Maniac Posted January 16, 2011 ID:374885 Share Posted January 16, 2011 So C:\mbr.log is missing? Link to post Share on other sites More sharing options...
tyrus Posted January 17, 2011 Author ID:375003 Share Posted January 17, 2011 Correct, no MBR.log under the C: drive Link to post Share on other sites More sharing options...
Maniac Posted January 17, 2011 ID:375369 Share Posted January 17, 2011 Please run MBRCheck, choose 1 :[1] Dump the MBR of a physical disk to file.Upload the dump file in your next reply.I want it, because could be legitimate as many machines purchased from Dell or HP come with their own MBR codes. Link to post Share on other sites More sharing options...
tyrus Posted January 18, 2011 Author ID:375681 Share Posted January 18, 2011 There was nothing found. Thanks for the continued support! Here is the log.2011/01/17 18:32:43.0838 TDSS rootkit removing tool 2.4.13.0 Jan 12 2011 09:51:112011/01/17 18:32:43.0839 ================================================================================2011/01/17 18:32:43.0839 SystemInfo:2011/01/17 18:32:43.0839 2011/01/17 18:32:43.0839 OS Version: 6.1.7600 ServicePack: 0.02011/01/17 18:32:43.0839 Product type: Workstation2011/01/17 18:32:43.0839 ComputerName: AUDET-LAPTOP2011/01/17 18:32:43.0840 UserName: Audet2011/01/17 18:32:43.0840 Windows directory: C:\Windows2011/01/17 18:32:43.0840 System windows directory: C:\Windows2011/01/17 18:32:43.0840 Processor architecture: Intel x862011/01/17 18:32:43.0840 Number of processors: 22011/01/17 18:32:43.0840 Page size: 0x10002011/01/17 18:32:43.0840 Boot type: Normal boot2011/01/17 18:32:43.0840 ================================================================================2011/01/17 18:32:44.0256 Initialize success2011/01/17 18:32:48.0465 ================================================================================2011/01/17 18:32:48.0465 Scan started2011/01/17 18:32:48.0465 Mode: Manual; 2011/01/17 18:32:48.0465 ================================================================================2011/01/17 18:32:48.0833 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys2011/01/17 18:32:48.0987 5U877 (d623af0d0db0f13d32cae34d3f0dad39) C:\Windows\system32\DRIVERS\5U877.sys2011/01/17 18:32:49.0115 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys2011/01/17 18:32:49.0248 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys2011/01/17 18:32:49.0420 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys2011/01/17 18:32:49.0578 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys2011/01/17 18:32:49.0724 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys2011/01/17 18:32:49.0810 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys2011/01/17 18:32:49.0879 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys2011/01/17 18:32:50.0013 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys2011/01/17 18:32:50.0168 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys2011/01/17 18:32:50.0207 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys2011/01/17 18:32:50.0295 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys2011/01/17 18:32:50.0342 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys2011/01/17 18:32:50.0372 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys2011/01/17 18:32:50.0432 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys2011/01/17 18:32:50.0468 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys2011/01/17 18:32:50.0499 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys2011/01/17 18:32:50.0531 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys2011/01/17 18:32:50.0699 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys2011/01/17 18:32:50.0741 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys2011/01/17 18:32:50.0804 aswFsBlk (a0d86b8ac93ef95620420c7a24ac5344) C:\Windows\system32\drivers\aswFsBlk.sys2011/01/17 18:32:50.0846 aswMonFlt (bd9119468c32b7ecd1e0544d3f286a73) C:\Windows\system32\drivers\aswMonFlt.sys2011/01/17 18:32:50.0875 aswRdr (69823954bbd461a73d69774928c9737e) C:\Windows\system32\drivers\aswRdr.sys2011/01/17 18:32:50.0914 aswSP (7ecc2776638b04553f9a85bd684c3abf) C:\Windows\system32\drivers\aswSP.sys2011/01/17 18:32:50.0949 aswTdi (095ed820a926aa8189180b305e1bcfc9) C:\Windows\system32\drivers\aswTdi.sys2011/01/17 18:32:50.0989 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys2011/01/17 18:32:51.0042 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys2011/01/17 18:32:51.0193 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys2011/01/17 18:32:51.0283 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys2011/01/17 18:32:51.0357 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys2011/01/17 18:32:51.0416 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys2011/01/17 18:32:51.0443 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys2011/01/17 18:32:51.0470 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys2011/01/17 18:32:51.0504 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys2011/01/17 18:32:51.0533 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys2011/01/17 18:32:51.0558 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys2011/01/17 18:32:51.0601 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys2011/01/17 18:32:51.0621 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys2011/01/17 18:32:51.0661 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\DRIVERS\BthEnum.sys2011/01/17 18:32:51.0686 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys2011/01/17 18:32:51.0723 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys2011/01/17 18:32:51.0766 BTHPORT (4a34888e13224678dd062466afec4240) C:\Windows\system32\Drivers\BTHport.sys2011/01/17 18:32:51.0838 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\Windows\system32\Drivers\BTHUSB.sys2011/01/17 18:32:52.0106 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys2011/01/17 18:32:52.0181 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys2011/01/17 18:32:52.0258 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys2011/01/17 18:32:52.0311 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys2011/01/17 18:32:52.0399 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys2011/01/17 18:32:52.0420 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys2011/01/17 18:32:52.0460 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys2011/01/17 18:32:52.0499 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys2011/01/17 18:32:52.0542 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys2011/01/17 18:32:52.0580 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys2011/01/17 18:32:52.0643 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys2011/01/17 18:32:52.0698 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys2011/01/17 18:32:52.0729 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys2011/01/17 18:32:52.0775 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys2011/01/17 18:32:52.0833 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys2011/01/17 18:32:52.0886 dvd43llh (1fc1eed3ea0c3a0ecf8a95b97e1b4831) C:\Windows\system32\DRIVERS\dvd43llh.sys2011/01/17 18:32:52.0957 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys2011/01/17 18:32:53.0101 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys2011/01/17 18:32:53.0235 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys2011/01/17 18:32:53.0265 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys2011/01/17 18:32:53.0332 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys2011/01/17 18:32:53.0368 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys2011/01/17 18:32:53.0418 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys2011/01/17 18:32:53.0467 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys2011/01/17 18:32:53.0501 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys2011/01/17 18:32:53.0521 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys2011/01/17 18:32:53.0571 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys2011/01/17 18:32:53.0615 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys2011/01/17 18:32:53.0645 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys2011/01/17 18:32:53.0711 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys2011/01/17 18:32:53.0753 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys2011/01/17 18:32:53.0792 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys2011/01/17 18:32:53.0820 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys2011/01/17 18:32:53.0865 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys2011/01/17 18:32:53.0885 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys2011/01/17 18:32:53.0910 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys2011/01/17 18:32:53.0940 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys2011/01/17 18:32:54.0004 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys2011/01/17 18:32:54.0061 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys2011/01/17 18:32:54.0118 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys2011/01/17 18:32:54.0164 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys2011/01/17 18:32:54.0214 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys2011/01/17 18:32:54.0285 iaStor (01446278d4563b3013c92830ae6cbb26) C:\Windows\system32\DRIVERS\iaStor.sys2011/01/17 18:32:54.0345 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys2011/01/17 18:32:54.0395 IBMPMDRV (4dcfc1792be8fc092ab41eafa9d0fde5) C:\Windows\system32\DRIVERS\ibmpmdrv.sys2011/01/17 18:32:54.0595 igfx (c7fee838fd0216ee0ad3d765ab4f40f4) C:\Windows\system32\DRIVERS\igdkmd32.sys2011/01/17 18:32:54.0833 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys2011/01/17 18:32:55.0010 IntcAzAudAddService (d991871aa47da7989540ac2c0f6ec533) C:\Windows\system32\drivers\RTKVHDA.sys2011/01/17 18:32:55.0143 IntcHdmiAddService (264632ade8127b7baa2190cf6fad435b) C:\Windows\system32\drivers\IntcHdmi.sys2011/01/17 18:32:55.0200 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys2011/01/17 18:32:55.0242 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys2011/01/17 18:32:55.0270 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys2011/01/17 18:32:55.0301 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys2011/01/17 18:32:55.0325 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys2011/01/17 18:32:55.0348 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys2011/01/17 18:32:55.0372 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys2011/01/17 18:32:55.0411 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys2011/01/17 18:32:55.0470 JMCR (2137795d207280d5707554aaf936fd19) C:\Windows\system32\DRIVERS\jmcr.sys2011/01/17 18:32:55.0517 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys2011/01/17 18:32:55.0560 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys2011/01/17 18:32:55.0598 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys2011/01/17 18:32:55.0647 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys2011/01/17 18:32:55.0728 lenovo.smi (3c3f7f424e324c6971632c5de5ff458f) C:\Windows\system32\DRIVERS\smiif32.sys2011/01/17 18:32:55.0799 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys2011/01/17 18:32:55.0863 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys2011/01/17 18:32:55.0886 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys2011/01/17 18:32:55.0925 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys2011/01/17 18:32:55.0947 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys2011/01/17 18:32:55.0988 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys2011/01/17 18:32:56.0015 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys2011/01/17 18:32:56.0042 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys2011/01/17 18:32:56.0078 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys2011/01/17 18:32:56.0139 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys2011/01/17 18:32:56.0184 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys2011/01/17 18:32:56.0215 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys2011/01/17 18:32:56.0253 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys2011/01/17 18:32:56.0275 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys2011/01/17 18:32:56.0325 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys2011/01/17 18:32:56.0353 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys2011/01/17 18:32:56.0427 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\Windows\system32\DRIVERS\mrxsmb.sys2011/01/17 18:32:56.0460 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\Windows\system32\DRIVERS\mrxsmb10.sys2011/01/17 18:32:56.0521 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\Windows\system32\DRIVERS\mrxsmb20.sys2011/01/17 18:32:56.0553 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys2011/01/17 18:32:56.0587 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys2011/01/17 18:32:56.0639 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys2011/01/17 18:32:56.0665 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys2011/01/17 18:32:56.0695 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys2011/01/17 18:32:56.0748 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys2011/01/17 18:32:56.0782 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys2011/01/17 18:32:56.0810 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys2011/01/17 18:32:56.0849 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys2011/01/17 18:32:56.0890 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys2011/01/17 18:32:56.0943 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys2011/01/17 18:32:56.0972 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys2011/01/17 18:32:57.0008 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys2011/01/17 18:32:57.0041 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys2011/01/17 18:32:57.0096 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys2011/01/17 18:32:57.0135 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys2011/01/17 18:32:57.0177 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys2011/01/17 18:32:57.0206 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys2011/01/17 18:32:57.0238 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys2011/01/17 18:32:57.0260 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys2011/01/17 18:32:57.0319 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys2011/01/17 18:32:57.0352 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys2011/01/17 18:32:57.0552 NETw5s32 (ef51b405ad8acaae6f0231290d20f516) C:\Windows\system32\DRIVERS\NETw5s32.sys2011/01/17 18:32:57.0888 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys2011/01/17 18:32:58.0034 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys2011/01/17 18:32:58.0083 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys2011/01/17 18:32:58.0109 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys2011/01/17 18:32:58.0176 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys2011/01/17 18:32:58.0271 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys2011/01/17 18:32:58.0305 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys2011/01/17 18:32:58.0328 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys2011/01/17 18:32:58.0352 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys2011/01/17 18:32:58.0379 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys2011/01/17 18:32:58.0454 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys2011/01/17 18:32:58.0517 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys2011/01/17 18:32:58.0547 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys2011/01/17 18:32:58.0590 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys2011/01/17 18:32:58.0621 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys2011/01/17 18:32:58.0643 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys2011/01/17 18:32:58.0678 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys2011/01/17 18:32:58.0725 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys2011/01/17 18:32:58.0878 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys2011/01/17 18:32:58.0913 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys2011/01/17 18:32:58.0986 psadd (72de205cd4006dc45b1401859c506679) C:\Windows\system32\DRIVERS\psadd.sys2011/01/17 18:32:59.0011 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys2011/01/17 18:32:59.0062 PxHelp20 (40fedd328f98245ad201cf5f9f311724) C:\Windows\system32\Drivers\PxHelp20.sys2011/01/17 18:32:59.0129 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys2011/01/17 18:32:59.0197 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys2011/01/17 18:32:59.0246 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys2011/01/17 18:32:59.0277 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys2011/01/17 18:32:59.0328 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys2011/01/17 18:32:59.0367 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys2011/01/17 18:32:59.0410 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys2011/01/17 18:32:59.0433 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys2011/01/17 18:32:59.0467 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys2011/01/17 18:32:59.0501 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys2011/01/17 18:32:59.0523 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys2011/01/17 18:32:59.0569 