Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Ran Hitman Pro 3.5 now Windows won't boot [Solved]

Started by GeoffB , Nov 23 2011 12:45 PM

  • This topic is locked This topic is locked

#31
GeoffB
Posted 05 December 2011 - 09:56 AM

GeoffB

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
That's it, booted up right away! What's our next move? I'm holding off from uninstalling and removing hitman pro until you tell me to. I'm also happy to say that my google redirect virus seems to be gone as well. I guess Hitman Pro did something right after all.

Thanks for all your help and patience. If I'm ever in the UK the beers on me.

Geoff
  • 0

Advertisements

#32
azarl
Posted 05 December 2011 - 10:19 AM

azarl

    GeekU Admin

  • Community Leader
  • 25,310 posts
Let's see what's left

Download and Save this file -- to your Desktop
http://download.blee...Bs/ComboFix.exe
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks
  • Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.
  • A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.
Posted Image
Posted Image

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.
  • 0

#33
GeoffB
Posted 05 December 2011 - 03:12 PM

GeoffB

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
ComboFix Log:

ComboFix 11-12-05.02 - Geoff 12/05/2011 12:49:01.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.2144 [GMT -7:00]
Running from: c:\users\Geoff\Desktop\ComboFix.exe
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\iexplorer
c:\program files (x86)\iexplorer\AxInterop.QTOControlLib.dll
c:\program files (x86)\iexplorer\ICSharpCode.SharpZipLib.dll
c:\program files (x86)\iexplorer\iExplorer.exe
c:\program files (x86)\iexplorer\Interop.QTOControlLib.dll
c:\program files (x86)\iexplorer\Interop.QTOLibrary.dll
c:\program files (x86)\iexplorer\isxdl.dll
c:\program files (x86)\iexplorer\MPCrashReporter.dll
c:\program files (x86)\iexplorer\MPUpdater.dll
c:\program files (x86)\iexplorer\msvcr71.dll
c:\program files (x86)\iexplorer\PodPhone2.dll
c:\program files (x86)\iexplorer\unins000.dat
c:\program files (x86)\iexplorer\unins000.exe
c:\program files (x86)\iexplorer\unins000.msg
c:\programdata\RECYCLER
c:\programdata\RECYCLER\S-1-5-18\desktop.ini
c:\programdata\RECYCLER\S-1-5-18\INFO2
c:\windows\assembly\tmp\U
c:\windows\system32\drivers\etc\hosts.txt
.
.
((((((((((((((((((((((((( Files Created from 2011-11-05 to 2011-12-05 )))))))))))))))))))))))))))))))
.
.
2011-12-05 20:34 . 2011-12-05 20:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-25 21:21 . 2011-11-28 03:59 -------- d-----w- C:\FRST
2011-11-21 19:38 . 2011-11-21 19:38 25160 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-11-21 19:38 . 2011-11-21 19:38 -------- d-----w- c:\program files\Hitman Pro 3.5
2011-11-21 19:38 . 2011-11-21 19:44 -------- d-----w- c:\programdata\Hitman Pro
2011-11-21 19:15 . 2011-11-29 16:43 -------- d-----w- c:\users\Administrator
2011-11-16 19:59 . 2011-11-16 19:59 -------- d-----w- c:\windows\system32\Macromed
2011-11-16 17:18 . 2011-11-16 17:18 -------- d-sh--w- c:\users\Geoff\AppData\Local\a4633784
2011-11-15 00:44 . 2011-11-14 16:15 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-11-14 20:13 . 2011-11-03 19:06 69376 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-11-09 21:15 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-09 21:15 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-09 21:14 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 21:14 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-05 17:13 . 2011-06-22 02:18 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Pinyin IME Migration"="c:\progra~2\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE" [2011-06-01 32112]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-04-02 98304]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-07-07 8493624]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-27 30040]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-06-28 1486392]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2011-05-10 5607080]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files (x86)\MpcStar\Codecs\QuickTime\QTTask.exe" [2011-07-06 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-10 421736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ActivClient Agent.lnk - c:\program files\ActivIdentity\ActivClient\acsagent.exe [2009-6-3 164904]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
SRS Premium Sound.lnk - c:\windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2009-9-28 156880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe\0lsdelete
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200804]
IME File REG_SZ IMSC12.IME
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-09-07 22:58 37296 ----a-w- c:\program files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
2009-09-28 07:51 3054136 ----a-w- c:\windows\AsScrPro.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2008-07-19 02:52 104936 ----a-w- c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-29 135664]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-29 135664]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 FastBootAgent;FastBootAgent;c:\windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-11-03 2152152]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe [2011-08-10 102608]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-04-14 245352]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
S2 SDFirewallService;Spybot-S&D 2 Firewall Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFWSvc.exe [2011-05-10 3585696]
S2 SDMonitorService;Spybot-S&D 2 Monitoring Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDMonSvc.exe [2011-05-10 3834456]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2011-05-10 3515656]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2011-05-10 3769048]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2011-05-11 167040]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-05-22 17152]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-05 c:\windows\Tasks\Google Software Updater.job
- c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-03-29 20:05]
.
2011-12-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-29 16:55]
.
2011-12-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-29 16:55]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Pinyin IME Migration"="c:\progra~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE" [2011-05-26 59248]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-07-30 617856]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]
"acevents"="c:\program files\ActivIdentity\ActivClient\acevents.exe" [2009-12-04 196648]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2010-10-27 489512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/?ilc=8
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.yahoo.com/?ilc=8
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
FF - ProfilePath - c:\users\Geoff\AppData\Roaming\Mozilla\Firefox\Profiles\o9cygbk3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=mkg030&p=
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mkg030&p=
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
FF - user.js: browser.sessionstore.resume_from_crash - false
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Notify-SDWinLogon - SDWinLogon.dll
Toolbar-Locked - (no file)
HKLM-Run-(Default) - (no file)
AddRemove-Asus_ULSeries_ScreenSaver - c:\windows\system32\Asus_ULSeries_ScreenSaver.scr
AddRemove-{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1 - c:\program files (x86)\iExplorer\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\Atouch64.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
c:\program files (x86)\ASUS\ASUS Live Update\ALU.exe
.
**************************************************************************
.
Completion time: 2011-12-05 14:06:01 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-05 21:06
.
Pre-Run: 27,397,476,352 bytes free
Post-Run: 26,979,463,168 bytes free
.
- - End Of File - - 15DECA58175E090F1673E296DE6A47E1


Also, when I restarted before I had to use F10 and delete the MININT files to be able to get my computer to boot properly. Without doing that It would still try to do the Start up Repair.

I believe I may have screwed up the ComboFix operation from the beginning but I ran it to it's entirety anyway. As I ran combofix I didn't realize that my McAfee would cause a problem, and it detected a file that I didn't know was associated with ComboFix. That file attempted to gain access to both Firefox and iExplorer. I've noticed after I ran Combofix and my computer restarted that when I try and access Firefox it says "Illegal operation attempted on a registry key that has been marked for deletion.
  • 0

#34
azarl
Posted 06 December 2011 - 07:46 AM

azarl

    GeekU Admin

  • Community Leader
  • 25,310 posts
Reboot the machine

Once back in Windows go to Start and type
CMD in the search box.
In the results, Right click CMD.exe and click on "Run as Administrator"

Copy and paste the below command to the command prompt window and press enter: (to paste into a command window, right click in the command window and then click paste on the menu.

bcdedit /export c:\bcd_ old
Then press enter

Repeat with
bcdedit /set {current} winpe no
and again press enter

It should reboot normally now
  • 0

#35
GeoffB
Posted 06 December 2011 - 11:35 AM

GeoffB

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
That worked it restarted normally without having to press F10. Should I go ahead and uninstall/remove hitman pro from my programs file?
  • 0

#36
azarl
Posted 06 December 2011 - 01:47 PM

azarl

    GeekU Admin

  • Community Leader
  • 25,310 posts
Yes please.

Then ...

» Step 1 «
Clear Cache/Temp Files
Download TFC by OldTimer to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

  • 0

#37
GeoffB
Posted 07 December 2011 - 12:08 PM

GeoffB

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Deleted Hitman Pro, and ran Old Timer as you requested.
  • 0

#38
azarl
Posted 07 December 2011 - 12:34 PM

azarl

    GeekU Admin

  • Community Leader
  • 25,310 posts
Does it seem OK?
  • 0

#39
GeoffB
Posted 07 December 2011 - 12:55 PM

GeoffB

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Yeah everything seems great I haven't had any issues. Is there anything else you would like me to do?
  • 0

#40
azarl
Posted 07 December 2011 - 01:08 PM

azarl

    GeekU Admin

  • Community Leader
  • 25,310 posts

Yeah everything seems great I haven't had any issues. Is there anything else you would like me to do?


Just a bit of cleaning up

Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy & Paste the entire report in your next reply.
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.


Follow these steps to uninstall ComboFix and tools used in the removal of malware
  • Click START then RUN
  • Now type ComboFix /Uninstall in the run box and click OK. Note the space between the ComboFix and the /U, it needs to be there.
    Posted Image

  • 0

Advertisements

#41
GeoffB
Posted 07 December 2011 - 01:47 PM

GeoffB

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8329

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

12/7/2011 12:46:27 PM
mbam-log-2011-12-07 (12-46-27).txt

Scan type: Quick scan
Objects scanned: 197900
Time elapsed: 8 minute(s), 3 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Geoff\AppData\Local\Temp\0.4306952419020348.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.
c:\Users\Geoff\AppData\Local\Temp\0.29800893680733853gtye.exe (Exploit.Drop.4) -> Quarantined and deleted successfully.
  • 0

#42
azarl
Posted 08 December 2011 - 02:50 AM

azarl

    GeekU Admin

  • Community Leader
  • 25,310 posts
We just need to check a bit more

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
  • 0

#43
GeoffB
Posted 08 December 2011 - 11:35 AM

GeoffB

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
I downloaded aswMBR.exe as you had requested. I ran it twice and both times after I hit scan I would get the "Blue Screen of Death" within seconds and my computer would automatically restart.
  • 0

#44
azarl
Posted 08 December 2011 - 12:36 PM

azarl

    GeekU Admin

  • Community Leader
  • 25,310 posts
OK, let's try this

Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then right click and Run as Administrator

If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.
  • 0

#45
GeoffB
Posted 08 December 2011 - 03:53 PM

GeoffB

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
TDSSKILLER Log:

14:51:02.0237 4324 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06
14:51:03.0625 4324 ============================================================
14:51:03.0625 4324 Current date / time: 2011/12/08 14:51:03.0625
14:51:03.0625 4324 SystemInfo:
14:51:03.0625 4324
14:51:03.0625 4324 OS Version: 6.1.7601 ServicePack: 1.0
14:51:03.0625 4324 Product type: Workstation
14:51:03.0625 4324 ComputerName: GEOFF-LAPTOP
14:51:03.0625 4324 UserName: Geoff
14:51:03.0625 4324 Windows directory: C:\Windows
14:51:03.0625 4324 System windows directory: C:\Windows
14:51:03.0625 4324 Running under WOW64
14:51:03.0625 4324 Processor architecture: Intel x64
14:51:03.0625 4324 Number of processors: 2
14:51:03.0625 4324 Page size: 0x1000
14:51:03.0625 4324 Boot type: Normal boot
14:51:03.0625 4324 ============================================================
14:51:04.0670 4324 Initialize success
14:51:07.0135 4460 ============================================================
14:51:07.0135 4460 Scan started
14:51:07.0135 4460 Mode: Manual;
14:51:07.0135 4460 ============================================================
14:51:08.0321 4460 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
14:51:08.0430 4460 1394ohci - ok
14:51:08.0570 4460 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
14:51:08.0586 4460 ACPI - ok
14:51:08.0695 4460 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
14:51:08.0804 4460 AcpiPmi - ok
14:51:08.0945 4460 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
14:51:08.0992 4460 adp94xx - ok
14:51:09.0132 4460 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
14:51:09.0148 4460 adpahci - ok
14:51:09.0194 4460 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
14:51:09.0210 4460 adpu320 - ok
14:51:09.0382 4460 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
14:51:09.0397 4460 AFD - ok
14:51:09.0569 4460 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
14:51:09.0584 4460 agp440 - ok
14:51:09.0725 4460 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
14:51:09.0725 4460 aliide - ok
14:51:09.0850 4460 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
14:51:09.0865 4460 amdide - ok
14:51:09.0912 4460 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
14:51:09.0928 4460 AmdK8 - ok
14:51:10.0006 4460 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:51:10.0021 4460 AmdPPM - ok
14:51:10.0052 4460 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
14:51:10.0162 4460 amdsata - ok
14:51:10.0271 4460 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
14:51:10.0302 4460 amdsbs - ok
14:51:10.0333 4460 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
14:51:10.0442 4460 amdxata - ok
14:51:10.0552 4460 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
14:51:10.0676 4460 AmUStor - ok
14:51:10.0817 4460 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
14:51:10.0926 4460 AppID - ok
14:51:11.0098 4460 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
14:51:11.0098 4460 arc - ok
14:51:11.0222 4460 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
14:51:11.0238 4460 arcsas - ok
14:51:11.0332 4460 ASMMAP64 (2db34edd17d3a8da7105a19c95a3dd68) C:\Program Files\ATKGFNEX\ASMMAP64.sys
14:51:11.0456 4460 ASMMAP64 - ok
14:51:11.0581 4460 ASPI32 - ok
14:51:11.0628 4460 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:51:11.0644 4460 AsyncMac - ok
14:51:11.0753 4460 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
14:51:11.0753 4460 atapi - ok
14:51:11.0909 4460 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
14:51:12.0034 4460 athr - ok
14:51:12.0205 4460 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
14:51:12.0221 4460 b06bdrv - ok
14:51:12.0330 4460 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:51:12.0346 4460 b57nd60a - ok
14:51:12.0470 4460 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:51:12.0486 4460 Beep - ok
14:51:12.0626 4460 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:51:12.0642 4460 blbdrive - ok
14:51:12.0767 4460 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
14:51:12.0876 4460 bowser - ok
14:51:12.0923 4460 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:51:12.0923 4460 BrFiltLo - ok
14:51:13.0016 4460 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:51:13.0032 4460 BrFiltUp - ok
14:51:13.0079 4460 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:51:13.0094 4460 Brserid - ok
14:51:13.0126 4460 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:51:13.0141 4460 BrSerWdm - ok
14:51:13.0250 4460 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:51:13.0266 4460 BrUsbMdm - ok
14:51:13.0297 4460 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:51:13.0313 4460 BrUsbSer - ok
14:51:13.0422 4460 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:51:13.0438 4460 BTHMODEM - ok
14:51:13.0484 4460 catchme - ok
14:51:13.0594 4460 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:51:13.0594 4460 cdfs - ok
14:51:13.0734 4460 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
14:51:13.0859 4460 cdrom - ok
14:51:13.0999 4460 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys
14:51:14.0124 4460 cfwids - ok
14:51:14.0233 4460 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
14:51:14.0249 4460 circlass - ok
14:51:14.0280 4460 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:51:14.0296 4460 CLFS - ok
14:51:14.0452 4460 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
14:51:14.0452 4460 CmBatt - ok
14:51:14.0498 4460 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
14:51:14.0498 4460 cmdide - ok
14:51:14.0623 4460 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
14:51:14.0732 4460 CNG - ok
14:51:14.0857 4460 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
14:51:14.0873 4460 Compbatt - ok
14:51:14.0920 4460 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
14:51:15.0044 4460 CompositeBus - ok
14:51:15.0185 4460 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
14:51:15.0185 4460 crcdisk - ok
14:51:15.0341 4460 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
14:51:15.0450 4460 DfsC - ok
14:51:15.0497 4460 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:51:15.0497 4460 discache - ok
14:51:15.0590 4460 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
14:51:15.0606 4460 Disk - ok
14:51:15.0762 4460 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
14:51:15.0778 4460 Dot4 - ok
14:51:15.0809 4460 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:51:15.0902 4460 Dot4Print - ok
14:51:15.0934 4460 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
14:51:15.0949 4460 dot4usb - ok
14:51:16.0058 4460 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:51:16.0074 4460 drmkaud - ok
14:51:16.0230 4460 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
14:51:16.0386 4460 DXGKrnl - ok
14:51:16.0589 4460 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
14:51:16.0714 4460 ebdrv - ok
14:51:16.0885 4460 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
14:51:16.0916 4460 elxstor - ok
14:51:16.0994 4460 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
14:51:17.0010 4460 ErrDev - ok
14:51:17.0166 4460 ETD (1299d1ea00b7a4bf69c5869dca31e0f6) C:\Windows\system32\DRIVERS\ETD.sys
14:51:17.0291 4460 ETD - ok
14:51:17.0338 4460 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:51:17.0353 4460 exfat - ok
14:51:17.0494 4460 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:51:17.0509 4460 fastfat - ok
14:51:17.0556 4460 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
14:51:17.0572 4460 fdc - ok
14:51:17.0681 4460 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:51:17.0696 4460 FileInfo - ok
14:51:17.0712 4460 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:51:17.0712 4460 Filetrace - ok
14:51:17.0852 4460 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
14:51:17.0868 4460 flpydisk - ok
14:51:17.0962 4460 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
14:51:18.0055 4460 FltMgr - ok
14:51:18.0227 4460 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:51:18.0227 4460 FsDepends - ok
14:51:18.0383 4460 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
14:51:18.0445 4460 fssfltr - ok
14:51:18.0508 4460 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
14:51:18.0508 4460 Fs_Rec - ok
14:51:18.0648 4460 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:51:18.0648 4460 fvevol - ok
14:51:18.0773 4460 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:51:18.0788 4460 gagp30kx - ok
14:51:18.0882 4460 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:51:18.0991 4460 GEARAspiWDM - ok
14:51:19.0366 4460 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:51:19.0381 4460 hcw85cir - ok
14:51:19.0475 4460 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
14:51:19.0568 4460 HdAudAddService - ok
14:51:19.0678 4460 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
14:51:19.0678 4460 HDAudBus - ok
14:51:19.0787 4460 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
14:51:19.0802 4460 HidBatt - ok
14:51:19.0865 4460 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:51:19.0880 4460 HidBth - ok
14:51:19.0974 4460 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
14:51:19.0990 4460 HidIr - ok
14:51:20.0239 4460 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
14:51:20.0333 4460 HidUsb - ok
14:51:20.0489 4460 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
14:51:20.0567 4460 HpSAMD - ok
14:51:20.0801 4460 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
14:51:20.0816 4460 HTTP - ok
14:51:20.0988 4460 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
14:51:20.0988 4460 hwpolicy - ok
14:51:21.0175 4460 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
14:51:21.0175 4460 i8042prt - ok
14:51:21.0284 4460 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
14:51:21.0284 4460 iaStor - ok
14:51:21.0394 4460 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
14:51:21.0534 4460 iaStorV - ok
14:51:22.0064 4460 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys
14:51:22.0423 4460 igfx - ok
14:51:22.0579 4460 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
14:51:22.0595 4460 iirsp - ok
14:51:22.0969 4460 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\Windows\system32\drivers\RTKVHD64.sys
14:51:23.0110 4460 IntcAzAudAddService - ok
14:51:23.0234 4460 IntcHdmiAddService (d485d3bd3e2179aa86853a182f70699f) C:\Windows\system32\drivers\IntcHdmi.sys
14:51:23.0312 4460 IntcHdmiAddService - ok
14:51:23.0500 4460 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
14:51:23.0515 4460 intelide - ok
14:51:23.0624 4460 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:51:23.0640 4460 intelppm - ok
14:51:23.0780 4460 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:51:23.0874 4460 IpFilterDriver - ok
14:51:24.0030 4460 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
14:51:24.0139 4460 IPMIDRV - ok
14:51:24.0373 4460 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:51:24.0389 4460 IPNAT - ok
14:51:24.0529 4460 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:51:24.0545 4460 IRENUM - ok
14:51:24.0576 4460 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
14:51:24.0592 4460 isapnp - ok
14:51:24.0794 4460 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
14:51:24.0872 4460 iScsiPrt - ok
14:51:25.0262 4460 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
14:51:25.0294 4460 kbdclass - ok
14:51:25.0574 4460 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
14:51:25.0684 4460 kbdhid - ok
14:51:26.0042 4460 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
14:51:26.0120 4460 kbfiltr - ok
14:51:26.0386 4460 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
14:51:26.0464 4460 KSecDD - ok
14:51:26.0604 4460 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
14:51:26.0682 4460 KSecPkg - ok
14:51:26.0807 4460 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:51:26.0822 4460 ksthunk - ok
14:51:26.0916 4460 L1C (9c46a5421de9d116c47155317cabb522) C:\Windows\system32\DRIVERS\L1C62x64.sys
14:51:26.0994 4460 L1C - ok
14:51:27.0197 4460 Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
14:51:27.0322 4460 Lavasoft Kernexplorer - ok
14:51:27.0462 4460 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:51:27.0478 4460 lltdio - ok
14:51:27.0524 4460 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:51:27.0524 4460 LSI_FC - ok
14:51:27.0634 4460 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:51:27.0634 4460 LSI_SAS - ok
14:51:27.0665 4460 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:51:27.0680 4460 LSI_SAS2 - ok
14:51:27.0712 4460 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:51:27.0712 4460 LSI_SCSI - ok
14:51:27.0836 4460 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:51:27.0836 4460 luafv - ok
14:51:27.0992 4460 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
14:51:28.0070 4460 MBAMProtector - ok
14:51:28.0273 4460 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
14:51:28.0289 4460 megasas - ok
14:51:28.0320 4460 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
14:51:28.0336 4460 MegaSR - ok
14:51:28.0492 4460 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys
14:51:28.0492 4460 mfeapfk - ok
14:51:28.0585 4460 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys
14:51:28.0663 4460 mfeavfk - ok
14:51:28.0788 4460 mfeavfk01 - ok
14:51:28.0850 4460 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys
14:51:28.0944 4460 mfefirek - ok
14:51:29.0038 4460 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys
14:51:29.0116 4460 mfehidk - ok
14:51:29.0240 4460 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys
14:51:29.0318 4460 mfenlfk - ok
14:51:29.0350 4460 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys
14:51:29.0428 4460 mferkdet - ok
14:51:29.0521 4460 mferkdk (624d717b11e5004f68442b5740f17f21) C:\Windows\system32\drivers\mferkdk.sys
14:51:29.0646 4460 mferkdk - ok
14:51:29.0771 4460 mfesmfk (0cd9de7b96735f33f078c4ea044e8b34) C:\Windows\system32\drivers\mfesmfk.sys
14:51:29.0864 4460 mfesmfk - ok
14:51:30.0005 4460 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys
14:51:30.0083 4460 mfewfpk - ok
14:51:30.0208 4460 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:51:30.0208 4460 Modem - ok
14:51:30.0239 4460 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:51:30.0254 4460 monitor - ok
14:51:30.0348 4460 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:51:30.0364 4460 mouclass - ok
14:51:30.0410 4460 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:51:30.0410 4460 mouhid - ok
14:51:30.0488 4460 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
14:51:30.0504 4460 mountmgr - ok
14:51:30.0551 4460 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
14:51:30.0644 4460 mpio - ok
14:51:30.0676 4460 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:51:30.0691 4460 mpsdrv - ok
14:51:30.0878 4460 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
14:51:30.0988 4460 MRxDAV - ok
14:51:31.0128 4460 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:51:31.0222 4460 mrxsmb - ok
14:51:31.0362 4460 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:51:31.0502 4460 mrxsmb10 - ok
14:51:31.0643 4460 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:51:31.0736 4460 mrxsmb20 - ok
14:51:31.0799 4460 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
14:51:31.0877 4460 msahci - ok
14:51:31.0939 4460 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
14:51:32.0017 4460 msdsm - ok
14:51:32.0095 4460 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:51:32.0095 4460 Msfs - ok
14:51:32.0111 4460 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:51:32.0111 4460 mshidkmdf - ok
14:51:32.0189 4460 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
14:51:32.0189 4460 msisadrv - ok
14:51:32.0267 4460 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:51:32.0282 4460 MSKSSRV - ok
14:51:32.0392 4460 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:51:32.0407 4460 MSPCLOCK - ok
14:51:32.0454 4460 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:51:32.0454 4460 MSPQM - ok
14:51:32.0548 4460 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
14:51:32.0610 4460 MsRPC - ok
14:51:32.0657 4460 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
14:51:32.0672 4460 mssmbios - ok
14:51:32.0704 4460 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:51:32.0704 4460 MSTEE - ok
14:51:32.0766 4460 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
14:51:32.0782 4460 MTConfig - ok
14:51:32.0844 4460 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
14:51:32.0906 4460 MTsensor - ok
14:51:32.0984 4460 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:51:33.0000 4460 Mup - ok
14:51:33.0078 4460 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:51:33.0094 4460 NativeWifiP - ok
14:51:33.0281 4460 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
14:51:33.0296 4460 NDIS - ok
14:51:33.0390 4460 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:51:33.0406 4460 NdisCap - ok
14:51:33.0437 4460 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:51:33.0452 4460 NdisTapi - ok
14:51:33.0499 4460 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
14:51:33.0562 4460 Ndisuio - ok
14:51:33.0624 4460 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
14:51:33.0686 4460 NdisWan - ok
14:51:33.0780 4460 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
14:51:33.0889 4460 NDProxy - ok
14:51:34.0030 4460 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:51:34.0030 4460 NetBIOS - ok
14:51:34.0076 4460 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
14:51:34.0076 4460 NetBT - ok
14:51:34.0139 4460 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
14:51:34.0139 4460 nfrd960 - ok
14:51:34.0248 4460 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:51:34.0264 4460 Npfs - ok
14:51:34.0279 4460 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:51:34.0279 4460 nsiproxy - ok
14:51:34.0342 4460 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
14:51:34.0420 4460 Ntfs - ok
14:51:34.0513 4460 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:51:34.0513 4460 Null - ok
14:51:34.0544 4460 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
14:51:34.0638 4460 nvraid - ok
14:51:34.0669 4460 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
14:51:34.0732 4460 nvstor - ok
14:51:34.0778 4460 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
14:51:34.0794 4460 nv_agp - ok
14:51:34.0919 4460 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
14:51:34.0919 4460 ohci1394 - ok
14:51:34.0997 4460 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
14:51:34.0997 4460 Parport - ok
14:51:35.0106 4460 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
14:51:35.0168 4460 partmgr - ok
14:51:35.0215 4460 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
14:51:35.0293 4460 pci - ok
14:51:35.0324 4460 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
14:51:35.0324 4460 pciide - ok
14:51:35.0418 4460 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
14:51:35.0434 4460 pcmcia - ok
14:51:35.0465 4460 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:51:35.0480 4460 pcw - ok
14:51:35.0512 4460 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:51:35.0527 4460 PEAUTH - ok
14:51:35.0746 4460 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
14:51:35.0808 4460 PptpMiniport - ok
14:51:35.0839 4460 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
14:51:35.0855 4460 Processor - ok
14:51:35.0980 4460 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
14:51:35.0980 4460 Psched - ok
14:51:36.0073 4460 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
14:51:36.0104 4460 ql2300 - ok
14:51:36.0198 4460 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
14:51:36.0214 4460 ql40xx - ok
14:51:36.0229 4460 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:51:36.0245 4460 QWAVEdrv - ok
14:51:36.0260 4460 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:51:36.0276 4460 RasAcd - ok
14:51:36.0307 4460 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:51:36.0307 4460 RasAgileVpn - ok
14:51:36.0416 4460 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:51:36.0526 4460 Rasl2tp - ok
14:51:36.0650 4460 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:51:36.0666 4460 RasPppoe - ok
14:51:36.0697 4460 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:51:36.0697 4460 RasSstp - ok
14:51:36.0744 4460 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
14:51:36.0838 4460 rdbss - ok
14:51:36.0916 4460 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
14:51:36.0916 4460 rdpbus - ok
14:51:36.0931 4460 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:51:36.0947 4460 RDPCDD - ok
14:51:36.0962 4460 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:51:36.0962 4460 RDPENCDD - ok
14:51:36.0978 4460 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:51:36.0978 4460 RDPREFMP - ok
14:51:37.0040 4460 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
14:51:37.0118 4460 RDPWD - ok
14:51:37.0212 4460 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
14:51:37.0306 4460 rdyboost - ok
14:51:37.0352 4460 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:51:37.0368 4460 rspndr - ok
14:51:37.0399 4460 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
14:51:37.0493 4460 sbp2port - ok
14:51:37.0586 4460 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
14:51:37.0649 4460 scfilter - ok
14:51:37.0836 4460 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:51:37.0836 4460 secdrv - ok
14:51:37.0883 4460 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:51:37.0883 4460 Serenum - ok
14:51:37.0930 4460 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:51:37.0930 4460 Serial - ok
14:51:38.0008 4460 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
14:51:38.0008 4460 sermouse - ok
14:51:38.0070 4460 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
14:51:38.0070 4460 sffdisk - ok
14:51:38.0086 4460 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
14:51:38.0101 4460 sffp_mmc - ok
14:51:38.0117 4460 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
14:51:38.0179 4460 sffp_sd - ok
14:51:38.0210 4460 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
14:51:38.0226 4460 sfloppy - ok
14:51:38.0335 4460 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
14:51:38.0351 4460 SiSGbeLH - ok
14:51:38.0382 4460 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:51:38.0382 4460 SiSRaid2 - ok
14:51:38.0398 4460 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
14:51:38.0413 4460 SiSRaid4 - ok
14:51:38.0522 4460 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:51:38.0538 4460 Smb - ok
14:51:38.0616 4460 SNP2UVC (2d280b5799f9c143fa7d49e032fbce46) C:\Windows\system32\DRIVERS\snp2uvc.sys
14:51:38.0632 4460 SNP2UVC - ok
14:51:38.0741 4460 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:51:38.0741 4460 spldr - ok
14:51:38.0803 4460 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
14:51:38.0881 4460 srv - ok
14:51:39.0022 4460 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
14:51:39.0100 4460 srv2 - ok
14:51:39.0131 4460 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
14:51:39.0193 4460 srvnet - ok
14:51:39.0334 4460 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
14:51:39.0334 4460 stexstor - ok
14:51:39.0396 4460 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
14:51:39.0396 4460 swenum - ok
14:51:39.0568 4460 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
14:51:39.0583 4460 Tcpip - ok
14:51:39.0739 4460 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
14:51:39.0755 4460 TCPIP6 - ok
14:51:39.0864 4460 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
14:51:39.0942 4460 tcpipreg - ok
14:51:39.0989 4460 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:51:40.0004 4460 TDPIPE - ok
14:51:40.0020 4460 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
14:51:40.0020 4460 TDTCP - ok
14:51:40.0145 4460 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
14:51:40.0223 4460 tdx - ok
14:51:40.0254 4460 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
14:51:40.0332 4460 TermDD - ok
14:51:40.0519 4460 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:51:40.0597 4460 tssecsrv - ok
14:51:40.0691 4460 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
14:51:40.0753 4460 TsUsbFlt - ok
14:51:40.0894 4460 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
14:51:40.0987 4460 tunnel - ok
14:51:41.0081 4460 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
14:51:41.0096 4460 uagp35 - ok
14:51:41.0128 4460 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
14:51:41.0252 4460 udfs - ok
14:51:41.0299 4460 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
14:51:41.0299 4460 uliagpkx - ok
14:51:41.0424 4460 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
14:51:41.0486 4460 umbus - ok
14:51:41.0533 4460 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
14:51:41.0533 4460 UmPass - ok
14:51:41.0658 4460 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
14:51:41.0720 4460 USBAAPL64 - ok
14:51:41.0767 4460 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
14:51:41.0767 4460 usbccgp - ok
14:51:41.0798 4460 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
14:51:41.0814 4460 usbcir - ok
14:51:41.0908 4460 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
14:51:41.0986 4460 usbehci - ok
14:51:42.0032 4460 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
14:51:42.0095 4460 usbhub - ok
14:51:42.0126 4460 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
14:51:42.0142 4460 usbohci - ok
14:51:42.0220 4460 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:51:42.0235 4460 usbprint - ok
14:51:42.0266 4460 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
14:51:42.0266 4460 usbscan - ok
14:51:42.0298 4460 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:51:42.0360 4460 USBSTOR - ok
14:51:42.0469 4460 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
14:51:42.0547 4460 usbuhci - ok
14:51:42.0610 4460 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
14:51:42.0688 4460 usbvideo - ok
14:51:42.0797 4460 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
14:51:42.0812 4460 vdrvroot - ok
14:51:42.0875 4460 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:51:42.0875 4460 vga - ok
14:51:42.0968 4460 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:51:42.0984 4460 VgaSave - ok
14:51:43.0031 4460 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
14:51:43.0109 4460 vhdmp - ok
14:51:43.0156 4460 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
14:51:43.0156 4460 viaide - ok
14:51:43.0249 4460 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
14:51:43.0327 4460 volmgr - ok
14:51:43.0374 4460 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
14:51:43.0390 4460 volmgrx - ok
14:51:43.0468 4460 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
14:51:43.0546 4460 volsnap - ok
14:51:43.0624 4460 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
14:51:43.0624 4460 vsmraid - ok
14:51:43.0702 4460 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
14:51:43.0717 4460 vwifibus - ok
14:51:43.0780 4460 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:51:43.0780 4460 vwififlt - ok
14:51:43.0826 4460 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
14:51:43.0842 4460 vwifimp - ok
14:51:43.0951 4460 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
14:51:43.0967 4460 WacomPen - ok
14:51:44.0076 4460 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:51:44.0154 4460 WANARP - ok
14:51:44.0170 4460 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:51:44.0170 4460 Wanarpv6 - ok
14:51:44.0310 4460 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
14:51:44.0326 4460 Wd - ok
14:51:44.0404 4460 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:51:44.0419 4460 Wdf01000 - ok
14:51:44.0560 4460 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:51:44.0560 4460 WfpLwf - ok
14:51:44.0638 4460 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
14:51:44.0716 4460 WimFltr - ok
14:51:44.0794 4460 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:51:44.0794 4460 WIMMount - ok
14:51:44.0965 4460 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
14:51:45.0028 4460 WinUsb - ok
14:51:45.0277 4460 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
14:51:45.0293 4460 WmiAcpi - ok
14:51:45.0449 4460 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:51:45.0449 4460 ws2ifsl - ok
14:51:45.0574 4460 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
14:51:45.0652 4460 WudfPf - ok
14:51:45.0745 4460 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:51:45.0808 4460 WUDFRd - ok
14:51:45.0917 4460 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:51:45.0948 4460 \Device\Harddisk0\DR0 - ok
14:51:45.0948 4460 Boot (0x1200) (df9c39e86285cd5b378c6dd0eca76949) \Device\Harddisk0\DR0\Partition0
14:51:45.0964 4460 \Device\Harddisk0\DR0\Partition0 - ok
14:51:45.0995 4460 Boot (0x1200) (b4df2763ba73c8485fbf3cb657e2f724) \Device\Harddisk0\DR0\Partition1
14:51:45.0995 4460 \Device\Harddisk0\DR0\Partition1 - ok
14:51:46.0026 4460 ============================================================
14:51:46.0026 4460 Scan finished
14:51:46.0026 4460 ============================================================
14:51:46.0057 6132 Detected object count: 0
14:51:46.0057 6132 Actual detected object count: 0
14:52:33.0019 2948 Deinitialize success
  • 0
Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP