Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Long Hangs/temp freeze on Loading anything

Started by Teros , Oct 07 2011 10:20 PM

  • This topic is locked This topic is locked

#1
Teros
Posted 07 October 2011 - 10:20 PM

Teros

    Member

  • Member
  • PipPip
  • 52 posts
So, I been through several sites, I got help on this one. They said my system was fine as of hardware an software, I had some doubles installed, got rid of them. I found a Trojan.Agent/Gen finally through SAS Free Ver. Still the hangs continue and are extremely annoying to say the least. I thought it may of been the processes, 30-32 running, lots of Svhosts, but no one has spotted anything screwed up. Did the whole hijack/OTL business several times... I can rerun fresh logs for anything, just say so. Waiting 2 minutes for Firefox to open kind of pisses me off after awhile. Any suggestions?
  • 0

Advertisements

#2
Teros
Posted 08 October 2011 - 02:37 AM

Teros

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Sorry, frustrated, will post fresh otl log ASAP, thanks.

Edited by Teros, 08 October 2011 - 05:29 PM.

  • 0

#3
Teros
Posted 09 October 2011 - 05:06 PM

Teros

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Here's the fresh OTL, as instructed.

Attached Files


  • 0

#4
Salagubang
Posted 13 October 2011 - 10:19 PM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Hi teros,

Welcome to Geekstogo. My name is Salagubang and I'll be helping you with this problem.

  • Please read all of my response through at least once before attempting to follow the procedures described. I would recommend printing them out, if you can, as you can check off each step as you complete it. If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you
  • English is not my first language, so please do not use slang or idioms, as this makes it difficult to understand for me.

+++++++++++++++++++++++++++++++++++++++++++

Download Speedfan (The download link is to the right), and install it. Once it's installed, run the program and post here the information it shows.
The information I want you to post is the stuff that is circled in the example picture I have attached.
To make sure we are getting all the correct information it would help us if you were to attach a screenshot like the one below of your Speedfan results.

To do a screenshot please have click on your Print Screen on your keyboard.
  • It is normally the key above your number pad between the F12 key and the Scroll Lock key
  • Now go to Start and then to All Programs
  • Scroll to Accessories and then click on Paint
  • In the Empty White Area click and hold the CTRL key and then click the V
  • Go to the File option at the top and click on Save as
  • Save as file type JPEG and save it to your Desktop
  • Attach it to your next reply

Posted Image

Next

Please download ComboFix from one of these locations:

Bleepingcomputer
ForoSpyware
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#5
Teros
Posted 14 October 2011 - 01:02 AM

Teros

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Unfortunately, unless they upgraded combofix's compatibility with win xp 64 bit, I can't install it, let alone run it... Speedfan screenshot below.

Attached Thumbnails

  • speedfan.JPG

  • 0

#6
Salagubang
Posted 14 October 2011 - 01:09 AM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Hi Teros,

One of the main causes of computer hangs and sluggish performance is heat. The screenshot shows that your computer is much too hot. My personal limit for these things is 55 deg Celsius for the CPU core and 70 degrees for videocard.

Is the machine a desktop or a laptop?
  • 0

#7
Teros
Posted 14 October 2011 - 01:23 AM

Teros

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
desktop, really? I had everything replaced recently, the only thing that wasn't was the processor and fans, the processor fan is a bit slow to start, but still works, I don't get why it would over heat, I got a cooling system for it awhile back to prevent this very thing, I have 5-6 fans in there... The room where it is is pretty hot usually, but I have a fan blowing on this too. Could there be another cause for it too overheat?
  • 0

#8
Salagubang
Posted 14 October 2011 - 01:34 AM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Thanks for the quick response.

I got a cooling system for it awhile back to prevent this very thing, I have 5-6 fans in there

Probably me not reading the chart right. :) I'll note it for now so we can proceed.

Do you know what power rating (wattage) your power supply has? and the brand?
What video card is installed in the machine?
  • 0

#9
Teros
Posted 14 October 2011 - 02:08 AM

Teros

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
How could I look that up easily, the video card is ATI Radeon HD 5700 series. Not 100% on the rest, so I don't want to give the wrong answer. I may not be able to respond until Saturday, Monday latest, just a heads up.
  • 0

#10
Salagubang
Posted 14 October 2011 - 02:21 AM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts

How could I look that up easily


Turn off the computer then open the side cover. The big square box where you plug the electricity cord is the power supply. You can use a flashlight to shine a light into it (side)and look for specs (numbers) written. Do not touch the insides of the machine.

Basically what I am looking for is the wattage capacity and the brand.

We can skip this part If you are not comfortable opening up the side cover; and you just tell me the brand of the computer instead. :)
  • 0

Advertisements

#11
Teros
Posted 14 October 2011 - 03:06 AM

Teros

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
tired as [bleep], I'll let you know as soon as I can.
  • 0

#12
Salagubang
Posted 14 October 2011 - 03:07 AM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
No problem.

We proceed when you're ready.

Regards.

:)
  • 0

#13
Teros
Posted 16 October 2011 - 04:52 PM

Teros

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
I'm back, this is what I see on the power source, on a white sticker P8001073 below it is G0108F1L6.

Next I see next to a bar code, sticker also, is P/N: 9PA60005000 S/N: S6491002336. I see Active PFC, Ball Bearing Fan, W/noise killer, ATE/OK, Hi-Pot/OK, RoHS, that's all I see. Nothing else but that, that I see.
  • 0

#14
Salagubang
Posted 16 October 2011 - 07:22 PM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Hi Teros,

Next I see next to a bar code, sticker also, is P/N: 9PA60005000 S/N: S6491002336. I see Active PFC, Ball Bearing Fan, W/noise killer, ATE/OK, Hi-Pot/OK, RoHS, that's all I see. Nothing else but that, that I see.


What is the brand and model of this machine?

-------------------------------

To proceed.

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    netsvcs
    drivers32
    %SYSTEMDRIVE%\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them in your next reply

Next

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If a Malicious file is detected, the default action will be Cure, click on Continue
  • If a Suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Next

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan
On the first tab select all elements down to Computer and then select start scan
Once it has finished select report and post that.

Posted Image

Do not close AVPTool or it will self uninstall, if it does uninstall - then just rerun the setup file on your desktop

Now an analysis scan
Select the Manual Disinfection tab
Press the Gather System Information button
Once done Open the last report saved folder then attach the zip file to your next post zip
The file is located at C:\Users\your name\Desktop\Virus Removal Tool\setup_9.0.0.722_05.01.2011_20-34\LOG\avptool_sysinfo.zip

Posted Image
  • 0

#15
Teros
Posted 16 October 2011 - 08:44 PM

Teros

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
OTL: It did not give me an extras log.

OTL logfile created on: 10/16/2011 6:42:37 PM - Run 3
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\Administrator\Desktop
64bit-Windows Server 2003 Service Pack 2 (Version = 5.2.3790) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.19 Gb Available Physical Memory | 79.79% Memory free
12.26 Gb Paging File | 11.77 Gb Available in Paging File | 96.02% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596.17 Gb Total Space | 426.49 Gb Free Space | 71.54% Space Free | Partition Type: NTFS
Drive D: | 697.65 Gb Total Space | 491.83 Gb Free Space | 70.50% Space Free | Partition Type: NTFS

Computer Name: USER-14D1B69C21 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Administrator\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe (Cyber Power Systems, Inc.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\defs\11101601\algo.dll ()
MOD - C:\Program Files\AVAST Software\Avast\defs\11101601\aswRep.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ppped) -- C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe (Cyber Power Systems, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (helpsvc) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Program Files (x86)\Windows Media Player\WMPNetwk.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (vde4odkz) -- C:\WINDOWS\SysWOW64\Drivers\vde4odkz.sys ()
DRV - (uze4odkz) -- C:\WINDOWS\SysWOW64\Drivers\uze4odkz.sys ()
DRV - (speedfan) -- C:\WINDOWS\SysWOW64\speedfan.sys (Almico Software)
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows ® Server 2003 DDK provider)
DRV - (ASTRA64) -- C:\Program Files (x86)\ASTRA32\astra64.sys (Licensed for Sysinfo Lab)
DRV - (mnmdd) -- C:\WINDOWS\SysWow64\mnmdd.dll (Microsoft Corporation)
DRV - (Aspi32) -- C:\WINDOWS\SysWow64\drivers\aspi32.sys (Adaptec)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:home
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Java\jre6\lib\deploy\jqs\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/09/12 04:07:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/01 01:57:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/10/02 03:18:21 | 000,000,000 | ---D | M]

[2011/09/24 12:55:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2011/10/16 16:14:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\wvtvti0j.default\extensions
[2011/09/24 12:59:52 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\wvtvti0j.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/09/24 12:54:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\WVTVTI0J.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\WVTVTI0J.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/10/01 01:57:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

Hosts file not found
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
O3:64bit: - HKCU\..\Toolbar\ShellBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - %SystemRoot%\system32\SHELL32.dll File not found
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - %SystemRoot%\system32\browseui.dll File not found
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - %SystemRoot%\system32\SHELL32.dll File not found
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O9:64bit: - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - %SystemRoot%\System32\mswsock.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - %SystemRoot%\System32\winrnr.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - %SystemRoot%\System32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\mswsock.dll File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9079FF4C-5EF8-40FC-9DC6-5DCE577D106F}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll File not found
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\http\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\http\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\https\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\https\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - %SystemRoot%\system32\inetcomm.dll File not found
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll File not found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - %SystemRoot%\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll File not found
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll File not found
O18:64bit: - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll File not found
O18:64bit: - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - %SystemRoot%\system32\SHELL32.dll File not found
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - File not found
O20:64bit: - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) - File not found
O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: System - (lsass.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - File not found
O20:64bit: - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - File not found
O20:64bit: - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - File not found
O20:64bit: - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - File not found
O20:64bit: - Winlogon\Notify\dimsntfy: DllName - (dimsntfy.dll) - File not found
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - File not found
O20:64bit: - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
O20:64bit: - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - File not found
O20:64bit: - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
O21:64bit: - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll File not found
O21:64bit: - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll File not found
O21:64bit: - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll File not found
O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll File not found
O22:64bit: - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - %SystemRoot%\system32\browseui.dll File not found
O22:64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - %SystemRoot%\system32\browseui.dll File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/03 19:08:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: aux - File not found
Drivers32:64bit: aux4 - File not found
Drivers32:64bit: aux5 - File not found
Drivers32:64bit: midi - File not found
Drivers32:64bit: midi4 - File not found
Drivers32:64bit: midi5 - File not found
Drivers32:64bit: midimapper - File not found
Drivers32:64bit: mixer - File not found
Drivers32:64bit: mixer4 - File not found
Drivers32:64bit: mixer5 - File not found
Drivers32:64bit: msacm.imaadpcm - File not found
Drivers32:64bit: msacm.msadpcm - File not found
Drivers32:64bit: msacm.msg711 - File not found
Drivers32:64bit: msacm.msgsm610 - File not found
Drivers32:64bit: msacm.trspch - File not found
Drivers32:64bit: vidc.iyuv - File not found
Drivers32:64bit: vidc.mrle - File not found
Drivers32:64bit: vidc.msvc - File not found
Drivers32:64bit: vidc.uyvy - File not found
Drivers32:64bit: vidc.yuy2 - File not found
Drivers32:64bit: vidc.yvu9 - File not found
Drivers32:64bit: vidc.yvyu - File not found
Drivers32:64bit: wave - File not found
Drivers32:64bit: wave4 - File not found
Drivers32:64bit: wave5 - File not found
Drivers32:64bit: wavemapper - File not found
Drivers32: msacm.l3acm - C:\WINDOWS\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\SysWow64\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\SysWow64\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Program Files (x86)\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\SysWow64\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\SysWow64\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\SysWow64\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/10/13 23:56:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2011/10/13 23:56:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\SpeedFan
[2011/10/13 01:20:53 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2011/10/09 16:13:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Hijackthis
[2011/10/09 15:58:19 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2011/10/06 17:44:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Logitech
[2011/10/06 17:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech Gaming Software
[2011/10/01 16:54:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.swt
[2011/10/01 16:54:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Azureus
[2011/10/01 16:52:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\vmntemplate
[2011/09/28 19:11:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Music
[2011/09/27 14:16:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\579000
[2011/09/24 12:54:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Mozilla
[2011/09/24 12:54:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

========== Files - Modified Within 30 Days ==========

[2011/10/16 15:34:14 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1058093358-2681104663-2786989613-500.job
[2011/10/16 15:33:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/10/14 02:26:32 | 000,733,770 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2011/10/14 02:16:10 | 000,000,984 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/10/14 02:04:36 | 000,058,368 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/14 00:44:26 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/10/13 23:56:19 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\SpeedFan.lnk
[2011/10/13 23:56:19 | 000,000,045 | ---- | M] () -- C:\WINDOWS\SysWow64\initdebug.nfo
[2011/10/11 23:59:00 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1058093358-2681104663-2786989613-500.job
[2011/10/10 17:52:20 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysWow64\config.nt
[2011/10/09 15:58:21 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2011/10/07 14:36:44 | 000,000,676 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/10/02 16:37:24 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\MBR.dat
[2011/09/26 13:44:57 | 000,000,512 | -H-- | M] () -- C:\Documents and Settings\Administrator\Desktop\MBR.dat
[2011/09/24 12:54:52 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/09/24 12:54:52 | 000,000,766 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/09/24 12:49:32 | 000,212,016 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Firefox 6.0.2 (en-US) - 2011-09-24.pcv
[2011/09/23 20:39:19 | 000,065,536 | ---- | M] () -- C:\WINDOWS\TADSUINS.EXE
[2011/09/21 15:22:40 | 000,013,312 | ---- | M] () -- C:\WINDOWS\SysWow64\drivers\vde4odkz.sys
[2011/09/21 15:22:36 | 000,011,264 | ---- | M] () -- C:\WINDOWS\SysWow64\drivers\uze4odkz.sys
[2011/09/20 22:16:56 | 000,000,008 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\rtkhdaud.dat

========== Files Created - No Company Name ==========

[2011/10/14 02:15:50 | 000,000,984 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/10/13 23:56:19 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\SpeedFan.lnk
[2011/10/13 23:56:18 | 000,000,045 | ---- | C] () -- C:\WINDOWS\SysWow64\initdebug.nfo
[2011/09/24 12:54:52 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/09/24 12:54:52 | 000,000,772 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/09/24 12:54:52 | 000,000,766 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/09/24 12:49:32 | 000,212,016 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Firefox 6.0.2 (en-US) - 2011-09-24.pcv
[2011/09/21 15:22:40 | 000,013,312 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\vde4odkz.sys
[2011/09/21 15:22:36 | 000,011,264 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\uze4odkz.sys
[2011/09/20 22:16:56 | 000,000,008 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\rtkhdaud.dat
[2011/09/17 22:38:53 | 000,000,512 | -H-- | C] () -- C:\Documents and Settings\Administrator\Desktop\MBR.dat
[2011/09/06 15:41:37 | 000,017,408 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\WebpageIcons.db
[2011/09/03 02:44:22 | 000,162,304 | ---- | C] () -- C:\WINDOWS\SysWow64\ztvunrar36.dll
[2011/09/03 02:44:22 | 000,153,088 | ---- | C] () -- C:\WINDOWS\SysWow64\UNRAR3.dll
[2011/09/03 02:44:22 | 000,077,312 | ---- | C] () -- C:\WINDOWS\SysWow64\ztvunace26.dll
[2011/09/03 02:44:22 | 000,075,264 | ---- | C] () -- C:\WINDOWS\SysWow64\unacev2.dll
[2011/09/01 02:18:05 | 000,000,036 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\housecall.guid.cache
[2011/08/30 01:14:14 | 000,058,368 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/01 17:45:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WinFrotz.INI
[2011/08/01 17:44:23 | 000,065,536 | ---- | C] () -- C:\WINDOWS\TADSUINS.EXE
[2011/02/08 17:50:59 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2011/02/08 17:50:55 | 000,020,783 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2011/02/08 17:50:53 | 000,010,296 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\ASUSHWIO.SYS
[2010/12/09 11:54:17 | 000,733,770 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2010/12/08 20:21:12 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/12/08 17:47:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010/12/08 17:08:34 | 000,000,664 | ---- | C] () -- C:\WINDOWS\SysWow64\d3d9caps.dat
[2010/12/07 20:35:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/12/07 20:21:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\LCDMedia.INI
[2010/12/06 02:49:21 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/12/03 21:09:37 | 000,010,240 | ---- | C] () -- C:\WINDOWS\SysWow64\vidx16.dll
[2010/12/03 21:07:49 | 000,044,136 | ---- | C] () -- C:\WINDOWS\CPLUTL64.EXE
[2010/12/03 19:11:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/12/02 20:13:57 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/02/18 05:00:00 | 001,278,464 | ---- | C] () -- C:\WINDOWS\SysWow64\quartz.dll
[2007/02/18 05:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\SysWow64\qedwipes.dll
[2007/02/18 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2007/02/18 05:00:00 | 000,512,512 | ---- | C] () -- C:\WINDOWS\SysWow64\qedit.dll
[2007/02/18 05:00:00 | 000,498,742 | ---- | C] () -- C:\WINDOWS\SysWow64\dxmasf.dll
[2007/02/18 05:00:00 | 000,396,288 | ---- | C] () -- C:\WINDOWS\SysWow64\encdec.dll
[2007/02/18 05:00:00 | 000,385,536 | ---- | C] () -- C:\WINDOWS\SysWow64\qdvd.dll
[2007/02/18 05:00:00 | 000,355,112 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2007/02/18 05:00:00 | 000,279,040 | ---- | C] () -- C:\WINDOWS\SysWow64\qdv.dll
[2007/02/18 05:00:00 | 000,276,992 | ---- | C] () -- C:\WINDOWS\SysWow64\sbe.dll
[2007/02/18 05:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\SysWow64\ir32_32.dll
[2007/02/18 05:00:00 | 000,192,512 | ---- | C] () -- C:\WINDOWS\SysWow64\qcap.dll
[2007/02/18 05:00:00 | 000,114,688 | ---- | C] () -- C:\WINDOWS\SysWow64\msencode.dll
[2007/02/18 05:00:00 | 000,072,704 | ---- | C] () -- C:\WINDOWS\SysWow64\amstream.dll
[2007/02/18 05:00:00 | 000,062,464 | ---- | C] () -- C:\WINDOWS\SysWow64\mciqtz32.dll
[2007/02/18 05:00:00 | 000,061,440 | ---- | C] () -- C:\WINDOWS\SysWow64\devenum.dll
[2007/02/18 05:00:00 | 000,055,808 | ---- | C] () -- C:\WINDOWS\SysWow64\dvdplay.exe
[2007/02/18 05:00:00 | 000,016,896 | ---- | C] () -- C:\WINDOWS\SysWow64\tsd32.dll
[2007/02/18 05:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\SysWow64\msdmo.dll
[2007/02/18 05:00:00 | 000,012,498 | ---- | C] () -- C:\WINDOWS\SysWow64\append.exe
[2007/02/18 05:00:00 | 000,004,126 | ---- | C] () -- C:\WINDOWS\SysWow64\msdxmlc.dll
[2007/02/18 05:00:00 | 000,001,129 | ---- | C] () -- C:\WINDOWS\SysWow64\vwipxspx.exe

========== LOP Check ==========

[2011/10/02 19:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Azureus
[2011/09/08 17:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ElevatedDiagnostics
[2010/12/16 20:06:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\FreeStone Group
[2010/12/09 17:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2011/08/30 15:03:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PFStaticIP
[2011/07/29 00:43:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Rags
[2011/09/08 00:03:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Simply Super Software
[2011/10/16 18:44:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
[2011/10/01 16:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\vmntemplate
[2010/12/21 15:50:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Search
[2010/12/03 23:33:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/09/12 04:07:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2010/12/09 16:44:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Plantronics
[2011/09/03 01:34:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2011/09/07 22:35:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/09/03 02:39:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
[2011/09/02 15:48:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}(2)
[2011/09/02 15:47:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{94D867E5-DFF5-4374-ADEE-C3F5BE97F03A}
[2011/10/14 02:33:57 | 000,032,606 | ---- | M] () -- C:\WINDOWS\Tasks\SchedLgU.Txt

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/12/03 19:08:28 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/09/16 17:12:29 | 000,000,222 | -HS- | M] () -- C:\boot.ini
[2010/12/03 19:08:28 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/12/03 19:08:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/12/03 19:08:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2007/02/18 05:00:00 | 000,047,772 | RHS- | M] () -- C:\NTDETECT.COM
[2007/02/18 05:00:00 | 000,297,072 | RHS- | M] () -- C:\ntldr
[2011/10/16 15:33:01 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Alternate Data Streams ==========

@Alternate Data Stream - 148 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9

< End of report >


*****************************TDSS: Nothing found

18:48:41.0828 2108 TDSS rootkit removing tool 2.6.9.0 Oct 14 2011 11:33:24
18:48:43.0469 2108 ============================================================
18:48:43.0469 2108 Current date / time: 2011/10/16 18:48:43.0469
18:48:43.0469 2108 SystemInfo:
18:48:43.0469 2108
18:48:43.0469 2108 OS Version: 5.2.3790 ServicePack: 2.0
18:48:43.0469 2108 Product type: Workstation
18:48:43.0469 2108 ComputerName: USER-14D1B69C21
18:48:43.0469 2108 UserName: Administrator
18:48:43.0469 2108 Windows directory: C:\WINDOWS
18:48:43.0469 2108 System windows directory: C:\WINDOWS
18:48:43.0469 2108 Running under WOW64
18:48:43.0469 2108 Processor architecture: Intel x64
18:48:43.0469 2108 Number of processors: 4
18:48:43.0469 2108 Page size: 0x1000
18:48:43.0469 2108 Boot type: Normal boot
18:48:43.0469 2108 ============================================================
18:48:44.0672 2108 Initialize success
18:48:55.0860 3636 ============================================================
18:48:55.0860 3636 Scan started
18:48:55.0860 3636 Mode: Manual;
18:48:55.0860 3636 ============================================================
18:49:03.0047 3636 16994500 (e656fe10d6d27794afa08136685a69e8) C:\WINDOWS\system32\DRIVERS\16994500.sys
18:49:04.0016 3636 16994500 - ok
18:49:04.0313 3636 7482648drv (fdddb889e2bce3578f42016d5328cb2b) C:\WINDOWS\system32\DRIVERS\7482648drv.sys
18:49:04.0313 3636 7482648drv - ok
18:49:04.0453 3636 Abiosdsk - ok
18:49:04.0750 3636 ACPI (0cc42d1fb637112de6f6196ddaf83dec) C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:49:04.0844 3636 ACPI - ok
18:49:05.0000 3636 ACPIEC (a4d4f508bc6613442b0c32cde443e382) C:\WINDOWS\system32\drivers\ACPIEC.sys
18:49:05.0016 3636 ACPIEC - ok
18:49:05.0141 3636 adpu160m - ok
18:49:05.0281 3636 adpu320 - ok
18:49:05.0500 3636 aec (92500bc3a6e241bbc357f532dd500a75) C:\WINDOWS\system32\drivers\aec.sys
18:49:05.0547 3636 aec - ok
18:49:05.0797 3636 AFD (69be58f000aa275e656611ef2919f3ce) C:\WINDOWS\System32\drivers\afd.sys
18:49:05.0797 3636 AFD - ok
18:49:05.0969 3636 aic78u2 - ok
18:49:06.0156 3636 aic78xx - ok
18:49:06.0297 3636 AliIde - ok
18:49:07.0016 3636 Ambfilt64 (1dfc5d5cd2e655d67c9cb0e4e8b2cb72) C:\WINDOWS\system32\drivers\Ambft64.sys
18:49:07.0610 3636 Ambfilt64 - ok
18:49:07.0750 3636 AmdIde - ok
18:49:07.0938 3636 arc - ok
18:49:08.0078 3636 Aspi32 - ok
18:49:08.0125 3636 ASTRA64 (748b2514db1438fe16a2ddb56bfcf011) C:\Program Files (x86)\ASTRA32\ASTRA64.sys
18:49:08.0125 3636 ASTRA64 - ok
18:49:08.0328 3636 aswFsBlk (5a68b880c16ad5a6aa20b49a47ffff24) C:\WINDOWS\system32\drivers\aswFsBlk.sys
18:49:08.0328 3636 aswFsBlk - ok
18:49:08.0500 3636 aswMonFlt (230613be2d3da8053879be5ed2848f2d) C:\WINDOWS\system32\drivers\aswMonFlt.sys
18:49:08.0500 3636 aswMonFlt - ok
18:49:08.0656 3636 aswRdr (0dc1996ae4178d7d14744ef6b3082313) C:\WINDOWS\system32\drivers\aswRdr.sys
18:49:08.0656 3636 aswRdr - ok
18:49:08.0969 3636 aswSnx (b6ff911c23775cdfdd49612d92637af4) C:\WINDOWS\system32\drivers\aswSnx.sys
18:49:08.0969 3636 aswSnx - ok
18:49:09.0203 3636 aswSP (5a590d8516376aed1829fc07d3bdaa4b) C:\WINDOWS\system32\drivers\aswSP.sys
18:49:09.0203 3636 aswSP - ok
18:49:09.0375 3636 aswTdi (3239c0082fb0c1c4ee323730b85690a5) C:\WINDOWS\system32\drivers\aswTdi.sys
18:49:09.0375 3636 aswTdi - ok
18:49:09.0547 3636 AsyncMac (7380acdd2d8e6621392e56d9a0467fe4) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:49:09.0547 3636 AsyncMac - ok
18:49:09.0735 3636 atapi (7a1814d0d112f50f828e25557a1ed29f) C:\WINDOWS\system32\DRIVERS\atapi.sys
18:49:09.0735 3636 atapi - ok
18:49:09.0860 3636 Atdisk - ok
18:49:12.0328 3636 ati2mtag (7b5d98845abc01b96579d8d712831a40) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
18:49:14.0531 3636 ati2mtag - ok
18:49:14.0735 3636 AtiHdmiService (92712e79daf6e0fecc6b85e23289385a) C:\WINDOWS\system32\drivers\AtiHdmi.sys
18:49:14.0766 3636 AtiHdmiService - ok
18:49:14.0969 3636 Atmarpc (62d65fce5695b53a2ddf92e83111ea06) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:49:15.0000 3636 Atmarpc - ok
18:49:15.0156 3636 audstub (1437089f59dba75fee4ed959077a938e) C:\WINDOWS\system32\DRIVERS\audstub.sys
18:49:15.0156 3636 audstub - ok
18:49:15.0375 3636 Beep (8ba2e5cdfde406dc4646afb894804844) C:\WINDOWS\system32\drivers\Beep.sys
18:49:15.0375 3636 Beep - ok
18:49:15.0531 3636 CdaC15BA (982563cf02cd6d4e5d8e0f4b5cbb9b6a) C:\WINDOWS\system32\DRIVERS\CdaC15BA.sys
18:49:15.0531 3636 CdaC15BA - ok
18:49:15.0688 3636 CdaD10BA (9067d96899d98ca4535a76e8c8b2e3a5) C:\WINDOWS\system32\DRIVERS\CdaD10BA.sys
18:49:15.0688 3636 CdaD10BA - ok
18:49:15.0875 3636 Cdfs (4d99e36322fb51a8d1b2b6d6b69d9889) C:\WINDOWS\system32\drivers\Cdfs.sys
18:49:15.0906 3636 Cdfs - ok
18:49:16.0063 3636 Cdrom (11663fe50e499ffee77979542b285f38) C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:49:16.0094 3636 Cdrom - ok
18:49:16.0235 3636 Changer - ok
18:49:16.0375 3636 CmdIde - ok
18:49:16.0531 3636 Compbatt (35f6977863f97d80d3e30f8ff0c293a4) C:\WINDOWS\system32\DRIVERS\compbatt.sys
18:49:16.0547 3636 Compbatt - ok
18:49:16.0703 3636 crcdisk (423f7a6e3af4c2a73c8c8ad945f72cba) C:\WINDOWS\system32\DRIVERS\crcdisk.sys
18:49:16.0703 3636 crcdisk - ok
18:49:16.0906 3636 Disk (417d7b9c6f36685a417e54690f8bd7b2) C:\WINDOWS\system32\DRIVERS\disk.sys
18:49:16.0922 3636 Disk - ok
18:49:17.0235 3636 dmboot (19d704c92c2e2bd4dc99db18a3523918) C:\WINDOWS\system32\drivers\dmboot.sys
18:49:17.0360 3636 dmboot - ok
18:49:17.0578 3636 dmio (b293ce1c9243219f6b9e5dbcaa75b962) C:\WINDOWS\system32\drivers\dmio.sys
18:49:17.0641 3636 dmio - ok
18:49:17.0781 3636 dmload (c294e31d6cb7407a43c96ec1fec1f8a4) C:\WINDOWS\system32\drivers\dmload.sys
18:49:17.0781 3636 dmload - ok
18:49:17.0922 3636 dpti2o - ok
18:49:18.0141 3636 Fastfat (7c713b9f6f968f135d3d819492882cdd) C:\WINDOWS\system32\drivers\Fastfat.sys
18:49:18.0203 3636 Fastfat - ok
18:49:18.0375 3636 Fdc (7e35d423ff10ab5b8af1d3de86236690) C:\WINDOWS\system32\DRIVERS\fdc.sys
18:49:18.0391 3636 Fdc - ok
18:49:18.0547 3636 Fips (73ea9000f8fb2e060954eb7c3377a3c7) C:\WINDOWS\system32\drivers\Fips.sys
18:49:18.0547 3636 Fips - ok
18:49:18.0703 3636 Flpydisk (8ac77974378eac3548330951a5deeebf) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:49:18.0719 3636 Flpydisk - ok
18:49:18.0969 3636 FltMgr (087db260f98056ac40261acae4240882) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
18:49:19.0016 3636 FltMgr - ok
18:49:19.0172 3636 Fs_Rec (70df80567a55a97894b4e8952ec5e7fc) C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:49:19.0172 3636 Fs_Rec - ok
18:49:19.0422 3636 Ftdisk (e90aa7c073519dd8571670818cb85ccb) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:49:19.0485 3636 Ftdisk - ok
18:49:19.0547 3636 gdrv (5ea3b256225d79a4b07a2cac6276b23d) C:\WINDOWS\gdrv.sys
18:49:19.0547 3636 gdrv - ok
18:49:19.0719 3636 Gpc (865d4d0b4e3730ef8040000cfb846d9f) C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:49:19.0735 3636 Gpc - ok
18:49:19.0953 3636 HDAudBus (d36e47728cdbc8d17a77d36a6cbc29bb) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:49:20.0031 3636 HDAudBus - ok
18:49:20.0188 3636 HidBatt (ddd74d94d018bcb66ca31e4533925695) C:\WINDOWS\system32\DRIVERS\HidBatt.sys
18:49:20.0203 3636 HidBatt - ok
18:49:20.0422 3636 hidusb (f32bec5614a61bbb2bede070d279f88b) C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:49:20.0438 3636 hidusb - ok
18:49:20.0750 3636 HTTP (b54738df11d0e06072bf9c332db1d254) C:\WINDOWS\system32\Drivers\HTTP.sys
18:49:20.0891 3636 HTTP - ok
18:49:21.0219 3636 i2omgmt - ok
18:49:21.0438 3636 i8042prt (50fd608643d9b56c4c75c0784513f77e) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:49:21.0485 3636 i8042prt - ok
18:49:21.0844 3636 iirsp - ok
18:49:24.0875 3636 imapi (d2e541613b72ff9fcedf37b166930706) C:\WINDOWS\system32\DRIVERS\imapi.sys
18:49:24.0891 3636 imapi - ok
18:49:26.0938 3636 IntcAzAudAddService (a8ef688c0ca71cf4d10bd3f8aef0b75a) C:\WINDOWS\system32\drivers\RTKHDA64.SYS
18:49:26.0969 3636 IntcAzAudAddService - ok
18:49:27.0110 3636 IntelIde - ok
18:49:27.0281 3636 intelppm (f8def5f83def3d1ee89bc851bfb6a886) C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:49:27.0297 3636 intelppm - ok
18:49:27.0547 3636 Ip6Fw (6601a43ee389d0adb11aaede9a98036b) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
18:49:27.0563 3636 Ip6Fw - ok
18:49:27.0719 3636 IpFilterDriver (1b1b4654a5492a42d2e1bf5b2b22d32b) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:49:27.0735 3636 IpFilterDriver - ok
18:49:27.0875 3636 IpInIp - ok
18:49:28.0078 3636 IpNat (088ecb04137df1f52ec10c29d57a8cca) C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:49:28.0141 3636 IpNat - ok
18:49:28.0313 3636 IPSec (db841ec6f027c780002ef47aabfddf86) C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:49:28.0360 3636 IPSec - ok
18:49:28.0563 3636 IRENUM (8b7015ea0171242cca03c2fb48ccc771) C:\WINDOWS\system32\DRIVERS\irenum.sys
18:49:28.0563 3636 IRENUM - ok
18:49:28.0719 3636 isapnp (d994162e4d8e931fc16a892a87852bbb) C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:49:28.0735 3636 isapnp - ok
18:49:29.0000 3636 Kbdclass (e85095372008a9194c7ed6206cb782da) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:49:29.0000 3636 Kbdclass - ok
18:49:29.0156 3636 kbdhid (f96d8cec38efd64aaf41976d214fc54e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:49:29.0172 3636 kbdhid - ok
18:49:29.0375 3636 kmixer (1b280b3b4c10cc2e3ec3aec17eb6b658) C:\WINDOWS\system32\drivers\kmixer.sys
18:49:29.0438 3636 kmixer - ok
18:49:29.0641 3636 KSecDD (4d9faef159d1e704d3d8986b6831838b) C:\WINDOWS\system32\drivers\KSecDD.sys
18:49:29.0688 3636 KSecDD - ok
18:49:29.0844 3636 ksthunk (5cb302b6caace41af70c34b56eb3db23) C:\WINDOWS\system32\drivers\ksthunk.sys
18:49:29.0860 3636 ksthunk - ok
18:49:34.0641 3636 LADF_CaptureOnly (ce4347e2d90db2e5517b6f2bc720a862) C:\WINDOWS\system32\DRIVERS\ladfGSCamd64.sys
18:49:34.0656 3636 LADF_CaptureOnly - ok
18:49:34.0922 3636 LADF_DHP2 (86dcbf8a41c78561a1da07ab5e7b1ccc) C:\WINDOWS\system32\DRIVERS\ladfDHP2amd64.sys
18:49:34.0938 3636 LADF_DHP2 - ok
18:49:35.0172 3636 LADF_RenderOnly (85a9d21d3ae2ea963e111cb150895877) C:\WINDOWS\system32\DRIVERS\ladfGSRamd64.sys
18:49:35.0172 3636 LADF_RenderOnly - ok
18:49:35.0485 3636 LADF_SBVM (175c04c7813ce64616b5cb046e5e1383) C:\WINDOWS\system32\DRIVERS\ladfSBVMamd64.sys
18:49:35.0656 3636 LADF_SBVM - ok
18:49:35.0813 3636 LBeepKE (97db2f5e439b7dd56c168553d7829547) C:\WINDOWS\system32\Drivers\LBeepKE.sys
18:49:35.0813 3636 LBeepKE - ok
18:49:35.0985 3636 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\WINDOWS\system32\drivers\LGVirHid.sys
18:49:35.0985 3636 LGVirHid - ok
18:49:36.0141 3636 LHidFilt (24e09882ba51b9830ae029888a3aaf18) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
18:49:36.0156 3636 LHidFilt - ok
18:49:39.0406 3636 LMouFilt (2f94325d8c10e2b715f3d753c2422aac) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
18:49:40.0625 3636 LMouFilt - ok
18:49:42.0203 3636 mnmdd (ad6bc1efa0c1b53409947f06de87fc89) C:\WINDOWS\system32\drivers\mnmdd.sys
18:49:42.0328 3636 mnmdd - ok
18:49:43.0719 3636 Modem (9a67a96a0cbc2bc658abf8c9b5ee065a) C:\WINDOWS\system32\drivers\Modem.sys
18:49:43.0844 3636 Modem - ok
18:49:47.0016 3636 Monfilt64 (caa4bd0fbf4bbc0c259146e1ffd00c24) C:\WINDOWS\system32\drivers\Monft64.sys
18:49:53.0281 3636 Monfilt64 - ok
18:49:54.0500 3636 Mouclass (12acf32edf03e46805347817acb9f64c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:49:54.0516 3636 Mouclass - ok
18:49:55.0625 3636 mouhid (a0c4e4a79c5d6f418315c33177f2b5bc) C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:49:55.0719 3636 mouhid - ok
18:49:56.0641 3636 MountMgr (7e9cc7e4282a8e7a480560a6f817c177) C:\WINDOWS\system32\drivers\MountMgr.sys
18:49:56.0860 3636 MountMgr - ok
18:49:57.0563 3636 mraid35x - ok
18:49:58.0313 3636 MRxDAV (3d33208e5a7414d8633d34d24f119173) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:49:58.0375 3636 MRxDAV - ok
18:49:58.0531 3636 Msfs (983f4ab7a50d56cd33e2061ee733bd55) C:\WINDOWS\system32\drivers\Msfs.sys
18:49:58.0547 3636 Msfs - ok
18:49:58.0703 3636 MSKSSRV (308ec6fbef38871cb2c4cace9c8f4808) C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:49:58.0719 3636 MSKSSRV - ok
18:49:59.0266 3636 MSPCLOCK (8d3226738479719aab3b6d2617d7a55c) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:49:59.0391 3636 MSPCLOCK - ok
18:50:00.0406 3636 MSPQM (058d63e8d000ae678d4549bfa8eb0deb) C:\WINDOWS\system32\drivers\MSPQM.sys
18:50:00.0516 3636 MSPQM - ok
18:50:01.0656 3636 mssmbios (5992d1f9ed64017a76afee2b79f5cfb9) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:50:01.0766 3636 mssmbios - ok
18:50:03.0141 3636 MTsensor (cac3bb575e4a0417bff28d3196e44d3a) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
18:50:03.0141 3636 MTsensor - ok
18:50:04.0531 3636 Mup (5902c8e565fe346076786f43103ef02e) C:\WINDOWS\system32\drivers\Mup.sys
18:50:05.0203 3636 Mup - ok
18:50:09.0688 3636 NDIS (6fe83d05aebef7930d7ce91568dc99df) C:\WINDOWS\system32\drivers\NDIS.sys
18:50:10.0360 3636 NDIS - ok
18:50:11.0531 3636 NdisTapi (389cfab53aa9807ea4536cb0b03609c3) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:50:11.0531 3636 NdisTapi - ok
18:50:12.0578 3636 Ndisuio (49c1207c1ae8c6958f1c1747132814c2) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:50:12.0688 3636 Ndisuio - ok
18:50:13.0953 3636 NdisWan (6157a7aeae6d2b948ff2e872ffac765b) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:50:14.0313 3636 NdisWan - ok
18:50:15.0344 3636 NDProxy (01b8acf7c9afa9005db6378077137bce) C:\WINDOWS\system32\drivers\NDProxy.sys
18:50:15.0938 3636 NDProxy - ok
18:50:19.0313 3636 NetBT (fedaafb6cd700b9e0787c94d81c07db5) C:\WINDOWS\system32\DRIVERS\netbt.sys
18:50:20.0422 3636 NetBT - ok
18:50:23.0094 3636 Npfs (81819038621a2c524781ec503d400287) C:\WINDOWS\system32\drivers\Npfs.sys
18:50:23.0688 3636 Npfs - ok
18:50:27.0656 3636 Ntfs (c8904b5f90ab2236692e83d491c4d426) C:\WINDOWS\system32\drivers\Ntfs.sys
18:50:28.0906 3636 Ntfs - ok
18:50:33.0156 3636 Null (501039187c444fa7ab9d97b6a6c667b3) C:\WINDOWS\system32\drivers\Null.sys
18:50:33.0156 3636 Null - ok
18:50:35.0969 3636 Parport (7ddaa09186da9f1d304e819b5a6bbc5a) C:\WINDOWS\system32\DRIVERS\parport.sys
18:50:36.0094 3636 Parport - ok
18:50:36.0953 3636 PartMgr (5f9a703240468a0c35a629d17ffca847) C:\WINDOWS\system32\drivers\PartMgr.sys
18:50:37.0094 3636 PartMgr - ok
18:50:38.0391 3636 PCI (5b2c8d6971d8df4937c2fa013cd4c00d) C:\WINDOWS\system32\DRIVERS\pci.sys
18:50:38.0641 3636 PCI - ok
18:50:39.0656 3636 PCIIde (f1978c7849a0047306db3b8bb94f0764) C:\WINDOWS\system32\DRIVERS\pciide.sys
18:50:39.0672 3636 PCIIde - ok
18:50:40.0922 3636 Pcmcia (037f3a19f49a4c6a320c4154ebd6ee9d) C:\WINDOWS\system32\drivers\Pcmcia.sys
18:50:41.0297 3636 Pcmcia - ok
18:50:41.0860 3636 PDCOMP - ok
18:50:42.0110 3636 PDFRAME - ok
18:50:42.0297 3636 PDRELI - ok
18:50:42.0485 3636 PDRFRAME - ok
18:50:42.0688 3636 PptpMiniport (e176f640ee6bf550f61faa9ce9a683f4) C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:50:42.0719 3636 PptpMiniport - ok
18:50:42.0891 3636 PSched (01aae06e543c0956ac247546a8f2dafe) C:\WINDOWS\system32\DRIVERS\psched.sys
18:50:42.0922 3636 PSched - ok
18:50:43.0078 3636 Ptilink (35e39a969d227c2a56c1dc98361d8e35) C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:50:43.0078 3636 Ptilink - ok
18:50:43.0266 3636 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\WINDOWS\system32\Drivers\PxHlpa64.sys
18:50:43.0281 3636 PxHlpa64 - ok
18:50:43.0438 3636 RasAcd (d646a315e6386dac1d96c8ce8a4bfee7) C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:50:43.0453 3636 RasAcd - ok
18:50:43.0641 3636 Rasl2tp (d81fdc53ee9c0f68d709e504342d1d74) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:50:43.0688 3636 Rasl2tp - ok
18:50:43.0860 3636 RasPppoe (31fa5ab662c58cc5cf92396224f6b29a) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:50:43.0875 3636 RasPppoe - ok
18:50:44.0031 3636 Raspti (701493f9a6ede759af8d3fa7c08bab3b) C:\WINDOWS\system32\DRIVERS\raspti.sys
18:50:44.0031 3636 Raspti - ok
18:50:44.0188 3636 RDPCDD (c013379d04060318c3b2e4967d82739a) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:50:44.0188 3636 RDPCDD - ok
18:50:44.0438 3636 rdpdr (0482a9be0be2098a12a61464306bf24b) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:50:44.0531 3636 rdpdr - ok
18:50:44.0750 3636 RDPWD (a7b23272893f8c98c74b3a2fa54a9491) C:\WINDOWS\system32\drivers\RDPWD.sys
18:50:44.0813 3636 RDPWD - ok
18:50:44.0985 3636 redbook (1d793394201000d2d56e848c18fe9a62) C:\WINDOWS\system32\DRIVERS\redbook.sys
18:50:45.0016 3636 redbook - ok
18:50:45.0266 3636 RTLE8023x64 (2fd03fee1e85d3e9cce7d24cd3cc750a) C:\WINDOWS\system32\DRIVERS\Rtenic64.sys
18:50:45.0266 3636 RTLE8023x64 - ok
18:50:45.0328 3636 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
18:50:45.0328 3636 SASDIFSV - ok
18:50:45.0344 3636 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
18:50:45.0344 3636 SASKUTIL - ok
18:50:45.0516 3636 Secdrv (3ea8a16169c26afbeb544e0e48421186) C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:50:45.0516 3636 Secdrv - ok
18:50:45.0688 3636 serenum (111b29f3fcf9fb61c903a01e3706f7dc) C:\WINDOWS\system32\DRIVERS\serenum.sys
18:50:45.0688 3636 serenum - ok
18:50:45.0875 3636 Serial (c0dc97399576fccff5fe877ec2d8dacc) C:\WINDOWS\system32\DRIVERS\serial.sys
18:50:45.0906 3636 Serial - ok
18:50:46.0172 3636 Sfloppy (c6eacc8920a31b8d5842d1f7a28e2113) C:\WINDOWS\system32\drivers\Sfloppy.sys
18:50:46.0172 3636 Sfloppy - ok
18:50:46.0313 3636 Simbad - ok
18:50:46.0469 3636 speedfan (12583af6cbe0050651eaf2723b3ad7b3) C:\WINDOWS\SysWOW64\speedfan.sys
18:50:46.0469 3636 speedfan - ok
18:50:46.0641 3636 splitter (17ec29105989101db536c49e1279a0eb) C:\WINDOWS\system32\drivers\splitter.sys
18:50:46.0641 3636 splitter - ok
18:50:46.0828 3636 sr (dae1d5553d42a06034001d6ef4f5cb36) C:\WINDOWS\system32\DRIVERS\sr.sys
18:50:46.0860 3636 sr - ok
18:50:47.0266 3636 Srv (2a08328562d0ba596b699eeb90b511d1) C:\WINDOWS\system32\DRIVERS\srv.sys
18:50:47.0453 3636 Srv - ok
18:50:47.0610 3636 swenum (b6536185feeb8f0c86ad3bf2fbab4f2f) C:\WINDOWS\system32\DRIVERS\swenum.sys
18:50:47.0610 3636 swenum - ok
18:50:47.0781 3636 swmidi (8e9e35b36a27ad154a5f92397cde343c) C:\WINDOWS\system32\drivers\swmidi.sys
18:50:47.0813 3636 swmidi - ok
18:50:47.0985 3636 symc8xx - ok
18:50:48.0125 3636 symmpi - ok
18:50:48.0281 3636 sym_hi - ok
18:50:48.0422 3636 sym_u3 - ok
18:50:48.0610 3636 sysaudio (2e843f129daf4c789df7acd40e26208f) C:\WINDOWS\system32\drivers\sysaudio.sys
18:50:48.0656 3636 sysaudio - ok
18:50:51.0360 3636 Tcpip (34d970b38e9e835009e1ad07c5422b58) C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:50:56.0422 3636 Tcpip - ok
18:50:59.0156 3636 TDPIPE (da1e9cd22238fa4db565ef41c7312e1b) C:\WINDOWS\system32\drivers\TDPIPE.sys
18:50:59.0172 3636 TDPIPE - ok
18:50:59.0344 3636 TDTCP (47d24ebb1c442dcc18d89b8b89bafb49) C:\WINDOWS\system32\drivers\TDTCP.sys
18:50:59.0344 3636 TDTCP - ok
18:50:59.0578 3636 TermDD (8ab9ad44907d4c57ad10e175c8720ecf) C:\WINDOWS\system32\DRIVERS\termdd.sys
18:50:59.0578 3636 TermDD - ok
18:50:59.0719 3636 TosIde - ok
18:50:59.0922 3636 Udfs (a6dd2dfcc44ec61d18aa645620cd8f63) C:\WINDOWS\system32\drivers\Udfs.sys
18:50:59.0953 3636 Udfs - ok
18:51:00.0094 3636 ultra - ok
18:51:00.0281 3636 Update (1446762923434d2a9c315325cf4770c8) C:\WINDOWS\system32\DRIVERS\update.sys
18:51:00.0313 3636 Update - ok
18:51:00.0500 3636 usbaudio (88354ba123549c6b0016592866063837) C:\WINDOWS\system32\drivers\usbaudio.sys
18:51:00.0531 3636 usbaudio - ok
18:51:00.0703 3636 usbccgp (3421b0691a0e365a020836369a296f0c) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:51:00.0719 3636 usbccgp - ok
18:51:00.0891 3636 usbehci (ae6521a1c79fc955ff26be9ca5521b51) C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:51:00.0906 3636 usbehci - ok
18:51:01.0078 3636 usbhub (d63cb1b59d54f9c2bb8a4107584a664f) C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:51:01.0094 3636 usbhub - ok
18:51:01.0250 3636 usbstor (edce8a162e8023fd1751e08e23e41948) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:51:01.0250 3636 usbstor - ok
18:51:01.0406 3636 usbuhci (4b7b4a2cc997c482a0aa7ca663af62a0) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:51:01.0422 3636 usbuhci - ok
18:51:01.0563 3636 uze4odkz - ok
18:51:01.0703 3636 vde4odkz - ok
18:51:01.0875 3636 vga (b40cfd2ffdd838b0ce0c35ee449407bd) C:\WINDOWS\system32\DRIVERS\vgapnp.sys
18:51:01.0891 3636 vga - ok
18:51:02.0047 3636 VgaSave (78ebfe6f11f10db8237b910e9158ca91) C:\WINDOWS\System32\drivers\vga.sys
18:51:02.0110 3636 VgaSave - ok
18:51:02.0250 3636 ViaIde - ok
18:51:02.0500 3636 VolSnap (fd6d28d1bbf31c719d9c5ec2d20fb5c2) C:\WINDOWS\system32\DRIVERS\volsnap.sys
18:51:02.0578 3636 VolSnap - ok
18:51:02.0766 3636 Wanarp (d2a01d73fe4a455c1d741b48c56763b2) C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:51:02.0781 3636 Wanarp - ok
18:51:03.0188 3636 Wdf01000 (96828942a117562d573dae9844188701) C:\WINDOWS\system32\Drivers\wdf01000.sys
18:51:03.0406 3636 Wdf01000 - ok
18:51:03.0547 3636 WDICA - ok
18:51:03.0750 3636 wdmaud (daff7e89c84079022b9606f83e1bd29a) C:\WINDOWS\system32\drivers\wdmaud.sys
18:51:03.0797 3636 wdmaud - ok
18:51:04.0000 3636 WudfPf (3f98a4e57933963cf2a941bb48f9d47a) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:51:04.0031 3636 WudfPf - ok
18:51:04.0219 3636 WudfRd (881c0c35cdd09077b0e95ec2269cb44c) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:51:04.0250 3636 WudfRd - ok
18:51:04.0266 3636 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
18:51:04.0516 3636 \Device\Harddisk0\DR0 - ok
18:51:04.0531 3636 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
18:51:04.0531 3636 \Device\Harddisk1\DR1 - ok
18:51:04.0531 3636 Boot (0x1200) (af6dccc902580fcba1fb8ad676e589f3) \Device\Harddisk0\DR0\Partition0
18:51:04.0531 3636 \Device\Harddisk0\DR0\Partition0 - ok
18:51:04.0531 3636 Boot (0x1200) (a1cd53f9ffa5321073824c874ecb3d90) \Device\Harddisk1\DR1\Partition0
18:51:04.0531 3636 \Device\Harddisk1\DR1\Partition0 - ok
18:51:04.0531 3636 ============================================================
18:51:04.0531 3636 Scan finished
18:51:04.0531 3636 ============================================================
18:51:04.0547 1964 Detected object count: 0
18:51:04.0547 1964 Actual detected object count: 0


AVP: Still scanning.... 4 hours left... maybe more.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP