Jump to content

Recommended Posts

Hello all, I'm following some of the instructions posted to combat a pesky re-direct issue. It seems TDSSKiller is recommend, but I can't get it run on my system. After downloaded and extracted to the desktop I double click the TDSSKiller icon, the hour glass runs for a few seconds but that is it. The program never actually runs.

any ideas?

thanks

Link to post
Share on other sites

Hello infectedputer! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/paste in your next reply.

Please follow the instructions here:

http://forums.malwarebytes.org/index.php?showtopic=9573

Post the log files when you are ready.

Link to post
Share on other sites

MBAM log

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8165

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18813

11/16/2011 10:03:46 PM

mbam-log-2011-11-16 (22-03-46).txt

Scan type: Full scan (C:\|)

Objects scanned: 319085

Time elapsed: 1 hour(s), 2 minute(s), 46 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

DDS log

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18813 BrowserJavaVersion: 1.6.0_29

Run by ME at 19:25:52 on 2011-11-17

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2014.828 [GMT -8:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\ibmpmsvc.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\rundll32.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

C:\Windows\system32\IPSSVC.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

C:\Windows\system32\AEADISRV.EXE

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\Explorer.EXE

C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe

C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe

C:\Windows\System32\rundll32.exe

C:\Windows\System32\TpShocks.exe

C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe

C:\Program Files\Lenovo\Zoom\TpScrex.exe

C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE

C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe

C:\Program Files\Lenovo\AwayTask\AwaySch.EXE

C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe

C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe

C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe

C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE

C:\Program Files\Lenovo\Client Security Solution\cssauth.exe

C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe

C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe

C:\Windows\System32\TPHDEXLG.exe

C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe

C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe

c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe

C:\Program Files\Common Files\Lenovo\Logger\logmon.exe

C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe

C:\Program Files\Digital Line Detect\DLG.exe

c:\program files\lenovo\system update\suservice.exe

C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe

C:\Program Files\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\CameraMonitor.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\PROGRA~1\ThinkPad\UTILIT~1\PWMUIAux.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Mozilla Firefox\firefox.exe

c:\program files\windows defender\MpCmdRun.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\WmiApSrv.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = *.local

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

BHO: 1 (0x1) - No File

BHO: IePasswordManagerHelper Class: {bf468356-bb7e-42d7-9f15-4f3b9bcfced2} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler

mRun: [TPFNF7] c:\progra~1\lenovo\npdirect\TPFNF7SP.exe /r

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [TPHOTKEY] c:\program files\lenovo\hotkey\TPOSDSVC.exe

mRun: [PWMTRV] rundll32 c:\progra~1\thinkpad\utilit~1\PWMTR32V.DLL,PwrMgrBkGndMonitor

mRun: [bLOG] rundll32 c:\progra~1\thinkpad\utilit~1\BTVLogEx.DLL,StartBattLog

mRun: [TpShocks] TpShocks.exe

mRun: [EZEJMNAP] c:\progra~1\thinkpad\utilit~1\EzEjMnAp.Exe

mRun: [TVT Scheduler Proxy] c:\program files\common files\lenovo\scheduler\scheduler_proxy.exe

mRun: [DiskeeperSystray] "c:\program files\diskeeper corporation\diskeeper\DkIcon.exe"

mRun: [AwaySch] c:\program files\lenovo\awaytask\AwaySch.EXE

mRun: [LPManager] c:\progra~1\thinkv~1\prdctr\LPMGR.exe

mRun: [ACTray] c:\program files\thinkpad\connectutilities\ACTray.exe

mRun: [ACWLIcon] c:\program files\thinkpad\connectutilities\ACWLIcon.exe

mRun: [LenovoOobeOffers] c:\swtools\lenovowelcome\lenovooobeoffers.exe /filepath="c:\swshare\firstrun.txt"

mRun: [gemstrmw] c:\windows\system32\gemstrmw.exe /r

mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe

mRun: [LPMailChecker] c:\progra~1\thinkv~1\prdctr\LPMLCHK.exe

mRun: [cssauth] "c:\program files\lenovo\client security solution\cssauth.exe" silent

mRun: [symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe

mRun: [MaxMenuMgr] "c:\program files\seagate\seagatemanager\freeagent status\StxMenuMgr.exe"

mRun: [Message Center Plus] c:\program files\lenovo\message center plus\MCPLaunch.exe /start

mRun: [TPKMAPHELPER] c:\program files\thinkpad\utilities\TpKmapAp.exe -helper

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

dRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe

StartupFolder: c:\users\ME\appdata\roaming\micros~1\windows\startm~1\programs\startup\lenovo~1.lnk - c:\swtools\lenovowelcome\LenovoWelcome.cmd

StartupFolder: c:\users\ME\appdata\roaming\micros~1\windows\startm~1\programs\startup\_unins~1.lnk - c:\users\renee\appdata\local\temp\_uninst_26973325.bat

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\thinkpad\bluetooth software\BTTray.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\imagem~1.lnk - c:\program files\pixela\imagemixer 3 se ver.6\transfer utility\CameraMonitor.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: MasterCook: Select Image - c:\program files\mastercook 9\web\MCIEContext.hta

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

IE: {E6EF5071-7647-4E85-9785-87B6CF5CB561} - {C92041C1-6D22-4069-BA0E-66246AA752B0} - c:\windows\system32\shdocvw.dll

IE: {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: DhcpNameServer = 192.168.200.1

TCP: Interfaces\{B0287FBF-A349-468B-A3AC-9CAEF7A47773} : DhcpNameServer = 192.168.200.1

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\ME\appdata\roaming\mozilla\firefox\profiles\h7tic5hf.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\users\ME\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\users\ME\appdata\roaming\facebook\npfbplugin_1_0_3.dll

FF - plugin: c:\users\ME\appdata\roaming\move networks\plugins\npqmp071505000011.dll

FF - plugin: c:\users\ME\appdata\roaming\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\users\ME\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.homepage.dontask - true

============= SERVICES / DRIVERS ===============

.

R0 26973325;26973325;c:\windows\system32\drivers\26973325.sys [2011-11-16 133208]

R0 DozeHDD;DozeHDD;c:\windows\system32\drivers\DOZEHDD.SYS [2010-11-5 24304]

R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2007-10-16 19504]

R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2010-11-5 13480]

R2 DozeSvc;Lenovo Doze Mode Service;c:\program files\thinkpad\utilities\DOZESVC.EXE [2010-11-5 132456]

R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-9-25 189736]

R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\lenovo\virtscrl\lvvsst.exe [2010-11-5 93032]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-11-12 366152]

R2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\thinkpad\utilities\PWMDBSVC.exe [2010-11-5 75112]

R2 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2007-7-8 63928]

R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\lenovo\rescue and recovery\rrpservice.exe [2007-1-8 569344]

R3 LenovoRd;LenovoRd;c:\windows\system32\drivers\LenovoRd.sys [2007-11-3 81280]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-11-12 22216]

R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2009-3-4 4232704]

R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2007-5-22 30336]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-8-9 133104]

S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\lenovo\hotkey\micmute.exe [2010-11-5 45496]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2006-11-2 167936]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-8-9 133104]

.

=============== Created Last 30 ================

.

2011-11-17 04:50:49 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{d1aaa792-2eb7-4746-a794-b94926808ce9}\offreg.dll

2011-11-17 04:43:35 -------- d-----w- c:\programdata\Kaspersky Lab

2011-11-17 04:42:02 133208 ----a-w- c:\windows\system32\drivers\26973325.sys

2011-11-15 07:48:16 6668624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{d1aaa792-2eb7-4746-a794-b94926808ce9}\mpengine.dll

2011-11-15 06:27:45 2421760 ----a-w- c:\windows\system32\wucltux.dll

2011-11-15 06:26:00 33792 ----a-w- c:\windows\system32\wuapp.exe

2011-11-15 06:26:00 171608 ----a-w- c:\windows\system32\wuwebv.dll

2011-11-13 02:36:42 -------- d-----w- c:\program files\ESET

2011-11-13 02:21:37 -------- d-sh--w- C:\$RECYCLE.BIN

2011-11-13 01:32:44 98816 ----a-w- c:\windows\sed.exe

2011-11-13 01:32:44 518144 ----a-w- c:\windows\SWREG.exe

2011-11-13 01:32:44 256000 ----a-w- c:\windows\PEV.exe

2011-11-13 01:32:44 208896 ----a-w- c:\windows\MBR.exe

2011-11-13 01:31:30 -------- d-----w- C:\ComboFix

2011-11-12 20:50:27 -------- d-----w- c:\users\ME\appdata\roaming\Malwarebytes

2011-11-12 20:50:14 -------- d-----w- c:\programdata\Malwarebytes

2011-11-12 20:50:10 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-12 20:50:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

.

==================== Find3M ====================

.

2011-11-15 06:23:32 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-10-03 13:06:03 472808 ----a-w- c:\windows\system32\deployJava1.dll

.

============= FINISH: 19:26:37.61 ===============

Link to post
Share on other sites

DDS attach

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Basic

Boot Device: \Device\HarddiskVolume2

Install Date: 11/3/2007 3:38:11 AM

System Uptime: 11/17/2011 4:00:18 PM (3 hours ago)

.

Motherboard: LENOVO | | 7662CTO

Processor: Intel® Core2 Duo CPU T7250 @ 2.00GHz | None | 2001/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 106 GiB total, 15.518 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP603: 11/15/2011 6:12:18 PM - Scheduled Checkpoint

RP604: 11/16/2011 10:29:38 PM - Scheduled Checkpoint

.

==== Installed Programs ======================

.

.

Access Help

Activation Assistant for the 2007 Microsoft Office suites

Adobe Flash Player 11 Plugin

Adobe Flash Player ActiveX

Adobe Photoshop CS

Adobe Reader 8.3.1

Apple Application Support

Apple Mobile Device Support

Apple Software Update

AutoUpdate

Bonjour

Canon RAW Image Task for ZoomBrowser EX

Canon Utilities CameraWindow

Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX

Canon Utilities Digital Photo Professional 3.4

Canon Utilities EOS Utility

Canon Utilities MyCamera

Canon Utilities Original Data Security Tools

Canon Utilities PhotoStitch

Canon Utilities Picture Style Editor

Canon Utilities RemoteCapture Task for ZoomBrowser EX

Canon Utilities WFT-E1/E2/E3 Utility

Canon Utilities ZoomBrowser EX

Canon ZoomBrowser EX Memory Card Utility

Client Security - Password Manager

Compatibility Pack for the 2007 Office system

Curl RTE 6.0.2

Diskeeper Home

DivX Codec

DivX Converter

DivX Player

DivX Web Player

Drag-to-Disc

DVD Decrypter (Remove Only)

DVD Shrink 3.2

DVDFab 6.0.4.0 (28/07/2009)

EOS USB WIA Driver

ESET Online Scanner v3

Facebook Plug-In

ffdshow [rev 1723] [2007-12-24]

Free Video Converter 1.0

Gemplus Smart Card Reader Tools

Google Earth Plug-in

Google Talk Plugin

Google Update Helper

Hamster Free Video Convertor

HamsterFreeVideoConverter

Handbrake 0.9.4

Help Center

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

ImageMixer 3 SE Ver.6 Transfer Utility

ImageMixer 3 SE Ver.6 Video Tools

Intel PROSet Wireless

Intel® PRO Network Connections Drivers

Intel® PROSet/Wireless WiFi Software

InterVideo Register Manager

InterVideo WinDVD

iTunes

Java Auto Updater

Java 6 Update 29

Lenovo Auto Scroll Utility

Lenovo Registration

Lenovo System Interface Driver

LiveUpdate 3.2 (Symantec Corporation)

LiveUpdate Notice (Symantec Corporation)

Maintenance Manager

Malwarebytes' Anti-Malware version 1.51.2.1300

MasterCook Deluxe 9.1

Message Center

Message Center Plus

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2572067)

Microsoft .NET Framework 3.5 SP1

Microsoft Office 2003 Web Components

Microsoft Office Professional Edition 2003

Microsoft Office Small Business Connectivity Components

Microsoft Silverlight

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server VSS Writer

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Mozilla Firefox 7.0.1 (x86 en-US)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Multimedia Center For Think Offerings

Netflix Movie Viewer

NVIDIA Drivers

On Screen Display

Picasa 3

Presentation Director

Productivity Center Supplement for ThinkPad

QuickTime

Registry patch for Windows Vista USB S3 PM Enablement

Registry patch of Changing Timing of IDLE IRP by Finger Print Driver for Windows Vista

Registry Patch of Enabling Device Initiated Power Management(DIPM) on SATA for Windows Vista

Registry patch to improve USB device detection on resume from sleep for Windows Vista

Rescue and Recovery

RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02

Seagate Manager Installer

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Skype™ 5.5

Sonic Icons for Lenovo

SoundMAX

Spelling Dictionaries Support For Adobe Reader 8

System Migration Assistant

System Requirements Lab

System Update

ThinkPad Bluetooth with Enhanced Data Rate Software 6.0.1.4900

ThinkPad EasyEject Utility

ThinkPad FullScreen Magnifier

ThinkPad Hotkey Features Integration Setup

ThinkPad Hotkey Features Setup

ThinkPad Keyboard Customizer Utility

ThinkPad Mobility Center Customization

ThinkPad Modem

ThinkPad Power Management Driver

ThinkPad Power Manager

ThinkPad UltraNav Driver

ThinkPad UltraNav Utility

ThinkVantage Access Connections

ThinkVantage Active Protection System

ThinkVantage Productivity Center

ThinkVantage Technologies Welcome Message

Trivial Pursuit Digital Choice v1.3.0 for Windows XP/Vista

TVersity Codec Pack 1.2

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

VideoLAN VLC media player 0.8.6i

Wallpapers

WD Discovery Software

Windows Driver Package - Intel (e1express) Net (02/27/2007 9.7.37.0)

Windows Driver Package - Intel (iaStor) hdc (02/12/2007 7.0.0.1020)

Windows Driver Package - Intel hdc (11/15/2006 8.2.0.1011)

Windows Driver Package - Intel hdc (12/06/2006 6.8.0.3002)

Windows Driver Package - Intel System (09/15/2006 7.0.0.1011)

Windows Driver Package - Intel System (09/15/2006 8.0.0.1008)

Windows Driver Package - Intel System (09/15/2006 8.0.0.1010)

Windows Driver Package - Intel System (09/15/2006 8.2.0.1000)

Windows Driver Package - Intel USB (09/15/2006 8.0.0.1008)

Windows Driver Package - Lenovo (IBMPMDRV) System (05/31/2007 1.43)

Windows Live Toolbar

Xvid 1.1.3 final uninstall

.

====================

Link to post
Share on other sites

=== Event Viewer Messages From Past Week ========

.

11/17/2011 7:21:46 PM, Error: TPM [13] - The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

11/17/2011 7:21:46 PM, Error: Microsoft-Windows-TBS [516] - An error occurred while communicating with the TPM. The driver returned 0x8007045d.

11/16/2011 8:51:34 PM, Error: Service Control Manager [7001] - The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/16/2011 8:51:34 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/16/2011 8:25:32 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service.

11/16/2011 8:20:40 PM, Error: EventLog [6008] - The previous system shutdown at 8:16:09 PM on 11/16/2011 was unexpected.

11/15/2011 7:40:58 AM, Error: Service Control Manager [7023] - The Windows Modules Installer service terminated with the following error: The process cannot access the file because it is being used by another process.

11/15/2011 7:37:43 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows Vista (KB2345886).

11/15/2011 7:37:43 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows Vista (KB981322).

11/15/2011 7:37:43 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows Vista (KB972270).

11/15/2011 7:37:43 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows Vista (KB2423089).

11/15/2011 7:37:43 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows Vista (KB2378111).

11/15/2011 7:37:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706be: Security Update for Windows Vista (KB2511455).

11/15/2011 7:37:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows Vista (KB2579686).

11/15/2011 7:37:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows Vista (KB2567680).

11/15/2011 7:37:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows Vista (KB2507618).

11/15/2011 7:37:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows Vista (KB2419640).

11/15/2011 7:37:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows Vista (KB2207566).

11/15/2011 7:37:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft Silverlight (KB2617986).

11/15/2011 7:37:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft Office Outlook 2003 (KB2293428).

11/15/2011 7:37:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft Office 2003 (KB976382).

11/15/2011 7:37:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Microsoft .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 Security Update x86 (KB979910).

11/15/2011 6:52:50 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.

11/15/2011 6:52:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Windows PowerShell 2.0 and WinRM 2.0 for Windows Vista (KB968930).

11/15/2011 6:52:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB975929).

11/15/2011 6:52:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB972145).

11/15/2011 6:52:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB2541763).

11/15/2011 6:52:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista Service Pack 2 (KB979688).

11/15/2011 6:52:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB975560).

11/15/2011 6:52:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2570947).

11/15/2011 6:52:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2296011).

11/15/2011 6:52:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Media Format Runtime 11 for Windows Vista (KB954155).

11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB980248).

11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB2563227).

11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB2533623).

11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Rights Management Services Client for Windows Vista (KB979099).

11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB979309).

11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB974571).

11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB974318).

11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB973565).

11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2620704).

11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2564958).

11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2556532).

11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2507938).

11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2481109).

11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2442962).

11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2079403).

11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Vista SP2 and Windows Server 2008 SP2 x86 (KB2539633).

11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Internet Explorer 8 for Windows Vista (KB2544521).

11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Microsoft .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 Update x86 (KB982536).

11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Cumulative Security Update for ActiveX Killbits for Windows Vista (KB2508272).

11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB970430).

11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB2641690).

11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB2545698).

11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB2505189).

11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB982799).

11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB978601).

11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB977816).

11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2588516).

11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2544893).

11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2483185).

11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2479943).

11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2412687).

11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2387149).

11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2305420).

11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2281679).

11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Vista SP2 and Windows Server 2008 SP2 x86 (KB2572075).

11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB2518866).

11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Microsoft .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 Update x86 (KB982525).

11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB2586448).

11/15/2011 6:52:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB976470).

11/15/2011 6:52:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB971029).

11/15/2011 6:52:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB2388210).

11/15/2011 6:52:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB2598845).

11/15/2011 6:52:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB981997).

11/15/2011 6:52:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB975558).

11/15/2011 6:52:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2536275).

11/15/2011 6:52:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2510531).

11/15/2011 6:52:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2503665).

11/15/2011 6:52:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2478935).

11/15/2011 6:52:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update Rollup for ActiveX Killbits for Windows Vista (KB2562937).

11/15/2011 6:52:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB2570791).

11/15/2011 6:52:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB982132).

11/15/2011 6:52:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB979687).

11/15/2011 6:52:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB979482).

11/15/2011 6:52:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2347290).

11/15/2011 6:52:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Microsoft .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB2416470).

11/15/2011 6:52:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Platform Update for Windows Vista (KB971644).

11/15/2011 6:52:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB971737).

11/15/2011 6:52:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Mail Junk E-mail Filter [November 2011] (KB905866).

11/15/2011 6:52:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB982665).

11/15/2011 6:52:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB978542).

11/15/2011 6:52:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2567053).

11/15/2011 6:52:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2536276).

11/15/2011 6:52:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2509553).

11/15/2011 6:52:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2508429).

11/15/2011 6:52:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2506212).

11/15/2011 6:52:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Platform Update Supplement for Windows Vista (KB2117917).

11/15/2011 6:52:05 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB973687).

11/15/2011 6:52:05 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB975467).

11/15/2011 6:52:05 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2535512).

11/15/2011 6:52:05 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2532531).

11/15/2011 6:52:05 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2393802).

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WUClient-SelfUpdate-Aux~31bf3856ad364e35~x86~en-US~7.4.7600.226 () into Staged(Staged) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WUClient-SelfUpdate-Aux~31bf3856ad364e35~x86~~7.4.7600.226 () into Staged(Staged) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WUClient-SelfUpdate-Aux-MiniLP~31bf3856ad364e35~x86~en-US~7.4.7600.226 () into Staged(Staged) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WUClient-SelfUpdate-Aux-AuxComp~31bf3856ad364e35~x86~en-US~7.4.7600.226 () into Staged(Staged) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WUClient-SelfUpdate-Aux-AuxComp~31bf3856ad364e35~x86~~7.4.7600.226 () into Staged(Staged) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Windows-Management-Protocols-Package~31bf3856ad364e35~x86~en-US~7.0.6002.18181 () into Absent(Absent) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Windows-Management-Protocols-Package~31bf3856ad364e35~x86~~7.0.6002.18181 () into Absent(Absent) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Windows-Management-Framework-Core~31bf3856ad364e35~x86~en-US~7.0.6002.18181 () into Absent(Absent) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Windows-Management-Framework-Core~31bf3856ad364e35~x86~~7.0.6002.18181 () into Absent(Absent) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Windows-Management-Framework-Core-MiniLP~31bf3856ad364e35~x86~en-US~7.0.6002.18181 () into Absent(Absent) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB982799_client~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB982799_client_2~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB982799_client_1~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB982665_client~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB982665_client_2~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB982665_client_1~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB982132_client~31bf3856ad364e35~x86~~6.0.1.2 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB982132_client_2~31bf3856ad364e35~x86~~6.0.1.2 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB982132_client_1~31bf3856ad364e35~x86~~6.0.1.2 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB981997_client~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB981997_client_2~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB981997_client_1~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB980842_client~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB980842_client_2~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB980248_client~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB980248_client_2~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB980248_client_1~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979899_client~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979899_client_2~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979688_client~31bf3856ad364e35~x86~~6.0.3.0 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979688_client_2~31bf3856ad364e35~x86~~6.0.3.0 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979687_client~31bf3856ad364e35~x86~~6.0.1.2 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979687_client_2~31bf3856ad364e35~x86~~6.0.1.2 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979687_client_1~31bf3856ad364e35~x86~~6.0.1.2 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979482_client~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979482_client_2~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979482_client_1~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979309_client~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979309_client_2~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979309_client_1~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979309_client_0~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979099_client~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979099_client_2~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979099_client_1~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979099_client_0~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB978601_client~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB978601_client_2~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB978601_client_1~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB978601_client_0~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB978542_client~31bf3856ad364e35~x86~~6.0.1.3 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB978542_client_2~31bf3856ad364e35~x86~~6.0.1.3 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB978542_client_1~31bf3856ad364e35~x86~~6.0.1.3 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB977816_client~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB977816_client_2~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state

11/15/2011 6:43:35 PM, Error: Microsoft-Windo

Link to post
Share on other sites

the same windows error continues for pages, a windows update (first in a long time) failed here is the end of the file

11/14/2011 10:16:59 PM, Error: Service Control Manager [7034] - The ThinkPad PM Service service terminated unexpectedly. It has done this 1 time(s).

11/14/2011 10:16:59 PM, Error: Service Control Manager [7034] - The LiveUpdate Notice Service service terminated unexpectedly. It has done this 1 time(s).

11/12/2011 8:11:00 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

11/12/2011 8:11:00 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/12/2011 8:11:00 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

11/12/2011 6:21:20 PM, Error: EventLog [6008] - The previous system shutdown at 6:17:38 PM on 11/12/2011 was unexpected.

11/12/2011 6:14:07 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

11/12/2011 5:40:02 PM, Error: Service Control Manager [7034] - The tvtnetwk service terminated unexpectedly. It has done this 1 time(s).

11/12/2011 5:37:15 PM, Error: Service Control Manager [7034] - The XAudioService service terminated unexpectedly. It has done this 1 time(s).

11/12/2011 12:40:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097}

11/12/2011 12:39:44 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: lenovo.smi spldr TPPWRIF Wanarpv6

11/12/2011 12:39:44 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

11/12/2011 12:39:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

11/12/2011 12:39:06 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21

11/12/2011 12:39:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

11/12/2011 12:38:56 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

11/12/2011 12:38:38 PM, Error: EventLog [6008] - The previous system shutdown at 12:36:31 PM on 11/12/2011 was unexpected.

11/12/2011 1:15:04 PM, Error: Service Control Manager [7001] - The Windows Media Player Network Sharing Service service depends on the UPnP Device Host service which failed to start because of the following error: The dependency service or group failed to start.

.

==== End Of File ===========================

Link to post
Share on other sites

It appears that you have already started ComboFix.exe on your system. Many hope that you have not done alone without supervision of specially trained.

Manually delete your copy, then follow the instructions here to download and run it:

http://bleepingcomputer.com/combofix/how-to-use-combofix#use

Post the log.txt when you are ready.

Link to post
Share on other sites

It appears that you have already started ComboFix.exe on your system. Many hope that you have not done alone without supervision of specially trained.

Manually delete your copy, then follow the instructions here to download and run it:

http://bleepingcomputer.com/combofix/how-to-use-combofix#use

Post the log.txt when you are ready.

SO who do I get to watch me run combofix?

Link to post
Share on other sites

combofix log

ComboFix 11-11-18.02 - ME 11/18/2011 20:42:55.2.2 - x86

Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2014.949 [GMT -8:00]

Running from: c:\users\ME\Desktop\malware\ComboFix.exe

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\ME\AppData\Roaming\inst.exe

c:\windows\system32\TPAPSLOG.LOG

c:\windows\system32\TPHDLOG0.LOG

.

---- Previous Run -------

.

c:\windows\system32\TPAPSLOG.LOG

c:\windows\system32\TPHDLOG0.LOG

.

.

((((((((((((((((((((((((( Files Created from 2011-10-19 to 2011-11-19 )))))))))))))))))))))))))))))))

.

.

2011-11-19 04:50 . 2011-11-19 04:50 -------- d-----w- c:\users\ME\AppData\Local\temp

2011-11-19 04:50 . 2011-11-19 04:50 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-11-19 04:30 . 2011-11-19 04:30 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9AEAE890-D6D6-4285-B2AB-17973B07A9B8}\offreg.dll

2011-11-19 04:30 . 2011-10-07 03:48 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9AEAE890-D6D6-4285-B2AB-17973B07A9B8}\mpengine.dll

2011-11-17 04:43 . 2011-11-17 04:43 -------- d-----w- c:\programdata\Kaspersky Lab

2011-11-17 04:42 . 2011-11-17 13:57 133208 ----a-w- c:\windows\system32\drivers\26973325.sys

2011-11-15 06:27 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll

2011-11-15 06:27 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe

2011-11-15 06:27 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll

2011-11-15 06:27 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll

2011-11-15 06:26 . 2009-08-07 03:23 171608 ----a-w- c:\windows\system32\wuwebv.dll

2011-11-15 06:26 . 2009-08-07 02:44 33792 ----a-w- c:\windows\system32\wuapp.exe

2011-11-13 02:36 . 2011-11-13 02:36 -------- d-----w- c:\program files\ESET

2011-11-12 20:50 . 2011-11-12 20:50 -------- d-----w- c:\users\ME\AppData\Roaming\Malwarebytes

2011-11-12 20:50 . 2011-11-12 20:50 -------- d-----w- c:\programdata\Malwarebytes

2011-11-12 20:50 . 2011-11-12 20:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-11-12 20:50 . 2011-09-01 01:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-11-15 06:23 . 2011-06-24 04:27 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-10-03 13:06 . 2010-08-22 22:32 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-10-31 03:36 . 2011-06-07 23:02 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TPFNF7"="c:\progra~1\Lenovo\NPDIRECT\TPFNF7SP.exe" [2010-03-26 62312]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-22 820520]

"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2010-07-28 69560]

"PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2010-08-25 894312]

"BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BTVLogEx.DLL" [2010-08-25 214576]

"TpShocks"="TpShocks.exe" [2007-11-22 181536]

"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2009-12-01 256576]

"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-03-04 487424]

"DiskeeperSystray"="c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-11-15 217176]

"AwaySch"="c:\program files\Lenovo\AwayTask\AwaySch.EXE" [2006-11-07 91688]

"LPManager"="c:\progra~1\THINKV~1\PrdCtr\LPMGR.exe" [2008-01-11 144728]

"ACTray"="c:\program files\ThinkPad\ConnectUtilities\ACTray.exe" [2007-07-05 419112]

"ACWLIcon"="c:\program files\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2007-07-05 124200]

"LenovoOobeOffers"="c:\swtools\LenovoWelcome\LenovoOobeOffers.exe" [2006-12-29 28672]

"gemstrmw"="c:\windows\system32\gemstrmw.exe" [2004-09-15 24576]

"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

"LPMailChecker"="c:\progra~1\THINKV~1\PrdCtr\LPMLCHK.exe" [2008-01-11 124248]

"cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2007-11-30 2872632]

"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-30 583048]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-15 13556256]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-15 92704]

"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-12-07 1282048]

"MaxMenuMgr"="c:\program files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-09-26 185640]

"Message Center Plus"="c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-28 49976]

"TPKMAPHELPER"="c:\program files\ThinkPad\Utilities\TpKmapAp.exe" [2007-02-27 992816]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-30 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-08 421160]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-09-01 449608]

.

c:\users\ME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

LenovoWelcome.lnk - c:\swtools\LenovoWelcome\LenovoWelcome.cmd [2007-3-21 972]

_uninst_26973325.lnk - c:\users\ME\AppData\Local\Temp\_uninst_26973325.bat [N/A]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-11-5 113664]

Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2007-3-29 719664]

Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-11-3 50688]

ImageMixer 3 SE Camera Monitor Ver.6.lnk - c:\program files\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\CameraMonitor.exe [2010-8-22 537968]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux2"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-08-10 133104]

R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2010-04-07 45496]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 167936]

R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-08-10 133104]

S0 26973325;26973325;c:\windows\system32\DRIVERS\26973325.sys [2011-11-17 133208]

S0 DozeHDD;DozeHDD;c:\windows\System32\DRIVERS\DozeHDD.sys [2010-08-25 24304]

S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM86.sys [2007-10-17 19504]

S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-13 13480]

S2 DozeSvc;Lenovo Doze Mode Service;c:\program files\ThinkPad\Utilities\DOZESVC.EXE [2010-08-25 132456]

S2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-09-26 189736]

S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [2010-04-07 93032]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-09-01 366152]

S2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2010-08-25 75112]

S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2010-04-07 63928]

S2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [2007-01-09 569344]

S3 LenovoRd;LenovoRd;c:\windows\system32\Drivers\LenovoRd.sys [2007-06-08 81280]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-09-01 22216]

S3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2009-03-04 4232704]

S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2009-08-20 47360]

S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2007-05-22 30336]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - 62560315

*NewlyCreated* - 94076420

*Deregistered* - 62560315

*Deregistered* - 94076420

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

bthsvcs REG_MULTI_SZ BthServ

.

Contents of the 'Scheduled Tasks' folder

.

2011-11-19 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job

- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 22:54]

.

2011-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-10 00:15]

.

2011-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-10 00:15]

.

2011-11-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4057668369-3778188557-1293128559-1005Core.job

- c:\users\ME\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-29 01:59]

.

2011-11-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4057668369-3778188557-1293128559-1005UA.job

- c:\users\ME\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-29 01:59]

.

2011-11-19 c:\windows\Tasks\User_Feed_Synchronization-{7EF5CC87-B7E2-45CF-82EB-C3E2E5868936}.job

- c:\windows\system32\msfeedssync.exe [2009-08-22 20:13]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = *.local

IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

IE: MasterCook: Select Image - c:\program files\MasterCook 9\Web\MCIEContext.hta

TCP: DhcpNameServer = 192.168.200.1

FF - ProfilePath - c:\users\ME\AppData\Roaming\Mozilla\Firefox\Profiles\h7tic5hf.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - user.js: yahoo.homepage.dontask - true

.

- - - - ORPHANS REMOVED - - - -

.

HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe

HKU-Default-Run-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-11-18 20:50

Windows 6.0.6002 Service Pack 2 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Completion time: 2011-11-18 20:53:36

ComboFix-quarantined-files.txt 2011-11-19 04:53

.

Pre-Run: 16,362,446,848 bytes free

Post-Run: 16,461,332,480 bytes free

.

- - End Of File - - A1A24ACE208A350B526E97C47928509F

Link to post
Share on other sites

Delete your copy of TDSSKiller and follow the instructions:

Download the latest version of TDSSKiller from here and save it to your Desktop.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg
  7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Link to post
Share on other sites

00:46:32.0368 7748 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50

00:46:34.0380 7748 ============================================================

00:46:34.0380 7748 Current date / time: 2011/11/20 00:46:34.0380

00:46:34.0380 7748 SystemInfo:

00:46:34.0380 7748

00:46:34.0380 7748 OS Version: 6.0.6002 ServicePack: 2.0

00:46:34.0380 7748 Product type: Workstation

00:46:34.0380 7748 ComputerName: RENEE-PC

00:46:34.0380 7748 UserName: Renee

00:46:34.0380 7748 Windows directory: C:\Windows

00:46:34.0380 7748 System windows directory: C:\Windows

00:46:34.0380 7748 Processor architecture: Intel x86

00:46:34.0380 7748 Number of processors: 2

00:46:34.0380 7748 Page size: 0x1000

00:46:34.0380 7748 Boot type: Normal boot

00:46:34.0380 7748 ============================================================

00:46:35.0254 7748 Initialize success

00:47:59.0697 4092 ============================================================

00:47:59.0697 4092 Scan started

00:47:59.0697 4092 Mode: Manual; SigCheck; TDLFS;

00:47:59.0697 4092 ============================================================

00:48:00.0212 4092 26973325 (186b54479d98e48aee0e9ada4b3c4d31) C:\Windows\system32\DRIVERS\26973325.sys

00:48:00.0368 4092 26973325 - ok

00:48:00.0508 4092 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

00:48:00.0524 4092 ACPI - ok

00:48:00.0680 4092 ADIHdAudAddService (a51ea92451897824c5c7474a160af773) C:\Windows\system32\drivers\ADIHdAud.sys

00:48:00.0789 4092 ADIHdAudAddService - ok

00:48:00.0945 4092 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys

00:48:00.0976 4092 adp94xx - ok

00:48:01.0023 4092 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys

00:48:01.0038 4092 adpahci - ok

00:48:01.0101 4092 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys

00:48:01.0101 4092 adpu160m - ok

00:48:01.0163 4092 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys

00:48:01.0179 4092 adpu320 - ok

00:48:01.0304 4092 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys

00:48:01.0366 4092 AFD - ok

00:48:01.0506 4092 agp440 (198636e76971ebc96404547ec0fd5e75) C:\Windows\system32\drivers\agp440.sys

00:48:01.0506 4092 agp440 - ok

00:48:01.0553 4092 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

00:48:01.0569 4092 aic78xx - ok

00:48:01.0600 4092 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys

00:48:01.0600 4092 aliide - ok

00:48:01.0647 4092 amdagp (2363abc8989a14fd7247ca6f4e89d397) C:\Windows\system32\drivers\amdagp.sys

00:48:01.0662 4092 amdagp - ok

00:48:01.0694 4092 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys

00:48:01.0694 4092 amdide - ok

00:48:01.0740 4092 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys

00:48:01.0943 4092 AmdK7 - ok

00:48:01.0990 4092 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys

00:48:02.0052 4092 AmdK8 - ok

00:48:02.0302 4092 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys

00:48:02.0302 4092 arc - ok

00:48:02.0364 4092 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys

00:48:02.0364 4092 arcsas - ok

00:48:02.0442 4092 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

00:48:02.0598 4092 AsyncMac - ok

00:48:02.0661 4092 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

00:48:02.0661 4092 atapi - ok

00:48:02.0754 4092 b57nd60x (8e287eb3a52fd30c999482c576f4a61b) C:\Windows\system32\DRIVERS\b57nd60x.sys

00:48:02.0832 4092 b57nd60x - ok

00:48:02.0957 4092 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

00:48:03.0020 4092 Beep - ok

00:48:03.0144 4092 blbdrive - ok

00:48:03.0238 4092 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys

00:48:03.0269 4092 bowser - ok

00:48:03.0347 4092 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

00:48:03.0394 4092 BrFiltLo - ok

00:48:03.0441 4092 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

00:48:03.0472 4092 BrFiltUp - ok

00:48:03.0550 4092 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

00:48:03.0612 4092 Brserid - ok

00:48:03.0675 4092 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

00:48:03.0753 4092 BrSerWdm - ok

00:48:03.0800 4092 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

00:48:03.0846 4092 BrUsbMdm - ok

00:48:03.0846 4092 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

00:48:03.0909 4092 BrUsbSer - ok

00:48:03.0987 4092 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys

00:48:04.0002 4092 BthEnum - ok

00:48:04.0049 4092 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

00:48:04.0096 4092 BTHMODEM - ok

00:48:04.0190 4092 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys

00:48:04.0236 4092 BthPan - ok

00:48:04.0392 4092 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys

00:48:04.0470 4092 BTHPORT - ok

00:48:04.0564 4092 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys

00:48:04.0595 4092 BTHUSB - ok

00:48:04.0658 4092 btwaudio (636f45a8500c1438cfa7dee15fc5c184) C:\Windows\system32\drivers\btwaudio.sys

00:48:04.0673 4092 btwaudio - ok

00:48:04.0704 4092 btwavdt (bf9256ff01b093a5d90bb7a35ec90410) C:\Windows\system32\drivers\btwavdt.sys

00:48:04.0704 4092 btwavdt - ok

00:48:04.0767 4092 btwrchid (0ab8c1ac177afb27309e1072faf34a37) C:\Windows\system32\DRIVERS\btwrchid.sys

00:48:04.0782 4092 btwrchid - ok

00:48:04.0907 4092 catchme - ok

00:48:05.0094 4092 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

00:48:05.0157 4092 cdfs - ok

00:48:05.0360 4092 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

00:48:05.0406 4092 cdrom - ok

00:48:05.0531 4092 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys

00:48:05.0578 4092 circlass - ok

00:48:05.0640 4092 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

00:48:05.0640 4092 CLFS - ok

00:48:05.0687 4092 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

00:48:05.0718 4092 CmBatt - ok

00:48:05.0812 4092 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys

00:48:05.0812 4092 cmdide - ok

00:48:05.0843 4092 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

00:48:05.0859 4092 Compbatt - ok

00:48:05.0874 4092 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys

00:48:05.0874 4092 crcdisk - ok

00:48:05.0906 4092 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys

00:48:05.0968 4092 Crusoe - ok

00:48:06.0124 4092 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys

00:48:06.0155 4092 DfsC - ok

00:48:06.0264 4092 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

00:48:06.0264 4092 disk - ok

00:48:06.0358 4092 DLABMFSM (475024f44e0b0ff2e89b0b7450c51e9a) C:\Windows\system32\DLA\DLABMFSM.SYS

00:48:06.0358 4092 DLABMFSM - ok

00:48:06.0374 4092 DLABOIOM (d418a2c037f0367af8ceb955f8162219) C:\Windows\system32\DLA\DLABOIOM.SYS

00:48:06.0389 4092 DLABOIOM - ok

00:48:06.0436 4092 DLACDBHM (5230cdb7e715f3a3b4a882e254cdd35d) C:\Windows\system32\Drivers\DLACDBHM.SYS

00:48:06.0436 4092 DLACDBHM - ok

00:48:06.0498 4092 DLADResM (c696b47b36c278a349b433b206e4b105) C:\Windows\system32\DLA\DLADResM.SYS

00:48:06.0514 4092 DLADResM - ok

00:48:06.0545 4092 DLAIFS_M (97e1cc730f1f931c5232013432584334) C:\Windows\system32\DLA\DLAIFS_M.SYS

00:48:06.0545 4092 DLAIFS_M - ok

00:48:06.0592 4092 DLAOPIOM (d98be003d85c0251a3db5851a29c6ba8) C:\Windows\system32\DLA\DLAOPIOM.SYS

00:48:06.0608 4092 DLAOPIOM - ok

00:48:06.0608 4092 DLAPoolM (3821ad5aa0ac0f05625923cfcc0c0fbb) C:\Windows\system32\DLA\DLAPoolM.SYS

00:48:06.0623 4092 DLAPoolM - ok

00:48:06.0670 4092 DLARTL_M (77fe51f0f8d86804cb81f6ef6bfb86dd) C:\Windows\system32\Drivers\DLARTL_M.SYS

00:48:06.0686 4092 DLARTL_M - ok

00:48:06.0732 4092 DLAUDFAM (0fdd55d09da1657fc28ebc015f5f45d6) C:\Windows\system32\DLA\DLAUDFAM.SYS

00:48:06.0748 4092 DLAUDFAM - ok

00:48:06.0795 4092 DLAUDF_M (147bc35eba264118988f5c5580860336) C:\Windows\system32\DLA\DLAUDF_M.SYS

00:48:06.0795 4092 DLAUDF_M - ok

00:48:06.0920 4092 DozeHDD (e00b3ce273b17aee1259c105df5524ca) C:\Windows\system32\DRIVERS\DozeHDD.sys

00:48:06.0935 4092 DozeHDD - ok

00:48:07.0013 4092 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

00:48:07.0060 4092 drmkaud - ok

00:48:07.0185 4092 DRVMCDB (83106585494d5eb96f59187200c144bd) C:\Windows\system32\Drivers\DRVMCDB.SYS

00:48:07.0200 4092 DRVMCDB - ok

00:48:07.0232 4092 DRVNDDM (ffc371525aa55d1bae18715ebcb8797c) C:\Windows\system32\Drivers\DRVNDDM.SYS

00:48:07.0247 4092 DRVNDDM - ok

00:48:07.0294 4092 DXGKrnl (fb85f7f69e9b109820409243f578cc4d) C:\Windows\System32\drivers\dxgkrnl.sys

00:48:07.0403 4092 DXGKrnl - ok

00:48:07.0528 4092 e1express (e4563be48ef4e8d8ad3edd92bb01ad9a) C:\Windows\system32\DRIVERS\e1e6032.sys

00:48:07.0544 4092 e1express - ok

00:48:07.0590 4092 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys

00:48:07.0653 4092 E1G60 - ok

00:48:07.0762 4092 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

00:48:07.0778 4092 Ecache - ok

00:48:07.0824 4092 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys

00:48:07.0840 4092 elxstor - ok

00:48:07.0965 4092 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

00:48:07.0996 4092 exfat - ok

00:48:08.0043 4092 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

00:48:08.0074 4092 fastfat - ok

00:48:08.0199 4092 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys

00:48:08.0277 4092 fdc - ok

00:48:08.0355 4092 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

00:48:08.0355 4092 FileInfo - ok

00:48:08.0402 4092 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

00:48:08.0448 4092 Filetrace - ok

00:48:08.0495 4092 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys

00:48:08.0558 4092 flpydisk - ok

00:48:08.0667 4092 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

00:48:08.0682 4092 FltMgr - ok

00:48:08.0745 4092 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

00:48:08.0776 4092 Fs_Rec - ok

00:48:08.0916 4092 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys

00:48:08.0932 4092 gagp30kx - ok

00:48:08.0994 4092 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys

00:48:08.0994 4092 GEARAspiWDM - ok

00:48:09.0119 4092 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

00:48:09.0166 4092 HdAudAddService - ok

00:48:09.0244 4092 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

00:48:09.0306 4092 HDAudBus - ok

00:48:09.0431 4092 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

00:48:09.0478 4092 HidBth - ok

00:48:09.0525 4092 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

00:48:09.0556 4092 HidIr - ok

00:48:09.0650 4092 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys

00:48:09.0696 4092 HidUsb - ok

00:48:09.0759 4092 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys

00:48:09.0774 4092 HpCISSs - ok

00:48:09.0837 4092 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS

00:48:09.0868 4092 HSFHWAZL - ok

00:48:09.0946 4092 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys

00:48:09.0993 4092 HSF_DPV - ok

00:48:10.0118 4092 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys

00:48:10.0149 4092 HSXHWAZL - ok

00:48:10.0211 4092 HTTP (abbc72793f1c588b1a7db0cac69a4fe8) C:\Windows\system32\drivers\HTTP.sys

00:48:10.0258 4092 HTTP - ok

00:48:10.0289 4092 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys

00:48:10.0305 4092 i2omp - ok

00:48:10.0570 4092 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

00:48:10.0617 4092 i8042prt - ok

00:48:10.0726 4092 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys

00:48:10.0898 4092 ialm - ok

00:48:10.0976 4092 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\DRIVERS\iaStor.sys

00:48:10.0976 4092 iaStor - ok

00:48:11.0054 4092 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys

00:48:11.0054 4092 iaStorV - ok

00:48:11.0100 4092 IBMPMDRV (400d7095d5ae08970f839bcac1843106) C:\Windows\system32\DRIVERS\ibmpmdrv.sys

00:48:11.0116 4092 IBMPMDRV - ok

00:48:11.0256 4092 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

00:48:11.0256 4092 iirsp - ok

00:48:11.0334 4092 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

00:48:11.0334 4092 intelide - ok

00:48:11.0397 4092 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

00:48:11.0444 4092 intelppm - ok

00:48:11.0522 4092 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

00:48:11.0600 4092 IpFilterDriver - ok

00:48:11.0693 4092 IpInIp - ok

00:48:11.0740 4092 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys

00:48:11.0834 4092 IPMIDRV - ok

00:48:11.0943 4092 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

00:48:11.0974 4092 IPNAT - ok

00:48:12.0052 4092 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

00:48:12.0083 4092 IRENUM - ok

00:48:12.0146 4092 isapnp (ce2997a0c3b0049a3188c4f0c7a04bc9) C:\Windows\system32\drivers\isapnp.sys

00:48:12.0146 4092 isapnp - ok

00:48:12.0224 4092 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

00:48:12.0239 4092 iScsiPrt - ok

00:48:12.0302 4092 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

00:48:12.0302 4092 iteatapi - ok

00:48:12.0348 4092 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

00:48:12.0364 4092 iteraid - ok

00:48:12.0395 4092 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

00:48:12.0395 4092 kbdclass - ok

00:48:12.0489 4092 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys

00:48:12.0536 4092 kbdhid - ok

00:48:12.0598 4092 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys

00:48:12.0645 4092 KSecDD - ok

00:48:12.0785 4092 lenovo.smi (3c3f7f424e324c6971632c5de5ff458f) C:\Windows\system32\DRIVERS\smiif32.sys

00:48:12.0785 4092 lenovo.smi - ok

00:48:12.0863 4092 LenovoRd (007c3a7e6a864ab2b8c52df717a7254c) C:\Windows\system32\Drivers\LenovoRd.sys

00:48:12.0894 4092 LenovoRd - ok

00:48:13.0019 4092 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

00:48:13.0050 4092 lltdio - ok

00:48:13.0144 4092 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys

00:48:13.0144 4092 LSI_FC - ok

00:48:13.0175 4092 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys

00:48:13.0175 4092 LSI_SAS - ok

00:48:13.0222 4092 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys

00:48:13.0222 4092 LSI_SCSI - ok

00:48:13.0269 4092 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

00:48:13.0284 4092 luafv - ok

00:48:13.0347 4092 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys

00:48:13.0347 4092 MBAMProtector - ok

00:48:13.0394 4092 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys

00:48:13.0409 4092 mdmxsdk - ok

00:48:13.0456 4092 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys

00:48:13.0472 4092 megasas - ok

00:48:13.0503 4092 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

00:48:13.0534 4092 Modem - ok

00:48:13.0581 4092 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

00:48:13.0612 4092 monitor - ok

00:48:13.0690 4092 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

00:48:13.0690 4092 mouclass - ok

00:48:13.0784 4092 mouhid (a3a6dff7e9e757db3df51a833bc28885) C:\Windows\system32\drivers\mouhid.sys

00:48:13.0846 4092 mouhid - ok

00:48:13.0893 4092 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

00:48:13.0908 4092 MountMgr - ok

00:48:13.0971 4092 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys

00:48:13.0971 4092 mpio - ok

00:48:14.0049 4092 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

00:48:14.0080 4092 mpsdrv - ok

00:48:14.0142 4092 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

00:48:14.0158 4092 Mraid35x - ok

00:48:14.0189 4092 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

00:48:14.0220 4092 MRxDAV - ok

00:48:14.0283 4092 mrxsmb (317eb668973951bad512ee8bebf9ed25) C:\Windows\system32\DRIVERS\mrxsmb.sys

00:48:14.0330 4092 mrxsmb - ok

00:48:14.0376 4092 mrxsmb10 (05716f0203b5c774a87384a1ff7b968f) C:\Windows\system32\DRIVERS\mrxsmb10.sys

00:48:14.0423 4092 mrxsmb10 - ok

00:48:14.0501 4092 mrxsmb20 (c70c50d101b92b45c42ba11ea9fe6cd1) C:\Windows\system32\DRIVERS\mrxsmb20.sys

00:48:14.0517 4092 mrxsmb20 - ok

00:48:14.0579 4092 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys

00:48:14.0595 4092 msahci - ok

00:48:14.0642 4092 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys

00:48:14.0657 4092 msdsm - ok

00:48:14.0704 4092 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

00:48:14.0751 4092 Msfs - ok

00:48:14.0844 4092 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

00:48:14.0844 4092 msisadrv - ok

00:48:14.0907 4092 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

00:48:14.0938 4092 MSKSSRV - ok

00:48:15.0078 4092 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

00:48:15.0110 4092 MSPCLOCK - ok

00:48:15.0156 4092 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

00:48:15.0188 4092 MSPQM - ok

00:48:15.0250 4092 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

00:48:15.0266 4092 MsRPC - ok

00:48:15.0328 4092 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

00:48:15.0344 4092 mssmbios - ok

00:48:15.0375 4092 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

00:48:15.0406 4092 MSTEE - ok

00:48:15.0484 4092 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

00:48:15.0484 4092 Mup - ok

00:48:15.0546 4092 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

00:48:15.0562 4092 NativeWifiP - ok

00:48:15.0656 4092 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

00:48:15.0718 4092 NDIS - ok

00:48:15.0780 4092 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

00:48:15.0827 4092 NdisTapi - ok

00:48:15.0874 4092 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

00:48:15.0905 4092 Ndisuio - ok

00:48:15.0936 4092 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

00:48:15.0968 4092 NdisWan - ok

00:48:15.0999 4092 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

00:48:16.0046 4092 NDProxy - ok

00:48:16.0092 4092 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

00:48:16.0124 4092 NetBIOS - ok

00:48:16.0202 4092 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

00:48:16.0233 4092 netbt - ok

00:48:16.0326 4092 NETw3v32 (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys

00:48:16.0529 4092 NETw3v32 - ok

00:48:16.0732 4092 NETw4v32 (0f366d06511a76a0428b418c91ca0e31) C:\Windows\system32\DRIVERS\NETw4v32.sys

00:48:16.0950 4092 NETw4v32 - ok

00:48:17.0138 4092 NETw5v32 (83f310bf50985f2a52121f2614787c38) C:\Windows\system32\DRIVERS\NETw5v32.sys

00:48:17.0450 4092 NETw5v32 - ok

00:48:17.0574 4092 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

00:48:17.0574 4092 nfrd960 - ok

00:48:17.0637 4092 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

00:48:17.0668 4092 Npfs - ok

00:48:17.0715 4092 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

00:48:17.0746 4092 nsiproxy - ok

00:48:17.0855 4092 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

00:48:17.0918 4092 Ntfs - ok

00:48:18.0042 4092 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

00:48:18.0074 4092 ntrigdigi - ok

00:48:18.0183 4092 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

00:48:18.0198 4092 Null - ok

00:48:18.0557 4092 nvlddmkm (b28ed79a0c594c98628477d81d8475c8) C:\Windows\system32\DRIVERS\nvlddmkm.sys

00:48:19.0290 4092 nvlddmkm - ok

00:48:19.0524 4092 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys

00:48:19.0524 4092 nvraid - ok

00:48:19.0571 4092 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys

00:48:19.0571 4092 nvstor - ok

00:48:19.0618 4092 nv_agp (925eb9e53eca4473a2d156a02b7418e3) C:\Windows\system32\drivers\nv_agp.sys

00:48:19.0634 4092 nv_agp - ok

00:48:19.0649 4092 NwlnkFlt - ok

00:48:19.0665 4092 NwlnkFwd - ok

00:48:19.0743 4092 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

00:48:19.0774 4092 ohci1394 - ok

00:48:19.0883 4092 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\DRIVERS\parport.sys

00:48:19.0977 4092 Parport - ok

00:48:20.0102 4092 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

00:48:20.0117 4092 partmgr - ok

00:48:20.0211 4092 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\DRIVERS\parvdm.sys

00:48:20.0258 4092 Parvdm - ok

00:48:20.0320 4092 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

00:48:20.0336 4092 pci - ok

00:48:20.0367 4092 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys

00:48:20.0367 4092 pciide - ok

00:48:20.0445 4092 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys

00:48:20.0445 4092 pcmcia - ok

00:48:20.0492 4092 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys

00:48:20.0523 4092 pcouffin - ok

00:48:20.0663 4092 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

00:48:20.0819 4092 PEAUTH - ok

00:48:20.0928 4092 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

00:48:20.0960 4092 PptpMiniport - ok

00:48:21.0006 4092 PROCDD (1d80309fed4babf8ea9e7b84a394348b) C:\Windows\system32\DRIVERS\PROCDD.SYS

00:48:21.0006 4092 PROCDD - ok

00:48:21.0084 4092 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys

00:48:21.0131 4092 Processor - ok

00:48:21.0194 4092 psadd (f8a25f1dd8b2c332cbc663e3579566e7) C:\Windows\system32\DRIVERS\psadd.sys

00:48:21.0194 4092 psadd - ok

00:48:21.0240 4092 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

00:48:21.0287 4092 PSched - ok

00:48:21.0350 4092 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys

00:48:21.0350 4092 PxHelp20 - ok

00:48:21.0443 4092 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys

00:48:21.0506 4092 ql2300 - ok

00:48:21.0552 4092 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

00:48:21.0552 4092 ql40xx - ok

00:48:21.0646 4092 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

00:48:21.0708 4092 QWAVEdrv - ok

00:48:21.0771 4092 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

00:48:21.0802 4092 RasAcd - ok

00:48:21.0880 4092 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

00:48:21.0927 4092 Rasl2tp - ok

00:48:21.0989 4092 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

00:48:22.0020 4092 RasPppoe - ok

00:48:22.0052 4092 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

00:48:22.0083 4092 RasSstp - ok

00:48:22.0145 4092 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

00:48:22.0176 4092 rdbss - ok

00:48:22.0239 4092 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

00:48:22.0270 4092 RDPCDD - ok

00:48:22.0348 4092 rdpdr (87ee019fe9fbff071d76ccf9ec794646) C:\Windows\system32\drivers\rdpdr.sys

00:48:22.0364 4092 rdpdr - ok

00:48:22.0426 4092 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

00:48:22.0442 4092 RDPENCDD - ok

00:48:22.0520 4092 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

00:48:22.0535 4092 RDPWD - ok

00:48:22.0629 4092 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys

00:48:22.0660 4092 RFCOMM - ok

00:48:22.0722 4092 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

00:48:22.0754 4092 rspndr - ok

00:48:22.0863 4092 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

00:48:22.0878 4092 sbp2port - ok

00:48:22.0956 4092 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

00:48:22.0988 4092 secdrv - ok

00:48:23.0019 4092 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys

00:48:23.0081 4092 Serenum - ok

00:48:23.0128 4092 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\DRIVERS\serial.sys

00:48:23.0190 4092 Serial - ok

00:48:23.0315 4092 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

00:48:23.0346 4092 sermouse - ok

00:48:23.0409 4092 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys

00:48:23.0440 4092 sffdisk - ok

00:48:23.0487 4092 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys

00:48:23.0502 4092 sffp_mmc - ok

00:48:23.0534 4092 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys

00:48:23.0565 4092 sffp_sd - ok

00:48:23.0627 4092 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys

00:48:23.0674 4092 sfloppy - ok

00:48:23.0736 4092 Shockprf (a3aee791db8c73882f4503bfaacd8c9e) C:\Windows\system32\DRIVERS\Apsx86.sys

00:48:23.0752 4092 Shockprf - ok

00:48:23.0799 4092 sisagp (e5773c4cff310d00a59db01ef4074135) C:\Windows\system32\drivers\sisagp.sys

00:48:23.0814 4092 sisagp - ok

00:48:23.0846 4092 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys

00:48:23.0846 4092 SiSRaid2 - ok

00:48:23.0924 4092 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys

00:48:23.0924 4092 SiSRaid4 - ok

00:48:23.0986 4092 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

00:48:24.0017 4092 Smb - ok

00:48:24.0080 4092 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

00:48:24.0080 4092 spldr - ok

00:48:24.0126 4092 srv (baa6018a27857b5ff0c03ce756b4a7a2) C:\Windows\system32\DRIVERS\srv.sys

00:48:24.0173 4092 srv - ok

00:48:24.0220 4092 srv2 (d69b44e3b000c2ff583f10c65489b4fb) C:\Windows\system32\DRIVERS\srv2.sys

00:48:24.0251 4092 srv2 - ok

00:48:24.0282 4092 srvnet (2d10de9022822772adaa120b15a9bd03) C:\Windows\system32\DRIVERS\srvnet.sys

00:48:24.0298 4092 srvnet - ok

00:48:24.0407 4092 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

00:48:24.0407 4092 swenum - ok

00:48:24.0454 4092 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

00:48:24.0454 4092 Symc8xx - ok

00:48:24.0516 4092 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

00:48:24.0516 4092 Sym_hi - ok

00:48:24.0563 4092 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

00:48:24.0579 4092 Sym_u3 - ok

00:48:24.0657 4092 SynTP (d1e06d0b79fdbf6e86ff7be04ff33651) C:\Windows\system32\DRIVERS\SynTP.sys

00:48:24.0657 4092 SynTP - ok

00:48:24.0750 4092 Tcpip (65877aa1b6a7cb797488e831698973e9) C:\Windows\system32\drivers\tcpip.sys

00:48:24.0813 4092 Tcpip - ok

00:48:24.0906 4092 Tcpip6 (65877aa1b6a7cb797488e831698973e9) C:\Windows\system32\DRIVERS\tcpip.sys

00:48:24.0938 4092 Tcpip6 - ok

00:48:25.0000 4092 tcpipreg (4b8f496292d40192acb052e030c023a7) C:\Windows\system32\drivers\tcpipreg.sys

00:48:25.0031 4092 tcpipreg - ok

00:48:25.0078 4092 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

00:48:25.0109 4092 TDPIPE - ok

00:48:25.0140 4092 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

00:48:25.0172 4092 TDTCP - ok

00:48:25.0218 4092 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

00:48:25.0250 4092 tdx - ok

00:48:25.0328 4092 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

00:48:25.0328 4092 TermDD - ok

00:48:25.0406 4092 TPDIGIMN (639ba7b37f25054cf5e82604e736d250) C:\Windows\system32\DRIVERS\ApsHM86.sys

00:48:25.0406 4092 TPDIGIMN - ok

00:48:25.0468 4092 TPM (cb258c2f726f1be73c507022be33ebb3) C:\Windows\system32\drivers\tpm.sys

00:48:25.0484 4092 TPM - ok

00:48:25.0546 4092 TPPWRIF (6412da2b8d079d821b99b3a99943284e) C:\Windows\system32\drivers\Tppwr32v.sys

00:48:25.0546 4092 TPPWRIF - ok

00:48:25.0593 4092 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

00:48:25.0624 4092 tssecsrv - ok

00:48:25.0671 4092 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

00:48:25.0702 4092 tunmp - ok

00:48:25.0733 4092 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys

00:48:25.0764 4092 tunnel - ok

00:48:25.0811 4092 tvtfilter (49258a02a1e8d304ed88b0f1c56b1738) C:\Windows\system32\DRIVERS\tvtfilter.sys

00:48:25.0827 4092 tvtfilter ( UnsignedFile.Multi.Generic ) - warning

00:48:25.0827 4092 tvtfilter - detected UnsignedFile.Multi.Generic (1)

00:48:25.0858 4092 TVTI2C (8ab24d4b7da715c2c80455137910e792) C:\Windows\system32\DRIVERS\Tvti2c.sys

00:48:25.0905 4092 TVTI2C - ok

00:48:25.0952 4092 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys

00:48:25.0952 4092 uagp35 - ok

00:48:26.0014 4092 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

00:48:26.0045 4092 udfs - ok

00:48:26.0076 4092 UIUSys - ok

00:48:26.0170 4092 uliagpkx (5895ef4d0f1424392ee6439250e25677) C:\Windows\system32\drivers\uliagpkx.sys

00:48:26.0170 4092 uliagpkx - ok

00:48:26.0232 4092 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys

00:48:26.0248 4092 uliahci - ok

00:48:26.0279 4092 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

00:48:26.0295 4092 UlSata - ok

00:48:26.0310 4092 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

00:48:26.0326 4092 ulsata2 - ok

00:48:26.0373 4092 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

00:48:26.0404 4092 umbus - ok

00:48:26.0466 4092 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys

00:48:26.0482 4092 usbaudio - ok

00:48:26.0544 4092 usbccgp (922b2ebd5118b9ab120410807131a921) C:\Windows\system32\DRIVERS\usbccgp.sys

00:48:26.0560 4092 usbccgp - ok

00:48:26.0607 4092 USBCCID (68ab390b18a743aab32c669167aa6a61) C:\Windows\system32\DRIVERS\usbccid.sys

00:48:26.0654 4092 USBCCID - ok

00:48:26.0700 4092 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

00:48:26.0747 4092 usbcir - ok

00:48:26.0888 4092 usbehci (3d045eaa73414be8f877f292a84abba2) C:\Windows\system32\DRIVERS\usbehci.sys

00:48:26.0903 4092 usbehci - ok

00:48:26.0950 4092 usbhub (1ae77a4c4e4f526ef9759c31a123f2b0) C:\Windows\system32\DRIVERS\usbhub.sys

00:48:26.0997 4092 usbhub - ok

00:48:27.0044 4092 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

00:48:27.0075 4092 usbohci - ok

00:48:27.0090 4092 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

00:48:27.0137 4092 usbprint - ok

00:48:27.0293 4092 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

00:48:27.0309 4092 USBSTOR - ok

00:48:27.0371 4092 usbuhci (f69c1aad04f28415f3fbe99fbe56030b) C:\Windows\system32\DRIVERS\usbuhci.sys

00:48:27.0387 4092 usbuhci - ok

00:48:27.0449 4092 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

00:48:27.0496 4092 usbvideo - ok

00:48:27.0574 4092 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys

00:48:27.0621 4092 vga - ok

00:48:27.0636 4092 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

00:48:27.0699 4092 VgaSave - ok

00:48:27.0824 4092 viaagp (66e64d5cbeb047c90e65f0962483a5b2) C:\Windows\system32\drivers\viaagp.sys

00:48:27.0839 4092 viaagp - ok

00:48:27.0870 4092 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys

00:48:27.0933 4092 ViaC7 - ok

00:48:27.0980 4092 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys

00:48:27.0980 4092 viaide - ok

00:48:28.0042 4092 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

00:48:28.0058 4092 volmgr - ok

00:48:28.0120 4092 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

00:48:28.0120 4092 volmgrx - ok

00:48:28.0229 4092 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

00:48:28.0245 4092 volsnap - ok

00:48:28.0276 4092 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys

00:48:28.0292 4092 vsmraid - ok

00:48:28.0354 4092 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

00:48:28.0416 4092 WacomPen - ok

00:48:28.0494 4092 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

00:48:28.0526 4092 Wanarp - ok

00:48:28.0526 4092 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

00:48:28.0541 4092 Wanarpv6 - ok

00:48:28.0619 4092 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys

00:48:28.0619 4092 Wd - ok

00:48:28.0713 4092 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

00:48:28.0744 4092 Wdf01000 - ok

00:48:28.0884 4092 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys

00:48:29.0009 4092 winachsf - ok

00:48:29.0337 4092 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

00:48:29.0368 4092 WmiAcpi - ok

00:48:29.0664 4092 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys

00:48:29.0711 4092 WpdUsb - ok

00:48:30.0008 4092 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

00:48:30.0054 4092 ws2ifsl - ok

00:48:30.0304 4092 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

00:48:30.0320 4092 WUDFRd - ok

00:48:30.0413 4092 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys

00:48:30.0429 4092 XAudio - ok

00:48:30.0476 4092 MBR (0x1B8) (9650019db691dc5964f402625d4c73ff) \Device\Harddisk0\DR0

00:48:30.0663 4092 \Device\Harddisk0\DR0 - ok

00:48:30.0678 4092 Boot (0x1200) (960018d6589370c522a315bf863cbf68) \Device\Harddisk0\DR0\Partition0

00:48:30.0678 4092 \Device\Harddisk0\DR0\Partition0 - ok

00:48:30.0678 4092 ============================================================

00:48:30.0678 4092 Scan finished

00:48:30.0678 4092 ============================================================

00:48:30.0694 6504 Detected object count: 1

00:48:30.0694 6504 Actual detected object count: 1

00:49:14.0920 6504 C:\Windows\system32\DRIVERS\tvtfilter.sys - copied to quarantine

00:49:14.0920 6504 tvtfilter ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

00:49:34.0358 0380 Deinitialize success

Link to post
Share on other sites

Locate to: C:\TDSSKiller_Quarantine\<date of running> and upload the file in www.virustotal.com . Wait until the scan finished and copy/paste the link here.

Not really sure what "the file" as there are more than one but I uploaded tsk0000.dta

see

http://www.virustotal.com/file-scan/report.html?id=4bb23e4c37bb2a0daf465fe93c0af6e0d3e6ae85605382e08ffe80403cbc2daf-1322021714

Link to post
Share on other sites

  1. Please run a free online scan with the ESET Online Scanner
    Note: You will need to use Internet Explorer for this scan
  2. Tick the box next to YES, I accept the Terms of Use
  3. Click Start
  4. When asked, allow the ActiveX control to install
  5. Click Start
  6. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  7. Click Scan (This scan can take several hours, so please be patient)
  8. Once the scan is completed, you may close the window
  9. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  10. Copy and paste that log as a reply to this topic

Link to post
Share on other sites

How does it look?

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=68a1438a4c8d5b44a219e3ca9098e86f

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-11-13 03:48:53

# local_time=2011-11-12 07:48:53 (-0800, Pacific Standard Time)

# country="United States"

# lang=9

# osver=6.0.6002 NT Service Pack 2

# compatibility_mode=5892 16776573 100 100 0 157759809 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=137210

# found=1

# cleaned=1

# scan_time=3896

C:\Users\Renee\Music\Feist - The Reminder (2007)\01 Feist - So Sorry.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan (cleaned - quarantined) 00000000000000000000000000000000 C

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=68a1438a4c8d5b44a219e3ca9098e86f

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-11-25 05:48:43

# local_time=2011-11-24 09:48:43 (-0800, Pacific Standard Time)

# country="United States"

# lang=1033

# osver=6.0.6002 NT Service Pack 2

# compatibility_mode=5892 16776573 100 100 0 158803580 0 0

# compatibility_mode=8192 67108863 100 0 126206 126206 0 0

# scanned=159827

# found=0

# cleaned=0

# scan_time=4114

Link to post
Share on other sites

everything has been fine, I just wanted to make sure there are no backdoors open.

Your system was severely infected, there is no guarantee that it remained open backdoor or not. I will send you some suggestions about how to improve your system security, but if you want to be sure the best way is to format your hard drive.

Link to post
Share on other sites

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right

AVPfront.gif

Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan

avpsettings.gif

Allow AVP to delete all infections found

Once it has finished select report tab (last tab)

Select Detected threads report from the left and press Save button

Save it to your desktop and post to your next reply.

Link to post
Share on other sites

  • 2 weeks later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.