Jump to content

malibu91

Members
  • Posts

    16
  • Joined

  • Last visited

Everything posted by malibu91

  1. No worries. Pictures are attached in .zip file. Thanks Jules Pictures.zip
  2. Hi Larry, Unfortunately the pictures are still displaying the same error message when I try to open them. nosirrah mentioned that he thought they were not a corrupted jpeg's, and that they may have been replaced by executable code it is likely that the pictures are still there but hidden. Is this what you are thinking? Thanks again. Jules
  3. OK. I ran Disk Cleanup and got the following results. It appears that by selecting the "Cleanup Thumbnail" option it removes them. First screen is before, second is after. They do come back, but with today's date (I assume this is the point?) Jules
  4. Hi Just tried logging into Safe Mode as Admin. When running FixThumbnailView.bat I get the first screen (no reboot request). If I then try to run FixThumbnailView.bat again, then I get the second screen message??? Thanks again. Jules
  5. OK. I get as far as step 3 and then when running "FixThumbnailView.bat" as administrator I get the following error (below). SUCCESS: The process "explorer.exe" with PID 2848 has been terminated. Could Not Find C:\Users\Jules and Tab\AppData\Local\IconCache.db C:\Users\Jules and Tab\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024. db Access is denied. C:\Users\Jules and Tab\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.d b Access is denied. C:\Users\Jules and Tab\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db Access is denied. C:\Users\Jules and Tab\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db Access is denied. C:\Users\Jules and Tab\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.d b Access is denied. C:\Users\Jules and Tab\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db Access is denied. Thanks Jules
  6. Thanks Larry, Tried this and the icons changed to show they were now associated correctly. However when trying to open one I get the following message. Looks like something's still not right. Thanks Jules
  7. Have applied the fix and there are some changes. Rather than be associated with Windows Picture viewer the damaged files seem to now be "unassociated" Computer is still behaving normally, however a lot of family pictures (.jpg) are still not viewable. Thanks for keeping at it! Your help is much appreciated. Jules
  8. Hi, No issue detacted with .jpg files? I didn't apply a fix as it required a payment Computer is still behaving normally, however a lot of family pictures (.jog) are still not viewable. Thanks again. Jules
  9. ComboFix 11-07-20.02 - Jules and Tab 20/07/2011 19:28:01.1.2 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.61.1033.18.2013.841 [GMT 10:00] Running from: c:\users\Jules and Tab\Downloads\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\GuffinsEI c:\program files (x86)\GuffinsEI\Installr\1.bin\NPu4EISb.dll c:\program files (x86)\GuffinsEI\Installr\1.bin\u4EIPlug.dll c:\users\Jules and Tab\AppData\Roaming\inst.exe c:\windows\XSxS . . ((((((((((((((((((((((((( Files Created from 2011-06-20 to 2011-07-20 ))))))))))))))))))))))))))))))) . . 2011-07-20 09:37 . 2011-07-20 09:37 -------- d-----w- c:\users\Miles\AppData\Local\temp 2011-07-20 09:37 . 2011-07-20 09:37 -------- d-----w- c:\users\Eden\AppData\Local\temp 2011-07-20 09:37 . 2011-07-20 09:37 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-07-20 06:13 . 2011-07-20 06:13 -------- d-----w- c:\users\Jules and Tab\AppData\Roaming\.minecraft 2011-07-19 07:26 . 2011-07-19 07:26 -------- d-----w- c:\users\Jules and Tab\AppData\Local\Adobe 2011-07-16 06:32 . 2011-07-16 06:32 -------- d-----w- c:\users\Jules and Tab\AppData\Roaming\VG Solutions 2011-07-16 04:48 . 2011-07-16 04:48 -------- d-----w- c:\program files (x86)\Common Files\Java 2011-07-13 09:00 . 2011-06-03 06:57 362496 ----a-w- c:\windows\system32\wow64win.dll 2011-07-13 09:00 . 2011-06-03 06:53 338944 ----a-w- c:\windows\system32\conhost.exe 2011-07-13 09:00 . 2011-06-03 06:57 214528 ----a-w- c:\windows\system32\winsrv.dll 2011-07-13 09:00 . 2011-06-03 06:57 243200 ----a-w- c:\windows\system32\wow64.dll 2011-07-13 09:00 . 2011-06-03 06:57 13312 ----a-w- c:\windows\system32\wow64cpu.dll 2011-07-13 09:00 . 2011-06-03 06:57 16384 ----a-w- c:\windows\system32\ntvdm64.dll 2011-07-13 09:00 . 2011-06-03 06:00 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll 2011-07-13 09:00 . 2011-06-03 05:57 25600 ----a-w- c:\windows\SysWow64\setup16.exe 2011-07-13 09:00 . 2011-06-03 05:56 5120 ----a-w- c:\windows\SysWow64\wow32.dll 2011-07-13 09:00 . 2011-06-03 03:53 7680 ----a-w- c:\windows\SysWow64\instnm.exe 2011-07-13 09:00 . 2011-06-03 03:53 2048 ----a-w- c:\windows\SysWow64\user.exe 2011-07-13 08:48 . 2011-06-11 03:07 3137536 ----a-w- c:\windows\system32\win32k.sys 2011-07-13 08:42 . 2011-04-28 03:55 552960 ----a-w- c:\windows\system32\drivers\bthport.sys 2011-07-13 08:42 . 2011-04-28 03:54 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS 2011-07-11 01:16 . 2011-07-11 01:16 -------- d-----w- c:\programdata\KingsIsle Entertainment 2011-07-09 12:03 . 2011-07-10 00:59 -------- d-----w- c:\users\Jules and Tab\AppData\Local\eventMobileplugin 2011-07-09 10:14 . 2011-07-09 10:14 -------- d-----w- c:\programdata\SlySoft 2011-07-09 09:50 . 2011-07-09 09:50 -------- d--h--w- c:\programdata\tks 2011-07-09 09:49 . 2011-07-09 09:49 -------- d-----w- c:\programdata\Aiseesoft Studio 2011-07-08 22:12 . 2011-07-08 22:12 -------- d-----w- c:\users\Eden\AppData\Local\Diagnostics . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-06 09:52 . 2010-01-06 08:08 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-07-06 09:52 . 2010-01-06 08:08 25912 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-07-04 11:43 . 2010-07-02 01:46 40112 ----a-w- c:\windows\avastSS.scr 2011-07-04 11:43 . 2009-12-26 07:55 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe 2011-07-04 11:43 . 2011-01-29 07:20 253888 ----a-w- c:\windows\system32\aswBoot.exe 2011-07-04 11:36 . 2011-04-22 09:13 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-07-04 11:36 . 2009-12-30 15:35 288088 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-07-04 11:35 . 2009-12-26 07:55 45400 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-07-04 11:32 . 2009-12-26 07:55 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-07-04 11:32 . 2009-12-26 07:55 64856 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-07-04 11:32 . 2009-12-30 15:35 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-06-17 09:26 . 2009-12-29 12:38 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2011-06-16 22:37 . 2011-06-16 22:37 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-06-14 15:39 . 2010-01-25 06:02 15880 ----a-w- c:\windows\system32\lsdelete.exe 2011-06-14 15:37 . 2011-06-14 22:30 69376 ----a-w- c:\windows\system32\drivers\Lbd.sys 2011-06-09 21:05 . 2011-06-09 21:05 138872 ----a-w- c:\windows\SysWow64\drivers\AnyDVD.sys 2011-06-09 21:05 . 2011-06-09 21:05 138872 ----a-w- c:\windows\system32\drivers\AnyDVD.sys 2011-06-03 05:57 . 2011-07-13 09:00 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2011-05-30 09:45 . 2010-01-24 08:22 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll 2011-05-27 09:07 . 2010-01-24 08:22 336192 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2011-05-07 06:38 . 2010-05-29 08:44 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2011-05-03 18:52 . 2010-04-23 08:18 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-05-03 05:29 . 2011-06-16 21:54 976896 ----a-w- c:\windows\system32\inetcomm.dll 2011-05-03 04:30 . 2011-06-16 21:54 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll 2011-04-29 03:06 . 2011-06-16 21:54 467456 ----a-w- c:\windows\system32\drivers\srv.sys 2011-04-29 03:05 . 2011-06-16 21:54 410112 ----a-w- c:\windows\system32\drivers\srv2.sys 2011-04-29 03:05 . 2011-06-16 21:54 168448 ----a-w- c:\windows\system32\drivers\srvnet.sys 2011-04-27 02:40 . 2011-06-16 21:54 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-27 02:39 . 2011-06-16 21:54 289280 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-04-27 02:39 . 2011-06-16 21:54 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-04-25 05:33 . 2011-06-16 21:54 1923968 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-04-25 02:34 . 2011-06-16 21:54 499200 ----a-w- c:\windows\system32\drivers\afd.sys 2011-04-23 06:32 . 2011-02-24 23:36 419840 ----a-w- c:\windows\system32\systemcpl.dll 2011-04-23 01:29 . 2011-06-16 22:03 2303488 ----a-w- c:\windows\system32\jscript9.dll 2011-04-23 01:19 . 2011-06-16 22:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-04-22 23:35 . 2011-06-16 22:03 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll 2011-04-22 23:25 . 2011-06-16 22:03 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2011-04-22 22:15 . 2011-05-24 21:53 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [7] 2010-11-20 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll [7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [-] 2011-02-25 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll . [-] 2011-02-25 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll [7] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\tbuTo1.dll" [2011-02-06 3911776] . [HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] 2011-02-06 00:49 3911776 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngin0.dll . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] 2011-02-06 00:49 3911776 ----a-w- c:\program files (x86)\uTorrentBar\tbuTo1.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files (x86)\uTorrentBar\tbuTo1.dll" [2011-02-06 3911776] "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngin0.dll" [2011-02-06 3911776] . [HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] . [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "TomTomHOME.exe"="d:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe Acrobat Speed Launcher"="d:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2011-06-07 40376] "Acrobat Assistant 8.0"="d:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-22 640440] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920] "OpwareSE2"="d:\program files (x86)\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888] "iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe" [2010-11-17 421160] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] . c:\users\Jules and Tab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-19 136176] R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [x] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-19 136176] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [x] R3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [x] R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [x] R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [x] R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [x] R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [x] R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [x] R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 Ext2Fsd;Linux ext2 file system driver; [x] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-06-14 1355968] S2 TomTomHOMEService;TomTomHOMEService;d:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592] S2 ubsbm;Unibrain 1394 SBM Driver;c:\windows\system32\DRIVERS\ubsbm.sys [x] S2 ubumapi;Unibrain 1394 FireAPI Driver;c:\windows\system32\DRIVERS\ubumapi.sys [x] S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 ubohci;Unibrain 1394 OHCI Driver;c:\windows\system32\DRIVERS\ubohci.sys [x] S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x] S3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [x] . . Contents of the 'Scheduled Tasks' folder . 2011-07-20 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-05-24 15:37] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-07-04 11:43 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EvtMgr6"="d:\program files (x86)\Logitech\SetPointP\SetPoint.exe" [2010-01-27 1612880] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-04-13 2399632] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\windows\System32\acaptuser64.dll . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = about:blank mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000 TCP: Interfaces\{9FE5E0C7-21F8-443F-BA99-9D8C2EAED168}: NameServer = 192.168.1.1 TCP: Interfaces\{CDDFE472-86E3-44F9-93FF-8EBA83A89CE0}: NameServer = 192.168.1.1 FF - ProfilePath - c:\users\Jules and Tab\AppData\Roaming\Mozilla\Firefox\Profiles\mw9cm6nw.default\ FF - prefs.js: browser.startup.homepage - hxxp://forum.avast.com/index.php?topic=81334.0 FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file) AddRemove-EasyBCD - d:\program files (x86)\NeoSmart Technologies\EasyBCD\uninstall.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-3300194073-333461294-3519441796-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1CFC8C9A-8FC9-3F30-0D92-2941537A7420}*] "naphajlejmdfpkcdniedaggimdme"=hex:6b,61,6a,63,64,61,6c,65,65,64,65,6d,69,6b, 69,6c,61,66,6a,61,6d,63,00,00 "oafhgifpamcdgnebkdflbeagpfogne"=hex:6b,61,6a,63,64,61,6c,65,65,64,65,6d,69,6b, 69,6c,61,66,6a,61,6d,63,00,00 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2011-07-20 19:41:26 ComboFix-quarantined-files.txt 2011-07-20 09:41 . Pre-Run: 20,705,951,744 bytes free Post-Run: 20,242,665,472 bytes free . - - End Of File - - 6366A076C964109FFD23F3CA2D06B5AD NOTES: Computer is still behaving normally, however a lot of family pictures are still not viewable. A suspect mismatch extension .jpg file has been found amongst the damaged files by Mbam. Thanks again for your assistance.
  10. 2011/07/19 17:15:07.0702 1632 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56 2011/07/19 17:15:08.0498 1632 ================================================================================ 2011/07/19 17:15:08.0498 1632 SystemInfo: 2011/07/19 17:15:08.0498 1632 2011/07/19 17:15:08.0498 1632 OS Version: 6.1.7601 ServicePack: 1.0 2011/07/19 17:15:08.0498 1632 Product type: Workstation 2011/07/19 17:15:08.0498 1632 ComputerName: DESKTOPPC 2011/07/19 17:15:08.0498 1632 UserName: Jules and Tab 2011/07/19 17:15:08.0498 1632 Windows directory: C:\Windows 2011/07/19 17:15:08.0498 1632 System windows directory: C:\Windows 2011/07/19 17:15:08.0498 1632 Running under WOW64 2011/07/19 17:15:08.0498 1632 Processor architecture: Intel x64 2011/07/19 17:15:08.0498 1632 Number of processors: 2 2011/07/19 17:15:08.0498 1632 Page size: 0x1000 2011/07/19 17:15:08.0498 1632 Boot type: Normal boot 2011/07/19 17:15:08.0498 1632 ================================================================================ 2011/07/19 17:15:10.0261 1632 Initialize success 2011/07/19 17:15:20.0713 4060 ================================================================================ 2011/07/19 17:15:20.0713 4060 Scan started 2011/07/19 17:15:20.0713 4060 Mode: Manual; 2011/07/19 17:15:20.0713 4060 ================================================================================ 2011/07/19 17:15:22.0117 4060 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 2011/07/19 17:15:22.0163 4060 61883 (e0a8525a951addb4655bc2068566407d) C:\Windows\system32\DRIVERS\61883.sys 2011/07/19 17:15:22.0226 4060 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 2011/07/19 17:15:22.0257 4060 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 2011/07/19 17:15:22.0335 4060 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/07/19 17:15:22.0366 4060 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 2011/07/19 17:15:22.0397 4060 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 2011/07/19 17:15:22.0460 4060 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys 2011/07/19 17:15:22.0491 4060 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 2011/07/19 17:15:22.0538 4060 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 2011/07/19 17:15:22.0553 4060 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 2011/07/19 17:15:22.0585 4060 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 2011/07/19 17:15:22.0616 4060 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 2011/07/19 17:15:22.0647 4060 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 2011/07/19 17:15:22.0678 4060 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/07/19 17:15:22.0709 4060 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 2011/07/19 17:15:22.0772 4060 AnyDVD (1f8e9426219263cb3ce9ac1735a68d9e) C:\Windows\system32\Drivers\AnyDVD.sys 2011/07/19 17:15:22.0803 4060 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 2011/07/19 17:15:22.0881 4060 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 2011/07/19 17:15:22.0912 4060 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 2011/07/19 17:15:22.0959 4060 aswFsBlk (55353cd0da287b2c3782485740965b54) C:\Windows\system32\drivers\aswFsBlk.sys 2011/07/19 17:15:23.0006 4060 aswMonFlt (b38061cdefb71361e0c7547ac60527e8) C:\Windows\system32\drivers\aswMonFlt.sys 2011/07/19 17:15:23.0021 4060 aswRdr (91e7aca95933633b2557f47cdfdb74c3) C:\Windows\system32\drivers\aswRdr.sys 2011/07/19 17:15:23.0099 4060 aswSnx (2b15499f68fad60ce69264a327e9b0f0) C:\Windows\system32\drivers\aswSnx.sys 2011/07/19 17:15:23.0146 4060 aswSP (4d939ecb19dc930056593390d1c87c43) C:\Windows\system32\drivers\aswSP.sys 2011/07/19 17:15:23.0177 4060 aswTdi (d633426c5a207ce21767569aa4946891) C:\Windows\system32\drivers\aswTdi.sys 2011/07/19 17:15:23.0224 4060 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/07/19 17:15:23.0271 4060 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 2011/07/19 17:15:23.0349 4060 Avc (16fabe84916623d0607e4a975544032c) C:\Windows\system32\DRIVERS\avc.sys 2011/07/19 17:15:23.0396 4060 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 2011/07/19 17:15:23.0443 4060 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 2011/07/19 17:15:23.0489 4060 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 2011/07/19 17:15:23.0536 4060 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/07/19 17:15:23.0599 4060 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 2011/07/19 17:15:23.0630 4060 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/07/19 17:15:23.0661 4060 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/07/19 17:15:23.0692 4060 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 2011/07/19 17:15:23.0723 4060 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/07/19 17:15:23.0755 4060 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/07/19 17:15:23.0786 4060 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/07/19 17:15:23.0817 4060 BthAvrcp (832b121e4532919cc49f2438f1dcaa21) C:\Windows\system32\DRIVERS\BthAvrcp.sys 2011/07/19 17:15:23.0879 4060 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 2011/07/19 17:15:23.0911 4060 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/07/19 17:15:23.0942 4060 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 2011/07/19 17:15:24.0004 4060 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 2011/07/19 17:15:24.0051 4060 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 2011/07/19 17:15:24.0082 4060 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/07/19 17:15:24.0145 4060 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 2011/07/19 17:15:24.0207 4060 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 2011/07/19 17:15:24.0238 4060 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 2011/07/19 17:15:24.0332 4060 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/07/19 17:15:24.0363 4060 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 2011/07/19 17:15:24.0410 4060 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys 2011/07/19 17:15:24.0441 4060 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 2011/07/19 17:15:24.0488 4060 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 2011/07/19 17:15:24.0519 4060 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/07/19 17:15:24.0566 4060 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 2011/07/19 17:15:24.0659 4060 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 2011/07/19 17:15:24.0691 4060 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 2011/07/19 17:15:24.0722 4060 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 2011/07/19 17:15:24.0800 4060 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 2011/07/19 17:15:24.0847 4060 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 2011/07/19 17:15:24.0956 4060 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 2011/07/19 17:15:25.0081 4060 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys 2011/07/19 17:15:25.0127 4060 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 2011/07/19 17:15:25.0159 4060 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 2011/07/19 17:15:25.0221 4060 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 2011/07/19 17:15:25.0283 4060 Ext2Fsd (77541bb9ea03008ff40035f2d3ef114e) C:\Windows\system32\drivers\Ext2Fsd.sys 2011/07/19 17:15:25.0330 4060 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 2011/07/19 17:15:25.0361 4060 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 2011/07/19 17:15:25.0408 4060 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 2011/07/19 17:15:25.0439 4060 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 2011/07/19 17:15:25.0486 4060 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/07/19 17:15:25.0533 4060 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 2011/07/19 17:15:25.0580 4060 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 2011/07/19 17:15:25.0611 4060 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 2011/07/19 17:15:25.0658 4060 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 2011/07/19 17:15:25.0689 4060 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/07/19 17:15:25.0720 4060 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2011/07/19 17:15:25.0798 4060 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 2011/07/19 17:15:25.0861 4060 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 2011/07/19 17:15:25.0907 4060 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 2011/07/19 17:15:25.0939 4060 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/07/19 17:15:25.0970 4060 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 2011/07/19 17:15:26.0001 4060 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 2011/07/19 17:15:26.0048 4060 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 2011/07/19 17:15:26.0126 4060 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 2011/07/19 17:15:26.0173 4060 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 2011/07/19 17:15:26.0235 4060 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 2011/07/19 17:15:26.0266 4060 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 2011/07/19 17:15:26.0329 4060 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 2011/07/19 17:15:26.0609 4060 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys 2011/07/19 17:15:26.0750 4060 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 2011/07/19 17:15:26.0812 4060 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 2011/07/19 17:15:26.0843 4060 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 2011/07/19 17:15:26.0890 4060 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/07/19 17:15:26.0937 4060 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 2011/07/19 17:15:26.0968 4060 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 2011/07/19 17:15:27.0015 4060 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 2011/07/19 17:15:27.0046 4060 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 2011/07/19 17:15:27.0077 4060 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 2011/07/19 17:15:27.0124 4060 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 2011/07/19 17:15:27.0140 4060 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 2011/07/19 17:15:27.0187 4060 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys 2011/07/19 17:15:27.0218 4060 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys 2011/07/19 17:15:27.0249 4060 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 2011/07/19 17:15:27.0343 4060 Lbd (c8b3131857931ae76798a741cc52b021) C:\Windows\system32\DRIVERS\Lbd.sys 2011/07/19 17:15:27.0405 4060 LHidFilt (ceb6e18dcfad5c72b81c7da1ac3c1cc1) C:\Windows\system32\DRIVERS\LHidFilt.Sys 2011/07/19 17:15:27.0452 4060 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 2011/07/19 17:15:27.0514 4060 LMouFilt (f9e48f18be4d2b365f138987b8e7885b) C:\Windows\system32\DRIVERS\LMouFilt.Sys 2011/07/19 17:15:27.0561 4060 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/07/19 17:15:27.0592 4060 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/07/19 17:15:27.0623 4060 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/07/19 17:15:27.0655 4060 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/07/19 17:15:27.0701 4060 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 2011/07/19 17:15:27.0717 4060 LUsbFilt (51b20b742c9e35ade40b840f6f4f5ee2) C:\Windows\system32\Drivers\LUsbFilt.Sys 2011/07/19 17:15:27.0764 4060 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 2011/07/19 17:15:27.0795 4060 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/07/19 17:15:27.0826 4060 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 2011/07/19 17:15:27.0857 4060 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 2011/07/19 17:15:27.0889 4060 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 2011/07/19 17:15:27.0935 4060 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 2011/07/19 17:15:27.0967 4060 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 2011/07/19 17:15:28.0013 4060 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 2011/07/19 17:15:28.0060 4060 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 2011/07/19 17:15:28.0107 4060 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 2011/07/19 17:15:28.0154 4060 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/07/19 17:15:28.0201 4060 mrxsmb10 (2086d463bd371d8a37d153897430916d) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/07/19 17:15:28.0232 4060 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/07/19 17:15:28.0263 4060 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 2011/07/19 17:15:28.0310 4060 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 2011/07/19 17:15:28.0372 4060 MSDV (72949a24d37a20a54b3d4d3dadbb55e9) C:\Windows\system32\DRIVERS\msdv.sys 2011/07/19 17:15:28.0403 4060 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 2011/07/19 17:15:28.0435 4060 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 2011/07/19 17:15:28.0450 4060 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 2011/07/19 17:15:28.0513 4060 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 2011/07/19 17:15:28.0544 4060 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/07/19 17:15:28.0559 4060 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 2011/07/19 17:15:28.0622 4060 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 2011/07/19 17:15:28.0653 4060 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 2011/07/19 17:15:28.0700 4060 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 2011/07/19 17:15:28.0731 4060 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/07/19 17:15:28.0793 4060 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys 2011/07/19 17:15:28.0825 4060 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 2011/07/19 17:15:28.0871 4060 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 2011/07/19 17:15:28.0934 4060 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 2011/07/19 17:15:28.0981 4060 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/07/19 17:15:29.0012 4060 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/07/19 17:15:29.0059 4060 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/07/19 17:15:29.0105 4060 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/07/19 17:15:29.0152 4060 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 2011/07/19 17:15:29.0215 4060 Netaapl (fe2c3783b211484022702c052b03cee0) C:\Windows\system32\DRIVERS\netaapl64.sys 2011/07/19 17:15:29.0261 4060 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 2011/07/19 17:15:29.0293 4060 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 2011/07/19 17:15:29.0371 4060 netr7364 (621559a521682a888d83db34c6ec0bf8) C:\Windows\system32\DRIVERS\netr7364.sys 2011/07/19 17:15:29.0433 4060 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/07/19 17:15:29.0480 4060 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 2011/07/19 17:15:29.0511 4060 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 2011/07/19 17:15:29.0589 4060 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 2011/07/19 17:15:29.0636 4060 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 2011/07/19 17:15:29.0667 4060 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 2011/07/19 17:15:29.0729 4060 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 2011/07/19 17:15:29.0776 4060 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 2011/07/19 17:15:29.0823 4060 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 2011/07/19 17:15:29.0901 4060 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 2011/07/19 17:15:29.0932 4060 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 2011/07/19 17:15:29.0995 4060 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys 2011/07/19 17:15:30.0026 4060 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 2011/07/19 17:15:30.0057 4060 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 2011/07/19 17:15:30.0104 4060 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/07/19 17:15:30.0166 4060 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys 2011/07/19 17:15:30.0197 4060 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 2011/07/19 17:15:30.0244 4060 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 2011/07/19 17:15:30.0369 4060 Point64 (33328fa8a580885ab0065be6db266e9f) C:\Windows\system32\DRIVERS\point64.sys 2011/07/19 17:15:30.0431 4060 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 2011/07/19 17:15:30.0463 4060 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 2011/07/19 17:15:30.0525 4060 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 2011/07/19 17:15:30.0587 4060 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 2011/07/19 17:15:30.0634 4060 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/07/19 17:15:30.0665 4060 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 2011/07/19 17:15:30.0697 4060 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 2011/07/19 17:15:30.0728 4060 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/07/19 17:15:30.0790 4060 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/07/19 17:15:30.0821 4060 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/07/19 17:15:30.0853 4060 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 2011/07/19 17:15:30.0899 4060 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 2011/07/19 17:15:30.0946 4060 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/07/19 17:15:30.0977 4060 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/07/19 17:15:31.0024 4060 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 2011/07/19 17:15:31.0055 4060 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 2011/07/19 17:15:31.0087 4060 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 2011/07/19 17:15:31.0165 4060 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys 2011/07/19 17:15:31.0211 4060 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 2011/07/19 17:15:31.0258 4060 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 2011/07/19 17:15:31.0336 4060 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 2011/07/19 17:15:31.0399 4060 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 2011/07/19 17:15:31.0461 4060 RTL8167 (abcb5a38a0d85bdf69b7877e1ad1eed5) C:\Windows\system32\DRIVERS\Rt64win7.sys 2011/07/19 17:15:31.0492 4060 s0017bus (032f537623a7b2fb81aaa184c30b70c3) C:\Windows\system32\DRIVERS\s0017bus.sys 2011/07/19 17:15:31.0539 4060 s0017mdfl (9964a28e569b4ff105b446ef8978fd5c) C:\Windows\system32\DRIVERS\s0017mdfl.sys 2011/07/19 17:15:31.0586 4060 s0017mdm (06347087d274c23dcfa8c4ab5c4314db) C:\Windows\system32\DRIVERS\s0017mdm.sys 2011/07/19 17:15:31.0617 4060 s0017mgmt (f0f0747b3fa50272de6b1bf575fa4700) C:\Windows\system32\DRIVERS\s0017mgmt.sys 2011/07/19 17:15:31.0664 4060 s0017nd5 (7224412cea2ff2df7d4842c1b0e71045) C:\Windows\system32\DRIVERS\s0017nd5.sys 2011/07/19 17:15:31.0695 4060 s0017obex (3feadbc7f09b8b596cbfb82f12aba87f) C:\Windows\system32\DRIVERS\s0017obex.sys 2011/07/19 17:15:31.0726 4060 s0017unic (2b63bea31d939888b2a8f3f14d89b5c1) C:\Windows\system32\DRIVERS\s0017unic.sys 2011/07/19 17:15:31.0757 4060 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 2011/07/19 17:15:31.0789 4060 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 2011/07/19 17:15:31.0851 4060 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 2011/07/19 17:15:31.0913 4060 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2011/07/19 17:15:31.0976 4060 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 2011/07/19 17:15:32.0007 4060 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 2011/07/19 17:15:32.0054 4060 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 2011/07/19 17:15:32.0132 4060 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 2011/07/19 17:15:32.0163 4060 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 2011/07/19 17:15:32.0194 4060 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 2011/07/19 17:15:32.0225 4060 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/07/19 17:15:32.0272 4060 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/07/19 17:15:32.0303 4060 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/07/19 17:15:32.0350 4060 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 2011/07/19 17:15:32.0413 4060 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 2011/07/19 17:15:32.0475 4060 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 2011/07/19 17:15:32.0537 4060 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 2011/07/19 17:15:32.0584 4060 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 2011/07/19 17:15:32.0647 4060 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 2011/07/19 17:15:32.0693 4060 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 2011/07/19 17:15:32.0725 4060 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 2011/07/19 17:15:32.0756 4060 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 2011/07/19 17:15:32.0896 4060 Tcpip (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\drivers\tcpip.sys 2011/07/19 17:15:32.0959 4060 TCPIP6 (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\DRIVERS\tcpip.sys 2011/07/19 17:15:33.0021 4060 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 2011/07/19 17:15:33.0052 4060 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 2011/07/19 17:15:33.0083 4060 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 2011/07/19 17:15:33.0130 4060 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 2011/07/19 17:15:33.0161 4060 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 2011/07/19 17:15:33.0302 4060 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/07/19 17:15:33.0349 4060 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 2011/07/19 17:15:33.0427 4060 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 2011/07/19 17:15:33.0458 4060 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 2011/07/19 17:15:33.0505 4060 ubohci (a951327a058ef7bf6d3e980b0022160c) C:\Windows\system32\DRIVERS\ubohci.sys 2011/07/19 17:15:33.0536 4060 ubsbm (365dfb1d1406720ca6681d38e4eaab47) C:\Windows\system32\DRIVERS\ubsbm.sys 2011/07/19 17:15:33.0567 4060 ubumapi (92f01c31c87131f73ecdbb94256abfd1) C:\Windows\system32\DRIVERS\ubumapi.sys 2011/07/19 17:15:33.0614 4060 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 2011/07/19 17:15:33.0676 4060 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 2011/07/19 17:15:33.0723 4060 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 2011/07/19 17:15:33.0754 4060 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 2011/07/19 17:15:33.0832 4060 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys 2011/07/19 17:15:33.0879 4060 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/07/19 17:15:33.0926 4060 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 2011/07/19 17:15:33.0957 4060 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/07/19 17:15:34.0004 4060 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 2011/07/19 17:15:34.0051 4060 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys 2011/07/19 17:15:34.0082 4060 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 2011/07/19 17:15:34.0129 4060 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 2011/07/19 17:15:34.0175 4060 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/07/19 17:15:34.0222 4060 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/07/19 17:15:34.0269 4060 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 2011/07/19 17:15:34.0316 4060 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/07/19 17:15:34.0331 4060 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 2011/07/19 17:15:34.0409 4060 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 2011/07/19 17:15:34.0441 4060 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 2011/07/19 17:15:34.0472 4060 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 2011/07/19 17:15:34.0503 4060 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 2011/07/19 17:15:34.0534 4060 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 2011/07/19 17:15:34.0581 4060 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 2011/07/19 17:15:34.0612 4060 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 2011/07/19 17:15:34.0675 4060 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/07/19 17:15:34.0706 4060 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 2011/07/19 17:15:34.0753 4060 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 2011/07/19 17:15:34.0784 4060 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 2011/07/19 17:15:34.0831 4060 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 2011/07/19 17:15:34.0878 4060 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 2011/07/19 17:15:34.0893 4060 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 2011/07/19 17:15:34.0987 4060 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 2011/07/19 17:15:35.0018 4060 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 2011/07/19 17:15:35.0112 4060 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/07/19 17:15:35.0143 4060 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 2011/07/19 17:15:35.0252 4060 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 2011/07/19 17:15:35.0283 4060 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 2011/07/19 17:15:35.0346 4060 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 2011/07/19 17:15:35.0392 4060 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys 2011/07/19 17:15:35.0439 4060 WSDScan (4a2a5c50dd1a63577d3aca94269fbc7f) C:\Windows\system32\DRIVERS\WSDScan.sys 2011/07/19 17:15:35.0517 4060 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 2011/07/19 17:15:35.0548 4060 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/07/19 17:15:35.0704 4060 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2 2011/07/19 17:15:35.0845 4060 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 2011/07/19 17:15:35.0860 4060 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1 2011/07/19 17:15:35.0892 4060 Boot (0x1200) (abb2536928595ec72c83e5af335ff029) \Device\Harddisk2\DR2\Partition0 2011/07/19 17:15:35.0923 4060 Boot (0x1200) (6d5508a12ba9d8f209b538b4176e400d) \Device\Harddisk2\DR2\Partition1 2011/07/19 17:15:35.0938 4060 Boot (0x1200) (37379c3b0b9fdd8c4a26e5d6b0f7aa11) \Device\Harddisk0\DR0\Partition0 2011/07/19 17:15:35.0970 4060 Boot (0x1200) (392e52c50612a99dbda1d3a09cee143f) \Device\Harddisk1\DR1\Partition0 2011/07/19 17:15:35.0985 4060 ================================================================================ 2011/07/19 17:15:35.0985 4060 Scan finished 2011/07/19 17:15:35.0985 4060 ================================================================================ 2011/07/19 17:15:36.0001 0800 Detected object count: 0 2011/07/19 17:15:36.0001 0800 Actual detected object count: 0 GooredFix by jpshortstuff (03.07.10.1) Log created at 17:13 on 19/07/2011 (Jules and Tab) Firefox version 6.0 (en-GB) ========== GooredScan ========== ========== GooredLog ========== C:\Program Files (x86)\Mozilla Firefox\extensions\ (none) C:\Users\Jules and Tab\Application Data\Mozilla\Firefox\Profiles\mw9cm6nw.default\extensions\ {d3f4b70a-92e0-4393-a0f3-976d03b1ebf5} [08:51 21/06/2011] [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "bkmrksync@nokia.com"="D:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\" [03:47 26/06/2010] ---------- Old Logs ---------- GooredFix[07.13.24_19-07-2011].txt -=E.O.F=- Computer has been behaving normally, however a lot of family pictures have been corrupted and a suspect mismatch extension .jpg file has been found amongst the damaged files by Mbam. PC has not been restarted since these scans. Thanks for your assistance.
  11. Hi, Can you explain a bit more about this? It would be very good news indeed. Cheers Jules PS: logs posted in a new post.
  12. As per instructions from LDTate, please find DDS.txt pasted below along with multiple attachments supplied. Cheers Jules DDS (Ver_2011-07-14.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26 Run by Jules and Tab at 23:54:32 on 2011-07-18 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.61.1033.18.2013.864 [GMT 10:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc D:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe C:\Windows\SysWOW64\wwSecure.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\WUDFHost.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE D:\Program Files (x86)\Logitech\SetPointP\SetPoint.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Windows Sidebar\sidebar.exe D:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE D:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe D:\Program Files (x86)\ScanSoft\OmniPageSE2.0\opwareSE2.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe D:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe D:\Program Files (x86)\Mozilla Firefox 4.0 Beta 12\firefox.exe C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\SysWOW64\ctfmon.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dll mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: FlashFXP Helper for Internet Explorer: {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\Program Files (x86)\FlashFXP\IEFlash.dll BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: uTorrentBar Toolbar: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dll TB: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dll uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [TomTomHOME.exe] "D:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" mRun: [Adobe Acrobat Speed Launcher] "D:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" mRun: [Acrobat Assistant 8.0] "D:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [OpwareSE2] "D:\Program Files (x86)\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\Users\JULESA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: Interfaces\{2B4A005F-86F4-43F6-BC42-BD8920CD4DCB} : DHCPNameServer = 10.188.66.103 10.176.66.71 TCP: Interfaces\{9FE5E0C7-21F8-443F-BA99-9D8C2EAED168} : NameServer = 192.168.1.1 TCP: Interfaces\{9FE5E0C7-21F8-443F-BA99-9D8C2EAED168}\445435B445F405 : DHCPNameServer = 10.1.1.1 TCP: Interfaces\{9FE5E0C7-21F8-443F-BA99-9D8C2EAED168}\4505C494E4B4 : DHCPNameServer = 10.1.1.1 192.168.1.1 TCP: Interfaces\{9FE5E0C7-21F8-443F-BA99-9D8C2EAED168}\C696E6B6379737 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{CDDFE472-86E3-44F9-93FF-8EBA83A89CE0} : NameServer = 192.168.1.1 SSODL: WebCheck - <orphaned> x64-Run: [EvtMgr6] D:\Program Files (x86)\Logitech\SetPointP\SetPoint.exe /launchGaming x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" x64-Notify: igfxcui - igfxdev.dll x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Jules and Tab\AppData\Roaming\Mozilla\Firefox\Profiles\mw9cm6nw.default\ FF - prefs.js: browser.startup.homepage - hxxp://forum.avast.com/index.php?topic=81334.0 FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties FF - prefs.js: network.proxy.type - 0 FF - component: C:\Users\Jules and Tab\AppData\Roaming\Mozilla\Firefox\Profiles\mw9cm6nw.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCore.dll FF - component: C:\Users\Jules and Tab\AppData\Roaming\Mozilla\Firefox\Profiles\mw9cm6nw.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll FF - component: C:\Users\Jules and Tab\AppData\Roaming\Mozilla\Firefox\Profiles\mw9cm6nw.default\extensions\{d3f4b70a-92e0-4393-a0f3-976d03b1ebf5}\components\RadioWMPCore.dll FF - component: C:\Users\Jules and Tab\AppData\Roaming\Mozilla\Firefox\Profiles\mw9cm6nw.default\extensions\{d3f4b70a-92e0-4393-a0f3-976d03b1ebf5}\components\RadioWMPCoreGecko19.dll FF - component: C:\Users\Jules and Tab\AppData\Roaming\Mozilla\Firefox\Profiles\mw9cm6nw.default\extensions\engine@conduit.com\components\RadioWMPCore.dll FF - component: C:\Users\Jules and Tab\AppData\Roaming\Mozilla\Firefox\Profiles\mw9cm6nw.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll FF - component: D:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll FF - plugin: C:\Program Files (x86)\ABR\Plug-In\bin\npAUSkeyPlugin.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\GuffinsEI\Installr\1.bin\NPu4EISb.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - plugin: D:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll FF - plugin: D:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\browser\nppdf32.dll FF - plugin: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll . ============= SERVICES / DRIVERS =============== . R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [2011-6-15 69376] R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-4-22 600920] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2009-12-31 288088] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2009-12-31 22360] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2009-12-26 64856] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-7-9 42184] R2 Ext2Fsd;Linux ext2 file system driver;C:\Windows\System32\drivers\ext2fsd.sys [2010-1-1 744072] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-5-25 1355968] R2 TomTomHOMEService;TomTomHOMEService;D:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-4-22 92592] R2 ubsbm;Unibrain 1394 SBM Driver;C:\Windows\System32\drivers\UBSBM.sys [2010-2-26 24064] R2 ubumapi;Unibrain 1394 FireAPI Driver;C:\Windows\System32\drivers\UBUMAPI.sys [2010-2-26 92160] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-3-1 187392] R3 ubohci;Unibrain 1394 OHCI Driver;C:\Windows\System32\drivers\ubohci.sys [2010-2-26 132608] R3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\System32\drivers\WSDPrint.sys [2009-7-14 23040] R3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-19 136176] S3 BthAvrcp;Bluetooth AVRCP Profile;C:\Windows\System32\drivers\BthAvrcp.sys [2009-8-13 29184] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-19 136176] S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2009-8-28 21504] S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;C:\Windows\System32\drivers\netr7364.sys [2010-2-24 726816] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-2-25 20992] S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);C:\Windows\System32\drivers\s0017bus.sys [2010-7-16 113704] S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;C:\Windows\System32\drivers\s0017mdfl.sys [2010-7-16 19496] S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;C:\Windows\System32\drivers\s0017mdm.sys [2010-7-16 152616] S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);C:\Windows\System32\drivers\s0017mgmt.sys [2010-7-16 133160] S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);C:\Windows\System32\drivers\s0017nd5.sys [2010-7-16 34856] S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;C:\Windows\System32\drivers\s0017obex.sys [2010-7-16 128552] S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);C:\Windows\System32\drivers\s0017unic.sys [2010-7-16 145960] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-2-25 59392] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-9-28 51712] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-14 17920] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-25 1255736] . =============== Created Last 30 ================ . 2011-07-16 06:32:03 -------- d-----w- C:\Users\Jules and Tab\AppData\Roaming\VG Solutions 2011-07-13 09:00:53 362496 ----a-w- C:\Windows\System32\wow64win.dll 2011-07-13 09:00:53 338944 ----a-w- C:\Windows\System32\conhost.exe 2011-07-13 09:00:52 214528 ----a-w- C:\Windows\System32\winsrv.dll 2011-07-13 09:00:50 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2011-07-13 09:00:50 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2011-07-13 09:00:50 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2011-07-13 09:00:50 243200 ----a-w- C:\Windows\System32\wow64.dll 2011-07-13 09:00:50 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2011-07-13 09:00:50 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2011-07-13 09:00:50 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2011-07-13 09:00:48 2048 ----a-w- C:\Windows\SysWow64\user.exe 2011-07-13 08:48:14 3137536 ----a-w- C:\Windows\System32\win32k.sys 2011-07-13 08:42:00 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS 2011-07-13 08:42:00 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys 2011-07-11 01:16:10 -------- d-----w- C:\ProgramData\KingsIsle Entertainment 2011-07-09 12:03:03 -------- d-----w- C:\Users\Jules and Tab\AppData\Local\eventMobileplugin 2011-07-09 09:50:56 -------- d--h--w- C:\ProgramData\tks 2011-07-09 09:49:39 -------- d-----w- C:\ProgramData\Aiseesoft Studio 2011-06-19 09:18:38 -------- d-----w- C:\Users\Jules and Tab\AppData\Local\Google . ==================== Find3M ==================== . 2011-07-06 09:52:42 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys 2011-07-06 09:52:42 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-07-04 11:43:53 40112 ----a-w- C:\Windows\avastSS.scr 2011-07-04 11:36:56 600920 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2011-07-04 11:32:24 64856 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2011-06-16 22:37:34 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-06-14 15:39:13 15880 ----a-w- C:\Windows\System32\lsdelete.exe 2011-06-14 15:37:31 69376 ----a-w- C:\Windows\System32\drivers\Lbd.sys 2011-06-09 21:05:13 138872 ----a-w- C:\Windows\SysWow64\drivers\AnyDVD.sys 2011-06-09 21:05:13 138872 ----a-w- C:\Windows\System32\drivers\AnyDVD.sys 2011-06-03 06:56:38 421888 ----a-w- C:\Windows\System32\KernelBase.dll 2011-06-03 05:57:52 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2011-06-03 05:56:11 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2011-06-03 03:48:32 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2011-06-03 03:48:31 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2011-06-03 03:48:31 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2011-06-03 03:48:31 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2011-05-24 11:42:55 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll 2011-05-24 10:40:05 64512 ----a-w- C:\Windows\SysWow64\devobj.dll 2011-05-24 10:40:05 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll 2011-05-24 10:39:38 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll 2011-05-24 10:37:54 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe 2011-05-07 06:38:00 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys 2011-05-04 05:25:03 2315776 ----a-w- C:\Windows\System32\tquery.dll 2011-05-04 05:22:25 778752 ----a-w- C:\Windows\System32\mssvp.dll 2011-05-04 05:22:25 2223616 ----a-w- C:\Windows\System32\mssrch.dll 2011-05-04 05:22:24 75264 ----a-w- C:\Windows\System32\msscntrs.dll 2011-05-04 05:22:24 491520 ----a-w- C:\Windows\System32\mssph.dll 2011-05-04 05:22:24 288256 ----a-w- C:\Windows\System32\mssphtb.dll 2011-05-04 05:19:28 591872 ----a-w- C:\Windows\System32\SearchIndexer.exe 2011-05-04 05:19:28 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe 2011-05-04 05:19:28 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe 2011-05-04 04:34:43 1549312 ----a-w- C:\Windows\SysWow64\tquery.dll 2011-05-04 04:32:02 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll 2011-05-04 04:32:01 337408 ----a-w- C:\Windows\SysWow64\mssph.dll 2011-05-04 04:32:01 197120 ----a-w- C:\Windows\SysWow64\mssphtb.dll 2011-05-04 04:32:01 1401344 ----a-w- C:\Windows\SysWow64\mssrch.dll 2011-05-04 04:32:00 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll 2011-05-04 04:28:31 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe 2011-05-04 04:28:31 427520 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe 2011-05-04 04:28:31 164352 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe 2011-05-03 18:52:22 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2011-05-03 05:29:29 976896 ----a-w- C:\Windows\System32\inetcomm.dll 2011-05-03 04:30:02 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll 2011-04-29 03:06:10 467456 ----a-w- C:\Windows\System32\drivers\srv.sys 2011-04-29 03:05:49 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys 2011-04-29 03:05:37 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys 2011-04-27 02:40:40 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2011-04-27 02:39:40 289280 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2011-04-27 02:39:37 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2011-04-25 05:33:51 1923968 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2011-04-25 02:34:03 499200 ----a-w- C:\Windows\System32\drivers\afd.sys 2011-04-23 06:32:33 419840 ----a-w- C:\Windows\System32\systemcpl.dll 2011-04-23 01:29:25 2303488 ----a-w- C:\Windows\System32\jscript9.dll 2011-04-23 01:19:19 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2011-04-22 23:35:56 1797632 ----a-w- C:\Windows\SysWow64\jscript9.dll 2011-04-22 23:25:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-04-22 22:15:29 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys . ============= FINISH: 23:56:38.58 =============== mbam-log-2011-07-18 (20-02-52).txt Ark_and_Attach.zip Avast Logs.zip dds.txt
  13. Sorry about embedding th eimage. I've added it to the .rar file instead along with the offending file. Cheers Jules 38_1_b11.rar
  14. No worries. I have attached the log file as well as a copy of the "real" .jpg file from a good backup. Jules mbam-log-2011-07-17 (11-42-58).txt
  15. Hi, I have been having issues wherby I have lost a lot of image files (corrupted file headers apparently). In any regard I have lost a ton of family photos which is not good. I have run MB, and have come up with the following log for one of my stored images. "38_1_b11.JPG (Extension.Mismatch) -> Quarantined and deleted successfully." I have attached a .zip of the image file and would appreciate any advice as to whether this progranm is possibly responsible for the loss of other images, or whether it is just a False Positive? Cheers Jules 38_1_b11.rar
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.