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys2011/01/17 18:32:59.0621 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys2011/01/17 18:32:59.0649 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys2011/01/17 18:32:59.0686 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys2011/01/17 18:32:59.0729 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys2011/01/17 18:32:59.0779 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys2011/01/17 18:32:59.0838 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys2011/01/17 18:32:59.0926 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys2011/01/17 18:32:59.0987 RTL8167 (26a9d6227d12b9d9da5a81bb9b55d810) C:\Windows\system32\DRIVERS\Rt86win7.sys2011/01/17 18:33:00.0025 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys2011/01/17 18:33:00.0072 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys2011/01/17 18:33:00.0115 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys2011/01/17 18:33:00.0147 sdbus (7b48cff3a475fe849dea65ec4d35c425) C:\Windows\system32\DRIVERS\sdbus.sys2011/01/17 18:33:00.0221 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys2011/01/17 18:33:00.0271 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys2011/01/17 18:33:00.0296 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys2011/01/17 18:33:00.0319 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys2011/01/17 18:33:00.0378 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys2011/01/17 18:33:00.0398 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys2011/01/17 18:33:00.0421 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys2011/01/17 18:33:00.0445 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys2011/01/17 18:33:00.0493 Shockprf (fc0127343bd1ce1986ba12f8937f1057) C:\Windows\system32\DRIVERS\Apsx86.sys2011/01/17 18:33:00.0514 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys2011/01/17 18:33:00.0548 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys2011/01/17 18:33:00.0572 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys2011/01/17 18:33:00.0595 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys2011/01/17 18:33:00.0653 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys2011/01/17 18:33:00.0743 srv (2dbedfb1853f06110ec2aa7f3213c89f) C:\Windows\system32\DRIVERS\srv.sys2011/01/17 18:33:00.0796 srv2 (db37131d1027c50ea7ee21c8bb4536aa) C:\Windows\system32\DRIVERS\srv2.sys2011/01/17 18:33:00.0842 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS2011/01/17 18:33:00.0889 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS2011/01/17 18:33:00.0944 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS2011/01/17 18:33:01.0007 srvnet (f5980b74124db9233b33f86fc5ebbb4f) C:\Windows\system32\DRIVERS\srvnet.sys2011/01/17 18:33:01.0056 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys2011/01/17 18:33:01.0117 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys2011/01/17 18:33:01.0152 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys2011/01/17 18:33:01.0196 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys2011/01/17 18:33:01.0260 SynTP (53d429d38e8fb5e0cd9225353006af0f) C:\Windows\system32\DRIVERS\SynTP.sys2011/01/17 18:33:01.0375 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys2011/01/17 18:33:01.0466 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys2011/01/17 18:33:01.0520 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys2011/01/17 18:33:01.0557 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys2011/01/17 18:33:01.0577 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys2011/01/17 18:33:01.0614 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys2011/01/17 18:33:01.0646 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys2011/01/17 18:33:01.0730 TPDIGIMN (521866a3ce5a1a69b4b4a87bdb52be26) C:\Windows\system32\DRIVERS\ApsHM86.sys2011/01/17 18:33:01.0791 TPM (5ad05191dc8b444a7ba4d79b76c42a30) C:\Windows\system32\drivers\tpm.sys2011/01/17 18:33:01.0841 TPPWRIF (6412da2b8d079d821b99b3a99943284e) C:\Windows\system32\drivers\Tppwr32v.sys2011/01/17 18:33:01.0892 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys2011/01/17 18:33:01.0926 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys2011/01/17 18:33:01.0970 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys2011/01/17 18:33:02.0004 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys2011/01/17 18:33:02.0044 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys2011/01/17 18:33:02.0082 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys2011/01/17 18:33:02.0125 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys2011/01/17 18:33:02.0172 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys2011/01/17 18:33:02.0196 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys2011/01/17 18:33:02.0236 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys2011/01/17 18:33:02.0280 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys2011/01/17 18:33:02.0305 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys2011/01/17 18:33:02.0341 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys2011/01/17 18:33:02.0367 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS2011/01/17 18:33:02.0395 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys2011/01/17 18:33:02.0458 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\System32\Drivers\usbvideo.sys2011/01/17 18:33:02.0519 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys2011/01/17 18:33:02.0545 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys2011/01/17 18:33:02.0575 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys2011/01/17 18:33:02.0598 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys2011/01/17 18:33:02.0645 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys2011/01/17 18:33:02.0667 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys2011/01/17 18:33:02.0691 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys2011/01/17 18:33:02.0718 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys2011/01/17 18:33:02.0741 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys2011/01/17 18:33:02.0774 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys2011/01/17 18:33:02.0804 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys2011/01/17 18:33:02.0845 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys2011/01/17 18:33:02.0884 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys2011/01/17 18:33:02.0921 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys2011/01/17 18:33:02.0949 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys2011/01/17 18:33:02.0984 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys2011/01/17 18:33:03.0030 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys2011/01/17 18:33:03.0070 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys2011/01/17 18:33:03.0084 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys2011/01/17 18:33:03.0142 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys2011/01/17 18:33:03.0188 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys2011/01/17 18:33:03.0279 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys2011/01/17 18:33:03.0300 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys2011/01/17 18:33:03.0411 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys2011/01/17 18:33:03.0454 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys2011/01/17 18:33:03.0524 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys2011/01/17 18:33:03.0582 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys2011/01/17 18:33:03.0613 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys2011/01/17 18:33:03.0711 ================================================================================2011/01/17 18:33:03.0711 Scan finished2011/01/17 18:33:03.0711 ================================================================================ Link to post Share on other sites More sharing options...
Maniac Posted January 18, 2011 ID:375731 Share Posted January 18, 2011 What is this? Did you read my last post?Please run MBRCheck, choose 1 :[1] Dump the MBR of a physical disk to file.Upload the dump file in your next reply.I want it, because could be legitimate as many machines purchased from Dell or HP come with their own MBR codes. Link to post Share on other sites More sharing options...
tyrus Posted January 19, 2011 Author ID:376277 Share Posted January 19, 2011 Sorry for the confusion. Here is the MBRcheck results. Thanks.MBRCheck, version 1.2.3© 2010, ADCommand-line: Windows Version: Windows 7 ProfessionalWindows Information: (build 7600), 32-bitBase Board Manufacturer: LENOVOBIOS Manufacturer: LENOVOSystem Manufacturer: LENOVOSystem Product Name: 2842F7ULogical Drives Mask: 0x0001000cKernel Drivers (total 200): 0x82E4B000 \SystemRoot\system32\ntkrnlpa.exe 0x82E14000 \SystemRoot\system32\halmacpi.dll 0x80BC6000 \SystemRoot\system32\kdcom.dll 0x88634000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x886AC000 \SystemRoot\system32\PSHED.dll 0x886BD000 \SystemRoot\system32\BOOTVID.dll 0x886C5000 \SystemRoot\system32\CLFS.SYS 0x88707000 \SystemRoot\system32\CI.dll 0x88815000 \SystemRoot\system32\drivers\Wdf01000.sys 0x88886000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x88894000 \SystemRoot\system32\DRIVERS\ACPI.sys 0x888DC000 \SystemRoot\system32\DRIVERS\WMILIB.SYS 0x888E5000 \SystemRoot\system32\DRIVERS\msisadrv.sys 0x888ED000 \SystemRoot\system32\DRIVERS\pci.sys 0x88917000 \SystemRoot\system32\DRIVERS\vdrvroot.sys 0x88922000 \SystemRoot\System32\drivers\partmgr.sys 0x88933000 \SystemRoot\system32\DRIVERS\compbatt.sys 0x8893B000 \SystemRoot\system32\DRIVERS\BATTC.SYS 0x88946000 \SystemRoot\system32\DRIVERS\volmgr.sys 0x88956000 \SystemRoot\System32\drivers\volmgrx.sys 0x889A1000 \SystemRoot\System32\drivers\mountmgr.sys 0x88A3E000 \SystemRoot\system32\DRIVERS\iaStor.sys 0x88B18000 \SystemRoot\system32\DRIVERS\atapi.sys 0x88B21000 \SystemRoot\system32\DRIVERS\ataport.SYS 0x88B44000 \SystemRoot\system32\DRIVERS\msahci.sys 0x88B4E000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS 0x88B5C000 \SystemRoot\system32\DRIVERS\amdxata.sys 0x88B65000 \SystemRoot\system32\drivers\fltmgr.sys 0x88B99000 \SystemRoot\system32\drivers\fileinfo.sys 0x88BAA000 \SystemRoot\System32\Drivers\PxHelp20.sys 0x88C2E000 \SystemRoot\System32\Drivers\Ntfs.sys 0x88D5D000 \SystemRoot\System32\Drivers\msrpc.sys 0x88D88000 \SystemRoot\System32\Drivers\ksecdd.sys 0x88D9B000 \SystemRoot\System32\Drivers\cng.sys 0x88C00000 \SystemRoot\System32\drivers\pcw.sys 0x88C0E000 \SystemRoot\System32\Drivers\Fs_Rec.sys 0x88E32000 \SystemRoot\system32\drivers\ndis.sys 0x88EE9000 \SystemRoot\system32\drivers\NETIO.SYS 0x88F27000 \SystemRoot\System32\Drivers\ksecpkg.sys 0x89006000 \SystemRoot\System32\drivers\tcpip.sys 0x8914F000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x89180000 \SystemRoot\system32\DRIVERS\vmstorfl.sys 0x89189000 \SystemRoot\system32\DRIVERS\volsnap.sys 0x891C8000 \SystemRoot\System32\DRIVERS\ApsHM86.sys 0x891D1000 \SystemRoot\System32\Drivers\spldr.sys 0x88F4C000 \SystemRoot\System32\drivers\rdyboost.sys 0x891D9000 \SystemRoot\System32\DRIVERS\Apsx86.sys 0x88F79000 \SystemRoot\System32\Drivers\mup.sys 0x88F89000 \SystemRoot\System32\drivers\hwpolicy.sys 0x88F91000 \SystemRoot\System32\DRIVERS\fvevol.sys 0x88FC3000 \SystemRoot\system32\DRIVERS\disk.sys 0x88FD4000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS 0x8DD05000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x8DD24000 \SystemRoot\System32\Drivers\Null.SYS 0x8DD2B000 \SystemRoot\System32\Drivers\Beep.SYS 0x8DD32000 \SystemRoot\System32\drivers\vga.sys 0x8DD3E000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x8DD5F000 \SystemRoot\System32\drivers\watchdog.sys 0x8DD6C000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x8DD74000 \SystemRoot\system32\drivers\rdpencdd.sys 0x8DD7C000 \SystemRoot\system32\drivers\rdprefmp.sys 0x8DD84000 \SystemRoot\System32\Drivers\Msfs.SYS 0x8DD8F000 \SystemRoot\System32\Drivers\Npfs.SYS 0x8DD9D000 \SystemRoot\system32\DRIVERS\tdx.sys 0x8DDB4000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x8DDBF000 \SystemRoot\System32\Drivers\aswTdi.SYS 0x8E234000 \SystemRoot\system32\drivers\afd.sys 0x8E28E000 \SystemRoot\System32\Drivers\aswRdr.SYS 0x8E293000 \SystemRoot\System32\DRIVERS\netbt.sys 0x8E2C5000 \SystemRoot\system32\DRIVERS\wfplwf.sys 0x8E2CC000 \SystemRoot\system32\DRIVERS\pacer.sys 0x8E2EB000 \SystemRoot\system32\DRIVERS\vwififlt.sys 0x8E2FC000 \SystemRoot\system32\DRIVERS\netbios.sys 0x8E30A000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x8E31D000 \SystemRoot\System32\drivers\Tppwr32v.sys 0x8E324000 \SystemRoot\system32\DRIVERS\termdd.sys 0x8E334000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x8E375000 \SystemRoot\system32\drivers\nsiproxy.sys 0x8E37F000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0x8E389000 \SystemRoot\system32\DRIVERS\smiif32.sys 0x8E38B000 \SystemRoot\System32\drivers\discache.sys 0x8E397000 \SystemRoot\system32\drivers\csc.sys 0x8E200000 \SystemRoot\System32\Drivers\dfsc.sys 0x8E218000 \SystemRoot\system32\DRIVERS\blbdrive.sys 0x8DDC9000 \SystemRoot\System32\Drivers\aswSP.SYS 0x88E0D000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x8FE37000 \SystemRoot\system32\DRIVERS\igdkmd32.sys 0x9045E000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x90515000 \SystemRoot\System32\drivers\dxgmms1.sys 0x9054E000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0x90559000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x905A4000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x905B3000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0x905D2000 \SystemRoot\system32\DRIVERS\jmcr.sys 0x8FE00000 \SystemRoot\system32\DRIVERS\SCSIPORT.SYS 0x9520B000 \SystemRoot\system32\DRIVERS\NETw5s32.sys 0x957EA000 \SystemRoot\system32\DRIVERS\vwifibus.sys 0x88BB4000 \SystemRoot\system32\DRIVERS\Rt86win7.sys 0x8DC00000 \SystemRoot\system32\DRIVERS\i8042prt.sys 0x8FE26000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x88A00000 \SystemRoot\system32\DRIVERS\SynTP.sys 0x957F4000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x905F1000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x957F6000 \SystemRoot\system32\DRIVERS\ibmpmdrv.sys 0x957FB000 \SystemRoot\System32\DRIVERS\dvd43llh.sys 0x88C17000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x95200000 \SystemRoot\system32\DRIVERS\CmBatt.sys 0x8E226000 \SystemRoot\system32\DRIVERS\wmiacpi.sys 0x8DDF0000 \SystemRoot\system32\DRIVERS\CompositeBus.sys 0x88BE0000 \SystemRoot\system32\DRIVERS\AgileVpn.sys 0x889B7000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x88BF2000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x889CF000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x887B2000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x887CA000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x887E1000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x889F1000 \SystemRoot\system32\DRIVERS\rdpbus.sys 0x95204000 \SystemRoot\system32\DRIVERS\psadd.sys 0x905FE000 \SystemRoot\system32\DRIVERS\swenum.sys 0x88600000 \SystemRoot\system32\DRIVERS\ks.sys 0x88800000 \SystemRoot\system32\DRIVERS\umbus.sys 0x91201000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x91245000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x93025000 \SystemRoot\system32\drivers\RTKVHDA.sys 0x932AD000 \SystemRoot\system32\drivers\portcls.sys 0x932DC000 \SystemRoot\system32\drivers\drmk.sys 0x932F5000 \SystemRoot\system32\drivers\IntcHdmi.sys 0x81E30000 \SystemRoot\System32\win32k.sys 0x93318000 \SystemRoot\System32\drivers\Dxapi.sys 0x93322000 \SystemRoot\system32\DRIVERS\usbccgp.sys 0x93339000 \SystemRoot\system32\DRIVERS\5U877.sys 0x93358000 \SystemRoot\system32\DRIVERS\STREAM.SYS 0x82090000 \SystemRoot\System32\TSDDD.dll 0x820C0000 \SystemRoot\System32\cdd.dll 0x93371000 \SystemRoot\system32\DRIVERS\udfs.sys 0x933B1000 \SystemRoot\System32\Drivers\crashdmp.sys 0x91256000 \SystemRoot\System32\Drivers\dump_iaStor.sys 0x933BE000 \SystemRoot\System32\Drivers\dump_dumpfve.sys 0x933CF000 \SystemRoot\system32\drivers\luafv.sys 0x91330000 \??\C:\Windows\system32\drivers\aswMonFlt.sys 0x933EA000 \SystemRoot\System32\Drivers\aswFsBlk.SYS 0x93000000 \SystemRoot\system32\drivers\WudfPf.sys 0x933ED000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x91367000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x913AD000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x913BD000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x8DC18000 \SystemRoot\system32\drivers\HTTP.sys 0x9301A000 \SystemRoot\system32\DRIVERS\vwifimp.sys 0x913D0000 \SystemRoot\system32\DRIVERS\bowser.sys 0x913E9000 \SystemRoot\System32\drivers\mpsdrv.sys 0x8DC9D000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x8DCC0000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x99208000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x9923B000 \SystemRoot\system32\drivers\peauth.sys 0x992D2000 \SystemRoot\system32\drivers\regi.sys 0x992D4000 \SystemRoot\System32\Drivers\secdrv.SYS 0x992DE000 \SystemRoot\System32\DRIVERS\srvnet.sys 0x992FF000 \SystemRoot\System32\drivers\tcpipreg.sys 0x9930C000 \SystemRoot\System32\DRIVERS\srv2.sys 0x9935B000 \SystemRoot\System32\DRIVERS\srv.sys 0x993DF000 \SystemRoot\system32\DRIVERS\monitor.sys 0x771E0000 \Windows\System32\ntdll.dll 0x483C0000 \Windows\System32\smss.exe 0x77420000 \Windows\System32\apisetschema.dll 0x00BE0000 \Windows\System32\autochk.exe 0x770E0000 \Windows\System32\wininet.dll 0x773B0000 \Windows\System32\difxapi.dll 0x77320000 \Windows\System32\oleaut32.dll 0x770C0000 \Windows\System32\sechost.dll 0x77020000 \Windows\System32\advapi32.dll 0x76EC0000 \Windows\System32\ole32.dll 0x76E80000 \Windows\System32\ws2_32.dll 0x76D40000 \Windows\System32\urlmon.dll 0x76CF0000 \Windows\System32\gdi32.dll 0x76CE0000 \Windows\System32\lpk.dll 0x76C30000 \Windows\System32\rpcrt4.dll 0x76C20000 \Windows\System32\normaliz.dll 0x76B40000 \Windows\System32\kernel32.dll 0x76B10000 \Windows\System32\imagehlp.dll 0x76910000 \Windows\System32\iertutil.dll 0x76890000 \Windows\System32\comdlg32.dll 0x76880000 \Windows\System32\psapi.dll 0x76820000 \Windows\System32\shlwapi.dll 0x76810000 \Windows\System32\nsi.dll 0x76670000 \Windows\System32\setupapi.dll 0x76620000 \Windows\System32\Wldap32.dll 0x76580000 \Windows\System32\usp10.dll 0x764B0000 \Windows\System32\msctf.dll 0x75860000 \Windows\System32\shell32.dll 0x75840000 \Windows\System32\imm32.dll 0x757B0000 \Windows\System32\clbcatq.dll 0x75700000 \Windows\System32\msvcrt.dll 0x75630000 \Windows\System32\user32.dll 0x755E0000 \Windows\System32\KernelBase.dll 0x754C0000 \Windows\System32\crypt32.dll 0x75490000 \Windows\System32\wintrust.dll 0x75460000 \Windows\System32\cfgmgr32.dll 0x75440000 \Windows\System32\devobj.dll 0x753B0000 \Windows\System32\comctl32.dll 0x753A0000 \Windows\System32\msasn1.dllProcesses (total 77): 0 System Idle Process 4 System 340 C:\Windows\System32\smss.exe 484 csrss.exe 540 C:\Windows\System32\wininit.exe 556 csrss.exe 592 C:\Windows\System32\services.exe 608 C:\Windows\System32\lsass.exe 616 C:\Windows\System32\lsm.exe 732 C:\Windows\System32\svchost.exe 800 C:\Windows\System32\winlogon.exe 856 C:\Windows\System32\ibmpmsvc.exe 912 C:\Windows\System32\svchost.exe 952 C:\Windows\System32\svchost.exe 1036 C:\Windows\System32\svchost.exe 1080 C:\Windows\System32\svchost.exe 1208 C:\Windows\System32\svchost.exe 1328 C:\Windows\System32\svchost.exe 1408 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe 1416 C:\Windows\System32\wlanext.exe 1424 C:\Windows\System32\conhost.exe 1816 C:\Windows\System32\spoolsv.exe 1864 C:\Windows\System32\svchost.exe 1964 C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe 1992 C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe 2004 C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe 360 C:\Program Files\Intel\WiFi\bin\EvtEng.exe 500 C:\Windows\System32\svchost.exe 680 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 1288 C:\Windows\System32\svchost.exe 1356 C:\Program Files\Lenovo\HOTKEY\micmute.exe 2132 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 2168 C:\Windows\System32\svchost.exe 2292 C:\Program Files\Lenovo\Access Connections\AcSvc.exe 2348 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe 2588 unsecapp.exe 2664 C:\Windows\System32\svchost.exe 2832 WmiPrvSE.exe 3296 C:\Windows\System32\dwm.exe 3304 C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe 3316 C:\Windows\explorer.exe 3352 C:\Windows\System32\taskhost.exe 3604 C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe 3628 C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe 3636 C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe 3668 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe 3708 C:\Windows\System32\TpShocks.exe 3724 C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe 3748 C:\Program Files\Lenovo\ZOOM\TpScrex.exe 3756 C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe 3900 C:\Program Files\Alwil Software\Avast5\AvastUI.exe 3912 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe 3932 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe 3944 C:\Program Files\dvd43\DVD43_Tray.exe 4032 C:\Program Files\Zune\ZuneLauncher.exe 3020 C:\Windows\System32\SearchIndexer.exe 4008 C:\Program Files\Lenovo\Access Connections\SvcGuiHlpr.exe 4140 C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe 4380 C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe 4624 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 4752 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 4788 C:\Program Files\Lenovo\System Update\SUService.exe 4884 C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe 4940 C:\Windows\System32\svchost.exe 5000 C:\Program Files\Windows Media Player\wmpnetwk.exe 5476 C:\Windows\System32\taskeng.exe 1464 C:\Program Files\Google\Update\GoogleUpdate.exe 5440 C:\Windows\System32\svchost.exe 2340 C:\Windows\System32\audiodg.exe 4692 C:\Program Files\Mozilla Firefox\firefox.exe 1160 C:\Program Files\Mozilla Firefox\plugin-container.exe 740 C:\Windows\System32\SearchProtocolHost.exe 2196 C:\Windows\System32\SearchFilterHost.exe 3980 dllhost.exe 4116 dllhost.exe 1460 C:\Users\Audet\Downloads\MBRCheck(4).exe 5248 C:\Windows\System32\conhost.exe\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`4b100000 (NTFS)\\.\Q: --> \\.\PhysicalDrive0 at offset 0x00000037`c7a00000 (NTFS)PhysicalDrive0 Model Number: WDCWD2500BEVS-08VAT2, Rev: 14.01A14 Size Device Name MBR Status -------------------------------------------- 232 GB \\.\PhysicalDrive0 Windows 7 MBR code detected SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79Done! Link to post Share on other sites More sharing options...
Maniac Posted January 19, 2011 ID:376387 Share Posted January 19, 2011 Can you please post a new fresh GMER log? Link to post Share on other sites More sharing options...
tyrus Posted January 20, 2011 Author ID:376903 Share Posted January 20, 2011 Did GMER scan, tried to post in reply but error that post is to long. I have attached instead. Thanks. Tgmer_Jan_19.txt Link to post Share on other sites More sharing options...
Maniac Posted January 20, 2011 ID:376935 Share Posted January 20, 2011 How are things there? Link to post Share on other sites More sharing options...
tyrus Posted January 20, 2011 Author ID:377009 Share Posted January 20, 2011 Thanks for the quick reply. Unfortunately when the computer restarts rundll32.exe still loads and still interferes with streaming music and obscures the battery monitor. If I end rundll32.exe in task manager the problems go away. Ideas? Link to post Share on other sites More sharing options...
Maniac Posted January 20, 2011 ID:377106 Share Posted January 20, 2011 Post a new fresh HiJackThis log. Link to post Share on other sites More sharing options...
tyrus Posted January 22, 2011 Author ID:377714 Share Posted January 22, 2011 I got the following "error" while running Hijackthis .For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, HijackThis may NOT be able to fix this.If that happens, you need to edit the file yourself. To do this, click Start, Run and type: notepad C:\Windows\System32\drivers\etc\hostsand press Enter. Find the line(s) HijackThis reports and delete them. Save the file as 'hosts.' (with quotes), and reboot.After the scan I entered notepad C:\Windows\System32\drivers\etc\hosts into the run command and the following is shown in notepad. 127.0.0.1 localhostHere is the scan. Thanks.Logfile of Trend Micro HijackThis v2.0.4Scan saved at 7:42:24 PM, on 21/01/2011Platform: Windows 7 (WinNT 6.00.3504)MSIE: Internet Explorer v8.00 (8.00.7600.16700)Boot mode: NormalRunning processes:C:\Windows\system32\taskhost.exeC:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exeC:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exeC:\Program Files\Lenovo\HOTKEY\tpfnf6r.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Windows\System32\TpShocks.exeC:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exeC:\Program Files\Alwil Software\Avast5\AvastUI.exeC:\Program Files\Microsoft Office\Office12\GrooveMonitor.exeC:\Program Files\Lenovo\HOTKEY\TPONSCR.exeC:\Program Files\HP\HP Software Update\hpwuSchd2.exeC:\Program Files\dvd43\DVD43_Tray.exeC:\Program Files\Zune\ZuneLauncher.exeC:\Program Files\Lenovo\Zoom\TpScrex.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\plugin-container.exeC:\Windows\system32\taskmgr.exeC:\Program Files\Trend Micro\HiJackThis\HiJackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.comR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dllO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dllO2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllO3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dllO4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exeO4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exeO4 - HKLM\..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exeO4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exeO4 - HKLM\..\Run: [TpShocks] TpShocks.exeO4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitorO4 - HKLM\..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /startO4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"O4 - HKLM\..\Run: [AcWin7Hlpr] C:\Program Files\Lenovo\Access Connections\AcTBenabler.exeO4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /noguiO4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe"O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLLO9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exeO23 - Service: AcSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcSvc.exeO23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exeO23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exeO23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\Windows\system32\ibmpmsvc.exeO23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exeO23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exeO23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXEO23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeO23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exeO23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exeO23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exeO23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exeO23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exeO23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exeO23 - Service: System Update (SUService) - Lenovo Group Limited - c:\Program Files\Lenovo\System Update\SUService.exeO23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exeO23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\Windows\System32\TPHDEXLG.exeO23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exeO23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe--End of file - 8444 bytes Link to post Share on other sites More sharing options...
Maniac Posted January 22, 2011 ID:377784 Share Posted January 22, 2011 Please, open HiJackThis and select Do a system scan only.Check the following entries:O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitorThen, close all open windows except that of HijackThis, and select Fix Checked.Please reboot and let me know how are things. Link to post Share on other sites More sharing options...
tyrus Posted January 22, 2011 Author ID:377852 Share Posted January 22, 2011 Followed your directions and the problem is gone!!! There is no obscured power manager and streaming music is problem free. Thanks so much! Please let me know if I need to do any further steps and where I can donate to the site.Thanks again! Link to post Share on other sites More sharing options...
Maniac Posted January 22, 2011 ID:377887 Share Posted January 22, 2011 Awesome! She was right...Your problem was resolved from Mieke Verburgh , so I suggest you to donate to herSo now everything is fine, right? Link to post Share on other sites More sharing options...
tyrus Posted January 22, 2011 Author ID:377891 Share Posted January 22, 2011 Yes the problem is gone! I'm curious, was the problem virus/worm or corrupt program? Link to post Share on other sites More sharing options...
Maniac Posted January 22, 2011 ID:377895 Share Posted January 22, 2011 It seems the second one.She is a genius... Last steps for you:Step 1Go to Start => Run... and copy & paste next command in the field:ComboFix /uninstallThen hit Enter button.This procedure will do the following:Uninstall ComboFixDelete its related folders and filesReset your clock settingsHide file extensionsHide the system/hidden filesResets System Restore againP.S.: Make sure there's a space between ComboFix and /uninstallStep 2Please manually delete DDS, GMER, MBRCheck, Dr.Web CureIt and MBRCheck.Step 3Please uninstall HiJackThis.Step 4Keep your software up-to-date:http://www.bleepingcomputer.com/tutorials/tutorial174.htmlSome malware preventions:http://forums.malwarebytes.org/index.php?showtopic=9365Safe surfing! Link to post Share on other sites More sharing options...
LDTate Posted January 24, 2011 ID:378843 Share Posted January 24, 2011 Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you. Link to post Share on other sites More sharing options...
Recommended Posts