Windows firewall locked after malware infection

max0211 · February 1, 2012

Hi everyone.

Recently infected with some mediashifting virus opening tabs and redirecting me once in a while, I got rid of it after many mbam scans, or so i thought.

I've had my computer quite slowed down ever since, and I just realised that my windows firewall ( I know it's bad to use only the windows-built-in-one ) wasn't working anymore, and that when I try to activate it in any way, it just keep telling me that "windows firewall can't modify some of your settings, error code 0x80070424" ( translated from french)

By googling a bit that error code I found out it could be related to the windows security suite virus that I also caught a bit earlier but also though I got ridden of.

Can anyone help me ?

Thanks in advance for any help.

Here are both my scans.

DDS:

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_26

Run by Maxwell at 15:41:52 on 2012-02-01

Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.9207.6390 [GMT 1:00]

.

AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\atieclxx.exe

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Alienware\Command Center\AlienFusionService.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Program Files\Broadcom\BPowMon\BPowMon.exe

C:\Program Files (x86)\DCPFLICS\DCPFLICS.exe

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe

C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

C:\Program Files (x86)\AlienRespawn\sftservice.EXE

C:\Windows\system32\Wacom_Tablet.exe

C:\Program Files (x86)\D-Link\DWA-131 revA\WlanWpsSvc.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Windows\system32\taskhost.exe

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

C:\Windows\system32\Dwm.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe

C:\Program Files\Alienware\Command Center\ThermalController.exe

C:\Windows\System32\rundll32.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files (x86)\D-Link\DWA-131 revA\wirelesscm.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Alienware\Command Center\RemotingServiceController.exe

C:\Windows\system32\WTablet\Wacom_TabletUser.exe

C:\Program Files\Alienware\Command Center\DoorController.exe

C:\Windows\system32\Wacom_Tablet.exe

C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Alienware\Command Center\AlienFXHook64Mngr.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Alienware\Command Center\AlienFusionController.exe

C:\Program Files (x86)\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.alienware.com/

uDefault_Page_URL = hxxp://www.alienware.com/

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: setuprog Toolbar: {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - C:\Program Files (x86)\Setuprog\tbSetu.dll

uURLSearchHooks: H - No File

mURLSearchHooks: setuprog Toolbar: {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - C:\Program Files (x86)\Setuprog\tbSetu.dll

mWinlogon: Userinit=userinit.exe,

BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: setuprog Toolbar: {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - C:\Program Files (x86)\Setuprog\tbSetu.dll

TB: setuprog Toolbar: {f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} - C:\Program Files (x86)\Setuprog\tbSetu.dll

TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe -mini

uRun: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r

mRun: [updReg] C:\Windows\UpdReg.EXE

mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [solidWorks_CheckForUpdates] "C:\Program Files (x86)\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe" /scheduler

mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [NSU_agent] "C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"

mRunOnce: [Launcher] C:\Program Files (x86)\AlienRespawn\Components\Scheduler\Launcher.exe

mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

StartupFolder: C:\Users\Maxwell\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WIRELE~1.LNK - C:\Program Files (x86)\D-Link\DWA-131 revA\wirelesscm.exe

uPolicies-explorer: HideSCAHealth = 1 (0x1)

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {AB6633A8-60A9-4F5D-B66C-ABE268CC3227} - hxxp://www.solidworks.fr/sw/support/subscription/sldimdownload.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{34D5FCB9-FBE3-43E1-A3E9-6F3CE66ABD04} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{F630E93F-3F23-4AA5-85A2-82D45A65F68C} : DhcpNameServer = 10.188.0.1

{074C1DC5-9320-4A9A-947D-C042949C6216}

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

{9030D464-4C02-4ABF-8ECC-5164760863C6}

{AA58ED58-01DD-4d91-8333-CF10577473F7}

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}

{DBC80044-A445-435b-BC74-9C25C1C588A9}

{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5}

{517BDDE4-E3A7-4570-B21E-2B52B6139FC7}

{2318C2B1-4965-11d4-9B18-009027A5CD4F}

mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r

mRun-x64: [updReg] C:\Windows\UpdReg.EXE

mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun-x64: [solidWorks_CheckForUpdates] "C:\Program Files (x86)\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe" /scheduler

mRun-x64: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [NSU_agent] "C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"

mRunOnce-x64: [Launcher] C:\Program Files (x86)\AlienRespawn\Components\Scheduler\Launcher.exe

mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Maxwell\AppData\Roaming\Mozilla\Firefox\Profiles\3rznyeaz.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.simkom.com/sketchsite/

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npContribute.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npEModelPlugin.dll

FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll

FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll

FF - plugin: C:\Program Files\ma-config.com\nphardwaredetection.dll

FF - plugin: C:\Users\Maxwell\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AlienFusionService;Alienware Fusion Service;C:\Program Files\Alienware\Command Center\AlienFusionService.exe [2010-5-4 14648]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-10-6 136360]

R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-10-6 269480]

R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]

R2 BPowMon;Broadcom Power monitoring service;C:\Program Files\Broadcom\BPowMon\BPowMon.exe [2009-10-27 117608]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-9-28 13336]

R2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit;C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-4-13 86016]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\AlienRespawn\SftService.exe [2010-9-28 689472]

R2 TabletServiceWacom;TabletServiceWacom;C:\Windows\system32\Wacom_Tablet.exe --> C:\Windows\system32\Wacom_Tablet.exe [?]

R2 WlanWpsSvc;WlanWpsSvc;C:\Program Files (x86)\D-Link\DWA-131 revA\WlanWpsSvc.exe [2012-1-3 167936]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

R3 AWOPFilterDriver;AWOPFilterDriver;\??\C:\Windows\system32\drivers\AWOPFilterDriver.sys --> C:\Windows\system32\drivers\AWOPFilterDriver.sys [?]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]

R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;C:\Windows\system32\DRIVERS\RTL8192su.sys --> C:\Windows\system32\DRIVERS\RTL8192su.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Service Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-5 136176]

S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;C:\Program Files (x86)\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2008-9-9 79144]

S3 driverhardwarev2x64;driverhardwarev2x64;C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-7-21 16640]

S3 gupdatem;Service Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-5 136176]

S3 lvpepf64;Volume Adapter;C:\Windows\system32\DRIVERS\lv302a64.sys --> C:\Windows\system32\DRIVERS\lv302a64.sys [?]

S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]

S3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\system32\drivers\LVUSBS64.sys --> C:\Windows\system32\drivers\LVUSBS64.sys [?]

S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\x64\maconfservice.exe [2011-11-14 427640]

S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\system32\DRIVERS\MijXfilt.sys --> C:\Windows\system32\DRIVERS\MijXfilt.sys [?]

S3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\Windows\system32\drivers\nmwcdnsucx64.sys --> C:\Windows\system32\drivers\nmwcdnsucx64.sys [?]

S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\system32\drivers\nmwcdnsux64.sys --> C:\Windows\system32\drivers\nmwcdnsux64.sys [?]

S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\system32\DRIVERS\wacmoumonitor.sys --> C:\Windows\system32\DRIVERS\wacmoumonitor.sys [?]

S3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2012-01-25 12:03:26 200704 ----a-w- C:\Windows\SysWow64\vbalExpBar6.ocx

2012-01-25 12:03:25 484352 ----a-w- C:\Windows\SysWow64\lame_enc.dll

2012-01-25 12:03:25 32768 ----a-w- C:\Windows\SysWow64\CMDLGFR.DLL

2012-01-25 12:03:25 15360 ----a-w- C:\Windows\SysWow64\inetfr.DLL

2012-01-25 12:03:25 141312 ----a-w- C:\Windows\SysWow64\MSCMCFR.DLL

2012-01-25 12:03:25 101888 ----a-w- C:\Windows\SysWow64\VB6STKIT.DLL

2012-01-25 12:03:25 -------- d-----w- C:\Users\Maxwell\AppData\Roaming\FreeBurner

2012-01-25 12:03:25 -------- d-----w- C:\Program Files (x86)\Free Easy CD DVD Burner

2012-01-23 14:30:45 -------- d-----w- C:\Users\Maxwell\AppData\Roaming\Thinstall

2012-01-23 14:30:45 -------- d-----w- C:\Users\Maxwell\AppData\Local\Thinstall

2012-01-23 10:22:00 -------- d-----w- C:\ProgramData\RegCure

2012-01-23 10:14:24 -------- d-----w- C:\ProgramData\PC Tools

2012-01-21 15:12:12 -------- d-sh--w- C:\Users\Maxwell\AppData\Local\41589dd1

2012-01-18 18:14:41 73728 ----a-r- C:\Users\Maxwell\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe

2012-01-18 18:14:41 73728 ----a-r- C:\Users\Maxwell\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe

2012-01-18 18:14:41 53248 ----a-r- C:\Users\Maxwell\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\ARPPRODUCTICON.exe

2012-01-18 18:14:41 49152 ----a-r- C:\Users\Maxwell\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe

2012-01-18 18:14:41 49152 ----a-r- C:\Users\Maxwell\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe

2012-01-18 18:14:40 -------- d-----w- C:\Program Files (x86)\Common Files\Nokia

2012-01-18 17:53:21 25600 ----a-w- C:\Windows\System32\drivers\pccsmcfdx64.sys

2012-01-18 17:53:18 -------- d-----w- C:\Program Files (x86)\PC Connectivity Solution

2012-01-18 17:51:39 -------- d-----w- C:\Users\Maxwell\AppData\Local\Nokia

2012-01-18 17:51:38 -------- d-----w- C:\Program Files (x86)\Nokia

2012-01-18 09:30:19 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll

2012-01-18 09:30:19 -------- d-----w- C:\Users\Maxwell\AppData\Roaming\Antares

2012-01-18 09:30:19 -------- d-----w- C:\Program Files (x86)\Steinberg

2012-01-18 09:30:19 -------- d-----w- C:\Program Files (x86)\Antares Audio Technologies

2012-01-18 08:45:00 -------- d-----w- C:\Users\Maxwell\AppData\Roaming\DVD Flick

2012-01-13 12:44:11 -------- d-----w- C:\Program Files\KeyShot3

2012-01-13 12:38:49 40960 ----a-w- C:\Windows\SysWow64\ssubtmr6.dll

2012-01-13 12:38:48 36864 ----a-w- C:\Windows\SysWow64\trayicon_handler.ocx

2012-01-13 12:38:48 28672 ----a-w- C:\Windows\SysWow64\mousewheel.ocx

2012-01-13 12:38:48 212240 ----a-w- C:\Windows\SysWow64\richtx32.ocx

2012-01-13 12:38:48 164144 ----a-w- C:\Windows\SysWow64\comct232.ocx

2012-01-13 12:38:48 -------- d-----w- C:\Program Files (x86)\DVD Flick

2012-01-11 20:30:23 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll

2012-01-11 20:30:23 1572864 ----a-w- C:\Windows\System32\quartz.dll

2012-01-11 20:30:23 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll

2012-01-11 20:30:22 366592 ----a-w- C:\Windows\System32\qdvd.dll

2012-01-11 20:30:20 77312 ----a-w- C:\Windows\System32\packager.dll

2012-01-11 20:30:20 67072 ----a-w- C:\Windows\SysWow64\packager.dll

2012-01-11 20:30:20 1731920 ----a-w- C:\Windows\System32\ntdll.dll

2012-01-11 20:30:20 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll

2012-01-10 12:34:05 -------- d-----w- C:\Program Files (x86)\BitTorrent

2012-01-10 12:33:39 -------- d-----w- C:\Users\Maxwell\AppData\Roaming\BitTorrent

2012-01-08 21:24:18 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll

2012-01-08 21:24:18 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll

2012-01-08 21:24:18 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll

2012-01-08 21:24:18 43992 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll

2012-01-06 09:11:04 -------- d-----w- C:\Program Files (x86)\AMD APP

2012-01-03 19:23:54 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll

2012-01-03 19:23:53 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll

2012-01-03 19:23:51 43520 ----a-w- C:\Windows\System32\csrsrv.dll

2012-01-03 19:23:48 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-01-03 19:23:40 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax

2012-01-03 19:23:40 613888 ----a-w- C:\Windows\System32\psisdecd.dll

2012-01-03 19:23:40 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll

2012-01-03 19:23:40 108032 ----a-w- C:\Windows\System32\psisrndr.ax

2012-01-03 19:21:02 3145216 ----a-w- C:\Windows\System32\win32k.sys

2012-01-03 19:20:57 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll

2012-01-03 19:20:57 331776 ----a-w- C:\Windows\System32\oleacc.dll

2012-01-03 19:20:57 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll

2012-01-03 19:20:56 861696 ----a-w- C:\Windows\System32\oleaut32.dll

2012-01-03 19:20:54 723456 ----a-w- C:\Windows\System32\EncDec.dll

2012-01-03 19:20:54 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll

2012-01-03 19:20:46 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2012-01-03 19:20:46 2048 ----a-w- C:\Windows\System32\tzres.dll

2012-01-03 19:05:24 664576 ----a-w- C:\Windows\System32\drivers\RTL8192su.sys

2012-01-03 19:05:24 -------- d-----w- C:\Windows\pcidevice

2012-01-03 19:05:24 -------- d-----w- C:\Program Files (x86)\D-Link

2012-01-03 07:22:02 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll

2012-01-03 07:22:02 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll

.

==================== Find3M ====================

.

2012-01-21 15:13:21 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-01-11 08:04:07 88288 ----a-w- C:\Windows\System32\drivers\avgntflt.sys

2011-12-10 14:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys

2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll

2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll

2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll

2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll

2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll

2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll

2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe

2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll

2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll

2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2011-11-10 03:45:30 10567680 ----a-w- C:\Windows\System32\drivers\atikmdag.sys

2011-11-10 03:20:50 25218048 ----a-w- C:\Windows\System32\atio6axx.dll

2011-11-10 03:17:10 159744 ----a-w- C:\Windows\System32\atiapfxx.exe

2011-11-10 03:16:56 774656 ----a-w- C:\Windows\SysWow64\aticfx32.dll

2011-11-10 03:15:20 927232 ----a-w- C:\Windows\System32\aticfx64.dll

2011-11-10 03:12:24 466944 ----a-w- C:\Windows\System32\ATIDEMGX.dll

2011-11-10 03:12:10 516608 ----a-w- C:\Windows\System32\atieclxx.exe

2011-11-10 03:11:32 204288 ----a-w- C:\Windows\System32\atiesrxx.exe

2011-11-10 03:10:18 120320 ----a-w- C:\Windows\System32\atitmm64.dll

2011-11-10 03:09:58 423424 ----a-w- C:\Windows\System32\atipdl64.dll

2011-11-10 03:09:52 360448 ----a-w- C:\Windows\SysWow64\atipdlxx.dll

2011-11-10 03:09:40 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll

2011-11-10 03:09:34 21504 ----a-w- C:\Windows\System32\atimuixx.dll

2011-11-10 03:09:30 59392 ----a-w- C:\Windows\System32\atiedu64.dll

2011-11-10 03:09:24 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll

2011-11-10 03:06:20 6077952 ----a-w- C:\Windows\SysWow64\atidxx32.dll

2011-11-10 02:58:20 18996224 ----a-w- C:\Windows\SysWow64\atioglxx.dll

2011-11-10 02:51:18 7405056 ----a-w- C:\Windows\System32\atidxx64.dll

2011-11-10 02:40:52 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll

2011-11-10 02:40:18 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll

2011-11-10 02:40:04 4061696 ----a-w- C:\Windows\System32\atiumd6a.dll

2011-11-10 02:34:54 51200 ----a-w- C:\Windows\System32\aticalrt64.dll

2011-11-10 02:34:52 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll

2011-11-10 02:34:44 44544 ----a-w- C:\Windows\System32\aticalcl64.dll

2011-11-10 02:34:42 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll

2011-11-10 02:34:28 13552640 ----a-w- C:\Windows\System32\aticaldd64.dll

2011-11-10 02:33:52 5852672 ----a-w- C:\Windows\SysWow64\atiumdag.dll

2011-11-10 02:29:58 11300864 ----a-w- C:\Windows\SysWow64\aticaldd.dll

2011-11-10 02:29:46 4200960 ----a-w- C:\Windows\SysWow64\atiumdva.dll

2011-11-10 02:24:26 7439360 ----a-w- C:\Windows\System32\atiumd64.dll

2011-11-10 02:18:44 58880 ----a-w- C:\Windows\System32\coinst.dll

2011-11-10 02:13:32 494592 ----a-w- C:\Windows\System32\atiadlxx.dll

2011-11-10 02:13:22 348160 ----a-w- C:\Windows\SysWow64\atiadlxy.dll

2011-11-10 02:13:08 17408 ----a-w- C:\Windows\System32\atig6pxx.dll

2011-11-10 02:13:04 14336 ----a-w- C:\Windows\SysWow64\atiglpxx.dll

2011-11-10 02:13:04 14336 ----a-w- C:\Windows\System32\atiglpxx.dll

2011-11-10 02:13:00 39936 ----a-w- C:\Windows\System32\atig6txx.dll

2011-11-10 02:12:52 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll

2011-11-10 02:12:44 325632 ----a-w- C:\Windows\System32\drivers\atikmpag.sys

2011-11-10 02:11:54 41984 ----a-w- C:\Windows\System32\atiuxp64.dll

2011-11-10 02:11:46 32256 ----a-w- C:\Windows\SysWow64\atiuxpag.dll

2011-11-10 02:11:40 39424 ----a-w- C:\Windows\System32\atiu9p64.dll

2011-11-10 02:11:32 54784 ----a-w- C:\Windows\System32\atimpc64.dll

2011-11-10 02:11:32 54784 ----a-w- C:\Windows\System32\amdpcom64.dll

2011-11-10 02:11:32 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll

2011-11-10 02:11:26 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll

2011-11-10 02:11:26 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll

2011-11-10 02:10:54 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll

2011-11-09 21:39:50 69632 ----a-w- C:\Windows\System32\OpenVideo64.dll

2011-11-09 21:39:44 59904 ----a-w- C:\Windows\SysWow64\OpenVideo.dll

2011-11-09 21:39:36 61952 ----a-w- C:\Windows\System32\OVDecode64.dll

2011-11-09 21:39:32 54784 ----a-w- C:\Windows\SysWow64\OVDecode.dll

2011-11-09 21:39:22 17442304 ----a-w- C:\Windows\System32\amdocl64.dll

2011-11-09 21:38:40 14375936 ----a-w- C:\Windows\SysWow64\amdocl.dll

2011-11-09 21:37:50 51200 ----a-w- C:\Windows\System32\OpenCL.dll

2011-11-09 21:37:46 44032 ----a-w- C:\Windows\SysWow64\OpenCL.dll

2011-11-05 05:41:43 1188864 ----a-w- C:\Windows\System32\wininet.dll

2011-11-05 04:35:00 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-11-05 03:32:47 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2011-11-05 02:48:51 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

.

============= FINISH: 15:42:18,67 ===============

Attach:

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Édition Familiale Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 05/10/2010 22:06:18

System Uptime: 01/02/2012 09:10:01 (6 hours ago)

.

Motherboard: Alienware | | 04VWF2

Processor: Intel® Core i7 CPU 930 @ 2.80GHz | CPU 1 | 2801/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 458 GiB total, 179,456 GiB free.

D: is FIXED (NTFS) - 466 GiB total, 100,399 GiB free.

E: is CDROM ()

F: is Removable

G: is Removable

H: is Removable

I: is Removable

J: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP142: 24/01/2012 18:05:06 - Windows Update

RP143: 25/01/2012 12:16:31 - Removed Mega Manager

RP144: 25/01/2012 12:34:58 - Installed Ma-Config.com (64 bits)

.

==== Installed Programs ======================

.

3Dconnexion 3DxSoftware

3Dconnexion Add-In for Solid Edge

3Dconnexion Add-In for SolidWorks

3Dconnexion Plug-In for 3ds Max 2008

3Dconnexion Plug-In for 3ds Max 2009

3Dconnexion Plug-In for 3ds Max 2010

3Dconnexion Plug-In for 3ds max 6 - 8

3Dconnexion Plug-In for 3ds Max 9

3Dconnexion Plug-in for Acrobat 3D

3Dconnexion Plug-In for Maya 2008

3Dconnexion Plug-In for Maya 2009

3Dconnexion Plug-In for Maya 6

3Dconnexion Plug-In for Maya 6.5

3Dconnexion Plug-In for Maya 7

3Dconnexion Plug-In for Maya 8

3Dconnexion Plug-In for Maya 8.5

3Dconnexion Plug-In for Photoshop CS2

3Dconnexion Plug-In for Photoshop CS3

3Dconnexion Plug-In for Photoshop CS4

3Dconnexion Plug-in for QuickTime VR

Adobe AIR

Adobe Community Help

Adobe Creative Suite 5 Master Collection

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.5.0 - Français

Advertising Center

AlienRespawn

AlienRespawn - Support Software

Antares Autotune Evo VST RTAS v6.0.9

Apple Application Support

Apple Software Update

Application Profiles

ATI Catalyst Control Center

ATI Catalyst Registration

Autodesk 3ds Max 2010 32-bit

Autodesk Backburner 2008.1

Autodesk FBX Plugin 2009.4 - 3ds Max 2010

Autopano Giga

Avira AntiVir Personal - Free Antivirus

BitTorrent

Bunkspeed HyperDrive

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Command Center

COSMOSM 2009 (2008/250)

Craft Director Studio

D-Link DWA-131 Wireless N Nano USB Adapter

DiRT 3

DiRT2

DÉsinstaller Raveille

DVD Flick 1.3.0.7

DWGeditor

Free Easy Burner V 5.1

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

Google Earth

Grand Theft Auto IV

Grand Theft Auto: Episodes from Liberty City

GTK+ 2.4.14 runtime environment

HDR Light Studio Pro (remove only)

HDR Light Studio Warehouse (remove only)

HydraVision

ImagXpress

Intel® Control Center

Intel® Rapid Storage Technology

Java Auto Updater

Java 6 Update 26

KeyShot2 2.2 64 bit

KeyShot3 3.0 64 bit

Malwarebytes Anti-Malware version 1.60.1.1000

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Office 2003 Web Components

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual Studio 2005 Tools for Applications - ENU

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

MotioninJoy ds3 vibration driver version 0.100

Mozilla Firefox 9.0.1 (x86 fr)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB973685)

Need for Speed Hot Pursuit

Nero 9 Essentials

Nero BurnRights

Nero BurnRights Help

Nero ControlCenter

Nero CoverDesigner

Nero CoverDesigner Help

Nero DiscSpeed

Nero DiscSpeed Help

Nero DriveSpeed

Nero DriveSpeed Help

Nero Express Help

Nero InfoTool

Nero InfoTool Help

Nero Installer

Nero Online Upgrade

Nero Rescue Agent

Nero StartSmart

Nero StartSmart Help

NeroExpress

neroxml

Nokia Connectivity Cable Driver

Nokia Software Updater

OpenAL

OpenOffice.org 3.2

PC Connectivity Solution

PDF Settings CS5

PhotoView 360

PxMergeModule

QuickTime

Rapture3D 2.4.8 Game

Realtek High Definition Audio Driver

Rockstar Games Social Club

Saints Row The Third

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663)

Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870)

Setuprog Toolbar

Skins

Skype™ 5.5

SolidWorks 2009 SP0

SolidWorks eDrawings 2009

SolidWorks Explorer 2009 sp0

SolidWorks Motion 2009 SP0

SolidWorks Simulation 2009 SP0

SolidWorks viewer

Spelling Dictionaries Support For Adobe Reader 9

Steam

System Requirements Lab CYRI

Tablette Wacom

THX TruStudio PC

Unity Web Player

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

V-Ray for 3dsmax 2010 for x86

Veetle TV 0.9.18

VLC media player 1.1.9

Vue 8 xStream 64bit

.

==== End Of File ===========================

Larusso · February 2, 2012

:welcome:

Hy

my name is Daniel and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully.

First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
Perform everything in the correct order. Sometimes one step requires the previous one.
If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

I see you are using peer 2 peer software. In your case BitTorrent

Refering to this sticky topic, I want you to uninstall this kind of software.

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.exe and save it to your desktop

Execute TDSSKiller.exe by doubleclicking on it.
Press Start Scan
If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

Please post the contents of that log in your next reply.

Please download aswMBR.exe and save it to your desktop.

Double click aswMBR.exe to start the tool.
Vista/Windows 7 users: Right click to "Run as Administrator"
The tool may ask you
This application can use AVAST! Free Antivirus to scanning
Would you like to download latest AVAST! virus definitions ?
Please click No
Click Scan
Upon completion of the scan, click Save log and save it to your desktop, and post the aswmbr.txt in your next reply for review. Note - do NOT attempt any Fix yet.
You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.

Please post in your next reply

TDSSKiller Log

aswMBR.txt

max0211 · February 2, 2012

Hi Daniel, thank you for your quick answer.

I just uninstalled Bitorrent, thanks for the reminder.

Here is the TDSKiller log : ( btw, non of the additional options were checked, I kept it that way ) . Avira sees this software as an malware with TR/Crypt.ULPM.Gen inside, but commin from your website trough Kapersky website I trusted it, but needed to unactivate Avira in order for TDS to run.

09:14:50.0883 3592 TDSS rootkit removing tool 2.7.9.0 Feb 1 2012 09:28:49

09:14:51.0031 3592 ============================================================

09:14:51.0031 3592 Current date / time: 2012/02/02 09:14:51.0031

09:14:51.0031 3592 SystemInfo:

09:14:51.0031 3592

09:14:51.0032 3592 OS Version: 6.1.7601 ServicePack: 1.0

09:14:51.0032 3592 Product type: Workstation

09:14:51.0032 3592 ComputerName: MAXWELL-PC

09:14:51.0032 3592 UserName: Maxwell

09:14:51.0032 3592 Windows directory: C:\Windows

09:14:51.0032 3592 System windows directory: C:\Windows

09:14:51.0032 3592 Running under WOW64

09:14:51.0032 3592 Processor architecture: Intel x64

09:14:51.0032 3592 Number of processors: 8

09:14:51.0032 3592 Page size: 0x1000

09:14:51.0032 3592 Boot type: Normal boot

09:14:51.0032 3592 ============================================================

09:14:51.0335 3592 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

09:14:51.0349 3592 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

09:14:51.0363 3592 \Device\Harddisk0\DR0:

09:14:51.0363 3592 MBR used

09:14:51.0363 3592 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x33000, BlocksNum 0x100D000

09:14:51.0363 3592 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1040000, BlocksNum 0x39345800

09:14:51.0363 3592 \Device\Harddisk1\DR1:

09:14:51.0363 3592 MBR used

09:14:51.0363 3592 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000

09:14:51.0396 3592 Initialize success

09:14:51.0396 3592 ============================================================

09:15:05.0204 3292 ============================================================

09:15:05.0204 3292 Scan started

09:15:05.0204 3292 Mode: Manual;

09:15:05.0204 3292 ============================================================

09:15:06.0049 3292 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

09:15:06.0050 3292 1394ohci - ok

09:15:06.0092 3292 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

09:15:06.0095 3292 ACPI - ok

09:15:06.0134 3292 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

09:15:06.0135 3292 AcpiPmi - ok

09:15:06.0171 3292 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

09:15:06.0176 3292 adp94xx - ok

09:15:06.0204 3292 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

09:15:06.0208 3292 adpahci - ok

09:15:06.0237 3292 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

09:15:06.0239 3292 adpu320 - ok

09:15:06.0342 3292 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys

09:15:06.0345 3292 AFD - ok

09:15:06.0388 3292 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

09:15:06.0390 3292 agp440 - ok

09:15:06.0445 3292 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

09:15:06.0446 3292 aliide - ok

09:15:06.0482 3292 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

09:15:06.0484 3292 amdide - ok

09:15:06.0518 3292 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

09:15:06.0520 3292 AmdK8 - ok

09:15:06.0683 3292 amdkmdag (322e5c178990f116f00e3d923f4e6b1c) C:\Windows\system32\DRIVERS\atikmdag.sys

09:15:06.0806 3292 amdkmdag - ok

09:15:06.0829 3292 amdkmdap (961a81a84fdd700e361e8294528a37ba) C:\Windows\system32\DRIVERS\atikmpag.sys

09:15:06.0831 3292 amdkmdap - ok

09:15:06.0854 3292 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

09:15:06.0856 3292 AmdPPM - ok

09:15:06.0893 3292 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

09:15:06.0895 3292 amdsata - ok

09:15:06.0914 3292 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

09:15:06.0916 3292 amdsbs - ok

09:15:06.0928 3292 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

09:15:06.0930 3292 amdxata - ok

09:15:07.0021 3292 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

09:15:07.0023 3292 AppID - ok

09:15:07.0061 3292 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

09:15:07.0063 3292 arc - ok

09:15:07.0087 3292 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

09:15:07.0089 3292 arcsas - ok

09:15:07.0122 3292 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

09:15:07.0123 3292 AsyncMac - ok

09:15:07.0167 3292 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

09:15:07.0169 3292 atapi - ok

09:15:07.0217 3292 AtiHDAudioService (230cf51113cd4b830b3bfd09b0d4c066) C:\Windows\system32\drivers\AtihdW76.sys

09:15:07.0217 3292 AtiHDAudioService - ok

09:15:07.0236 3292 AtiHdmiService (506934df94e3197f4a1bbe8fbeab0ccd) C:\Windows\system32\drivers\AtiHdmi.sys

09:15:07.0238 3292 AtiHdmiService - ok

09:15:07.0392 3292 atikmdag (322e5c178990f116f00e3d923f4e6b1c) C:\Windows\system32\DRIVERS\atikmdag.sys

09:15:07.0432 3292 atikmdag - ok

09:15:07.0481 3292 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys

09:15:07.0481 3292 avgntflt - ok

09:15:07.0493 3292 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys

09:15:07.0494 3292 avipbb - ok

09:15:07.0532 3292 AWOPFilterDriver (5b64b0d162aabde795b3f7a7234f2fe1) C:\Windows\system32\drivers\AWOPFilterDriver.sys

09:15:07.0533 3292 AWOPFilterDriver - ok

09:15:07.0578 3292 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

09:15:07.0582 3292 b06bdrv - ok

09:15:07.0607 3292 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

09:15:07.0610 3292 b57nd60a - ok

09:15:07.0624 3292 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

09:15:07.0626 3292 Beep - ok

09:15:07.0648 3292 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

09:15:07.0650 3292 blbdrive - ok

09:15:07.0708 3292 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

09:15:07.0710 3292 bowser - ok

09:15:07.0738 3292 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

09:15:07.0739 3292 BrFiltLo - ok

09:15:07.0754 3292 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

09:15:07.0755 3292 BrFiltUp - ok

09:15:07.0775 3292 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

09:15:07.0778 3292 Brserid - ok

09:15:07.0790 3292 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

09:15:07.0792 3292 BrSerWdm - ok

09:15:07.0806 3292 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

09:15:07.0808 3292 BrUsbMdm - ok

09:15:07.0819 3292 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

09:15:07.0821 3292 BrUsbSer - ok

09:15:07.0835 3292 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

09:15:07.0837 3292 BTHMODEM - ok

09:15:07.0863 3292 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

09:15:07.0865 3292 cdfs - ok

09:15:07.0914 3292 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

09:15:07.0916 3292 cdrom - ok

09:15:07.0941 3292 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

09:15:07.0943 3292 circlass - ok

09:15:07.0971 3292 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

09:15:07.0974 3292 CLFS - ok

09:15:08.0004 3292 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

09:15:08.0005 3292 CmBatt - ok

09:15:08.0043 3292 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

09:15:08.0045 3292 cmdide - ok

09:15:08.0087 3292 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

09:15:08.0091 3292 CNG - ok

09:15:08.0109 3292 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

09:15:08.0110 3292 Compbatt - ok

09:15:08.0131 3292 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

09:15:08.0131 3292 CompositeBus - ok

09:15:08.0187 3292 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

09:15:08.0189 3292 crcdisk - ok

09:15:08.0259 3292 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

09:15:08.0261 3292 DfsC - ok

09:15:08.0285 3292 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

09:15:08.0285 3292 discache - ok

09:15:08.0325 3292 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

09:15:08.0327 3292 Disk - ok

09:15:08.0435 3292 driverhardwarev2x64 (b28c853770c995552b9f5760d8245f44) C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys

09:15:08.0435 3292 driverhardwarev2x64 - ok

09:15:08.0493 3292 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

09:15:08.0495 3292 drmkaud - ok

09:15:08.0548 3292 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

09:15:08.0552 3292 DXGKrnl - ok

09:15:08.0623 3292 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

09:15:08.0665 3292 ebdrv - ok

09:15:08.0701 3292 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

09:15:08.0705 3292 elxstor - ok

09:15:08.0741 3292 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

09:15:08.0743 3292 ErrDev - ok

09:15:08.0771 3292 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

09:15:08.0773 3292 exfat - ok

09:15:08.0788 3292 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

09:15:08.0790 3292 fastfat - ok

09:15:08.0801 3292 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

09:15:08.0803 3292 fdc - ok

09:15:08.0819 3292 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

09:15:08.0821 3292 FileInfo - ok

09:15:08.0835 3292 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

09:15:08.0836 3292 Filetrace - ok

09:15:08.0864 3292 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

09:15:08.0866 3292 flpydisk - ok

09:15:08.0903 3292 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

09:15:08.0905 3292 FltMgr - ok

09:15:08.0922 3292 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

09:15:08.0923 3292 FsDepends - ok

09:15:08.0938 3292 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

09:15:08.0940 3292 Fs_Rec - ok

09:15:08.0986 3292 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

09:15:08.0987 3292 fvevol - ok

09:15:09.0004 3292 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

09:15:09.0006 3292 gagp30kx - ok

09:15:09.0040 3292 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

09:15:09.0041 3292 GEARAspiWDM - ok

09:15:09.0087 3292 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

09:15:09.0089 3292 hcw85cir - ok

09:15:09.0124 3292 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

09:15:09.0124 3292 HDAudBus - ok

09:15:09.0145 3292 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

09:15:09.0146 3292 HidBatt - ok

09:15:09.0164 3292 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

09:15:09.0166 3292 HidBth - ok

09:15:09.0178 3292 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

09:15:09.0180 3292 HidIr - ok

09:15:09.0198 3292 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

09:15:09.0201 3292 HidUsb - ok

09:15:09.0222 3292 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

09:15:09.0224 3292 HpSAMD - ok

09:15:09.0270 3292 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

09:15:09.0275 3292 HTTP - ok

09:15:09.0318 3292 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

09:15:09.0319 3292 hwpolicy - ok

09:15:09.0351 3292 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

09:15:09.0353 3292 i8042prt - ok

09:15:09.0386 3292 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys

09:15:09.0388 3292 iaStor - ok

09:15:09.0415 3292 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

09:15:09.0418 3292 iaStorV - ok

09:15:09.0445 3292 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

09:15:09.0447 3292 iirsp - ok

09:15:09.0511 3292 IntcAzAudAddService (697c927e0de2abaf1a5f455033f687cd) C:\Windows\system32\drivers\RTKVHD64.sys

09:15:09.0520 3292 IntcAzAudAddService - ok

09:15:09.0547 3292 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

09:15:09.0549 3292 intelide - ok

09:15:09.0575 3292 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

09:15:09.0575 3292 intelppm - ok

09:15:09.0611 3292 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

09:15:09.0613 3292 IpFilterDriver - ok

09:15:09.0630 3292 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

09:15:09.0632 3292 IPMIDRV - ok

09:15:09.0659 3292 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

09:15:09.0661 3292 IPNAT - ok

09:15:09.0696 3292 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

09:15:09.0698 3292 IRENUM - ok

09:15:09.0719 3292 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

09:15:09.0720 3292 isapnp - ok

09:15:09.0742 3292 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

09:15:09.0745 3292 iScsiPrt - ok

09:15:09.0774 3292 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys

09:15:09.0776 3292 k57nd60a - ok

09:15:09.0801 3292 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

09:15:09.0802 3292 kbdclass - ok

09:15:09.0811 3292 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

09:15:09.0813 3292 kbdhid - ok

09:15:09.0852 3292 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

09:15:09.0854 3292 KSecDD - ok

09:15:09.0899 3292 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

09:15:09.0900 3292 KSecPkg - ok

09:15:09.0925 3292 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

09:15:09.0926 3292 ksthunk - ok

09:15:09.0955 3292 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

09:15:09.0957 3292 lltdio - ok

09:15:09.0978 3292 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

09:15:09.0981 3292 LSI_FC - ok

09:15:09.0996 3292 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

09:15:09.0999 3292 LSI_SAS - ok

09:15:10.0012 3292 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

09:15:10.0014 3292 LSI_SAS2 - ok

09:15:10.0042 3292 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

09:15:10.0044 3292 LSI_SCSI - ok

09:15:10.0067 3292 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

09:15:10.0068 3292 luafv - ok

09:15:10.0119 3292 lvpepf64 (07389f6925e490d2db7882110e99921c) C:\Windows\system32\DRIVERS\lv302a64.sys

09:15:10.0120 3292 lvpepf64 - ok

09:15:10.0149 3292 LVRS64 (7f0ba3a6e8996f15693c6b7d81da049e) C:\Windows\system32\DRIVERS\lvrs64.sys

09:15:10.0162 3292 LVRS64 - ok

09:15:10.0238 3292 LVUSBS64 (5c3ff68267a5d242ee79ee01b993d6ce) C:\Windows\system32\drivers\LVUSBS64.sys

09:15:10.0239 3292 LVUSBS64 - ok

09:15:10.0291 3292 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

09:15:10.0293 3292 megasas - ok

09:15:10.0314 3292 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

09:15:10.0317 3292 MegaSR - ok

09:15:10.0347 3292 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

09:15:10.0351 3292 Modem - ok

09:15:10.0382 3292 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

09:15:10.0382 3292 monitor - ok

09:15:10.0423 3292 MotioninJoyXFilter (fc44ad48746ffa5fd640ef1260ab5ec2) C:\Windows\system32\DRIVERS\MijXfilt.sys

09:15:10.0425 3292 MotioninJoyXFilter - ok

09:15:10.0471 3292 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

09:15:10.0471 3292 mouclass - ok

09:15:10.0499 3292 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

09:15:10.0501 3292 mouhid - ok

09:15:10.0540 3292 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

09:15:10.0540 3292 mountmgr - ok

09:15:10.0585 3292 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

09:15:10.0587 3292 mpio - ok

09:15:10.0607 3292 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

09:15:10.0608 3292 mpsdrv - ok

09:15:10.0646 3292 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

09:15:10.0648 3292 MRxDAV - ok

09:15:10.0689 3292 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

09:15:10.0691 3292 mrxsmb - ok

09:15:10.0727 3292 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

09:15:10.0730 3292 mrxsmb10 - ok

09:15:10.0744 3292 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

09:15:10.0746 3292 mrxsmb20 - ok

09:15:10.0783 3292 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

09:15:10.0785 3292 msahci - ok

09:15:10.0797 3292 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

09:15:10.0798 3292 msdsm - ok

09:15:10.0840 3292 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

09:15:10.0842 3292 Msfs - ok

09:15:10.0857 3292 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

09:15:10.0857 3292 mshidkmdf - ok

09:15:10.0869 3292 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

09:15:10.0871 3292 msisadrv - ok

09:15:10.0898 3292 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

09:15:10.0899 3292 MSKSSRV - ok

09:15:10.0916 3292 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

09:15:10.0917 3292 MSPCLOCK - ok

09:15:10.0943 3292 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

09:15:10.0944 3292 MSPQM - ok

09:15:10.0985 3292 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

09:15:10.0988 3292 MsRPC - ok

09:15:11.0004 3292 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

09:15:11.0004 3292 mssmbios - ok

09:15:11.0012 3292 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

09:15:11.0012 3292 MSTEE - ok

09:15:11.0040 3292 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

09:15:11.0042 3292 MTConfig - ok

09:15:11.0055 3292 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

09:15:11.0057 3292 Mup - ok

09:15:11.0096 3292 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

09:15:11.0099 3292 NativeWifiP - ok

09:15:11.0166 3292 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

09:15:11.0173 3292 NDIS - ok

09:15:11.0192 3292 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

09:15:11.0195 3292 NdisCap - ok

09:15:11.0214 3292 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

09:15:11.0216 3292 NdisTapi - ok

09:15:11.0256 3292 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

09:15:11.0258 3292 Ndisuio - ok

09:15:11.0293 3292 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

09:15:11.0295 3292 NdisWan - ok

09:15:11.0335 3292 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

09:15:11.0337 3292 NDProxy - ok

09:15:11.0366 3292 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

09:15:11.0368 3292 NetBIOS - ok

09:15:11.0415 3292 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

09:15:11.0417 3292 NetBT - ok

09:15:11.0452 3292 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

09:15:11.0454 3292 nfrd960 - ok

09:15:11.0507 3292 nmwcd (907b5e1e4a592e5edc5e4ccbde4863c2) C:\Windows\system32\drivers\ccdcmbx64.sys

09:15:11.0508 3292 nmwcd - ok

09:15:11.0562 3292 nmwcdc (41c1ac1f3613435eb32d67bcb80a5fa5) C:\Windows\system32\drivers\ccdcmbox64.sys

09:15:11.0564 3292 nmwcdc - ok

09:15:11.0604 3292 nmwcdnsucx64 (a962be6433ef016e0dfb52eca15a5378) C:\Windows\system32\drivers\nmwcdnsucx64.sys

09:15:11.0606 3292 nmwcdnsucx64 - ok

09:15:11.0623 3292 nmwcdnsux64 (9573223e205907247ae6d948e3453770) C:\Windows\system32\drivers\nmwcdnsux64.sys

09:15:11.0625 3292 nmwcdnsux64 - ok

09:15:11.0643 3292 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

09:15:11.0645 3292 Npfs - ok

09:15:11.0656 3292 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

09:15:11.0657 3292 nsiproxy - ok

09:15:11.0721 3292 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

09:15:11.0747 3292 Ntfs - ok

09:15:11.0765 3292 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

09:15:11.0766 3292 Null - ok

09:15:11.0811 3292 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

09:15:11.0813 3292 nvraid - ok

09:15:11.0828 3292 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

09:15:11.0830 3292 nvstor - ok

09:15:11.0876 3292 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

09:15:11.0878 3292 nv_agp - ok

09:15:11.0897 3292 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

09:15:11.0899 3292 ohci1394 - ok

09:15:11.0932 3292 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

09:15:11.0934 3292 Parport - ok

09:15:11.0971 3292 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

09:15:11.0973 3292 partmgr - ok

09:15:12.0026 3292 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys

09:15:12.0027 3292 pccsmcfd - ok

09:15:12.0046 3292 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

09:15:12.0047 3292 pci - ok

09:15:12.0092 3292 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

09:15:12.0093 3292 pciide - ok

09:15:12.0115 3292 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

09:15:12.0117 3292 pcmcia - ok

09:15:12.0133 3292 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

09:15:12.0141 3292 pcw - ok

09:15:12.0176 3292 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

09:15:12.0182 3292 PEAUTH - ok

09:15:12.0274 3292 PID_PEPI (087a343dfc337f37723dd7912de6b6cd) C:\Windows\system32\DRIVERS\LV302V64.SYS

09:15:12.0309 3292 PID_PEPI - ok

09:15:12.0370 3292 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

09:15:12.0373 3292 PptpMiniport - ok

09:15:12.0400 3292 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

09:15:12.0401 3292 Processor - ok

09:15:12.0449 3292 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

09:15:12.0450 3292 Psched - ok

09:15:12.0508 3292 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys

09:15:12.0509 3292 PxHlpa64 - ok

09:15:12.0539 3292 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

09:15:12.0564 3292 ql2300 - ok

09:15:12.0581 3292 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

09:15:12.0584 3292 ql40xx - ok

09:15:12.0596 3292 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

09:15:12.0597 3292 QWAVEdrv - ok

09:15:12.0615 3292 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

09:15:12.0617 3292 RasAcd - ok

09:15:12.0646 3292 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

09:15:12.0648 3292 RasAgileVpn - ok

09:15:12.0686 3292 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

09:15:12.0688 3292 Rasl2tp - ok

09:15:12.0700 3292 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

09:15:12.0702 3292 RasPppoe - ok

09:15:12.0719 3292 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

09:15:12.0721 3292 RasSstp - ok

09:15:12.0762 3292 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

09:15:12.0765 3292 rdbss - ok

09:15:12.0783 3292 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

09:15:12.0785 3292 rdpbus - ok

09:15:12.0800 3292 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

09:15:12.0800 3292 RDPCDD - ok

09:15:12.0820 3292 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

09:15:12.0820 3292 RDPENCDD - ok

09:15:12.0828 3292 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

09:15:12.0829 3292 RDPREFMP - ok

09:15:12.0871 3292 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

09:15:12.0874 3292 RDPWD - ok

09:15:12.0928 3292 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

09:15:12.0931 3292 rdyboost - ok

09:15:12.0981 3292 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

09:15:12.0984 3292 rspndr - ok

09:15:13.0042 3292 RTL8192su (3c85058541d55bfcefd9177a68a507c6) C:\Windows\system32\DRIVERS\RTL8192su.sys

09:15:13.0047 3292 RTL8192su - ok

09:15:13.0090 3292 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

09:15:13.0092 3292 sbp2port - ok

09:15:13.0156 3292 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

09:15:13.0157 3292 scfilter - ok

09:15:13.0174 3292 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

09:15:13.0176 3292 secdrv - ok

09:15:13.0196 3292 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

09:15:13.0197 3292 Serenum - ok

09:15:13.0210 3292 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

09:15:13.0211 3292 Serial - ok

09:15:13.0261 3292 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

09:15:13.0265 3292 sermouse - ok

09:15:13.0284 3292 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

09:15:13.0286 3292 sffdisk - ok

09:15:13.0302 3292 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

09:15:13.0303 3292 sffp_mmc - ok

09:15:13.0313 3292 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

09:15:13.0315 3292 sffp_sd - ok

09:15:13.0332 3292 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

09:15:13.0334 3292 sfloppy - ok

09:15:13.0380 3292 SI3132 (0f498dee92fd73dd999bae4d506367f5) C:\Windows\system32\DRIVERS\SI3132.sys

09:15:13.0381 3292 SI3132 - ok

09:15:13.0401 3292 SiFilter (127ce10e01f53f2edaca7fe42e5631ea) C:\Windows\system32\DRIVERS\SiWinAcc.sys

09:15:13.0403 3292 SiFilter - ok

09:15:13.0412 3292 SiRemFil (b742c37002b8ebef6e230df9b4b28546) C:\Windows\system32\DRIVERS\SiRemFil.sys

09:15:13.0413 3292 SiRemFil - ok

09:15:13.0436 3292 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

09:15:13.0438 3292 SiSRaid2 - ok

09:15:13.0465 3292 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

09:15:13.0467 3292 SiSRaid4 - ok

09:15:13.0489 3292 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

09:15:13.0491 3292 Smb - ok

09:15:13.0531 3292 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

09:15:13.0532 3292 spldr - ok

09:15:13.0585 3292 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys

09:15:13.0585 3292 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb

09:15:13.0586 3292 sptd ( LockedFile.Multi.Generic ) - warning

09:15:13.0586 3292 sptd - detected LockedFile.Multi.Generic (1)

09:15:13.0628 3292 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

09:15:13.0632 3292 srv - ok

09:15:13.0669 3292 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

09:15:13.0672 3292 srv2 - ok

09:15:13.0686 3292 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

09:15:13.0688 3292 srvnet - ok

09:15:13.0744 3292 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

09:15:13.0746 3292 stexstor - ok

09:15:13.0807 3292 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

09:15:13.0807 3292 swenum - ok

09:15:13.0904 3292 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

09:15:13.0928 3292 Tcpip - ok

09:15:13.0968 3292 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

09:15:13.0976 3292 TCPIP6 - ok

09:15:14.0016 3292 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

09:15:14.0018 3292 tcpipreg - ok

09:15:14.0048 3292 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

09:15:14.0049 3292 TDPIPE - ok

09:15:14.0066 3292 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

09:15:14.0067 3292 TDTCP - ok

09:15:14.0110 3292 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

09:15:14.0112 3292 tdx - ok

09:15:14.0156 3292 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

09:15:14.0169 3292 TermDD - ok

09:15:14.0229 3292 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

09:15:14.0231 3292 tssecsrv - ok

09:15:14.0276 3292 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

09:15:14.0277 3292 TsUsbFlt - ok

09:15:14.0335 3292 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

09:15:14.0337 3292 tunnel - ok

09:15:14.0359 3292 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

09:15:14.0360 3292 uagp35 - ok

09:15:14.0394 3292 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

09:15:14.0397 3292 udfs - ok

09:15:14.0436 3292 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

09:15:14.0438 3292 uliagpkx - ok

09:15:14.0476 3292 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

09:15:14.0478 3292 umbus - ok

09:15:14.0506 3292 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

09:15:14.0508 3292 UmPass - ok

09:15:14.0568 3292 upperdev (4e93c8496359e97830c75ac36393654d) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys

09:15:14.0570 3292 upperdev - ok

09:15:14.0614 3292 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys

09:15:14.0616 3292 USBAAPL64 - ok

09:15:14.0665 3292 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

09:15:14.0667 3292 usbaudio - ok

09:15:14.0702 3292 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

09:15:14.0704 3292 usbccgp - ok

09:15:14.0743 3292 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

09:15:14.0745 3292 usbcir - ok

09:15:14.0781 3292 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

09:15:14.0783 3292 usbehci - ok

09:15:14.0806 3292 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

09:15:14.0809 3292 usbhub - ok

09:15:14.0827 3292 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

09:15:14.0829 3292 usbohci - ok

09:15:14.0857 3292 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

09:15:14.0858 3292 usbprint - ok

09:15:14.0906 3292 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys

09:15:14.0907 3292 usbser - ok

09:15:14.0945 3292 UsbserFilt (8844cb19a37b65e27049d4a7786726a9) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys

09:15:14.0947 3292 UsbserFilt - ok

09:15:14.0960 3292 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

09:15:14.0961 3292 USBSTOR - ok

09:15:14.0974 3292 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys

09:15:14.0976 3292 usbuhci - ok

09:15:14.0989 3292 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

09:15:14.0990 3292 vdrvroot - ok

09:15:15.0020 3292 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

09:15:15.0021 3292 vga - ok

09:15:15.0029 3292 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

09:15:15.0030 3292 VgaSave - ok

09:15:15.0066 3292 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

09:15:15.0068 3292 vhdmp - ok

09:15:15.0089 3292 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

09:15:15.0090 3292 viaide - ok

09:15:15.0112 3292 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

09:15:15.0114 3292 volmgr - ok

09:15:15.0157 3292 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

09:15:15.0159 3292 volmgrx - ok

09:15:15.0173 3292 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

09:15:15.0176 3292 volsnap - ok

09:15:15.0208 3292 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

09:15:15.0210 3292 vsmraid - ok

09:15:15.0223 3292 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

09:15:15.0225 3292 vwifibus - ok

09:15:15.0252 3292 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

09:15:15.0254 3292 vwififlt - ok

09:15:15.0303 3292 wacmoumonitor (f39fc224758290a3193c68c091e6f11a) C:\Windows\system32\DRIVERS\wacmoumonitor.sys

09:15:15.0304 3292 wacmoumonitor - ok

09:15:15.0346 3292 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys

09:15:15.0346 3292 wacommousefilter - ok

09:15:15.0357 3292 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

09:15:15.0359 3292 WacomPen - ok

09:15:15.0373 3292 wacomvhid (bb9d431c8d025ba13e60adddcff04f1a) C:\Windows\system32\DRIVERS\wacomvhid.sys

09:15:15.0374 3292 wacomvhid - ok

09:15:15.0383 3292 WacomVKHid (8b4255329edfba3ecfbd0714476fad38) C:\Windows\system32\DRIVERS\WacomVKHid.sys

09:15:15.0384 3292 WacomVKHid - ok

09:15:15.0442 3292 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

09:15:15.0444 3292 WANARP - ok

09:15:15.0456 3292 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

09:15:15.0457 3292 Wanarpv6 - ok

09:15:15.0496 3292 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

09:15:15.0497 3292 Wd - ok

09:15:15.0520 3292 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

09:15:15.0526 3292 Wdf01000 - ok

09:15:15.0552 3292 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

09:15:15.0553 3292 WfpLwf - ok

09:15:15.0582 3292 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys

09:15:15.0583 3292 WimFltr - ok

09:15:15.0591 3292 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

09:15:15.0592 3292 WIMMount - ok

09:15:15.0672 3292 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

09:15:15.0674 3292 WinUsb - ok

09:15:15.0765 3292 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

09:15:15.0766 3292 WmiAcpi - ok

09:15:15.0865 3292 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

09:15:15.0874 3292 ws2ifsl - ok

09:15:15.0938 3292 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

09:15:15.0940 3292 WudfPf - ok

09:15:15.0973 3292 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

09:15:15.0976 3292 WUDFRd - ok

09:15:16.0023 3292 xusb21 (9176c0822faa649e45121875be32f5d2) C:\Windows\system32\DRIVERS\xusb21.sys

09:15:16.0030 3292 xusb21 - ok

09:15:16.0060 3292 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

09:15:16.0121 3292 \Device\Harddisk0\DR0 - ok

09:15:16.0134 3292 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1

09:15:16.0136 3292 \Device\Harddisk1\DR1 - ok

09:15:16.0138 3292 Boot (0x1200) (6721ebf15f44d6fab9fa612398d927cf) \Device\Harddisk0\DR0\Partition0

09:15:16.0140 3292 \Device\Harddisk0\DR0\Partition0 - ok

09:15:16.0156 3292 Boot (0x1200) (970515614159cde53556be6a0e933d88) \Device\Harddisk0\DR0\Partition1

09:15:16.0159 3292 \Device\Harddisk0\DR0\Partition1 - ok

09:15:16.0161 3292 Boot (0x1200) (c93fb9515fa69896f24ca9935fe8aaeb) \Device\Harddisk1\DR1\Partition0

09:15:16.0161 3292 \Device\Harddisk1\DR1\Partition0 - ok

09:15:16.0162 3292 ============================================================

09:15:16.0162 3292 Scan finished

09:15:16.0162 3292 ============================================================

09:15:16.0170 3404 Detected object count: 1

09:15:16.0170 3404 Actual detected object count: 1

09:15:42.0899 3404 sptd ( LockedFile.Multi.Generic ) - skipped by user

09:15:42.0899 3404 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

09:16:10.0440 3932 ============================================================

09:16:10.0440 3932 Scan started

09:16:10.0440 3932 Mode: Manual;

09:16:10.0440 3932 ============================================================

09:16:10.0640 3932 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

09:16:10.0641 3932 1394ohci - ok

09:16:10.0684 3932 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

09:16:10.0685 3932 ACPI - ok

09:16:10.0725 3932 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

09:16:10.0725 3932 AcpiPmi - ok

09:16:10.0754 3932 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

09:16:10.0756 3932 adp94xx - ok

09:16:10.0770 3932 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

09:16:10.0772 3932 adpahci - ok

09:16:10.0786 3932 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

09:16:10.0787 3932 adpu320 - ok

09:16:10.0833 3932 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys

09:16:10.0835 3932 AFD - ok

09:16:10.0879 3932 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

09:16:10.0879 3932 agp440 - ok

09:16:10.0928 3932 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

09:16:10.0928 3932 aliide - ok

09:16:10.0965 3932 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

09:16:10.0965 3932 amdide - ok

09:16:10.0992 3932 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

09:16:10.0993 3932 AmdK8 - ok

09:16:11.0149 3932 amdkmdag (322e5c178990f116f00e3d923f4e6b1c) C:\Windows\system32\DRIVERS\atikmdag.sys

09:16:11.0189 3932 amdkmdag - ok

09:16:11.0246 3932 amdkmdap (961a81a84fdd700e361e8294528a37ba) C:\Windows\system32\DRIVERS\atikmpag.sys

09:16:11.0247 3932 amdkmdap - ok

09:16:11.0262 3932 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

09:16:11.0262 3932 AmdPPM - ok

09:16:11.0276 3932 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

09:16:11.0277 3932 amdsata - ok

09:16:11.0289 3932 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

09:16:11.0290 3932 amdsbs - ok

09:16:11.0303 3932 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

09:16:11.0303 3932 amdxata - ok

09:16:11.0346 3932 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

09:16:11.0347 3932 AppID - ok

09:16:11.0358 3932 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

09:16:11.0359 3932 arc - ok

09:16:11.0387 3932 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

09:16:11.0387 3932 arcsas - ok

09:16:11.0405 3932 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

09:16:11.0405 3932 AsyncMac - ok

09:16:11.0426 3932 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

09:16:11.0426 3932 atapi - ok

09:16:11.0467 3932 AtiHDAudioService (230cf51113cd4b830b3bfd09b0d4c066) C:\Windows\system32\drivers\AtihdW76.sys

09:16:11.0467 3932 AtiHDAudioService - ok

09:16:11.0486 3932 AtiHdmiService (506934df94e3197f4a1bbe8fbeab0ccd) C:\Windows\system32\drivers\AtiHdmi.sys

09:16:11.0487 3932 AtiHdmiService - ok

09:16:11.0641 3932 atikmdag (322e5c178990f116f00e3d923f4e6b1c) C:\Windows\system32\DRIVERS\atikmdag.sys

09:16:11.0680 3932 atikmdag - ok

09:16:11.0722 3932 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys

09:16:11.0723 3932 avgntflt - ok

09:16:11.0760 3932 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys

09:16:11.0761 3932 avipbb - ok

09:16:11.0791 3932 AWOPFilterDriver (5b64b0d162aabde795b3f7a7234f2fe1) C:\Windows\system32\drivers\AWOPFilterDriver.sys

09:16:11.0791 3932 AWOPFilterDriver - ok

09:16:11.0819 3932 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

09:16:11.0821 3932 b06bdrv - ok

09:16:11.0840 3932 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

09:16:11.0841 3932 b57nd60a - ok

09:16:11.0858 3932 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

09:16:11.0858 3932 Beep - ok

09:16:11.0890 3932 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

09:16:11.0890 3932 blbdrive - ok

09:16:11.0933 3932 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

09:16:11.0933 3932 bowser - ok

09:16:11.0946 3932 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

09:16:11.0946 3932 BrFiltLo - ok

09:16:11.0954 3932 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

09:16:11.0954 3932 BrFiltUp - ok

09:16:11.0975 3932 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

09:16:11.0977 3932 Brserid - ok

09:16:11.0990 3932 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

09:16:11.0990 3932 BrSerWdm - ok

09:16:11.0998 3932 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

09:16:11.0998 3932 BrUsbMdm - ok

09:16:12.0011 3932 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

09:16:12.0011 3932 BrUsbSer - ok

09:16:12.0027 3932 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

09:16:12.0027 3932 BTHMODEM - ok

09:16:12.0046 3932 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

09:16:12.0046 3932 cdfs - ok

09:16:12.0089 3932 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

09:16:12.0089 3932 cdrom - ok

09:16:12.0116 3932 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

09:16:12.0117 3932 circlass - ok

09:16:12.0138 3932 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

09:16:12.0140 3932 CLFS - ok

09:16:12.0151 3932 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

09:16:12.0152 3932 CmBatt - ok

09:16:12.0193 3932 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

09:16:12.0194 3932 cmdide - ok

09:16:12.0237 3932 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

09:16:12.0239 3932 CNG - ok

09:16:12.0251 3932 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

09:16:12.0251 3932 Compbatt - ok

09:16:12.0264 3932 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

09:16:12.0264 3932 CompositeBus - ok

09:16:12.0295 3932 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

09:16:12.0296 3932 crcdisk - ok

09:16:12.0342 3932 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

09:16:12.0343 3932 DfsC - ok

09:16:12.0360 3932 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

09:16:12.0360 3932 discache - ok

09:16:12.0375 3932 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

09:16:12.0376 3932 Disk - ok

09:16:12.0469 3932 driverhardwarev2x64 (b28c853770c995552b9f5760d8245f44) C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys

09:16:12.0469 3932 driverhardwarev2x64 - ok

09:16:12.0502 3932 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

09:16:12.0502 3932 drmkaud - ok

09:16:12.0549 3932 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

09:16:12.0552 3932 DXGKrnl - ok

09:16:12.0615 3932 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

09:16:12.0628 3932 ebdrv - ok

09:16:12.0676 3932 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

09:16:12.0678 3932 elxstor - ok

09:16:12.0716 3932 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

09:16:12.0716 3932 ErrDev - ok

09:16:12.0763 3932 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

09:16:12.0764 3932 exfat - ok

09:16:12.0780 3932 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

09:16:12.0781 3932 fastfat - ok

09:16:12.0793 3932 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

09:16:12.0793 3932 fdc - ok

09:16:12.0811 3932 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

09:16:12.0811 3932 FileInfo - ok

09:16:12.0827 3932 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

09:16:12.0827 3932 Filetrace - ok

09:16:12.0856 3932 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

09:16:12.0856 3932 flpydisk - ok

09:16:12.0895 3932 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

09:16:12.0896 3932 FltMgr - ok

09:16:12.0914 3932 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

09:16:12.0914 3932 FsDepends - ok

09:16:12.0930 3932 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

09:16:12.0931 3932 Fs_Rec - ok

09:16:12.0970 3932 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

09:16:12.0971 3932 fvevol - ok

09:16:12.0986 3932 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

09:16:12.0987 3932 gagp30kx - ok

09:16:13.0023 3932 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

09:16:13.0023 3932 GEARAspiWDM - ok

09:16:13.0045 3932 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

09:16:13.0045 3932 hcw85cir - ok

09:16:13.0081 3932 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

09:16:13.0082 3932 HDAudBus - ok

09:16:13.0094 3932 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

09:16:13.0094 3932 HidBatt - ok

09:16:13.0102 3932 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

09:16:13.0102 3932 HidBth - ok

09:16:13.0119 3932 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

09:16:13.0120 3932 HidIr - ok

09:16:13.0131 3932 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

09:16:13.0131 3932 HidUsb - ok

09:16:13.0171 3932 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

09:16:13.0172 3932 HpSAMD - ok

09:16:13.0219 3932 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

09:16:13.0222 3932 HTTP - ok

09:16:13.0259 3932 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

09:16:13.0260 3932 hwpolicy - ok

09:16:13.0300 3932 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

09:16:13.0301 3932 i8042prt - ok

09:16:13.0335 3932 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys

09:16:13.0337 3932 iaStor - ok

09:16:13.0356 3932 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

09:16:13.0358 3932 iaStorV - ok

09:16:13.0377 3932 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

09:16:13.0378 3932 iirsp - ok

09:16:13.0427 3932 IntcAzAudAddService (697c927e0de2abaf1a5f455033f687cd) C:\Windows\system32\drivers\RTKVHD64.sys

09:16:13.0436 3932 IntcAzAudAddService - ok

09:16:13.0472 3932 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

09:16:13.0472 3932 intelide - ok

09:16:13.0491 3932 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

09:16:13.0491 3932 intelppm - ok

09:16:13.0527 3932 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

09:16:13.0528 3932 IpFilterDriver - ok

09:16:13.0546 3932 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

09:16:13.0546 3932 IPMIDRV - ok

09:16:13.0559 3932 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

09:16:13.0559 3932 IPNAT - ok

09:16:13.0571 3932 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

09:16:13.0571 3932 IRENUM - ok

09:16:13.0593 3932 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

09:16:13.0593 3932 isapnp - ok

09:16:13.0616 3932 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

09:16:13.0617 3932 iScsiPrt - ok

09:16:13.0648 3932 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys

09:16:13.0650 3932 k57nd60a - ok

09:16:13.0667 3932 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

09:16:13.0668 3932 kbdclass - ok

09:16:13.0702 3932 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

09:16:13.0703 3932 kbdhid - ok

09:16:13.0743 3932 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

09:16:13.0743 3932 KSecDD - ok

09:16:13.0781 3932 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

09:16:13.0782 3932 KSecPkg - ok

09:16:13.0807 3932 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

09:16:13.0808 3932 ksthunk - ok

09:16:13.0821 3932 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

09:16:13.0822 3932 lltdio - ok

09:16:13.0836 3932 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

09:16:13.0836 3932 LSI_FC - ok

09:16:13.0854 3932 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

09:16:13.0854 3932 LSI_SAS - ok

09:16:13.0870 3932 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

09:16:13.0871 3932 LSI_SAS2 - ok

09:16:13.0904 3932 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

09:16:13.0905 3932 LSI_SCSI - ok

09:16:13.0917 3932 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

09:16:13.0917 3932 luafv - ok

09:16:13.0960 3932 lvpepf64 (07389f6925e490d2db7882110e99921c) C:\Windows\system32\DRIVERS\lv302a64.sys

09:16:13.0960 3932 lvpepf64 - ok

09:16:13.0987 3932 LVRS64 (7f0ba3a6e8996f15693c6b7d81da049e) C:\Windows\system32\DRIVERS\lvrs64.sys

09:16:13.0990 3932 LVRS64 - ok

09:16:14.0005 3932 LVUSBS64 (5c3ff68267a5d242ee79ee01b993d6ce) C:\Windows\system32\drivers\LVUSBS64.sys

09:16:14.0005 3932 LVUSBS64 - ok

09:16:14.0032 3932 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

09:16:14.0033 3932 megasas - ok

09:16:14.0056 3932 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

09:16:14.0057 3932 MegaSR - ok

09:16:14.0071 3932 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

09:16:14.0072 3932 Modem - ok

09:16:14.0081 3932 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

09:16:14.0082 3932 monitor - ok

09:16:14.0122 3932 MotioninJoyXFilter (fc44ad48746ffa5fd640ef1260ab5ec2) C:\Windows\system32\DRIVERS\MijXfilt.sys

09:16:14.0123 3932 MotioninJoyXFilter - ok

09:16:14.0162 3932 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

09:16:14.0163 3932 mouclass - ok

09:16:14.0174 3932 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

09:16:14.0174 3932 mouhid - ok

09:16:14.0214 3932 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

09:16:14.0215 3932 mountmgr - ok

09:16:14.0259 3932 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

09:16:14.0260 3932 mpio - ok

09:16:14.0290 3932 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

09:16:14.0290 3932 mpsdrv - ok

09:16:14.0329 3932 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

09:16:14.0330 3932 MRxDAV - ok

09:16:14.0372 3932 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

09:16:14.0373 3932 mrxsmb - ok

09:16:14.0409 3932 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

09:16:14.0411 3932 mrxsmb10 - ok

09:16:14.0427 3932 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

09:16:14.0428 3932 mrxsmb20 - ok

09:16:14.0475 3932 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

09:16:14.0475 3932 msahci - ok

09:16:14.0513 3932 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

09:16:14.0514 3932 msdsm - ok

09:16:14.0539 3932 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

09:16:14.0540 3932 Msfs - ok

09:16:14.0547 3932 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

09:16:14.0547 3932 mshidkmdf - ok

09:16:14.0561 3932 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

09:16:14.0561 3932 msisadrv - ok

09:16:14.0606 3932 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

09:16:14.0606 3932 MSKSSRV - ok

09:16:14.0615 3932 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

09:16:14.0615 3932 MSPCLOCK - ok

09:16:14.0623 3932 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

09:16:14.0623 3932 MSPQM - ok

09:16:14.0659 3932 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

09:16:14.0660 3932 MsRPC - ok

09:16:14.0678 3932 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

09:16:14.0679 3932 mssmbios - ok

09:16:14.0686 3932 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

09:16:14.0686 3932 MSTEE - ok

09:16:14.0706 3932 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

09:16:14.0706 3932 MTConfig - ok

09:16:14.0721 3932 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

09:16:14.0721 3932 Mup - ok

09:16:14.0762 3932 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

09:16:14.0763 3932 NativeWifiP - ok

09:16:14.0816 3932 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

09:16:14.0820 3932 NDIS - ok

09:16:14.0834 3932 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

09:16:14.0834 3932 NdisCap - ok

09:16:14.0847 3932 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

09:16:14.0848 3932 NdisTapi - ok

09:16:14.0889 3932 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

09:16:14.0890 3932 Ndisuio - ok

09:16:14.0926 3932 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

09:16:14.0927 3932 NdisWan - ok

09:16:14.0968 3932 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

09:16:14.0968 3932 NDProxy - ok

09:16:14.0991 3932 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

09:16:14.0991 3932 NetBIOS - ok

09:16:15.0031 3932 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

09:16:15.0032 3932 NetBT - ok

09:16:15.0051 3932 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

09:16:15.0052 3932 nfrd960 - ok

09:16:15.0098 3932 nmwcd (907b5e1e4a592e5edc5e4ccbde4863c2) C:\Windows\system32\drivers\ccdcmbx64.sys

09:16:15.0098 3932 nmwcd - ok

09:16:15.0129 3932 nmwcdc (41c1ac1f3613435eb32d67bcb80a5fa5) C:\Windows\system32\drivers\ccdcmbox64.sys

09:16:15.0130 3932 nmwcdc - ok

09:16:15.0170 3932 nmwcdnsucx64 (a962be6433ef016e0dfb52eca15a5378) C:\Windows\system32\drivers\nmwcdnsucx64.sys

09:16:15.0171 3932 nmwcdnsucx64 - ok

09:16:15.0190 3932 nmwcdnsux64 (9573223e205907247ae6d948e3453770) C:\Windows\system32\drivers\nmwcdnsux64.sys

09:16:15.0190 3932 nmwcdnsux64 - ok

09:16:15.0210 3932 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

09:16:15.0210 3932 Npfs - ok

09:16:15.0223 3932 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

09:16:15.0223 3932 nsiproxy - ok

09:16:15.0288 3932 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

09:16:15.0294 3932 Ntfs - ok

09:16:15.0332 3932 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

09:16:15.0332 3932 Null - ok

09:16:15.0369 3932 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

09:16:15.0370 3932 nvraid - ok

09:16:15.0386 3932 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

09:16:15.0387 3932 nvstor - ok

09:16:15.0434 3932 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

09:16:15.0434 3932 nv_agp - ok

09:16:15.0455 3932 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

09:16:15.0455 3932 ohci1394 - ok

09:16:15.0482 3932 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

09:16:15.0482 3932 Parport - ok

09:16:15.0537 3932 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

09:16:15.0538 3932 partmgr - ok

09:16:15.0575 3932 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys

09:16:15.0576 3932 pccsmcfd - ok

09:16:15.0596 3932 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

09:16:15.0597 3932 pci - ok

09:16:15.0616 3932 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

09:16:15.0617 3932 pciide - ok

09:16:15.0639 3932 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

09:16:15.0640 3932 pcmcia - ok

09:16:15.0658 3932 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

09:16:15.0659 3932 pcw - ok

09:16:15.0676 3932 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

09:16:15.0678 3932 PEAUTH - ok

09:16:15.0757 3932 PID_PEPI (087a343dfc337f37723dd7912de6b6cd) C:\Windows\system32\DRIVERS\LV302V64.SYS

09:16:15.0766 3932 PID_PEPI - ok

09:16:15.0820 3932 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

09:16:15.0821 3932 PptpMiniport - ok

09:16:15.0842 3932 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

09:16:15.0842 3932 Processor - ok

09:16:15.0882 3932 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

09:16:15.0883 3932 Psched - ok

09:16:15.0916 3932 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys

09:16:15.0916 3932 PxHlpa64 - ok

09:16:15.0947 3932 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

09:16:15.0953 3932 ql2300 - ok

09:16:15.0965 3932 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

09:16:15.0965 3932 ql40xx - ok

09:16:15.0980 3932 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

09:16:15.0980 3932 QWAVEdrv - ok

09:16:15.0999 3932 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

09:16:15.0999 3932 RasAcd - ok

09:16:16.0021 3932 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

09:16:16.0022 3932 RasAgileVpn - ok

09:16:16.0061 3932 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

09:16:16.0062 3932 Rasl2tp - ok

09:16:16.0075 3932 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

09:16:16.0076 3932 RasPppoe - ok

09:16:16.0094 3932 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

09:16:16.0095 3932 RasSstp - ok

09:16:16.0137 3932 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

09:16:16.0138 3932 rdbss - ok

09:16:16.0150 3932 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

09:16:16.0150 3932 rdpbus - ok

09:16:16.0175 3932 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

09:16:16.0175 3932 RDPCDD - ok

09:16:16.0186 3932 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

09:16:16.0187 3932 RDPENCDD - ok

09:16:16.0195 3932 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

09:16:16.0196 3932 RDPREFMP - ok

09:16:16.0238 3932 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

09:16:16.0239 3932 RDPWD - ok

09:16:16.0278 3932 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

09:16:16.0279 3932 rdyboost - ok

09:16:16.0298 3932 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

09:16:16.0298 3932 rspndr - ok

09:16:16.0342 3932 RTL8192su (3c85058541d55bfcefd9177a68a507c6) C:\Windows\system32\DRIVERS\RTL8192su.sys

09:16:16.0345 3932 RTL8192su - ok

09:16:16.0390 3932 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

09:16:16.0390 3932 sbp2port - ok

09:16:16.0439 3932 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

09:16:16.0440 3932 scfilter - ok

09:16:16.0466 3932 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

09:16:16.0466 3932 secdrv - ok

09:16:16.0487 3932 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

09:16:16.0488 3932 Serenum - ok

09:16:16.0502 3932 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

09:16:16.0502 3932 Serial - ok

09:16:16.0537 3932 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

09:16:16.0537 3932 sermouse - ok

09:16:16.0576 3932 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

09:16:16.0576 3932 sffdisk - ok

09:16:16.0585 3932 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

09:16:16.0585 3932 sffp_mmc - ok

09:16:16.0596 3932 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

09:16:16.0597 3932 sffp_sd - ok

09:16:16.0615 3932 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

09:16:16.0616 3932 sfloppy - ok

09:16:16.0647 3932 SI3132 (0f498dee92fd73dd999bae4d506367f5) C:\Windows\system32\DRIVERS\SI3132.sys

09:16:16.0647 3932 SI3132 - ok

09:16:16.0660 3932 SiFilter (127ce10e01f53f2edaca7fe42e5631ea) C:\Windows\system32\DRIVERS\SiWinAcc.sys

09:16:16.0660 3932 SiFilter - ok

09:16:16.0671 3932 SiRemFil (b742c37002b8ebef6e230df9b4b28546) C:\Windows\system32\DRIVERS\SiRemFil.sys

09:16:16.0671 3932 SiRemFil - ok

09:16:16.0686 3932 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

09:16:16.0686 3932 SiSRaid2 - ok

09:16:16.0715 3932 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

09:16:16.0715 3932 SiSRaid4 - ok

09:16:16.0731 3932 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

09:16:16.0732 3932 Smb - ok

09:16:16.0764 3932 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

09:16:16.0764 3932 spldr - ok

09:16:16.0810 3932 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys

09:16:16.0810 3932 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb

09:16:16.0811 3932 sptd ( LockedFile.Multi.Generic ) - warning

09:16:16.0811 3932 sptd - detected LockedFile.Multi.Generic (1)

09:16:16.0853 3932 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

09:16:16.0855 3932 srv - ok

09:16:16.0894 3932 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

09:16:16.0895 3932 srv2 - ok

09:16:16.0911 3932 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

09:16:16.0912 3932 srvnet - ok

09:16:16.0936 3932 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

09:16:16.0936 3932 stexstor - ok

09:16:16.0990 3932 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

09:16:16.0991 3932 swenum - ok

09:16:17.0060 3932 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

09:16:17.0067 3932 Tcpip - ok

09:16:17.0102 3932 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

09:16:17.0109 3932 TCPIP6 - ok

09:16:17.0141 3932 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

09:16:17.0142 3932 tcpipreg - ok

09:16:17.0156 3932 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

09:16:17.0156 3932 TDPIPE - ok

09:16:17.0174 3932 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

09:16:17.0174 3932 TDTCP - ok

09:16:17.0218 3932 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

09:16:17.0219 3932 tdx - ok

09:16:17.0265 3932 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

09:16:17.0265 3932 TermDD - ok

09:16:17.0312 3932 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

09:16:17.0313 3932 tssecsrv - ok

09:16:17.0351 3932 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

09:16:17.0351 3932 TsUsbFlt - ok

09:16:17.0393 3932 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

09:16:17.0394 3932 tunnel - ok

09:16:17.0417 3932 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

09:16:17.0418 3932 uagp35 - ok

09:16:17.0453 3932 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

09:16:17.0454 3932 udfs - ok

09:16:17.0494 3932 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

09:16:17.0495 3932 uliagpkx - ok

09:16:17.0510 3932 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

09:16:17.0510 3932 umbus - ok

09:16:17.0523 3932 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

09:16:17.0524 3932 UmPass - ok

09:16:17.0560 3932 upperdev (4e93c8496359e97830c75ac36393654d) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys

09:16:17.0560 3932 upperdev - ok

09:16:17.0606 3932 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys

09:16:17.0607 3932 USBAAPL64 - ok

09:16:17.0649 3932 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

09:16:17.0650 3932 usbaudio - ok

09:16:17.0685 3932 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

09:16:17.0686 3932 usbccgp - ok

09:16:17.0727 3932 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

09:16:17.0727 3932 usbcir - ok

09:16:17.0740 3932 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

09:16:17.0740 3932 usbehci - ok

09:16:17.0756 3932 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

09:16:17.0758 3932 usbhub - ok

09:16:17.0778 3932 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

09:16:17.0778 3932 usbohci - ok

09:16:17.0799 3932 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

09:16:17.0799 3932 usbprint - ok

09:16:17.0832 3932 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys

09:16:17.0832 3932 usbser - ok

09:16:17.0871 3932 UsbserFilt (8844cb19a37b65e27049d4a7786726a9) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys

09:16:17.0871 3932 UsbserFilt - ok

09:16:17.0885 3932 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

09:16:17.0886 3932 USBSTOR - ok

09:16:17.0900 3932 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys

09:16:17.0900 3932 usbuhci - ok

09:16:17.0956 3932 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

09:16:17.0956 3932 vdrvroot - ok

09:16:17.0987 3932 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

09:16:17.0987 3932 vga - ok

09:16:17.0996 3932 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

09:16:17.0996 3932 VgaSave - ok

09:16:18.0016 3932 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

09:16:18.0017 3932 vhdmp - ok

09:16:18.0039 3932 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

09:16:18.0039 3932 viaide - ok

09:16:18.0063 3932 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

09:16:18.0063 3932 volmgr - ok

09:16:18.0107 3932 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

09:16:18.0109 3932 volmgrx - ok

09:16:18.0124 3932 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

09:16:18.0125 3932 volsnap - ok

09:16:18.0150 3932 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

09:16:18.0151 3932 vsmraid - ok

09:16:18.0165 3932 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

09:16:18.0166 3932 vwifibus - ok

09:16:18.0177 3932 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

09:16:18.0178 3932 vwififlt - ok

09:16:18.0236 3932 wacmoumonitor (f39fc224758290a3193c68c091e6f11a) C:\Windows\system32\DRIVERS\wacmoumonitor.sys

09:16:18.0237 3932 wacmoumonitor - ok

09:16:18.0272 3932 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys

09:16:18.0272 3932 wacommousefilter - ok

09:16:18.0283 3932 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

09:16:18.0283 3932 WacomPen - ok

09:16:18.0299 3932 wacomvhid (bb9d431c8d025ba13e60adddcff04f1a) C:\Windows\system32\DRIVERS\wacomvhid.sys

09:16:18.0299 3932 wacomvhid - ok

09:16:18.0334 3932 WacomVKHid (8b4255329edfba3ecfbd0714476fad38) C:\Windows\system32\DRIVERS\WacomVKHid.sys

09:16:18.0334 3932 WacomVKHid - ok

09:16:18.0376 3932 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

09:16:18.0376 3932 WANARP - ok

09:16:18.0379 3932 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

09:16:18.0380 3932 Wanarpv6 - ok

09:16:18.0405 3932 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

09:16:18.0405 3932 Wd - ok

09:16:18.0429 3932 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

09:16:18.0432 3932 Wdf01000 - ok

09:16:18.0452 3932 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

09:16:18.0453 3932 WfpLwf - ok

09:16:18.0482 3932 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys

09:16:18.0483 3932 WimFltr - ok

09:16:18.0491 3932 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

09:16:18.0491 3932 WIMMount - ok

09:16:18.0564 3932 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

09:16:18.0564 3932 WinUsb - ok

09:16:18.0607 3932 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

09:16:18.0607 3932 WmiAcpi - ok

09:16:18.0624 3932 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

09:16:18.0625 3932 ws2ifsl - ok

09:16:18.0680 3932 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

09:16:18.0681 3932 WudfPf - ok

09:16:18.0699 3932 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

09:16:18.0700 3932 WUDFRd - ok

09:16:18.0741 3932 xusb21 (9176c0822faa649e45121875be32f5d2) C:\Windows\system32\DRIVERS\xusb21.sys

09:16:18.0741 3932 xusb21 - ok

09:16:18.0752 3932 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

09:16:18.0797 3932 \Device\Harddisk0\DR0 - ok

09:16:18.0799 3932 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1

09:16:18.0800 3932 \Device\Harddisk1\DR1 - ok

09:16:18.0802 3932 Boot (0x1200) (6721ebf15f44d6fab9fa612398d927cf) \Device\Harddisk0\DR0\Partition0

09:16:18.0803 3932 \Device\Harddisk0\DR0\Partition0 - ok

09:16:18.0815 3932 Boot (0x1200) (970515614159cde53556be6a0e933d88) \Device\Harddisk0\DR0\Partition1

09:16:18.0816 3932 \Device\Harddisk0\DR0\Partition1 - ok

09:16:18.0818 3932 Boot (0x1200) (c93fb9515fa69896f24ca9935fe8aaeb) \Device\Harddisk1\DR1\Partition0

09:16:18.0819 3932 \Device\Harddisk1\DR1\Partition0 - ok

09:16:18.0819 3932 ============================================================

09:16:18.0819 3932 Scan finished

09:16:18.0819 3932 ============================================================

09:16:18.0824 3940 Detected object count: 1

09:16:18.0824 3940 Actual detected object count: 1

09:16:24.0588 3940 sptd ( LockedFile.Multi.Generic ) - skipped by user

09:16:24.0588 3940 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

Here is aswMBR report :

Run date: 2012-02-02 09:21:44

-----------------------------

09:21:44.647 OS Version: Windows x64 6.1.7601 Service Pack 1

09:21:44.647 Number of processors: 8 586 0x1A05

09:21:44.647 ComputerName: MAXWELL-PC UserName: Maxwell

09:21:55.842 Initialize success

09:22:26.277 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

09:22:26.278 Disk 0 Vendor: ST350041 CC46 Size: 476940MB BusType: 3

09:22:26.280 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2

09:22:26.281 Disk 1 Vendor: ST350041 CC46 Size: 476940MB BusType: 3

09:22:26.294 Disk 0 MBR read successfully

09:22:26.296 Disk 0 MBR scan

09:22:26.298 Disk 0 Windows 7 default MBR code

09:22:26.300 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 101 MB offset 63

09:22:26.305 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 8218 MB offset 208896

09:22:26.315 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 468619 MB offset 17039360

09:22:26.318 Service scanning

09:22:27.019 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32

09:22:27.657 Modules scanning

09:22:27.660 Disk 0 trace - called modules:

09:22:27.679 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys spwg.sys hal.dll

09:22:27.683 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008aaa790]

09:22:27.686 3 CLASSPNP.SYS[fffff88001a5143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800877e050]

09:22:27.689 Scan finished successfully

09:22:39.492 Disk 0 MBR has been saved successfully to "C:\Users\Maxwell\Desktop\MBR.dat"

09:22:39.495 The log file has been saved successfully to "C:\Users\Maxwell\Desktop\aswMBR.txt"

And I attach the .dat log after zipping it, as you requested.

Thanks Daniel for your help, tell me what can i do now.

Max.

MBR.zip

Larusso · February 2, 2012

You are welcome.

You can be 100% sure, that I'll never link you to malicious files. Sometimes our tools are detected by AVPs.

Do you have any other problems than your Firewall issue ?

Please download DeFogger to your desktop.

Double click DeFogger to run the tool.

The application window will appear
Click the Disable button to disable your CD Emulation drivers
Click Yes to continue
A 'Finished!' message will appear
Click OK
DeFogger will now ask to reboot the machine - click OK

IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

Do not re-enable these drivers until otherwise instructed.

Download ComboFix from one of these locations:

Link 1

Link 2

* IMPORTANT- Save ComboFix.exe to your Desktop

====================================================

Disable your AntiVirus and AntiSpyware applications as they will interfere with our tools and the removal. If you are unsure how to do this, please refer to this topic How to disable your security applications

====================================================

Double click on combofix.exe & follow the prompts.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.

*Note - if after running ComboFix you see a message similar to 'registry key marked for deletion..' rebooting the machine will resolve that.

Please post in your next reply

Combofix.txt

max0211 · February 2, 2012

Thanks again.

Done everything, little trouble on the way ( no big deal, just describing it if any thing could be a clue ... ) :

I started DeFogger from downloads the first time, it needed to reboot, rebooted, restarted it again from desktop this time, gave me the same log except it didn't reboot it wrote already disabled instead of disabled need reboot.

Then the ComboFix situation :

Disabled Avira, but it told me I had AntivirDesktop as antispyware and anti malware that was running, even though avira umbrella's was closed, tried to kill the processes avgunt and avguard that were still running but didn't work, so I kept Combofix running as I basically had no other choice.

It restarted in the end ( quite surprising, verry worried for a sec .. ) , the log on screen, and everything fine ( except I had to rebbot again for the registry key marked for deletion thing but again no big deal )

So here's the log I got :

ComboFix 12-02-02.02 - Maxwell 02/02/2012 18:06:10.1.8 - x64

Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.9207.6866 [GMT 1:00]

LancÉ depuis: c:\users\Maxwell\Desktop\ComboFix.exe

AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\users\Maxwell\AppData\Local\41589dd1\U

c:\users\Maxwell\AppData\Local\41589dd1\U\80000000.@

c:\users\Maxwell\AppData\Local\41589dd1\U\800000cb.@

c:\users\Maxwell\AppData\Local\41589dd1\U\800000cf.@

c:\users\Maxwell\AppData\Local\41589dd1\X

c:\windows\assembly\tmp\U

c:\windows\Downloaded Installations\BMP

c:\windows\Downloaded Installations\BMP\{2EA61BA6-7D7A-41EB-B2F6-2314B510EE91}\1036.MST

c:\windows\Downloaded Installations\BMP\{2EA61BA6-7D7A-41EB-B2F6-2314B510EE91}\BACS.msi

c:\windows\msxml4-KB973685-enu.LOG

c:\windows\SysWow64\tmp9108.tmp

c:\windows\SysWow64\tmp9138.tmp

c:\windows\SysWow64\tmpB48F.tmp

c:\windows\SysWow64\tmpB4BF.tmp

.

((((((((((((((((((((((((((((( Fichiers crÉÉs du 2012-01-02 au 2012-02-02 ))))))))))))))))))))))))))))))))))))

.

2012-02-02 17:12 . 2012-02-02 17:12 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-01-25 12:03 . 2011-09-28 08:20 200704 ----a-w- c:\windows\SysWow64\vbalExpBar6.ocx

2012-01-25 12:03 . 2012-01-25 12:03 -------- d-----w- c:\users\Maxwell\AppData\Roaming\FreeBurner

2012-01-25 12:03 . 2012-01-25 12:03 -------- d-----w- c:\program files (x86)\Free Easy CD DVD Burner

2012-01-25 12:03 . 2011-09-28 08:20 484352 ----a-w- c:\windows\SysWow64\lame_enc.dll

2012-01-25 12:03 . 2011-09-28 08:20 32768 ----a-w- c:\windows\SysWow64\CMDLGFR.DLL

2012-01-25 12:03 . 2011-09-28 08:20 15360 ----a-w- c:\windows\SysWow64\inetfr.DLL

2012-01-25 12:03 . 2011-09-28 08:20 141312 ----a-w- c:\windows\SysWow64\MSCMCFR.DLL

2012-01-25 12:03 . 2011-09-28 08:20 101888 ----a-w- c:\windows\SysWow64\VB6STKIT.DLL

2012-01-23 14:30 . 2012-01-23 14:30 -------- d-----w- c:\users\Maxwell\AppData\Roaming\Thinstall

2012-01-23 14:30 . 2012-01-23 14:30 -------- d-----w- c:\users\Maxwell\AppData\Local\Thinstall

2012-01-23 10:22 . 2012-01-23 10:33 -------- d-----w- c:\programdata\RegCure

2012-01-23 10:14 . 2012-01-23 10:34 -------- d-----w- c:\programdata\PC Tools

2012-01-21 15:12 . 2012-02-02 17:12 -------- d-sh--w- c:\users\Maxwell\AppData\Local\41589dd1

2012-01-18 18:26 . 2012-01-18 18:26 -------- d-----w- c:\programdata\PC Suite

2012-01-18 18:25 . 2012-01-18 18:25 -------- d-----w- c:\users\Maxwell\AppData\Roaming\PC Suite

2012-01-18 18:14 . 2012-01-18 18:14 73728 ----a-r- c:\users\Maxwell\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe

2012-01-18 18:14 . 2012-01-18 18:14 73728 ----a-r- c:\users\Maxwell\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe

2012-01-18 18:14 . 2012-01-18 18:14 53248 ----a-r- c:\users\Maxwell\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\ARPPRODUCTICON.exe

2012-01-18 18:14 . 2012-01-18 18:14 49152 ----a-r- c:\users\Maxwell\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe

2012-01-18 18:14 . 2012-01-18 18:14 49152 ----a-r- c:\users\Maxwell\AppData\Roaming\Microsoft\Installer\{889D48DA-457F-4C8B-9095-6458F2793B12}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe

2012-01-18 18:14 . 2012-01-18 18:14 -------- d-----w- c:\program files (x86)\Common Files\Nokia

2012-01-18 17:53 . 2012-01-18 17:53 -------- d-----w- c:\program files\DIFX

2012-01-18 17:53 . 2008-08-28 11:44 25600 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys

2012-01-18 17:53 . 2012-01-18 17:53 -------- d-----w- c:\program files (x86)\PC Connectivity Solution

2012-01-18 17:51 . 2012-01-18 17:51 -------- d-----w- c:\users\Maxwell\AppData\Local\Nokia

2012-01-18 17:51 . 2012-01-18 18:15 -------- d-----w- c:\program files (x86)\Nokia

2012-01-18 17:50 . 2012-01-18 17:58 -------- d-----w- c:\programdata\Installations

2012-01-18 09:30 . 2003-02-21 03:42 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll

2012-01-18 08:45 . 2012-01-25 12:00 -------- d-----w- c:\users\Maxwell\AppData\Roaming\DVD Flick

2012-01-17 11:56 . 2012-01-17 11:56 -------- d-----w- c:\program files\Common Files\logishrd

2012-01-13 12:44 . 2012-01-13 12:44 -------- d-----w- c:\program files\KeyShot3

2012-01-13 12:38 . 2003-01-26 12:41 40960 ----a-w- c:\windows\SysWow64\ssubtmr6.dll

2012-01-13 12:38 . 2012-01-13 12:38 -------- d-----w- c:\program files (x86)\DVD Flick

2012-01-13 12:38 . 2008-08-31 12:27 28672 ----a-w- c:\windows\SysWow64\mousewheel.ocx

2012-01-13 12:38 . 2007-08-31 17:36 36864 ----a-w- c:\windows\SysWow64\trayicon_handler.ocx

2012-01-13 12:38 . 2004-03-08 23:00 212240 ----a-w- c:\windows\SysWow64\richtx32.ocx

2012-01-13 12:38 . 1998-06-23 23:00 164144 ----a-w- c:\windows\SysWow64\comct232.ocx

2012-01-11 20:30 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll

2012-01-11 20:30 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll

2012-01-11 20:30 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll

2012-01-11 20:30 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll

2012-01-11 20:30 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll

2012-01-11 20:30 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll

2012-01-11 20:30 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll

2012-01-11 20:30 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll

2012-01-10 12:33 . 2012-02-02 08:05 -------- d-----w- c:\users\Maxwell\AppData\Roaming\BitTorrent

2012-01-09 16:49 . 2012-01-09 16:49 -------- d-----w- c:\windows\system32\Macromed

2012-01-08 21:24 . 2012-02-02 16:40 45016 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll

2012-01-08 21:24 . 2012-01-08 21:24 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll

2012-01-08 21:24 . 2012-01-08 21:24 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll

2012-01-08 21:24 . 2012-01-08 21:24 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll

2012-01-06 09:11 . 2012-01-06 09:11 -------- d-----w- c:\programdata\ATI

2012-01-06 09:11 . 2012-01-06 09:11 -------- d-----w- c:\program files (x86)\AMD APP

2012-01-03 19:23 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll

2012-01-03 19:23 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll

2012-01-03 19:23 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll

2012-01-03 19:23 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-01-03 19:23 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll

2012-01-03 19:23 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax

2012-01-03 19:23 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll

2012-01-03 19:23 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax

2012-01-03 19:21 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys

2012-01-03 19:20 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll

2012-01-03 19:20 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll

2012-01-03 19:20 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll

2012-01-03 19:20 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll

2012-01-03 19:20 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll

2012-01-03 19:20 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll

2012-01-03 19:20 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll

2012-01-03 19:20 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2012-01-03 19:05 . 2012-01-03 19:05 -------- d-----w- c:\users\Public\D-Link

2012-01-03 19:05 . 2012-01-03 19:05 -------- d-----w- c:\windows\pcidevice

2012-01-03 19:05 . 2012-01-03 19:05 -------- d-----w- c:\program files (x86)\D-Link

2012-01-03 19:05 . 2009-08-20 10:00 664576 ----a-w- c:\windows\system32\drivers\RTL8192su.sys

2012-01-03 19:04 . 2012-01-03 19:04 -------- d-----w- c:\users\Maxwell\AppData\Roaming\InstallShield

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-01-21 15:13 . 2011-05-24 15:30 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-01-11 08:04 . 2010-10-05 23:29 88288 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2012-01-11 08:04 . 2010-10-05 23:29 123784 ----a-w- c:\windows\system32\drivers\avipbb.sys

2011-12-10 14:24 . 2011-04-18 18:25 23152 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-10 03:45 . 2011-11-10 03:45 10567680 ----a-w- c:\windows\system32\drivers\atikmdag.sys

2011-11-10 03:20 . 2011-11-10 03:20 25218048 ----a-w- c:\windows\system32\atio6axx.dll

2011-11-10 03:17 . 2011-11-10 03:17 159744 ----a-w- c:\windows\system32\atiapfxx.exe

2011-11-10 03:16 . 2011-11-10 03:16 774656 ----a-w- c:\windows\SysWow64\aticfx32.dll

2011-11-10 03:15 . 2011-01-05 03:01 927232 ----a-w- c:\windows\system32\aticfx64.dll

2011-11-10 03:12 . 2011-11-10 03:12 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll

2011-11-10 03:12 . 2011-11-10 03:12 516608 ----a-w- c:\windows\system32\atieclxx.exe

2011-11-10 03:11 . 2011-11-10 03:11 204288 ----a-w- c:\windows\system32\atiesrxx.exe

2011-11-10 03:10 . 2011-11-10 03:10 120320 ----a-w- c:\windows\system32\atitmm64.dll

2011-11-10 03:09 . 2011-11-10 03:09 423424 ----a-w- c:\windows\system32\atipdl64.dll

2011-11-10 03:09 . 2011-11-10 03:09 360448 ----a-w- c:\windows\SysWow64\atipdlxx.dll

2011-11-10 03:09 . 2011-11-10 03:09 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll

2011-11-10 03:09 . 2011-11-10 03:09 21504 ----a-w- c:\windows\system32\atimuixx.dll

2011-11-10 03:09 . 2011-11-10 03:09 59392 ----a-w- c:\windows\system32\atiedu64.dll

2011-11-10 03:09 . 2011-11-10 03:09 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll

2011-11-10 03:06 . 2011-11-10 03:06 6077952 ----a-w- c:\windows\SysWow64\atidxx32.dll

2011-11-10 02:58 . 2011-11-10 02:58 18996224 ----a-w- c:\windows\SysWow64\atioglxx.dll

2011-11-10 02:51 . 2010-09-28 20:14 7405056 ----a-w- c:\windows\system32\atidxx64.dll

2011-11-10 02:40 . 2011-11-10 02:40 1113088 ----a-w- c:\windows\system32\atiumd6v.dll

2011-11-10 02:40 . 2011-11-10 02:40 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll

2011-11-10 02:40 . 2010-09-28 20:14 4061696 ----a-w- c:\windows\system32\atiumd6a.dll

2011-11-10 02:34 . 2011-11-10 02:34 51200 ----a-w- c:\windows\system32\aticalrt64.dll

2011-11-10 02:34 . 2011-11-10 02:34 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll

2011-11-10 02:34 . 2011-11-10 02:34 44544 ----a-w- c:\windows\system32\aticalcl64.dll

2011-11-10 02:34 . 2011-11-10 02:34 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll

2011-11-10 02:34 . 2011-11-10 02:34 13552640 ----a-w- c:\windows\system32\aticaldd64.dll

2011-11-10 02:33 . 2011-11-10 02:33 5852672 ----a-w- c:\windows\SysWow64\atiumdag.dll

2011-11-10 02:29 . 2011-11-10 02:29 11300864 ----a-w- c:\windows\SysWow64\aticaldd.dll

2011-11-10 02:29 . 2011-11-10 02:29 4200960 ----a-w- c:\windows\SysWow64\atiumdva.dll

2011-11-10 02:24 . 2010-09-28 20:14 7439360 ----a-w- c:\windows\system32\atiumd64.dll

2011-11-10 02:18 . 2011-01-05 02:28 58880 ----a-w- c:\windows\system32\coinst.dll

2011-11-10 02:13 . 2011-11-10 02:13 494592 ----a-w- c:\windows\system32\atiadlxx.dll

2011-11-10 02:13 . 2011-11-10 02:13 348160 ----a-w- c:\windows\SysWow64\atiadlxy.dll

2011-11-10 02:13 . 2011-11-10 02:13 17408 ----a-w- c:\windows\system32\atig6pxx.dll

2011-11-10 02:13 . 2011-11-10 02:13 14336 ----a-w- c:\windows\SysWow64\atiglpxx.dll

2011-11-10 02:13 . 2011-11-10 02:13 14336 ----a-w- c:\windows\system32\atiglpxx.dll

2011-11-10 02:13 . 2011-11-10 02:13 39936 ----a-w- c:\windows\system32\atig6txx.dll

2011-11-10 02:12 . 2011-11-10 02:12 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll

2011-11-10 02:12 . 2011-11-10 02:12 325632 ----a-w- c:\windows\system32\drivers\atikmpag.sys

2011-11-10 02:11 . 2011-01-05 02:18 41984 ----a-w- c:\windows\system32\atiuxp64.dll

2011-11-10 02:11 . 2011-11-10 02:11 32256 ----a-w- c:\windows\SysWow64\atiuxpag.dll

2011-11-10 02:11 . 2011-01-05 02:18 39424 ----a-w- c:\windows\system32\atiu9p64.dll

2011-11-10 02:11 . 2011-11-10 02:11 54784 ----a-w- c:\windows\system32\atimpc64.dll

2011-11-10 02:11 . 2011-11-10 02:11 54784 ----a-w- c:\windows\system32\amdpcom64.dll

2011-11-10 02:11 . 2011-11-10 02:11 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll

2011-11-10 02:11 . 2011-11-10 02:11 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll

2011-11-10 02:11 . 2011-11-10 02:11 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll

2011-11-10 02:10 . 2011-11-10 02:10 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll

2011-11-09 21:39 . 2011-11-09 21:39 69632 ----a-w- c:\windows\system32\OpenVideo64.dll

2011-11-09 21:39 . 2011-11-09 21:39 59904 ----a-w- c:\windows\SysWow64\OpenVideo.dll

2011-11-09 21:39 . 2011-11-09 21:39 61952 ----a-w- c:\windows\system32\OVDecode64.dll

2011-11-09 21:39 . 2011-11-09 21:39 54784 ----a-w- c:\windows\SysWow64\OVDecode.dll

2011-11-09 21:39 . 2011-11-09 21:39 17442304 ----a-w- c:\windows\system32\amdocl64.dll

2011-11-09 21:38 . 2011-11-09 21:38 14375936 ----a-w- c:\windows\SysWow64\amdocl.dll

2011-11-09 21:37 . 2011-11-09 21:37 51200 ----a-w- c:\windows\system32\OpenCL.dll

2011-11-09 21:37 . 2011-11-09 21:37 44032 ----a-w- c:\windows\SysWow64\OpenCL.dll

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* les ÉlÉments vides & les ÉlÉments initiaux lÉgitimes ne sont pas listÉs

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5}"= "c:\program files (x86)\Setuprog\tbSetu.dll" [2010-03-25 2355296]

.

[HKEY_CLASSES_ROOT\clsid\{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5}]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5}]

2010-03-25 11:31 2355296 ----a-w- c:\program files (x86)\Setuprog\tbSetu.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5}"= "c:\program files (x86)\Setuprog\tbSetu.dll" [2010-03-25 2355296]

.

[HKEY_CLASSES_ROOT\clsid\{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-05 39408]

"DS3 Tool"="c:\program files\MotioninJoy\ds3\DS3_Tool.exe" [2011-01-01 110352]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-09 343168]

"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" [2009-12-01 963584]

"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-08-17 281768]

"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"SolidWorks_CheckForUpdates"="c:\program files (x86)\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe" [2009-03-19 7308584]

"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-04-26 421160]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

"NSU_agent"="c:\program files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2011-12-13 190768]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"="c:\program files (x86)\AlienRespawn\Components\Scheduler\Launcher.exe" [2010-07-21 165184]

.

c:\users\Maxwell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Wireless Connection Manager.lnk - c:\program files (x86)\D-Link\DWA-131 revA\wirelesscm.exe [2012-1-3 505152]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-05 136176]

R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files (x86)\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2008-09-09 79144]

R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-21 16640]

R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-05 136176]

R3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys [x]

R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [x]

R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [x]

R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\x64\maconfservice.exe [2011-11-14 427640]

R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [x]

R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]

R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]

R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [x]

R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe [2010-05-04 14648]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]

S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-28 136360]

S2 BPowMon;Broadcom Power monitoring service;c:\program files\Broadcom\BPowMon\BPowMon.exe [2009-10-27 117608]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]

S2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit;c:\program files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-04-13 86016]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\AlienRespawn\sftservice.EXE [2010-08-20 689472]

S2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [x]

S2 WlanWpsSvc;WlanWpsSvc;c:\program files (x86)\D-Link\DWA-131 revA\WlanWpsSvc.exe [2008-06-26 167936]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]

S3 AWOPFilterDriver;AWOPFilterDriver;c:\windows\system32\drivers\AWOPFilterDriver.sys [x]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]

S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys [x]

.

Contenu du dossier 'Tâches planifiÉes'

.

2012-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-05 21:43]

.

2012-02-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-05 21:43]

.

--------- x86-64 -----------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-03 10038304]

"AlienFX Controller"="c:\program files\Alienware\Command Center\AlienwareAlienFXController.exe" [2010-05-04 61256]

"Thermal Controller"="c:\program files\Alienware\Command Center\ThermalController.exe" [2010-05-04 167736]

"RunDLLEntry_THXCfg"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]

"RunDLLEntry_EptMon"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Examen supplÉmentaire -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.alienware.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

TCP: DhcpNameServer = 192.168.1.1

DPF: {AB6633A8-60A9-4F5D-B66C-ABE268CC3227} - hxxp://www.solidworks.fr/sw/support/subscription/sldimdownload.cab

FF - ProfilePath - c:\users\Maxwell\AppData\Roaming\Mozilla\Firefox\Profiles\3rznyeaz.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.simkom.com/sketchsite/

FF - prefs.js: network.proxy.type - 0

.

- - - - ORPHELINS SUPPRIMES - - - -

.

Toolbar-Locked - (no file)

WebBrowser-{F4EF4468-9BBB-45A1-A2CE-F0C430A9A7E5} - (no file)

HKLM-Run-(par dÉfaut) - (no file)

AddRemove-V-Ray for 3dsmax 2010 for x86 - c:\program files (x86)\Autodesk\3ds Max\V-Ray\3dsmax 2010 for x86\uninstall\wininstaller.exe-uninstall=c:\program files (x86)\Autodesk\3ds Max\V-Ray\3dsmax 2010 for x86\uninstall\install.log

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Autres processus actifs ------------------------

.

c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Bonjour\mDNSResponder.exe

c:\program files (x86)\DCPFLICS\DCPFLICS.exe

c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

c:\program files (x86)\AlienRespawn\Components\Scheduler\STService.exe

.

**************************************************************************

.

Heure de fin: 2012-02-02 18:18:48 - La machine a redÉmarrÉ

ComboFix-quarantined-files.txt 2012-02-02 17:18

.

Avant-CF: 192 177 168 384 octets libres

Après-CF: 196 139 208 704 octets libres

.

- - End Of File - - 5614CE71B8661BCCFBBC8E9B58A320E3

Other than the firewall thing no problem exept general slowing every now and then kind as if the computer were freezing for 5 sec ( not the mouse or else, just the progs ), then everything ok again.Keeps me worried as it made me think of some keylogging bot sending files every now and then, using my pc for bank accounts managing or web buying it gets me pretty worried, that's why the firewall thing got me reminding of the others attacks I've experienced, leaving me with defenses programs locked to.

Thanks in advance and for all the help you already gave me.

Max

Larusso · February 2, 2012

Hy there,

there can be several reasons for a slow Computer. Some of my colleagues noticed that this can happen with your FW issue, so lets fix it now.

No worries about Avira, if you can not disable it, leave it alone.

Please download RestoreBFE.exe from: http://download.bleepingcomputer.com/sUBs/MiniFixes/RestoreBFE.exe

Double click on the downloaded file. It should only take a few seconds to run.

When complete, it will say .. "Done! Please check if BFE service is running now"

You should now be able to enable your FW.

Open notepad and copy/paste the text in the Code-box below into it:


Folder::
c:\users\Maxwell\AppData\Local\41589dd1
ClearJavaCache::

Save this as CFScript.txt, in the same location as ComboFix.exe.
Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Refering to the picture above, drag CFScript into ComboFix.exe.
When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
I notice you have Malwarebytes' Anti-Malware installed on your machine. Please launch the program and select the update tab, then click on the check for updates button.

If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform Quick scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. Save it to your desktop.

Note: Malwarebytes' Anti-Malware may require a reboot to complete removals. After a reboot, if required, post that saved log in your next reply.

Please post in your next reply

Combofix.txt

MBAM Log

Let me know how your system behaves now

max0211 · February 3, 2012

Hey.

Thanks for all this, I do hope that fixing my FW will fix my slowing problems ( made me think that if you could also suggest me some free FW better than the windows one .. )

Experiencing a little problem with Restore BFE, when i try to start in ( from downloads, from desktop, launched as admin or not, same result for each try .. ) it tells me " error! this tool does not apply to you.".

I've done the .txt but I haven't done the draggin into Combofix now as I don't really know if the RestoreBFE step has to be done before or not, not knowing I prefer to wait ..

I'm running the MBAM quick scan right now, will post results as soon as it finishes.

Let me know what to do with the Restore BFE problem, and if I should or not do the Combofix file dragging thing.

Mbam just ended his scan after being updated, found nothing.

See for yourself:

Malwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org

Version de la base de données: v2012.02.03.04

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 8.0.7601.17514

Maxwell :: MAXWELL-PC [administrateur]

03/02/2012 10:24:36

mbam-log-2012-02-03 (10-24-36).txt

Type d'examen: Examen rapide

Options d'examen désactivées: P2P

Elément(s) analysé(s): 195786

Temps écoulé: 2 minute(s), 22 seconde(s)

Processus mémoire détecté(s): 0