Jump to content

Recommended Posts

Hi,

I have a rootkit that I cannot seem to shift, I would appreciate any help with this as I am a freelancer and I need my PC for my income!

I had an infection 3 weeks ago which pretended to be a virus scan tool. I stopped the scan, rebooted and found my start menu, control panel, task manager and several other parts of my OS (Windows 7) were hidden or unavailable. After seraching on the internet I found several solutions (combofix, rkill, tdsskiller - which wouldn't run, unhide, trojankiller and malwarebytes) all of which I applied in a scattergun approach at solving the problem. Despite having run ccleaner causing a massive amount of problems getting the OS problems fixed I have pretty much fixed most of them now. However I now have Avast popping up telling me of attempts to open a site (which changes every time) but does not seem to find the source. In the last two days I have started getting the following message: "MBR:\\.\PHYSICALDRIVE0\Partition3 - Rootkit: hidden". After which I get the opportunity to delete the rootkit and run a boot scan. I have done this 5 times now and don't hold out much hope of Avast actually dealing with it.

I have run the dds.scr and included the logs below.

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30

Run by Rich at 11:54:47 on 2012-02-13

Microsoft Windows 7 Professional 6.1.7601.1.1252.44.1033.18.12279.9791 [GMT 0:00]

.

AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\EASEUS\Todo Backup\bin\Agent.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe

C:\Windows\System32\alg.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\rundll32.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Belkin Storage Manager\StorageManager.exe

C:\Program Files (x86)\EASEUS\Todo Backup\bin\EuWatch.exe

C:\Program Files (x86)\EASEUS\Todo Backup\bin\TrayNotify.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\SysWOW64\ctfmon.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\REGSVR32.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.co.uk/

uInternet Settings,ProxyOverride = *.local

BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

uRun: [QuickGammaLoader] C:\Program Files (x86)\QuickGamma\QuickGammaLoader.exe

uRun: [Google Update] "C:\Users\Rich\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

mRun: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [belkin Storage Manager] "C:\Program Files (x86)\Belkin Storage Manager\StorageManager.exe"

mRun: [F5D8055v2] C:\Program Files (x86)\Belkin\F5D8055\v2\BelkinDetectUI.exe

mRun: [EaseUs Watch] "C:\Program Files (x86)\EASEUS\Todo Backup\bin\EuWatch.exe"

mRun: [EaseUs Tray] "C:\Program Files (x86)\EASEUS\Todo Backup\bin\TrayNotify.exe"

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: Append to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert link target to existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {A5A76EA0-7B92-4707-9DBF-6F6FE56A6800} - hxxp://nmreports.linksys.com/nmscan/download/WebDiag.4.5.8056.1-ship-WD.V1.cab

DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

TCP: DhcpNameServer = 192.168.2.1

TCP: Interfaces\{550E9734-C6EE-430A-A584-68C148C4CCF5} : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{550E9734-C6EE-430A-A584-68C148C4CCF5}\142425E65647 : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{550E9734-C6EE-430A-A584-68C148C4CCF5}\2445F40756E6A7F6E656 : DhcpNameServer = 192.168.22.22 192.168.22.23

TCP: Interfaces\{BD6F35B8-FDAA-4470-B788-E62E1076A7C6} : DhcpNameServer = 192.168.2.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO-X64: SmartSelect - No File

TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

mRun-x64: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun-x64: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

mRun-x64: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [belkin Storage Manager] "C:\Program Files (x86)\Belkin Storage Manager\StorageManager.exe"

mRun-x64: [F5D8055v2] C:\Program Files (x86)\Belkin\F5D8055\v2\BelkinDetectUI.exe

mRun-x64: [EaseUs Watch] "C:\Program Files (x86)\EASEUS\Todo Backup\bin\EuWatch.exe"

mRun-x64: [EaseUs Tray] "C:\Program Files (x86)\EASEUS\Todo Backup\bin\TrayNotify.exe"

mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun-x64: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Rich\AppData\Roaming\Mozilla\Firefox\Profiles\p9tb9tqy.default\

FF - prefs.js: browser.startup.homepage - hxxp://uk.my.yahoo.com/

FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll

FF - plugin: C:\Program Files (x86)\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

FF - plugin: C:\Users\Rich\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll

FF - plugin: C:\Users\Rich\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll

FF - plugin: C:\Users\Rich\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 EUBAKUP;EUBAKUP;C:\Windows\system32\drivers\eubakup.sys --> C:\Windows\system32\drivers\eubakup.sys [?]

R0 EUBKMON;EUBKMON;C:\Windows\system32\drivers\EUBKMON.sys --> C:\Windows\system32\drivers\EUBKMON.sys [?]

R0 EUFS;EUFS;C:\Windows\system32\drivers\eufs.sys --> C:\Windows\system32\drivers\eufs.sys [?]

R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]

R1 EUDSKACS;EUDSKACS;\??\C:\Windows\system32\drivers\eudskacs.sys --> C:\Windows\system32\drivers\eudskacs.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]

R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-12-14 44768]

R2 EASEUS Agent;EASEUS Agent;C:\Program Files (x86)\EASEUS\Todo Backup\bin\Agent.exe [2011-5-10 56200]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-11-3 2152152]

R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-26 2253120]

R2 sbapifs;sbapifs;C:\Windows\system32\DRIVERS\sbapifs.sys --> C:\Windows\system32\DRIVERS\sbapifs.sys [?]

R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-4-12 1153368]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-14 381248]

R3 EUDISK;EASEUS Disk Enumerator;\??\C:\Windows\system32\drivers\eudisk.sys --> C:\Windows\system32\drivers\eudisk.sys [?]

R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-9-12 17152]

R3 lvpepf64;Volume Adapter;C:\Windows\system32\DRIVERS\lv302a64.sys --> C:\Windows\system32\DRIVERS\lv302a64.sys [?]

R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\system32\drivers\LVUSBS64.sys --> C:\Windows\system32\drivers\LVUSBS64.sys [?]

R3 netr28ux;Belkin N+ Wireless USB Adapter Driver for Vista;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?]

R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]

R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 Adobe Version Cue CS4;Adobe Version Cue CS4;C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-8-15 284016]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-4-8 1038088]

S3 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit;C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-3-12 86016]

S3 pbfilter;pbfilter;C:\Program Files\PeerBlock\pbfilter.sys [2010-4-12 19544]

S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]

S3 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2010-5-7 92008]

S3 TrojanKillerDriver;GridinSoft Trojan Killer Driver;C:\Windows\system32\DRIVERS\gtkdrv.sys --> C:\Windows\system32\DRIVERS\gtkdrv.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2012-02-11 11:29:19 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{69C00579-C9A3-47AE-98A1-E1076B07D616}\offreg.dll

2012-02-10 06:35:36 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{69C00579-C9A3-47AE-98A1-E1076B07D616}\mpengine.dll

2012-02-06 20:38:21 -------- d-----w- C:\Windows\pss

2012-02-02 14:55:54 72280 ----a-w- C:\Windows\System32\drivers\sbapifs.sys

2012-02-02 14:48:51 -------- dc----w- C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}

2012-02-01 21:36:55 -------- d-s---w- C:\ComboFix

2012-01-30 22:37:02 -------- d-----w- C:\Program Files (x86)\ASUS

2012-01-30 14:45:33 16432 ----a-w- C:\Windows\System32\lsdelete.exe

2012-01-28 00:08:23 -------- d-sh--w- C:\$RECYCLE.BIN

2012-01-26 19:23:41 -------- d-----w- C:\ProgramData\AVAST Software

2012-01-26 13:50:44 -------- d-----w- C:\Program Files (x86)\GridinSoft Trojan Killer

2012-01-26 09:21:53 -------- d-----w- C:\Users\Rich\AppData\Local\{991E8FE2-56ED-4E67-BD70-04AC47ABAD78}

2012-01-26 09:21:42 -------- d-----w- C:\Users\Rich\AppData\Local\{AF6DC7E7-BFAD-4703-B061-9BB5D9CC7215}

2012-01-25 19:17:20 -------- d-----w- C:\Program Files\iTunes

2012-01-25 19:17:20 -------- d-----w- C:\Program Files\iPod

2012-01-25 09:34:32 -------- d-----w- C:\Users\Rich\AppData\Local\{67212609-8506-4AF7-8802-2F511CDEA5AE}

2012-01-25 09:34:18 -------- d-----w- C:\Users\Rich\AppData\Local\{52D192C3-4CDF-4DCE-AC9C-EF4A555802E5}

2012-01-24 09:55:29 -------- d-----w- C:\Users\Rich\AppData\Local\{1716E455-C247-4C9A-B22F-F1079DA8E4E2}

2012-01-24 09:55:19 -------- d-----w- C:\Users\Rich\AppData\Local\{77D8AA01-3984-40D4-B0E7-E3E8861D646D}

2012-01-23 10:53:32 -------- d-----w- C:\Users\Rich\AppData\Local\{C381E610-2E31-4541-A5FD-9B3289D0C779}

2012-01-23 10:53:21 -------- d-----w- C:\Users\Rich\AppData\Local\{BA74EEAB-6953-4270-A533-97D9433C867B}

2012-01-20 09:46:35 -------- d-----w- C:\Users\Rich\AppData\Local\{2A66C0EC-0B33-43D8-B170-5BF635D46C02}

2012-01-20 09:46:24 -------- d-----w- C:\Users\Rich\AppData\Local\{0B30266B-69FF-4342-BAC5-D9537197F4B5}

2012-01-19 21:46:01 -------- d-----w- C:\Users\Rich\AppData\Local\{67AE1DA6-02A8-4D9E-966D-A19880DE02AD}

2012-01-19 09:45:32 -------- d-----w- C:\Users\Rich\AppData\Local\{B51F588C-DF69-4786-A7D0-BAB6E67A221F}

2012-01-19 09:45:17 -------- d-----w- C:\Users\Rich\AppData\Local\{4396223F-2D61-4572-958C-4234139B0C31}

2012-01-18 21:42:38 -------- d-----w- C:\Users\Rich\AppData\Local\{9B234DE1-266E-4705-B348-3DA8F9883BE3}

2012-01-18 09:42:15 -------- d-----w- C:\Users\Rich\AppData\Local\{CEB3564C-7CCC-427B-8C47-41A7C4F67D15}

2012-01-18 09:42:04 -------- d-----w- C:\Users\Rich\AppData\Local\{F65B6834-48A7-4827-88B5-D9D0D8CEFE7D}

2012-01-17 09:52:40 -------- d-----w- C:\Users\Rich\AppData\Local\{A2DFE8A9-2E55-4126-99BD-B9890DB58741}

2012-01-17 09:52:29 -------- d-----w- C:\Users\Rich\AppData\Local\{78AE7B8D-C8D2-433D-AE0E-9ED6ADEFC32C}

2012-01-16 09:33:39 -------- d-----w- C:\Users\Rich\AppData\Local\{7CB22BED-4F52-4915-A52A-7FDE5C5F4486}

2012-01-16 09:33:26 -------- d-----w- C:\Users\Rich\AppData\Local\{1AE7BA1E-B064-4A2B-80EB-3D0E019EC6E3}

2012-01-15 18:22:24 -------- d-----w- C:\Users\Rich\AppData\Local\{ECADAC6D-15C2-474E-ACF0-5981E48ED097}

2012-01-15 18:22:13 -------- d-----w- C:\Users\Rich\AppData\Local\{8F520AC6-47D3-4B78-831A-F01643826C0B}

.

==================== Find3M ====================

.

2012-02-11 12:24:19 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-01-27 00:52:58 279656 ------w- C:\Windows\System32\MpSigStub.exe

2012-01-04 14:28:36 16640 ----a-w- C:\Windows\System32\drivers\gtkdrv.sys

2011-12-10 15:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-11-28 18:01:25 41184 ----a-w- C:\Windows\avastSS.scr

2011-11-28 17:54:06 591192 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2011-11-28 17:52:11 66904 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys

2011-11-19 14:58:00 77312 ----a-w- C:\Windows\System32\packager.dll

2011-11-19 14:01:00 67072 ----a-w- C:\Windows\SysWow64\packager.dll

2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys

2011-11-17 06:41:18 1731920 ----a-w- C:\Windows\System32\ntdll.dll

2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll

2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll

2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll

2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll

2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll

2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll

2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe

2011-11-17 05:38:39 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll

2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll

2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll

2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2006-05-03 11:06:54 163328 --sha-r- C:\Windows\SysWOW64\flvDX.dll

2007-02-21 12:47:16 31232 --sha-r- C:\Windows\SysWOW64\msfDX.dll

2008-03-16 14:30:52 216064 --sha-r- C:\Windows\SysWOW64\nbDX.dll

2010-01-06 23:00:00 107520 --sha-r- C:\Windows\SysWOW64\TAKDSDecoder.dll

.

============= FINISH: 12:03:18.69 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 07/04/2010 23:20:49

System Uptime: 13/02/2012 10:01:00 (2 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | P6T SE

Processor: Intel® Core i7 CPU 930 @ 2.80GHz | LGA1366 | 1596/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 466 GiB total, 280.949 GiB free.

D: is FIXED (NTFS) - 932 GiB total, 137.055 GiB free.

E: is CDROM (CDFS)

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Atheros AR922X Wireless Network Adapter

Device ID: PCI\VEN_168C&DEV_0029&SUBSYS_2091168C&REV_01\4&1B359D48&0&00F0

Manufacturer: Atheros Communications Inc.

Name: Atheros AR922X Wireless Network Adapter

PNP Device ID: PCI\VEN_168C&DEV_0029&SUBSYS_2091168C&REV_01\4&1B359D48&0&00F0

Service: athr

.

==== System Restore Points ===================

.

