Hi,
I recently faced an issue with Stuckbooting at aswRvrt.sys (Posted Here: http://www.techsupportforum.com/foru...up-847562.html) re-booted by FIXBOOT from Recovery Console of XP Disc.
Post recovery have been advised to follow up by spunk.funk & JackBauer_24.
Tried to run GMER.exe but as soon as I clicked it the Windows rebooted. Therefore the attachment does consist of the ark.txt file. Pls advise.
Following is the DDS.txt log for review;
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.55.2
Run by parry at 17:18:24 on 2014-06-10
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2813.2158 [GMT 5.5:30]
.
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\FileServe Manager\FSStarter.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ASTSRV.EXE
C:\Program Files\BUFFALO\Backup_Utility\BUService.exe
C:\Program Files\BUFFALO\Backup_Utility\BUVSSServiceXP.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
C:\Documents and Settings\All Users\Application Data\Photon Plus\Huawei\OnlineUpdate\ouc.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Common Files\LogiShrd\sp6\LU\LULnchr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\LogiShrd\sp6\LU\LogitechUpdate.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://icicibank.com/
uURLSearchHooks: SearchHook Class: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} -
BHO: FileServeManager: {00000001-AB3B-4334-9DA2-EC6B2A02AFC6} - c:\program files\fileserve manager\FileServeBHO.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: SpeedBit Link Verification Helper: {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - c:\program files\dap\LinkVerifier.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\parry\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload
uRun: [KiesAirMessage] c:\program files\samsung\kies\KiesAirMessage.exe -startup
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Samsung PanelMgr] c:\windows\samsung\panelmgr\SSMMgr.exe /autorun
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [FileServe Manager Task] "c:\program files\fileserve manager\FSStarter.exe"
mRun: [NPSStartup] <no file>
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\epsons~1.lnk - c:\windows\system32\spool\drivers\w32x86\3\E_SRCV04.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &Clean Traces - c:\program files\dap\privacy package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\dap\dapextie.htm
IE: &Verify with DAP - c:\program files\dap\dapverify.htm
IE: Download &all with DAP - c:\program files\dap\dapextie2.htm
IE: Download with FileServe Manager - c:\program files\fileserve manager\GetUrl.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{08906AF8-B224-4939-89E4-F192D7F30DA4} : NameServer = 202.56.215.55,202.56.215.54
TCP: Interfaces\{08906AF8-B224-4939-89E4-F192D7F30DA4} : DHCPNameServer = 192.168.1.1 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\dap\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\dap\dapie.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\parry\application data\mozilla\firefox\profiles\mlhlmq22.default\
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - plugin: c:\documents and settings\parry\local settings\application data\google\update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_13_0_0_214.dll
.
============= SERVICES / DRIVERS ===============
.
R0 BFRD4G;BUFFALO RAM Disk Driver;c:\windows\system32\drivers\BFRD4G.sys [2011-4-19 36344]
R0 bftpdskc;BUFFALO TurboPC Cache Filter;c:\windows\system32\drivers\bftpdskc.sys [2012-7-29 41472]
R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [2010-10-21 19496]
R2 BFBackupUtilityService;Backup Utility Service;c:\program files\buffalo\backup_utility\buservice.exe -service_execute --> c:\program
files\buffalo\backup_utility\BUService.exe -Service_Execute [?]
R2 BFBackupUtilityVSSService;Backup Utility VSS Service for Windows XP;c:\program files\buffalo\backup_utility\buvssservicexp.exe -service_execute -->
c:\program files\buffalo\backup_utility\BUVSSServiceXP.exe -Service_Execute [?]
R2 ES lite Service;ES lite Service for program management.;c:\program files\gigabyte\easysaver\essvr.exe [2010-10-21 68136]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files\foxit software\foxit reader\foxit cloud\FCUpdateService.exe [2014-3-7 239680]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2012-3-1 238952]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\documents and settings\all users\application data\datacardservice\HWDeviceService.exe [2011-3-14 271712]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2010-10-22 12184]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\nitro pdf\professional\NitroPDFDriverService.exe [2009-9-15 188736]
R2 Sentry;Sentry;c:\windows\system32\sentry.sys [2013-3-28 9180]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\drivers\dc3d.sys [2010-10-23 45288]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2012-3-1 36608]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2013-9-3 76544]
R3 PciPPorts;PCI ECP Parallel Port;c:\windows\system32\drivers\PciPPorts.sys [2010-10-28 82432]
R3 PciSPorts;High-Speed PCI Serial Port;c:\windows\system32\drivers\PciSPorts.sys [2010-10-28 119808]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2010-10-21 30392]
S2 Photon Plus. RunOuc;Photon Plus. OUC;c:\program files\photon plus\huawei\updatedog\ouc.exe [2013-9-3 655712]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-10-21 1691480]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 bftpusbx;BUFFALO TurboPC USB Filter;c:\windows\system32\drivers\bftpusbx.sys [2012-7-29 11776]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-12-17 13192]
S3 etdrv;etdrv;c:\windows\etdrv.sys [2010-10-21 17488]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-12-17 8456]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2013-9-3 102784]
S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [2010-10-21 24944]
S3 Samsung UPD Service2;Samsung UPD Service2;c:\windows\system32\SUPDSvc2.exe [2013-2-9 129536]
.
=============== File Associations ===============
.
ShellExec: Foxit Reader.exe: print="c:\program files\foxit software\foxit reader\Foxit Reader.exe"/p "%1"
ShellExec: Foxit Reader.exe: printto="c:\program files\foxit software\foxit reader\Foxit Reader.exe"/t "%1" "%2" "%3" "%4"
.
=============== Created Last 30 ================
.
2014-06-08 07:33:15 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-06-08 07:32:42 -------- d-----w- C:\AdwCleaner
2014-05-11 11:55:54 32768 ----a-r- c:\documents and settings\parry\application data\microsoft\installer\{03b6eabd-46c1-48db-941b-017d39fe7731}
\_31F7C4F16191_49E5_91D2_B0AEE2BB931C.exe
.
==================== Find3M ====================
.
2014-06-10 11:36:25 17488 ----a-w- c:\windows\gdrv.sys
2014-05-18 08:09:33 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-05-18 08:09:33 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-05-06 10:40:46 776976 ----a-w- c:\windows\system32\drivers\aswsnx.sys.1400156251781
2014-05-06 10:40:46 54832 ----a-w- c:\windows\system32\drivers\aswrdr.sys.1400156251781
2014-04-30 08:13:01 6022144 ----a-w- c:\windows\system32\SET2E.tmp
2014-04-14 14:43:52 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-04-14 14:17:42 145408 ----a-w- c:\windows\system32\javacpl.cpl
.
============= FINISH: 17:18:56.73 ===============
I recently faced an issue with Stuckbooting at aswRvrt.sys (Posted Here: http://www.techsupportforum.com/foru...up-847562.html) re-booted by FIXBOOT from Recovery Console of XP Disc.
Post recovery have been advised to follow up by spunk.funk & JackBauer_24.
Tried to run GMER.exe but as soon as I clicked it the Windows rebooted. Therefore the attachment does consist of the ark.txt file. Pls advise.
Following is the DDS.txt log for review;
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.55.2
Run by parry at 17:18:24 on 2014-06-10
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2813.2158 [GMT 5.5:30]
.
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\FileServe Manager\FSStarter.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ASTSRV.EXE
C:\Program Files\BUFFALO\Backup_Utility\BUService.exe
C:\Program Files\BUFFALO\Backup_Utility\BUVSSServiceXP.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
C:\Documents and Settings\All Users\Application Data\Photon Plus\Huawei\OnlineUpdate\ouc.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Common Files\LogiShrd\sp6\LU\LULnchr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\LogiShrd\sp6\LU\LogitechUpdate.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://icicibank.com/
uURLSearchHooks: SearchHook Class: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} -
BHO: FileServeManager: {00000001-AB3B-4334-9DA2-EC6B2A02AFC6} - c:\program files\fileserve manager\FileServeBHO.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: SpeedBit Link Verification Helper: {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - c:\program files\dap\LinkVerifier.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\parry\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload
uRun: [KiesAirMessage] c:\program files\samsung\kies\KiesAirMessage.exe -startup
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Samsung PanelMgr] c:\windows\samsung\panelmgr\SSMMgr.exe /autorun
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [FileServe Manager Task] "c:\program files\fileserve manager\FSStarter.exe"
mRun: [NPSStartup] <no file>
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\epsons~1.lnk - c:\windows\system32\spool\drivers\w32x86\3\E_SRCV04.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &Clean Traces - c:\program files\dap\privacy package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\dap\dapextie.htm
IE: &Verify with DAP - c:\program files\dap\dapverify.htm
IE: Download &all with DAP - c:\program files\dap\dapextie2.htm
IE: Download with FileServe Manager - c:\program files\fileserve manager\GetUrl.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{08906AF8-B224-4939-89E4-F192D7F30DA4} : NameServer = 202.56.215.55,202.56.215.54
TCP: Interfaces\{08906AF8-B224-4939-89E4-F192D7F30DA4} : DHCPNameServer = 192.168.1.1 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\dap\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\dap\dapie.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\parry\application data\mozilla\firefox\profiles\mlhlmq22.default\
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - plugin: c:\documents and settings\parry\local settings\application data\google\update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_13_0_0_214.dll
.
============= SERVICES / DRIVERS ===============
.
R0 BFRD4G;BUFFALO RAM Disk Driver;c:\windows\system32\drivers\BFRD4G.sys [2011-4-19 36344]
R0 bftpdskc;BUFFALO TurboPC Cache Filter;c:\windows\system32\drivers\bftpdskc.sys [2012-7-29 41472]
R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [2010-10-21 19496]
R2 BFBackupUtilityService;Backup Utility Service;c:\program files\buffalo\backup_utility\buservice.exe -service_execute --> c:\program
files\buffalo\backup_utility\BUService.exe -Service_Execute [?]
R2 BFBackupUtilityVSSService;Backup Utility VSS Service for Windows XP;c:\program files\buffalo\backup_utility\buvssservicexp.exe -service_execute -->
c:\program files\buffalo\backup_utility\BUVSSServiceXP.exe -Service_Execute [?]
R2 ES lite Service;ES lite Service for program management.;c:\program files\gigabyte\easysaver\essvr.exe [2010-10-21 68136]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files\foxit software\foxit reader\foxit cloud\FCUpdateService.exe [2014-3-7 239680]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2012-3-1 238952]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\documents and settings\all users\application data\datacardservice\HWDeviceService.exe [2011-3-14 271712]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2010-10-22 12184]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\nitro pdf\professional\NitroPDFDriverService.exe [2009-9-15 188736]
R2 Sentry;Sentry;c:\windows\system32\sentry.sys [2013-3-28 9180]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\drivers\dc3d.sys [2010-10-23 45288]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2012-3-1 36608]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2013-9-3 76544]
R3 PciPPorts;PCI ECP Parallel Port;c:\windows\system32\drivers\PciPPorts.sys [2010-10-28 82432]
R3 PciSPorts;High-Speed PCI Serial Port;c:\windows\system32\drivers\PciSPorts.sys [2010-10-28 119808]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2010-10-21 30392]
S2 Photon Plus. RunOuc;Photon Plus. OUC;c:\program files\photon plus\huawei\updatedog\ouc.exe [2013-9-3 655712]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-10-21 1691480]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 bftpusbx;BUFFALO TurboPC USB Filter;c:\windows\system32\drivers\bftpusbx.sys [2012-7-29 11776]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-12-17 13192]
S3 etdrv;etdrv;c:\windows\etdrv.sys [2010-10-21 17488]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-12-17 8456]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2013-9-3 102784]
S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [2010-10-21 24944]
S3 Samsung UPD Service2;Samsung UPD Service2;c:\windows\system32\SUPDSvc2.exe [2013-2-9 129536]
.
=============== File Associations ===============
.
ShellExec: Foxit Reader.exe: print="c:\program files\foxit software\foxit reader\Foxit Reader.exe"/p "%1"
ShellExec: Foxit Reader.exe: printto="c:\program files\foxit software\foxit reader\Foxit Reader.exe"/t "%1" "%2" "%3" "%4"
.
=============== Created Last 30 ================
.
2014-06-08 07:33:15 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-06-08 07:32:42 -------- d-----w- C:\AdwCleaner
2014-05-11 11:55:54 32768 ----a-r- c:\documents and settings\parry\application data\microsoft\installer\{03b6eabd-46c1-48db-941b-017d39fe7731}
\_31F7C4F16191_49E5_91D2_B0AEE2BB931C.exe
.
==================== Find3M ====================
.
2014-06-10 11:36:25 17488 ----a-w- c:\windows\gdrv.sys
2014-05-18 08:09:33 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-05-18 08:09:33 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-05-06 10:40:46 776976 ----a-w- c:\windows\system32\drivers\aswsnx.sys.1400156251781
2014-05-06 10:40:46 54832 ----a-w- c:\windows\system32\drivers\aswrdr.sys.1400156251781
2014-04-30 08:13:01 6022144 ----a-w- c:\windows\system32\SET2E.tmp
2014-04-14 14:43:52 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-04-14 14:17:42 145408 ----a-w- c:\windows\system32\javacpl.cpl
.
============= FINISH: 17:18:56.73 ===============