Jump to content

Recommended Posts

Hi,

Since about a week, every research i make over Google is redirected on unwanted websites. I've scanned my computer several times with Malwarebyte's , Kaspersky TDSSKiller, Microsoft Security Essential and nothing shows up. So i was wondering if you guys could give me a hand over this problem.

Thanks for your time.

Link to post
Share on other sites

TDSSKiller Report :

01:56:43.0556 2084 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44

01:56:43.0728 2084 ============================================================

01:56:43.0728 2084 Current date / time: 2011/11/30 01:56:43.0728

01:56:43.0728 2084 SystemInfo:

01:56:43.0728 2084

01:56:43.0728 2084 OS Version: 6.1.7601 ServicePack: 1.0

01:56:43.0728 2084 Product type: Workstation

01:56:43.0728 2084 ComputerName: DAVID-PC

01:56:43.0728 2084 UserName: David

01:56:43.0728 2084 Windows directory: C:\Windows

01:56:43.0728 2084 System windows directory: C:\Windows

01:56:43.0728 2084 Running under WOW64

01:56:43.0728 2084 Processor architecture: Intel x64

01:56:43.0728 2084 Number of processors: 4

01:56:43.0728 2084 Page size: 0x1000

01:56:43.0728 2084 Boot type: Normal boot

01:56:43.0728 2084 ============================================================

01:56:45.0870 2084 Initialize success

01:56:50.0727 4716 ============================================================

01:56:50.0728 4716 Scan started

01:56:50.0728 4716 Mode: Manual;

01:56:50.0728 4716 ============================================================

01:56:52.0301 4716 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

01:56:52.0305 4716 1394ohci - ok

01:56:52.0398 4716 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

01:56:52.0404 4716 ACPI - ok

01:56:52.0458 4716 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

01:56:52.0468 4716 AcpiPmi - ok

01:56:52.0576 4716 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

01:56:52.0593 4716 adp94xx - ok

01:56:52.0669 4716 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

01:56:52.0674 4716 adpahci - ok

01:56:52.0709 4716 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

01:56:52.0713 4716 adpu320 - ok

01:56:52.0834 4716 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys

01:56:52.0843 4716 AFD - ok

01:56:52.0886 4716 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

01:56:52.0897 4716 agp440 - ok

01:56:53.0022 4716 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

01:56:53.0025 4716 aliide - ok

01:56:53.0063 4716 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

01:56:53.0072 4716 amdide - ok

01:56:53.0097 4716 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

01:56:53.0103 4716 AmdK8 - ok

01:56:53.0556 4716 amdkmdag (cc0b8b1912967d429c4a2d2bd7a9e52d) C:\Windows\system32\DRIVERS\atikmdag.sys

01:56:53.0623 4716 amdkmdag - ok

01:56:53.0817 4716 amdkmdap (b855c99c23a57edeca29f49a3210b95c) C:\Windows\system32\DRIVERS\atikmpag.sys

01:56:53.0826 4716 amdkmdap - ok

01:56:53.0863 4716 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

01:56:53.0869 4716 AmdPPM - ok

01:56:53.0913 4716 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

01:56:53.0923 4716 amdsata - ok

01:56:53.0970 4716 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

01:56:53.0974 4716 amdsbs - ok

01:56:54.0006 4716 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

01:56:54.0011 4716 amdxata - ok

01:56:54.0101 4716 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

01:56:54.0109 4716 AppID - ok

01:56:54.0221 4716 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

01:56:54.0228 4716 arc - ok

01:56:54.0246 4716 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

01:56:54.0251 4716 arcsas - ok

01:56:54.0363 4716 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

01:56:54.0376 4716 AsyncMac - ok

01:56:54.0428 4716 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

01:56:54.0429 4716 atapi - ok

01:56:54.0534 4716 AtiHdmiService (7e2f5a758f63f80f8b03f889b4e6b19f) C:\Windows\system32\drivers\AtiHdmi.sys

01:56:54.0539 4716 AtiHdmiService - ok

01:56:54.0688 4716 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

01:56:54.0695 4716 b06bdrv - ok

01:56:54.0735 4716 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

01:56:54.0823 4716 b57nd60a - ok

01:56:54.0964 4716 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

01:56:54.0975 4716 Beep - ok

01:56:55.0148 4716 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

01:56:55.0154 4716 blbdrive - ok

01:56:55.0195 4716 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

01:56:55.0200 4716 bowser - ok

01:56:55.0242 4716 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

01:56:55.0246 4716 BrFiltLo - ok

01:56:55.0284 4716 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

01:56:55.0291 4716 BrFiltUp - ok

01:56:55.0375 4716 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

01:56:55.0380 4716 Brserid - ok

01:56:55.0405 4716 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

01:56:55.0412 4716 BrSerWdm - ok

01:56:55.0434 4716 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

01:56:55.0441 4716 BrUsbMdm - ok

01:56:55.0456 4716 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

01:56:55.0457 4716 BrUsbSer - ok

01:56:55.0514 4716 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

01:56:55.0519 4716 BTHMODEM - ok

01:56:55.0564 4716 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

01:56:55.0576 4716 cdfs - ok

01:56:55.0655 4716 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

01:56:55.0669 4716 cdrom - ok

01:56:55.0720 4716 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

01:56:55.0730 4716 circlass - ok

01:56:55.0794 4716 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

01:56:55.0806 4716 CLFS - ok

01:56:55.0913 4716 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

01:56:55.0923 4716 CmBatt - ok

01:56:55.0967 4716 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

01:56:55.0976 4716 cmdide - ok

01:56:56.0072 4716 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys

01:56:56.0089 4716 CNG - ok

01:56:56.0111 4716 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

01:56:56.0118 4716 Compbatt - ok

01:56:56.0156 4716 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

01:56:56.0168 4716 CompositeBus - ok

01:56:56.0205 4716 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

01:56:56.0216 4716 crcdisk - ok

01:56:56.0341 4716 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys

01:56:56.0355 4716 CSC - ok

01:56:56.0443 4716 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

01:56:56.0453 4716 DfsC - ok

01:56:56.0487 4716 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

01:56:56.0498 4716 discache - ok

01:56:56.0553 4716 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

01:56:56.0559 4716 Disk - ok

01:56:56.0615 4716 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

01:56:56.0626 4716 drmkaud - ok

01:56:56.0686 4716 dump_wmimmc - ok

01:56:56.0786 4716 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

01:56:56.0800 4716 DXGKrnl - ok

01:56:56.0825 4716 EagleX64 - ok

01:56:57.0261 4716 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

01:56:57.0325 4716 ebdrv - ok

01:56:57.0576 4716 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

01:56:57.0594 4716 elxstor - ok

01:56:57.0635 4716 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

01:56:57.0644 4716 ErrDev - ok

01:56:57.0703 4716 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

01:56:57.0713 4716 exfat - ok

01:56:57.0765 4716 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

01:56:57.0772 4716 fastfat - ok

01:56:57.0799 4716 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

01:56:57.0802 4716 fdc - ok

01:56:57.0848 4716 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

01:56:57.0853 4716 FileInfo - ok

01:56:57.0884 4716 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

01:56:57.0902 4716 Filetrace - ok

01:56:57.0925 4716 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

01:56:57.0932 4716 flpydisk - ok

01:56:58.0024 4716 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

01:56:58.0029 4716 FltMgr - ok

01:56:58.0067 4716 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

01:56:58.0079 4716 FsDepends - ok

01:56:58.0101 4716 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

01:56:58.0107 4716 Fs_Rec - ok

01:56:58.0185 4716 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

01:56:58.0189 4716 fvevol - ok

01:56:58.0238 4716 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

01:56:58.0243 4716 gagp30kx - ok

01:56:58.0295 4716 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys

01:56:58.0300 4716 hamachi - ok

01:56:58.0333 4716 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

01:56:58.0335 4716 hcw85cir - ok

01:56:58.0428 4716 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

01:56:58.0439 4716 HdAudAddService - ok

01:56:58.0484 4716 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

01:56:58.0489 4716 HDAudBus - ok

01:56:58.0526 4716 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

01:56:58.0531 4716 HidBatt - ok

01:56:58.0554 4716 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

01:56:58.0560 4716 HidBth - ok

01:56:58.0602 4716 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

01:56:58.0607 4716 HidIr - ok

01:56:58.0692 4716 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys

01:56:58.0696 4716 HidUsb - ok

01:56:58.0753 4716 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

01:56:58.0763 4716 HpSAMD - ok

01:56:58.0919 4716 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

01:56:58.0933 4716 HTTP - ok

01:56:58.0979 4716 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

01:56:58.0987 4716 hwpolicy - ok

01:56:59.0030 4716 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

01:56:59.0039 4716 i8042prt - ok

01:56:59.0102 4716 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

01:56:59.0117 4716 iaStorV - ok

01:56:59.0449 4716 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

01:56:59.0483 4716 iirsp - ok

01:56:59.0794 4716 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

01:56:59.0837 4716 intelide - ok

01:57:00.0165 4716 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

01:57:00.0524 4716 intelppm - ok

01:57:00.0675 4716 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

01:57:00.0682 4716 IpFilterDriver - ok

01:57:00.0737 4716 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

01:57:00.0739 4716 IPMIDRV - ok

01:57:00.0776 4716 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

01:57:00.0786 4716 IPNAT - ok

01:57:00.0823 4716 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

01:57:00.0834 4716 IRENUM - ok

01:57:00.0879 4716 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

01:57:00.0886 4716 isapnp - ok

01:57:00.0943 4716 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

01:57:00.0948 4716 iScsiPrt - ok

01:57:00.0988 4716 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

01:57:00.0993 4716 kbdclass - ok

01:57:01.0044 4716 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

01:57:01.0053 4716 kbdhid - ok

01:57:01.0111 4716 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys

01:57:01.0117 4716 KSecDD - ok

01:57:01.0159 4716 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys

01:57:01.0163 4716 KSecPkg - ok

01:57:01.0201 4716 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

01:57:01.0211 4716 ksthunk - ok

01:57:01.0286 4716 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

01:57:01.0297 4716 lltdio - ok

01:57:01.0337 4716 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

01:57:01.0348 4716 LSI_FC - ok

01:57:01.0377 4716 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

01:57:01.0380 4716 LSI_SAS - ok

01:57:01.0412 4716 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

01:57:01.0419 4716 LSI_SAS2 - ok

01:57:01.0472 4716 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

01:57:01.0485 4716 LSI_SCSI - ok

01:57:01.0552 4716 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

01:57:01.0561 4716 luafv - ok

01:57:01.0639 4716 MBAMProtector - ok

01:57:01.0768 4716 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys

01:57:01.0780 4716 mcdbus - ok

01:57:01.0815 4716 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

01:57:01.0824 4716 megasas - ok

01:57:01.0861 4716 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

01:57:01.0866 4716 MegaSR - ok

01:57:01.0916 4716 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

01:57:01.0923 4716 Modem - ok

01:57:01.0953 4716 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

01:57:01.0958 4716 monitor - ok

01:57:02.0019 4716 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys

01:57:02.0022 4716 mouclass - ok

01:57:02.0070 4716 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

01:57:02.0077 4716 mouhid - ok

01:57:02.0129 4716 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

01:57:02.0135 4716 mountmgr - ok

01:57:02.0216 4716 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys

01:57:02.0218 4716 MpFilter - ok

01:57:02.0268 4716 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

01:57:02.0272 4716 mpio - ok

01:57:02.0312 4716 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys

01:57:02.0313 4716 MpNWMon - ok

01:57:02.0346 4716 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

01:57:02.0350 4716 mpsdrv - ok

01:57:02.0409 4716 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

01:57:02.0412 4716 MRxDAV - ok

01:57:02.0466 4716 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

01:57:02.0470 4716 mrxsmb - ok

01:57:02.0548 4716 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

01:57:02.0553 4716 mrxsmb10 - ok

01:57:02.0581 4716 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

01:57:02.0590 4716 mrxsmb20 - ok

01:57:02.0622 4716 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

01:57:02.0631 4716 msahci - ok

01:57:02.0676 4716 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

01:57:02.0679 4716 msdsm - ok

01:57:02.0742 4716 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

01:57:02.0744 4716 Msfs - ok

01:57:02.0781 4716 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

01:57:02.0787 4716 mshidkmdf - ok

01:57:02.0816 4716 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

01:57:02.0826 4716 msisadrv - ok

01:57:02.0889 4716 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

01:57:02.0900 4716 MSKSSRV - ok

01:57:02.0958 4716 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

01:57:02.0967 4716 MSPCLOCK - ok

01:57:02.0984 4716 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

01:57:02.0985 4716 MSPQM - ok

01:57:03.0053 4716 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

01:57:03.0065 4716 MsRPC - ok

01:57:03.0107 4716 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

01:57:03.0113 4716 mssmbios - ok

01:57:03.0158 4716 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

01:57:03.0166 4716 MSTEE - ok

01:57:03.0181 4716 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

01:57:03.0190 4716 MTConfig - ok

01:57:03.0355 4716 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys

01:57:03.0363 4716 MTsensor - ok

01:57:03.0570 4716 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

01:57:03.0581 4716 Mup - ok

01:57:03.0790 4716 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

01:57:03.0799 4716 NativeWifiP - ok

01:57:04.0132 4716 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

01:57:04.0156 4716 NDIS - ok

01:57:04.0297 4716 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

01:57:04.0300 4716 NdisCap - ok

01:57:04.0450 4716 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

01:57:04.0456 4716 NdisTapi - ok

01:57:04.0622 4716 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

01:57:04.0630 4716 Ndisuio - ok

01:57:04.0813 4716 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

01:57:04.0821 4716 NdisWan - ok

01:57:04.0978 4716 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

01:57:04.0985 4716 NDProxy - ok

01:57:05.0142 4716 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

01:57:05.0152 4716 NetBIOS - ok

01:57:05.0428 4716 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

01:57:05.0441 4716 NetBT - ok

01:57:05.0699 4716 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

01:57:05.0710 4716 nfrd960 - ok

01:57:06.0027 4716 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

01:57:06.0032 4716 NisDrv - ok

01:57:06.0208 4716 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

01:57:06.0213 4716 Npfs - ok

01:57:06.0294 4716 NPPTNT2 - ok

01:57:06.0322 4716 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

01:57:06.0331 4716 nsiproxy - ok

01:57:06.0530 4716 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

01:57:06.0551 4716 Ntfs - ok

01:57:06.0572 4716 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

01:57:06.0584 4716 Null - ok

01:57:06.0651 4716 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

01:57:06.0665 4716 nvraid - ok

01:57:06.0712 4716 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

01:57:06.0715 4716 nvstor - ok

01:57:06.0768 4716 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

01:57:06.0778 4716 nv_agp - ok

01:57:06.0827 4716 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

01:57:06.0832 4716 ohci1394 - ok

01:57:06.0873 4716 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

01:57:06.0879 4716 Parport - ok

01:57:06.0927 4716 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

01:57:06.0933 4716 partmgr - ok

01:57:06.0986 4716 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

01:57:06.0992 4716 pci - ok

01:57:07.0013 4716 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

01:57:07.0019 4716 pciide - ok

01:57:07.0072 4716 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

01:57:07.0080 4716 pcmcia - ok

01:57:07.0159 4716 PCTCore - ok

01:57:07.0201 4716 pctDS - ok

01:57:07.0230 4716 pctEFA - ok

01:57:07.0253 4716 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

01:57:07.0258 4716 pcw - ok

01:57:07.0316 4716 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

01:57:07.0330 4716 PEAUTH - ok

01:57:07.0422 4716 pnarp (fb83b6c62dff5abe36304351d2bed581) C:\Windows\system32\DRIVERS\pnarp.sys

01:57:07.0427 4716 pnarp - ok

01:57:07.0549 4716 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

01:57:07.0555 4716 PptpMiniport - ok

01:57:07.0583 4716 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

01:57:07.0589 4716 Processor - ok

01:57:07.0644 4716 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

01:57:07.0647 4716 Psched - ok

01:57:07.0712 4716 PSSDK42 (cd33cb6fecf65520466f95ab89cc4af5) C:\Windows\system32\Drivers\pssdk42.sys

01:57:07.0722 4716 PSSDK42 - ok

01:57:07.0810 4716 purendis (1b3434642ce3c26e6f24d3a76d749c2a) C:\Windows\system32\DRIVERS\purendis.sys

01:57:07.0816 4716 purendis - ok

01:57:08.0052 4716 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

01:57:08.0075 4716 ql2300 - ok

01:57:08.0153 4716 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

01:57:08.0165 4716 ql40xx - ok

01:57:08.0189 4716 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

01:57:08.0198 4716 QWAVEdrv - ok

01:57:08.0228 4716 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

01:57:08.0238 4716 RasAcd - ok

01:57:08.0308 4716 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

01:57:08.0316 4716 RasAgileVpn - ok

01:57:08.0376 4716 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

01:57:08.0384 4716 Rasl2tp - ok

01:57:08.0427 4716 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

01:57:08.0436 4716 RasPppoe - ok

01:57:08.0469 4716 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

01:57:08.0479 4716 RasSstp - ok

01:57:08.0529 4716 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

01:57:08.0534 4716 rdbss - ok

01:57:08.0555 4716 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

01:57:08.0560 4716 rdpbus - ok

01:57:08.0601 4716 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

01:57:08.0607 4716 RDPCDD - ok

01:57:08.0657 4716 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys

01:57:08.0663 4716 RDPDR - ok

01:57:08.0703 4716 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

01:57:08.0715 4716 RDPENCDD - ok

01:57:08.0747 4716 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

01:57:08.0753 4716 RDPREFMP - ok

01:57:08.0806 4716 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

01:57:08.0810 4716 RDPWD - ok

01:57:08.0898 4716 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

01:57:08.0903 4716 rdyboost - ok

01:57:08.0949 4716 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

01:57:08.0953 4716 rspndr - ok

01:57:09.0034 4716 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys

01:57:09.0043 4716 RTL8167 - ok

01:57:09.0093 4716 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys

01:57:09.0100 4716 s3cap - ok

01:57:09.0153 4716 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

01:57:09.0164 4716 sbp2port - ok

01:57:09.0212 4716 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

01:57:09.0228 4716 scfilter - ok

01:57:09.0288 4716 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

01:57:09.0295 4716 secdrv - ok

01:57:09.0337 4716 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

01:57:09.0347 4716 Serenum - ok

01:57:09.0369 4716 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

01:57:09.0379 4716 Serial - ok

01:57:09.0419 4716 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

01:57:09.0421 4716 sermouse - ok

01:57:09.0477 4716 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

01:57:09.0485 4716 sffdisk - ok

01:57:09.0520 4716 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

01:57:09.0528 4716 sffp_mmc - ok

01:57:09.0547 4716 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

01:57:09.0555 4716 sffp_sd - ok

01:57:09.0607 4716 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

01:57:09.0608 4716 sfloppy - ok

01:57:09.0663 4716 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

01:57:09.0669 4716 SiSRaid2 - ok

01:57:09.0705 4716 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

01:57:09.0709 4716 SiSRaid4 - ok

01:57:09.0746 4716 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

01:57:09.0754 4716 Smb - ok

01:57:09.0803 4716 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

01:57:09.0815 4716 spldr - ok

01:57:09.0902 4716 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

01:57:09.0918 4716 srv - ok

01:57:09.0976 4716 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

01:57:09.0985 4716 srv2 - ok

01:57:10.0019 4716 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

01:57:10.0023 4716 srvnet - ok

01:57:10.0131 4716 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

01:57:10.0139 4716 stexstor - ok

01:57:10.0201 4716 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys

01:57:10.0208 4716 storflt - ok

01:57:10.0290 4716 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys

01:57:10.0297 4716 storvsc - ok

01:57:10.0333 4716 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

01:57:10.0335 4716 swenum - ok

01:57:10.0537 4716 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

01:57:10.0569 4716 Tcpip - ok

01:57:10.0644 4716 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

01:57:10.0657 4716 TCPIP6 - ok

01:57:10.0707 4716 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

01:57:10.0714 4716 tcpipreg - ok

01:57:10.0758 4716 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

01:57:10.0762 4716 TDPIPE - ok

01:57:10.0791 4716 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

01:57:10.0802 4716 TDTCP - ok

01:57:10.0865 4716 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

01:57:10.0870 4716 tdx - ok

01:57:10.0911 4716 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

01:57:10.0922 4716 TermDD - ok

01:57:10.0998 4716 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

01:57:11.0003 4716 tssecsrv - ok

01:57:11.0057 4716 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

01:57:11.0061 4716 TsUsbFlt - ok

01:57:11.0123 4716 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

01:57:11.0130 4716 tunnel - ok

01:57:11.0541 4716 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

01:57:11.0543 4716 uagp35 - ok

01:57:11.0681 4716 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

01:57:11.0688 4716 udfs - ok

01:57:11.0741 4716 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

01:57:11.0753 4716 uliagpkx - ok

01:57:11.0806 4716 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

01:57:11.0815 4716 umbus - ok

01:57:11.0843 4716 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

01:57:11.0851 4716 UmPass - ok

01:57:11.0919 4716 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

01:57:11.0923 4716 usbaudio - ok

01:57:11.0972 4716 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

01:57:11.0980 4716 usbccgp - ok

01:57:12.0034 4716 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

01:57:12.0045 4716 usbcir - ok

01:57:12.0095 4716 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

01:57:12.0099 4716 usbehci - ok

01:57:12.0176 4716 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

01:57:12.0185 4716 usbhub - ok

01:57:12.0214 4716 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

01:57:12.0225 4716 usbohci - ok

01:57:12.0268 4716 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

01:57:12.0275 4716 usbprint - ok

01:57:12.0302 4716 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

01:57:12.0313 4716 USBSTOR - ok

01:57:12.0346 4716 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

01:57:12.0356 4716 usbuhci - ok

01:57:12.0455 4716 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

01:57:12.0461 4716 vdrvroot - ok

01:57:12.0509 4716 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

01:57:12.0516 4716 vga - ok

01:57:12.0537 4716 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

01:57:12.0544 4716 VgaSave - ok

01:57:12.0598 4716 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

01:57:12.0608 4716 vhdmp - ok

01:57:12.0653 4716 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

01:57:12.0658 4716 viaide - ok

01:57:12.0717 4716 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys

01:57:12.0721 4716 vmbus - ok

01:57:12.0763 4716 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys

01:57:12.0769 4716 VMBusHID - ok

01:57:12.0803 4716 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

01:57:12.0811 4716 volmgr - ok

01:57:12.0880 4716 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

01:57:12.0888 4716 volmgrx - ok

01:57:12.0960 4716 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

01:57:12.0972 4716 volsnap - ok

01:57:13.0050 4716 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

01:57:13.0053 4716 vsmraid - ok

01:57:13.0101 4716 vtany - ok

01:57:13.0143 4716 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

01:57:13.0144 4716 vwifibus - ok

01:57:13.0221 4716 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

01:57:13.0228 4716 WacomPen - ok

01:57:13.0543 4716 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

01:57:13.0550 4716 WANARP - ok

01:57:13.0609 4716 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

01:57:13.0611 4716 Wanarpv6 - ok

01:57:13.0777 4716 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

01:57:13.0786 4716 Wd - ok

01:57:13.0982 4716 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

01:57:14.0007 4716 Wdf01000 - ok

01:57:14.0209 4716 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

01:57:14.0213 4716 WfpLwf - ok

01:57:14.0361 4716 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

01:57:14.0365 4716 WIMMount - ok

01:57:14.0550 4716 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

01:57:14.0555 4716 WinUsb - ok

01:57:14.0732 4716 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

01:57:14.0742 4716 WmiAcpi - ok

01:57:14.0953 4716 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

01:57:14.0959 4716 ws2ifsl - ok

01:57:15.0203 4716 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

01:57:15.0213 4716 WudfPf - ok

01:57:15.0448 4716 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

01:57:15.0457 4716 WUDFRd - ok

01:57:17.0377 4716 X6va003 - ok

01:57:17.0419 4716 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

01:57:17.0452 4716 \Device\Harddisk0\DR0 - ok

01:57:17.0460 4716 Boot (0x1200) (9b44e5c9b64fb52c857c1fd3d5b551eb) \Device\Harddisk0\DR0\Partition0

01:57:17.0462 4716 \Device\Harddisk0\DR0\Partition0 - ok

01:57:17.0479 4716 Boot (0x1200) (6ff3de8beeb59c9bf3f86c70027c3981) \Device\Harddisk0\DR0\Partition1

01:57:17.0488 4716 \Device\Harddisk0\DR0\Partition1 - ok

01:57:17.0506 4716 Boot (0x1200) (5021e92ae09c2e8ed6c0c7ed6788289c) \Device\Harddisk0\DR0\Partition2

01:57:17.0518 4716 \Device\Harddisk0\DR0\Partition2 - ok

01:57:17.0519 4716 ============================================================

01:57:17.0519 4716 Scan finished

01:57:17.0519 4716 ============================================================

01:57:17.0532 5992 Detected object count: 0

01:57:17.0532 5992 Actual detected object count: 0

Link to post
Share on other sites

DDS Report : (Not quite sure where to put the "Attach" one)

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_25

Run by David at 2:00:57 on 2011-11-30

Microsoft Windows 7 Professionnel 6.1.7601.1.1252.2.1036.18.4087.1417 [GMT -5:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\SysWOW64\svchost.exe -k Akamai

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Steam\steam.exe

C:\Users\David\AppData\Local\Akamai\netsession_win.exe

C:\Program Files (x86)\MagicDisc\MagicDisc.exe

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe

C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Users\David\AppData\Local\Akamai\netsession_win.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\REGSVR32.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://leasticoulddo.com/

uURLSearchHooks: H - No File

uURLSearchHooks: H - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

TB: {05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - No File

uRun: [PlayNC Launcher]

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [WeatherEye] C:\Users\David\AppData\Local\MétéoMédia\MétéoÉclair\WeatherEye.exe

uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized

uRun: [Akamai NetSession Interface] C:\Users\David\AppData\Local\Akamai\netsession_win.exe

mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"

mRun: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [smart File Advisor] "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

StartupFolder: C:\Users\David\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.1 96.22.246.145 24.200.228.113

TCP: Interfaces\{ABB51227-E693-4576-A904-B8A18241D61B} : DhcpNameServer = 192.168.1.1 96.22.246.145 24.200.228.113

Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

{9030D464-4C02-4ABF-8ECC-5164760863C6}

{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

{DBC80044-A445-435b-BC74-9C25C1C588A9}

TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

TB-X64: {05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - No File

mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun-x64: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"

mRun-x64: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [smart File Advisor] "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

Hosts: 94.23.13.80 L2authd.lineage2.com

Hosts: 94.23.13.80 L2testauthd.lineage2.com

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\uopbexvg.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.startup.homepage - hxxp://leasticoulddo.com/

FF - component: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\uopbexvg.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll

FF - plugin: C:\NetmarbleGlobal\GlbNMNPAPIPlugins\npGlbNMNetmarbleDownload.dll

FF - plugin: C:\NetmarbleGlobal\GlbNMNPAPIPlugins\npGlbNMNPAPIUpdater.dll

FF - plugin: C:\NetmarbleGlobal\GlbNMNPAPIPlugins\npNMSystemIDInfo.dll

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll

FF - plugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\uopbexvg.default\extensions\battlefieldplay4free@ea.com\plugins\npBP4FUpdater.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]

R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]

R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]

R3 NisSrv;Inspection réseau Microsoft;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-6-16 366152]

S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]

S3 PSSDK42;PSSDK42;\??\C:\Windows\system32\Drivers\pssdk42.sys --> C:\Windows\system32\Drivers\pssdk42.sys [?]

S3 StorSvc;Service de stockage;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2011-11-30 06:56:43 111408 ----a-w- C:\Windows\System32\drivers\38017994.sys

2011-11-30 06:40:56 111408 ----a-w- C:\Windows\System32\drivers\02350187.sys

2011-11-30 06:33:51 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2011-11-30 06:02:53 -------- d-----w- C:\Program Files (x86)\PC Tools Security

2011-11-30 06:02:53 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools

2011-11-30 06:02:02 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2125E865-D216-45C6-AD67-8CC22078ACF2}\offreg.dll

2011-11-30 06:02:00 8570192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2125E865-D216-45C6-AD67-8CC22078ACF2}\mpengine.dll

2011-11-30 06:01:20 -------- d-----w- C:\ProgramData\PC Tools

2011-11-28 19:43:01 -------- d-----w- C:\Users\David\AppData\Local\SpacialAudio

2011-11-28 19:34:20 -------- d-----w- C:\Program Files (x86)\Firebird

2011-11-15 22:58:40 -------- d-----w- C:\Users\David\AppData\Roaming\UoFiddler

2011-11-15 04:27:11 -------- d-----w- C:\Users\David\AppData\Roaming\Razor

2011-11-15 04:25:51 -------- d-----w- C:\Program Files (x86)\Razor

2011-11-12 17:50:41 -------- d-----w- C:\Users\David\AppData\Local\Skyrim

2011-11-12 17:20:56 235352 ----a-w- C:\Windows\SysWow64\xactengine3_4.dll

2011-11-12 17:19:57 238088 ----a-w- C:\Windows\SysWow64\xactengine3_0.dll

2011-11-12 17:18:57 363288 ----a-w- C:\Windows\System32\xactengine2_3.dll

2011-11-12 17:03:04 -------- d-----w- C:\Program Files (x86)\The Elder Scrolls V Skyrim

2011-11-08 22:56:26 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll

2011-11-08 22:56:26 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll

2011-11-08 22:56:25 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2011-11-08 22:56:23 3144704 ----a-w- C:\Windows\System32\win32k.sys

2011-11-04 01:43:08 -------- d-----w- C:\Users\David\AppData\Local\Akamai

.

==================== Find3M ====================

.

2011-11-28 19:37:56 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-11-24 00:28:44 234768 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2011-11-24 00:28:44 234768 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2011-10-24 00:45:56 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll

2011-10-24 00:45:55 175616 ----a-w- C:\Windows\System32\msclmd.dll

2011-10-08 18:30:39 258352 ----a-w- C:\Windows\SysWow64\unicows.dll

2011-10-01 03:25:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2011-10-01 02:42:56 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

.

============= FINISH: 2:08:46,58 ===============

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites

My version of Malwarebyte's is in french tho... So the report is in french as well

Here it is anyway

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Version de la base de données: 8338

Windows 6.1.7601 Service Pack 1

Internet Explorer 8.0.7601.17514

2011-12-08 22:33:01

mbam-log-2011-12-08 (22-33-01).txt

Type d'examen: Examen rapide

Elément(s) analysé(s): 228345

Temps écoulé: 4 minute(s), 27 seconde(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

Link to post
Share on other sites

Here's the ComboFix Report.

ComboFix 11-12-08.01 - David 2011-12-08 23:02:22.1.4 - x64

Microsoft Windows 7 Professionnel 6.1.7601.1.1252.2.1036.18.4087.2246 [GMT -5:00]

Lancé depuis: c:\users\David\Downloads\ComboFix.exe

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\David\AppData\Roaming\app

c:\users\David\AppData\Roaming\app\Jerakine_lang.dat

c:\users\David\AppData\Roaming\app\Jerakine_lang_vesrion.dat

c:\users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore

.

.

((((((((((((((((((((((((((((( Fichiers créés du 2011-11-09 au 2011-12-09 ))))))))))))))))))))))))))))))))))))

.

.

2011-12-09 04:41 . 2011-12-09 04:41 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F10C8595-562C-4905-825D-7B98C19F48F6}\offreg.dll

2011-12-09 04:38 . 2011-12-09 04:38 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-12-09 03:51 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F10C8595-562C-4905-825D-7B98C19F48F6}\mpengine.dll

2011-12-08 13:41 . 2011-12-08 13:43 -------- d-----w- c:\users\David\AppData\Roaming\wargaming.net

2011-12-07 21:34 . 2011-12-07 22:18 -------- d-----w- c:\users\David\AppData\Roaming\Mp3 Editor For Free

2011-12-07 21:05 . 2011-12-07 21:05 -------- d-----w- c:\program files (x86)\Conduit

2011-12-07 21:05 . 2011-12-07 21:05 -------- d-----w- c:\program files (x86)\uTorrentBar_FR

2011-12-07 21:05 . 2011-12-07 21:05 -------- d-----w- c:\users\David\AppData\Local\Conduit

2011-12-06 22:58 . 2011-12-08 00:03 -------- d-----w- c:\programdata\firebird

2011-12-06 22:56 . 2010-09-17 16:13 548864 ----a-w- c:\windows\SysWow64\GDS32.DLL

2011-12-06 22:56 . 2011-12-06 22:56 -------- d-----w- c:\program files (x86)\SpacialAudio

2011-12-03 06:10 . 2011-12-03 06:14 -------- d-----w- c:\users\David\AppData\Roaming\Ventrilo

2011-12-03 06:10 . 2011-12-03 06:10 -------- d-----w- c:\program files\Ventrilo

2011-12-03 04:39 . 2011-12-03 04:39 -------- d-----w- c:\users\David\AppData\Local\IceChat Networks

2011-12-03 04:39 . 2011-12-03 04:39 -------- d-----w- c:\program files (x86)\IceChat9

2011-11-30 06:56 . 2011-11-30 06:56 111408 ----a-w- c:\windows\system32\drivers\38017994.sys

2011-11-30 06:40 . 2011-11-30 06:40 111408 ----a-w- c:\windows\system32\drivers\02350187.sys

2011-11-30 06:01 . 2011-11-30 06:13 -------- d-----w- c:\programdata\PC Tools

2011-11-28 19:43 . 2011-11-28 19:43 -------- d-----w- c:\users\David\AppData\Local\SpacialAudio

2011-11-28 19:34 . 2011-11-28 19:34 -------- d-----w- c:\program files (x86)\Firebird

2011-11-27 23:55 . 2011-11-28 03:00 -------- d-----w- c:\users\David\AppData\Roaming\Winamp

2011-11-27 23:55 . 2011-11-27 23:55 -------- d-----w- c:\program files (x86)\Winamp

2011-11-15 22:58 . 2011-11-15 22:59 -------- d-----w- c:\users\David\AppData\Roaming\UoFiddler

2011-11-15 04:27 . 2011-11-15 04:27 -------- d-----w- c:\users\David\AppData\Roaming\Razor

2011-11-15 04:25 . 2011-11-15 04:25 -------- d-----w- c:\program files (x86)\Razor

2011-11-12 17:50 . 2011-11-12 17:50 -------- d-----w- c:\users\David\AppData\Local\Skyrim

2011-11-12 17:20 . 2009-03-16 19:18 235352 ----a-w- c:\windows\SysWow64\xactengine3_4.dll

2011-11-12 17:19 . 2008-03-05 21:03 238088 ----a-w- c:\windows\SysWow64\xactengine3_0.dll

2011-11-12 17:18 . 2006-07-28 14:30 363288 ----a-w- c:\windows\system32\xactengine2_3.dll

2011-11-12 17:03 . 2011-11-12 17:54 -------- d-----w- c:\program files (x86)\The Elder Scrolls V Skyrim

.

.

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-11-28 19:37 . 2011-06-22 00:22 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-11-24 00:28 . 2010-06-29 23:46 234768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr

2011-11-24 00:28 . 2010-06-29 23:36 234768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe

2011-11-21 11:40 . 2010-05-06 23:16 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-10-24 00:45 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

2011-10-24 00:45 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2011-10-11 00:38 . 2011-10-11 00:38 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6BE83D0C-2511-47F1-AF74-90B3511FB31D}\gapaengine.dll

2011-10-08 18:30 . 2011-10-08 18:37 258352 ----a-w- c:\windows\SysWow64\unicows.dll

2011-10-01 03:25 . 2011-10-13 21:26 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-10-01 02:42 . 2011-10-13 21:26 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb

2011-09-29 16:29 . 2011-11-08 22:56 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys

2011-09-29 04:03 . 2011-11-08 22:56 3144704 ----a-w- c:\windows\system32\win32k.sys

.

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}"= "c:\program files (x86)\uTorrentBar_FR\prxtbuTor.dll" [2011-05-09 176936]

.

[HKEY_CLASSES_ROOT\clsid\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}]

2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\uTorrentBar_FR\prxtbuTor.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}"= "c:\program files (x86)\uTorrentBar_FR\prxtbuTor.dll" [2011-05-09 176936]

.

[HKEY_CLASSES_ROOT\clsid\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-10-26 1242448]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]

"Akamai NetSession Interface"="c:\users\David\AppData\Local\Akamai\netsession_win.exe" [2011-11-17 3303000]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2010-06-03 1144104]

"nmctxth"="c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216]

"nmapp"="c:\program files (x86)\Pure Networks\Network Magic\nmapp.exe" [2009-07-08 472112]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]

"Smart File Advisor"="c:\program files (x86)\Smart File Advisor\sfa.exe" [2011-04-04 280824]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

.

c:\users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2011-8-16 576000]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux4"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]

R3 dump_wmimmc;dump_wmimmc;c:\gpotato\IrisOnline\GameGuard\dump_wmimmc.sys [x]

R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Inspection réseau Microsoft;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]

R3 PSSDK42;PSSDK42;c:\windows\system32\Drivers\pssdk42.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 vtany;vtany;c:\windows\vtany.sys [x]

R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R3 X6va003;X6va003;c:\users\David\AppData\Local\Temp\003116.tmp [x]

S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [2010-09-17 98304]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]

S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [2010-09-17 3735552]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

Akamai REG_MULTI_SZ Akamai

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Examen supplémentaire -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2851639

TCP: DhcpNameServer = 192.168.1.1 96.22.246.145 24.200.228.113

FF - ProfilePath - c:\users\David\AppData\Roaming\Mozilla\Firefox\Profiles\uopbexvg.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.startup.homepage - hxxp://leasticoulddo.com/

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&q=

.

- - - - ORPHELINS SUPPRIMES - - - -

.

Wow6432Node-HKCU-Run-PlayNC Launcher - (no file)

Wow6432Node-HKCU-Run-uTorrent - c:\program files (x86)\uTorrent\uTorrent.exe

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - (no file)

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-Deal or No Deal at PKR - c:\program files (x86)\PKR\uninstall-dond.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]

"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_d768ebc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va003]

"ImagePath"="\??\c:\users\David\AppData\Local\Temp\003116.tmp"

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

.

[HKEY_USERS\S-1-5-21-298694897-538361005-3367642982-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7ABE226B-EAF4-1284-8DDD-84CABBE9B365}*]

"haffamkaknafkcol"=hex:6a,61,61,6c,6e,66,61,61,69,6e,6c,70,6b,64,6d,6c,6e,6d,

65,6b,00,00

"iadfojbkfjkkconbjh"=hex:63,61,6f,6b,68,6e,00,00

"iapfogaojodecmoiao"=hex:6b,61,64,6c,6b,6d,6c,61,6b,64,6d,6d,6c,6b,6d,6c,66,70,

68,65,68,6d,00,00

"dbofccdihnoiogijabpgblgeoddcoghoehbegmgl"=hex:68,61,6b,70,63,6f,64,68,67,6a,

6f,63,68,64,6e,6b,00,00

"jbofccdihnoiogijabpgaogiheaajomlpkoldngcnaecpbgkjfin"=hex:68,61,6b,70,63,6f,

64,68,67,6a,6f,63,68,64,6e,6b,00,00

"dbofccdihnoiogijabpgkobgklhelcndoicepgpl"=hex:6a,61,66,6c,65,68,6e,68,67,6b,

69,6d,6f,65,67,67,67,70,64,65,00,00

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Autres processus actifs ------------------------

.

c:\windows\SysWOW64\PnkBstrA.exe

c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

.

**************************************************************************

.

Heure de fin: 2011-12-09 00:02:16 - La machine a redémarré

ComboFix-quarantined-files.txt 2011-12-09 05:02

.

Avant-CF: 79 906 775 040 octets libres

Après-CF: 111 850 291 200 octets libres

.

- - End Of File - - 07374034917BE38DC1A75A64CEEBCC5E

Link to post
Share on other sites

Before i start doing endless manipulations.... Would i be better just formating the PC ? I haven't did so in the past 6month so it's due anyway... (I usually always format 2 times a year)

And if i format my C: (Containing windows and all programs) ... can my D: Backup files (Music/Pictures) be infected by the google redirect or other backdoor/spyware ?

Should i just reformat Everything and start to 0 ? (I have backup files on a External HDD)

Link to post
Share on other sites

Okay sorry if i made anyone lose his time, but i had to reformat after a bigger problem happening yesterday like 1h after my message. So i totally reformated my PC and re-installed my backup... Everything seems fine now, no more problem, no google redirect.

Thanks for your help and time anyway.

Link to post
Share on other sites

  • Staff

Thanks for letting us know.

I highly recommend the PRO version of MBAM; with it, it's likely that this issue would have been prevented in the first place.

Now that your computer seems to be in proper working order, please take the following steps to help prevent reinfection:

1) Download and install Javacool's SpywareBlaster, which will prevent malware from being installed on your computer. A tutorial on it can be found here.

2) Go to Windows Update frequently to get all of the latest updates (security or otherwise) for Windows.

3) Make sure your programs are up to date! Older versions may contain security risks. To find out what programs need to be updated, please run Secunia's Software Inspector.

4) WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:

  • Green to go
  • Yellow for caution
  • Red to stop

WOT has an addon available for both Firefox and IE.

5) Be sure to update your Antivirus and Antispyware programs often!

Finally, please also take the time to read Tony Klein's excellent article on: So How Did I Get Infected in the First Place?

Safe surfing,

-screen317

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.