RP421: 06/02/2012 21:03:45 - Restore Operation

RP422: 07/02/2012 16:31:46 - Windows Update

RP423: 08/02/2012 19:01:18 - Auslogics Regisry Defrag - before defragmentation

RP424: 10/02/2012 22:45:09 - Windows Backup

RP425: 11/02/2012 12:27:54 - Windows Backup

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

3D-Viewer-innoPlus

Acrobat.com

Ad-Aware

Adobe Acrobat 9 Pro - English, Français, Deutsch

Adobe After Effects CS4

Adobe After Effects CS4 Presets

Adobe After Effects CS4 Third Party Content

Adobe AIR

Adobe Anchor Service CS4

Adobe Asset Services CS4

Adobe Bridge CS4

Adobe CMaps CS4

Adobe Color - Photoshop Specific CS4

Adobe Color EU Recommended Settings CS4

Adobe Color JA Extra Settings CS4

Adobe Color NA Extra Settings CS4

Adobe Color Video Profiles AE CS4

Adobe Color Video Profiles CS CS4

Adobe Contribute CS4

Adobe Creative Suite 4 Master Collection

Adobe CS4 American English Speech Analysis Models

Adobe CSI CS4

Adobe Default Language CS4

Adobe Device Central CS4

Adobe Dreamweaver CS4

Adobe Drive CS4

Adobe Dynamiclink Support

Adobe Encore CS4

Adobe Encore CS4 Codecs

Adobe ExtendScript Toolkit CS4

Adobe Extension Manager CS4

Adobe Fireworks CS4

Adobe Flash CS4

Adobe Flash CS4 Extension - Flash Lite STI en

Adobe Flash CS4 STI-en

Adobe Flash Player 10 ActiveX

Adobe Fonts All

Adobe Illustrator CS4

Adobe InDesign CS4

Adobe InDesign CS4 Application Feature Set Files (Roman)

Adobe InDesign CS4 Common Base Files

Adobe InDesign CS4 Icon Handler

Adobe Linguistics CS4

Adobe Media Encoder CS4

Adobe Media Encoder CS4 Additional Exporter

Adobe Media Encoder CS4 Dolby

Adobe Media Encoder CS4 Exporter

Adobe Media Encoder CS4 Importer

Adobe Media Player

Adobe MotionPicture Color Files CS4

Adobe OnLocation CS4

Adobe Output Module

Adobe PDF Library Files CS4

Adobe Photoshop CS4

Adobe Photoshop CS4 Support

Adobe Premiere Pro CS4

Adobe Premiere Pro CS4 Functional Content

Adobe Premiere Pro CS4 Third Party Content

Adobe Search for Help

Adobe Service Manager Extension

Adobe Setup

Adobe SGM CS4

Adobe SING CS4

Adobe Soundbooth CS4

Adobe Soundbooth CS4 Codecs

Adobe Type Support CS4

Adobe Update Manager CS4

Adobe Version Cue CS4 Server

Adobe WinSoft Linguistics Plugin

Adobe XMP Panels CS4

AdobeColorCommonSetCMYK

AdobeColorCommonSetRGB

Apple Application Support

Apple Software Update

Auslogics BoostSpeed

Auslogics Disk Defrag

Auslogics Registry Cleaner

Auslogics Registry Defrag

Autodesk 3ds Max 2010 32-bit

Autodesk Backburner 2008.1

Autodesk FBX Plugin 2009.4 - 3ds Max 2010

avast! Free Antivirus

Belkin N+ Wireless USB Adapter

Belkin Storage Manager

Boris Continuum Complete 7 Adobe CS3 CS4

Call of Duty: Modern Warfare 2

Call of Duty: Modern Warfare 2 - Multiplayer

CameraTracker 1.0v2 (32 bit) for AE

Canon Easy-PhotoPrint EX

Canon My Printer

Connect

D3DX10

DfontSplitter 0.2

Digitalizer 1.25

DirectVobSub (remove only)

Dual-Core Optimizer

Duke Nukem Forever Demo

EASEUS Todo Backup Home 2.5

erLT

FileZilla Client 3.5.3

Gaia Site Creator

Glary Utilities 2.42.0.1389

Google Chrome

Half-Life 2: Episode One

Half-Life 2: Episode Two

Half-Life 2: Lost Coast

HijackThis 2.0.2

ImgBurn

Java Auto Updater

Java 6 Update 30

K-Lite Codec Pack 5.8.3 (Full)

Klok 2

Knoll Light Factory Pro 2.5

kuler

Magic Bullet Looks

Malwarebytes Anti-Malware version 1.60.1.1000

Mass Effect

Microsoft Expression Web 3 SuperPreview for Internet Explorer

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Mozilla Firefox 10.0 (x86 en-GB)

MSVCRT

NEC Electronics USB 3.0 Host Controller Driver

NVIDIA PhysX

NVIDIA Stereoscopic 3D Driver

Opera 11.10

PDF Settings CS4

Photoshop Camera Raw

Pixel Bender Toolkit

PNGGauntlet

Portal

QuickGamma 3.0.0.1

QuickTime

Realtek High Definition Audio Driver

Safari

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

SEGA Mega Drive Classics

Skype Click to Call

Skype™ 5.6

Sonic SEGA AllStars Racing

Sony Ericsson W302©/S302© x64 driver v3.5.3.0

Spotify

Spybot - Search & Destroy

SpywareBlaster 4.5

Steam

Suite Shared Configuration CS4

SUPER © v2011.build.49 (July 1st, 2011) version v2011.build.49

SWFObject 2 generator v1.2 AIR

System Requirements Lab

Team Fortress 2

TomTom HOME 2.7.4.1962

TomTom HOME Visual Studio Merge Modules

Trapcode Particular v2

Trapcode Shine

Trapcode SoundKeys

Trapcode Starglow

Trojan Killer

TweetDeck

Unity Web Player

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

VLC media player 1.1.11

VoiceOver Kit

WampServer 2.0

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Messenger

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Media Player Firefox Plugin

WinFlash

Xvid 1.2.2 final uninstall

Yahoo! BrowserPlus 2.9.8

.

==== Event Viewer Messages From Past Week ========

.

13/02/2012 11:37:35, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack.

13/02/2012 11:37:35, Error: Microsoft-Windows-SharedAccess_NAT [30013] - The DHCP allocator has disabled itself on IP address 192.168.2.3, since the IP address is outside the 192.168.137.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.

13/02/2012 11:37:22, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSnx

11/02/2012 19:48:49, Error: Service Control Manager [7034] - The EASEUS Agent service terminated unexpectedly. It has done this 1 time(s).

11/02/2012 19:45:42, Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

11/02/2012 18:26:22, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR4.

11/02/2012 18:26:06, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

11/02/2012 18:05:59, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.

11/02/2012 11:28:34, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR3.

10/02/2012 22:44:28, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.

07/02/2012 16:27:02, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SBSD Security Center Service service to connect.

07/02/2012 16:27:02, Error: Service Control Manager [7000] - The SBSD Security Center Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

07/02/2012 16:26:19, Error: Service Control Manager [7022] - The avast! Antivirus service hung on starting.

07/02/2012 00:06:54, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

07/02/2012 00:06:47, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

07/02/2012 00:05:55, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

07/02/2012 00:05:55, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

07/02/2012 00:05:55, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

07/02/2012 00:05:54, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

07/02/2012 00:05:54, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

07/02/2012 00:05:48, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

07/02/2012 00:05:39, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP aswTdi CSC DfsC discache EUDSKACS NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf ws2ifsl

07/02/2012 00:05:39, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

07/02/2012 00:05:39, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

07/02/2012 00:05:39, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

07/02/2012 00:05:39, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

07/02/2012 00:05:39, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

07/02/2012 00:05:39, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.

07/02/2012 00:05:39, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

07/02/2012 00:05:39, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

07/02/2012 00:05:39, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

07/02/2012 00:05:39, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

07/02/2012 00:05:39, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

06/02/2012 23:59:47, Error: Service Control Manager [7034] - The Windows Connect Now - Config Registrar service terminated unexpectedly. It has done this 3 time(s).

06/02/2012 23:59:47, Error: Service Control Manager [7034] - The UPnP Device Host service terminated unexpectedly. It has done this 3 time(s).

06/02/2012 23:59:47, Error: Service Control Manager [7034] - The SSDP Discovery service terminated unexpectedly. It has done this 3 time(s).

06/02/2012 23:59:47, Error: Service Control Manager [7034] - The Function Discovery Resource Publication service terminated unexpectedly. It has done this 3 time(s).

06/02/2012 23:59:47, Error: Service Control Manager [7031] - The Windows Font Cache Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

06/02/2012 23:59:45, Error: Service Control Manager [7034] - The Secure Socket Tunneling Protocol Service service terminated unexpectedly. It has done this 3 time(s).

06/02/2012 23:59:45, Error: Service Control Manager [7034] - The Network Store Interface Service service terminated unexpectedly. It has done this 3 time(s).

06/02/2012 23:59:45, Error: Service Control Manager [7034] - The Network List Service service terminated unexpectedly. It has done this 3 time(s).

06/02/2012 23:59:45, Error: Service Control Manager [7034] - The Function Discovery Provider Host service terminated unexpectedly. It has done this 1 time(s).

06/02/2012 23:59:45, Error: Service Control Manager [7034] - The Diagnostic Service Host service terminated unexpectedly. It has done this 3 time(s).

06/02/2012 23:59:45, Error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 3 time(s).

06/02/2012 23:56:57, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the DNS Client service, but this action failed with the following error: An instance of the service is already running.

06/02/2012 23:55:09, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Network Store Interface Service service, but this action failed with the following error: An instance of the service is already running.

06/02/2012 23:52:02, Error: Service Control Manager [7034] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 7 time(s).

06/02/2012 23:52:01, Error: Service Control Manager [7034] - The Network Location Awareness service terminated unexpectedly. It has done this 3 time(s).

06/02/2012 23:52:00, Error: Service Control Manager [7034] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 6 time(s).

06/02/2012 23:51:57, Error: Service Control Manager [7031] - The Network Location Awareness service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

06/02/2012 23:51:57, Error: Service Control Manager [7031] - The DNS Client service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.

06/02/2012 23:51:54, Error: Service Control Manager [7031] - The Workstation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

06/02/2012 23:51:54, Error: Service Control Manager [7031] - The Telephony service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

06/02/2012 23:51:54, Error: Service Control Manager [7031] - The Network Location Awareness service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

06/02/2012 23:51:54, Error: Service Control Manager [7031] - The DNS Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

06/02/2012 23:51:54, Error: Service Control Manager [7031] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

06/02/2012 23:50:11, Error: Service Control Manager [7034] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 5 time(s).

06/02/2012 23:50:11, Error: Service Control Manager [7031] - The Windows Connect Now - Config Registrar service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

06/02/2012 23:50:11, Error: Service Control Manager [7031] - The UPnP Device Host service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

06/02/2012 23:50:11, Error: Service Control Manager [7031] - The SSDP Discovery service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

06/02/2012 23:50:11, Error: Service Control Manager [7031] - The Function Discovery Resource Publication service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.

06/02/2012 23:50:09, Error: Service Control Manager [7034] - The Diagnostic Service Host service terminated unexpectedly. It has done this 2 time(s).

06/02/2012 23:50:09, Error: Service Control Manager [7031] - The Secure Socket Tunneling Protocol Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.

06/02/2012 23:50:09, Error: Service Control Manager [7031] - The Network Store Interface Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.

06/02/2012 23:50:09, Error: Service Control Manager [7031] - The Network List Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

06/02/2012 23:50:09, Error: Service Control Manager [7031] - The COM+ Event System service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

06/02/2012 23:48:27, Error: Service Control Manager [7034] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 4 time(s).

06/02/2012 23:41:00, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the SSDP Discovery service, but this action failed with the following error: An instance of the service is already running.

06/02/2012 23:40:59, Error: Service Control Manager [7034] - The Diagnostic Service Host service terminated unexpectedly. It has done this 1 time(s).

06/02/2012 23:40:59, Error: Service Control Manager [7031] - The Windows Connect Now - Config Registrar service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

06/02/2012 23:40:59, Error: Service Control Manager [7031] - The UPnP Device Host service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

06/02/2012 23:40:59, Error: Service Control Manager [7031] - The SSDP Discovery service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

06/02/2012 23:40:59, Error: Service Control Manager [7031] - The Secure Socket Tunneling Protocol Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

06/02/2012 23:40:59, Error: Service Control Manager [7031] - The Network Store Interface Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

06/02/2012 23:40:59, Error: Service Control Manager [7031] - The Network List Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

06/02/2012 23:40:59, Error: Service Control Manager [7031] - The Function Discovery Resource Publication service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

06/02/2012 23:40:59, Error: Service Control Manager [7031] - The COM+ Event System service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

06/02/2012 23:38:59, Error: Service Control Manager [7034] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 3 time(s).

06/02/2012 23:38:27, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

06/02/2012 23:37:55, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

.

==== End Of File ===========================

Thank you again for any help,

Rich.

Link to post
Share on other sites

Thanks MrCharlie.

Reports are below. I should also mention I ran a Kaspersky Virus scan tool since my previous post which did detect and disinfect a virus.

RK:

RogueKiller V7.0.4 [02/08/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User: Rich [Admin rights]

Mode: Scan -- Date : 02/13/2012 15:04:17

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 11 ¤¤¤

[sUSP PATH] _uninst_16302574.lnk : C:\Users\Rich\AppData\Local\Temp\_uninst_16302574.bat -> FOUND

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

127.0.0.1 www.0scan.com

127.0.0.1 0scan.com

127.0.0.1 www.1000gratisproben.com

127.0.0.1 1000gratisproben.com

127.0.0.1 1001namen.com

127.0.0.1 www.1001namen.com

127.0.0.1 100888290cs.com

127.0.0.1 www.100888290cs.com

127.0.0.1 www.100sexlinks.com

[...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD5000AAKS-65V0A0 ATA Device +++++

--- User ---

[MBR] ee7b66efa3cfd88f0e42cacc6a4b32b4

[bSP] bbe27b3efbbd73e9736933cb046c8a1e : Windows 7 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo

User = LL1 ... OK!

User = LL2 ... OK!

+++++ PhysicalDrive1: SAMSUNG HD103SJ ATA Device +++++

--- User ---

[MBR] b2d9b6960bbd3f2409109bed0377e5ac

[bSP] 4f575360fa67d0eaf5a7df899704fa13 : Windows 7 MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

LP:

ListParts by Farbar

Ran by Rich on 13-02-2012 at 15:06:16

Windows 7 (X64)

Running From: C:\Users\Rich\Downloads

Language: 0409

************************************************************

========================= Memory info ======================

Percentage of memory in use: 26%

Total physical RAM: 12279.12 MB

Available physical RAM: 9044.12 MB

Total Pagefile: 24556.43 MB

Available Pagefile: 21526.16 MB

Total Virtual: 4095.88 MB

Available Virtual: 3975.64 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:465.66 GB) (Free:281.46 GB) NTFS

2 Drive d: () (Fixed) (Total:931.51 GB) (Free:137.06 GB) NTFS

3 Drive e: (PHOTO STORY VCD) (CDROM) (Total:0.32 GB) (Free:0 GB) CDFS

4 Drive h: (Iomega_Ext_Drive) (Fixed) (Total:1862.33 GB) (Free:1264.44 GB) NTFS

****** End Of Log ******

Link to post
Share on other sites

Kaspersky Virus scan tool

You mean TDSSKiller??

I'm not seeing any hidden partition.

------------------------

Please do this:

Download aswMBR to your desktop.

http://public.avast....erek/aswMBR.exe

Double click the aswMBR.exe to run it.

If you see this question: Would you like to download latest Avast! virus definitions?" say "NO".

Click the "Scan" button to start scan.

On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

----------------------------------------------------------------------

Next.....

Download MbrScan to your desktop

http://eric71.geekst...ols/MbrScan.exe

Run MbrScan

Press the scan button

Once it has completed then press the report button

Copy and paste the generated report to your next post please

MrC

Link to post
Share on other sites

The Kaspersky virus scan was: http://www.kaspersky.com/virusscanner

aswMBR:

aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software

Run date: 2012-02-13 15:31:57

-----------------------------

15:31:57.575 OS Version: Windows x64 6.1.7601 Service Pack 1

15:31:57.575 Number of processors: 8 586 0x1A05

15:31:57.576 ComputerName: WORK-PC UserName: Rich

15:31:59.520 Initialize success

15:32:00.313 AVAST engine defs: 12021300

15:32:19.503 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3

15:32:19.506 Disk 0 Vendor: WDC_WD5000AAKS-65V0A0 05.01D05 Size: 476940MB BusType: 3

15:32:19.509 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP4T0L0-5

15:32:19.511 Disk 1 Vendor: SAMSUNG_HD103SJ 1AJ100E4 Size: 953869MB BusType: 3

15:32:19.532 Disk 0 MBR read successfully

15:32:19.534 Disk 0 MBR scan

15:32:19.538 Disk 0 Windows 7 default MBR code

15:32:19.542 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048

15:32:19.551 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848

15:32:19.555 Service scanning

15:32:25.636 Modules scanning

15:32:25.640 Disk 0 trace - called modules:

15:32:25.698 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys

15:32:25.704 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800adae790]

15:32:25.709 3 CLASSPNP.SYS[fffff8800197a43f] -> nt!IofCallDriver -> [0xfffffa800ab60520]

15:32:25.714 5 ACPI.sys[fffff88000f3c7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-3[0xfffffa800ab62060]

15:32:26.456 AVAST engine scan C:\Windows

15:32:28.469 AVAST engine scan C:\Windows\system32

15:35:23.311 AVAST engine scan C:\Windows\system32\drivers

15:35:37.939 AVAST engine scan C:\Users\Rich

16:05:14.348 AVAST engine scan C:\ProgramData

16:06:57.054 Scan finished successfully

16:08:52.714 Disk 0 MBR has been saved successfully to "C:\Users\Rich\Desktop\MBR.dat"

16:08:52.718 The log file has been saved successfully to "C:\Users\Rich\Desktop\aswMBR.txt"

MbrScan:


MBRScan v1.1.1

OS : Windows 7 Service Pack 1 (64 bit)
PROCESSOR : Intel64 Family 6 Model 26 Stepping 5, GenuineIntel
BOOT : Normal Boot
DATE : 2012/02/13 (ISO 8601) at 16:22:37
________________________________________________________________________________

DISK : Device\Harddisk0\DR0 __WDC WD5000AAKS-65V0A0 (05.01D05)
BUS_TYPE : (0x03) P-ATA
USE_PIO : NO
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

DISK : Device\Harddisk1\DR1 __SAMSUNG HD103SJ (1AJ100E4)
BUS_TYPE : (0x03) P-ATA
USE_PIO : NO
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

DISK : Device\Harddisk2\DR2 __OEM Ext Hard Disk
BUS_TYPE : (0x07) USB
USE_PIO : NO
MAX_TRANSFER : 64 Kb
ALIGNMENT_MASK : byte aligned
________________________________________________________________________________

Device\Harddisk0\DR0 465.8 Go [Fixed] ==> 7 MBR Code

MBR_MD5 : EE7B66EFA3CFD88F0E42CACC6A4B32B4
MBR_SHA1 : A477E7B17A54B617E3B8BD1D18A3347C28810376

Device\Harddisk0\Partition1 100.0 Mo 0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2 465.7 Go 0x07 NTFS / HPFS
________________________________________________________________________________

Device\Harddisk1\DR1 931.5 Go [Fixed] ==> 7 MBR Code

MBR_MD5 : B2D9B6960BBD3F2409109BED0377E5AC
MBR_SHA1 : A416B4A74D46688BF650FDA2A756217300C75BB6

Device\Harddisk1\Partition1 931.5 Go 0x07 NTFS / HPFS
________________________________________________________________________________

Device\Harddisk2\DR2 1.82 To [Fixed] ==> Hidden MBR Code !! ....

MBR_MD5 : BF619EAC0CDF3F68D496EA9344137E8B
MBR_SHA1 : 5C3EB80066420002BC3DCC7CA4AB6EFAD7ED4AE5

Device\Harddisk2\Partition1 1.82 To 0x07 NTFS / HPFS
________________________________________________________________________________

############################### Additional scan ################################

DRIVER : C:\Windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0x02E03000
SIZE : 292.0 Ko

DRIVER : C:\Windows\system32\kdcom.dll => Invisible on the disk
ADDRESS : 0x00B9C000
SIZE : 40.0 Ko

DRIVER : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0x00CF5000
SIZE : 316.0 Ko

DRIVER : C:\Windows\system32\CLFS.SYS => Invisible on the disk
ADDRESS : 0x00D58000
SIZE : 376.0 Ko

DRIVER : C:\Windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0x00C00000
SIZE : 768.0 Ko

DRIVER : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x00E7E000
SIZE : 656.0 Ko

DRIVER : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x00F22000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0x00F31000
SIZE : 348.0 Ko

DRIVER : C:\Windows\system32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x00F88000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0x00F91000
SIZE : 40.0 Ko

DRIVER : C:\Windows\system32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0x00F9B000
SIZE : 204.0 Ko

DRIVER : C:\Windows\system32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x00FCE000
SIZE : 52.0 Ko

DRIVER : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x00FDB000
SIZE : 84.0 Ko

DRIVER : C:\Windows\system32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0x00E00000
SIZE : 84.0 Ko

DRIVER : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x00E15000
SIZE : 368.0 Ko

DRIVER : C:\Windows\system32\drivers\pciide.sys => Invisible on the disk
ADDRESS : 0x00E71000
SIZE : 28.0 Ko

DRIVER : C:\Windows\system32\drivers\PCIIDEX.SYS => Invisible on the disk
ADDRESS : 0x00FF0000
SIZE : 64.0 Ko

DRIVER : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x00CC0000
SIZE : 104.0 Ko

DRIVER : C:\Windows\system32\drivers\vmbus.sys => Invisible on the disk
ADDRESS : 0x00DB6000
SIZE : 240.0 Ko

DRIVER : C:\Windows\system32\drivers\winhv.sys => Invisible on the disk
ADDRESS : 0x00CDA000
SIZE : 80.0 Ko

DRIVER : C:\Windows\system32\drivers\atapi.sys => Invisible on the disk
ADDRESS : 0x00DF2000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\drivers\ataport.SYS => Invisible on the disk
ADDRESS : 0x01079000
SIZE : 168.0 Ko

DRIVER : C:\Windows\system32\drivers\amdxata.sys => Invisible on the disk
ADDRESS : 0x010A3000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x010AE000
SIZE : 304.0 Ko

DRIVER : C:\Windows\system32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x010FA000
SIZE : 80.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\Lbd.sys => Invisible on the disk
ADDRESS : 0x0110E000
SIZE : 84.0 Ko

DRIVER : C:\Windows\System32\Drivers\PxHlpa64.sys => Invisible on the disk
ADDRESS : 0x01123000
SIZE : 48.0 Ko

DRIVER : C:\Windows\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x01231000
SIZE : 1.64 Mo

DRIVER : C:\Windows\System32\Drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x0112F000
SIZE : 376.0 Ko

DRIVER : C:\Windows\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x013D4000
SIZE : 108.0 Ko

DRIVER : C:\Windows\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x0118D000
SIZE : 456.0 Ko

DRIVER : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x013EF000
SIZE : 68.0 Ko

DRIVER : C:\Windows\system32\drivers\eufs.sys => Invisible on the disk
ADDRESS : 0x01200000
SIZE : 44.0 Ko

DRIVER : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x0120B000
SIZE : 40.0 Ko

DRIVER : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x0140D000
SIZE : 972.0 Ko

DRIVER : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x01500000
SIZE : 384.0 Ko

DRIVER : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x01560000
SIZE : 172.0 Ko

DRIVER : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x01607000
SIZE : 2.02 Mo

DRIVER : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x0180B000
SIZE : 296.0 Ko

DRIVER : C:\Windows\system32\drivers\vmstorfl.sys => Invisible on the disk
ADDRESS : 0x01855000
SIZE : 64.0 Ko

DRIVER : C:\Windows\system32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0x01865000
SIZE : 304.0 Ko

DRIVER : C:\Windows\System32\Drivers\spldr.sys => Invisible on the disk
ADDRESS : 0x018B1000
SIZE : 32.0 Ko

DRIVER : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x018B9000
SIZE : 232.0 Ko

DRIVER : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x018F3000
SIZE : 72.0 Ko

DRIVER : C:\Windows\System32\drivers\hwpolicy.sys => Invisible on the disk
ADDRESS : 0x01905000
SIZE : 36.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x0190E000
SIZE : 232.0 Ko

DRIVER : C:\Windows\system32\drivers\EUBKMON.sys => Invisible on the disk
ADDRESS : 0x01948000
SIZE : 56.0 Ko

DRIVER : C:\Windows\system32\drivers\eubakup.sys => Invisible on the disk
ADDRESS : 0x01956000
SIZE : 52.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\disk.sys => Invisible on the disk
ADDRESS : 0x01963000
SIZE : 88.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x01979000
SIZE : 192.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\16302574.sys => Invisible on the disk
ADDRESS : 0x01A9F000
SIZE : 7.37 Mo

DRIVER : C:\Windows\system32\DRIVERS\cdrom.sys => Invisible on the disk
ADDRESS : 0x01A36000
SIZE : 168.0 Ko

DRIVER : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x01A60000
SIZE : 36.0 Ko

DRIVER : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x01A69000
SIZE : 28.0 Ko

DRIVER : C:\Windows\System32\drivers\vga.sys => Invisible on the disk
ADDRESS : 0x01A70000
SIZE : 56.0 Ko

DRIVER : C:\Windows\System32\drivers\VIDEOPRT.SYS => Invisible on the disk
ADDRESS : 0x019A9000
SIZE : 148.0 Ko

DRIVER : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x01A7E000
SIZE : 64.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\RDPCDD.sys => Invisible on the disk
ADDRESS : 0x01A8E000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\drivers\rdpencdd.sys => Invisible on the disk
ADDRESS : 0x019CE000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\drivers\rdprefmp.sys => Invisible on the disk
ADDRESS : 0x019D7000
SIZE : 36.0 Ko

DRIVER : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x019E0000
SIZE : 44.0 Ko

DRIVER : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x019EB000
SIZE : 68.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x0158B000
SIZE : 136.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x015AD000
SIZE : 52.0 Ko

DRIVER : C:\Windows\System32\Drivers\aswTdi.SYS => Invisible on the disk
ADDRESS : 0x015BA000
SIZE : 72.0 Ko

DRIVER : C:\Windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x04AC1000
SIZE : 548.0 Ko

DRIVER : C:\Windows\System32\Drivers\aswRdr.SYS => Invisible on the disk
ADDRESS : 0x04B4A000
SIZE : 52.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x04B57000
SIZE : 276.0 Ko

DRIVER : C:\Windows\system32\drivers\ws2ifsl.sys => Invisible on the disk
ADDRESS : 0x04B9C000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\wfplwf.sys => Invisible on the disk
ADDRESS : 0x04BA7000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x04BB0000
SIZE : 152.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\vwififlt.sys => Invisible on the disk
ADDRESS : 0x04BD6000
SIZE : 88.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x04BEC000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x04A00000
SIZE : 108.0 Ko

DRIVER : C:\Windows\system32\drivers\termdd.sys => Invisible on the disk
ADDRESS : 0x04A1B000
SIZE : 80.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x04A2F000
SIZE : 324.0 Ko

DRIVER : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x04A80000
SIZE : 48.0 Ko

DRIVER : C:\Windows\system32\drivers\mssmbios.sys => Invisible on the disk
ADDRESS : 0x04A8C000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\drivers\eudskacs.sys => Invisible on the disk
ADDRESS : 0x04A97000
SIZE : 36.0 Ko

DRIVER : C:\Windows\System32\drivers\discache.sys => Invisible on the disk
ADDRESS : 0x04AA0000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\drivers\csc.sys => Invisible on the disk
ADDRESS : 0x04801000
SIZE : 524.0 Ko

DRIVER : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x04884000
SIZE : 120.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\blbdrive.sys => Invisible on the disk
ADDRESS : 0x048A2000
SIZE : 68.0 Ko

DRIVER : C:\Windows\System32\Drivers\aswSP.SYS => Invisible on the disk
ADDRESS : 0x048B3000
SIZE : 324.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x04904000
SIZE : 152.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\intelppm.sys => Invisible on the disk
ADDRESS : 0x0492A000
SIZE : 88.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\nusb3xhc.sys => Invisible on the disk
ADDRESS : 0x04940000
SIZE : 192.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\USBD.SYS => Invisible on the disk
ADDRESS : 0x04970000
SIZE : 8.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\nvlddmkm.sys => Invisible on the disk
ADDRESS : 0x0F823000
SIZE : 12.46 Mo

DRIVER : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x1049A000
SIZE : 976.0 Ko

DRIVER : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x1058E000
SIZE : 280.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\usbuhci.sys => Invisible on the disk
ADDRESS : 0x105D4000
SIZE : 52.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x04972000
SIZE : 344.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\usbehci.sys => Invisible on the disk
ADDRESS : 0x105E1000
SIZE : 68.0 Ko

DRIVER : C:\Windows\system32\drivers\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x049C8000
SIZE : 144.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\Rt64win7.sys => Invisible on the disk
ADDRESS : 0x04C3A000
SIZE : 532.0 Ko

DRIVER : C:\Windows\system32\drivers\1394ohci.sys => Invisible on the disk
ADDRESS : 0x04CBF000
SIZE : 248.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ASACPI.sys => Invisible on the disk
ADDRESS : 0x04CFD000
SIZE : 32.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\GEARAspiWDM.sys => Invisible on the disk
ADDRESS : 0x04D05000
SIZE : 52.0 Ko

DRIVER : C:\Windows\system32\drivers\CompositeBus.sys => Invisible on the disk
ADDRESS : 0x04D12000
SIZE : 64.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk
ADDRESS : 0x04D22000
SIZE : 88.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk
ADDRESS : 0x04D38000
SIZE : 144.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk
ADDRESS : 0x04D5C000
SIZE : 48.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk
ADDRESS : 0x04D68000
SIZE : 188.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk
ADDRESS : 0x04D97000
SIZE : 108.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\raspptp.sys => Invisible on the disk
ADDRESS : 0x04DB2000
SIZE : 132.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rassstp.sys => Invisible on the disk
ADDRESS : 0x04DD3000
SIZE : 104.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rdpbus.sys => Invisible on the disk
ADDRESS : 0x04DED000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\kbdclass.sys => Invisible on the disk
ADDRESS : 0x04C00000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\drivers\mouclass.sys => Invisible on the disk
ADDRESS : 0x04C0F000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\drivers\swenum.sys => Invisible on the disk
ADDRESS : 0x04C1E000
SIZE : 8.0 Ko

DRIVER : C:\Windows\system32\drivers\ks.sys => Invisible on the disk
ADDRESS : 0x01000000
SIZE : 268.0 Ko

DRIVER : C:\Windows\system32\drivers\eudisk.sys => Invisible on the disk
ADDRESS : 0x015CC000
SIZE : 200.0 Ko

DRIVER : C:\Windows\system32\drivers\umbus.sys => Invisible on the disk
ADDRESS : 0x04C20000
SIZE : 72.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\nusb3hub.sys => Invisible on the disk
ADDRESS : 0x0F800000
SIZE : 92.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\usbhub.sys => Invisible on the disk
ADDRESS : 0x05426000
SIZE : 360.0 Ko

DRIVER : C:\Windows\System32\Drivers\NDProxy.SYS => Invisible on the disk
ADDRESS : 0x05480000
SIZE : 84.0 Ko

DRIVER : C:\Windows\system32\drivers\RTKVHD64.sys => Invisible on the disk
ADDRESS : 0x07021000
SIZE : 1.68 Mo

DRIVER : C:\Windows\system32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0x054A0000
SIZE : 244.0 Ko

DRIVER : C:\Windows\system32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0x071CE000
SIZE : 136.0 Ko

DRIVER : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x071F0000
SIZE : 24.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\netr28ux.sys => Invisible on the disk
ADDRESS : 0x054DD000
SIZE : 892.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\hidusb.sys => Invisible on the disk
ADDRESS : 0x07000000
SIZE : 56.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\HIDCLASS.SYS => Invisible on the disk
ADDRESS : 0x055BC000
SIZE : 100.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\HIDPARSE.SYS => Invisible on the disk
ADDRESS : 0x0700E000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\cdfs.sys => Invisible on the disk
ADDRESS : 0x055D5000
SIZE : 116.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\usbccgp.sys => Invisible on the disk
ADDRESS : 0x05400000
SIZE : 116.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\kbdhid.sys => Invisible on the disk
ADDRESS : 0x055F2000
SIZE : 56.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\LHidFilt.Sys => Invisible on the disk
ADDRESS : 0x049EC000
SIZE : 76.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mouhid.sys => Invisible on the disk
ADDRESS : 0x105F2000
SIZE : 52.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\LMouFilt.Sys => Invisible on the disk
ADDRESS : 0x01A00000
SIZE : 80.0 Ko

DRIVER : C:\Windows\system32\drivers\LVUSBS64.sys => Invisible on the disk
ADDRESS : 0x05495000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\LV302V64.SYS => Invisible on the disk
ADDRESS : 0x07271000
SIZE : 1.07 Mo

DRIVER : C:\Windows\system32\DRIVERS\lv302a64.sys => Invisible on the disk
ADDRESS : 0x07383000
SIZE : 12.0 Ko

DRIVER : C:\Windows\system32\drivers\usbaudio.sys => Invisible on the disk
ADDRESS : 0x07386000
SIZE : 108.0 Ko

DRIVER : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x073A1000
SIZE : 56.0 Ko

DRIVER : C:\Windows\System32\Drivers\dump_dumpata.sys => Invisible on the disk
ADDRESS : 0x073AF000
SIZE : 48.0 Ko

DRIVER : C:\Windows\System32\Drivers\dump_atapi.sys => Invisible on the disk
ADDRESS : 0x073BB000
SIZE : 36.0 Ko

DRIVER : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0x073C4000
SIZE : 76.0 Ko

DRIVER : C:\Windows\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x00090000
SIZE : 3.08 Mo

DRIVER : C:\Windows\System32\drivers\Dxapi.sys => Invisible on the disk
ADDRESS : 0x073D7000
SIZE : 48.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\monitor.sys => Invisible on the disk
ADDRESS : 0x073E3000
SIZE : 56.0 Ko

DRIVER : C:\Windows\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x00590000
SIZE : 40.0 Ko

DRIVER : C:\Windows\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x00740000
SIZE : 156.0 Ko

DRIVER : C:\Windows\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x07200000
SIZE : 140.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\sbapifs.sys => Invisible on the disk
ADDRESS : 0x07223000
SIZE : 104.0 Ko

DRIVER : C:\Windows\system32\drivers\aswMonFlt.sys => Invisible on the disk
ADDRESS : 0x04EDB000
SIZE : 240.0 Ko

DRIVER : C:\Windows\System32\Drivers\aswFsBlk.SYS => Invisible on the disk
ADDRESS : 0x04F17000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\drivers\WudfPf.sys => Invisible on the disk
ADDRESS : 0x04F20000
SIZE : 132.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0x04F41000
SIZE : 84.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\nwifi.sys => Invisible on the disk
ADDRESS : 0x04F56000
SIZE : 332.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ndisuio.sys => Invisible on the disk
ADDRESS : 0x04FA9000
SIZE : 76.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0x04FBC000
SIZE : 96.0 Ko

DRIVER : C:\Windows\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x04E00000
SIZE : 804.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x04FD4000
SIZE : 120.0 Ko

DRIVER : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x0723D000
SIZE : 96.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x01043000
SIZE : 180.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x08CEE000
SIZE : 312.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x08D3C000
SIZE : 144.0 Ko

DRIVER : C:\Windows\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x08C00000
SIZE : 664.0 Ko

DRIVER : C:\Windows\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0x08CA6000
SIZE : 44.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x08CB1000
SIZE : 196.0 Ko

DRIVER : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x08D78000
SIZE : 72.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x08D8A000
SIZE : 420.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x098DC000
SIZE : 608.0 Ko

DRIVER : C:\Windows\System32\drivers\ipnat.sys => Invisible on the disk
ADDRESS : 0x09974000
SIZE : 188.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\7670659drv.sys => Invisible on the disk
ADDRESS : 0x09800000
SIZE : 600.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\asyncmac.sys => Invisible on the disk
ADDRESS : 0x0BD3B000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\USBSTOR.SYS => Invisible on the disk
ADDRESS : 0x0BD46000
SIZE : 108.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\84756651.sys => Invisible on the disk
ADDRESS : 0x0C85D000
SIZE : 7.37 Mo

DRIVER : C:\Users\Rich\AppData\Local\Temp\aswMBR.sys => Invisible on the disk
ADDRESS : 0x0CFBC000
SIZE : 60.0 Ko

DRIVER : C:\Windows\System32\smss.exe => Invisible on the disk
ADDRESS : 0x47DE0000
SIZE : 128.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions : NOEXECUTE=OPTIN

________________________________________________________________________________

_______MBR \Device\Harddisk0\DR0

0x00000000 33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00 3À.м.|.À.ؾ.|¿.
0x00000010 06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00 .¹..üó¤Ph..Ëû¹..
0x00000020 BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10 ½¾..~..|......Å.
0x00000030 E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00 âñÍ..V.UÆF..ÆF..
0x00000040 B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09 ´A»ªUÍ.]r..ûUªu.
0x00000050 F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74 ÷Á..t.þF.f`.~..t
0x00000060 26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00 &fh....f.v.h..h.
0x00000070 7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13 |h..h..´B.V..ôÍ.
0x00000080 9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00 ..Ä..Ë.¸..».|.V.
0x00000090 8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE .v..N..n.Í.fas.þ
0x000000A0 4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84 N.u..~......².Ë.
0x000000B0 55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55 U2Ä.V.Í.]Ë..>þ}U
0x000000C0 AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64 ªun.v.è..u.ú°ñÆd
0x000000D0 E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75 è..°ßÆ`è|.°.Ædèu
0x000000E0 00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54 .û¸.»Í.f#Àu;f.ûT
0x000000F0 43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00 CPAu2.ù..r,fh.».
0x00000100 00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66 .fh....fh....fSf
0x00000110 53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66 SfUfh....fh.|..f
0x00000120 61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD ah...Í.Z2öê.|..Í
0x00000130 18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4 ..·.Ë..¶.Ë..µ.2Ä
0x00000140 05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD ....Ь<.t.»..´.Í
0x00000150 10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8 .ËòôËý+ÉÄdË.$.ÀØ
0x00000160 24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69 $.ÃInvalid parti
0x00000170 74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72 tion table.Error
0x00000180 20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 loading operati
0x00000190 6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E ng system.Missin
0x000001A0 67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 g operating syst
0x000001B0 65 6D 00 00 00 63 7B 9A 89 EB 84 6E 00 00 80 20 em...c{..Ë.n...
0x000001C0 21 00 07 DF 13 0C 00 08 00 00 00 20 03 00 00 DF !..ß....... ...ß
0x000001D0 14 0C 07 FE FF FF 00 28 03 00 00 30 35 3A 00 00 ...þ...(...05:..
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª

_______MBR \Device\Harddisk1\DR1

0x00000000 33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00 3À.м.|.À.ؾ.|¿.
0x00000010 06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00 .¹..üó¤Ph..Ëû¹..
0x00000020 BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10 ½¾..~..|......Å.
0x00000030 E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00 âñÍ..V.UÆF..ÆF..
0x00000040 B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09 ´A»ªUÍ.]r..ûUªu.
0x00000050 F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74 ÷Á..t.þF.f`.~..t
0x00000060 26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00 &fh....f.v.h..h.
0x00000070 7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13 |h..h..´B.V..ôÍ.
0x00000080 9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00 ..Ä..Ë.¸..».|.V.
0x00000090 8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE .v..N..n.Í.fas.þ
0x000000A0 4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84 N.u..~......².Ë.
0x000000B0 55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55 U2Ä.V.Í.]Ë..>þ}U
0x000000C0 AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64 ªun.v.è..u.ú°ñÆd
0x000000D0 E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75 è..°ßÆ`è|.°.Ædèu
0x000000E0 00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54 .û¸.»Í.f#Àu;f.ûT
0x000000F0 43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00 CPAu2.ù..r,fh.».
0x00000100 00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66 .fh....fh....fSf
0x00000110 53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66 SfUfh....fh.|..f
0x00000120 61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD ah...Í.Z2öê.|..Í
0x00000130 18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4 ..·.Ë..¶.Ë..µ.2Ä
0x00000140 05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD ....Ь<.t.»..´.Í
0x00000150 10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8 .ËòôËý+ÉÄdË.$.ÀØ
0x00000160 24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69 $.ÃInvalid parti
0x00000170 74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72 tion table.Error
0x00000180 20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 loading operati
0x00000190 6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E ng system.Missin
0x000001A0 67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 g operating syst
0x000001B0 65 6D 00 00 00 63 7B 9A 23 CB 4F 30 00 00 00 20 em...c{.#ËO0...
0x000001C0 21 00 07 FE FF FF 00 08 00 00 00 58 70 74 00 00 !..þ.......Xpt..
0x000001D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª

_______MBR \Device\Harddisk2\DR2

0x00000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000130 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

Thanks again.

Link to post
Share on other sites

16:08:52.714 Disk 0 MBR has been saved successfully to "C:\Users\Rich\Desktop\MBR.dat"

Can you zip this up and attach it to your next post.

--------------------------------------------

Then.........

Please download and run TDSSKiller as outlined in the post below:

http://forums.malwar...howtopic=104821

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic please choose

Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Post back the log, MrC

Link to post
Share on other sites

16:43:53.0987 3360 TDSS rootkit removing tool 2.7.12.0 Feb 11 2012 16:58:52

16:43:54.0121 3360 ============================================================

16:43:54.0121 3360 Current date / time: 2012/02/13 16:43:54.0121

16:43:54.0121 3360 SystemInfo:

16:43:54.0121 3360

16:43:54.0121 3360 OS Version: 6.1.7601 ServicePack: 1.0

16:43:54.0121 3360 Product type: Workstation

16:43:54.0121 3360 ComputerName: WORK-PC

16:43:54.0121 3360 UserName: Rich

16:43:54.0121 3360 Windows directory: C:\Windows

16:43:54.0121 3360 System windows directory: C:\Windows

16:43:54.0121 3360 Running under WOW64

16:43:54.0121 3360 Processor architecture: Intel x64

16:43:54.0121 3360 Number of processors: 8

16:43:54.0121 3360 Page size: 0x1000

16:43:54.0121 3360 Boot type: Normal boot

16:43:54.0121 3360 ============================================================

16:43:54.0887 3360 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:43:54.0887 3360 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:43:54.0890 3360 Drive \Device\Harddisk2\DR2 - Size: 0x1D195516000 (1862.33 Gb), SectorSize: 0x1000, Cylinders: 0x76B5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

16:43:54.0892 3360 \Device\Harddisk0\DR0:

16:43:54.0892 3360 MBR used

16:43:54.0892 3360 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

16:43:54.0892 3360 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000

16:43:54.0892 3360 \Device\Harddisk1\DR1:

16:43:54.0892 3360 MBR used

16:43:54.0892 3360 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800

16:43:54.0892 3360 \Device\Harddisk2\DR2:

16:43:54.0892 3360 MBR used

16:43:54.0892 3360 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x100, BlocksNum 0x1D195300

16:43:54.0911 3360 Initialize success

16:43:54.0911 3360 ============================================================

16:44:13.0907 4724 ============================================================

16:44:13.0907 4724 Scan started

16:44:13.0907 4724 Mode: Manual; SigCheck; TDLFS;

16:44:13.0907 4724 ============================================================

16:44:14.0683 4724 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

16:44:14.0768 4724 1394ohci - ok

16:44:14.0806 4724 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

16:44:14.0821 4724 ACPI - ok

16:44:14.0861 4724 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

16:44:14.0895 4724 AcpiPmi - ok

16:44:14.0943 4724 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys

16:44:14.0967 4724 adfs - ok

16:44:15.0018 4724 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

16:44:15.0035 4724 adp94xx - ok

16:44:15.0054 4724 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

16:44:15.0068 4724 adpahci - ok

16:44:15.0093 4724 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

16:44:15.0105 4724 adpu320 - ok

16:44:15.0170 4724 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys

16:44:15.0187 4724 AFD - ok

16:44:15.0214 4724 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

16:44:15.0224 4724 agp440 - ok

16:44:15.0243 4724 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

16:44:15.0252 4724 aliide - ok

16:44:15.0268 4724 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

16:44:15.0277 4724 amdide - ok

16:44:15.0296 4724 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

16:44:15.0327 4724 AmdK8 - ok

16:44:15.0347 4724 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

16:44:15.0384 4724 AmdPPM - ok

16:44:15.0422 4724 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

16:44:15.0441 4724 amdsata - ok

16:44:15.0467 4724 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

16:44:15.0487 4724 amdsbs - ok

16:44:15.0501 4724 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

16:44:15.0511 4724 amdxata - ok

16:44:15.0544 4724 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

16:44:15.0591 4724 AppID - ok

16:44:15.0659 4724 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

16:44:15.0678 4724 arc - ok

16:44:15.0699 4724 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

16:44:15.0717 4724 arcsas - ok

16:44:15.0754 4724 aswFsBlk (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys

16:44:15.0770 4724 aswFsBlk - ok

16:44:15.0805 4724 aswMonFlt (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys

16:44:15.0820 4724 aswMonFlt - ok

16:44:15.0840 4724 aswRdr (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys

16:44:15.0855 4724 aswRdr - ok

16:44:15.0911 4724 aswSnx (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys

16:44:15.0935 4724 aswSnx - ok

16:44:15.0952 4724 aswSP (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys

16:44:15.0963 4724 aswSP - ok

16:44:15.0979 4724 aswTdi (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys

16:44:15.0988 4724 aswTdi - ok

16:44:16.0000 4724 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

16:44:16.0048 4724 AsyncMac - ok

16:44:16.0081 4724 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

16:44:16.0091 4724 atapi - ok

16:44:16.0147 4724 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys

16:44:16.0219 4724 athr - ok

16:44:16.0269 4724 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

16:44:16.0324 4724 b06bdrv - ok

16:44:16.0344 4724 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

16:44:16.0378 4724 b57nd60a - ok

16:44:16.0401 4724 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

16:44:16.0445 4724 Beep - ok

16:44:16.0491 4724 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

16:44:16.0530 4724 blbdrive - ok

16:44:16.0602 4724 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

16:44:16.0638 4724 bowser - ok

16:44:16.0665 4724 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

16:44:16.0706 4724 BrFiltLo - ok

16:44:16.0729 4724 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

16:44:16.0745 4724 BrFiltUp - ok

16:44:16.0778 4724 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys

16:44:16.0827 4724 BridgeMP - ok

16:44:16.0839 4724 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

16:44:16.0903 4724 Brserid - ok

16:44:16.0919 4724 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

16:44:16.0963 4724 BrSerWdm - ok

16:44:16.0986 4724 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

16:44:17.0023 4724 BrUsbMdm - ok

16:44:17.0047 4724 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

16:44:17.0078 4724 BrUsbSer - ok

16:44:17.0113 4724 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

16:44:17.0154 4724 BTHMODEM - ok

16:44:17.0190 4724 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

16:44:17.0255 4724 cdfs - ok

16:44:17.0316 4724 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

16:44:17.0355 4724 cdrom - ok

16:44:17.0394 4724 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

16:44:17.0419 4724 circlass - ok

16:44:17.0453 4724 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

16:44:17.0474 4724 CLFS - ok

16:44:17.0515 4724 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

16:44:17.0552 4724 CmBatt - ok

16:44:17.0582 4724 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

16:44:17.0599 4724 cmdide - ok

16:44:17.0640 4724 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

16:44:17.0674 4724 CNG - ok

16:44:17.0691 4724 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

16:44:17.0701 4724 Compbatt - ok

16:44:17.0745 4724 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

16:44:17.0789 4724 CompositeBus - ok

16:44:17.0812 4724 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

16:44:17.0822 4724 crcdisk - ok

16:44:17.0871 4724 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys

16:44:17.0901 4724 CSC - ok

16:44:17.0945 4724 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

16:44:17.0986 4724 DfsC - ok

16:44:17.0996 4724 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

16:44:18.0024 4724 discache - ok

16:44:18.0046 4724 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

16:44:18.0056 4724 Disk - ok

16:44:18.0085 4724 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

16:44:18.0129 4724 drmkaud - ok

16:44:18.0237 4724 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

16:44:18.0285 4724 DXGKrnl - ok

16:44:18.0458 4724 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

16:44:18.0551 4724 ebdrv - ok

16:44:18.0585 4724 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

16:44:18.0602 4724 elxstor - ok

16:44:18.0631 4724 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

16:44:18.0668 4724 ErrDev - ok

16:44:18.0723 4724 EUBAKUP (09a6390583c629532407ca7af026ff91) C:\Windows\system32\drivers\eubakup.sys

16:44:18.0751 4724 EUBAKUP ( UnsignedFile.Multi.Generic ) - warning

16:44:18.0751 4724 EUBAKUP - detected UnsignedFile.Multi.Generic (1)

16:44:18.0790 4724 EUBKMON (29f22c20748e3696af0d57dc71cc6a10) C:\Windows\system32\drivers\EUBKMON.sys

16:44:18.0799 4724 EUBKMON ( UnsignedFile.Multi.Generic ) - warning

16:44:18.0799 4724 EUBKMON - detected UnsignedFile.Multi.Generic (1)

16:44:18.0814 4724 EUDISK (97cd68db973de9c17be205dd2de21563) C:\Windows\system32\drivers\eudisk.sys

16:44:18.0843 4724 EUDISK ( UnsignedFile.Multi.Generic ) - warning

16:44:18.0843 4724 EUDISK - detected UnsignedFile.Multi.Generic (1)

16:44:18.0865 4724 EUDSKACS (449070112444b188cf755add0627cd00) C:\Windows\system32\drivers\eudskacs.sys

16:44:18.0893 4724 EUDSKACS ( UnsignedFile.Multi.Generic ) - warning

16:44:18.0893 4724 EUDSKACS - detected UnsignedFile.Multi.Generic (1)

16:44:18.0900 4724 EUFS (6791502d2e6cb3ca67e43fe003e29e0a) C:\Windows\system32\drivers\eufs.sys

16:44:18.0909 4724 EUFS ( UnsignedFile.Multi.Generic ) - warning

16:44:18.0909 4724 EUFS - detected UnsignedFile.Multi.Generic (1)

16:44:18.0933 4724 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

16:44:18.0978 4724 exfat - ok

16:44:18.0995 4724 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

16:44:19.0045 4724 fastfat - ok

16:44:19.0079 4724 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

16:44:19.0126 4724 fdc - ok

16:44:19.0155 4724 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

16:44:19.0173 4724 FileInfo - ok

16:44:19.0184 4724 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

16:44:19.0245 4724 Filetrace - ok

16:44:19.0292 4724 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

16:44:19.0314 4724 flpydisk - ok

16:44:19.0370 4724 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

16:44:19.0391 4724 FltMgr - ok

16:44:19.0422 4724 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

16:44:19.0439 4724 FsDepends - ok

16:44:19.0452 4724 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

16:44:19.0462 4724 Fs_Rec - ok

16:44:19.0508 4724 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

16:44:19.0531 4724 fvevol - ok

16:44:19.0557 4724 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

16:44:19.0567 4724 gagp30kx - ok

16:44:19.0610 4724 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

16:44:19.0623 4724 GEARAspiWDM - ok

16:44:19.0640 4724 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

16:44:19.0703 4724 hcw85cir - ok

16:44:19.0747 4724 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

16:44:19.0776 4724 HdAudAddService - ok

16:44:19.0801 4724 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

16:44:19.0832 4724 HDAudBus - ok

16:44:19.0856 4724 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

16:44:19.0896 4724 HidBatt - ok

16:44:19.0923 4724 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

16:44:19.0969 4724 HidBth - ok

16:44:19.0993 4724 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

16:44:20.0036 4724 HidIr - ok

16:44:20.0080 4724 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

16:44:20.0102 4724 HidUsb - ok

16:44:20.0130 4724 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

16:44:20.0140 4724 HpSAMD - ok

16:44:20.0204 4724 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

16:44:20.0273 4724 HTTP - ok

16:44:20.0304 4724 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

16:44:20.0314 4724 hwpolicy - ok

16:44:20.0366 4724 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

16:44:20.0388 4724 i8042prt - ok

16:44:20.0433 4724 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

16:44:20.0458 4724 iaStorV - ok

16:44:20.0491 4724 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

16:44:20.0501 4724 iirsp - ok

16:44:20.0557 4724 IntcAzAudAddService (d42d651676883181400e22957a7e0b1e) C:\Windows\system32\drivers\RTKVHD64.sys

16:44:20.0596 4724 IntcAzAudAddService - ok

16:44:20.0610 4724 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

16:44:20.0620 4724 intelide - ok

16:44:20.0644 4724 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

16:44:20.0676 4724 intelppm - ok

16:44:20.0710 4724 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

16:44:20.0775 4724 IpFilterDriver - ok

16:44:20.0806 4724 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

16:44:20.0843 4724 IPMIDRV - ok

16:44:20.0866 4724 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

16:44:20.0929 4724 IPNAT - ok

16:44:20.0972 4724 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

16:44:20.0988 4724 IRENUM - ok

16:44:21.0005 4724 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

16:44:21.0015 4724 isapnp - ok

16:44:21.0054 4724 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

16:44:21.0068 4724 iScsiPrt - ok

16:44:21.0116 4724 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

16:44:21.0133 4724 kbdclass - ok

16:44:21.0172 4724 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

16:44:21.0214 4724 kbdhid - ok

16:44:21.0249 4724 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

16:44:21.0267 4724 KSecDD - ok

16:44:21.0284 4724 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

16:44:21.0296 4724 KSecPkg - ok

16:44:21.0313 4724 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

16:44:21.0358 4724 ksthunk - ok

16:44:21.0473 4724 Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys

16:44:21.0487 4724 Lavasoft Kernexplorer - ok

16:44:21.0523 4724 Lbd (c8b3131857931ae76798a741cc52b021) C:\Windows\system32\DRIVERS\Lbd.sys

16:44:21.0537 4724 Lbd - ok

16:44:21.0574 4724 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\Windows\system32\DRIVERS\LHidFilt.Sys

16:44:21.0589 4724 LHidFilt - ok

16:44:21.0615 4724 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

16:44:21.0677 4724 lltdio - ok

16:44:21.0702 4724 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\Windows\system32\DRIVERS\LMouFilt.Sys

16:44:21.0711 4724 LMouFilt - ok

16:44:21.0739 4724 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

16:44:21.0750 4724 LSI_FC - ok

16:44:21.0764 4724 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

16:44:21.0775 4724 LSI_SAS - ok

16:44:21.0787 4724 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

16:44:21.0798 4724 LSI_SAS2 - ok

16:44:21.0814 4724 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

16:44:21.0825 4724 LSI_SCSI - ok

16:44:21.0856 4724 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

16:44:21.0921 4724 luafv - ok

16:44:21.0954 4724 lvpepf64 (4cb64d7458abd8396bcd389a69c8fc80) C:\Windows\system32\DRIVERS\lv302a64.sys

16:44:21.0969 4724 lvpepf64 - ok

16:44:22.0004 4724 LVUSBS64 (0034f69d0007d3f77f6b96fa51228e85) C:\Windows\system32\drivers\LVUSBS64.sys

16:44:22.0019 4724 LVUSBS64 - ok

16:44:22.0040 4724 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

16:44:22.0057 4724 megasas - ok

16:44:22.0080 4724 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

16:44:22.0098 4724 MegaSR - ok

16:44:22.0134 4724 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

16:44:22.0167 4724 Modem - ok

16:44:22.0197 4724 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

16:44:22.0236 4724 monitor - ok

16:44:22.0289 4724 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys

16:44:22.0307 4724 mouclass - ok

16:44:22.0325 4724 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

16:44:22.0360 4724 mouhid - ok

16:44:22.0400 4724 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

16:44:22.0418 4724 mountmgr - ok

16:44:22.0458 4724 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

16:44:22.0477 4724 mpio - ok

16:44:22.0493 4724 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

16:44:22.0550 4724 mpsdrv - ok

16:44:22.0586 4724 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

16:44:22.0602 4724 MRxDAV - ok

16:44:22.0639 4724 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

16:44:22.0679 4724 mrxsmb - ok

16:44:22.0713 4724 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

16:44:22.0737 4724 mrxsmb10 - ok

16:44:22.0752 4724 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

16:44:22.0766 4724 mrxsmb20 - ok

16:44:22.0797 4724 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

16:44:22.0808 4724 msahci - ok

16:44:22.0840 4724 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

16:44:22.0852 4724 msdsm - ok

16:44:22.0876 4724 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

16:44:22.0904 4724 Msfs - ok

16:44:22.0915 4724 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

16:44:22.0959 4724 mshidkmdf - ok

16:44:22.0993 4724 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

16:44:23.0010 4724 msisadrv - ok

16:44:23.0040 4724 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

16:44:23.0073 4724 MSKSSRV - ok

16:44:23.0085 4724 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

16:44:23.0154 4724 MSPCLOCK - ok

16:44:23.0182 4724 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

16:44:23.0240 4724 MSPQM - ok

16:44:23.0279 4724 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

16:44:23.0293 4724 MsRPC - ok

16:44:23.0308 4724 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

16:44:23.0317 4724 mssmbios - ok

16:44:23.0332 4724 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

16:44:23.0360 4724 MSTEE - ok

16:44:23.0374 4724 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

16:44:23.0386 4724 MTConfig - ok

16:44:23.0434 4724 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys

16:44:23.0467 4724 MTsensor - ok

16:44:23.0505 4724 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

16:44:23.0523 4724 Mup - ok

16:44:23.0550 4724 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

16:44:23.0589 4724 NativeWifiP - ok

16:44:23.0637 4724 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

16:44:23.0663 4724 NDIS - ok

16:44:23.0677 4724 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

16:44:23.0708 4724 NdisCap - ok

16:44:23.0732 4724 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

16:44:23.0796 4724 NdisTapi - ok

16:44:23.0831 4724 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

16:44:23.0871 4724 Ndisuio - ok

16:44:23.0904 4724 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

16:44:23.0976 4724 NdisWan - ok

16:44:24.0012 4724 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

16:44:24.0072 4724 NDProxy - ok

16:44:24.0092 4724 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

16:44:24.0121 4724 NetBIOS - ok

16:44:24.0158 4724 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

16:44:24.0220 4724 NetBT - ok

16:44:24.0288 4724 netr28ux (657946205eb04ccea17c600b233ac826) C:\Windows\system32\DRIVERS\netr28ux.sys

16:44:24.0314 4724 netr28ux - ok

16:44:24.0343 4724 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

16:44:24.0354 4724 nfrd960 - ok

16:44:24.0378 4724 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

16:44:24.0407 4724 Npfs - ok

16:44:24.0418 4724 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

16:44:24.0460 4724 nsiproxy - ok

16:44:24.0519 4724 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

16:44:24.0572 4724 Ntfs - ok

16:44:24.0590 4724 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

16:44:24.0618 4724 Null - ok

16:44:24.0649 4724 nusb3hub (785298579b5f9b4032152dfbb992fdb6) C:\Windows\system32\DRIVERS\nusb3hub.sys

16:44:24.0685 4724 nusb3hub - ok

16:44:24.0715 4724 nusb3xhc (df2750481b4964814467c974f2b0eef1) C:\Windows\system32\DRIVERS\nusb3xhc.sys

16:44:24.0734 4724 nusb3xhc - ok

16:44:24.0931 4724 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys

16:44:25.0070 4724 nvlddmkm - ok

16:44:25.0120 4724 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

16:44:25.0139 4724 nvraid - ok

16:44:25.0175 4724 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

16:44:25.0186 4724 nvstor - ok

16:44:25.0223 4724 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

16:44:25.0235 4724 nv_agp - ok

16:44:25.0282 4724 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

16:44:25.0319 4724 ohci1394 - ok

16:44:25.0366 4724 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

16:44:25.0387 4724 Parport - ok

16:44:25.0417 4724 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

16:44:25.0432 4724 partmgr - ok

16:44:25.0487 4724 pbfilter (55223eefabfdb84a926515febab50d9a) C:\Program Files\PeerBlock\pbfilter.sys

16:44:25.0505 4724 pbfilter - ok

16:44:25.0521 4724 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

16:44:25.0541 4724 pci - ok

16:44:25.0555 4724 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

16:44:25.0565 4724 pciide - ok

16:44:25.0587 4724 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

16:44:25.0599 4724 pcmcia - ok

16:44:25.0612 4724 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

16:44:25.0622 4724 pcw - ok

16:44:25.0642 4724 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

16:44:25.0695 4724 PEAUTH - ok

16:44:25.0740 4724 PID_PEPI (37ea62238e17ae88e4713d9246ca1c1c) C:\Windows\system32\DRIVERS\LV302V64.SYS

16:44:25.0759 4724 PID_PEPI - ok

16:44:25.0814 4724 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

16:44:25.0877 4724 PptpMiniport - ok

16:44:25.0901 4724 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

16:44:25.0943 4724 Processor - ok

16:44:26.0006 4724 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

16:44:26.0062 4724 Psched - ok

16:44:26.0103 4724 PxHlpa64 (901dba98359966a62a6548596988e931) C:\Windows\system32\Drivers\PxHlpa64.sys

16:44:26.0112 4724 PxHlpa64 - ok

16:44:26.0155 4724 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

16:44:26.0207 4724 ql2300 - ok

16:44:26.0225 4724 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

16:44:26.0236 4724 ql40xx - ok

16:44:26.0252 4724 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

16:44:26.0281 4724 QWAVEdrv - ok

16:44:26.0305 4724 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

16:44:26.0333 4724 RasAcd - ok

16:44:26.0358 4724 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

16:44:26.0386 4724 RasAgileVpn - ok

16:44:26.0425 4724 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

16:44:26.0480 4724 Rasl2tp - ok

16:44:26.0507 4724 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

16:44:26.0535 4724 RasPppoe - ok

16:44:26.0548 4724 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

16:44:26.0576 4724 RasSstp - ok

16:44:26.0611 4724 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

16:44:26.0661 4724 rdbss - ok

16:44:26.0685 4724 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

16:44:26.0699 4724 rdpbus - ok

16:44:26.0711 4724 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

16:44:26.0739 4724 RDPCDD - ok

16:44:26.0778 4724 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys

16:44:26.0816 4724 RDPDR - ok

16:44:26.0845 4724 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

16:44:26.0902 4724 RDPENCDD - ok

16:44:26.0910 4724 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

16:44:26.0937 4724 RDPREFMP - ok

16:44:26.0969 4724 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

16:44:26.0997 4724 RDPWD - ok

16:44:27.0033 4724 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

16:44:27.0045 4724 rdyboost - ok

16:44:27.0074 4724 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

16:44:27.0121 4724 rspndr - ok

16:44:27.0186 4724 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys

16:44:27.0209 4724 RTL8167 - ok

16:44:27.0253 4724 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys

16:44:27.0303 4724 s3cap - ok

16:44:27.0345 4724 sbapifs (db7f9394b2f2d446df14d46c61b0e94b) C:\Windows\system32\DRIVERS\sbapifs.sys

16:44:27.0359 4724 sbapifs - ok

16:44:27.0395 4724 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

16:44:27.0414 4724 sbp2port - ok

16:44:27.0469 4724 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

16:44:27.0527 4724 scfilter - ok

16:44:27.0550 4724 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

16:44:27.0593 4724 secdrv - ok

16:44:27.0624 4724 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

16:44:27.0657 4724 Serenum - ok

16:44:27.0684 4724 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

16:44:27.0699 4724 Serial - ok

16:44:27.0713 4724 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

16:44:27.0746 4724 sermouse - ok

16:44:27.0792 4724 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

16:44:27.0842 4724 sffdisk - ok

16:44:27.0861 4724 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

16:44:27.0881 4724 sffp_mmc - ok

16:44:27.0894 4724 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

16:44:27.0929 4724 sffp_sd - ok

16:44:27.0951 4724 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

16:44:27.0964 4724 sfloppy - ok

16:44:28.0003 4724 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

16:44:28.0021 4724 SiSRaid2 - ok

16:44:28.0037 4724 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

16:44:28.0047 4724 SiSRaid4 - ok

16:44:28.0066 4724 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

16:44:28.0109 4724 Smb - ok

16:44:28.0145 4724 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

16:44:28.0155 4724 spldr - ok

16:44:28.0208 4724 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

16:44:28.0232 4724 srv - ok

16:44:28.0252 4724 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

16:44:28.0266 4724 srv2 - ok

16:44:28.0278 4724 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

16:44:28.0291 4724 srvnet - ok

16:44:28.0326 4724 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

16:44:28.0336 4724 stexstor - ok

16:44:28.0385 4724 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys

16:44:28.0403 4724 storflt - ok

16:44:28.0441 4724 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys

16:44:28.0452 4724 storvsc - ok

16:44:28.0572 4724 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

16:44:28.0589 4724 swenum - ok

16:44:28.0656 4724 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

16:44:28.0685 4724 Tcpip - ok

16:44:28.0736 4724 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

16:44:28.0770 4724 TCPIP6 - ok

16:44:28.0804 4724 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

16:44:28.0865 4724 tcpipreg - ok

16:44:28.0891 4724 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

16:44:28.0944 4724 TDPIPE - ok

16:44:28.0964 4724 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

16:44:28.0993 4724 TDTCP - ok

16:44:29.0032 4724 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

16:44:29.0070 4724 tdx - ok

16:44:29.0085 4724 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

16:44:29.0096 4724 TermDD - ok

16:44:29.0162 4724 TrojanKillerDriver (9bf9e809fbb2d5d0403b32b15abe5f30) C:\Windows\system32\DRIVERS\gtkdrv.sys

16:44:29.0177 4724 TrojanKillerDriver - ok

16:44:29.0219 4724 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

16:44:29.0288 4724 tssecsrv - ok

16:44:29.0318 4724 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

16:44:29.0348 4724 TsUsbFlt - ok

16:44:29.0404 4724 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

16:44:29.0470 4724 tunnel - ok

16:44:29.0497 4724 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

16:44:29.0508 4724 uagp35 - ok

16:44:29.0544 4724 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

16:44:29.0586 4724 udfs - ok

16:44:29.0623 4724 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

16:44:29.0641 4724 uliagpkx - ok

16:44:29.0681 4724 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

16:44:29.0720 4724 umbus - ok

16:44:29.0747 4724 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

16:44:29.0792 4724 UmPass - ok

16:44:29.0848 4724 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

16:44:29.0882 4724 USBAAPL64 - ok

16:44:29.0921 4724 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

16:44:29.0963 4724 usbaudio - ok

16:44:30.0000 4724 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

16:44:30.0029 4724 usbccgp - ok

16:44:30.0072 4724 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

16:44:30.0114 4724 usbcir - ok

16:44:30.0153 4724 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

16:44:30.0189 4724 usbehci - ok

16:44:30.0245 4724 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

16:44:30.0295 4724 usbhub - ok

16:44:30.0324 4724 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys

16:44:30.0343 4724 usbohci - ok

16:44:30.0362 4724 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

16:44:30.0377 4724 usbprint - ok

16:44:30.0412 4724 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

16:44:30.0469 4724 USBSTOR - ok

16:44:30.0501 4724 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys

16:44:30.0537 4724 usbuhci - ok

16:44:30.0592 4724 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

16:44:30.0609 4724 vdrvroot - ok

16:44:30.0625 4724 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

16:44:30.0649 4724 vga - ok

16:44:30.0668 4724 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

16:44:30.0736 4724 VgaSave - ok

16:44:30.0777 4724 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

16:44:30.0797 4724 vhdmp - ok

16:44:30.0819 4724 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

16:44:30.0836 4724 viaide - ok

16:44:30.0860 4724 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys

16:44:30.0880 4724 vmbus - ok

16:44:30.0895 4724 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys

16:44:30.0935 4724 VMBusHID - ok

16:44:30.0965 4724 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

16:44:30.0983 4724 volmgr - ok

16:44:31.0019 4724 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

16:44:31.0042 4724 volmgrx - ok

16:44:31.0081 4724 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

16:44:31.0103 4724 volsnap - ok

16:44:31.0128 4724 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

16:44:31.0148 4724 vsmraid - ok

16:44:31.0168 4724 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

16:44:31.0202 4724 vwifibus - ok

16:44:31.0234 4724 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

16:44:31.0272 4724 vwififlt - ok

16:44:31.0282 4724 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

16:44:31.0301 4724 WacomPen - ok

16:44:31.0366 4724 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

16:44:31.0424 4724 WANARP - ok

16:44:31.0427 4724 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

16:44:31.0455 4724 Wanarpv6 - ok

16:44:31.0469 4724 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

16:44:31.0479 4724 Wd - ok

16:44:31.0517 4724 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

16:44:31.0543 4724 Wdf01000 - ok

16:44:31.0573 4724 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

16:44:31.0601 4724 WfpLwf - ok

16:44:31.0608 4724 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

16:44:31.0618 4724 WIMMount - ok

16:44:31.0664 4724 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

16:44:31.0708 4724 WinUsb - ok

16:44:31.0739 4724 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

16:44:31.0760 4724 WmiAcpi - ok

16:44:31.0792 4724 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

16:44:31.0819 4724 ws2ifsl - ok

16:44:31.0859 4724 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

16:44:31.0924 4724 WudfPf - ok

16:44:31.0952 4724 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

16:44:31.0999 4724 WUDFRd - ok

16:44:32.0027 4724 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

16:44:32.0146 4724 \Device\Harddisk0\DR0 - ok

16:44:32.0149 4724 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1

16:44:32.0203 4724 \Device\Harddisk1\DR1 - ok

16:44:32.0220 4724 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2

16:44:32.0306 4724 \Device\Harddisk2\DR2 - ok

16:44:32.0315 4724 Boot (0x1200) (19616aac5683aff2298c1d0e81607e81) \Device\Harddisk0\DR0\Partition0

16:44:32.0316 4724 \Device\Harddisk0\DR0\Partition0 - ok

16:44:32.0330 4724 Boot (0x1200) (fb074448e687776df16a9dd8d5c081bb) \Device\Harddisk0\DR0\Partition1

16:44:32.0331 4724 \Device\Harddisk0\DR0\Partition1 - ok

16:44:32.0333 4724 Boot (0x1200) (118dd11eda6927e761d269789220a2ab) \Device\Harddisk1\DR1\Partition0

16:44:32.0334 4724 \Device\Harddisk1\DR1\Partition0 - ok

16:44:32.0337 4724 Boot (0x1200) (a2dc14c625be1ac577ab0633a7ccef85) \Device\Harddisk2\DR2\Partition0

16:44:32.0338 4724 \Device\Harddisk2\DR2\Partition0 - ok

16:44:32.0339 4724 ============================================================

16:44:32.0339 4724 Scan finished

16:44:32.0339 4724 ============================================================

16:44:32.0349 6064 Detected object count: 5

16:44:32.0349 6064 Actual detected object count: 5

16:44:57.0694 6064 EUBAKUP ( UnsignedFile.Multi.Generic ) - skipped by user

16:44:57.0694 6064 EUBAKUP ( UnsignedFile.Multi.Generic ) - User select action: Skip

16:44:57.0695 6064 EUBKMON ( UnsignedFile.Multi.Generic ) - skipped by user

16:44:57.0695 6064 EUBKMON ( UnsignedFile.Multi.Generic ) - User select action: Skip

16:44:57.0696 6064 EUDISK ( UnsignedFile.Multi.Generic ) - skipped by user

16:44:57.0696 6064 EUDISK ( UnsignedFile.Multi.Generic ) - User select action: Skip

16:44:57.0698 6064 EUDSKACS ( UnsignedFile.Multi.Generic ) - skipped by user

16:44:57.0698 6064 EUDSKACS ( UnsignedFile.Multi.Generic ) - User select action: Skip

16:44:57.0699 6064 EUFS ( UnsignedFile.Multi.Generic ) - skipped by user

16:44:57.0699 6064 EUFS ( UnsignedFile.Multi.Generic ) - User select action: Skip

MBR.zip

Link to post
Share on other sites

Okay, thanks.

RogueKiller:

RogueKiller V7.0.4 [02/08/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo...13-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User: Rich [Admin rights]

Mode: Scan -- Date : 02/13/2012 17:30:33

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 11 ¤¤¤

[sUSP PATH] _uninst_16302574.lnk : C:\Users\Rich\AppData\Local\Temp\_uninst_16302574.bat -> FOUND

[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

127.0.0.1 www.0scan.com

127.0.0.1 0scan.com

127.0.0.1 www.1000gratisproben.com

127.0.0.1 1000gratisproben.com

127.0.0.1 1001namen.com

127.0.0.1 www.1001namen.com

127.0.0.1 100888290cs.com

127.0.0.1 www.100888290cs.com

127.0.0.1 www.100sexlinks.com

[...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD5000AAKS-65V0A0 ATA Device +++++

--- User ---

[MBR] ee7b66efa3cfd88f0e42cacc6a4b32b4

[bSP] bbe27b3efbbd73e9736933cb046c8a1e : Windows 7 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo

User = LL1 ... OK!

User = LL2 ... OK!

+++++ PhysicalDrive1: SAMSUNG HD103SJ ATA Device +++++

--- User ---

[MBR] b2d9b6960bbd3f2409109bed0377e5ac

[bSP] 4f575360fa67d0eaf5a7df899704fa13 : Windows 7 MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[2].txt >>

RKreport[1].txt ; RKreport[2].txt

ListParts:

ListParts by Farbar

Ran by Rich on 13-02-2012 at 17:33:06

Windows 7 (X64)

Running From: C:\Users\Rich\Desktop\New folder

Language: 0409

************************************************************

========================= Memory info ======================

Percentage of memory in use: 32%

Total physical RAM: 12279.12 MB

Available physical RAM: 8266.91 MB

Total Pagefile: 24556.43 MB

Available Pagefile: 20732.95 MB

Total Virtual: 4095.88 MB

Available Virtual: 3991.66 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:465.66 GB) (Free:281.86 GB) NTFS

2 Drive d: () (Fixed) (Total:931.51 GB) (Free:137.06 GB) NTFS

3 Drive e: (PHOTO STORY VCD) (CDROM) (Total:0.32 GB) (Free:0 GB) CDFS

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 465 GB 0 B

Disk 1 Online 931 GB 0 B

Partitions of Disk 0:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 100 MB 1024 KB

Partition 2 Primary 465 GB 101 MB

Disk: 0

Partition 1

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 System Rese NTFS Partition 100 MB Healthy System (partition with boot components)

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 C NTFS Partition 465 GB Healthy Boot

Partitions of Disk 1:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 931 GB 1024 KB

Disk: 1

Partition 1

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 D NTFS Partition 931 GB Healthy

****** End Of Log ******

aswMBR:

aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software

Run date: 2012-02-13 17:35:14

-----------------------------

17:35:14.755 OS Version: Windows x64 6.1.7601 Service Pack 1

17:35:14.756 Number of processors: 8 586 0x1A05

17:35:14.756 ComputerName: WORK-PC UserName: Rich

17:35:15.957 Initialize success

17:35:16.739 AVAST engine defs: 12021300

17:35:17.641 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3

17:35:17.642 Disk 0 Vendor: WDC_WD5000AAKS-65V0A0 05.01D05 Size: 476940MB BusType: 3

17:35:17.644 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP4T0L0-5

17:35:17.645 Disk 1 Vendor: SAMSUNG_HD103SJ 1AJ100E4 Size: 953869MB BusType: 3

17:35:17.666 Disk 0 MBR read successfully

17:35:17.668 Disk 0 MBR scan

17:35:17.671 Disk 0 Windows 7 default MBR code

17:35:17.697 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048

17:35:17.711 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848

17:35:17.720 Service scanning

17:35:22.603 Modules scanning

17:35:22.606 Disk 0 trace - called modules:

17:35:22.632 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys

17:35:22.958 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800adae790]

17:35:22.963 3 CLASSPNP.SYS[fffff8800197a43f] -> nt!IofCallDriver -> [0xfffffa800ab60520]

17:35:22.968 5 ACPI.sys[fffff88000f3c7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-3[0xfffffa800ab62060]

17:35:24.131 AVAST engine scan C:\Windows

17:36:17.743 AVAST engine scan C:\Windows\system32

17:45:26.865 AVAST engine scan C:\Windows\system32\drivers

17:45:47.368 AVAST engine scan C:\Users\Rich

18:14:23.110 AVAST engine scan C:\ProgramData

18:15:45.664 Scan finished successfully

18:16:01.221 Disk 0 MBR has been saved successfully to "C:\Users\Rich\Desktop\MBR.dat"

18:16:01.224 The log file has been saved successfully to "C:\Users\Rich\Desktop\aswMBR.txt"

MBR.zip

Link to post
Share on other sites

lol, no worries.


MBRScan v1.1.1

OS : Windows 7 Service Pack 1 (64 bit)
PROCESSOR : Intel64 Family 6 Model 26 Stepping 5, GenuineIntel
BOOT : Normal Boot
DATE : 2012/02/13 (ISO 8601) at 18:55:53
________________________________________________________________________________

DISK : Device\Harddisk0\DR0 __WDC WD5000AAKS-65V0A0 (05.01D05)
BUS_TYPE : (0x03) P-ATA
USE_PIO : NO
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

DISK : Device\Harddisk1\DR1 __SAMSUNG HD103SJ (1AJ100E4)
BUS_TYPE : (0x03) P-ATA
USE_PIO : NO
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0 465.8 Go [Fixed] ==> 7 MBR Code

MBR_MD5 : EE7B66EFA3CFD88F0E42CACC6A4B32B4
MBR_SHA1 : A477E7B17A54B617E3B8BD1D18A3347C28810376

Device\Harddisk0\Partition1 100.0 Mo 0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2 465.7 Go 0x07 NTFS / HPFS
________________________________________________________________________________

Device\Harddisk1\DR1 931.5 Go [Fixed] ==> 7 MBR Code

MBR_MD5 : B2D9B6960BBD3F2409109BED0377E5AC
MBR_SHA1 : A416B4A74D46688BF650FDA2A756217300C75BB6

Device\Harddisk1\Partition1 931.5 Go 0x07 NTFS / HPFS
________________________________________________________________________________

############################### Additional scan ################################

DRIVER : C:\Windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0x02E03000
SIZE : 292.0 Ko

DRIVER : C:\Windows\system32\kdcom.dll => Invisible on the disk
ADDRESS : 0x00B9C000
SIZE : 40.0 Ko

DRIVER : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0x00CF5000
SIZE : 316.0 Ko

DRIVER : C:\Windows\system32\CLFS.SYS => Invisible on the disk
ADDRESS : 0x00D58000
SIZE : 376.0 Ko

DRIVER : C:\Windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0x00C00000
SIZE : 768.0 Ko

DRIVER : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x00E7E000
SIZE : 656.0 Ko

DRIVER : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x00F22000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0x00F31000
SIZE : 348.0 Ko

DRIVER : C:\Windows\system32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x00F88000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0x00F91000
SIZE : 40.0 Ko

DRIVER : C:\Windows\system32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0x00F9B000
SIZE : 204.0 Ko

DRIVER : C:\Windows\system32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x00FCE000
SIZE : 52.0 Ko

DRIVER : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x00FDB000
SIZE : 84.0 Ko

DRIVER : C:\Windows\system32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0x00E00000
SIZE : 84.0 Ko

DRIVER : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x00E15000
SIZE : 368.0 Ko

DRIVER : C:\Windows\system32\drivers\pciide.sys => Invisible on the disk
ADDRESS : 0x00E71000
SIZE : 28.0 Ko

DRIVER : C:\Windows\system32\drivers\PCIIDEX.SYS => Invisible on the disk
ADDRESS : 0x00FF0000
SIZE : 64.0 Ko

DRIVER : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x00CC0000
SIZE : 104.0 Ko

DRIVER : C:\Windows\system32\drivers\vmbus.sys => Invisible on the disk
ADDRESS : 0x00DB6000
SIZE : 240.0 Ko

DRIVER : C:\Windows\system32\drivers\winhv.sys => Invisible on the disk
ADDRESS : 0x00CDA000
SIZE : 80.0 Ko

DRIVER : C:\Windows\system32\drivers\atapi.sys => Invisible on the disk
ADDRESS : 0x00DF2000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\drivers\ataport.SYS => Invisible on the disk
ADDRESS : 0x01079000
SIZE : 168.0 Ko

DRIVER : C:\Windows\system32\drivers\amdxata.sys => Invisible on the disk
ADDRESS : 0x010A3000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x010AE000
SIZE : 304.0 Ko

DRIVER : C:\Windows\system32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x010FA000
SIZE : 80.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\Lbd.sys => Invisible on the disk
ADDRESS : 0x0110E000
SIZE : 84.0 Ko

DRIVER : C:\Windows\System32\Drivers\PxHlpa64.sys => Invisible on the disk
ADDRESS : 0x01123000
SIZE : 48.0 Ko

DRIVER : C:\Windows\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x01231000
SIZE : 1.64 Mo

DRIVER : C:\Windows\System32\Drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x0112F000
SIZE : 376.0 Ko

DRIVER : C:\Windows\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x013D4000
SIZE : 108.0 Ko

DRIVER : C:\Windows\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x0118D000
SIZE : 456.0 Ko

DRIVER : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x013EF000
SIZE : 68.0 Ko

DRIVER : C:\Windows\system32\drivers\eufs.sys => Invisible on the disk
ADDRESS : 0x01200000
SIZE : 44.0 Ko

DRIVER : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x0120B000
SIZE : 40.0 Ko

DRIVER : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x0140D000
SIZE : 972.0 Ko

DRIVER : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x01500000
SIZE : 384.0 Ko

DRIVER : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x01560000
SIZE : 172.0 Ko

DRIVER : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x01607000
SIZE : 2.02 Mo

DRIVER : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x0180B000
SIZE : 296.0 Ko

DRIVER : C:\Windows\system32\drivers\vmstorfl.sys => Invisible on the disk
ADDRESS : 0x01855000
SIZE : 64.0 Ko

DRIVER : C:\Windows\system32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0x01865000
SIZE : 304.0 Ko

DRIVER : C:\Windows\System32\Drivers\spldr.sys => Invisible on the disk
ADDRESS : 0x018B1000
SIZE : 32.0 Ko

DRIVER : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x018B9000
SIZE : 232.0 Ko

DRIVER : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x018F3000
SIZE : 72.0 Ko

DRIVER : C:\Windows\System32\drivers\hwpolicy.sys => Invisible on the disk
ADDRESS : 0x01905000
SIZE : 36.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x0190E000
SIZE : 232.0 Ko

DRIVER : C:\Windows\system32\drivers\EUBKMON.sys => Invisible on the disk
ADDRESS : 0x01948000
SIZE : 56.0 Ko

DRIVER : C:\Windows\system32\drivers\eubakup.sys => Invisible on the disk
ADDRESS : 0x01956000
SIZE : 52.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\disk.sys => Invisible on the disk
ADDRESS : 0x01963000
SIZE : 88.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x01979000
SIZE : 192.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\16302574.sys => Invisible on the disk
ADDRESS : 0x01A9F000
SIZE : 7.37 Mo

DRIVER : C:\Windows\system32\DRIVERS\cdrom.sys => Invisible on the disk
ADDRESS : 0x01A36000
SIZE : 168.0 Ko

DRIVER : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x01A60000
SIZE : 36.0 Ko

DRIVER : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x01A69000
SIZE : 28.0 Ko

DRIVER : C:\Windows\System32\drivers\vga.sys => Invisible on the disk
ADDRESS : 0x01A70000
SIZE : 56.0 Ko

DRIVER : C:\Windows\System32\drivers\VIDEOPRT.SYS => Invisible on the disk
ADDRESS : 0x019A9000
SIZE : 148.0 Ko

DRIVER : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x01A7E000
SIZE : 64.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\RDPCDD.sys => Invisible on the disk
ADDRESS : 0x01A8E000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\drivers\rdpencdd.sys => Invisible on the disk
ADDRESS : 0x019CE000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\drivers\rdprefmp.sys => Invisible on the disk
ADDRESS : 0x019D7000
SIZE : 36.0 Ko

DRIVER : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x019E0000
SIZE : 44.0 Ko

DRIVER : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x019EB000
SIZE : 68.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x0158B000
SIZE : 136.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x015AD000
SIZE : 52.0 Ko

DRIVER : C:\Windows\System32\Drivers\aswTdi.SYS => Invisible on the disk
ADDRESS : 0x015BA000
SIZE : 72.0 Ko

DRIVER : C:\Windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x04AC1000
SIZE : 548.0 Ko

DRIVER : C:\Windows\System32\Drivers\aswRdr.SYS => Invisible on the disk
ADDRESS : 0x04B4A000
SIZE : 52.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x04B57000
SIZE : 276.0 Ko

DRIVER : C:\Windows\system32\drivers\ws2ifsl.sys => Invisible on the disk
ADDRESS : 0x04B9C000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\wfplwf.sys => Invisible on the disk
ADDRESS : 0x04BA7000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x04BB0000
SIZE : 152.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\vwififlt.sys => Invisible on the disk
ADDRESS : 0x04BD6000
SIZE : 88.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x04BEC000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x04A00000
SIZE : 108.0 Ko

DRIVER : C:\Windows\system32\drivers\termdd.sys => Invisible on the disk
ADDRESS : 0x04A1B000
SIZE : 80.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x04A2F000
SIZE : 324.0 Ko

DRIVER : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x04A80000
SIZE : 48.0 Ko

DRIVER : C:\Windows\system32\drivers\mssmbios.sys => Invisible on the disk
ADDRESS : 0x04A8C000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\drivers\eudskacs.sys => Invisible on the disk
ADDRESS : 0x04A97000
SIZE : 36.0 Ko

DRIVER : C:\Windows\System32\drivers\discache.sys => Invisible on the disk
ADDRESS : 0x04AA0000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\drivers\csc.sys => Invisible on the disk
ADDRESS : 0x04801000
SIZE : 524.0 Ko

DRIVER : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x04884000
SIZE : 120.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\blbdrive.sys => Invisible on the disk
ADDRESS : 0x048A2000
SIZE : 68.0 Ko

DRIVER : C:\Windows\System32\Drivers\aswSP.SYS => Invisible on the disk
ADDRESS : 0x048B3000
SIZE : 324.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x04904000
SIZE : 152.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\intelppm.sys => Invisible on the disk
ADDRESS : 0x0492A000
SIZE : 88.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\nusb3xhc.sys => Invisible on the disk
ADDRESS : 0x04940000
SIZE : 192.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\USBD.SYS => Invisible on the disk
ADDRESS : 0x04970000
SIZE : 8.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\nvlddmkm.sys => Invisible on the disk
ADDRESS : 0x0F823000
SIZE : 12.46 Mo

DRIVER : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x1049A000
SIZE : 976.0 Ko

DRIVER : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x1058E000
SIZE : 280.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\usbuhci.sys => Invisible on the disk
ADDRESS : 0x105D4000
SIZE : 52.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x04972000
SIZE : 344.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\usbehci.sys => Invisible on the disk
ADDRESS : 0x105E1000
SIZE : 68.0 Ko

DRIVER : C:\Windows\system32\drivers\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x049C8000
SIZE : 144.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\Rt64win7.sys => Invisible on the disk
ADDRESS : 0x04C3A000
SIZE : 532.0 Ko

DRIVER : C:\Windows\system32\drivers\1394ohci.sys => Invisible on the disk
ADDRESS : 0x04CBF000
SIZE : 248.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ASACPI.sys => Invisible on the disk
ADDRESS : 0x04CFD000
SIZE : 32.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\GEARAspiWDM.sys => Invisible on the disk
ADDRESS : 0x04D05000
SIZE : 52.0 Ko

DRIVER : C:\Windows\system32\drivers\CompositeBus.sys => Invisible on the disk
ADDRESS : 0x04D12000
SIZE : 64.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk
ADDRESS : 0x04D22000
SIZE : 88.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk
ADDRESS : 0x04D38000
SIZE : 144.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk
ADDRESS : 0x04D5C000
SIZE : 48.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk
ADDRESS : 0x04D68000
SIZE : 188.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk
ADDRESS : 0x04D97000
SIZE : 108.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\raspptp.sys => Invisible on the disk
ADDRESS : 0x04DB2000
SIZE : 132.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rassstp.sys => Invisible on the disk
ADDRESS : 0x04DD3000
SIZE : 104.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rdpbus.sys => Invisible on the disk
ADDRESS : 0x04DED000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\kbdclass.sys => Invisible on the disk
ADDRESS : 0x04C00000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\drivers\mouclass.sys => Invisible on the disk
ADDRESS : 0x04C0F000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\drivers\swenum.sys => Invisible on the disk
ADDRESS : 0x04C1E000
SIZE : 8.0 Ko

DRIVER : C:\Windows\system32\drivers\ks.sys => Invisible on the disk
ADDRESS : 0x01000000
SIZE : 268.0 Ko

DRIVER : C:\Windows\system32\drivers\eudisk.sys => Invisible on the disk
ADDRESS : 0x015CC000
SIZE : 200.0 Ko

DRIVER : C:\Windows\system32\drivers\umbus.sys => Invisible on the disk
ADDRESS : 0x04C20000
SIZE : 72.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\nusb3hub.sys => Invisible on the disk
ADDRESS : 0x0F800000
SIZE : 92.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\usbhub.sys => Invisible on the disk
ADDRESS : 0x05426000
SIZE : 360.0 Ko

DRIVER : C:\Windows\System32\Drivers\NDProxy.SYS => Invisible on the disk
ADDRESS : 0x05480000
SIZE : 84.0 Ko

DRIVER : C:\Windows\system32\drivers\RTKVHD64.sys => Invisible on the disk
ADDRESS : 0x07021000
SIZE : 1.68 Mo

DRIVER : C:\Windows\system32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0x054A0000
SIZE : 244.0 Ko

DRIVER : C:\Windows\system32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0x071CE000
SIZE : 136.0 Ko

DRIVER : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x071F0000
SIZE : 24.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\netr28ux.sys => Invisible on the disk
ADDRESS : 0x054DD000
SIZE : 892.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\hidusb.sys => Invisible on the disk
ADDRESS : 0x07000000
SIZE : 56.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\HIDCLASS.SYS => Invisible on the disk
ADDRESS : 0x055BC000
SIZE : 100.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\HIDPARSE.SYS => Invisible on the disk
ADDRESS : 0x0700E000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\cdfs.sys => Invisible on the disk
ADDRESS : 0x055D5000
SIZE : 116.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\usbccgp.sys => Invisible on the disk
ADDRESS : 0x05400000
SIZE : 116.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\kbdhid.sys => Invisible on the disk
ADDRESS : 0x055F2000
SIZE : 56.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\LHidFilt.Sys => Invisible on the disk
ADDRESS : 0x049EC000
SIZE : 76.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mouhid.sys => Invisible on the disk
ADDRESS : 0x105F2000
SIZE : 52.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\LMouFilt.Sys => Invisible on the disk
ADDRESS : 0x01A00000
SIZE : 80.0 Ko

DRIVER : C:\Windows\system32\drivers\LVUSBS64.sys => Invisible on the disk
ADDRESS : 0x05495000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\LV302V64.SYS => Invisible on the disk
ADDRESS : 0x07271000
SIZE : 1.07 Mo

DRIVER : C:\Windows\system32\DRIVERS\lv302a64.sys => Invisible on the disk
ADDRESS : 0x07383000
SIZE : 12.0 Ko

DRIVER : C:\Windows\system32\drivers\usbaudio.sys => Invisible on the disk
ADDRESS : 0x07386000
SIZE : 108.0 Ko

DRIVER : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x073A1000
SIZE : 56.0 Ko

DRIVER : C:\Windows\System32\Drivers\dump_dumpata.sys => Invisible on the disk
ADDRESS : 0x073AF000
SIZE : 48.0 Ko

DRIVER : C:\Windows\System32\Drivers\dump_atapi.sys => Invisible on the disk
ADDRESS : 0x073BB000
SIZE : 36.0 Ko

DRIVER : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0x073C4000
SIZE : 76.0 Ko

DRIVER : C:\Windows\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x00090000
SIZE : 3.08 Mo

DRIVER : C:\Windows\System32\drivers\Dxapi.sys => Invisible on the disk
ADDRESS : 0x073D7000
SIZE : 48.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\monitor.sys => Invisible on the disk
ADDRESS : 0x073E3000
SIZE : 56.0 Ko

DRIVER : C:\Windows\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x00590000
SIZE : 40.0 Ko

DRIVER : C:\Windows\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x00740000
SIZE : 156.0 Ko

DRIVER : C:\Windows\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x07200000
SIZE : 140.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\sbapifs.sys => Invisible on the disk
ADDRESS : 0x07223000
SIZE : 104.0 Ko

DRIVER : C:\Windows\system32\drivers\aswMonFlt.sys => Invisible on the disk
ADDRESS : 0x04EDB000
SIZE : 240.0 Ko

DRIVER : C:\Windows\System32\Drivers\aswFsBlk.SYS => Invisible on the disk
ADDRESS : 0x04F17000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\drivers\WudfPf.sys => Invisible on the disk
ADDRESS : 0x04F20000
SIZE : 132.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0x04F41000
SIZE : 84.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\nwifi.sys => Invisible on the disk
ADDRESS : 0x04F56000
SIZE : 332.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ndisuio.sys => Invisible on the disk
ADDRESS : 0x04FA9000
SIZE : 76.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0x04FBC000
SIZE : 96.0 Ko

DRIVER : C:\Windows\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x04E00000
SIZE : 804.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x04FD4000
SIZE : 120.0 Ko

DRIVER : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x0723D000
SIZE : 96.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x01043000
SIZE : 180.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x08CEE000
SIZE : 312.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x08D3C000
SIZE : 144.0 Ko

DRIVER : C:\Windows\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x08C00000
SIZE : 664.0 Ko

DRIVER : C:\Windows\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0x08CA6000
SIZE : 44.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x08CB1000
SIZE : 196.0 Ko

DRIVER : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x08D78000
SIZE : 72.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x08D8A000
SIZE : 420.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x098DC000
SIZE : 608.0 Ko

DRIVER : C:\Windows\System32\drivers\ipnat.sys => Invisible on the disk
ADDRESS : 0x09974000
SIZE : 188.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\7670659drv.sys => Invisible on the disk
ADDRESS : 0x09800000
SIZE : 600.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\asyncmac.sys => Invisible on the disk
ADDRESS : 0x0BD3B000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\84756651.sys => Invisible on the disk
ADDRESS : 0x0C85D000
SIZE : 7.37 Mo

DRIVER : C:\Users\Rich\AppData\Local\Temp\aswMBR.sys => Invisible on the disk
ADDRESS : 0x0CFBC000
SIZE : 60.0 Ko

DRIVER : C:\Windows\System32\smss.exe => Invisible on the disk
ADDRESS : 0x47DE0000
SIZE : 128.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions : NOEXECUTE=OPTIN

________________________________________________________________________________

_______MBR \Device\Harddisk0\DR0

0x00000000 33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00 3À.м.|.À.ؾ.|¿.
0x00000010 06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00 .¹..üó¤Ph..Ëû¹..
0x00000020 BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10 ½¾..~..|......Å.
0x00000030 E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00 âñÍ..V.UÆF..ÆF..
0x00000040 B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09 ´A»ªUÍ.]r..ûUªu.
0x00000050 F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74 ÷Á..t.þF.f`.~..t
0x00000060 26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00 &fh....f.v.h..h.
0x00000070 7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13 |h..h..´B.V..ôÍ.
0x00000080 9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00 ..Ä..Ë.¸..».|.V.
0x00000090 8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE .v..N..n.Í.fas.þ
0x000000A0 4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84 N.u..~......².Ë.
0x000000B0 55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55 U2Ä.V.Í.]Ë..>þ}U
0x000000C0 AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64 ªun.v.è..u.ú°ñÆd
0x000000D0 E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75 è..°ßÆ`è|.°.Ædèu
0x000000E0 00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54 .û¸.»Í.f#Àu;f.ûT
0x000000F0 43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00 CPAu2.ù..r,fh.».
0x00000100 00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66 .fh....fh....fSf
0x00000110 53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66 SfUfh....fh.|..f
0x00000120 61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD ah...Í.Z2öê.|..Í
0x00000130 18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4 ..·.Ë..¶.Ë..µ.2Ä
0x00000140 05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD ....Ь<.t.»..´.Í
0x00000150 10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8 .ËòôËý+ÉÄdË.$.ÀØ
0x00000160 24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69 $.ÃInvalid parti
0x00000170 74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72 tion table.Error
0x00000180 20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 loading operati
0x00000190 6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E ng system.Missin
0x000001A0 67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 g operating syst
0x000001B0 65 6D 00 00 00 63 7B 9A 89 EB 84 6E 00 00 80 20 em...c{..Ë.n...
0x000001C0 21 00 07 DF 13 0C 00 08 00 00 00 20 03 00 00 DF !..ß....... ...ß
0x000001D0 14 0C 07 FE FF FF 00 28 03 00 00 30 35 3A 00 00 ...þ...(...05:..
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª

_______MBR \Device\Harddisk1\DR1

0x00000000 33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00 3À.м.|.À.ؾ.|¿.
0x00000010 06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00 .¹..üó¤Ph..Ëû¹..
0x00000020 BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10 ½¾..~..|......Å.
0x00000030 E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00 âñÍ..V.UÆF..ÆF..
0x00000040 B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09 ´A»ªUÍ.]r..ûUªu.
0x00000050 F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74 ÷Á..t.þF.f`.~..t
0x00000060 26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00 &fh....f.v.h..h.
0x00000070 7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13 |h..h..´B.V..ôÍ.
0x00000080 9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00 ..Ä..Ë.¸..».|.V.
0x00000090 8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE .v..N..n.Í.fas.þ
0x000000A0 4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84 N.u..~......².Ë.
0x000000B0 55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55 U2Ä.V.Í.]Ë..>þ}U
0x000000C0 AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64 ªun.v.è..u.ú°ñÆd
0x000000D0 E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75 è..°ßÆ`è|.°.Ædèu
0x000000E0 00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54 .û¸.»Í.f#Àu;f.ûT
0x000000F0 43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00 CPAu2.ù..r,fh.».
0x00000100 00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66 .fh....fh....fSf
0x00000110 53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66 SfUfh....fh.|..f
0x00000120 61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD ah...Í.Z2öê.|..Í
0x00000130 18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4 ..·.Ë..¶.Ë..µ.2Ä
0x00000140 05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD ....Ь<.t.»..´.Í
0x00000150 10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8 .ËòôËý+ÉÄdË.$.ÀØ
0x00000160 24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69 $.ÃInvalid parti
0x00000170 74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72 tion table.Error
0x00000180 20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 loading operati
0x00000190 6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E ng system.Missin
0x000001A0 67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 g operating syst
0x000001B0 65 6D 00 00 00 63 7B 9A 23 CB 4F 30 00 00 00 20 em...c{.#ËO0...
0x000001C0 21 00 07 FE FF FF 00 08 00 00 00 58 70 74 00 00 !..þ.......Xpt..
0x000001D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.