Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Problems with my computer....can anyone tell me what my OTL log means?

Started by mojoanna1 , Oct 16 2011 03:43 PM

This topic is locked

#16
mojoanna1

Posted 19 October 2011 - 06:55 PM

Member

Topic Starter
Member
30 posts

Hey Maliprog,
Just got home from work. I will answer your questions first, then I will follow the steps you directed me to do and then I will post results when complete.
Thanks again and hope you are having a great evening.

Mojoanna1

#17
mojoanna1

Posted 19 October 2011 - 06:59 PM

Member

Topic Starter
Member
30 posts

Maliprog,

Do you use router to to access internet? Yes I have a wireless router.

Do you have any other PCs connected to that router and does they get redirected? No, just my laptop.

Do you get redirected in all browsers you use or this redirection only effect one browser? Yes, from both Firefox and Internet Explorer.

#18
mojoanna1

Posted 19 October 2011 - 07:21 PM

Member

Topic Starter
Member
30 posts

Hey Maliprog, Here's the log from TDSSkiller:

21:07:58.0351 5300 TDSS rootkit removing tool 2.6.11.0 Oct 19 2011 13:50:27
21:07:58.0633 5300 ============================================================
21:07:58.0633 5300 Current date / time: 2011/10/19 21:07:58.0633
21:07:58.0633 5300 SystemInfo:
21:07:58.0633 5300
21:07:58.0633 5300 OS Version: 6.0.6002 ServicePack: 2.0
21:07:58.0633 5300 Product type: Workstation
21:07:58.0633 5300 ComputerName: CYA
21:07:58.0633 5300 UserName: CYA
21:07:58.0633 5300 Windows directory: C:\Windows
21:07:58.0634 5300 System windows directory: C:\Windows
21:07:58.0634 5300 Processor architecture: Intel x86
21:07:58.0634 5300 Number of processors: 2
21:07:58.0634 5300 Page size: 0x1000
21:07:58.0634 5300 Boot type: Normal boot
21:07:58.0634 5300 ============================================================
21:07:59.0892 5300 Initialize success
21:08:48.0054 4444 ============================================================
21:08:48.0054 4444 Scan started
21:08:48.0054 4444 Mode: Manual;
21:08:48.0054 4444 ============================================================
21:08:50.0495 4444 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
21:08:50.0500 4444 ACPI - ok
21:08:50.0556 4444 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
21:08:50.0560 4444 adp94xx - ok
21:08:50.0633 4444 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
21:08:50.0639 4444 adpahci - ok
21:08:50.0661 4444 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
21:08:50.0663 4444 adpu160m - ok
21:08:50.0687 4444 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
21:08:50.0689 4444 adpu320 - ok
21:08:50.0801 4444 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
21:08:50.0804 4444 AFD - ok
21:08:50.0858 4444 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
21:08:50.0860 4444 agp440 - ok
21:08:50.0883 4444 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
21:08:50.0884 4444 aic78xx - ok
21:08:50.0919 4444 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
21:08:50.0920 4444 aliide - ok
21:08:50.0941 4444 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
21:08:50.0943 4444 amdagp - ok
21:08:50.0972 4444 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
21:08:50.0973 4444 amdide - ok
21:08:51.0015 4444 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
21:08:51.0016 4444 AmdK7 - ok
21:08:51.0036 4444 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
21:08:51.0037 4444 AmdK8 - ok
21:08:51.0108 4444 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
21:08:51.0109 4444 arc - ok
21:08:51.0170 4444 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
21:08:51.0171 4444 arcsas - ok
21:08:51.0209 4444 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
21:08:51.0210 4444 AsyncMac - ok
21:08:51.0248 4444 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
21:08:51.0249 4444 atapi - ok
21:08:51.0324 4444 athr (fa4e39b289d3a9606f03c90a933b2b1f) C:\Windows\system32\DRIVERS\athr.sys
21:08:51.0336 4444 athr - ok
21:08:51.0439 4444 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
21:08:51.0447 4444 BCM43XV - ok
21:08:51.0513 4444 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
21:08:51.0513 4444 Beep - ok
21:08:51.0572 4444 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
21:08:51.0574 4444 blbdrive - ok
21:08:51.0665 4444 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
21:08:51.0667 4444 bowser - ok
21:08:51.0709 4444 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
21:08:51.0710 4444 BrFiltLo - ok
21:08:51.0737 4444 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
21:08:51.0737 4444 BrFiltUp - ok
21:08:51.0770 4444 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
21:08:51.0772 4444 Brserid - ok
21:08:51.0803 4444 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
21:08:51.0804 4444 BrSerWdm - ok
21:08:51.0827 4444 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
21:08:51.0827 4444 BrUsbMdm - ok
21:08:51.0858 4444 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
21:08:51.0859 4444 BrUsbSer - ok
21:08:51.0926 4444 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
21:08:51.0927 4444 BthEnum - ok
21:08:51.0951 4444 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
21:08:51.0952 4444 BTHMODEM - ok
21:08:51.0977 4444 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
21:08:51.0980 4444 BthPan - ok
21:08:52.0051 4444 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
21:08:52.0057 4444 BTHPORT - ok
21:08:52.0107 4444 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
21:08:52.0108 4444 BTHUSB - ok
21:08:52.0170 4444 btwaudio (99aeea7cefdfc6e4151a8f620d682088) C:\Windows\system32\drivers\btwaudio.sys
21:08:52.0172 4444 btwaudio - ok
21:08:52.0236 4444 btwavdt (195872e48a7fb01f8bc9b800f70f4054) C:\Windows\system32\drivers\btwavdt.sys
21:08:52.0238 4444 btwavdt - ok
21:08:52.0268 4444 btwrchid (0724e7d6c9b6a289eddda33fa8176e80) C:\Windows\system32\DRIVERS\btwrchid.sys
21:08:52.0270 4444 btwrchid - ok
21:08:52.0372 4444 catchme - ok
21:08:52.0456 4444 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
21:08:52.0458 4444 cdfs - ok
21:08:52.0519 4444 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
21:08:52.0521 4444 cdrom - ok
21:08:52.0546 4444 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
21:08:52.0548 4444 circlass - ok
21:08:52.0606 4444 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
21:08:52.0610 4444 CLFS - ok
21:08:52.0669 4444 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
21:08:52.0670 4444 CmBatt - ok
21:08:52.0693 4444 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
21:08:52.0694 4444 cmdide - ok
21:08:52.0740 4444 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
21:08:52.0741 4444 Compbatt - ok
21:08:52.0774 4444 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
21:08:52.0775 4444 crcdisk - ok
21:08:52.0806 4444 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
21:08:52.0808 4444 Crusoe - ok
21:08:52.0905 4444 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
21:08:52.0906 4444 DfsC - ok
21:08:53.0011 4444 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
21:08:53.0012 4444 disk - ok
21:08:53.0085 4444 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
21:08:53.0085 4444 drmkaud - ok
21:08:53.0144 4444 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
21:08:53.0153 4444 DXGKrnl - ok
21:08:53.0238 4444 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
21:08:53.0241 4444 E1G60 - ok
21:08:53.0338 4444 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
21:08:53.0341 4444 Ecache - ok
21:08:53.0414 4444 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
21:08:53.0418 4444 elxstor - ok
21:08:53.0450 4444 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
21:08:53.0451 4444 ErrDev - ok
21:08:53.0553 4444 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
21:08:53.0557 4444 exfat - ok
21:08:53.0626 4444 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
21:08:53.0630 4444 fastfat - ok
21:08:53.0665 4444 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
21:08:53.0666 4444 fdc - ok
21:08:53.0744 4444 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
21:08:53.0746 4444 FileInfo - ok
21:08:53.0774 4444 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
21:08:53.0775 4444 Filetrace - ok
21:08:53.0804 4444 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
21:08:53.0806 4444 flpydisk - ok
21:08:53.0852 4444 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
21:08:53.0856 4444 FltMgr - ok
21:08:53.0923 4444 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
21:08:53.0924 4444 Fs_Rec - ok
21:08:53.0978 4444 FTDIBUS (b283f1bc1ff852bd232449a4b3e3ce63) C:\Windows\system32\drivers\ftdibus.sys
21:08:53.0979 4444 FTDIBUS - ok
21:08:54.0017 4444 FTSER2K (678a73f56ddf84a08c31123c386e9967) C:\Windows\system32\drivers\ftser2k.sys
21:08:54.0019 4444 FTSER2K - ok
21:08:54.0045 4444 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
21:08:54.0046 4444 gagp30kx - ok
21:08:54.0093 4444 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:08:54.0094 4444 GEARAspiWDM - ok
21:08:54.0180 4444 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
21:08:54.0185 4444 HdAudAddService - ok
21:08:54.0246 4444 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:08:54.0252 4444 HDAudBus - ok
21:08:54.0272 4444 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
21:08:54.0273 4444 HidBth - ok
21:08:54.0294 4444 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
21:08:54.0295 4444 HidIr - ok
21:08:54.0332 4444 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
21:08:54.0334 4444 HidUsb - ok
21:08:54.0395 4444 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
21:08:54.0397 4444 HpCISSs - ok
21:08:54.0427 4444 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
21:08:54.0428 4444 HpqKbFiltr - ok
21:08:54.0455 4444 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys
21:08:54.0455 4444 HpqRemHid - ok
21:08:54.0540 4444 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
21:08:54.0547 4444 HSFHWAZL - ok
21:08:54.0622 4444 HSF_DPV (cc267848cb3508e72762be65734e764d) C:\Windows\system32\DRIVERS\HSX_DPV.sys
21:08:54.0641 4444 HSF_DPV - ok
21:08:54.0695 4444 HSXHWAZL (a2882945cc4b6e3e4e9e825590438888) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
21:08:54.0697 4444 HSXHWAZL - ok
21:08:54.0862 4444 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
21:08:54.0947 4444 HTTP - ok
21:08:55.0087 4444 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
21:08:55.0088 4444 i2omp - ok
21:08:55.0162 4444 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
21:08:55.0164 4444 i8042prt - ok
21:08:55.0195 4444 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
21:08:55.0197 4444 iaStorV - ok
21:08:55.0259 4444 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
21:08:55.0260 4444 iirsp - ok
21:08:55.0321 4444 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
21:08:55.0322 4444 intelide - ok
21:08:55.0347 4444 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
21:08:55.0348 4444 intelppm - ok
21:08:55.0372 4444 IpInIp - ok
21:08:55.0396 4444 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
21:08:55.0397 4444 IPMIDRV - ok
21:08:55.0434 4444 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
21:08:55.0436 4444 IPNAT - ok
21:08:55.0472 4444 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
21:08:55.0473 4444 IRENUM - ok
21:08:55.0505 4444 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
21:08:55.0507 4444 isapnp - ok
21:08:55.0561 4444 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
21:08:55.0563 4444 iScsiPrt - ok
21:08:55.0593 4444 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
21:08:55.0594 4444 iteatapi - ok
21:08:55.0657 4444 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
21:08:55.0659 4444 iteraid - ok
21:08:55.0678 4444 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:08:55.0679 4444 kbdclass - ok
21:08:55.0725 4444 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
21:08:55.0725 4444 kbdhid - ok
21:08:55.0785 4444 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
21:08:55.0793 4444 KSecDD - ok
21:08:55.0860 4444 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
21:08:55.0861 4444 lltdio - ok
21:08:55.0945 4444 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
21:08:55.0946 4444 LSI_FC - ok
21:08:55.0976 4444 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
21:08:55.0978 4444 LSI_SAS - ok
21:08:56.0035 4444 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
21:08:56.0037 4444 LSI_SCSI - ok
21:08:56.0074 4444 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
21:08:56.0075 4444 luafv - ok
21:08:56.0112 4444 MBAMProtector - ok
21:08:56.0196 4444 MBAMSwissArmy (b18225739ed9caa83ba2df966e9f43e8) C:\Windows\system32\drivers\mbamswissarmy.sys
21:08:56.0197 4444 MBAMSwissArmy - ok
21:08:56.0275 4444 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
21:08:56.0276 4444 mdmxsdk - ok
21:08:56.0330 4444 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
21:08:56.0332 4444 megasas - ok
21:08:56.0393 4444 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
21:08:56.0398 4444 MegaSR - ok
21:08:56.0434 4444 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
21:08:56.0435 4444 Modem - ok
21:08:56.0461 4444 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
21:08:56.0462 4444 monitor - ok
21:08:56.0507 4444 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
21:08:56.0508 4444 mouclass - ok
21:08:56.0546 4444 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
21:08:56.0548 4444 mouhid - ok
21:08:56.0571 4444 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
21:08:56.0573 4444 MountMgr - ok
21:08:56.0595 4444 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
21:08:56.0597 4444 mpio - ok
21:08:56.0635 4444 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
21:08:56.0636 4444 mpsdrv - ok
21:08:56.0673 4444 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
21:08:56.0674 4444 Mraid35x - ok
21:08:56.0725 4444 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
21:08:56.0727 4444 MRxDAV - ok
21:08:56.0779 4444 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:08:56.0781 4444 mrxsmb - ok
21:08:56.0824 4444 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:08:56.0827 4444 mrxsmb10 - ok
21:08:56.0865 4444 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:08:56.0868 4444 mrxsmb20 - ok
21:08:56.0897 4444 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
21:08:56.0898 4444 msahci - ok
21:08:56.0932 4444 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
21:08:56.0934 4444 msdsm - ok
21:08:56.0976 4444 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
21:08:56.0977 4444 Msfs - ok
21:08:57.0027 4444 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
21:08:57.0028 4444 msisadrv - ok
21:08:57.0107 4444 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
21:08:57.0108 4444 MSKSSRV - ok
21:08:57.0165 4444 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
21:08:57.0166 4444 MSPCLOCK - ok
21:08:57.0198 4444 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
21:08:57.0198 4444 MSPQM - ok
21:08:57.0245 4444 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
21:08:57.0248 4444 MsRPC - ok
21:08:57.0289 4444 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
21:08:57.0290 4444 mssmbios - ok
21:08:57.0319 4444 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
21:08:57.0320 4444 MSTEE - ok
21:08:57.0354 4444 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
21:08:57.0355 4444 Mup - ok
21:08:57.0432 4444 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
21:08:57.0434 4444 NativeWifiP - ok
21:08:57.0503 4444 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
21:08:57.0509 4444 NDIS - ok
21:08:57.0563 4444 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
21:08:57.0564 4444 NdisTapi - ok
21:08:57.0590 4444 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
21:08:57.0591 4444 Ndisuio - ok
21:08:57.0636 4444 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
21:08:57.0638 4444 NdisWan - ok
21:08:57.0673 4444 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
21:08:57.0676 4444 NDProxy - ok
21:08:57.0739 4444 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
21:08:57.0741 4444 NetBIOS - ok
21:08:57.0799 4444 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
21:08:57.0801 4444 netbt - ok
21:08:57.0877 4444 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
21:08:57.0878 4444 nfrd960 - ok
21:08:57.0925 4444 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
21:08:57.0926 4444 Npfs - ok
21:08:57.0964 4444 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
21:08:57.0965 4444 nsiproxy - ok
21:08:58.0035 4444 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
21:08:58.0055 4444 Ntfs - ok
21:08:58.0089 4444 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
21:08:58.0091 4444 ntrigdigi - ok
21:08:58.0148 4444 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
21:08:58.0149 4444 NuidFltr - ok
21:08:58.0184 4444 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
21:08:58.0185 4444 Null - ok
21:08:58.0276 4444 NVENETFD (a1108084b0d2fc43dcc401735770e2a3) C:\Windows\system32\DRIVERS\nvmfdx32.sys
21:08:58.0292 4444 NVENETFD - ok
21:08:58.0521 4444 nvlddmkm (d65bc32c1795191b7f2b028351ab4fe2) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:08:58.0589 4444 nvlddmkm - ok
21:08:58.0705 4444 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
21:08:58.0707 4444 nvraid - ok
21:08:58.0748 4444 nvsmu (9aebc32f9d6e02ebee0369ab296fe7c8) C:\Windows\system32\DRIVERS\nvsmu.sys
21:08:58.0749 4444 nvsmu - ok
21:08:58.0780 4444 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
21:08:58.0783 4444 nvstor - ok
21:08:58.0841 4444 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
21:08:58.0842 4444 nv_agp - ok
21:08:58.0862 4444 NwlnkFlt - ok
21:08:58.0881 4444 NwlnkFwd - ok
21:08:58.0973 4444 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
21:08:58.0975 4444 ohci1394 - ok
21:08:59.0058 4444 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
21:08:59.0060 4444 Parport - ok
21:08:59.0118 4444 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
21:08:59.0119 4444 partmgr - ok
21:08:59.0149 4444 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
21:08:59.0150 4444 Parvdm - ok
21:08:59.0214 4444 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
21:08:59.0216 4444 pci - ok
21:08:59.0330 4444 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
21:08:59.0331 4444 pciide - ok
21:08:59.0510 4444 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
21:08:59.0519 4444 pcmcia - ok
21:08:59.0608 4444 PCTAppEvent (7ea0ebd6e5aa687e116eb185a7cfb667) C:\Windows\system32\drivers\PCTAppEvent.sys
21:08:59.0610 4444 PCTAppEvent - ok
21:08:59.0666 4444 PCTFW-PacketFilter (60af5fa418efe284fb81dbbf5a0391fb) C:\Windows\system32\drivers\pctNdis-PacketFilter.sys
21:08:59.0668 4444 PCTFW-PacketFilter - ok
21:08:59.0759 4444 pctgntdi (5be722c8c9bba995693c8cd524d83b27) C:\WINDOWS\System32\drivers\pctgntdi.sys
21:08:59.0762 4444 pctgntdi - ok
21:08:59.0906 4444 pctNdis (3ec79cfb2e0e74aada8b561ed8904577) C:\Windows\system32\DRIVERS\pctNdis.sys
21:08:59.0927 4444 pctNdis - ok
21:08:59.0958 4444 pctNdisMP (3ec79cfb2e0e74aada8b561ed8904577) C:\Windows\system32\DRIVERS\pctNdis.sys
21:08:59.0960 4444 pctNdisMP - ok
21:09:00.0040 4444 pctplfw (fe6803af91ddb32ff8edf5d6c0d370af) C:\WINDOWS\System32\drivers\pctplfw.sys
21:09:00.0058 4444 pctplfw - ok
21:09:00.0352 4444 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
21:09:00.0361 4444 PEAUTH - ok
21:09:00.0696 4444 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
21:09:00.0718 4444 PptpMiniport - ok
21:09:00.0759 4444 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
21:09:00.0760 4444 Processor - ok
21:09:00.0956 4444 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
21:09:00.0972 4444 PSched - ok
21:09:01.0184 4444 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
21:09:01.0194 4444 ql2300 - ok
21:09:01.0224 4444 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
21:09:01.0227 4444 ql40xx - ok
21:09:01.0303 4444 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
21:09:01.0304 4444 QWAVEdrv - ok
21:09:01.0333 4444 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
21:09:01.0334 4444 RasAcd - ok
21:09:01.0376 4444 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:09:01.0378 4444 Rasl2tp - ok
21:09:01.0428 4444 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
21:09:01.0429 4444 RasPppoe - ok
21:09:01.0470 4444 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
21:09:01.0474 4444 RasSstp - ok
21:09:01.0537 4444 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
21:09:01.0540 4444 rdbss - ok
21:09:01.0576 4444 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:09:01.0577 4444 RDPCDD - ok
21:09:01.0615 4444 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
21:09:01.0620 4444 rdpdr - ok
21:09:01.0643 4444 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
21:09:01.0644 4444 RDPENCDD - ok
21:09:01.0690 4444 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
21:09:01.0694 4444 RDPWD - ok
21:09:01.0777 4444 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
21:09:01.0780 4444 RFCOMM - ok
21:09:01.0844 4444 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
21:09:01.0848 4444 rimmptsk - ok
21:09:01.0884 4444 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
21:09:01.0887 4444 rimsptsk - ok
21:09:01.0952 4444 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
21:09:01.0954 4444 RimVSerPort - ok
21:09:01.0975 4444 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
21:09:01.0977 4444 rismxdp - ok
21:09:02.0019 4444 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
21:09:02.0020 4444 ROOTMODEM - ok
21:09:02.0057 4444 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
21:09:02.0058 4444 rspndr - ok
21:09:02.0188 4444 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
21:09:02.0201 4444 sbp2port - ok
21:09:02.0336 4444 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
21:09:02.0347 4444 sdbus - ok
21:09:02.0382 4444 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:09:02.0383 4444 secdrv - ok
21:09:02.0433 4444 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys
21:09:02.0452 4444 Serenum - ok
21:09:02.0487 4444 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
21:09:02.0489 4444 Serial - ok
21:09:02.0614 4444 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
21:09:02.0615 4444 sermouse - ok
21:09:02.0671 4444 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
21:09:02.0688 4444 sffdisk - ok
21:09:02.0716 4444 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
21:09:02.0717 4444 sffp_mmc - ok
21:09:02.0790 4444 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
21:09:02.0791 4444 sffp_sd - ok
21:09:02.0834 4444 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
21:09:02.0835 4444 sfloppy - ok
21:09:02.0868 4444 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
21:09:02.0870 4444 sisagp - ok
21:09:02.0898 4444 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
21:09:02.0899 4444 SiSRaid2 - ok
21:09:02.0930 4444 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
21:09:02.0931 4444 SiSRaid4 - ok
21:09:02.0990 4444 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
21:09:02.0992 4444 Smb - ok
21:09:03.0013 4444 SMR210 - ok
21:09:03.0056 4444 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
21:09:03.0057 4444 spldr - ok
21:09:03.0249 4444 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
21:09:03.0253 4444 srv - ok
21:09:03.0380 4444 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
21:09:03.0382 4444 srv2 - ok
21:09:03.0466 4444 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
21:09:03.0468 4444 srvnet - ok
21:09:03.0544 4444 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
21:09:03.0545 4444 swenum - ok
21:09:03.0581 4444 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
21:09:03.0583 4444 Symc8xx - ok
21:09:03.0616 4444 SymIM - ok
21:09:03.0635 4444 SymIMMP - ok
21:09:03.0669 4444 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
21:09:03.0670 4444 Sym_hi - ok
21:09:03.0703 4444 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
21:09:03.0705 4444 Sym_u3 - ok
21:09:03.0734 4444 SynTP (f5d926807bd9bc0af68f9376144de425) C:\Windows\system32\DRIVERS\SynTP.sys
21:09:03.0739 4444 SynTP - ok
21:09:03.0809 4444 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
21:09:03.0817 4444 Tcpip - ok
21:09:03.0847 4444 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
21:09:03.0854 4444 Tcpip6 - ok
21:09:03.0899 4444 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
21:09:03.0900 4444 tcpipreg - ok
21:09:03.0940 4444 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
21:09:03.0941 4444 TDPIPE - ok
21:09:03.0965 4444 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
21:09:03.0966 4444 TDTCP - ok
21:09:04.0024 4444 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
21:09:04.0025 4444 tdx - ok
21:09:04.0076 4444 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
21:09:04.0078 4444 TermDD - ok
21:09:04.0133 4444 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:09:04.0134 4444 tssecsrv - ok
21:09:04.0199 4444 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
21:09:04.0201 4444 tunmp - ok
21:09:04.0276 4444 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
21:09:04.0277 4444 tunnel - ok
21:09:04.0326 4444 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
21:09:04.0328 4444 uagp35 - ok
21:09:04.0380 4444 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
21:09:04.0383 4444 udfs - ok
21:09:04.0430 4444 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
21:09:04.0431 4444 uliagpkx - ok
21:09:04.0467 4444 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
21:09:04.0472 4444 uliahci - ok
21:09:04.0505 4444 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
21:09:04.0508 4444 UlSata - ok
21:09:04.0539 4444 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
21:09:04.0542 4444 ulsata2 - ok
21:09:04.0576 4444 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
21:09:04.0577 4444 umbus - ok
21:09:04.0641 4444 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
21:09:04.0642 4444 USBAAPL - ok
21:09:04.0710 4444 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
21:09:04.0712 4444 usbccgp - ok
21:09:04.0738 4444 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
21:09:04.0739 4444 usbcir - ok
21:09:04.0768 4444 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
21:09:04.0769 4444 usbehci - ok
21:09:04.0824 4444 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
21:09:04.0828 4444 usbhub - ok
21:09:04.0864 4444 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
21:09:04.0871 4444 usbohci - ok
21:09:05.0071 4444 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
21:09:05.0072 4444 usbprint - ok
21:09:05.0210 4444 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
21:09:05.0212 4444 usbscan - ok
21:09:05.0261 4444 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:09:05.0263 4444 USBSTOR - ok
21:09:05.0292 4444 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
21:09:05.0293 4444 usbuhci - ok
21:09:05.0358 4444 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
21:09:05.0360 4444 usbvideo - ok
21:09:05.0408 4444 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
21:09:05.0409 4444 vga - ok
21:09:05.0442 4444 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
21:09:05.0443 4444 VgaSave - ok
21:09:05.0473 4444 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
21:09:05.0475 4444 viaagp - ok
21:09:05.0498 4444 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
21:09:05.0501 4444 ViaC7 - ok
21:09:05.0527 4444 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
21:09:05.0529 4444 viaide - ok
21:09:05.0574 4444 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
21:09:05.0576 4444 volmgr - ok
21:09:05.0637 4444 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
21:09:05.0640 4444 volmgrx - ok
21:09:05.0692 4444 volsnap (e269bb33062f9a6b4115c86781d767aa) C:\Windows\system32\drivers\volsnap.sys
21:09:05.0694 4444 Suspicious file (Forged): C:\Windows\system32\drivers\volsnap.sys. Real md5: e269bb33062f9a6b4115c86781d767aa, Fake md5: 147281c01fcb1df9252de2a10d5e7093
21:09:05.0695 4444 volsnap ( Rootkit.Win32.TDSS.tdl3 ) - infected
21:09:05.0696 4444 volsnap - detected Rootkit.Win32.TDSS.tdl3 (0)
21:09:05.0727 4444 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
21:09:05.0730 4444 vsmraid - ok
21:09:05.0788 4444 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
21:09:05.0790 4444 WacomPen - ok
21:09:05.0831 4444 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:09:05.0833 4444 Wanarp - ok
21:09:05.0856 4444 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
21:09:05.0858 4444 Wanarpv6 - ok
21:09:05.0909 4444 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
21:09:05.0911 4444 Wd - ok
21:09:05.0956 4444 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
21:09:05.0963 4444 Wdf01000 - ok
21:09:06.0065 4444 winachsf (0acd399f5db3df1b58903cf4949ab5a8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
21:09:06.0072 4444 winachsf - ok
21:09:06.0144 4444 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:09:06.0145 4444 WmiAcpi - ok
21:09:06.0267 4444 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
21:09:06.0269 4444 WpdUsb - ok
21:09:06.0305 4444 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
21:09:06.0306 4444 ws2ifsl - ok
21:09:06.0393 4444 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:09:06.0395 4444 WUDFRd - ok
21:09:06.0434 4444 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
21:09:06.0435 4444 XAudio - ok
21:09:06.0521 4444 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0
21:09:06.0551 4444 \Device\Harddisk0\DR0 - ok
21:09:06.0557 4444 Boot (0x1200) (9f0ebfa561931802cf69b711199717b7) \Device\Harddisk0\DR0\Partition0
21:09:06.0558 4444 \Device\Harddisk0\DR0\Partition0 - ok
21:09:06.0569 4444 Boot (0x1200) (7db538556e9835a9d27d7cca99f16b66) \Device\Harddisk0\DR0\Partition1
21:09:06.0570 4444 \Device\Harddisk0\DR0\Partition1 - ok
21:09:06.0574 4444 ============================================================
21:09:06.0574 4444 Scan finished
21:09:06.0574 4444 ============================================================
21:09:06.0597 5448 Detected object count: 1
21:09:06.0597 5448 Actual detected object count: 1
21:09:45.0065 5448 volsnap ( Rootkit.Win32.TDSS.tdl3 ) - skipped by user
21:09:45.0066 5448 volsnap ( Rootkit.Win32.TDSS.tdl3 ) - User select action: Skip

#19
mojoanna1

Posted 19 October 2011 - 07:33 PM

Member

Topic Starter
Member
30 posts

Hey Maliprog, It's me again. Ok, here is the log from aswMBR.exe

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-10-19 21:25:32
-----------------------------
21:25:32.356 OS Version: Windows 6.0.6002 Service Pack 2
21:25:32.357 Number of processors: 2 586 0x6802
21:25:32.358 ComputerName: CYA UserName: CYA
21:25:33.869 Initialize success
21:25:57.778 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
21:25:57.786 Disk 0 Vendor: SAMSUNG_HM250JI HS100-10 Size: 238475MB BusType: 3
21:25:59.824 Disk 0 MBR read successfully
21:25:59.833 Disk 0 MBR scan
21:25:59.843 Disk 0 unknown MBR code
21:25:59.857 Disk 0 scanning sectors +488392065
21:25:59.930 Disk 0 scanning C:\Windows\system32\drivers
21:26:07.769 Service scanning
21:26:09.260 Service volsnap C:\Windows\system32\drivers\volsnap.sys **LOCKED** 32
21:26:09.797 Modules scanning
21:26:16.545 Disk 0 trace - called modules:
21:26:16.571 ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x8597d4d8]<<
21:26:16.576 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86031160]
21:26:16.581 Scan finished successfully
21:27:12.747 Disk 0 MBR has been saved successfully to "C:\Users\CYA\Desktop\MBR.dat"
21:27:12.754 The log file has been saved successfully to "C:\Users\CYA\Desktop\aswMBR.txt"
21:29:08.556 Disk 0 MBR has been saved successfully to "C:\Users\CYA\Desktop\MBR.dat"
21:29:08.565 The log file has been saved successfully to "C:\Users\CYA\Desktop\aswMBR.txt"
21:30:12.637 Disk 0 MBR has been saved successfully to "C:\Users\CYA\Documents\MBR.dat"
21:30:12.646 The log file has been saved successfully to "C:\Users\CYA\Documents\aswMBR.txt"

Now I will run OTL and post results. Thanks

Mojoanna1

#20
mojoanna1

Posted 19 October 2011 - 07:41 PM

Member

Topic Starter
Member
30 posts

Ok Maliprog, this is the OTL log you requested. Let me know the next step. By the way, I did not clear out or click fix on the malware files found in the previous 2 scans as you didn't tell me to do that. I just copied and pasted the logs. Thanks

Mojoanna1

========== OTL ==========
========== FILES ==========
< ipconfig /all /c >
Windows IP Configuration
Host Name . . . . . . . . . . . . : CYA
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR5007 802.11b/g WiFi Adapter
Physical Address. . . . . . . . . : 00-22-69-1E-48-90
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.0.12(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, October 19, 2011 9:33:21 AM
Lease Expires . . . . . . . . . . : Wednesday, October 19, 2011 10:33:46 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 68.105.28.12
68.105.29.12
68.105.28.11
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet
Physical Address. . . . . . . . . : 00-1E-68-BC-CE-E5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Ethernet adapter Bluetooth Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 00-21-86-72-C3-A5
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 6:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{694E539A-832A-44A4-A48D-1F1B3CB2B699}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 16:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{B189A06B-19D7-43EF-89D5-B80E0C722A9E}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 17:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{4ED7A297-D7E6-4BE8-8C2B-9CE7B351A828}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 18:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
c:\users\cya\downloads\cmd.bat deleted successfully.
c:\users\cya\downloads\cmd.txt deleted successfully.
< nslookup google.com /c >
Server: cdns2.cox.net
Address: 68.105.28.12
Name: google.com
Addresses: 74.125.73.105
74.125.73.106
74.125.73.147
74.125.73.99
74.125.73.103
74.125.73.104
c:\users\cya\downloads\cmd.bat deleted successfully.
c:\users\cya\downloads\cmd.txt deleted successfully.
< nslookup yahoo.com /c >
Server: cdns2.cox.net
Address: 68.105.28.12
Name: yahoo.com
Addresses: 209.191.122.70
67.195.160.76
72.30.2.43
98.137.149.56
98.139.180.149
c:\users\cya\downloads\cmd.bat deleted successfully.
c:\users\cya\downloads\cmd.txt deleted successfully.
< ping -n 2 google.com /c >
Pinging google.com [74.125.73.105] with 32 bytes of data:
Reply from 74.125.73.105: bytes=32 time=61ms TTL=48
Reply from 74.125.73.105: bytes=32 time=62ms TTL=48
Ping statistics for 74.125.73.105:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 61ms, Maximum = 62ms, Average = 61ms
c:\users\cya\downloads\cmd.bat deleted successfully.
c:\users\cya\downloads\cmd.txt deleted successfully.
< ping -n 2 yahoo.com /c >
Pinging yahoo.com [98.139.180.149] with 32 bytes of data:
Reply from 98.139.180.149: bytes=32 time=52ms TTL=50
Reply from 98.139.180.149: bytes=32 time=33ms TTL=50
Ping statistics for 98.139.180.149:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 33ms, Maximum = 52ms, Average = 42ms
c:\users\cya\downloads\cmd.bat deleted successfully.
c:\users\cya\downloads\cmd.txt deleted successfully.
< route print /c >
===========================================================================
Interface List
13 ...00 22 69 1e 48 90 ...... Atheros AR5007 802.11b/g WiFi Adapter
12 ...00 1e 68 bc ce e5 ...... NVIDIA nForce 10/100 Mbps Ethernet
11 ...00 21 86 72 c3 a5 ...... Bluetooth Device (Personal Area Network)
1 ........................... Software Loopback Interface 1
15 ...00 00 00 00 00 00 00 e0 isatap.{694E539A-832A-44A4-A48D-1F1B3CB2B699}
22 ...00 00 00 00 00 00 00 e0 isatap.{B189A06B-19D7-43EF-89D5-B80E0C722A9E}
21 ...00 00 00 00 00 00 00 e0 isatap.{4ED7A297-D7E6-4BE8-8C2B-9CE7B351A828}
14 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.12 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.12 281
192.168.0.12 255.255.255.255 On-link 192.168.0.12 281
192.168.0.255 255.255.255.255 On-link 192.168.0.12 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.12 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.12 281
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
c:\users\cya\downloads\cmd.bat deleted successfully.
c:\users\cya\downloads\cmd.txt deleted successfully.

OTL by OldTimer - Version 3.2.31.0 log created on 10192011_213633

#21
maliprog

Posted 19 October 2011 - 11:14 PM

Trusted Helper

Malware Removal
6,172 posts

Hi mojoanna1,

TDSSKiller found reason for redirection. You are infected with Rootkit.Win32.TDSS.tdl3. On the last scan you didn't select Cure for "action". You selected Skip and infection is still there.

Please run TDSSKiller one more time and this time choose Cure as I posted in TDSSKiller step. Post log after the scan.

After you Cure you system with TDSSKiller restart your system and test it if you still have redirection and let me know.

#22
mojoanna1

Posted 20 October 2011 - 05:13 PM

Member

Topic Starter
Member
30 posts

Hey Maliprog, Ok, I ran the TDSSkiller again and followed your instructions and the computer doesn't appear to be re-directing anymore. Yea!!! Everything seems better and the fan isn't running all the time now. Thanks for all your help. You are the best!!!! Is there anything else I need to do? Oh yeah, I will post the log so you can see it. Let me know if I need to do anything else. Thank you so so much once again. Mojoanna1

18:59:20.0609 5708 TDSS rootkit removing tool 2.6.11.0 Oct 19 2011 13:50:27
18:59:21.0014 5708 ============================================================
18:59:21.0014 5708 Current date / time: 2011/10/20 18:59:21.0014
18:59:21.0014 5708 SystemInfo:
18:59:21.0014 5708
18:59:21.0014 5708 OS Version: 6.0.6002 ServicePack: 2.0
18:59:21.0014 5708 Product type: Workstation
18:59:21.0014 5708 ComputerName: CYA
18:59:21.0014 5708 UserName: CYA
18:59:21.0014 5708 Windows directory: C:\Windows
18:59:21.0014 5708 System windows directory: C:\Windows
18:59:21.0014 5708 Processor architecture: Intel x86
18:59:21.0014 5708 Number of processors: 2
18:59:21.0014 5708 Page size: 0x1000
18:59:21.0014 5708 Boot type: Normal boot
18:59:21.0015 5708 ============================================================
18:59:22.0731 5708 Initialize success
18:59:28.0308 5580 ============================================================
18:59:28.0308 5580 Scan started
18:59:28.0308 5580 Mode: Manual;
18:59:28.0308 5580 ============================================================
18:59:31.0031 5580 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
18:59:31.0037 5580 ACPI - ok
18:59:31.0092 5580 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
18:59:31.0123 5580 adp94xx - ok
18:59:31.0184 5580 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
18:59:31.0195 5580 adpahci - ok
18:59:31.0232 5580 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
18:59:31.0239 5580 adpu160m - ok
18:59:31.0280 5580 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
18:59:31.0284 5580 adpu320 - ok
18:59:31.0393 5580 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
18:59:31.0435 5580 AFD - ok
18:59:31.0495 5580 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
18:59:31.0498 5580 agp440 - ok
18:59:31.0531 5580 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
18:59:31.0534 5580 aic78xx - ok
18:59:31.0566 5580 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
18:59:31.0568 5580 aliide - ok
18:59:31.0600 5580 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
18:59:31.0602 5580 amdagp - ok
18:59:31.0631 5580 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
18:59:31.0650 5580 amdide - ok
18:59:31.0685 5580 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
18:59:31.0687 5580 AmdK7 - ok
18:59:31.0706 5580 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
18:59:31.0707 5580 AmdK8 - ok
18:59:31.0778 5580 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
18:59:31.0780 5580 arc - ok
18:59:31.0840 5580 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
18:59:31.0843 5580 arcsas - ok
18:59:31.0880 5580 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
18:59:31.0882 5580 AsyncMac - ok
18:59:32.0030 5580 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
18:59:32.0031 5580 atapi - ok
18:59:32.0150 5580 athr (fa4e39b289d3a9606f03c90a933b2b1f) C:\Windows\system32\DRIVERS\athr.sys
18:59:32.0232 5580 athr - ok
18:59:32.0333 5580 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
18:59:32.0360 5580 BCM43XV - ok
18:59:32.0428 5580 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
18:59:32.0449 5580 Beep - ok
18:59:32.0498 5580 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
18:59:32.0501 5580 blbdrive - ok
18:59:32.0659 5580 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
18:59:32.0663 5580 bowser - ok
18:59:32.0713 5580 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
18:59:32.0717 5580 BrFiltLo - ok
18:59:32.0752 5580 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
18:59:32.0756 5580 BrFiltUp - ok
18:59:32.0864 5580 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
18:59:32.0866 5580 Brserid - ok
18:59:32.0896 5580 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
18:59:32.0898 5580 BrSerWdm - ok
18:59:32.0920 5580 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
18:59:32.0921 5580 BrUsbMdm - ok
18:59:32.0952 5580 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
18:59:32.0953 5580 BrUsbSer - ok
18:59:33.0041 5580 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
18:59:33.0043 5580 BthEnum - ok
18:59:33.0066 5580 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
18:59:33.0069 5580 BTHMODEM - ok
18:59:33.0104 5580 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
18:59:33.0106 5580 BthPan - ok
18:59:33.0166 5580 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
18:59:33.0178 5580 BTHPORT - ok
18:59:33.0256 5580 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
18:59:33.0295 5580 BTHUSB - ok
18:59:33.0520 5580 btwaudio (99aeea7cefdfc6e4151a8f620d682088) C:\Windows\system32\drivers\btwaudio.sys
18:59:33.0542 5580 btwaudio - ok
18:59:33.0619 5580 btwavdt (195872e48a7fb01f8bc9b800f70f4054) C:\Windows\system32\drivers\btwavdt.sys
18:59:33.0672 5580 btwavdt - ok
18:59:33.0707 5580 btwrchid (0724e7d6c9b6a289eddda33fa8176e80) C:\Windows\system32\DRIVERS\btwrchid.sys
18:59:33.0710 5580 btwrchid - ok
18:59:33.0811 5580 catchme - ok
18:59:33.0906 5580 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
18:59:33.0912 5580 cdfs - ok
18:59:33.0969 5580 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
18:59:33.0992 5580 cdrom - ok
18:59:34.0018 5580 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
18:59:34.0020 5580 circlass - ok
18:59:34.0078 5580 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
18:59:34.0141 5580 CLFS - ok
18:59:34.0208 5580 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
18:59:34.0209 5580 CmBatt - ok
18:59:34.0231 5580 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
18:59:34.0233 5580 cmdide - ok
18:59:34.0268 5580 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
18:59:34.0268 5580 Compbatt - ok
18:59:34.0301 5580 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
18:59:34.0302 5580 crcdisk - ok
18:59:34.0334 5580 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
18:59:34.0336 5580 Crusoe - ok
18:59:34.0510 5580 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
18:59:34.0521 5580 DfsC - ok
18:59:34.0639 5580 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
18:59:34.0641 5580 disk - ok
18:59:34.0801 5580 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
18:59:34.0804 5580 drmkaud - ok
18:59:34.0884 5580 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
18:59:34.0897 5580 DXGKrnl - ok
18:59:34.0966 5580 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
18:59:34.0996 5580 E1G60 - ok
18:59:35.0089 5580 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
18:59:35.0092 5580 Ecache - ok
18:59:35.0209 5580 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
18:59:35.0273 5580 elxstor - ok
18:59:35.0345 5580 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
18:59:35.0350 5580 ErrDev - ok
18:59:35.0536 5580 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
18:59:35.0540 5580 exfat - ok
18:59:35.0599 5580 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
18:59:35.0618 5580 fastfat - ok
18:59:35.0704 5580 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
18:59:35.0706 5580 fdc - ok
18:59:35.0785 5580 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
18:59:35.0787 5580 FileInfo - ok
18:59:35.0825 5580 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
18:59:35.0842 5580 Filetrace - ok
18:59:35.0877 5580 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
18:59:35.0879 5580 flpydisk - ok
18:59:35.0925 5580 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
18:59:35.0929 5580 FltMgr - ok
18:59:35.0985 5580 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
18:59:35.0986 5580 Fs_Rec - ok
18:59:36.0118 5580 FTDIBUS (b283f1bc1ff852bd232449a4b3e3ce63) C:\Windows\system32\drivers\ftdibus.sys
18:59:36.0120 5580 FTDIBUS - ok
18:59:36.0146 5580 FTSER2K (678a73f56ddf84a08c31123c386e9967) C:\Windows\system32\drivers\ftser2k.sys
18:59:36.0148 5580 FTSER2K - ok
18:59:36.0174 5580 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
18:59:36.0177 5580 gagp30kx - ok
18:59:36.0221 5580 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:59:36.0236 5580 GEARAspiWDM - ok
18:59:36.0309 5580 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
18:59:36.0315 5580 HdAudAddService - ok
18:59:36.0397 5580 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:59:36.0408 5580 HDAudBus - ok
18:59:36.0434 5580 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
18:59:36.0436 5580 HidBth - ok
18:59:36.0467 5580 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
18:59:36.0471 5580 HidIr - ok
18:59:36.0550 5580 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
18:59:36.0553 5580 HidUsb - ok
18:59:36.0636 5580 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
18:59:36.0644 5580 HpCISSs - ok
18:59:36.0678 5580 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
18:59:36.0679 5580 HpqKbFiltr - ok
18:59:36.0706 5580 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys
18:59:36.0707 5580 HpqRemHid - ok
18:59:36.0892 5580 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
18:59:36.0920 5580 HSFHWAZL - ok
18:59:36.0995 5580 HSF_DPV (cc267848cb3508e72762be65734e764d) C:\Windows\system32\DRIVERS\HSX_DPV.sys
18:59:37.0026 5580 HSF_DPV - ok
18:59:37.0081 5580 HSXHWAZL (a2882945cc4b6e3e4e9e825590438888) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
18:59:37.0090 5580 HSXHWAZL - ok
18:59:37.0181 5580 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
18:59:37.0255 5580 HTTP - ok
18:59:37.0282 5580 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
18:59:37.0284 5580 i2omp - ok
18:59:37.0358 5580 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
18:59:37.0373 5580 i8042prt - ok
18:59:37.0412 5580 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
18:59:37.0419 5580 iaStorV - ok
18:59:37.0488 5580 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
18:59:37.0490 5580 iirsp - ok
18:59:37.0561 5580 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
18:59:37.0564 5580 intelide - ok
18:59:37.0598 5580 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
18:59:37.0603 5580 intelppm - ok
18:59:37.0656 5580 IpInIp - ok
18:59:37.0692 5580 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
18:59:37.0694 5580 IPMIDRV - ok
18:59:37.0896 5580 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
18:59:37.0900 5580 IPNAT - ok
18:59:37.0934 5580 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
18:59:37.0936 5580 IRENUM - ok
18:59:37.0969 5580 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
18:59:37.0973 5580 isapnp - ok
18:59:38.0091 5580 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
18:59:38.0103 5580 iScsiPrt - ok
18:59:38.0134 5580 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
18:59:38.0136 5580 iteatapi - ok
18:59:38.0187 5580 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
18:59:38.0189 5580 iteraid - ok
18:59:38.0218 5580 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:59:38.0220 5580 kbdclass - ok
18:59:38.0254 5580 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
18:59:38.0256 5580 kbdhid - ok
18:59:38.0415 5580 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
18:59:38.0425 5580 KSecDD - ok
18:59:38.0501 5580 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
18:59:38.0503 5580 lltdio - ok
18:59:38.0786 5580 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
18:59:38.0789 5580 LSI_FC - ok
18:59:38.0984 5580 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
18:59:38.0988 5580 LSI_SAS - ok
18:59:39.0043 5580 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
18:59:39.0046 5580 LSI_SCSI - ok
18:59:39.0082 5580 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
18:59:39.0083 5580 luafv - ok
18:59:39.0108 5580 MBAMProtector - ok
18:59:39.0193 5580 MBAMSwissArmy (b18225739ed9caa83ba2df966e9f43e8) C:\Windows\system32\drivers\mbamswissarmy.sys
18:59:39.0195 5580 MBAMSwissArmy - ok
18:59:39.0272 5580 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
18:59:39.0297 5580 mdmxsdk - ok
18:59:39.0349 5580 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
18:59:39.0352 5580 megasas - ok
18:59:39.0461 5580 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
18:59:39.0475 5580 MegaSR - ok
18:59:39.0565 5580 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
18:59:39.0569 5580 Modem - ok
18:59:39.0626 5580 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
18:59:39.0628 5580 monitor - ok
18:59:39.0727 5580 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
18:59:39.0728 5580 mouclass - ok
18:59:39.0766 5580 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
18:59:39.0767 5580 mouhid - ok
18:59:39.0791 5580 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
18:59:39.0792 5580 MountMgr - ok
18:59:39.0870 5580 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
18:59:39.0874 5580 mpio - ok
18:59:39.0932 5580 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
18:59:39.0944 5580 mpsdrv - ok
18:59:39.0981 5580 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
18:59:39.0984 5580 Mraid35x - ok
18:59:40.0145 5580 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
18:59:40.0179 5580 MRxDAV - ok
18:59:40.0388 5580 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:59:40.0390 5580 mrxsmb - ok
18:59:40.0466 5580 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:59:40.0532 5580 mrxsmb10 - ok
18:59:40.0596 5580 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:59:40.0612 5580 mrxsmb20 - ok
18:59:40.0650 5580 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
18:59:40.0652 5580 msahci - ok
18:59:40.0675 5580 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
18:59:40.0678 5580 msdsm - ok
18:59:40.0841 5580 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
18:59:40.0842 5580 Msfs - ok
18:59:40.0904 5580 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
18:59:40.0906 5580 msisadrv - ok
18:59:41.0006 5580 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
18:59:41.0009 5580 MSKSSRV - ok
18:59:41.0075 5580 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
18:59:41.0103 5580 MSPCLOCK - ok
18:59:41.0141 5580 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
18:59:41.0145 5580 MSPQM - ok
18:59:41.0223 5580 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
18:59:41.0238 5580 MsRPC - ok
18:59:41.0388 5580 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
18:59:41.0409 5580 mssmbios - ok
18:59:41.0440 5580 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
18:59:41.0442 5580 MSTEE - ok
18:59:41.0475 5580 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
18:59:41.0476 5580 Mup - ok
18:59:41.0576 5580 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
18:59:41.0628 5580 NativeWifiP - ok
18:59:41.0812 5580 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
18:59:41.0872 5580 NDIS - ok
18:59:41.0941 5580 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
18:59:41.0948 5580 NdisTapi - ok
18:59:41.0978 5580 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
18:59:41.0980 5580 Ndisuio - ok
18:59:42.0024 5580 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
18:59:42.0037 5580 NdisWan - ok
18:59:42.0072 5580 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
18:59:42.0074 5580 NDProxy - ok
18:59:42.0138 5580 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
18:59:42.0140 5580 NetBIOS - ok
18:59:42.0209 5580 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
18:59:42.0214 5580 netbt - ok
18:59:42.0310 5580 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
18:59:42.0312 5580 nfrd960 - ok
18:59:42.0559 5580 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
18:59:42.0562 5580 Npfs - ok
18:59:42.0664 5580 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
18:59:42.0670 5580 nsiproxy - ok
18:59:42.0959 5580 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
18:59:42.0990 5580 Ntfs - ok
18:59:43.0046 5580 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
18:59:43.0048 5580 ntrigdigi - ok
18:59:43.0104 5580 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
18:59:43.0118 5580 NuidFltr - ok
18:59:43.0151 5580 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
18:59:43.0153 5580 Null - ok
18:59:43.0398 5580 NVENETFD (a1108084b0d2fc43dcc401735770e2a3) C:\Windows\system32\DRIVERS\nvmfdx32.sys
18:59:43.0447 5580 NVENETFD - ok
18:59:43.0996 5580 nvlddmkm (d65bc32c1795191b7f2b028351ab4fe2) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:59:44.0214 5580 nvlddmkm - ok
18:59:44.0442 5580 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
18:59:44.0448 5580 nvraid - ok
18:59:44.0495 5580 nvsmu (9aebc32f9d6e02ebee0369ab296fe7c8) C:\Windows\system32\DRIVERS\nvsmu.sys
18:59:44.0496 5580 nvsmu - ok
18:59:44.0527 5580 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
18:59:44.0529 5580 nvstor - ok
18:59:44.0643 5580 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
18:59:44.0647 5580 nv_agp - ok
18:59:44.0660 5580 NwlnkFlt - ok
18:59:44.0680 5580 NwlnkFwd - ok
18:59:44.0775 5580 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
18:59:44.0777 5580 ohci1394 - ok
18:59:44.0861 5580 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
18:59:44.0991 5580 Parport - ok
18:59:45.0043 5580 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
18:59:45.0046 5580 partmgr - ok
18:59:45.0074 5580 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
18:59:45.0075 5580 Parvdm - ok
18:59:45.0128 5580 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
18:59:45.0131 5580 pci - ok
18:59:45.0232 5580 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
18:59:45.0233 5580 pciide - ok
18:59:45.0268 5580 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
18:59:45.0315 5580 pcmcia - ok
18:59:45.0434 5580 PCTAppEvent (7ea0ebd6e5aa687e116eb185a7cfb667) C:\Windows\system32\drivers\PCTAppEvent.sys
18:59:45.0458 5580 PCTAppEvent - ok
18:59:45.0635 5580 PCTFW-PacketFilter (60af5fa418efe284fb81dbbf5a0391fb) C:\Windows\system32\drivers\pctNdis-PacketFilter.sys
18:59:45.0639 5580 PCTFW-PacketFilter - ok
18:59:45.0740 5580 pctgntdi (5be722c8c9bba995693c8cd524d83b27) C:\WINDOWS\System32\drivers\pctgntdi.sys
18:59:45.0746 5580 pctgntdi - ok
18:59:45.0809 5580 pctNdis (3ec79cfb2e0e74aada8b561ed8904577) C:\Windows\system32\DRIVERS\pctNdis.sys
18:59:45.0813 5580 pctNdis - ok
18:59:45.0918 5580 pctNdisMP (3ec79cfb2e0e74aada8b561ed8904577) C:\Windows\system32\DRIVERS\pctNdis.sys
18:59:45.0921 5580 pctNdisMP - ok
18:59:46.0011 5580 pctplfw (fe6803af91ddb32ff8edf5d6c0d370af) C:\WINDOWS\System32\drivers\pctplfw.sys
18:59:46.0104 5580 pctplfw - ok
18:59:46.0267 5580 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
18:59:46.0333 5580 PEAUTH - ok
18:59:46.0554 5580 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
18:59:46.0578 5580 PptpMiniport - ok
18:59:46.0716 5580 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
18:59:46.0739 5580 Processor - ok
18:59:46.0825 5580 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
18:59:46.0846 5580 PSched - ok
18:59:47.0030 5580 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
18:59:47.0141 5580 ql2300 - ok
18:59:47.0338 5580 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
18:59:47.0351 5580 ql40xx - ok
18:59:47.0439 5580 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
18:59:47.0441 5580 QWAVEdrv - ok
18:59:47.0469 5580 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
18:59:47.0479 5580 RasAcd - ok
18:59:47.0546 5580 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:59:47.0549 5580 Rasl2tp - ok
18:59:47.0653 5580 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
18:59:47.0655 5580 RasPppoe - ok
18:59:47.0729 5580 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
18:59:47.0750 5580 RasSstp - ok
18:59:47.0873 5580 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
18:59:47.0879 5580 rdbss - ok
18:59:47.0946 5580 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:59:47.0955 5580 RDPCDD - ok
18:59:48.0007 5580 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
18:59:48.0013 5580 rdpdr - ok
18:59:48.0035 5580 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
18:59:48.0052 5580 RDPENCDD - ok
18:59:48.0115 5580 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
18:59:48.0121 5580 RDPWD - ok
18:59:48.0214 5580 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
18:59:48.0329 5580 RFCOMM - ok
18:59:48.0459 5580 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
18:59:48.0474 5580 rimmptsk - ok
18:59:48.0543 5580 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
18:59:48.0555 5580 rimsptsk - ok
18:59:48.0645 5580 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
18:59:48.0647 5580 RimVSerPort - ok
18:59:48.0679 5580 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
18:59:48.0681 5580 rismxdp - ok
18:59:48.0723 5580 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
18:59:48.0734 5580 ROOTMODEM - ok
18:59:48.0783 5580 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
18:59:48.0794 5580 rspndr - ok
18:59:48.0837 5580 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
18:59:48.0853 5580 sbp2port - ok
18:59:49.0007 5580 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
18:59:49.0028 5580 sdbus - ok
18:59:49.0231 5580 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:59:49.0279 5580 secdrv - ok
18:59:49.0393 5580 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys
18:59:49.0401 5580 Serenum - ok
18:59:49.0426 5580 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
18:59:49.0436 5580 Serial - ok
18:59:49.0507 5580 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
18:59:49.0509 5580 sermouse - ok
18:59:49.0576 5580 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
18:59:49.0577 5580 sffdisk - ok
18:59:49.0632 5580 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
18:59:49.0646 5580 sffp_mmc - ok
18:59:49.0706 5580 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
18:59:49.0719 5580 sffp_sd - ok
18:59:49.0838 5580 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
18:59:49.0855 5580 sfloppy - ok
18:59:49.0973 5580 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
18:59:49.0975 5580 sisagp - ok
18:59:50.0025 5580 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
18:59:50.0027 5580 SiSRaid2 - ok
18:59:50.0068 5580 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
18:59:50.0084 5580 SiSRaid4 - ok
18:59:50.0217 5580 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
18:59:50.0220 5580 Smb - ok
18:59:50.0422 5580 SMR210 - ok
18:59:50.0506 5580 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
18:59:50.0507 5580 spldr - ok
18:59:50.0643 5580 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
18:59:50.0667 5580 srv - ok
18:59:50.0743 5580 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
18:59:50.0747 5580 srv2 - ok
18:59:50.0849 5580 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
18:59:50.0872 5580 srvnet - ok
18:59:51.0016 5580 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
18:59:51.0018 5580 swenum - ok
18:59:51.0053 5580 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
18:59:51.0055 5580 Symc8xx - ok
18:59:51.0120 5580 SymIM - ok
18:59:51.0171 5580 SymIMMP - ok
18:59:51.0218 5580 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
18:59:51.0221 5580 Sym_hi - ok
18:59:51.0431 5580 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
18:59:51.0447 5580 Sym_u3 - ok
18:59:51.0508 5580 SynTP (f5d926807bd9bc0af68f9376144de425) C:\Windows\system32\DRIVERS\SynTP.sys
18:59:51.0522 5580 SynTP - ok
18:59:51.0695 5580 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys
18:59:51.0714 5580 Tcpip - ok
18:59:51.0753 5580 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys
18:59:51.0761 5580 Tcpip6 - ok
18:59:51.0883 5580 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
18:59:51.0922 5580 tcpipreg - ok
18:59:51.0968 5580 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
18:59:51.0970 5580 TDPIPE - ok
18:59:51.0993 5580 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
18:59:51.0995 5580 TDTCP - ok
18:59:52.0064 5580 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
18:59:52.0114 5580 tdx - ok
18:59:52.0182 5580 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
18:59:52.0234 5580 TermDD - ok
18:59:52.0296 5580 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:59:52.0297 5580 tssecsrv - ok
18:59:52.0350 5580 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
18:59:52.0352 5580 tunmp - ok
18:59:52.0427 5580 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
18:59:52.0429 5580 tunnel - ok
18:59:52.0521 5580 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
18:59:52.0538 5580 uagp35 - ok
18:59:52.0598 5580 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
18:59:52.0603 5580 udfs - ok
18:59:52.0647 5580 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
18:59:52.0706 5580 uliagpkx - ok
18:59:52.0740 5580 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
18:59:52.0747 5580 uliahci - ok
18:59:52.0779 5580 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
18:59:52.0795 5580 UlSata - ok
18:59:52.0825 5580 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
18:59:52.0828 5580 ulsata2 - ok
18:59:52.0860 5580 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
18:59:52.0862 5580 umbus - ok
18:59:52.0925 5580 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
18:59:52.0991 5580 USBAAPL - ok
18:59:53.0061 5580 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
18:59:53.0064 5580 usbccgp - ok
18:59:53.0089 5580 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
18:59:53.0091 5580 usbcir - ok
18:59:53.0119 5580 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
18:59:53.0121 5580 usbehci - ok
18:59:53.0209 5580 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
18:59:53.0247 5580 usbhub - ok
18:59:53.0282 5580 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
18:59:53.0284 5580 usbohci - ok
18:59:53.0322 5580 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
18:59:53.0337 5580 usbprint - ok
18:59:53.0384 5580 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
18:59:53.0386 5580 usbscan - ok
18:59:53.0434 5580 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:59:53.0479 5580 USBSTOR - ok
18:59:53.0510 5580 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
18:59:53.0512 5580 usbuhci - ok
18:59:53.0587 5580 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
18:59:53.0636 5580 usbvideo - ok
18:59:53.0682 5580 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
18:59:53.0684 5580 vga - ok
18:59:53.0704 5580 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
18:59:53.0706 5580 VgaSave - ok
18:59:53.0735 5580 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
18:59:53.0738 5580 viaagp - ok
18:59:53.0760 5580 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
18:59:53.0762 5580 ViaC7 - ok
18:59:53.0790 5580 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
18:59:53.0801 5580 viaide - ok
18:59:53.0836 5580 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
18:59:53.0837 5580 volmgr - ok
18:59:53.0943 5580 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
18:59:54.0016 5580 volmgrx - ok
18:59:54.0099 5580 volsnap (e269bb33062f9a6b4115c86781d767aa) C:\Windows\system32\drivers\volsnap.sys
18:59:54.0127 5580 Suspicious file (Forged): C:\Windows\system32\drivers\volsnap.sys. Real md5: e269bb33062f9a6b4115c86781d767aa, Fake md5: 147281c01fcb1df9252de2a10d5e7093
18:59:54.0129 5580 volsnap ( Rootkit.Win32.TDSS.tdl3 ) - infected
18:59:54.0129 5580 volsnap - detected Rootkit.Win32.TDSS.tdl3 (0)
18:59:54.0167 5580 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
18:59:54.0171 5580 vsmraid - ok
18:59:54.0262 5580 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
18:59:54.0270 5580 WacomPen - ok
18:59:54.0305 5580 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:59:54.0307 5580 Wanarp - ok
18:59:54.0328 5580 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:59:54.0329 5580 Wanarpv6 - ok
18:59:54.0428 5580 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
18:59:54.0430 5580 Wd - ok
18:59:54.0674 5580 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
18:59:54.0716 5580 Wdf01000 - ok
18:59:54.0940 5580 winachsf (0acd399f5db3df1b58903cf4949ab5a8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
18:59:54.0953 5580 winachsf - ok
18:59:55.0019 5580 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
18:59:55.0020 5580 WmiAcpi - ok
18:59:55.0164 5580 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
18:59:55.0166 5580 WpdUsb - ok
18:59:55.0202 5580 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
18:59:55.0204 5580 ws2ifsl - ok
18:59:55.0290 5580 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:59:55.0317 5580 WUDFRd - ok
18:59:55.0408 5580 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
18:59:55.0410 5580 XAudio - ok
18:59:55.0496 5580 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0
18:59:55.0538 5580 \Device\Harddisk0\DR0 - ok
18:59:55.0607 5580 Boot (0x1200) (9f0ebfa561931802cf69b711199717b7) \Device\Harddisk0\DR0\Partition0
18:59:55.0628 5580 \Device\Harddisk0\DR0\Partition0 - ok
18:59:55.0674 5580 Boot (0x1200) (7db538556e9835a9d27d7cca99f16b66) \Device\Harddisk0\DR0\Partition1
18:59:55.0676 5580 \Device\Harddisk0\DR0\Partition1 - ok
18:59:55.0676 5580 ============================================================
18:59:55.0676 5580 Scan finished
18:59:55.0676 5580 ============================================================
18:59:55.0701 4464 Detected object count: 1
18:59:55.0701 4464 Actual detected object count: 1
19:00:06.0228 4464 Backup copy found, using it..
19:00:06.0250 4464 C:\Windows\system32\drivers\volsnap.sys - will be cured on reboot
19:00:06.0250 4464 volsnap ( Rootkit.Win32.TDSS.tdl3 ) - User select action: Cure
19:00:22.0934 3640 Deinitialize success

#23
maliprog

Posted 20 October 2011 - 11:27 PM

Trusted Helper

Malware Removal
6,172 posts

Hi mojoanna1,

Very good! That was our last bugger!

Your logs and system are clean now. I'm glad we fix up your computer. We need to clean up your PC from programs we used.

Step 1

Please start OTL one more time and click CleanUp button. OTL will restart your system at the end. Remove all other application we used to clean your PC.

General recommendations

Here are some recommendations you should follow to minimize infection risk in the future:

1. Enable Windows Update

Click Start, click Run, type sysdm.cpl, and then press ENTER.
Click the Automatic Updates tab, and then click to select one of the following options. We recommend that you select the Automatic (recommended) Automatically download recommended updates for my computer and install them option.
Click OK button

2. Delete Temp files

Download TFC to your desktop

Open the file and close any other windows.
It will close all programs itself when run, make sure to let it run uninterrupted.
Click the Start button to begin the process. The program should not take long to finish its job
Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

3. Make Backups of Important Files

Please read this article Home Computer Data Backup.

4. Regularly update your software

To eliminate design flaws and security vulnerabilities, all software needs to be updated to the latest version or the vendor’s patch installed.

You should download Update Checker from here. The program will automaticly check for newer version of software installed on your system.

#24
mojoanna1

Posted 21 October 2011 - 09:16 AM

Member

Topic Starter
Member
30 posts

Good Morning Maliprog! System is running better but when I tried to update Windows 33 of 35 failed with error code 80070005. Also, I can't see my recycle bin or my DVD/CD drive. Did I do something wrong. My 18 year old was on my computer again this morning. Hmmm! Please advise.

Mojoanna1

#25
maliprog

Posted 22 October 2011 - 01:06 AM

Trusted Helper

Malware Removal
6,172 posts

Hi mojoanna1,

This is probably system error but let's take a look.

Run OTL.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Click the "Scan All User" checkbox
Change "Extra Registry" option to "SafeList"
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows OTL.txt and Extra.txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of this files, and post it with your next reply.
Run OTL.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Click the "Scan All User" checkbox
Change "Extra Registry" option to "SafeList"
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows OTL.txt and Extra.txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of this files, and post it with your next reply.

[/LIST]

#26
mojoanna1

Posted 22 October 2011 - 06:58 PM

Member

Topic Starter
Member
30 posts

Happy Saturday Maliprog,

Here's the log you requested from OTL:

OTL logfile created on: 10/22/2011 8:39:12 PM - Run 6
OTL by OldTimer - Version 3.2.31.0 Folder = c:\users\cya\downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.94 Gb Total Physical Memory | 1.20 Gb Available Physical Memory | 40.91% Memory free
6.10 Gb Paging File | 3.74 Gb Available in Paging File | 61.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221.05 Gb Total Space | 155.21 Gb Free Space | 70.21% Space Free | Partition Type: NTFS
Drive D: | 11.84 Gb Total Space | 1.64 Gb Free Space | 13.88% Space Free | Partition Type: NTFS

Computer Name: CYA | User Name: CYA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - c:\Users\CYA\Downloads\OTL(1).exe (OldTimer Tools)
PRC - C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
PRC - C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
PRC - C:\Program Files\PC Tools Firewall Plus\FWService.exe (PC Tools)
PRC - C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
PRC - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\WINDOWS\System32\wpcumi.exe (Microsoft Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\b8275f3805e12e632edaf9fe4ac0239f\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d9ab6e29eba6cb0d8459fcbb2c40c1a7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\887fa2d6b76e7302b0c664effad4f91f\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\9de2c69d5b7e5eecfc53e263d8d9bdea\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\9b8e883fd5fa51f026577156a0ee9d57\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\88593f5f0fc6de5d5f4a85aa2b1466f3\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ca467e23bbfcffac8809b9e21dcbd9a6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ed6ae2749d12c4729ee43ff339de4bb8\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\98bbdd8c400493ad228b8283665cc9da\mscorlib.ni.dll ()
MOD - C:\Program Files\Yahoo!\Messenger\yui.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll ()
MOD - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll ()
MOD - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll ()
MOD - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll ()
MOD - C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll ()
MOD - C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
MOD - C:\WINDOWS\System32\btwhidcs.dll ()
MOD - C:\Program Files\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files\Common Files\LightScribe\QtCore4.dll ()

========== Win32 Services (SafeList) ==========

SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (PCToolsFirewallPlus) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe (PC Tools)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (LPDSVC) -- C:\WINDOWS\System32\lpdsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Com4Qlb) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.)

========== Driver Services (SafeList) ==========

DRV - (MBAMSwissArmy) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (PCTAppEvent) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys (PC Tools)
DRV - (pctgntdi) -- C:\WINDOWS\System32\drivers\pctgntdi.sys (PC Tools)
DRV - (pctplfw) -- C:\WINDOWS\System32\drivers\pctplfw.sys (PC Tools)
DRV - (PCTFW-PacketFilter) -- C:\WINDOWS\System32\drivers\pctNdis-PacketFilter.sys (PC Tools)
DRV - (pctNdisMP) -- C:\WINDOWS\System32\drivers\pctNdis.sys (PC Tools)
DRV - (pctNdis) -- C:\WINDOWS\System32\drivers\pctNdis.sys (PC Tools)
DRV - (nvlddmkm) -- C:\WINDOWS\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (athr) -- C:\WINDOWS\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (XAudio) -- C:\WINDOWS\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (HpqRemHid) -- C:\WINDOWS\System32\drivers\HpqRemHid.sys (Hewlett-Packard Development Company, L.P.)
DRV - (HpqKbFiltr) -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (rismxdp) -- C:\WINDOWS\System32\drivers\rixdptsk.sys (REDC)
DRV - (NVENETFD) -- C:\WINDOWS\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (rimmptsk) -- C:\WINDOWS\System32\drivers\rimmptsk.sys (REDC)
DRV - (nvsmu) -- C:\WINDOWS\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (rimsptsk) -- C:\WINDOWS\System32\drivers\rimsptsk.sys (REDC)
DRV - (FTSER2K) -- C:\WINDOWS\System32\drivers\ftser2k.sys (FTDI Ltd.)
DRV - (FTDIBUS) -- C:\WINDOWS\System32\drivers\ftdibus.sys (FTDI Ltd.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\..\URLSearchHook: {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - No CLSID value found

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-856919484-758718920-2567828494-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
IE - HKU\S-1-5-21-856919484-758718920-2567828494-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-856919484-758718920-2567828494-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-856919484-758718920-2567828494-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Freecorder Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..network.proxy.no_proxies_on: ""

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll File not found
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\CYA\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files\Object\facetheme
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/15 20:03:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files\Object\facetheme

[2011/06/20 15:18:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CYA\AppData\Roaming\Mozilla\Extensions
[2011/10/15 20:04:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\CYA\AppData\Roaming\Mozilla\Firefox\Profiles\8dzovbx9.default\extensions
[2011/09/29 02:32:44 | 000,000,000 | ---D | M] (Freecorder Community Toolbar) -- C:\Users\CYA\AppData\Roaming\Mozilla\Firefox\Profiles\8dzovbx9.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}(175)
[2011/08/23 01:01:12 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Users\CYA\AppData\Roaming\Mozilla\Firefox\Profiles\8dzovbx9.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2011/08/19 15:44:09 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\CYA\AppData\Roaming\Mozilla\Firefox\Profiles\8dzovbx9.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/08/10 11:29:41 | 000,000,000 | ---D | M] (Burn4Free DB Toolbar) -- C:\Users\CYA\AppData\Roaming\Mozilla\Firefox\Profiles\8dzovbx9.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2011/08/20 08:22:06 | 000,000,000 | ---D | M] (VDownloader Toolbar) -- C:\Users\CYA\AppData\Roaming\Mozilla\Firefox\Profiles\8dzovbx9.default\extensions\[email protected]
[2011/08/20 08:22:21 | 000,000,000 | ---D | M] (We-Care Reminder) -- C:\Users\CYA\AppData\Roaming\Mozilla\Firefox\Profiles\8dzovbx9.default\extensions\wecarereminder@bryan
[2011/08/20 08:22:07 | 000,002,394 | ---- | M] () -- C:\Users\CYA\AppData\Roaming\Mozilla\Firefox\Profiles\8dzovbx9.default\searchplugins\askcom.xml
[2011/08/10 09:19:44 | 000,002,263 | ---- | M] () -- C:\Users\CYA\AppData\Roaming\Mozilla\Firefox\Profiles\8dzovbx9.default\searchplugins\bing-zugo.xml
[2011/08/31 11:25:56 | 000,000,923 | ---- | M] () -- C:\Users\CYA\AppData\Roaming\Mozilla\Firefox\Profiles\8dzovbx9.default\searchplugins\conduit.xml
[2011/08/10 12:35:06 | 000,002,376 | ---- | M] () -- C:\Users\CYA\AppData\Roaming\Mozilla\Firefox\Profiles\8dzovbx9.default\searchplugins\search.xml
[2011/10/15 20:03:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/09/29 02:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/09/28 20:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/10/17 20:50:47 | 000,000,027 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No CLSID value found.
O2 - BHO: (HP Print Clips) - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O3 - HKU\S-1-5-21-856919484-758718920-2567828494-1000\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll File not found
O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\WINDOWS\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-856919484-758718920-2567828494-1000..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-856919484-758718920-2567828494-1000..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-856919484-758718920-2567828494-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-856919484-758718920-2567828494-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-856919484-758718920-2567828494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-856919484-758718920-2567828494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-856919484-758718920-2567828494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-856919484-758718920-2567828494-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.c...loadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B189A06B-19D7-43EF-89D5-B80E0C722A9E}: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\CYA\Pictures\car.jpg
O24 - Desktop BackupWallPaper: C:\Users\CYA\Pictures\car.jpg
O29 - HKLM SecurityProviders - (credssp.dll) -credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/08/22 03:43:54 | 000,000,074 | -H-- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 11:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/21 10:37:38 | 000,000,000 | ---D | C] -- C:\ProgramData\ErrorEND
[2011/10/21 10:37:25 | 000,000,000 | ---D | C] -- C:\Program Files\ErrorEND
[2011/10/21 09:27:42 | 000,000,000 | ---D | C] -- C:\Program Files\FileHippo.com
[2011/10/21 01:44:03 | 000,000,000 | ---D | C] -- C:\Users\CYA\AppData\Roaming\Media Player Classic
[2011/10/18 09:05:25 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/10/18 09:05:25 | 000,000,000 | ---D | C] -- C:\Users\CYA\AppData\Local\temp
[2011/10/18 09:04:17 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/10/17 11:06:37 | 000,000,000 | ---D | C] -- C:\Temp
[2011/10/15 21:48:56 | 000,000,000 | ---D | C] -- C:\Users\CYA\AppData\Local\NPE
[2011/10/15 20:03:22 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/10/15 17:54:56 | 000,000,000 | ---D | C] -- C:\Users\CYA\AppData\Roaming\PC Cleaners
[2011/10/15 17:54:47 | 005,356,304 | ---- | C] (PC Cleaners) -- C:\Windows\uninst.exe
[2011/10/15 17:54:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaners
[2011/10/15 17:54:45 | 000,000,000 | ---D | C] -- C:\ProgramData\PC1Data
[2011/10/15 17:54:45 | 000,000,000 | ---D | C] -- C:\Program Files\PC Cleaners
[2011/10/01 09:09:31 | 000,000,000 | ---D | C] -- C:\Users\CYA\Documents\My Games
[2011/10/01 09:08:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft XNA
[2011/10/01 02:08:39 | 000,000,000 | ---D | C] -- C:\Program Files(x86)
[2011/09/24 09:24:28 | 000,000,000 | ---D | C] -- C:\System Recovery Files
[2011/07/27 17:18:28 | 003,325,832 | ---- | C] (Ask) -- C:\Program Files\Common Files\APNToolbarInstaller.exe
[2011/07/27 17:18:28 | 000,108,424 | ---- | C] (Ask.com) -- C:\Program Files\Common Files\APNStub.exe
[2010/03/23 20:53:47 | 002,131,336 | ---- | C] (Ask.com ) -- C:\Program Files\Common Files\AskToolbarInstaller.exe
[2 C:\Users\CYA\Desktop\*.tmp files -> C:\Users\CYA\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/22 18:57:52 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/22 18:57:52 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/21 11:04:32 | 000,617,702 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/10/21 11:04:32 | 000,108,772 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/10/21 11:01:51 | 000,000,258 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2011/10/21 10:57:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/21 10:57:39 | 3152,887,808 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/21 10:37:45 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\ErrorEND.job
[2011/10/21 10:20:58 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/10/21 09:27:43 | 000,001,754 | ---- | M] () -- C:\Users\CYA\Desktop\Update Checker.lnk
[2011/10/21 03:04:33 | 000,232,495 | ---- | M] () -- C:\Users\CYA\Desktop\phone car 016_Underpainting_1.jpg
[2011/10/21 02:24:18 | 000,171,718 | ---- | M] () -- C:\Users\CYA\Desktop\97 accord.jpg
[2011/10/21 02:00:48 | 000,171,965 | ---- | M] () -- C:\Users\CYA\Desktop\phone car 016.jpg
[2011/10/19 21:30:12 | 000,000,512 | ---- | M] () -- C:\Users\CYA\Documents\MBR.dat
[2011/10/19 21:29:08 | 000,000,512 | ---- | M] () -- C:\Users\CYA\Desktop\MBR.dat
[2011/10/19 21:07:33 | 000,001,449 | ---- | M] () -- C:\Users\CYA\Desktop\TDSSKiller - Shortcut.lnk
[2011/10/18 08:46:50 | 157,555,524 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/10/17 20:50:47 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/10/17 19:03:26 | 001,413,612 | ---- | M] () -- C:\Users\CYA\Documents\IMGP1508.JPG
[2011/10/17 18:57:05 | 001,421,348 | ---- | M] () -- C:\Users\CYA\Documents\IMGP1502.JPG
[2011/10/16 22:41:18 | 000,001,189 | ---- | M] () -- C:\Users\CYA\Desktop\OTM.exe - Shortcut.lnk
[2011/10/16 15:51:54 | 000,000,939 | ---- | M] () -- C:\Users\Public\Desktop\FL Studio 10.lnk
[2011/10/15 21:58:07 | 000,000,949 | ---- | M] () -- C:\Users\CYA\Desktop\Norton Installation Files.lnk
[2011/10/15 20:03:58 | 000,000,870 | ---- | M] () -- C:\Users\CYA\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/10/15 20:03:57 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/10/15 17:54:18 | 005,356,304 | ---- | M] (PC Cleaners) -- C:\Windows\uninst.exe
[2011/10/15 17:17:28 | 000,000,943 | ---- | M] () -- C:\Users\CYA\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser (2).lnk
[2011/10/01 02:38:40 | 000,022,372 | ---- | M] () -- C:\Users\CYA\Desktop\resume, references, salary req.zip
[2 C:\Users\CYA\Desktop\*.tmp files -> C:\Users\CYA\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/10/21 10:37:43 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\ErrorEND.job
[2011/10/21 09:27:43 | 000,001,784 | ---- | C] () -- C:\Users\CYA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
[2011/10/21 09:27:43 | 000,001,754 | ---- | C] () -- C:\Users\CYA\Desktop\Update Checker.lnk
[2011/10/21 03:04:31 | 000,232,495 | ---- | C] () -- C:\Users\CYA\Desktop\phone car 016_Underpainting_1.jpg
[2011/10/21 02:24:18 | 000,171,718 | ---- | C] () -- C:\Users\CYA\Desktop\97 accord.jpg
[2011/10/21 01:46:37 | 000,171,965 | ---- | C] () -- C:\Users\CYA\Desktop\phone car 016.jpg
[2011/10/19 21:30:12 | 000,000,512 | ---- | C] () -- C:\Users\CYA\Documents\MBR.dat
[2011/10/19 21:27:12 | 000,000,512 | ---- | C] () -- C:\Users\CYA\Desktop\MBR.dat
[2011/10/19 21:03:48 | 000,001,449 | ---- | C] () -- C:\Users\CYA\Desktop\TDSSKiller - Shortcut.lnk
[2011/10/18 09:08:03 | 3152,887,808 | -HS- | C] () -- C:\hiberfil.sys
[2011/10/17 19:03:22 | 001,413,612 | ---- | C] () -- C:\Users\CYA\Documents\IMGP1508.JPG
[2011/10/17 18:56:57 | 001,421,348 | ---- | C] () -- C:\Users\CYA\Documents\IMGP1502.JPG
[2011/10/15 21:45:04 | 000,000,949 | ---- | C] () -- C:\Users\CYA\Desktop\Norton Installation Files.lnk
[2011/10/15 20:03:57 | 000,000,870 | ---- | C] () -- C:\Users\CYA\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/10/15 20:03:55 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/10/15 20:03:52 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/10/15 17:17:28 | 000,000,943 | ---- | C] () -- C:\Users\CYA\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser (2).lnk
[2011/08/21 07:10:00 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/08/20 11:08:01 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/08/20 11:08:01 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/08/20 11:08:01 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/08/20 11:08:01 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/08/20 11:08:01 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/06/25 14:45:40 | 000,020,552 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011/06/20 15:12:39 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/06/20 01:31:57 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2011/04/13 15:49:45 | 000,176,780 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/05/16 20:03:03 | 000,006,944 | ---- | C] () -- C:\Users\CYA\AppData\Local\d3d9caps.dat
[2010/03/16 20:29:11 | 000,000,171 | -H-- | C] () -- C:\Users\CYA\AppData\Local\rahistory.xml
[2009/10/08 20:30:01 | 000,130,920 | ---- | C] () -- C:\Windows\hpoins21.dat
[2009/10/08 20:30:01 | 000,008,252 | ---- | C] () -- C:\Windows\hpomdl21.dat
[2009/09/24 06:51:17 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/24 06:51:17 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/11 21:25:10 | 000,000,078 | -H-- | C] () -- C:\Users\CYA\AppData\Roaming\wklnhst.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/31 23:03:37 | 000,013,824 | ---- | C] () -- C:\Users\CYA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/31 21:19:27 | 000,095,433 | -H-- | C] () -- C:\ProgramData\nvModes.001
[2009/07/31 20:49:09 | 000,095,433 | -H-- | C] () -- C:\ProgramData\nvModes.dat
[2009/07/31 17:08:49 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/08/22 04:40:04 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/08/22 04:36:25 | 000,004,984 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008/08/22 03:58:40 | 000,101,605 | ---- | C] () -- C:\Windows\hpqins13.dat
[2008/08/22 02:52:26 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007/09/05 15:52:04 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,387,144 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,617,702 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,108,772 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/05/24 11:04:14 | 000,000,133 | ---- | C] () -- C:\Windows\System32\ftdiun2k.ini
[2006/05/24 10:40:42 | 000,188,416 | ---- | C] () -- C:\Windows\System32\ftdiunin.exe
[2006/03/09 05:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2001/11/14 16:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 600 bytes -> C:\Users\CYA\Documents\pic.eml:OECustomProperty
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:C8A26DAA
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:CF2C26D2
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:C31F31E6

< End of report >

Thanks again for all your help!

Mojoanna1

#27
maliprog

Posted 23 October 2011 - 11:55 PM

Trusted Helper

Malware Removal
6,172 posts

Looks like this happened after windows update. I can't find universal fix but let's try this.

Run OTL again

Double click on the icon to run it (If running Vista or Windows 7, right click on it and select "Run as an Administrator")
. Make sure all other windows are closed and to let it run uninterrupted.
Under the Custom Scan box paste this in

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{645FF040-5081-101B-9F08-00AA002F954E}

Click button called None in OTL
Click the Run scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open OTL.Txt. This file is also saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of this file and post it here to me

#28
mojoanna1

Posted 24 October 2011 - 04:33 PM

Member

Topic Starter
Member
30 posts

Hey Maliprog, Here's the log you requested. It only took literally 1 second to run. Did I do it right. When you told me to click the None button on OTL, that put checks in all the None boxes automatically. Was that suppose to be the way you wanted the scan run?

Mojoanna1

OTL logfile created on: 10/24/2011 6:27:21 PM - Run 7
OTL by OldTimer - Version 3.2.31.0 Folder = c:\users\cya\downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.94 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 61.35% Memory free
6.10 Gb Paging File | 5.04 Gb Available in Paging File | 82.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221.05 Gb Total Space | 152.35 Gb Free Space | 68.92% Space Free | Partition Type: NTFS
Drive D: | 11.84 Gb Total Space | 1.59 Gb Free Space | 13.42% Space Free | Partition Type: NTFS

Computer Name: CYA | User Name: CYA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Custom Scans ==========

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318} >
"Class" = CDROM
"ClassDesc" = @%SystemRoot%\System32\StorProp.dll,-17001 -- [2009/04/11 02:28:24 | 000,055,808 | ---- | M] (Microsoft Corporation)
"" = DVD/CD-ROM drives
"IconPath" = %SystemRoot%\System32\imageres.dll,-30 [binary data] -- [2006/11/02 05:39:37 | 015,821,312 | ---- | M] (Microsoft Corporation)
"Installer32" = storprop.dll,DvdClassInstaller -- [2009/04/11 02:28:24 | 000,055,808 | ---- | M] (Microsoft Corporation)
"EnumPropPages32" = storprop.dll,DvdPropPageProvider -- [2009/04/11 02:28:24 | 000,055,808 | ---- | M] (Microsoft Corporation)
"SilentInstall" = 1
"NoInstallClass" = 1
"UpperFilters" = GEARAspiWDM [binary data]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0000]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\0001]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties]

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{645FF040-5081-101B-9F08-00AA002F954E} >
"" = Recycle Bin

< End of report >

#29
maliprog

Posted 25 October 2011 - 01:00 AM

Trusted Helper

Malware Removal
6,172 posts

Your PC is clean from malware and this is system problem probably caused by Windows update. Please open new topic in Windows Vista™ and Windows 7™ and describe your problem. There are guys that will help you more than I can with this problem.

Give them link to this topic and tell them that your system is clean now. Also write that you notice this after windows update took place.

Hope you'll solve this.

#30
maliprog

Posted 28 October 2011 - 06:05 AM

Trusted Helper

Malware Removal
6,172 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.