32 . 2011-12-25 20:32 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2011-12-25 20:32 . 2011-08-31 22:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-12-21 00:27 . 2011-12-21 00:27 -------- d-----w- c:\program files (x86)\ERUNT
    2011-12-20 01:25 . 2011-12-20 01:25 -------- d-----we c:\windows\system64
    2011-12-15 01:31 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
    2011-12-15 01:31 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
    2011-12-15 01:31 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys
    2011-12-15 01:31 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
    2011-12-15 01:31 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
    2011-12-15 01:31 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
    2011-12-01 18:47 . 2011-12-01 18:47 -------- d-----w- c:\users\Guest\AppData\Roaming\hpqlog
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-11-15 19:29 . 2011-03-15 19:35 270720 ------w- c:\windows\system32\MpSigStub.exe
    2011-11-11 01:40 . 2011-06-12 04:02 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-09-29 16:29 . 2011-11-09 23:34 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    "OCAEBNDVDUpdate"="c:\program files (x86)\ObjectCube\XXX2Burn DVD Wizard\xxx2burn.exe" [2006-12-14 1081344]
    "SanDiskSecureAccess_Manager.exe"="c:\users\John\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe" [2011-08-07 27306624]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-17 98304]
    "SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-11-15 112600]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
    "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
    "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
    Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-21 85560]
    R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-06-18 103992]
    R2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [2010-06-24 315392]
    R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
    R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]
    R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
    R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
    R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
    R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
    R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
    S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
    S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-05-21 140272]
    S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
    S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
    S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
    S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
    S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-10-01 632792]
    S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
    S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-04-19 399416]
    S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
    S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
    S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
    S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
    S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
    S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
    S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
    S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2010-11-22 18:18 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-12-26 c:\windows\Tasks\HPCeeScheduleForJohn.job
    - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
    .
    2011-12-26 c:\windows\Tasks\RMSchedule.job
    - c:\program files (x86)\Registry Mechanic\RegMech.exe [2011-03-14 21:05]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-12 6489704]
    "HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]
    "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-04-13 2399632]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.yahoo.com/
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    TCP: Interfaces\{D6927469-24A5-41E6-B6BC-40C4FADE1F7C}: NameServer = 192.168.2.1
    .
    - - - - ORPHANS REMOVED - - - -
    .
    WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
    AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files (x86)\Bonjour\mDNSResponder.exe
    c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
    c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
    .
    **************************************************************************
    .
    Completion time: 2011-12-25 22:34:53 - machine was rebooted
    ComboFix-quarantined-files.txt 2011-12-26 03:34
    .
    Pre-Run: 234,136,854,528 bytes free
    Post-Run: 233,819,721,728 bytes free
    .
    - - End Of File - - 4B4BE3467717652ADF5DA8C7A58FD046

  8. #8
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,066

    Default

    cannot open Internet Explorer
    Reboot your machine.

    We will get another download to run:

    Please download TDSS Killer.exe and save it to your desktop

    Double click to launch the utility. After it initializes click the start scan button.

    Once the scan completes you can click the continue button.

    "The utility will automatically select an action (Cure or Delete) for known malcious objects. A suspicious object will be skipped by default."

    "After clicking Next, the utility applies selected actions and outputs the result."

    "A reboot might require after disinfection."

    A report will be found in your Root drive Local Disk (C) as TDSSKiller.2.4.2.1_09.08.2010_17.32.21_log.txt (name, version, date, time)

    Please post the log report
    How Can I Reduce My Risk?

  9. #9
    Member
    Join Date
    May 2009
    Posts
    32

    Default

    13:58:54.0717 5352 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
    13:58:55.0201 5352 ============================================================
    13:58:55.0201 5352 Current date / time: 2011/12/26 13:58:55.0201
    13:58:55.0201 5352 SystemInfo:
    13:58:55.0201 5352
    13:58:55.0201 5352 OS Version: 6.1.7601 ServicePack: 1.0
    13:58:55.0201 5352 Product type: Workstation
    13:58:55.0201 5352 ComputerName: JOHN-HP
    13:58:55.0201 5352 UserName: John
    13:58:55.0201 5352 Windows directory: C:\Windows
    13:58:55.0201 5352 System windows directory: C:\Windows
    13:58:55.0201 5352 Running under WOW64
    13:58:55.0201 5352 Processor architecture: Intel x64
    13:58:55.0201 5352 Number of processors: 2
    13:58:55.0201 5352 Page size: 0x1000
    13:58:55.0201 5352 Boot type: Normal boot
    13:58:55.0201 5352 ============================================================
    13:58:56.0355 5352 Initialize success
    13:59:01.0254 1684 ============================================================
    13:59:01.0254 1684 Scan started
    13:59:01.0254 1684 Mode: Manual;
    13:59:01.0254 1684 ============================================================
    13:59:02.0252 1684 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    13:59:02.0268 1684 1394ohci - ok
    13:59:02.0408 1684 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    13:59:02.0424 1684 ACPI - ok
    13:59:02.0486 1684 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    13:59:02.0486 1684 AcpiPmi - ok
    13:59:02.0642 1684 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    13:59:02.0658 1684 adp94xx - ok
    13:59:02.0783 1684 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    13:59:02.0783 1684 adpahci - ok
    13:59:02.0829 1684 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    13:59:02.0829 1684 adpu320 - ok
    13:59:03.0032 1684 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
    13:59:03.0048 1684 AFD - ok
    13:59:03.0095 1684 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    13:59:03.0110 1684 agp440 - ok
    13:59:03.0141 1684 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    13:59:03.0141 1684 aliide - ok
    13:59:03.0266 1684 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    13:59:03.0266 1684 amdide - ok
    13:59:03.0313 1684 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    13:59:03.0313 1684 AmdK8 - ok
    13:59:03.0609 1684 amdkmdag (4bffead896affbc80c86f62cd18f17c9) C:\Windows\system32\DRIVERS\atipmdag.sys
    13:59:03.0750 1684 amdkmdag - ok
    13:59:04.0140 1684 amdkmdap (a7155a832f24cf5b048f6048380636ec) C:\Windows\system32\DRIVERS\atikmpag.sys
    13:59:04.0140 1684 amdkmdap - ok
    13:59:04.0280 1684 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    13:59:04.0280 1684 AmdPPM - ok
    13:59:04.0327 1684 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\Windows\system32\DRIVERS\amdsata.sys
    13:59:04.0327 1684 amdsata - ok
    13:59:04.0452 1684 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    13:59:04.0467 1684 amdsbs - ok
    13:59:04.0483 1684 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\Windows\system32\DRIVERS\amdxata.sys
    13:59:04.0483 1684 amdxata - ok
    13:59:04.0577 1684 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    13:59:04.0577 1684 AppID - ok
    13:59:04.0686 1684 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    13:59:04.0701 1684 arc - ok
    13:59:04.0748 1684 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    13:59:04.0748 1684 arcsas - ok
    13:59:04.0857 1684 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    13:59:04.0857 1684 AsyncMac - ok
    13:59:05.0029 1684 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    13:59:05.0029 1684 atapi - ok
    13:59:05.0216 1684 athr (40734f3a5eec4c4ac6a1faf10b293714) C:\Windows\system32\DRIVERS\athrx.sys
    13:59:05.0294 1684 athr - ok
    13:59:05.0450 1684 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
    13:59:05.0450 1684 AtiHdmiService - ok
    13:59:05.0466 1684 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys
    13:59:05.0481 1684 AtiPcie - ok
    13:59:05.0544 1684 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    13:59:05.0559 1684 b06bdrv - ok
    13:59:05.0606 1684 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    13:59:05.0606 1684 b57nd60a - ok
    13:59:05.0700 1684 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    13:59:05.0700 1684 Beep - ok
    13:59:05.0825 1684 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    13:59:05.0825 1684 blbdrive - ok
    13:59:05.0981 1684 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    13:59:05.0981 1684 bowser - ok
    13:59:06.0043 1684 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    13:59:06.0043 1684 BrFiltLo - ok
    13:59:06.0074 1684 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    13:59:06.0074 1684 BrFiltUp - ok
    13:59:06.0105 1684 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    13:59:06.0121 1684 Brserid - ok
    13:59:06.0137 1684 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    13:59:06.0137 1684 BrSerWdm - ok
    13:59:06.0152 1684 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    13:59:06.0168 1684 BrUsbMdm - ok
    13:59:06.0183 1684 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    13:59:06.0183 1684 BrUsbSer - ok
    13:59:06.0199 1684 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    13:59:06.0199 1684 BTHMODEM - ok
    13:59:06.0230 1684 catchme - ok
    13:59:06.0371 1684 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    13:59:06.0371 1684 cdfs - ok
    13:59:06.0433 1684 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
    13:59:06.0433 1684 cdrom - ok
    13:59:06.0527 1684 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    13:59:06.0542 1684 circlass - ok
    13:59:06.0667 1684 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    13:59:06.0667 1684 CLFS - ok
    13:59:06.0854 1684 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    13:59:06.0854 1684 CmBatt - ok
    13:59:06.0963 1684 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    13:59:06.0979 1684 cmdide - ok
    13:59:07.0041 1684 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
    13:59:07.0041 1684 CNG - ok
    13:59:07.0088 1684 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    13:59:07.0104 1684 Compbatt - ok
    13:59:07.0135 1684 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
    13:59:07.0151 1684 CompositeBus - ok
    13:59:07.0244 1684 CpqDfw - ok
    13:59:07.0291 1684 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    13:59:07.0291 1684 crcdisk - ok
    13:59:07.0369 1684 dc3d (7f61fbe259c18666d8ddf862f13a5eb0) C:\Windows\system32\DRIVERS\dc3d.sys
    13:59:07.0369 1684 dc3d - ok
    13:59:07.0541 1684 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    13:59:07.0541 1684 DfsC - ok
    13:59:07.0619 1684 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    13:59:07.0619 1684 discache - ok
    13:59:07.0665 1684 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    13:59:07.0665 1684 Disk - ok
    13:59:07.0806 1684 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
    13:59:07.0821 1684 Dot4 - ok
    13:59:07.0946 1684 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
    13:59:07.0946 1684 Dot4Print - ok
    13:59:08.0024 1684 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
    13:59:08.0024 1684 dot4usb - ok
    13:59:08.0102 1684 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    13:59:08.0102 1684 drmkaud - ok
    13:59:08.0196 1684 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
    13:59:08.0227 1684 DXGKrnl - ok
    13:59:08.0399 1684 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    13:59:08.0492 1684 ebdrv - ok
    13:59:08.0648 1684 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    13:59:08.0664 1684 elxstor - ok
    13:59:08.0726 1684 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    13:59:08.0726 1684 ErrDev - ok
    13:59:08.0804 1684 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    13:59:08.0804 1684 exfat - ok
    13:59:08.0851 1684 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    13:59:08.0851 1684 fastfat - ok
    13:59:08.0882 1684 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    13:59:08.0882 1684 fdc - ok
    13:59:09.0038 1684 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    13:59:09.0054 1684 FileInfo - ok
    13:59:09.0101 1684 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    13:59:09.0132 1684 Filetrace - ok
    13:59:09.0241 1684 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    13:59:09.0241 1684 flpydisk - ok
    13:59:09.0303 1684 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    13:59:09.0319 1684 FltMgr - ok
    13:59:09.0428 1684 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    13:59:09.0428 1684 FsDepends - ok
    13:59:09.0537 1684 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
    13:59:09.0553 1684 fssfltr - ok
    13:59:09.0678 1684 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
    13:59:09.0693 1684 Fs_Rec - ok
    13:59:09.0803 1684 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
    13:59:09.0803 1684 fvevol - ok
    13:59:09.0865 1684 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    13:59:09.0865 1684 gagp30kx - ok
    13:59:10.0005 1684 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    13:59:10.0005 1684 GEARAspiWDM - ok
    13:59:10.0068 1684 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    13:59:10.0068 1684 hcw85cir - ok
    13:59:10.0130 1684 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
    13:59:10.0146 1684 HdAudAddService - ok
    13:59:10.0208 1684 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
    13:59:10.0208 1684 HDAudBus - ok
    13:59:10.0239 1684 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    13:59:10.0239 1684 HidBatt - ok
    13:59:10.0302 1684 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    13:59:10.0302 1684 HidBth - ok
    13:59:10.0349 1684 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    13:59:10.0349 1684 HidIr - ok
    13:59:10.0427 1684 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
    13:59:10.0427 1684 HidUsb - ok
    13:59:10.0645 1684 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    13:59:10.0645 1684 HpSAMD - ok
    13:59:10.0754 1684 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    13:59:10.0785 1684 HTTP - ok
    13:59:10.0832 1684 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    13:59:10.0832 1684 hwpolicy - ok
    13:59:10.0879 1684 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
    13:59:10.0895 1684 i8042prt - ok
    13:59:10.0957 1684 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    13:59:10.0973 1684 iaStorV - ok
    13:59:11.0144 1684 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
    13:59:11.0300 1684 igfx - ok
    13:59:11.0409 1684 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    13:59:11.0425 1684 iirsp - ok
    13:59:11.0565 1684 IntcAzAudAddService (d311e2dd59a34079d89c249b2a4d9fdb) C:\Windows\system32\drivers\RTKVHD64.sys
    13:59:11.0628 1684 IntcAzAudAddService - ok
    13:59:11.0675 1684 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    13:59:11.0675 1684 intelide - ok
    13:59:11.0721 1684 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    13:59:11.0721 1684 intelppm - ok
    13:59:11.0784 1684 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    13:59:11.0784 1684 IpFilterDriver - ok
    13:59:11.0831 1684 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    13:59:11.0846 1684 IPMIDRV - ok
    13:59:11.0877 1684 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    13:59:11.0893 1684 IPNAT - ok
    13:59:11.0909 1684 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    13:59:11.0909 1684 IRENUM - ok
    13:59:11.0955 1684 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    13:59:11.0955 1684 isapnp - ok
    13:59:12.0002 1684 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    13:59:12.0018 1684 iScsiPrt - ok
    13:59:12.0065 1684 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
    13:59:12.0065 1684 kbdclass - ok
    13:59:12.0096 1684 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
    13:59:12.0096 1684 kbdhid - ok
    13:59:12.0189 1684 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
    13:59:12.0189 1684 KSecDD - ok
    13:59:12.0267 1684 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
    13:59:12.0267 1684 KSecPkg - ok
    13:59:12.0361 1684 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    13:59:12.0361 1684 ksthunk - ok
    13:59:12.0501 1684 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    13:59:12.0501 1684 lltdio - ok
    13:59:12.0642 1684 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
    13:59:12.0657 1684 LSI_FC - ok
    13:59:12.0767 1684 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
    13:59:12.0767 1684 LSI_SAS - ok
    13:59:12.0845 1684 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    13:59:12.0845 1684 LSI_SAS2 - ok
    13:59:12.0938 1684 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    13:59:12.0954 1684 LSI_SCSI - ok
    13:59:13.0063 1684 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    13:59:13.0063 1684 luafv - ok
    13:59:13.0188 1684 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
    13:59:13.0203 1684 MBAMProtector - ok
    13:59:13.0266 1684 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
    13:59:13.0266 1684 megasas - ok
    13:59:13.0344 1684 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
    13:59:13.0359 1684 MegaSR - ok
    13:59:13.0453 1684 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    13:59:13.0453 1684 Modem - ok
    13:59:13.0531 1684 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    13:59:13.0531 1684 monitor - ok
    13:59:13.0625 1684 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
    13:59:13.0625 1684 mouclass - ok
    13:59:13.0687 1684 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    13:59:13.0687 1684 mouhid - ok
    13:59:13.0765 1684 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    13:59:13.0781 1684 mountmgr - ok
    13:59:13.0890 1684 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    13:59:13.0890 1684 mpio - ok
    13:59:13.0968 1684 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    13:59:13.0968 1684 mpsdrv - ok
    13:59:14.0061 1684 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    13:59:14.0061 1684 MRxDAV - ok
    13:59:14.0202 1684 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    13:59:14.0202 1684 mrxsmb - ok
    13:59:14.0280 1684 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    13:59:14.0295 1684 mrxsmb10 - ok
    13:59:14.0358 1684 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    13:59:14.0358 1684 mrxsmb20 - ok
    13:59:14.0467 1684 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    13:59:14.0467 1684 msahci - ok
    13:59:14.0545 1684 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    13:59:14.0545 1684 msdsm - ok
    13:59:14.0639 1684 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    13:59:14.0639 1684 Msfs - ok
    13:59:14.0654 1684 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    13:59:14.0654 1684 mshidkmdf - ok
    13:59:14.0701 1684 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    13:59:14.0701 1684 msisadrv - ok
    13:59:14.0748 1684 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    13:59:14.0748 1684 MSKSSRV - ok
    13:59:14.0763 1684 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    13:59:14.0763 1684 MSPCLOCK - ok
    13:59:14.0795 1684 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    13:59:14.0795 1684 MSPQM - ok
    13:59:14.0826 1684 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    13:59:14.0841 1684 MsRPC - ok
    13:59:14.0873 1684 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
    13:59:14.0873 1684 mssmbios - ok
    13:59:14.0904 1684 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    13:59:14.0904 1684 MSTEE - ok
    13:59:14.0919 1684 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    13:59:14.0919 1684 MTConfig - ok
    13:59:15.0060 1684 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    13:59:15.0060 1684 Mup - ok
    13:59:15.0216 1684 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
    13:59:15.0231 1684 NativeWifiP - ok
    13:59:15.0387 1684 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
    13:59:15.0419 1684 NDIS - ok
    13:59:15.0543 1684 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
    13:59:15.0559 1684 NdisCap - ok
    13:59:15.0621 1684 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
    13:59:15.0621 1684 NdisTapi - ok
    13:59:15.0777 1684 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
    13:59:15.0777 1684 Ndisuio - ok
    13:59:15.0949 1684 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
    13:59:15.0965 1684 NdisWan - ok
    13:59:16.0105 1684 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    13:59:16.0121 1684 NDProxy - ok
    13:59:16.0277 1684 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
    13:59:16.0277 1684 NetBIOS - ok
    13:59:16.0464 1684 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
    13:59:16.0464 1684 NetBT - ok
    13:59:16.0776 1684 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
    13:59:16.0901 1684 netw5v64 - ok
    13:59:17.0057 1684 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
    13:59:17.0057 1684 nfrd960 - ok
    13:59:17.0228 1684 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    13:59:17.0244 1684 Npfs - ok
    13:59:17.0400 1684 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
    13:59:17.0400 1684 nsiproxy - ok
    13:59:17.0603 1684 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
    13:59:17.0665 1684 Ntfs - ok
    13:59:17.0790 1684 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    13:59:17.0790 1684 Null - ok
    13:59:17.0930 1684 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
    13:59:17.0930 1684 nvraid - ok
    13:59:18.0055 1684 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
    13:59:18.0055 1684 nvstor - ok
    13:59:18.0164 1684 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
    13:59:18.0164 1684 nv_agp - ok
    13:59:18.0320 1684 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    13:59:18.0320 1684 ohci1394 - ok
    13:59:18.0492 1684 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
    13:59:18.0507 1684 Parport - ok
    13:59:18.0648 1684 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
    13:59:18.0663 1684 partmgr - ok
    13:59:18.0804 1684 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    13:59:18.0804 1684 pci - ok
    13:59:18.0960 1684 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    13:59:18.0960 1684 pciide - ok
    13:59:19.0116 1684 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
    13:59:19.0116 1684 pcmcia - ok
    13:59:19.0287 1684 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    13:59:19.0303 1684 pcw - ok
    13:59:19.0490 1684 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    13:59:19.0506 1684 PEAUTH - ok
    13:59:19.0740 1684 Point64 (33328fa8a580885ab0065be6db266e9f) C:\Windows\system32\DRIVERS\point64.sys
    13:59:19.0740 1684 Point64 - ok
    13:59:19.0943 1684 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    13:59:19.0943 1684 PptpMiniport - ok
    13:59:20.0083 1684 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
    13:59:20.0083 1684 Processor - ok
    13:59:20.0286 1684 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    13:59:20.0301 1684 Psched - ok
    13:59:20.0442 1684 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
    13:59:20.0442 1684 PSI - ok
    13:59:20.0613 1684 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
    13:59:20.0691 1684 ql2300 - ok
    13:59:20.0816 1684 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
    13:59:20.0816 1684 ql40xx - ok
    13:59:20.0957 1684 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    13:59:20.0957 1684 QWAVEdrv - ok
    13:59:21.0081 1684 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    13:59:21.0097 1684 RasAcd - ok
    13:59:21.0222 1684 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    13:59:21.0222 1684 RasAgileVpn - ok
    13:59:21.0378 1684 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    13:59:21.0378 1684 Rasl2tp - ok
    13:59:21.0518 1684 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    13:59:21.0534 1684 RasPppoe - ok
    13:59:21.0659 1684 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    13:59:21.0659 1684 RasSstp - ok
    13:59:21.0815 1684 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    13:59:21.0830 1684 rdbss - ok
    13:59:21.0924 1684 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
    13:59:21.0924 1684 rdpbus - ok
    13:59:22.0017 1684 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    13:59:22.0017 1684 RDPCDD - ok
    13:59:22.0158 1684 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    13:59:22.0158 1684 RDPENCDD - ok
    13:59:22.0283 1684 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    13:59:22.0283 1684 RDPREFMP - ok
    13:59:22.0439 1684 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
    13:59:22.0439 1684 RDPWD - ok
    13:59:22.0595 1684 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    13:59:22.0595 1684 rdyboost - ok
    13:59:22.0813 1684 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    13:59:22.0813 1684 rspndr - ok
    13:59:22.0938 1684 RSUSBSTOR (22d6b47d004a6568c500680be2972854) C:\Windows\system32\Drivers\RtsUStor.sys
    13:59:22.0953 1684 RSUSBSTOR - ok
    13:59:23.0109 1684 RTL8167 (4fbda07ef0a3097ce14c5cabf723b278) C:\Windows\system32\DRIVERS\Rt64win7.sys
    13:59:23.0125 1684 RTL8167 - ok
    13:59:23.0281 1684 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    13:59:23.0281 1684 sbp2port - ok
    13:59:23.0453 1684 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    13:59:23.0453 1684 scfilter - ok
    13:59:23.0640 1684 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
    13:59:23.0640 1684 sdbus - ok
    13:59:23.0811 1684 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    13:59:23.0827 1684 secdrv - ok
    13:59:24.0030 1684 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
    13:59:24.0045 1684 Serenum - ok
    13:59:24.0186 1684 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
    13:59:24.0186 1684 Serial - ok
    13:59:24.0357 1684 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
    13:59:24.0357 1684 sermouse - ok
    13:59:24.0529 1684 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
    13:59:24.0529 1684 sffdisk - ok
    13:59:24.0685 1684 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    13:59:24.0701 1684 sffp_mmc - ok
    13:59:24.0841 1684 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
    13:59:24.0857 1684 sffp_sd - ok
    13:59:24.0981 1684 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
    13:59:24.0981 1684 sfloppy - ok
    13:59:25.0169 1684 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
    13:59:25.0200 1684 Sftfs - ok
    13:59:25.0496 1684 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
    13:59:25.0543 1684 Sftplay - ok
    13:59:25.0824 1684 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
    13:59:25.0824 1684 Sftredir - ok
    13:59:25.0964 1684 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
    13:59:25.0964 1684 Sftvol - ok
    13:59:26.0136 1684 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    13:59:26.0136 1684 SiSRaid2 - ok
    13:59:26.0276 1684 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
    13:59:26.0292 1684 SiSRaid4 - ok
    13:59:26.0448 1684 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    13:59:26.0448 1684 Smb - ok
    13:59:26.0619 1684 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    13:59:26.0619 1684 spldr - ok
    13:59:26.0822 1684 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    13:59:26.0822 1684 srv - ok
    13:59:27.0009 1684 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    13:59:27.0025 1684 srv2 - ok
    13:59:27.0165 1684 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
    13:59:27.0165 1684 SrvHsfHDA - ok
    13:59:27.0353 1684 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
    13:59:27.0399 1684 SrvHsfV92 - ok
    13:59:27.0555 1684 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
    13:59:27.0587 1684 SrvHsfWinac - ok
    13:59:27.0743 1684 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    13:59:27.0743 1684 srvnet - ok
    13:59:27.0821 1684 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
    13:59:27.0836 1684 stexstor - ok
    13:59:27.0899 1684 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
    13:59:27.0899 1684 StillCam - ok
    13:59:27.0977 1684 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
    13:59:27.0977 1684 swenum - ok
    13:59:28.0023 1684 SynTP (868dfb220a18312a12cef01ba9ac069b) C:\Windows\system32\DRIVERS\SynTP.sys
    13:59:28.0039 1684 SynTP - ok
    13:59:28.0242 1684 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
    13:59:28.0304 1684 Tcpip - ok
    13:59:28.0491 1684 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
    13:59:28.0507 1684 TCPIP6 - ok
    13:59:28.0679 1684 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
    13:59:28.0679 1684 tcpipreg - ok
    13:59:28.0757 1684 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    13:59:28.0757 1684 TDPIPE - ok
    13:59:28.0819 1684 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
    13:59:28.0819 1684 TDTCP - ok
    13:59:28.0897 1684 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    13:59:28.0913 1684 tdx - ok
    13:59:29.0022 1684 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
    13:59:29.0037 1684 TermDD - ok
    13:59:29.0256 1684 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    13:59:29.0256 1684 tssecsrv - ok
    13:59:29.0365 1684 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
    13:59:29.0365 1684 TsUsbFlt - ok
    13:59:29.0521 1684 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    13:59:29.0537 1684 tunnel - ok
    13:59:29.0630 1684 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
    13:59:29.0630 1684 uagp35 - ok
    13:59:29.0786 1684 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    13:59:29.0786 1684 udfs - ok
    13:59:29.0958 1684 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    13:59:29.0958 1684 uliagpkx - ok
    13:59:30.0083 1684 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
    13:59:30.0083 1684 umbus - ok
    13:59:30.0223 1684 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
    13:59:30.0223 1684 UmPass - ok
    13:59:30.0379 1684 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
    13:59:30.0379 1684 usbaudio - ok
    13:59:30.0488 1684 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
    13:59:30.0504 1684 usbccgp - ok
    13:59:30.0644 1684 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    13:59:30.0644 1684 usbcir - ok
    13:59:30.0722 1684 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
    13:59:30.0738 1684 usbehci - ok
    13:59:31.0034 1684 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
    13:59:31.0050 1684 usbfilter - ok
    13:59:31.0284 1684 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
    13:59:31.0299 1684 usbhub - ok
    13:59:31.0424 1684 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
    13:59:31.0424 1684 usbohci - ok
    13:59:31.0596 1684 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    13:59:31.0596 1684 usbprint - ok
    13:59:31.0783 1684 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
    13:59:31.0799 1684 usbscan - ok
    13:59:31.0970 1684 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    13:59:31.0970 1684 USBSTOR - ok
    13:59:32.0126 1684 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
    13:59:32.0126 1684 usbuhci - ok
    13:59:32.0282 1684 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
    13:59:32.0282 1684 usbvideo - ok
    13:59:32.0454 1684 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    13:59:32.0454 1684 vdrvroot - ok
    13:59:32.0610 1684 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    13:59:32.0610 1684 vga - ok
    13:59:32.0750 1684 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    13:59:32.0750 1684 VgaSave - ok
    13:59:32.0891 1684 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    13:59:32.0891 1684 vhdmp - ok
    13:59:33.0031 1684 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    13:59:33.0031 1684 viaide - ok
    13:59:33.0156 1684 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    13:59:33.0156 1684 volmgr - ok
    13:59:33.0312 1684 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    13:59:33.0312 1684 volmgrx - ok
    13:59:33.0483 1684 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    13:59:33.0483 1684 volsnap - ok
    13:59:33.0593 1684 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
    13:59:33.0593 1684 vsmraid - ok
    13:59:33.0733 1684 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    13:59:33.0733 1684 vwifibus - ok
    13:59:33.0842 1684 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    13:59:33.0842 1684 vwififlt - ok
    13:59:33.0951 1684 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
    13:59:33.0967 1684 vwifimp - ok
    13:59:34.0014 1684 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
    13:59:34.0014 1684 WacomPen - ok
    13:59:34.0076 1684 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    13:59:34.0076 1684 WANARP - ok
    13:59:34.0092 1684 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    13:59:34.0092 1684 Wanarpv6 - ok
    13:59:34.0248 1684 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
    13:59:34.0248 1684 Wd - ok
    13:59:34.0419 1684 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    13:59:34.0435 1684 Wdf01000 - ok
    13:59:34.0653 1684 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    13:59:34.0653 1684 WfpLwf - ok
    13:59:34.0794 1684 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    13:59:34.0809 1684 WIMMount - ok
    13:59:35.0012 1684 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
    13:59:35.0028 1684 WinUsb - ok
    13:59:35.0215 1684 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
    13:59:35.0215 1684 WmiAcpi - ok
    13:59:35.0387 1684 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    13:59:35.0387 1684 ws2ifsl - ok
    13:59:35.0574 1684 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
    13:59:35.0574 1684 WSDPrintDevice - ok
    13:59:35.0761 1684 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
    13:59:35.0777 1684 WudfPf - ok
    13:59:35.0948 1684 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
    13:59:35.0948 1684 WUDFRd - ok
    13:59:36.0135 1684 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
    13:59:36.0151 1684 yukonw7 - ok
    13:59:36.0182 1684 MBR (0x1B8) (5b0fe4f8b89e44902b10336475518e06) \Device\Harddisk0\DR0
    13:59:36.0229 1684 \Device\Harddisk0\DR0 - ok
    13:59:36.0260 1684 Boot (0x1200) (8b2f1556608501c37f58ff27e6a0b09d) \Device\Harddisk0\DR0\Partition0
    13:59:36.0276 1684 \Device\Harddisk0\DR0\Partition0 - ok
    13:59:36.0338 1684 Boot (0x1200) (caf481e5cab69e0c1206485f1023e10c) \Device\Harddisk0\DR0\Partition1
    13:59:36.0354 1684 \Device\Harddisk0\DR0\Partition1 - ok
    13:59:36.0401 1684 Boot (0x1200) (8f6c49ebc4ac22ddcb9f9472340388ba) \Device\Harddisk0\DR0\Partition2
    13:59:36.0401 1684 \Device\Harddisk0\DR0\Partition2 - ok
    13:59:36.0416 1684 Boot (0x1200) (06a6b1daff3b88379ce551a5f8b4146b) \Device\Harddisk0\DR0\Partition3
    13:59:36.0416 1684 \Device\Harddisk0\DR0\Partition3 - ok
    13:59:36.0416 1684 ============================================================
    13:59:36.0416 1684 Scan finished
    13:59:36.0416 1684 ============================================================
    13:59:36.0447 6100 Detected object count: 0
    13:59:36.0447 6100 Actual detected object count: 0

  10. #10
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,066

    Default

    ok. Nothing wrong with that. Hows the redirection issue looking now?
    How Can I Reduce My Risk?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •