Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Please Help! Virus (Possible rootkit) - No internet access!


  • Please log in to reply

#46
GoBerserkMode

GoBerserkMode

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
Windows Live successfully uninstalled. Winsock isf driver still seems to be there... I also attached junk.txt with the driver list as its easier to read in notepad. Also attached is psched.reg


Module Name Display Name Description Driver Type Start Mode State Status Accept Stop Accept Pause Paged Pool Code(bytes BSS(by Link Date Path Init(bytes
============ ====================== ====================== ============= ========== ========== ========== =========== ============ ========== ========== ====== ====================== ================================================ ==========
1394ohci 1394 OHCI Compliant Ho 1394 OHCI Compliant Ho Kernel Manual Stopped OK FALSE FALSE 4,096 200,704 0 20/11/2010 3:44:56 AM C:\Windows\system32\drivers\1394ohci.sys 4,096
ACPI Microsoft ACPI Driver Microsoft ACPI Driver Kernel Boot Running OK TRUE FALSE 90,112 176,128 0 20/11/2010 2:19:16 AM C:\Windows\system32\drivers\ACPI.sys 12,288
AcpiPmi ACPI Power Meter Drive ACPI Power Meter Drive Kernel Manual Stopped OK FALSE FALSE 4,096 4,096 0 20/11/2010 2:30:42 AM C:\Windows\system32\drivers\acpipmi.sys 4,096
adp94xx adp94xx adp94xx Kernel Manual Stopped OK FALSE FALSE 0 438,272 0 05/12/2008 4:54:42 PM C:\Windows\system32\drivers\adp94xx.sys 4,096
adpahci adpahci adpahci Kernel Manual Stopped OK FALSE FALSE 0 311,296 0 01/05/2007 11:30:09 AM C:\Windows\system32\drivers\adpahci.sys 4,096
adpu320 adpu320 adpu320 Kernel Manual Stopped OK FALSE FALSE 0 151,552 0 27/02/2007 5:04:15 PM C:\Windows\system32\drivers\adpu320.sys 4,096
AFD Ancillary Function Dri Ancillary Function Dri Kernel System Running OK TRUE FALSE 307,200 81,920 0 27/09/2013 7:09:07 PM C:\Windows\system32\drivers\afd.sys 16,384
agp440 Intel AGP Bus Filter Intel AGP Bus Filter Kernel Manual Stopped OK FALSE FALSE 28,672 16,384 0 13/07/2009 5:38:43 PM C:\Windows\system32\drivers\agp440.sys 4,096
aliide aliide aliide Kernel Manual Stopped OK FALSE FALSE 0 4,096 0 13/07/2009 5:19:47 PM C:\Windows\system32\drivers\aliide.sys 4,096
amdide amdide amdide Kernel Manual Stopped OK FALSE FALSE 0 4,096 0 13/07/2009 5:19:49 PM C:\Windows\system32\drivers\amdide.sys 4,096
amdiox64 AMD IO Driver AMD IO Driver Kernel Manual Running OK TRUE FALSE 16,384 16,384 0 18/02/2010 8:17:53 AM C:\Windows\system32\DRIVERS\amdiox64.sys 4,096
AmdK8 AMD K8 Processor Drive AMD K8 Processor Drive Kernel Manual Stopped OK FALSE FALSE 28,672 16,384 0 13/07/2009 5:19:25 PM C:\Windows\system32\drivers\amdk8.sys 8,192
amdkmdag amdkmdag amdkmdag Kernel Manual Running OK TRUE FALSE 536,576 8,544,256 0 15/09/2011 12:07:36 PM C:\Windows\system32\DRIVERS\atikmdag.sys 8,192
amdkmdap amdkmdap amdkmdap Kernel Manual Running OK TRUE FALSE 8,192 180,224 0 15/09/2011 11:38:41 AM C:\Windows\system32\DRIVERS\atikmpag.sys 4,096
AmdPPM AMD Processor Driver AMD Processor Driver Kernel Manual Running OK TRUE FALSE 28,672 12,288 0 13/07/2009 5:19:25 PM C:\Windows\system32\DRIVERS\amdppm.sys 4,096
amdsata amdsata amdsata Kernel Manual Stopped OK FALSE FALSE 0 90,112 0 18/03/2010 6:45:17 PM C:\Windows\system32\drivers\amdsata.sys 4,096
amdsbs amdsbs amdsbs Kernel Manual Stopped OK FALSE FALSE 0 172,032 0 20/03/2009 12:36:03 PM C:\Windows\system32\drivers\amdsbs.sys 4,096
amdxata amdxata amdxata Kernel Boot Running OK TRUE FALSE 8,192 8,192 0 19/03/2010 10:18:18 AM C:\Windows\system32\drivers\amdxata.sys 4,096
amd_sata amd_sata amd_sata Kernel Boot Running OK TRUE FALSE 0 57,344 0 15/04/2011 12:37:14 PM C:\Windows\system32\DRIVERS\amd_sata.sys 4,096
amd_xata amd_xata amd_xata Kernel Boot Running OK TRUE FALSE 16,384 12,288 0 15/04/2011 12:37:17 PM C:\Windows\system32\DRIVERS\amd_xata.sys 4,096
AppID AppID Driver AppID Driver Kernel Manual Stopped OK FALSE FALSE 36,864 8,192 0 20/11/2010 3:14:37 AM C:\Windows\system32\drivers\appid.sys 8,192
arc arc arc Kernel Manual Stopped OK FALSE FALSE 0 69,632 0 24/05/2007 3:27:55 PM C:\Windows\system32\drivers\arc.sys 4,096
arcsas arcsas arcsas Kernel Manual Stopped OK FALSE FALSE 0 77,824 0 14/01/2009 12:27:37 PM C:\Windows\system32\drivers\arcsas.sys 4,096
AsyncMac RAS Asynchronous Media RAS Asynchronous Media Kernel Manual Stopped OK FALSE FALSE 0 16,384 0 13/07/2009 6:10:13 PM C:\Windows\system32\DRIVERS\asyncmac.sys 4,096
atapi IDE Channel IDE Channel Kernel Boot Running OK TRUE FALSE 0 12,288 0 13/07/2009 5:19:47 PM C:\Windows\system32\drivers\atapi.sys 4,096
AtiHDAudioSe ATI Function Driver fo ATI Function Driver fo Kernel Manual Running OK TRUE FALSE 49,152 45,056 0 31/03/2011 1:15:43 AM C:\Windows\system32\drivers\AtihdW76.sys 4,096
AtiPcie AMD PCI Express (3GIO) AMD PCI Express (3GIO) Kernel Boot Running OK TRUE FALSE 4,096 4,096 0 10/03/2010 7:33:45 AM C:\Windows\system32\DRIVERS\AtiPcie64.sys 4,096
b06bdrv Broadcom NetXtreme II Broadcom NetXtreme II Kernel Manual Stopped OK FALSE FALSE 0 184,320 0 13/02/2009 3:18:07 PM C:\Windows\system32\drivers\bxvbda.sys 4,096
b57nd60a Broadcom NetXtreme Gig Broadcom NetXtreme Gig Kernel Manual Stopped OK FALSE FALSE 8,192 212,992 0 26/04/2009 5:14:55 AM C:\Windows\system32\DRIVERS\b57nd60a.sys 4,096
bcbtums Bluetooth RAM Firmware Bluetooth RAM Firmware Kernel Manual Stopped OK FALSE FALSE 4,096 98,304 0 02/06/2011 4:16:10 PM C:\Windows\system32\drivers\bcbtums.sys 4,096
BCM43XX Broadcom 802.11 Networ Broadcom 802.11 Networ Kernel Manual Running OK TRUE FALSE 0 1,458,176 0 20/05/2011 6:40:51 PM C:\Windows\system32\DRIVERS\bcmwl664.sys 4,096
Beep Beep Beep Kernel System Running OK TRUE FALSE 0 4,096 0 13/07/2009 6:00:13 PM C:\Windows\system32\drivers\Beep.sys 4,096
blbdrive blbdrive blbdrive Kernel System Running OK TRUE FALSE 4,096 36,864 0 13/07/2009 5:35:59 PM C:\Windows\system32\drivers\blbdrive.sys 4,096
bowser Browser Support Driver Browser Support Driver File System Manual Running OK TRUE FALSE 69,632 16,384 0 22/02/2011 9:55:04 PM C:\Windows\system32\DRIVERS\bowser.sys 8,192
BrFiltLo Brother USB Mass-Stora Brother USB Mass-Stora Kernel Manual Stopped OK FALSE FALSE 0 12,288 0 06/08/2006 7:51:06 PM C:\Windows\system32\drivers\BrFiltLo.sys 4,096
BrFiltUp Brother USB Mass-Stora Brother USB Mass-Stora Kernel Manual Stopped OK FALSE FALSE 0 4,096 0 06/08/2006 7:51:02 PM C:\Windows\system32\drivers\BrFiltUp.sys 4,096
BridgeMP MAC Bridge Miniport MAC Bridge Miniport Kernel Manual Stopped OK FALSE FALSE 4,096 73,728 0 13/07/2009 7:01:48 PM C:\Windows\system32\DRIVERS\bridge.sys 4,096
Brserid Brother MFC Serial Por Brother MFC Serial Por Kernel Manual Stopped OK FALSE FALSE 45,056 24,576 0 06/08/2006 7:51:11 PM C:\Windows\system32\Drivers\Brserid.sys 8,192
BrSerWdm Brother WDM Serial dri Brother WDM Serial dri Kernel Manual Stopped OK FALSE FALSE 20,480 20,480 0 06/08/2006 7:51:05 PM C:\Windows\system32\Drivers\BrSerWdm.sys 4,096
BrUsbMdm Brother MFC USB Fax On Brother MFC USB Fax On Kernel Manual Stopped OK FALSE FALSE 0 10,240 0 06/08/2006 7:51:00 PM C:\Windows\system32\Drivers\BrUsbMdm.sys 1,280
BrUsbSer Brother MFC USB Serial Brother MFC USB Serial Kernel Manual Stopped OK FALSE FALSE 0 9,984 0 09/08/2006 6:11:02 AM C:\Windows\system32\Drivers\BrUsbSer.sys 1,280
BthEnum Bluetooth Request Bloc Bluetooth Request Bloc Kernel Manual Stopped OK FALSE FALSE 20,480 16,384 0 13/07/2009 6:06:52 PM C:\Windows\system32\drivers\BthEnum.sys 4,096
BTHMODEM Bluetooth Serial Commu Bluetooth Serial Commu Kernel Manual Stopped OK FALSE FALSE 12,288 49,152 0 13/07/2009 6:06:52 PM C:\Windows\system32\drivers\bthmodem.sys 4,096
BthPan Bluetooth Device (Pers Bluetooth Device (Pers Kernel Manual Stopped OK FALSE FALSE 8,192 94,208 0 13/07/2009 6:07:00 PM C:\Windows\system32\DRIVERS\bthpan.sys 4,096
BTHPORT Bluetooth Port Driver Bluetooth Port Driver Kernel Manual Stopped OK FALSE FALSE 106,496 385,024 0 06/07/2012 2:07:41 PM C:\Windows\system32\Drivers\BTHport.sys 8,192
BTHUSB Bluetooth Radio USB Dr Bluetooth Radio USB Dr Kernel Manual Stopped OK FALSE FALSE 16,384 49,152 0 27/04/2011 9:54:56 PM C:\Windows\system32\Drivers\BTHUSB.sys 4,096
btwampfl btwampfl btwampfl Kernel Manual Stopped OK FALSE FALSE 4,096 561,152 0 14/06/2011 3:05:25 PM C:\Windows\system32\DRIVERS\btwampfl.sys 4,096
btwaudio Bluetooth Audio Device Bluetooth Audio Device Kernel Manual Stopped OK FALSE FALSE 16,384 122,880 0 14/06/2011 3:03:12 PM C:\Windows\system32\drivers\btwaudio.sys 4,096
BTWDPAN Bluetooth Personal Are Bluetooth Personal Are Kernel Manual Stopped OK FALSE FALSE 4,096 73,728 0 16/05/2011 8:58:06 AM C:\Windows\system32\DRIVERS\btwdpan.sys 4,096
btwl2cap Bluetooth L2CAP Servic Bluetooth L2CAP Servic Kernel Manual Stopped OK FALSE FALSE 4,096 24,576 0 11/02/2011 6:06:04 PM C:\Windows\system32\DRIVERS\btwl2cap.sys 4,096
btwrchid btwrchid btwrchid Kernel Manual Stopped OK FALSE FALSE 0 9,984 0 14/06/2011 3:03:29 PM C:\Windows\system32\DRIVERS\btwrchid.sys 1,152
cdfs CD/DVD File System Rea CD/DVD File System Rea File System Disabled Stopped OK FALSE FALSE 69,632 12,288 0 13/07/2009 5:19:46 PM C:\Windows\system32\DRIVERS\cdfs.sys 8,192
cdrom CD-ROM Driver CD-ROM Driver Kernel System Running OK TRUE FALSE 73,728 57,344 0 20/11/2010 2:19:20 AM C:\Windows\system32\DRIVERS\cdrom.sys 4,096
circlass Consumer IR Devices Consumer IR Devices Kernel Manual Stopped OK FALSE FALSE 4,096 36,864 0 13/07/2009 6:06:34 PM C:\Windows\system32\drivers\circlass.sys 4,096
CLFS Common Log (CLFS) Common Log (CLFS) Kernel Boot Running OK TRUE FALSE 241,664 73,728 0 13/07/2009 5:19:57 PM C:\Windows\system32\CLFS.sys 8,192
clwvd CyberLink WebCam Virtu CyberLink WebCam Virtu Kernel Manual Running OK TRUE FALSE 8,448 5,376 0 27/07/2010 7:13:47 PM C:\Windows\system32\DRIVERS\clwvd.sys 2,048
CmBatt Microsoft ACPI Control Microsoft ACPI Control Kernel Manual Running OK TRUE FALSE 7,296 3,840 0 13/07/2009 5:31:03 PM C:\Windows\system32\DRIVERS\CmBatt.sys 2,176
cmdide cmdide cmdide Kernel Manual Stopped OK FALSE FALSE 0 8,192 0 13/07/2009 5:19:48 PM C:\Windows\system32\drivers\cmdide.sys 4,096
CNG CNG CNG Kernel Boot Running OK TRUE FALSE 0 331,776 0 01/08/2012 9:48:07 AM C:\Windows\system32\Drivers\cng.sys 4,096
Compbatt Microsoft Composite Ba Microsoft Composite Ba Kernel Boot Running OK TRUE FALSE 8,192 4,096 0 13/07/2009 5:31:02 PM C:\Windows\system32\drivers\compbatt.sys 4,096
CompositeBus Composite Bus Enumerat Composite Bus Enumerat Kernel Manual Running OK TRUE FALSE 24,576 8,192 0 20/11/2010 3:33:17 AM C:\Windows\system32\drivers\CompositeBus.sys 4,096
crcdisk Crcdisk Filter Driver Crcdisk Filter Driver Kernel Disabled Stopped OK FALSE FALSE 4,096 8,192 0 13/07/2009 6:01:14 PM C:\Windows\system32\drivers\crcdisk.sys 4,096
DfsC DFS Namespace Client D DFS Namespace Client D File System System Running OK TRUE FALSE 69,632 16,384 0 20/11/2010 2:26:31 AM C:\Windows\system32\Drivers\dfsc.sys 8,192
discache System Attribute Cache System Attribute Cache Kernel System Running OK TRUE FALSE 0 32,768 0 13/07/2009 5:37:18 PM C:\Windows\system32\drivers\discache.sys 4,096
Disk Disk Driver Disk Driver Kernel Boot Running OK TRUE FALSE 36,864 16,384 0 13/07/2009 5:19:57 PM C:\Windows\system32\drivers\disk.sys 8,192
drmkaud Microsoft Trusted Audi Microsoft Trusted Audi Kernel Manual Stopped OK FALSE FALSE 0 4,096 0 13/07/2009 6:06:16 PM C:\Windows\system32\drivers\drmkaud.sys 4,096
DXGKrnl LDDM Graphics Subsyste LDDM Graphics Subsyste Kernel Manual Running OK TRUE FALSE 819,200 86,016 0 01/08/2013 1:58:53 AM C:\Windows\system32\drivers\dxgkrnl.sys 12,288
ebdrv Broadcom NetXtreme II Broadcom NetXtreme II Kernel Manual Stopped OK FALSE FALSE 4,096 794,624 0 31/12/2008 9:29:28 AM C:\Windows\system32\drivers\evbda.sys 4,096
elxstor elxstor elxstor Kernel Manual Stopped OK FALSE FALSE 0 483,328 0 03/02/2009 3:52:11 PM C:\Windows\system32\drivers\elxstor.sys 4,096
ErrDev Microsoft Hardware Err Microsoft Hardware Err Kernel Manual Stopped OK FALSE FALSE 4,096 4,096 0 13/07/2009 5:31:04 PM C:\Windows\system32\drivers\errdev.sys 4,096
exfat exFAT File System Driv exFAT File System Driv File System Manual Stopped OK FALSE FALSE 147,456 20,480 0 13/07/2009 5:23:29 PM C:\Windows\system32\drivers\exfat.sys 12,288
fastfat FAT12/16/32 File Syste FAT12/16/32 File Syste File System Manual Running OK TRUE FALSE 163,840 12,288 0 13/07/2009 5:23:28 PM C:\Windows\system32\drivers\fastfat.sys 12,288
fdc Floppy Disk Controller Floppy Disk Controller Kernel Manual Stopped OK FALSE FALSE 4,096 20,480 0 13/07/2009 6:00:54 PM C:\Windows\system32\drivers\fdc.sys 8,192
FileInfo File Information FS Mi File Information FS Mi File System Boot Running OK TRUE FALSE 36,864 8,192 0 13/07/2009 5:34:25 PM C:\Windows\system32\drivers\fileinfo.sys 8,192
Filetrace Filetrace Filetrace File System Manual Stopped OK FALSE FALSE 12,288 16,384 0 13/07/2009 5:25:40 PM C:\Windows\system32\drivers\filetrace.sys 8,192
flpydisk Floppy Disk Driver Floppy Disk Driver Kernel Manual Stopped OK FALSE FALSE 16,384 4,096 0 13/07/2009 6:00:54 PM C:\Windows\system32\drivers\flpydisk.sys 4,096
FltMgr FltMgr FltMgr File System Boot Running OK TRUE FALSE 135,168 73,728 0 20/11/2010 2:19:24 AM C:\Windows\system32\drivers\fltmgr.sys 16,384
FsDepends File System Dependency File System Dependency File System Manual Stopped OK FALSE FALSE 32,768 4,096 0 13/07/2009 5:26:13 PM C:\Windows\system32\drivers\FsDepends.sys 8,192
fvevol Bitlocker Drive Encryp Bitlocker Drive Encryp Kernel Boot Running OK TRUE FALSE 151,552 12,288 0 23/01/2013 8:11:24 PM C:\Windows\system32\DRIVERS\fvevol.sys 8,192
gagp30kx Microsoft Generic AGPv Microsoft Generic AGPv Kernel Manual Stopped OK FALSE FALSE 32,768 20,480 0 13/07/2009 5:38:43 PM C:\Windows\system32\drivers\gagp30kx.sys 4,096
GEARAspiWDM GEAR ASPI Filter Drive GEAR ASPI Filter Drive Kernel Manual Running OK TRUE FALSE 8,320 10,240 0 03/05/2012 1:56:17 PM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2,304
hcw85cir Hauppauge Consumer Inf Hauppauge Consumer Inf Kernel Manual Stopped OK FALSE FALSE 0 24,576 0 11/05/2009 2:26:00 AM C:\Windows\system32\drivers\hcw85cir.sys 4,096
HdAudAddServ Microsoft 1.1 UAA Func Microsoft 1.1 UAA Func Kernel Manual Stopped OK FALSE FALSE 253,952 36,864 0 20/11/2010 3:44:23 AM C:\Windows\system32\drivers\HdAudio.sys 4,096
HDAudBus Microsoft UAA Bus Driv Microsoft UAA Bus Driv Kernel Manual Running OK TRUE FALSE 40,960 73,728 0 20/11/2010 3:43:42 AM C:\Windows\system32\DRIVERS\HDAudBus.sys 4,096
HidBatt HID UPS Battery Driver HID UPS Battery Driver Kernel Manual Stopped OK FALSE FALSE 0 20,480 0 13/07/2009 5:31:06 PM C:\Windows\system32\drivers\HidBatt.sys 4,096
HidBth Microsoft Bluetooth HI Microsoft Bluetooth HI Kernel Manual Stopped OK FALSE FALSE 12,288 81,920 0 13/07/2009 6:06:52 PM C:\Windows\system32\drivers\hidbth.sys 4,096
HidIr Microsoft Infrared HID Microsoft Infrared HID Kernel Manual Stopped OK FALSE FALSE 16,384 24,576 0 13/07/2009 6:06:23 PM C:\Windows\system32\drivers\hidir.sys 4,096
HidUsb Microsoft HID Class Dr Microsoft HID Class Dr Kernel Manual Stopped OK FALSE FALSE 8,192 20,480 0 20/11/2010 3:43:49 AM C:\Windows\system32\drivers\hidusb.sys 4,096
HpSAMD HpSAMD HpSAMD Kernel Manual Stopped OK FALSE FALSE 0 57,344 0 20/04/2010 12:32:18 PM C:\Windows\system32\drivers\HpSAMD.sys 4,096
HTTP HTTP HTTP Kernel Manual Running OK TRUE FALSE 364,544 184,320 0 20/11/2010 2:24:30 AM C:\Windows\system32\drivers\HTTP.sys 28,672
hwpolicy Hardware Policy Driver Hardware Policy Driver Kernel Boot Running OK TRUE FALSE 4,096 4,096 0 20/11/2010 2:18:54 AM C:\Windows\system32\drivers\hwpolicy.sys 4,096
i8042prt i8042 Keyboard and PS/ i8042 Keyboard and PS/ Kernel Manual Running OK TRUE FALSE 36,864 45,056 0 13/07/2009 5:19:57 PM C:\Windows\system32\DRIVERS\i8042prt.sys 8,192
iaStorV iaStorV iaStorV Kernel Manual Stopped OK FALSE FALSE 0 364,544 0 10/06/2010 6:46:19 PM C:\Windows\system32\drivers\iaStorV.sys 8,192
iirsp iirsp iirsp Kernel Manual Stopped OK FALSE FALSE 0 32,768 0 13/12/2005 2:47:54 PM C:\Windows\system32\drivers\iirsp.sys 4,096
intelide intelide intelide Kernel Manual Stopped OK FALSE FALSE 0 8,192 0 13/07/2009 5:19:48 PM C:\Windows\system32\drivers\intelide.sys 4,096
intelppm Intel Processor Driver Intel Processor Driver Kernel Manual Stopped OK FALSE FALSE 28,672 12,288 0 13/07/2009 5:19:25 PM C:\Windows\system32\drivers\intelppm.sys 8,192
IpFilterDriv IP Traffic Filter Driv IP Traffic Filter Driv Kernel Manual Stopped OK FALSE FALSE 12,288 57,344 0 20/11/2010 3:52:19 AM C:\Windows\system32\DRIVERS\ipfltdrv.sys 8,192
IPMIDRV IPMIDRV IPMIDRV Kernel Manual Stopped OK FALSE FALSE 20,480 32,768 0 20/11/2010 3:04:53 AM C:\Windows\system32\drivers\IPMIDrv.sys 4,096
IRENUM IR Bus Enumerator IR Bus Enumerator Kernel Manual Stopped OK FALSE FALSE 8,192 4,096 0 13/07/2009 6:08:59 PM C:\Windows\system32\drivers\irenum.sys 4,096
isapnp isapnp isapnp Kernel Manual Stopped OK FALSE FALSE 4,096 4,096 0 13/07/2009 5:31:08 PM C:\Windows\system32\drivers\isapnp.sys 4,096
iScsiPrt iScsiPort Driver iScsiPort Driver Kernel Manual Running OK TRUE FALSE 57,344 188,416 0 20/11/2010 3:35:14 AM C:\Windows\system32\DRIVERS\msiscsi.sys 4,096
kbdclass Keyboard Class Driver Keyboard Class Driver Kernel Manual Running OK TRUE FALSE 12,288 16,384 0 13/07/2009 5:19:50 PM C:\Windows\system32\DRIVERS\kbdclass.sys 8,192
kbdhid Keyboard HID Driver Keyboard HID Driver Kernel Manual Stopped OK FALSE FALSE 8,192 16,384 0 20/11/2010 3:33:25 AM C:\Windows\system32\drivers\kbdhid.sys 8,192
KSecDD KSecDD KSecDD Kernel Boot Running OK TRUE FALSE 20,480 45,056 0 24/09/2013 7:03:28 PM C:\Windows\system32\Drivers\ksecdd.sys 4,096
KSecPkg KSecPkg KSecPkg Kernel Boot Running OK TRUE FALSE 57,344 57,344 0 24/09/2013 7:20:07 PM C:\Windows\system32\Drivers\ksecpkg.sys 4,096
ksthunk Kernel Streaming Thunk Kernel Streaming Thunk Kernel Manual Running OK TRUE FALSE 3,968 8,576 0 13/07/2009 6:00:19 PM C:\Windows\system32\drivers\ksthunk.sys 2,176
lltdio Link-Layer Topology Di Link-Layer Topology Di Kernel Auto Running OK TRUE FALSE 8,192 36,864 0 13/07/2009 6:08:50 PM C:\Windows\system32\DRIVERS\lltdio.sys 12,288
LSI_FC LSI_FC LSI_FC Kernel Manual Stopped OK FALSE FALSE 0 98,304 0 09/12/2008 3:46:09 PM C:\Windows\system32\drivers\lsi_fc.sys 4,096
LSI_SAS LSI_SAS LSI_SAS Kernel Manual Stopped OK FALSE FALSE 0 90,112 0 18/05/2009 6:20:23 PM C:\Windows\system32\drivers\lsi_sas.sys 4,096
LSI_SAS2 LSI_SAS2 LSI_SAS2 Kernel Manual Stopped OK FALSE FALSE 0 49,152 0 18/05/2009 6:31:48 PM C:\Windows\system32\drivers\lsi_sas2.sys 4,096
LSI_SCSI LSI_SCSI LSI_SCSI Kernel Manual Stopped OK FALSE FALSE 0 98,304 0 16/04/2009 4:13:50 PM C:\Windows\system32\drivers\lsi_scsi.sys 4,096
luafv UAC File Virtualizatio UAC File Virtualizatio File System Auto Running OK TRUE FALSE 57,344 8,192 0 13/07/2009 5:26:13 PM C:\Windows\system32\drivers\luafv.sys 16,384
MBAMProtecto MBAMProtector MBAMProtector File System Manual Running OK TRUE FALSE 0 12,288 0 28/02/2013 1:33:07 PM \??\C:\Windows\system32\drivers\mbam.sys 4,096
megasas megasas megasas Kernel Manual Stopped OK FALSE FALSE 0 20,480 0 18/05/2009 7:09:46 PM C:\Windows\system32\drivers\megasas.sys 4,096
MegaSR MegaSR MegaSR Kernel Manual Stopped OK FALSE FALSE 0 225,280 0 18/05/2009 7:25:54 PM C:\Windows\system32\drivers\MegaSR.sys 4,096
Modem Modem Modem Kernel Manual Stopped OK FALSE FALSE 28,672 4,096 0 13/07/2009 6:10:48 PM C:\Windows\system32\drivers\modem.sys 4,096
monitor Microsoft Monitor Clas Microsoft Monitor Clas Kernel Manual Running OK TRUE FALSE 16,384 8,192 0 13/07/2009 5:38:52 PM C:\Windows\system32\DRIVERS\monitor.sys 4,096
mouclass Mouse Class Driver Mouse Class Driver Kernel Manual Running OK TRUE FALSE 12,288 16,384 0 13/07/2009 5:19:50 PM C:\Windows\system32\DRIVERS\mouclass.sys 8,192
mouhid Mouse HID Driver Mouse HID Driver Kernel Manual Stopped OK FALSE FALSE 8,192 16,384 0 13/07/2009 6:00:20 PM C:\Windows\system32\DRIVERS\mouhid.sys 4,096
mountmgr Mount Point Manager Mount Point Manager Kernel Boot Running OK TRUE FALSE 65,536 8,192 0 20/11/2010 2:19:21 AM C:\Windows\system32\drivers\mountmgr.sys 8,192
mpio mpio mpio Kernel Manual Stopped OK FALSE FALSE 4,096 106,496 0 20/11/2010 3:35:38 AM C:\Windows\system32\drivers\mpio.sys 4,096
mpsdrv Windows Firewall Autho Windows Firewall Autho Kernel Manual Running OK TRUE FALSE 4,096 61,440 0 13/07/2009 6:08:25 PM C:\Windows\system32\drivers\mpsdrv.sys 4,096
MRxDAV WebDav Client Redirect WebDav Client Redirect File System Manual Running OK TRUE FALSE 106,496 24,576 0 04/07/2013 4:11:34 AM C:\Windows\system32\drivers\mrxdav.sys 8,192
mrxsmb SMB MiniRedirector Wra SMB MiniRedirector Wra File System Manual Running OK TRUE FALSE 32,768 102,400 0 26/04/2011 8:40:38 PM C:\Windows\system32\DRIVERS\mrxsmb.sys 8,192
mrxsmb10 SMB 1.x MiniRedirector SMB 1.x MiniRedirector File System Manual Running OK TRUE FALSE 180,224 86,016 0 08/07/2011 8:46:28 PM C:\Windows\system32\DRIVERS\mrxsmb10.sys 8,192
mrxsmb20 SMB 2.0 MiniRedirector SMB 2.0 MiniRedirector File System Manual Running OK TRUE FALSE 4,096 106,496 0 26/04/2011 8:39:37 PM C:\Windows\system32\DRIVERS\mrxsmb20.sys 8,192
msahci msahci msahci Kernel Boot Running OK TRUE FALSE 0 20,480 0 20/11/2010 3:33:58 AM C:\Windows\system32\drivers\msahci.sys 4,096
msdsm msdsm msdsm Kernel Manual Stopped OK FALSE FALSE 12,288 106,496 0 20/11/2010 3:35:34 AM C:\Windows\system32\drivers\msdsm.sys 8,192
Msfs Msfs Msfs File System System Running OK TRUE FALSE 16,384 4,096 0 13/07/2009 5:19:47 PM C:\Windows\system32\drivers\Msfs.sys 4,096
mshidkmdf Pass-through HID to KM Pass-through HID to KM Kernel Manual Stopped OK FALSE FALSE 4,096 4,096 0 13/07/2009 6:06:24 PM C:\Windows\system32\drivers\mshidkmdf.sys 4,096
msisadrv msisadrv msisadrv Kernel Boot Running OK TRUE FALSE 4,096 4,096 0 13/07/2009 5:19:26 PM C:\Windows\system32\drivers\msisadrv.sys 4,096
MSKSSRV Microsoft Streaming Se Microsoft Streaming Se Kernel Manual Stopped OK FALSE FALSE 5,376 1,536 0 13/07/2009 6:00:18 PM C:\Windows\system32\drivers\MSKSSRV.sys 1,408
MSPCLOCK Microsoft Streaming Cl Microsoft Streaming Cl Kernel Manual Stopped OK FALSE FALSE 2,432 256 0 13/07/2009 6:00:17 PM C:\Windows\system32\drivers\MSPCLOCK.sys 1,792
MSPQM Microsoft Streaming Qu Microsoft Streaming Qu Kernel Manual Stopped OK FALSE FALSE 2,560 128 0 13/07/2009 6:00:17 PM C:\Windows\system32\drivers\MSPQM.sys 1,408
MsRPC MsRPC MsRPC Kernel Manual Stopped OK FALSE FALSE 266,240 12,288 0 20/11/2010 2:21:56 AM C:\Windows\system32\drivers\MsRPC.sys 4,096
mssmbios Microsoft System Manag Microsoft System Manag Kernel System Running OK TRUE FALSE 4,096 12,288 0 13/07/2009 5:31:10 PM C:\Windows\system32\drivers\mssmbios.sys 4,096
MSTEE Microsoft Streaming Te Microsoft Streaming Te Kernel Manual Stopped OK FALSE FALSE 3,200 1,024 0 13/07/2009 6:00:17 PM C:\Windows\system32\drivers\MSTEE.sys 640
MTConfig Microsoft Input Config Microsoft Input Config Kernel Manual Stopped OK FALSE FALSE 4,096 4,096 0 13/07/2009 6:02:08 PM C:\Windows\system32\drivers\MTConfig.sys 4,096
Mup Mup Mup File System Boot Running OK TRUE FALSE 32,768 8,192 0 13/07/2009 5:23:45 PM C:\Windows\system32\Drivers\mup.sys 4,096
NativeWifiP NativeWiFi Filter NativeWiFi Filter Kernel Manual Stopped OK FALSE FALSE 4,096 233,472 0 13/07/2009 6:07:23 PM C:\Windows\system32\DRIVERS\nwifi.sys 8,192
NDIS NDIS System Driver NDIS System Driver Kernel Boot Running OK TRUE FALSE 397,312 344,064 0 22/08/2012 9:11:46 AM C:\Windows\system32\drivers\ndis.sys 24,576
NdisTapi Remote Access NDIS TAP Remote Access NDIS TAP Kernel Manual Running OK TRUE FALSE 8,192 8,192 0 13/07/2009 6:10:00 PM C:\Windows\system32\DRIVERS\ndistapi.sys 4,096
Ndisuio NDIS Usermode I/O Prot NDIS Usermode I/O Prot Kernel Manual Running OK TRUE FALSE 12,288 28,672 0 20/11/2010 3:50:08 AM C:\Windows\system32\DRIVERS\ndisuio.sys 8,192
NdisWan Remote Access NDIS WAN Remote Access NDIS WAN Kernel Manual Stopped OK FALSE FALSE 81,920 49,152 0 20/11/2010 3:52:32 AM C:\Windows\system32\DRIVERS\ndiswan.sys 12,288
NDProxy NDIS Proxy NDIS Proxy Kernel Manual Stopped OK FALSE FALSE 28,672 20,480 0 20/11/2010 3:52:20 AM C:\Windows\system32\drivers\NDProxy.sys 8,192
NetBIOS NetBIOS Interface NetBIOS Interface File System System Running OK TRUE FALSE 16,384 20,480 0 13/07/2009 6:09:26 PM C:\Windows\system32\DRIVERS\netbios.sys 4,096
NetBT NetBT NetBT Kernel System Running OK TRUE FALSE 53,248 172,032 0 20/11/2010 2:23:18 AM C:\Windows\system32\DRIVERS\netbt.sys 12,288
nfrd960 nfrd960 nfrd960 Kernel Manual Stopped OK FALSE FALSE 0 36,864 0 06/06/2006 3:11:48 PM C:\Windows\system32\drivers\nfrd960.sys 4,096
Npfs Npfs Npfs File System System Running OK TRUE FALSE 28,672 8,192 0 13/07/2009 5:19:48 PM C:\Windows\system32\drivers\Npfs.sys 8,192
nsiproxy NSI proxy service driv NSI proxy service driv Kernel System Running OK TRUE FALSE 4,096 20,480 0 13/07/2009 5:21:02 PM C:\Windows\system32\drivers\nsiproxy.sys 4,096
Ntfs Ntfs Ntfs File System Manual Running OK TRUE FALSE 1,105,920 274,432 0 12/04/2013 5:54:36 AM C:\Windows\system32\drivers\Ntfs.sys 28,672
Null Null Null Kernel System Running OK TRUE FALSE 4,096 4,096 0 13/07/2009 5:19:37 PM C:\Windows\system32\drivers\Null.sys 4,096
NVENETFD NVIDIA nForce Networki NVIDIA nForce Networki Kernel Manual Stopped OK FALSE FALSE 0 246,144 0 17/10/2008 3:01:06 PM C:\Windows\system32\DRIVERS\nvm62x64.sys 2,816
nvraid nvraid nvraid Kernel Manual Stopped OK FALSE FALSE 8,192 90,112 0 19/03/2010 2:59:20 PM C:\Windows\system32\drivers\nvraid.sys 8,192
nvstor nvstor nvstor Kernel Manual Stopped OK FALSE FALSE 0 122,880 0 19/03/2010 2:45:11 PM C:\Windows\system32\drivers\nvstor.sys 4,096
nv_agp NVIDIA nForce AGP Bus NVIDIA nForce AGP Bus Kernel Manual Stopped OK FALSE FALSE 32,768 36,864 0 13/07/2009 5:38:44 PM C:\Windows\system32\drivers\nv_agp.sys 4,096
ohci1394 1394 OHCI Compliant Ho 1394 OHCI Compliant Ho Kernel Manual Stopped OK FALSE FALSE 3,712 50,688 0 13/07/2009 6:06:45 PM C:\Windows\system32\drivers\ohci1394.sys 2,688
Parport Parallel port driver Parallel port driver Kernel Manual Stopped OK FALSE FALSE 4,096 81,920 0 13/07/2009 6:00:40 PM C:\Windows\system32\drivers\parport.sys 4,096
partmgr Partition Manager Partition Manager Kernel Boot Running OK TRUE FALSE 28,672 24,576 0 16/03/2012 11:06:09 PM C:\Windows\system32\drivers\partmgr.sys 8,192
pci PCI Bus Driver PCI Bus Driver Kernel Boot Running OK TRUE FALSE 94,208 53,248 0 20/11/2010 2:19:11 AM C:\Windows\system32\drivers\pci.sys 12,288
pciide pciide pciide Kernel Manual Stopped OK FALSE FALSE 0 4,096 0 13/07/2009 5:19:49 PM C:\Windows\system32\drivers\pciide.sys 4,096
pcmcia pcmcia pcmcia Kernel Manual Stopped OK FALSE FALSE 45,056 45,056 0 13/07/2009 5:31:10 PM C:\Windows\system32\drivers\pcmcia.sys 8,192
pcw Performance Counters f Performance Counters f Kernel Boot Running OK TRUE FALSE 32,768 4,096 0 13/07/2009 5:19:27 PM C:\Windows\system32\drivers\pcw.sys 4,096
PEAUTH PEAUTH PEAUTH Kernel Auto Running OK TRUE FALSE 569,344 32,768 0 13/07/2009 7:01:19 PM C:\Windows\system32\drivers\peauth.sys 4,096
PptpMiniport WAN Miniport (PPTP) WAN Miniport (PPTP) Kernel Manual Stopped OK FALSE FALSE 61,440 32,768 0 20/11/2010 3:52:31 AM C:\Windows\system32\DRIVERS\raspptp.sys 4,096
Processor Processor Driver Processor Driver Kernel Manual Stopped OK FALSE FALSE 28,672 12,288 0 13/07/2009 5:19:25 PM C:\Windows\system32\drivers\processr.sys 4,096
Psched QoS Packet Scheduler QoS Packet Scheduler Kernel System Stopped OK FALSE FALSE 24,576 61,440 0 20/11/2010 3:52:18 AM C:\Windows\system32\DRIVERS\pacer.sys 8,192
ql2300 ql2300 ql2300 Kernel Manual Stopped OK FALSE FALSE 0 757,760 0 22/01/2009 4:05:06 PM C:\Windows\system32\drivers\ql2300.sys 4,096
ql40xx ql40xx ql40xx Kernel Manual Stopped OK FALSE FALSE 0 102,400 0 18/05/2009 7:18:11 PM C:\Windows\system32\drivers\ql40xx.sys 4,096
QWAVEdrv QWAVE driver QWAVE driver Kernel Manual Running OK TRUE FALSE 8,192 28,672 0 13/07/2009 6:09:48 PM C:\Windows\system32\drivers\qwavedrv.sys 4,096
RasAcd Remote Access Auto Con Remote Access Auto Con Kernel Manual Running OK TRUE FALSE 4,096 8,192 0 13/07/2009 6:10:09 PM C:\Windows\system32\DRIVERS\rasacd.sys 4,096
RasAgileVpn WAN Miniport (IKEv2) WAN Miniport (IKEv2) Kernel Manual Running OK TRUE FALSE 32,768 20,480 0 13/07/2009 6:10:24 PM C:\Windows\system32\DRIVERS\AgileVpn.sys 4,096
Rasl2tp WAN Miniport (L2TP) WAN Miniport (L2TP) Kernel Manual Stopped OK FALSE FALSE 81,920 24,576 0 20/11/2010 3:52:34 AM C:\Windows\system32\DRIVERS\rasl2tp.sys 4,096
RasPppoe Remote Access PPPOE Dr Remote Access PPPOE Dr Kernel Manual Stopped OK FALSE FALSE 49,152 28,672 0 13/07/2009 6:10:17 PM C:\Windows\system32\DRIVERS\raspppoe.sys 4,096
RasSstp WAN Miniport (SSTP) WAN Miniport (SSTP) Kernel Manual Running OK TRUE FALSE 45,056 32,768 0 13/07/2009 6:10:25 PM C:\Windows\system32\DRIVERS\rassstp.sys 4,096
rdbss Redirected Buffering S Redirected Buffering S File System System Running OK TRUE FALSE 167,936 94,208 0 20/11/2010 2:27:51 AM C:\Windows\system32\DRIVERS\rdbss.sys 12,288
rdpbus Remote Desktop Device Remote Desktop Device Kernel Manual Stopped OK FALSE FALSE 8,192 8,192 0 13/07/2009 6:17:46 PM C:\Windows\system32\drivers\rdpbus.sys 4,096
RDPCDD RDPCDD RDPCDD Kernel System Running OK TRUE FALSE 8,192 4,096 0 13/07/2009 6:16:34 PM C:\Windows\system32\DRIVERS\RDPCDD.sys 4,096
RDPDISPM RDPDISPM RDPDISPM Kernel Manual Stopped OK FALSE FALSE 0 8,192 0 19/08/2010 5:20:11 PM C:\Windows\system32\DRIVERS\rdpdispm.sys 4,096
RDPENCDD RDP Encoder Mirror Dri RDP Encoder Mirror Dri Kernel System Running OK TRUE FALSE 8,192 4,096 0 13/07/2009 6:16:34 PM C:\Windows\system32\drivers\rdpencdd.sys 4,096
RDPREFMP Reflector Display Driv Reflector Display Driv Kernel System Running OK TRUE FALSE 8,192 4,096 0 13/07/2009 6:16:35 PM C:\Windows\system32\drivers\rdprefmp.sys 4,096
RDPWD RDP Winstation Driver RDP Winstation Driver Kernel Manual Stopped OK FALSE FALSE 12,288 176,128 0 27/04/2012 9:55:20 PM C:\Windows\system32\drivers\RDPWD.sys 4,096
rdyboost ReadyBoost ReadyBoost Kernel Boot Running OK TRUE FALSE 36,864 131,072 0 20/11/2010 2:43:10 AM C:\Windows\system32\drivers\rdyboost.sys 8,192
RFCOMM Bluetooth Device (RFCO Bluetooth Device (RFCO Kernel Manual Stopped OK FALSE FALSE 8,192 139,264 0 13/07/2009 6:06:56 PM C:\Windows\system32\DRIVERS\rfcomm.sys 4,096
RSPCIESTOR Realtek PCIE CardReade Realtek PCIE CardReade Kernel Manual Running OK TRUE FALSE 4,096 315,392 0 20/07/2011 11:52:49 PM C:\Windows\system32\DRIVERS\RtsPStor.sys 4,096
rspndr Link-Layer Topology Di Link-Layer Topology Di Kernel Auto Running OK TRUE FALSE 8,192 53,248 0 13/07/2009 6:08:50 PM C:\Windows\system32\DRIVERS\rspndr.sys 8,192
RTL8167 Realtek 8167 NT Driver Realtek 8167 NT Driver Kernel Manual Running OK TRUE FALSE 0 512,000 0 10/06/2011 12:33:15 AM C:\Windows\system32\DRIVERS\Rt64win7.sys 4,096
sbp2port sbp2port sbp2port Kernel Manual Stopped OK FALSE FALSE 16,384 73,728 0 20/11/2010 2:19:21 AM C:\Windows\system32\drivers\sbp2port.sys 4,096
scfilter Smart card PnP Class F Smart card PnP Class F Kernel Manual Stopped OK FALSE FALSE 8,192 16,384 0 20/11/2010 3:09:59 AM C:\Windows\system32\DRIVERS\scfilter.sys 4,096
sdbus sdbus sdbus Kernel Manual Stopped OK FALSE FALSE 20,480 69,632 0 20/11/2010 2:37:42 AM C:\Windows\system32\DRIVERS\sdbus.sys 8,192
secdrv Security Driver Security Driver Kernel Auto Running OK TRUE FALSE 8,192 8,192 0 13/09/2006 7:18:38 AM C:\Windows\system32\drivers\secdrv.sys 4,096
Serenum Serenum Filter Driver Serenum Filter Driver Kernel Manual Stopped OK FALSE FALSE 16,384 8,192 0 13/07/2009 6:00:33 PM C:\Windows\system32\drivers\serenum.sys 4,096
Serial Serial Serial Kernel Manual Stopped OK FALSE FALSE 53,248 28,672 0 13/07/2009 6:00:40 PM C:\Windows\system32\drivers\serial.sys 4,096
sermouse Serial Mouse Driver Serial Mouse Driver Kernel Manual Stopped OK FALSE FALSE 12,288 8,192 0 13/07/2009 6:00:20 PM C:\Windows\system32\drivers\sermouse.sys 4,096
sffdisk SFF Storage Class Driv SFF Storage Class Driv Kernel Manual Stopped OK FALSE FALSE 4,096 8,192 0 13/07/2009 6:01:01 PM C:\Windows\system32\drivers\sffdisk.sys 4,096
sffp_mmc SFF Storage Protocol D SFF Storage Protocol D Kernel Manual Stopped OK FALSE FALSE 4,096 4,096 0 13/07/2009 6:01:03 PM C:\Windows\system32\drivers\sffp_mmc.sys 4,096
sffp_sd SFF Storage Protocol D SFF Storage Protocol D Kernel Manual Stopped OK FALSE FALSE 4,096 8,192 0 20/11/2010 3:34:00 AM C:\Windows\system32\drivers\sffp_sd.sys 4,096
sfloppy High-Capacity Floppy D High-Capacity Floppy D Kernel Manual Stopped OK FALSE FALSE 8,192 4,096 0 13/07/2009 6:01:02 PM C:\Windows\system32\drivers\sfloppy.sys 4,096
Sftfs Sftfs Sftfs Kernel Manual Running OK TRUE FALSE 8,192 688,128 0 25/06/2013 3:08:39 PM C:\Windows\system32\DRIVERS\Sftfslh.sys 12,288
Sftplay Sftplay Sftplay Kernel Manual Running OK TRUE FALSE 8,192 229,376 0 25/06/2013 3:09:02 PM C:\Windows\system32\DRIVERS\Sftplaylh.sys 8,192
Sftredir Sftredir Sftredir File System Manual Running OK TRUE FALSE 4,096 12,288 0 25/06/2013 3:08:55 PM C:\Windows\system32\DRIVERS\Sftredirlh.sys 8,192
Sftvol Sftvol Sftvol Kernel Manual Running OK TRUE FALSE 4,096 12,288 0 25/06/2013 3:08:23 PM C:\Windows\system32\DRIVERS\Sftvollh.sys 4,096
SiSRaid2 SiSRaid2 SiSRaid2 Kernel Manual Stopped OK FALSE FALSE 0 32,768 0 24/09/2008 12:28:20 PM C:\Windows\system32\drivers\SiSRaid2.sys 4,096
SiSRaid4 SiSRaid4 SiSRaid4 Kernel Manual Stopped OK FALSE FALSE 0 69,632 0 01/10/2008 3:56:04 PM C:\Windows\system32\drivers\sisraid4.sys 4,096
Smb Message-oriented TCP/I Message-oriented TCP/I Kernel Manual Stopped OK FALSE FALSE 16,384 57,344 0 13/07/2009 6:09:09 PM C:\Windows\system32\DRIVERS\smb.sys 8,192
spldr Security Processor Loa Security Processor Loa Kernel Boot Running OK TRUE FALSE 4,096 4,096 0 11/05/2009 10:56:27 AM C:\Windows\system32\drivers\spldr.sys 4,096
srv Server SMB 1.xxx Drive Server SMB 1.xxx Drive File System Manual Running OK TRUE FALSE 323,584 81,920 0 28/04/2011 9:06:06 PM C:\Windows\system32\DRIVERS\srv.sys 12,288
srv2 Server SMB 2.xxx Drive Server SMB 2.xxx Drive File System Manual Running OK TRUE FALSE 155,648 106,496 0 28/04/2011 9:05:46 PM C:\Windows\system32\DRIVERS\srv2.sys 12,288
SrvHsfHDA SrvHsfHDA SrvHsfHDA Kernel Manual Stopped OK FALSE FALSE 8,192 229,376 0 15/10/2008 6:53:42 PM C:\Windows\system32\DRIVERS\VSTAZL6.SYS 4,096
SrvHsfV92 SrvHsfV92 SrvHsfV92 Kernel Manual Stopped OK FALSE FALSE 4,096 1,179,648 0 15/10/2008 6:57:45 PM C:\Windows\system32\DRIVERS\VSTDPV6.SYS 4,096
SrvHsfWinac SrvHsfWinac SrvHsfWinac Kernel Manual Stopped OK FALSE FALSE 32,768 643,072 0 15/10/2008 6:52:22 PM C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 4,096
srvnet srvnet srvnet File System Manual Running OK TRUE FALSE 32,768 98,304 0 28/04/2011 9:05:35 PM C:\Windows\system32\DRIVERS\srvnet.sys 8,192
stexstor stexstor stexstor Kernel Manual Stopped OK FALSE FALSE 0 12,288 0 17/02/2009 4:03:36 PM C:\Windows\system32\drivers\stexstor.sys 4,096
STHDA IDT High Definition Au IDT High Definition Au Kernel Manual Running OK TRUE FALSE 368,640 45,056 0 30/06/2011 8:34:00 PM C:\Windows\system32\DRIVERS\stwrt64.sys 4,096
swenum Software Bus Driver Software Bus Driver Kernel Manual Running OK TRUE FALSE 768 512 0 13/07/2009 6:00:18 PM C:\Windows\system32\drivers\swenum.sys 896
SynTP Synaptics TouchPad Dri Synaptics TouchPad Dri Kernel Manual Running OK TRUE FALSE 0 339,968 0 21/07/2011 7:04:45 PM C:\Windows\system32\DRIVERS\SynTP.sys 4,096
Tcpip TCP/IP Protocol Driver TCP/IP Protocol Driver Kernel Boot Running OK TRUE FALSE 143,360 1,306,624 0 07/09/2013 7:11:52 PM C:\Windows\system32\drivers\tcpip.sys 24,576
TCPIP6 Microsoft IPv6 Protoco Microsoft IPv6 Protoco Kernel Manual Stopped OK FALSE FALSE 143,360 1,306,624 0 07/09/2013 7:11:52 PM C:\Windows\system32\DRIVERS\tcpip.sys 24,576
tcpipreg TCP/IP Registry Compat TCP/IP Registry Compat Kernel Auto Running OK TRUE FALSE 4,096 28,672 0 03/10/2012 10:07:26 AM C:\Windows\system32\drivers\tcpipreg.sys 4,096
TDPIPE TDPIPE TDPIPE Kernel Manual Stopped OK FALSE FALSE 0 12,288 0 13/07/2009 6:16:32 PM C:\Windows\system32\drivers\tdpipe.sys 4,096
TDTCP TDTCP TDTCP Kernel Manual Stopped OK FALSE FALSE 0 16,384 0 16/02/2012 9:57:32 PM C:\Windows\system32\drivers\tdtcp.sys 4,096
tdx NetIO Legacy TDI Suppo NetIO Legacy TDI Suppo Kernel System Running OK TRUE FALSE 4,096 98,304 0 20/11/2010 2:21:54 AM C:\Windows\system32\DRIVERS\tdx.sys 4,096
TermDD Terminal Device Driver Terminal Device Driver Kernel System Running OK TRUE FALSE 8,192 36,864 0 20/11/2010 4:03:40 AM C:\Windows\system32\drivers\termdd.sys 8,192
tssecsrv Remote Desktop Service Remote Desktop Service Kernel Manual Stopped OK FALSE FALSE 12,288 20,480 0 14/06/2013 10:32:15 PM C:\Windows\system32\DRIVERS\tssecsrv.sys 4,096
TsUsbFlt TsUsbFlt TsUsbFlt Kernel Manual Stopped OK FALSE FALSE 4,096 40,960 0 20/11/2010 4:07:04 AM C:\Windows\system32\drivers\tsusbflt.sys 4,096
TsUsbGD Remote Desktop Generic Remote Desktop Generic Kernel Manual Stopped OK FALSE FALSE 4,096 24,576 0 20/11/2010 4:07:04 AM C:\Windows\system32\drivers\TsUsbGD.sys 4,096
tunnel Microsoft Tunnel Minip Microsoft Tunnel Minip Kernel Manual Running OK TRUE FALSE 4,096 77,824 0 20/11/2010 3:51:50 AM C:\Windows\system32\DRIVERS\tunnel.sys 8,192
uagp35 Microsoft AGPv3.5 Filt Microsoft AGPv3.5 Filt Kernel Manual Stopped OK FALSE FALSE 32,768 16,384 0 13/07/2009 5:38:43 PM C:\Windows\system32\drivers\uagp35.sys 4,096
udfs udfs udfs File System Disabled Stopped OK FALSE FALSE 180,224 114,688 0 20/11/2010 2:26:11 AM C:\Windows\system32\DRIVERS\udfs.sys 12,288
uliagpkx Uli AGP Bus Filter Uli AGP Bus Filter Kernel Manual Stopped OK FALSE FALSE 32,768 20,480 0 13/07/2009 5:38:48 PM C:\Windows\system32\drivers\uliagpkx.sys 4,096
umbus UMBus Enumerator Drive UMBus Enumerator Drive Kernel Manual Running OK TRUE FALSE 32,768 8,192 0 20/11/2010 3:44:37 AM C:\Windows\system32\DRIVERS\umbus.sys 4,096
UmPass Microsoft UMPass Drive Microsoft UMPass Drive Kernel Manual Stopped OK FALSE FALSE 4,096 4,096 0 13/07/2009 6:06:52 PM C:\Windows\system32\drivers\umpass.sys 4,096
USBAAPL64 Apple Mobile USB Drive Apple Mobile USB Drive Kernel Manual Stopped OK FALSE FALSE 0 40,960 0 27/11/2012 4:38:02 PM C:\Windows\system32\Drivers\usbaapl64.sys 4,096
usbccgp Microsoft USB Generic Microsoft USB Generic Kernel Manual Stopped OK FALSE FALSE 20,480 69,632 0 24/03/2011 9:29:14 PM C:\Windows\system32\DRIVERS\usbccgp.sys 4,096
usbcir eHome Infrared Receive eHome Infrared Receive Kernel Manual Stopped OK FALSE FALSE 20,480 73,728 0 12/07/2013 4:41:12 AM C:\Windows\system32\drivers\usbcir.sys 4,096
usbehci Microsoft USB 2.0 Enha Microsoft USB 2.0 Enha Kernel Manual Running OK TRUE FALSE 0 45,056 0 24/03/2011 9:29:04 PM C:\Windows\system32\DRIVERS\usbehci.sys 4,096
usbfilter AMD USB Filter Driver AMD USB Filter Driver Kernel Manual Running OK TRUE FALSE 4,096 28,672 0 15/12/2010 3:34:49 AM C:\Windows\system32\DRIVERS\usbfilter.sys 4,096
usbhub Microsoft USB Standard Microsoft USB Standard Kernel Manual Running OK TRUE FALSE 4,096 253,952 0 24/03/2011 9:29:25 PM C:\Windows\system32\DRIVERS\usbhub.sys 4,096
usbohci Microsoft USB Open Hos Microsoft USB Open Hos Kernel Manual Running OK TRUE FALSE 0 20,480 0 24/03/2011 9:29:03 PM C:\Windows\system32\DRIVERS\usbohci.sys 4,096
usbprint Microsoft USB PRINTER Microsoft USB PRINTER Kernel Manual Stopped OK FALSE FALSE 4,096 20,480 0 13/07/2009 6:38:18 PM C:\Windows\system32\DRIVERS\usbprint.sys 4,096
USBSTOR USB Mass Storage Drive USB Mass Storage Drive Kernel Manual Running OK TRUE FALSE 45,056 36,864 0 10/03/2011 9:37:16 PM C:\Windows\system32\DRIVERS\USBSTOR.SYS 4,096
usbuhci Microsoft USB Universa Microsoft USB Universa Kernel Manual Stopped OK FALSE FALSE 0 28,672 0 24/03/2011 9:29:03 PM C:\Windows\system32\drivers\usbuhci.sys 4,096
usbvideo USB Video Device (WDM) USB Video Device (WDM) Kernel Manual Stopped OK FALSE FALSE 1,024 159,232 0 12/07/2013 4:41:34 AM C:\Windows\system32\Drivers\usbvideo.sys 3,840
vdrvroot Microsoft Virtual Driv Microsoft Virtual Driv Kernel Boot Running OK TRUE FALSE 8,192 8,192 0 13/07/2009 6:01:31 PM C:\Windows\system32\drivers\vdrvroot.sys 4,096
vga vga vga Kernel Manual Stopped OK FALSE FALSE 24,576 4,096 0 13/07/2009 5:38:47 PM C:\Windows\system32\DRIVERS\vgapnp.sys 4,096
VgaSave VgaSave VgaSave Kernel System Running OK TRUE FALSE 24,576 4,096 0 13/07/2009 5:38:47 PM C:\Windows\system32\drivers\vga.sys 4,096
vhdmp vhdmp vhdmp Kernel Manual Stopped OK FALSE FALSE 65,536 106,496 0 20/11/2010 3:35:36 AM C:\Windows\system32\drivers\vhdmp.sys 8,192
viaide viaide viaide Kernel Manual Stopped OK FALSE FALSE 0 8,192 0 13/07/2009 5:19:50 PM C:\Windows\system32\drivers\viaide.sys 4,096
volmgr Volume Manager Driver Volume Manager Driver Kernel Boot Running OK TRUE FALSE 32,768 20,480 0 20/11/2010 2:19:28 AM C:\Windows\system32\drivers\volmgr.sys 8,192
volmgrx Dynamic Volume Manager Dynamic Volume Manager Kernel Boot Running OK TRUE FALSE 221,184 102,400 0 20/11/2010 2:20:43 AM C:\Windows\system32\drivers\volmgrx.sys 8,192
volsnap Storage volumes Storage volumes Kernel Boot Running OK TRUE FALSE 196,608 36,864 0 20/11/2010 2:20:08 AM C:\Windows\system32\drivers\volsnap.sys 12,288
vsmraid vsmraid vsmraid Kernel Manual Stopped OK FALSE FALSE 0 139,264 0 30/01/2009 6:18:57 PM C:\Windows\system32\drivers\vsmraid.sys 4,096
vwifibus Virtual WiFi Bus Drive Virtual WiFi Bus Drive Kernel Manual Running OK TRUE FALSE 8,192 12,288 0 13/07/2009 6:07:21 PM C:\Windows\system32\DRIVERS\vwifibus.sys 4,096
vwififlt Virtual WiFi Filter Dr Virtual WiFi Filter Dr Kernel System Running OK TRUE FALSE 4,096 45,056 0 13/07/2009 6:07:22 PM C:\Windows\system32\DRIVERS\vwififlt.sys 8,192
WacomPen Wacom Serial Pen HID D Wacom Serial Pen HID D Kernel Manual Stopped OK FALSE FALSE 9,856 8,448 0 13/07/2009 6:02:07 PM C:\Windows\system32\drivers\wacompen.sys 2,176
WANARP Remote Access IP ARP D Remote Access IP ARP D Kernel Manual Stopped OK FALSE FALSE 49,152 16,384 0 20/11/2010 3:52:36 AM C:\Windows\system32\DRIVERS\wanarp.sys 8,192
Wanarpv6 Remote Access IPv6 ARP Remote Access IPv6 ARP Kernel System Running OK TRUE FALSE 49,152 16,384 0 20/11/2010 3:52:36 AM C:\Windows\system32\DRIVERS\wanarp.sys 8,192
Wd Wd Wd Kernel Manual Stopped OK FALSE FALSE 0 8,192 0 13/07/2009 5:19:55 PM C:\Windows\system32\drivers\wd.sys 4,096
Wdf01000 Kernel Mode Driver Fra Kernel Mode Driver Fra Kernel Boot Running OK TRUE FALSE 40,960 618,496 0 21/06/2013 9:13:05 PM C:\Windows\system32\drivers\Wdf01000.sys 8,192
WfpLwf WFP Lightweight Filter WFP Lightweight Filter Kernel System Stopped OK FALSE FALSE 0 8,192 0 13/07/2009 6:09:26 PM C:\Windows\system32\DRIVERS\wfplwf.sys 4,096
WIMMount WIMMount WIMMount File System Manual Stopped OK FALSE FALSE 4,096 4,096 0 13/07/2009 5:29:31 PM C:\Windows\system32\drivers\wimmount.sys 4,096
WinUsb WinUsb WinUsb Kernel Manual Stopped OK FALSE FALSE 4,096 32,768 0 20/11/2010 3:43:56 AM C:\Windows\system32\DRIVERS\WinUsb.sys 4,096
WmiAcpi Microsoft Windows Mana Microsoft Windows Mana Kernel Manual Running OK TRUE FALSE 8,192 4,096 0 13/07/2009 5:31:02 PM C:\Windows\system32\DRIVERS\wmiacpi.sys 4,096
ws2ifsl Winsock IFS Driver Winsock IFS Driver Kernel System Running OK TRUE FALSE 12,288 4,096 0 13/07/2009 6:10:33 PM C:\Windows\system32\drivers\ws2ifsl.sys 4,096
WudfPf User Mode Driver Frame User Mode Driver Frame Kernel Manual Running OK TRUE FALSE 4,096 65,536 0 25/07/2012 8:26:45 PM C:\Windows\system32\drivers\WudfPf.sys 4,096
WUDFRd WUDFRd WUDFRd Kernel Manual Running OK TRUE FALSE 8,192 163,840 0 25/07/2012 8:26:06 PM C:\Windows\system32\DRIVERS\WUDFRd.sys 8,192

Attached Files


Edited by GoBerserkMode, 20 December 2013 - 09:20 PM.

  • 0

Advertisements


#47
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
See if you can find

wshqos.dll

Does it exist?
  • 0

#48
GoBerserkMode

GoBerserkMode

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
From OTL scan



========== Custom Scans ==========

< MD5 for: WSHQOS.DLL >
[2009/07/13 18:41:58 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=16E964ABF6D1E0F0CC7822FCA9BA754D -- C:\Windows\SysNative\wshqos.dll
[2009/07/13 18:41:58 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=16E964ABF6D1E0F0CC7822FCA9BA754D -- C:\Windows\winsxs\amd64_microsoft-windows-qos_31bf3856ad364e35_6.1.7601.17514_none_0c716dff6e442c24\wshqos.dll
[2009/07/13 18:16:20 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=81F08948A0F1475894C99D4D19A158A8 -- C:\Windows\SysWOW64\wshqos.dll
[2009/07/13 18:16:20 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=81F08948A0F1475894C99D4D19A158A8 -- C:\Windows\winsxs\wow64_microsoft-windows-qos_31bf3856ad364e35_6.1.7600.16385_none_14950489a5b66a85\wshqos.dll
  • 0

#49
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Looks like both are OK. They should have the same security properties as the other one we looked at. Sysnative is another name for system32 and is where the 64 bit versions are stored. The 32 bit versions live in SysWow64.

I assume by now you have gone back in and enabled the ones you disabled. Clear the alarms and reboot and let's see what we get now.


Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:

2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

If VEW won't work for you then try minitoolbox.
  • 0

#50
GoBerserkMode

GoBerserkMode

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
Yes I enabled all, except the wireless device driver.

MiniToolBox by Farbar Version: 13-07-2013
Ran by Bev (administrator) on 21-12-2013 at 18:42:21
Running from "C:\Users\Bev\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom 4313GN 802.11b/g/n 1x1 Wi-Fi Adapter = Wireless Network Connection 2 (Connected)
Realtek PCIe FE Family Controller = Local Area Connection 2 (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Bev-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Home

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . : Home
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 78-E3-B5-5C-40-89
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.0.124(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : December-21-13 6:40:02 PM
Lease Expires . . . . . . . . . . : December-22-13 6:40:02 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 8.8.8.8
4.2.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: google.com
Addresses: 2607:f8b0:4009:804::1009
173.194.46.34
173.194.46.38
173.194.46.40
173.194.46.35
173.194.46.41
173.194.46.36
173.194.46.32
173.194.46.37
173.194.46.39
173.194.46.33
173.194.46.46

Ping request could not find host google.com. Please check the name and try again.
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
206.190.36.45

Ping request could not find host yahoo.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
4...78 e3 b5 5c 40 89 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.124 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.124 276
192.168.0.124 255.255.255.255 On-link 192.168.0.124 276
192.168.0.255 255.255.255.255 On-link 192.168.0.124 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.124 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.124 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/21/2013 06:41:03 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/21/2013 06:40:06 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegOpenKeyExW(-2147483646,SYSTEM\CurrentControlSet\Services\VSS\Diag,...). hr = 0x80070005, Access is denied.
.


Operation:
Initializing Writer

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {368ff264-4339-4d12-8448-116347913d34}


System errors:
=============
Error: (12/21/2013 06:41:06 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023821.

Error: (12/21/2013 06:41:06 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends the following service: netprofm. This service might not be installed.

Error: (12/21/2013 06:41:05 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Psched
WfpLwf

Error: (12/21/2013 06:41:05 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft iSCSI Initiator Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (12/21/2013 06:41:06 PM) (Source: DCOM) (User: )
Description: 1075HomeGroupProvider{6F7C8E8F-DC69-4E3F-BC05-439962A05FD5}

Error: (12/21/2013 06:41:03 PM) (Source: Service Control Manager) (User: )
Description: The Diagnostic Service Host service terminated with the following error:
%%1052

Error: (12/21/2013 06:41:03 PM) (Source: Service Control Manager) (User: )
Description: The Diagnostic System Host service terminated with the following error:
%%1052

Error: (12/21/2013 06:41:02 PM) (Source: Service Control Manager) (User: )
Description: The Quality Windows Audio Video Experience service depends on the QoS Packet Scheduler service which failed to start because of the following error:
%%31

Error: (12/21/2013 06:41:02 PM) (Source: Service Control Manager) (User: )
Description: The Performance Logs & Alerts service terminated with the following error:
%%5

Error: (12/21/2013 06:41:02 PM) (Source: Service Control Manager) (User: )
Description: The Net.Tcp Listener Adapter service depends the following service: was. This service might not be installed.


Microsoft Office Sessions:
=========================
Error: (12/21/2013 06:41:03 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/21/2013 06:40:06 PM) (Source: VSS)(User: )
Description: RegOpenKeyExW(-2147483646,SYSTEM\CurrentControlSet\Services\VSS\Diag,...)0x80070005, Access is denied.


Operation:
Initializing Writer

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {368ff264-4339-4d12-8448-116347913d34}


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Reader X MUI (Version: 10.0.0)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Alien Shooter
Amazing Adventures Riddle of the Two Knights
AMD APP SDK Runtime (Version: 2.4.650.9)
AMD Fuel (Version: 2011.0705.1115.18310)
AMD Media Foundation Decoders (Version: 1.0.60705.1113)
AMD Steady Video Plug-In (Version: 1.00.0000)
AMD VISION Engine Control Center (Version: 2011.0705.1115.18310)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.829.0)
Big Fish Games: Game Manager (Version: 3.0.1.60)
Blaze Audio Overdub!
Blaze Audio Sound Effects Set 1
Bonjour (Version: 3.0.0.10)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.100.82.140)
Broadcom Bluetooth Software (Version: 6.5.0.1300)
Broadcom InConcert Maestro (Version: 1.0.1.1300)
Business Contact Manager for Outlook 2003 (Version: 1.0.2002.1)
Canon Inkjet Printer Driver Add-On Module V2.00
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.0705.1115.18310)
Catalyst Control Center InstallProxy (Version: 2011.0705.1115.18310)
Catalyst Control Center Localization All (Version: 2011.0705.1115.18310)
CCC Help Chinese Standard (Version: 2011.0705.1114.18310)
CCC Help Chinese Traditional (Version: 2011.0705.1114.18310)
CCC Help Czech (Version: 2011.0705.1114.18310)
CCC Help Danish (Version: 2011.0705.1114.18310)
CCC Help Dutch (Version: 2011.0705.1114.18310)
CCC Help English (Version: 2011.0705.1114.18310)
CCC Help Finnish (Version: 2011.0705.1114.18310)
CCC Help French (Version: 2011.0705.1114.18310)
CCC Help German (Version: 2011.0705.1114.18310)
CCC Help Greek (Version: 2011.0705.1114.18310)
CCC Help Hungarian (Version: 2011.0705.1114.18310)
CCC Help Italian (Version: 2011.0705.1114.18310)
CCC Help Japanese (Version: 2011.0705.1114.18310)
CCC Help Korean (Version: 2011.0705.1114.18310)
CCC Help Norwegian (Version: 2011.0705.1114.18310)
CCC Help Polish (Version: 2011.0705.1114.18310)
CCC Help Portuguese (Version: 2011.0705.1114.18310)
CCC Help Russian (Version: 2011.0705.1114.18310)
CCC Help Spanish (Version: 2011.0705.1114.18310)
CCC Help Swedish (Version: 2011.0705.1114.18310)
CCC Help Thai (Version: 2011.0705.1114.18310)
CCC Help Turkish (Version: 2011.0705.1114.18310)
ccc-utility64 (Version: 2011.0705.1115.18310)
ContentHD (Version: 1.00.0002)
Contents (Version: 1.6.0.272)
Corel PaintShop Photo Pro X3 (Version: 1.00.0000)
Corel PaintShop Photo Pro X3 (Version: 1.6.1.263)
Corel VideoStudio Pro X3 (Version: 1.6.0.272)
CyberLink YouCam (Version: 3.5.1.4119)
DeviceIO (Version: 1.6.0.272)
Dragon NaturallySpeaking 12 (Version: 12.00.100)
ESU for Microsoft Windows 7 SP1 (Version: 2.1.1)
Evernote v. 4.2.3 (Version: 4.2.3.22)
Family Tree Maker 2012 (Version: 21.0.580)
FrostWire 5.2.11 (Version: 5.2.11.0)
Google Chrome (Version: 31.0.1650.63)
Google Update Helper (Version: 1.3.21.165)
Hewlett-Packard ACLM.NET v1.2.2.3 (Version: 1.00.0000)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Customer Experience Enhancements (Version: 6.0.1.8)
HP Documentation (Version: 1.1.0.0)
HP On Screen Display (Version: 1.3.5)
HP Power Manager (Version: 1.4.7)
HP Quick Launch (Version: 2.7.2)
HP Software Framework (Version: 4.5.10.1)
HP Support Assistant (Version: 7.4.45.4)
ICA (Version: 1.6.0.272)
ICA (Version: 1.6.1.263)
IDT Audio (Version: 1.0.6351.0)
IncrediMail (Version: 6.2.9.5181)
IncrediMail 2.0 (Version: 6.2.9.5181)
IPM_PSP_CL (Version: 1.00.0000)
IPM_PSP_COM (Version: 1.00.0000)
IPM_VS_Pro (Version: 13.0)
iTunes (Version: 11.0.4.4)
Jasc Paint Shop Pro 9 (Version: 9.01.0000)
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (Version: 6.0.240)
Magic Bullet PhotoLooks for PaintShop Photo Pro (Version: 1.1)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Small Business Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Starter 2010 - English (Version: 14.0.5131.5000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MLE (Version: 1.0.0.18)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Ozzy Bubbles
Paint Shop Pro 7 (Version: 7.0.2.0000)
PaintShop Photo Pro X3 Registration Incentive (Version: 1.00.0000)
Photo Notifier and Animation Creator (Version: 1.0.0.1009)
PlayReady PC Runtime x86 (Version: 1.3.0)
PSPPContent (Version: 1.00.0000)
PSPPRO_DCRAW (Version: 13.0.0)
PureHD (Version: 1.6.0.272)
QuickTime (Version: 7.74.80.86)
Realtek Ethernet Controller Driver (Version: 7.46.610.2011)
Realtek PCIE Card Reader (Version: 6.1.7601.84)
Recovery Manager (Version: 2.0.0)
Setup (Version: 1.6.0.272)
Setup (Version: 1.6.1.263)
Share (Version: 1.6.0.272)
Share64 (Version: 1.6.0.272)
Shared C Run-time for x64 (Version: 10.0.0)
Skype™ 5.10 (Version: 5.10.116)
SmartSound Common Data (Version: 1.1.0)
SmartSound Quicktracks 5 (Version: 5.1.5)
Super Jigsaw Americana
Synaptics TouchPad Driver (Version: 15.3.17.0)
Tasty Planet Back for Seconds
TonkyPonky
Toy Defense
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
VIO (Version: 1.6.0.272)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VSClassic (Version: 1.6.0.272)
VSPro (Version: 1.6.0.272)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)

========================= Devices: ================================

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


========================= Memory info: ===================================

Percentage of memory in use: 20%
Total physical RAM: 5610.91 MB
Available physical RAM: 4452.76 MB
Total Pagefile: 11219.99 MB
Available Pagefile: 9832.93 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.32 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:576.75 GB) (Free:510.18 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:15.25 GB) (Free:1.66 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:3.95 GB) FAT32
5 Drive g: (USB DRIVE) (Removable) (Total:0.95 GB) (Free:0.95 GB) FAT

========================= Users: ========================================

User accounts for \\BEV-HP

Administrator ASPNET Bev
Guest

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
  • 0

#51
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
These instructions are for XP but I think they also work on Win 7.

Do you have the file:

C:\WINDOWS\inf\nettcpip.inf

IF so. Back up your registry:

http://pcsupport.abo...backupxpreg.htm

Then see if you can follow the steps in the Hardcore method when nothing else is working section on

http://smokeys.wordp...p3-tcpip-stack/

If it makes things worse you can revert back to the saved registry.
  • 0

#52
GoBerserkMode

GoBerserkMode

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
Man... I did those instructions to a tee, and now I cannot even get a nslookup , this looks pretty hopeless, unless you can suggest anything else, I will just do a clean win7 install

Edited by GoBerserkMode, 22 December 2013 - 12:10 AM.

  • 0

#53
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
What does ipconfig /all say now?

Do you still see a lot of yellow flags in Device Manager?

If you have the Windows disk then you should be able to do a repair install and save your data. Probably be the quickest way.
  • 0

#54
GoBerserkMode

GoBerserkMode

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
So I ended up giving system restore a shot before I went to do a clean win7 install and to my delightful surprise, ALL networking problems have been fixed.

Now would it be possible to recheck my machine strickly for malware? Also, I would like to completely remove McAfee from the machine, any tools to suggest?

Edited by GoBerserkMode, 23 December 2013 - 02:37 AM.

  • 0

#55
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
To remove McAfee and run a really good check for malware (Can take up to 6 hours so let it run while you sleep):

Download and Save the free Avast installer.
http://www.avast.com/index
Click on Download then choose the free version.
Download the McAfee Removal tool
http://download.mcaf...atches/MCPR.exe
(If you think you might want to reinstall McAfee later then follow the instructions here to save your license info:
http://service.mcafe...spx?id=TS100507 )
Uninstall McAfee, run the McAfee uninstall tool by right clicking and Run As Admin, reboot.
Install Avast (free, basic version, ignore offers to upgrade) by right clicking and Run As Admin. (Don't let it download/install the Google Toolbar. Chrome is OK but it takes much longer.)


First mute the speakers so it won't wake you up when Windows loads. Click on the Orange ball. Click on Scans. Change Quickscan to Boot-time Scan. Click on Settings. Where it says Heuristic Sensitivity click on the last rectangle so that all of them are orange and it says High. Check both boxes. Then change When a threat is found ... to: Move to Chest. OK. Now click on Start. Close the Avast window and then reboot. The scan will start. It will tell you where it will save the report. Usually it's
C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location. When Windows loads Click on the Orange Ball then Scan, Then Scan History (at the bottom of the page). Click on the last scan and then Detailed Report. If it found anything then open the aswBoot.txt file and copy and paste it. If you can't find it then take a screen shot of the Detailed Report:


Press the Alt + the Print Screen key on your keyboard. It may be labeled [PrtScn].

Open Microsoft Paint (All Programs, Accessories,Paint).

Go to the Edit menu and choose Paste (or just do Ctrl + v) and the image should appear.


Go to the File Menu and choose Save As.

Navigate to the folder where you want to save the image. (Desktop)

Type a file name for the image: Avast

Select a file type. jpeg

Click the Save button.

Attach Avast.jpg to your Reply.

(Start a Reply. Click on the Browse button, point it at your desktop and click on Avast.jpg then Open. Now click on Attach this File)
  • 0

Advertisements


#56
GoBerserkMode

GoBerserkMode

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
Only found a few mp3 files... delete them?

Attached Thumbnails

  • Image1.png

  • 0

#57
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Appears the mp3 files were infected and have been removed to the chest. You can empty the chest which deletes them or just ignore them as once in the chest they can't hurt anything.

Stick with Avast for a while and see how you like it. Some people object to the voice notification of updates. To turn it off, click on the Avast ball then on Settings then on Appearance. Then on Sounds and uncheck Automatic Updates OK. (It will still update it just won't tell you about in a loud voice in the middle of the night.)

They have also started using their info popup to try and get you to upgrade so I go into Settings, Appearance, Popups and change the first two to 1 second.

If you haven't registered already then right click on the orange ball and select Registration Information and click on the link. (They just want you name and email address). The registration is good for 12-14 months then you will need to register again. They will, of course, try to talk you into buying the product but you can always register again for another year free tho it may not be the default.

Wouldn't hurt to run a FRST scan (with additions checked and post both logs so we can see where we are.
  • 0

#58
GoBerserkMode

GoBerserkMode

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
I think all is good, thanks for all the time you put into this thread man, I really appreciate it, and learned alot.

Happy Holidays : )
  • 0

#59
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
You can uninstall or delete any tools we had you download and their logs.

If we ran Combofix:To uninstall combofix, copy the next line:

"%userprofile%\Desktop\combofix.exe" /Uninstall

Start, All Programs, Accessories then right click on Command Prompt and Run As Administrator.
then right click, Paste, then hit Enter.



OTL has a cleanup tab but DO NOT USE IT!. There are reports that it leaves the PC unbootable. Instead just delete OTL.exe and the folder c:\_OTL.

To hide hidden files again:

Vista or Win7

# Open the Control Panel menu and click Folder Options.
# After the new window appears select the View tab.
# Remove the check in the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the radio button labeled Do not Show hidden files and folders.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and exit My Computer.

Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

Unless you have the latest version of Avast which has its own update checker: To help keep your programs up-to-date you should download and run the UpdateChecker:
http://www.filehippo.../updatechecker/
(You don't need to download Betas and if there is a program you don't use you can just uninstall it rather than update it. Exception is MSN messenger which appears to be part of Windows.)
If you get a blocked program notice after installing updatechecker then change it to not run at start then manually run it once a week.
Seems to work best if Firefox is the default browser. Windows always hides its icon so you need to unhide it. Click on the up arrow to the left of the clock. Then click on Customize. Maximize the window so you can see all of the options. Scroll Down and find the File Hippo UpdateChecker and change its Behaviors to Show Icon and Notifications. OK. When you reboot you should see the icon. It will take it a minute to finish checking then it will put up a bubble if you need to update something. Click on the bubble and it should open in your browser. (Seems to work best if it uses Firefox. If you do not use Firefox as your default browser then right click on the icon and click on Settings. Then on Results. Change the Open Results in Default Browser to Custom Browser and then select the line that has Firefox.exe in it. While there, also check Hide Beta Versions. OK. ) You will see a list of programs that have updates with green down arrows next to them. You do not need to download any Beta Versions. There is an option Settings to Hide Beta Versions. I do not advise updating Windows Messenger unless you really use it so I right click on the Icon and Customize Results then find Microsoft Messenger and change Show All Releases to Hide All Releases. OK.

You can also try Secunia PSI http://secunia.com/v...l/download_psi/ Same kind of info. You don't need both.
If you use Chrome/Firefox/IE then get the AdBlock Plus Add-on. Go to adblockplus.org with each browser and get the add-on.

If Chrome/Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . Close Chrome/Firefox. Hit Optimize. You can run it any time that Chrome/Firefox seems slow.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.

Due to a recent rise in the number of Crytolocker infections I am now recommending you install:

CryptoPrevent

http://www.foolishIT.../cryptoprevent/

The free version does not update on its own so you should check for updated versions once in a while.



If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.

Special note on Java. Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
http://www.java.com/...lugin_cache.xml
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not Java Version 7 update 25 or better. These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE. Get the latest version from Java.com. They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download. Just uncheck the garbage before the download (or install) starts. If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it. IF that is the case then go to Control Panel, Java, Security and slide it up to the highest level. OK.

Make sure Windows Updates is turned and that it works. Go to Control panel, Windows Updates and see if it works.


My help is free but if you wish to show your appreciation, please donate to Kwiaht instead of me. It's a local environmental organization that I volunteer with: http://www.kwiaht.org/donate.htm
(The name means something like "clean place" in one of the local native-American dialects)

Ron
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP