Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

SUPER SLOW computer [Closed]

Started by mcbassin , Feb 09 2012 10:37 PM

  • This topic is locked This topic is locked

#1
mcbassin
Posted 09 February 2012 - 10:37 PM

mcbassin

    Member

  • Member
  • PipPip
  • 32 posts
Last week my laptop started lagging unexpectedly. It has a slow delay on everything I do. I have ran Malware bytes and it comes up blank every time. I'm wondering if I have a hardware issue? My task manager shows a spike up and down on both processors even when there isn't anything running.
Here is my OTL log:

OTL logfile created on: 2/9/2012 10:06:42 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Mike\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.57 Gb Available Physical Memory | 28.48% Memory free
3.85 Gb Paging File | 2.34 Gb Available in Paging File | 60.94% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146.50 Gb Total Space | 64.05 Gb Free Space | 43.72% Space Free | Partition Type: NTFS

Computer Name: DG3LMZF1 | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/09 22:06:12 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
PRC - [2011/10/17 16:05:07 | 002,042,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2011/10/09 10:54:58 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2010/12/10 06:29:00 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010/12/10 06:28:56 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2010/05/14 11:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2009/07/30 08:46:09 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/07/30 08:46:07 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/07/30 08:46:01 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/07/30 08:45:59 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/07/30 08:45:57 | 000,832,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgam.exe
PRC - [2009/07/30 08:45:45 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/01 15:39:28 | 000,189,736 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/07/25 16:32:50 | 000,823,296 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2007/07/25 16:32:34 | 000,294,912 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2007/07/25 16:30:36 | 000,974,848 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2007/07/25 16:26:14 | 000,491,520 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2007/07/20 16:55:46 | 001,228,800 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/06/06 15:28:18 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2007/03/06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
PRC - [2007/03/03 13:48:28 | 000,067,056 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006/11/02 14:05:50 | 000,282,624 | ---- | M] (Knowles Acoustics) -- C:\WINDOWS\system32\KADxMain.exe
PRC - [2003/11/21 21:02:42 | 000,151,552 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/03 09:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/11/03 09:28:36 | 000,386,048 | ---- | M] () -- C:\WINDOWS\system32\qdvd.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/08/25 15:47:35 | 000,051,716 | ---- | M] () -- C:\WINDOWS\system32\pdf995mon.dll
MOD - [2009/12/20 19:42:16 | 000,176,235 | ---- | M] () -- C:\WINDOWS\system32\Primomonnt.dll
MOD - [2008/04/14 04:42:04 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\qcap.dll
MOD - [2008/04/14 04:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 04:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/03/30 16:47:28 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2007/07/25 16:25:48 | 000,118,784 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2007/07/20 16:56:14 | 000,098,304 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2007/04/25 10:55:40 | 001,167,360 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll
MOD - [2006/06/20 22:34:28 | 000,017,704 | ---- | M] () -- C:\Program Files\Microsoft ActiveSync\rapiproxystub.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (getPlus® Helper) getPlus®
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/12/10 06:29:00 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/07/30 08:45:59 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009/07/30 08:45:45 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2007/07/25 16:32:34 | 000,294,912 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel®
SRV - [2007/03/06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)
SRV - [2007/03/03 13:48:28 | 000,067,056 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV - [2010/11/07 10:41:33 | 000,016,128 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2009/07/30 08:46:08 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/07/30 08:46:08 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/05/13 11:41:02 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscemdm.sys -- (sscemdm)
DRV - [2009/05/13 11:41:02 | 000,090,240 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscebus.sys -- (sscebus) SAMSUNG USB Composite Device V2 driver (WDM)
DRV - [2009/05/13 11:41:02 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscemdfl.sys -- (sscemdfl)
DRV - [2009/04/26 13:47:03 | 000,012,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2009/04/26 13:46:54 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009/04/06 17:31:33 | 000,019,507 | ---- | M] (Sony Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sonypvl3.sys -- (sonypvl3)
DRV - [2007/12/02 18:26:22 | 000,989,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007/12/02 18:26:20 | 000,731,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007/12/02 18:26:20 | 000,211,200 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007/08/12 18:05:34 | 002,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel®
DRV - [2007/06/06 15:28:16 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/05/29 15:29:30 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/05/08 21:49:02 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2007/05/08 21:46:12 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/05/08 21:46:08 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/05/08 21:46:06 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/04/03 12:59:30 | 000,083,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s616bus.sys -- (s616bus) Sony Ericsson Device 616 driver (WDM)
DRV - [2006/11/02 12:31:38 | 000,103,168 | ---- | M] (Knowles Acoustics) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dxec02.sys -- (DXEC02)
DRV - [2004/12/07 15:00:48 | 000,064,964 | ---- | M] (Sony Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\sonypvd3.sys -- (sonypvd3)
DRV - [2004/12/06 14:26:16 | 000,423,454 | ---- | M] (Sony Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\sonypvt3.sys -- (sonypvt3)
DRV - [2004/11/15 13:55:14 | 000,619,390 | ---- | M] (Sony Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\sonypvf3.sys -- (sonypvf3)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Mike\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Mike\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/15 19:54:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/15 19:54:16 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Mike\Application Data\Move Networks [2010/01/13 22:52:32 | 000,000,000 | ---D | M]

[2010/11/16 19:10:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Extensions
[2012/01/31 23:22:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\k55y3j8y.default\extensions
[2011/03/17 22:42:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\k55y3j8y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/01/31 23:22:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/11/10 20:39:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/26 10:38:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/11/05 16:37:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions(2)
[2010/11/03 20:46:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions(2)\{972ce4c6-7e08-4474-a285-3208198ce6fd}(2)
[2010/01/13 22:52:32 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\MIKE\APPLICATION DATA\MOVE NETWORKS
[2010/11/10 20:38:59 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/11/10 20:02:11 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [KADxMain] C:\WINDOWS\system32\KADxMain.exe (Knowles Acoustics)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe (InterVideo Digital Technology Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe (Sony Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe File not found
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: basszone.com ([www] http in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail....es/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} http://www.nextdaype...geUploader6.cab (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail....ol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 65.77.64.11 4.2.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{895DD5A6-87F7-4672-A174-02566CCDCACF}: DhcpNameServer = 192.168.2.1 65.77.64.11 4.2.2.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\Documents and Settings\Mike\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mike\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/12/04 17:56:27 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/02/09 22:06:18 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
[2012/01/15 22:02:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\My Documents\Noelbrosser
[2012/01/12 20:06:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\My Documents\fender
[2012/01/11 22:19:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mike\My Documents\Hotmail

========== Files - Modified Within 30 Days ==========

[2012/02/09 22:17:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/09 22:06:12 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mike\Desktop\OTL.exe
[2012/02/09 22:06:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cce15f4d6fd37e.job
[2012/02/09 22:03:16 | 000,000,250 | ---- | M] () -- C:\WINDOWS\phedit.ini
[2012/02/09 21:39:55 | 000,107,464 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2012/02/09 20:54:27 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/02/08 21:48:30 | 089,813,905 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2012/02/05 00:39:02 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cb6cf3cf91964e.job
[2012/02/05 00:32:40 | 000,000,794 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/29 20:47:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/29 20:46:57 | 2145,427,456 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/28 12:30:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/01/25 20:09:33 | 000,107,464 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2012/01/20 23:16:55 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/01/11 22:17:00 | 000,080,369 | ---- | M] () -- C:\Documents and Settings\Mike\My Documents\Hotmail.zip

========== Files Created - No Company Name ==========

[2012/02/01 22:01:12 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cce15f4d6fd37e.job
[2012/01/18 22:33:27 | 000,000,794 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/11 22:17:00 | 000,080,369 | ---- | C] () -- C:\Documents and Settings\Mike\My Documents\Hotmail.zip
[2011/12/10 09:17:04 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2011/12/10 09:13:27 | 000,073,108 | ---- | C] () -- C:\WINDOWS\hpqins16.dat.temp
[2011/12/10 09:09:13 | 000,073,108 | ---- | C] () -- C:\WINDOWS\hpqins16.dat
[2011/02/25 16:52:35 | 000,032,776 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/08/25 15:49:47 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2010/08/25 15:47:37 | 000,000,142 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2010/08/25 15:47:35 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2010/04/25 10:43:20 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2009/12/20 19:42:18 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2009/07/03 14:06:47 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/01/09 16:38:56 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\$_hpcst$.hpc
[2008/12/28 15:47:12 | 000,001,112 | ---- | C] () -- C:\Documents and Settings\Mike\Application Data\ViewerApp.dat
[2008/12/16 07:19:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/12/08 17:45:06 | 000,053,248 | ---- | C] () -- C:\Documents and Settings\Mike\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/05 08:57:59 | 000,210,456 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008/12/05 08:57:59 | 000,206,360 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008/12/05 08:57:59 | 000,198,168 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008/12/05 08:57:59 | 000,198,168 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008/12/05 08:57:59 | 000,194,072 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008/12/05 08:57:59 | 000,026,136 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008/12/05 08:51:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2008/12/04 22:20:13 | 000,000,250 | ---- | C] () -- C:\WINDOWS\phedit.ini
[2008/12/04 21:56:48 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\msvcrt10.dll
[2008/12/04 21:56:48 | 000,005,515 | ---- | C] () -- C:\WINDOWS\fmachine.ini
[2008/12/04 17:51:24 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/12/04 17:33:15 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/12/04 17:31:33 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2008/12/04 17:27:48 | 000,016,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\APPDRV.SYS
[2008/12/04 17:27:06 | 000,356,352 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2008/12/04 17:12:26 | 000,107,464 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2008/12/03 07:18:26 | 000,077,824 | ---- | C] () -- C:\WINDOWS\setpwr32.exe
[2008/12/03 07:18:25 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2008/12/03 07:17:57 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/12/03 07:17:57 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008/12/03 07:17:57 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/12/03 07:17:55 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/12/03 07:17:54 | 001,478,656 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/12/03 07:17:54 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008/12/03 07:17:51 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008/12/03 07:17:51 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008/12/03 07:16:00 | 000,001,118 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2004/08/10 13:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 13:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 13:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 13:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 12:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 12:57:15 | 000,159,544 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 12:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 12:51:20 | 000,443,456 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 12:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 12:51:20 | 000,072,556 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 12:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 12:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 12:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 12:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 12:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 12:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 12:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 12:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:7631EA83

< End of report >


Here is the OTL extra report:








OTL Extras logfile created on: 2/9/2012 10:06:42 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Mike\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.57 Gb Available Physical Memory | 28.48% Memory free
3.85 Gb Paging File | 2.34 Gb Available in Paging File | 60.94% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146.50 Gb Total Space | 64.05 Gb Free Space | 43.72% Space Free | Partition Type: NTFS

Computer Name: DG3LMZF1 | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"C:\Program Files\MySpace\IM\MySpaceIM.exe" = C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpaceIM
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{0D917C5F-1CF9-42E0-899F-78AC10576405}" = First Step Guide
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{10964A8F-21C1-45EA-BC2D-F84B505C3848}" = H&R Block Deluxe + Efile + State 2010
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}" = Picture Package
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java™ 6 Update 23
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{294EAADF-E50F-4DD8-AD8D-19587EA10512}" = Modem Diagnostic Tool
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{32C32B46-41C3-438F-94F6-55FE150D50D8}" = ImageMixer EasyStepDVD
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3ACF01A1-0361-49B5-AD98-E9CD93710464}" = H&R Block Oklahoma 2009
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{511B0D26-0613-47B8-AFAA-A6D6939CFE3C}" = TaxCut Oklahoma 2008
"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService
"{53A19323-917A-4822-B27E-A57D1EF6E9FC}" = H&R Block Deluxe + Efile + State 2009
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{829CD169-E692-48E8-9BDE-A3E8D8B65538}" = mSCfg
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83ECCA42-10B8-459E-A7FD-5A43C4A046C4}" = H&R Block Oklahoma 2010
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A360821C-6B51-4EE4-A7E5-5E14B15004CD}" = Sony DVD Handycam USB Driver 2
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.4
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B208806F-A231-4FA0-AB3F-5C1B8979223E}" = Microsoft ActiveSync 4.0
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4B338BD-4C93-4531-B5BB-7F0E5EB7340B}" =
"{BBB33AD6-BCF7-4002-B6A0-6DC679AE5C18}" = TaxCut Premium + State + Efile 2008
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Picture Package Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1B5E9C8-4CCF-44E3-87D6-7C00D7DA5370}" = IntelliSonic Speech Enhancement
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = VideoStudio
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Audacity_is1" = Audacity 1.2.6
"AVG8Uninstall" = AVG 8.5
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"DVDneXtCOPY" = DVDneXtCOPY
"EPSON Printer and Utilities" = EPSON Printer Software
"Google Updater" = Google Updater
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Indeo® software" = Indeo® software
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = Ulead VideoStudio 11
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.25)" = Mozilla Firefox (3.6.25)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Pdf995" = Pdf995 (installed by TaxCut)
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"ProInst" = Intel® PROSet/Wireless Software
"Puran Defrag_is1" = Puran Defrag 7.1
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"SAMSUNG Mobile Modem V2" = SAMSUNG Mobile Modem V2 Software
"SynTPDeinstKey" = Dell Touchpad
"TomTom HOME" = TomTom HOME 2.8.0.2146
"V3.2_is1" = File Scavenger 3.2
"VCW VicMan's Photo Editor_is1" = VCW VicMan's Photo Editor 8.1
"Web Photo Album_is1" = Web Photo Album 1.1
"WIC" = Windows Imaging Component
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows XP Service Pack" = Windows XP Service Pack 3
"Zero Assumption Recovery_is1" = Zero Assumption Recovery Version 9

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/4/2012 3:27:09 AM | Computer Name = DG3LMZF1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 62547

Error - 2/6/2012 1:14:50 AM | Computer Name = DG3LMZF1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2/6/2012 1:14:51 AM | Computer Name = DG3LMZF1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15547

Error - 2/6/2012 1:14:51 AM | Computer Name = DG3LMZF1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15547

Error - 2/7/2012 12:30:41 AM | Computer Name = DG3LMZF1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2/7/2012 12:30:41 AM | Computer Name = DG3LMZF1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 16125

Error - 2/7/2012 12:30:41 AM | Computer Name = DG3LMZF1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 16125

Error - 2/7/2012 2:16:21 AM | Computer Name = DG3LMZF1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2/7/2012 2:16:21 AM | Computer Name = DG3LMZF1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15500

Error - 2/7/2012 2:16:21 AM | Computer Name = DG3LMZF1 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15500

[ System Events ]
Error - 2/10/2012 12:11:44 AM | Computer Name = DG3LMZF1 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 2/10/2012 12:11:49 AM | Computer Name = DG3LMZF1 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 2/10/2012 12:12:21 AM | Computer Name = DG3LMZF1 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 2/10/2012 12:12:26 AM | Computer Name = DG3LMZF1 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 2/10/2012 12:12:30 AM | Computer Name = DG3LMZF1 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 2/10/2012 12:12:35 AM | Computer Name = DG3LMZF1 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 2/10/2012 12:12:41 AM | Computer Name = DG3LMZF1 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 2/10/2012 12:12:46 AM | Computer Name = DG3LMZF1 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 2/10/2012 12:12:51 AM | Computer Name = DG3LMZF1 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 2/10/2012 12:12:56 AM | Computer Name = DG3LMZF1 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.


< End of report >

Attached Thumbnails

  • task.jpg

  • 0

Advertisements

#2
Render
Posted 13 February 2012 - 07:07 PM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Hi and welcome to GeeksToGo! Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out :)

It may well be worth you printing/saving the instructions throughout the fix, so you have them to hand just in case you are unable to access this site.

Please note:
  • Remember to post your logs, not attach them. So, any logs from any programs we run, should be just 'copied & pasted' into your reply.
  • Please only run the tools that I request. I know malware can be frustrating but running other tools in the meantime and between posts, only makes it harder for us to analyse and fix your PC in the long run.
  • Please subscribe to this topic if you have not already done so. Please check back just in case, as the email system can fail at times.
  • Just because your machine is running better does not mean it is completely cleaned. Please wait for the 'all clear' from me to say when we are done.
  • Please reply within 3 days to be fair to other people asking for help.
  • Please tell me if you have your original Windows CD/DVD available
  • When in doubt, please stop and ask first. There's no harm in asking questions!

If you have since resolved the original problem you were having, I would appreciate you letting me know. If not please perform the following steps below so I can have a look at the current condition of your machine.

Error - 2/10/2012 12:11:44 AM | Computer Name = DG3LMZF1 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

It look like your HD is dying. But try to do this first:

  • Please download aswMBR.exe to your desktop.
  • Double click the aswMBR.exe to run it.

    Posted Image
  • When asked if you want to download Avast's virus definitions please select Yes.
  • Click the Scan button to start scan.

    Posted Image
  • On completion of the scan click Save log, save it to your desktop and post in your next reply.
  • Also on Desktop there should be a file called MBR.dat after that, zip it and then attach it here

How to add an attachment to a new topic or reply
  • 0

#3
mcbassin
Posted 14 February 2012 - 03:30 PM

mcbassin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-13 22:54:41
-----------------------------
22:54:41.271 OS Version: Windows 5.1.2600 Service Pack 3
22:54:41.271 Number of processors: 2 586 0xF0D
22:54:41.271 ComputerName: DG3LMZF1 UserName: Mike
22:54:55.255 Initialze error C000010E - driver not loaded
22:54:55.349 write error "aswCmnB.dll". The process cannot access the file because it is being used by another process.
22:55:03.864 AVAST engine defs: 12021302
22:55:11.239 Service scanning
22:55:13.161 Modules scanning
22:55:13.161 Disk 0 trace - called modules:
22:55:13.161
22:55:14.036 AVAST engine scan C:\WINDOWS
22:55:33.802 AVAST engine scan C:\WINDOWS\system32
22:59:00.380 AVAST engine scan C:\WINDOWS\system32\drivers
22:59:01.286 File: C:\WINDOWS\system32\drivers\APPDRV.SYS **INFECTED** Win32:Alureon-FZ
22:59:19.099 AVAST engine scan C:\Documents and Settings\Mike
23:22:20.114 AVAST engine scan C:\Documents and Settings\All Users
23:23:16.005 Scan finished successfully
15:18:23.171 The log file has been saved successfully to "C:\Documents and Settings\Mike\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-13 22:54:41
-----------------------------
22:54:41.271 OS Version: Windows 5.1.2600 Service Pack 3
22:54:41.271 Number of processors: 2 586 0xF0D
22:54:41.271 ComputerName: DG3LMZF1 UserName: Mike
22:54:55.255 Initialze error C000010E - driver not loaded
22:54:55.349 write error "aswCmnB.dll". The process cannot access the file because it is being used by another process.
22:55:03.864 AVAST engine defs: 12021302
22:55:11.239 Service scanning
22:55:13.161 Modules scanning
22:55:13.161 Disk 0 trace - called modules:
22:55:13.161
22:55:14.036 AVAST engine scan C:\WINDOWS
22:55:33.802 AVAST engine scan C:\WINDOWS\system32
22:59:00.380 AVAST engine scan C:\WINDOWS\system32\drivers
22:59:01.286 File: C:\WINDOWS\system32\drivers\APPDRV.SYS **INFECTED** Win32:Alureon-FZ
22:59:19.099 AVAST engine scan C:\Documents and Settings\Mike
23:22:20.114 AVAST engine scan C:\Documents and Settings\All Users
23:23:16.005 Scan finished successfully
15:18:23.171 The log file has been saved successfully to "C:\Documents and Settings\Mike\Desktop\aswMBR.txt"


I can't find the mbr.dat file on the desktop
  • 0

#4
Render
Posted 14 February 2012 - 04:28 PM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK button.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt".
Please copy and paste its contents on your next reply.
  • 0

#5
mcbassin
Posted 14 February 2012 - 10:19 PM

mcbassin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
22:13:25.0578 1548 TDSS rootkit removing tool 2.7.12.0 Feb 11 2012 16:58:52
22:13:26.0171 1548 ============================================================
22:13:26.0171 1548 Current date / time: 2012/02/14 22:13:26.0171
22:13:26.0171 1548 SystemInfo:
22:13:26.0171 1548
22:13:26.0171 1548 OS Version: 5.1.2600 ServicePack: 3.0
22:13:26.0171 1548 Product type: Workstation
22:13:26.0171 1548 ComputerName: DG3LMZF1
22:13:26.0171 1548 UserName: Mike
22:13:26.0171 1548 Windows directory: C:\WINDOWS
22:13:26.0171 1548 System windows directory: C:\WINDOWS
22:13:26.0171 1548 Processor architecture: Intel x86
22:13:26.0171 1548 Number of processors: 2
22:13:26.0171 1548 Page size: 0x1000
22:13:26.0171 1548 Boot type: Normal boot
22:13:26.0171 1548 ============================================================
22:13:29.0546 1548 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:13:29.0546 1548 \Device\Harddisk0\DR0:
22:13:29.0546 1548 MBR used
22:13:29.0546 1548 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x124FE9B4
22:13:29.0656 1548 Initialize success
22:13:29.0656 1548 ============================================================
22:13:39.0671 2724 ============================================================
22:13:39.0671 2724 Scan started
22:13:39.0671 2724 Mode: Manual; SigCheck; TDLFS;
22:13:39.0671 2724 ============================================================
22:13:40.0437 2724 Abiosdsk - ok
22:13:40.0531 2724 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
22:13:43.0625 2724 abp480n5 - ok
22:13:43.0796 2724 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:13:44.0031 2724 ACPI - ok
22:13:44.0109 2724 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:13:44.0281 2724 ACPIEC - ok
22:13:44.0343 2724 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
22:13:44.0531 2724 adpu160m - ok
22:13:44.0687 2724 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:13:44.0828 2724 aec - ok
22:13:44.0953 2724 AegisP (a1ad1a4a9f18d900ca9c93fa3efdcb56) C:\WINDOWS\system32\DRIVERS\AegisP.sys
22:13:45.0062 2724 AegisP - ok
22:13:45.0171 2724 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:13:45.0343 2724 AFD - ok
22:13:45.0500 2724 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
22:13:45.0765 2724 agp440 - ok
22:13:45.0828 2724 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
22:13:46.0000 2724 agpCPQ - ok
22:13:46.0093 2724 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
22:13:46.0187 2724 Aha154x - ok
22:13:46.0250 2724 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
22:13:46.0406 2724 aic78u2 - ok
22:13:46.0453 2724 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
22:13:47.0406 2724 aic78xx - ok
22:13:47.0515 2724 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
22:13:47.0765 2724 AliIde - ok
22:13:47.0890 2724 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
22:13:48.0031 2724 alim1541 - ok
22:13:48.0078 2724 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
22:13:48.0265 2724 amdagp - ok
22:13:48.0312 2724 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
22:13:48.0453 2724 amsint - ok
22:13:48.0593 2724 APPDRV (18cc6b8dbb55118d363b98dede0daa32) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
22:13:48.0640 2724 APPDRV ( UnsignedFile.Multi.Generic ) - warning
22:13:48.0640 2724 APPDRV - detected UnsignedFile.Multi.Generic (1)
22:13:48.0765 2724 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:13:49.0015 2724 Arp1394 - ok
22:13:49.0171 2724 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
22:13:49.0343 2724 asc - ok
22:13:49.0406 2724 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
22:13:49.0515 2724 asc3350p - ok
22:13:49.0562 2724 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
22:13:49.0796 2724 asc3550 - ok
22:13:49.0859 2724 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:13:50.0062 2724 AsyncMac - ok
22:13:50.0203 2724 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:13:50.0343 2724 atapi - ok
22:13:50.0437 2724 Atdisk - ok
22:13:50.0500 2724 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:13:50.0656 2724 Atmarpc - ok
22:13:50.0781 2724 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:13:51.0046 2724 audstub - ok
22:13:51.0187 2724 AvgLdx86 (bc12f2404bb6f2b6b2ff3c4c246cb752) C:\WINDOWS\System32\Drivers\avgldx86.sys
22:13:51.0531 2724 AvgLdx86 - ok
22:13:51.0640 2724 AvgMfx86 (5903d729d4f0c5bca74123c96a1b29e0) C:\WINDOWS\System32\Drivers\avgmfx86.sys
22:13:51.0687 2724 AvgMfx86 - ok
22:13:51.0796 2724 AvgRkx86 (94a16f829b1456237b7f929198ce2807) C:\WINDOWS\system32\Drivers\avgrkx86.sys
22:13:51.0843 2724 AvgRkx86 - ok
22:13:51.0921 2724 AvgTdiX (92d8e1e8502e649b60e70074eb29c380) C:\WINDOWS\System32\Drivers\avgtdix.sys
22:13:51.0968 2724 AvgTdiX - ok
22:13:52.0062 2724 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
22:13:52.0218 2724 bcm4sbxp - ok
22:13:52.0296 2724 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:13:52.0562 2724 Beep - ok
22:13:52.0671 2724 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
22:13:52.0828 2724 cbidf - ok
22:13:52.0890 2724 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:13:53.0031 2724 cbidf2k - ok
22:13:53.0125 2724 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
22:13:53.0234 2724 cd20xrnt - ok
22:13:53.0390 2724 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:13:53.0578 2724 Cdaudio - ok
22:13:53.0781 2724 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:13:54.0000 2724 Cdfs - ok
22:13:54.0062 2724 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:13:54.0234 2724 Cdrom - ok
22:13:54.0265 2724 Changer - ok
22:13:54.0296 2724 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
22:13:54.0468 2724 CmBatt - ok
22:13:54.0546 2724 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
22:13:54.0703 2724 CmdIde - ok
22:13:54.0781 2724 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:13:54.0921 2724 Compbatt - ok
22:13:54.0968 2724 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
22:13:55.0125 2724 Cpqarray - ok
22:13:55.0171 2724 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
22:13:55.0328 2724 dac2w2k - ok
22:13:55.0343 2724 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
22:13:55.0500 2724 dac960nt - ok
22:13:55.0625 2724 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:13:55.0765 2724 Disk - ok
22:13:55.0875 2724 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:13:56.0062 2724 dmboot - ok
22:13:56.0171 2724 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:13:56.0343 2724 dmio - ok
22:13:56.0437 2724 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:13:56.0671 2724 dmload - ok
22:13:56.0812 2724 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:13:56.0968 2724 DMusic - ok
22:13:57.0156 2724 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
22:13:57.0296 2724 dpti2o - ok
22:13:57.0343 2724 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:13:57.0500 2724 drmkaud - ok
22:13:57.0625 2724 DXEC02 (0c8762b91b967a91373e0e022b62acfc) C:\WINDOWS\system32\drivers\dxec02.sys
22:13:57.0687 2724 DXEC02 ( UnsignedFile.Multi.Generic ) - warning
22:13:57.0687 2724 DXEC02 - detected UnsignedFile.Multi.Generic (1)
22:13:57.0781 2724 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
22:13:57.0937 2724 E100B - ok
22:13:58.0046 2724 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:13:58.0234 2724 Fastfat - ok
22:13:58.0265 2724 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:13:58.0421 2724 Fdc - ok
22:13:58.0453 2724 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:13:58.0671 2724 Fips - ok
22:13:58.0687 2724 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:13:58.0875 2724 Flpydisk - ok
22:13:58.0953 2724 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:13:59.0093 2724 FltMgr - ok
22:13:59.0140 2724 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:13:59.0296 2724 Fs_Rec - ok
22:13:59.0453 2724 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:13:59.0656 2724 Ftdisk - ok
22:13:59.0812 2724 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:13:59.0828 2724 GEARAspiWDM - ok
22:13:59.0953 2724 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:14:00.0156 2724 Gpc - ok
22:14:00.0312 2724 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:14:00.0562 2724 HDAudBus - ok
22:14:00.0671 2724 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:14:00.0812 2724 HidUsb - ok
22:14:00.0937 2724 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
22:14:01.0078 2724 hpn - ok
22:14:01.0218 2724 HSFHWAZL (290cdbb05903742ea06b7203c5a662f5) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
22:14:01.0296 2724 HSFHWAZL - ok
22:14:01.0406 2724 HSF_DPV (7ab812355f98858b9ecdd46e6fcc221f) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
22:14:01.0578 2724 HSF_DPV - ok
22:14:01.0734 2724 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:14:01.0843 2724 HTTP - ok
22:14:01.0968 2724 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
22:14:02.0218 2724 i2omgmt - ok
22:14:02.0343 2724 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
22:14:02.0500 2724 i2omp - ok
22:14:02.0578 2724 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:14:02.0734 2724 i8042prt - ok
22:14:02.0828 2724 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\WINDOWS\system32\drivers\iaStor.sys
22:14:02.0859 2724 iaStor - ok
22:14:02.0906 2724 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:14:03.0125 2724 Imapi - ok
22:14:03.0234 2724 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
22:14:03.0406 2724 ini910u - ok
22:14:03.0546 2724 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
22:14:03.0687 2724 IntelIde - ok
22:14:03.0812 2724 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:14:03.0953 2724 intelppm - ok
22:14:04.0031 2724 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:14:04.0171 2724 Ip6Fw - ok
22:14:04.0265 2724 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:14:04.0421 2724 IpFilterDriver - ok
22:14:04.0515 2724 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:14:04.0656 2724 IpInIp - ok
22:14:04.0796 2724 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:14:04.0968 2724 IpNat - ok
22:14:05.0015 2724 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:14:05.0203 2724 IPSec - ok
22:14:05.0296 2724 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:14:05.0531 2724 IRENUM - ok
22:14:05.0609 2724 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:14:05.0734 2724 isapnp - ok
22:14:05.0906 2724 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:14:06.0093 2724 Kbdclass - ok
22:14:06.0218 2724 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:14:06.0406 2724 kmixer - ok
22:14:06.0437 2724 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:14:07.0328 2724 KSecDD - ok
22:14:07.0437 2724 lbrtfdc - ok
22:14:07.0562 2724 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:14:07.0640 2724 mdmxsdk - ok
22:14:07.0718 2724 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:14:07.0968 2724 mnmdd - ok
22:14:08.0109 2724 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:14:08.0265 2724 Modem - ok
22:14:08.0328 2724 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:14:08.0500 2724 Mouclass - ok
22:14:08.0718 2724 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:14:08.0921 2724 MountMgr - ok
22:14:09.0000 2724 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
22:14:09.0187 2724 mraid35x - ok
22:14:09.0234 2724 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:14:09.0406 2724 MRxDAV - ok
22:14:09.0515 2724 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:14:09.0718 2724 MRxSmb - ok
22:14:09.0875 2724 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:14:10.0093 2724 Msfs - ok
22:14:10.0171 2724 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:14:10.0328 2724 MSKSSRV - ok
22:14:10.0421 2724 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:14:10.0578 2724 MSPCLOCK - ok
22:14:10.0671 2724 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:14:10.0859 2724 MSPQM - ok
22:14:11.0062 2724 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:14:11.0234 2724 mssmbios - ok
22:14:11.0328 2724 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:14:11.0500 2724 Mup - ok
22:14:11.0625 2724 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:14:11.0812 2724 NDIS - ok
22:14:12.0031 2724 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:14:12.0093 2724 NdisTapi - ok
22:14:12.0203 2724 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:14:12.0437 2724 Ndisuio - ok
22:14:12.0500 2724 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:14:12.0640 2724 NdisWan - ok
22:14:12.0718 2724 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:14:12.0875 2724 NDProxy - ok
22:14:13.0078 2724 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:14:13.0343 2724 NetBIOS - ok
22:14:13.0515 2724 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:14:13.0671 2724 NetBT - ok
22:14:13.0828 2724 NETw4x32 (b5ab1108b377b5f3d37409fabda01453) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
22:14:14.0125 2724 NETw4x32 - ok
22:14:14.0250 2724 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:14:14.0531 2724 NIC1394 - ok
22:14:14.0625 2724 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:14:14.0796 2724 Npfs - ok
22:14:14.0875 2724 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:14:15.0093 2724 Ntfs - ok
22:14:15.0156 2724 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:14:15.0359 2724 Null - ok
22:14:15.0687 2724 nv (218ca6e9470581777e4e186fb05ace3d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:14:16.0484 2724 nv - ok
22:14:16.0609 2724 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:14:16.0781 2724 NwlnkFlt - ok
22:14:16.0843 2724 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:14:17.0031 2724 NwlnkFwd - ok
22:14:17.0156 2724 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:14:17.0328 2724 ohci1394 - ok
22:14:17.0421 2724 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
22:14:17.0609 2724 Parport - ok
22:14:17.0703 2724 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:14:17.0890 2724 PartMgr - ok
22:14:17.0921 2724 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:14:18.0062 2724 ParVdm - ok
22:14:18.0125 2724 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:14:18.0296 2724 PCI - ok
22:14:18.0359 2724 PCIDump - ok
22:14:18.0390 2724 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:14:18.0562 2724 PCIIde - ok
22:14:18.0656 2724 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:14:18.0796 2724 Pcmcia - ok
22:14:18.0890 2724 PDCOMP - ok
22:14:18.0921 2724 PDFRAME - ok
22:14:18.0953 2724 PDRELI - ok
22:14:18.0984 2724 PDRFRAME - ok
22:14:19.0078 2724 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
22:14:19.0234 2724 perc2 - ok
22:14:19.0328 2724 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
22:14:19.0609 2724 perc2hib - ok
22:14:19.0812 2724 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:14:19.0984 2724 PptpMiniport - ok
22:14:20.0015 2724 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:14:20.0187 2724 PSched - ok
22:14:20.0250 2724 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:14:20.0421 2724 Ptilink - ok
22:14:20.0546 2724 PxHelp20 (1962166e0ceb740704f30fa55ad3d509) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:14:20.0593 2724 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
22:14:20.0593 2724 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
22:14:20.0671 2724 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
22:14:20.0828 2724 ql1080 - ok
22:14:21.0000 2724 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
22:14:21.0125 2724 Ql10wnt - ok
22:14:21.0218 2724 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
22:14:21.0375 2724 ql12160 - ok
22:14:21.0437 2724 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
22:14:21.0609 2724 ql1240 - ok
22:14:21.0718 2724 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
22:14:21.0875 2724 ql1280 - ok
22:14:21.0937 2724 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:14:22.0109 2724 RasAcd - ok
22:14:22.0312 2724 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:14:22.0484 2724 Rasl2tp - ok
22:14:22.0531 2724 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:14:22.0703 2724 RasPppoe - ok
22:14:22.0750 2724 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:14:22.0890 2724 Raspti - ok
22:14:22.0906 2724 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:14:23.0078 2724 Rdbss - ok
22:14:23.0093 2724 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:14:23.0234 2724 RDPCDD - ok
22:14:23.0281 2724 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:14:23.0437 2724 rdpdr - ok
22:14:23.0578 2724 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:14:23.0656 2724 RDPWD - ok
22:14:23.0781 2724 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:14:23.0921 2724 redbook - ok
22:14:24.0046 2724 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
22:14:24.0125 2724 rimmptsk - ok
22:14:24.0234 2724 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
22:14:24.0296 2724 rimsptsk - ok
22:14:24.0375 2724 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
22:14:24.0437 2724 rismxdp - ok
22:14:24.0593 2724 s24trans (eadfb87f911a7a75d1b80617f92901e8) C:\WINDOWS\system32\DRIVERS\s24trans.sys
22:14:24.0656 2724 s24trans ( UnsignedFile.Multi.Generic ) - warning
22:14:24.0656 2724 s24trans - detected UnsignedFile.Multi.Generic (1)
22:14:24.0765 2724 s616bus (ef4b5a8d53f15cb269469dd4e4bb0109) C:\WINDOWS\system32\DRIVERS\s616bus.sys
22:14:24.0812 2724 s616bus - ok
22:14:24.0968 2724 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
22:14:25.0203 2724 sdbus - ok
22:14:25.0343 2724 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:14:25.0531 2724 Secdrv - ok
22:14:25.0625 2724 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:14:25.0781 2724 serenum - ok
22:14:25.0843 2724 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
22:14:26.0062 2724 Serial - ok
22:14:26.0187 2724 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
22:14:26.0375 2724 sffdisk - ok
22:14:26.0453 2724 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
22:14:27.0031 2724 sffp_sd - ok
22:14:27.0140 2724 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:14:27.0375 2724 Sfloppy - ok
22:14:27.0437 2724 Simbad - ok
22:14:27.0531 2724 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
22:14:27.0671 2724 sisagp - ok
22:14:27.0812 2724 sonypvd3 (a35c234751ac5cbda631e68ef8b86aac) C:\WINDOWS\system32\DRIVERS\sonypvd3.sys
22:14:27.0859 2724 sonypvd3 ( UnsignedFile.Multi.Generic ) - warning
22:14:27.0859 2724 sonypvd3 - detected UnsignedFile.Multi.Generic (1)
22:14:27.0953 2724 sonypvf3 (f576ee7cc67a9b1e6a0f6a9ec1b1e6ab) C:\WINDOWS\system32\drivers\sonypvf3.sys
22:14:28.0046 2724 sonypvf3 ( UnsignedFile.Multi.Generic ) - warning
22:14:28.0046 2724 sonypvf3 - detected UnsignedFile.Multi.Generic (1)
22:14:28.0156 2724 sonypvl3 (747fab4fd4ddf34aea347fea82f0b529) C:\WINDOWS\system32\drivers\sonypvl3.sys
22:14:28.0218 2724 sonypvl3 ( UnsignedFile.Multi.Generic ) - warning
22:14:28.0218 2724 sonypvl3 - detected UnsignedFile.Multi.Generic (1)
22:14:28.0296 2724 sonypvt3 (6db72277b2d0db32d6b4a3882e966a97) C:\WINDOWS\system32\drivers\sonypvt3.sys
22:14:28.0406 2724 sonypvt3 ( UnsignedFile.Multi.Generic ) - warning
22:14:28.0406 2724 sonypvt3 - detected UnsignedFile.Multi.Generic (1)
22:14:28.0531 2724 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
22:14:28.0781 2724 SONYPVU1 - ok
22:14:28.0875 2724 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
22:14:28.0968 2724 Sparrow - ok
22:14:29.0125 2724 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:14:29.0281 2724 splitter - ok
22:14:29.0343 2724 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:14:29.0609 2724 sr - ok
22:14:29.0750 2724 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:14:29.0875 2724 Srv - ok
22:14:30.0000 2724 sscebus (29ae754f4e9dcc08dcfd4aef07375d52) C:\WINDOWS\system32\DRIVERS\sscebus.sys
22:14:30.0015 2724 sscebus - ok
22:14:30.0140 2724 sscemdfl (48de57f9c5a7f39ec3ea5cfbf163b811) C:\WINDOWS\system32\DRIVERS\sscemdfl.sys
22:14:30.0187 2724 sscemdfl - ok
22:14:30.0296 2724 sscemdm (600d634c721e57e4b89d3dfdd381cdb7) C:\WINDOWS\system32\DRIVERS\sscemdm.sys
22:14:30.0343 2724 sscemdm - ok
22:14:30.0531 2724 STHDA (58f855684e163466a5c565adf0865536) C:\WINDOWS\system32\drivers\sthda.sys
22:14:30.0734 2724 STHDA - ok
22:14:30.0906 2724 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:14:31.0187 2724 swenum - ok
22:14:31.0265 2724 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:14:31.0421 2724 swmidi - ok
22:14:31.0546 2724 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
22:14:31.0687 2724 symc810 - ok
22:14:31.0796 2724 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
22:14:31.0984 2724 symc8xx - ok
22:14:32.0093 2724 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
22:14:32.0281 2724 sym_hi - ok
22:14:32.0375 2724 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
22:14:32.0578 2724 sym_u3 - ok
22:14:32.0656 2724 SynTP (936cd58395d36659bb798b961ef7357f) C:\WINDOWS\system32\DRIVERS\SynTP.sys
22:14:32.0734 2724 SynTP - ok
22:14:32.0875 2724 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:14:33.0046 2724 sysaudio - ok
22:14:33.0187 2724 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:14:33.0375 2724 Tcpip - ok
22:14:33.0546 2724 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:14:33.0765 2724 TDPIPE - ok
22:14:33.0843 2724 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:14:34.0000 2724 TDTCP - ok
22:14:34.0046 2724 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:14:34.0187 2724 TermDD - ok
22:14:34.0234 2724 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
22:14:34.0390 2724 TosIde - ok
22:14:34.0453 2724 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:14:34.0625 2724 Udfs - ok
22:14:34.0656 2724 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
22:14:34.0765 2724 ultra - ok
22:14:34.0921 2724 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:14:35.0109 2724 Update - ok
22:14:35.0250 2724 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
22:14:35.0343 2724 USBAAPL - ok
22:14:35.0453 2724 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:14:35.0687 2724 usbccgp - ok
22:14:35.0781 2724 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:14:35.0937 2724 usbehci - ok
22:14:36.0093 2724 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:14:36.0234 2724 usbhub - ok
22:14:36.0359 2724 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:14:36.0546 2724 usbprint - ok
22:14:37.0000 2724 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:14:37.0281 2724 usbscan - ok
22:14:37.0390 2724 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:14:37.0640 2724 USBSTOR - ok
22:14:37.0781 2724 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:14:37.0921 2724 usbuhci - ok
22:14:38.0031 2724 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
22:14:38.0171 2724 usb_rndisx - ok
22:14:38.0328 2724 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:14:39.0000 2724 VgaSave - ok
22:14:39.0187 2724 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
22:14:39.0359 2724 viaagp - ok
22:14:39.0468 2724 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
22:14:39.0640 2724 ViaIde - ok
22:14:39.0718 2724 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:14:39.0890 2724 VolSnap - ok
22:14:40.0015 2724 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:14:40.0203 2724 Wanarp - ok
22:14:40.0328 2724 WDICA - ok
22:14:40.0375 2724 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:14:40.0546 2724 wdmaud - ok
22:14:40.0703 2724 winachsf (a8596cf86d445269a42ecc08b7066a4c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
22:14:40.0781 2724 winachsf - ok
22:14:40.0921 2724 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
22:14:41.0125 2724 WmiAcpi - ok
22:14:41.0218 2724 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
22:14:41.0515 2724 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
22:14:41.0531 2724 \Device\Harddisk0\DR0 - detected TDSS File System (1)
22:14:41.0562 2724 Boot (0x1200) (02b4cb0f54113a343e249a29581725e8) \Device\Harddisk0\DR0\Partition0
22:14:41.0562 2724 \Device\Harddisk0\DR0\Partition0 - ok
22:14:41.0578 2724 ============================================================
22:14:41.0578 2724 Scan finished
22:14:41.0578 2724 ============================================================
22:14:41.0687 2676 Detected object count: 9
22:14:41.0687 2676 Actual detected object count: 9
22:16:08.0390 2676 APPDRV ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:08.0390 2676 APPDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:08.0390 2676 DXEC02 ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:08.0390 2676 DXEC02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:08.0390 2676 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:08.0390 2676 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:08.0390 2676 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:08.0390 2676 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:08.0406 2676 sonypvd3 ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:08.0406 2676 sonypvd3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:08.0406 2676 sonypvf3 ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:08.0406 2676 sonypvf3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:08.0406 2676 sonypvl3 ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:08.0406 2676 sonypvl3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:08.0406 2676 sonypvt3 ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:08.0406 2676 sonypvt3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:16:08.0406 2676 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
22:16:08.0406 2676 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
22:16:24.0046 0260 ============================================================
22:16:24.0046 0260 Scan started
22:16:24.0046 0260 Mode: Manual; SigCheck; TDLFS;
22:16:24.0046 0260 ============================================================
22:16:24.0812 0260 Abiosdsk - ok
22:16:24.0906 0260 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
22:16:25.0171 0260 abp480n5 - ok
22:16:25.0312 0260 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:16:25.0546 0260 ACPI - ok
22:16:25.0656 0260 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:16:25.0812 0260 ACPIEC - ok
22:16:25.0953 0260 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
22:16:26.0109 0260 adpu160m - ok
22:16:26.0156 0260 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:16:26.0312 0260 aec - ok
22:16:26.0437 0260 AegisP (a1ad1a4a9f18d900ca9c93fa3efdcb56) C:\WINDOWS\system32\DRIVERS\AegisP.sys
22:16:26.0484 0260 AegisP - ok
22:16:26.0609 0260 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:16:26.0656 0260 AFD - ok
22:16:26.0812 0260 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
22:16:27.0031 0260 agp440 - ok
22:16:27.0109 0260 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
22:16:27.0234 0260 agpCPQ - ok
22:16:27.0296 0260 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
22:16:27.0406 0260 Aha154x - ok
22:16:27.0468 0260 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
22:16:27.0593 0260 aic78u2 - ok
22:16:27.0640 0260 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
22:16:27.0796 0260 aic78xx - ok
22:16:27.0859 0260 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
22:16:28.0031 0260 AliIde - ok
22:16:28.0093 0260 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
22:16:28.0250 0260 alim1541 - ok
22:16:28.0328 0260 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
22:16:28.0484 0260 amdagp - ok
22:16:28.0609 0260 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
22:16:28.0718 0260 amsint - ok
22:16:28.0843 0260 APPDRV (18cc6b8dbb55118d363b98dede0daa32) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
22:16:28.0890 0260 APPDRV ( UnsignedFile.Multi.Generic ) - warning
22:16:28.0890 0260 APPDRV - detected UnsignedFile.Multi.Generic (1)
22:16:29.0015 0260 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:16:29.0218 0260 Arp1394 - ok
22:16:29.0250 0260 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
22:16:29.0406 0260 asc - ok
22:16:29.0500 0260 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
22:16:29.0593 0260 asc3350p - ok
22:16:29.0734 0260 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
22:16:29.0953 0260 asc3550 - ok
22:16:30.0031 0260 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:16:30.0203 0260 AsyncMac - ok
22:16:30.0265 0260 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:16:30.0390 0260 atapi - ok
22:16:30.0468 0260 Atdisk - ok
22:16:30.0562 0260 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:16:30.0734 0260 Atmarpc - ok
22:16:30.0828 0260 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:16:31.0015 0260 audstub - ok
22:16:31.0171 0260 AvgLdx86 (bc12f2404bb6f2b6b2ff3c4c246cb752) C:\WINDOWS\System32\Drivers\avgldx86.sys
22:16:31.0203 0260 AvgLdx86 - ok
22:16:31.0281 0260 AvgMfx86 (5903d729d4f0c5bca74123c96a1b29e0) C:\WINDOWS\System32\Drivers\avgmfx86.sys
22:16:31.0296 0260 AvgMfx86 - ok
22:16:31.0359 0260 AvgRkx86 (94a16f829b1456237b7f929198ce2807) C:\WINDOWS\system32\Drivers\avgrkx86.sys
22:16:31.0375 0260 AvgRkx86 - ok
22:16:31.0453 0260 AvgTdiX (92d8e1e8502e649b60e70074eb29c380) C:\WINDOWS\System32\Drivers\avgtdix.sys
22:16:31.0453 0260 AvgTdiX - ok
22:16:31.0562 0260 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
22:16:31.0953 0260 bcm4sbxp - ok
22:16:32.0046 0260 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:16:32.0296 0260 Beep - ok
22:16:32.0390 0260 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
22:16:32.0531 0260 cbidf - ok
22:16:32.0578 0260 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:16:32.0703 0260 cbidf2k - ok
22:16:32.0781 0260 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
22:16:32.0859 0260 cd20xrnt - ok
22:16:32.0906 0260 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:16:33.0062 0260 Cdaudio - ok
22:16:33.0187 0260 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:16:33.0343 0260 Cdfs - ok
22:16:33.0437 0260 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:16:33.0562 0260 Cdrom - ok
22:16:33.0609 0260 Changer - ok
22:16:33.0656 0260 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
22:16:33.0890 0260 CmBatt - ok
22:16:34.0000 0260 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
22:16:34.0140 0260 CmdIde - ok
22:16:34.0203 0260 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:16:34.0359 0260 Compbatt - ok
22:16:34.0468 0260 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
22:16:34.0656 0260 Cpqarray - ok
22:16:34.0765 0260 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
22:16:34.0937 0260 dac2w2k - ok
22:16:35.0046 0260 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
22:16:35.0218 0260 dac960nt - ok
22:16:35.0562 0260 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:16:35.0734 0260 Disk - ok
22:16:35.0828 0260 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:16:36.0125 0260 dmboot - ok
22:16:36.0234 0260 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:16:36.0390 0260 dmio - ok
22:16:36.0515 0260 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:16:36.0687 0260 dmload - ok
22:16:36.0812 0260 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:16:37.0015 0260 DMusic - ok
22:16:37.0109 0260 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
22:16:37.0234 0260 dpti2o - ok
22:16:37.0312 0260 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:16:37.0437 0260 drmkaud - ok
22:16:37.0625 0260 DXEC02 (0c8762b91b967a91373e0e022b62acfc) C:\WINDOWS\system32\drivers\dxec02.sys
22:16:37.0656 0260 DXEC02 ( UnsignedFile.Multi.Generic ) - warning
22:16:37.0656 0260 DXEC02 - detected UnsignedFile.Multi.Generic (1)
22:16:37.0750 0260 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
22:16:37.0875 0260 E100B - ok
22:16:37.0953 0260 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:16:38.0187 0260 Fastfat - ok
22:16:38.0218 0260 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:16:38.0359 0260 Fdc - ok
22:16:38.0390 0260 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:16:38.0562 0260 Fips - ok
22:16:38.0703 0260 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:16:38.0890 0260 Flpydisk - ok
22:16:38.0953 0260 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:16:39.0109 0260 FltMgr - ok
22:16:39.0140 0260 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:16:39.0312 0260 Fs_Rec - ok
22:16:39.0421 0260 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:16:39.0578 0260 Ftdisk - ok
22:16:39.0656 0260 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:16:39.0656 0260 GEARAspiWDM - ok
22:16:39.0765 0260 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:16:40.0000 0260 Gpc - ok
22:16:40.0078 0260 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:16:40.0250 0260 HDAudBus - ok
22:16:40.0328 0260 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:16:40.0484 0260 HidUsb - ok
22:16:40.0593 0260 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
22:16:40.0750 0260 hpn - ok
22:16:40.0890 0260 HSFHWAZL (290cdbb05903742ea06b7203c5a662f5) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
22:16:40.0937 0260 HSFHWAZL - ok
22:16:41.0109 0260 HSF_DPV (7ab812355f98858b9ecdd46e6fcc221f) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
22:16:41.0187 0260 HSF_DPV - ok
22:16:41.0328 0260 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:16:41.0390 0260 HTTP - ok
22:16:41.0515 0260 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
22:16:42.0062 0260 i2omgmt - ok
22:16:42.0203 0260 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
22:16:42.0421 0260 i2omp - ok
22:16:42.0500 0260 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:16:42.0656 0260 i8042prt - ok
22:16:42.0734 0260 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\WINDOWS\system32\drivers\iaStor.sys
22:16:42.0750 0260 iaStor - ok
22:16:42.0828 0260 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:16:43.0031 0260 Imapi - ok
22:16:43.0140 0260 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
22:16:43.0343 0260 ini910u - ok
22:16:43.0437 0260 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
22:16:43.0578 0260 IntelIde - ok
22:16:43.0718 0260 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:16:43.0843 0260 intelppm - ok
22:16:43.0921 0260 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:16:44.0093 0260 Ip6Fw - ok
22:16:44.0187 0260 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:16:44.0359 0260 IpFilterDriver - ok
22:16:44.0453 0260 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:16:44.0593 0260 IpInIp - ok
22:16:44.0718 0260 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:16:44.0875 0260 IpNat - ok
22:16:44.0984 0260 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:16:45.0140 0260 IPSec - ok
22:16:45.0234 0260 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:16:45.0437 0260 IRENUM - ok
22:16:45.0500 0260 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:16:45.0625 0260 isapnp - ok
22:16:45.0671 0260 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:16:45.0828 0260 Kbdclass - ok
22:16:45.0968 0260 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:16:46.0156 0260 kmixer - ok
22:16:46.0281 0260 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:16:46.0296 0260 KSecDD - ok
22:16:46.0359 0260 lbrtfdc - ok
22:16:46.0484 0260 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:16:46.0562 0260 mdmxsdk - ok
22:16:46.0625 0260 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:16:46.0859 0260 mnmdd - ok
22:16:46.0984 0260 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:16:47.0140 0260 Modem - ok
22:16:47.0234 0260 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:16:47.0390 0260 Mouclass - ok
22:16:47.0468 0260 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:16:47.0625 0260 MountMgr - ok
22:16:47.0734 0260 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
22:16:47.0875 0260 mraid35x - ok
22:16:47.0937 0260 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:16:48.0062 0260 MRxDAV - ok
22:16:48.0187 0260 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:16:48.0250 0260 MRxSmb - ok
22:16:48.0421 0260 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:16:48.0562 0260 Msfs - ok
22:16:48.0687 0260 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:16:48.0828 0260 MSKSSRV - ok
22:16:48.0921 0260 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:16:49.0046 0260 MSPCLOCK - ok
22:16:49.0140 0260 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:16:49.0281 0260 MSPQM - ok
22:16:49.0390 0260 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:16:49.0515 0260 mssmbios - ok
22:16:49.0640 0260 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:16:49.0687 0260 Mup - ok
22:16:49.0828 0260 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:16:49.0953 0260 NDIS - ok
22:16:50.0093 0260 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:16:50.0140 0260 NdisTapi - ok
22:16:50.0218 0260 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:16:50.0375 0260 Ndisuio - ok
22:16:50.0421 0260 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:16:50.0578 0260 NdisWan - ok
22:16:50.0671 0260 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:16:50.0718 0260 NDProxy - ok
22:16:50.0843 0260 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:16:50.0968 0260 NetBIOS - ok
22:16:51.0046 0260 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:16:51.0171 0260 NetBT - ok
22:16:51.0343 0260 NETw4x32 (b5ab1108b377b5f3d37409fabda01453) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
22:16:51.0468 0260 NETw4x32 - ok
22:16:51.0531 0260 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:16:51.0687 0260 NIC1394 - ok
22:16:51.0750 0260 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:16:51.0921 0260 Npfs - ok
22:16:52.0000 0260 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:16:52.0171 0260 Ntfs - ok
22:16:52.0281 0260 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:16:52.0468 0260 Null - ok
22:16:52.0796 0260 nv (218ca6e9470581777e4e186fb05ace3d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:16:53.0140 0260 nv - ok
22:16:53.0234 0260 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:16:53.0468 0260 NwlnkFlt - ok
22:16:53.0531 0260 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:16:53.0687 0260 NwlnkFwd - ok
22:16:53.0812 0260 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:16:53.0984 0260 ohci1394 - ok
22:16:54.0109 0260 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
22:16:54.0281 0260 Parport - ok
22:16:54.0343 0260 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:16:54.0546 0260 PartMgr - ok
22:16:54.0625 0260 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:16:54.0812 0260 ParVdm - ok
22:16:54.0875 0260 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:16:55.0062 0260 PCI - ok
22:16:55.0140 0260 PCIDump - ok
22:16:55.0234 0260 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:16:55.0421 0260 PCIIde - ok
22:16:55.0546 0260 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:16:55.0765 0260 Pcmcia - ok
22:16:55.0828 0260 PDCOMP - ok
22:16:55.0859 0260 PDFRAME - ok
22:16:55.0890 0260 PDRELI - ok
22:16:55.0921 0260 PDRFRAME - ok
22:16:56.0015 0260 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
22:16:56.0156 0260 perc2 - ok
22:16:56.0281 0260 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
22:16:56.0390 0260 perc2hib - ok
22:16:56.0531 0260 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:16:57.0000 0260 PptpMiniport - ok
22:16:57.0109 0260 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:16:57.0296 0260 PSched - ok
22:16:57.0359 0260 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:16:57.0593 0260 Ptilink - ok
22:16:57.0734 0260 PxHelp20 (1962166e0ceb740704f30fa55ad3d509) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:16:57.0765 0260 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
22:16:57.0765 0260 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
22:16:57.0875 0260 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
22:16:58.0000 0260 ql1080 - ok
22:16:58.0093 0260 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
22:16:58.0312 0260 Ql10wnt - ok
22:16:58.0406 0260 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
22:16:58.0546 0260 ql12160 - ok
22:16:58.0609 0260 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
22:16:58.0765 0260 ql1240 - ok
22:16:58.0859 0260 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
22:16:59.0046 0260 ql1280 - ok
22:16:59.0109 0260 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:16:59.0265 0260 RasAcd - ok
22:16:59.0359 0260 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:16:59.0546 0260 Rasl2tp - ok
22:16:59.0687 0260 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:16:59.0875 0260 RasPppoe - ok
22:17:00.0000 0260 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:17:00.0187 0260 Raspti - ok
22:17:00.0234 0260 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:17:00.0468 0260 Rdbss - ok
22:17:00.0468 0260 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:17:00.0625 0260 RDPCDD - ok
22:17:00.0656 0260 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:17:00.0796 0260 rdpdr - ok
22:17:00.0859 0260 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:17:00.0859 0260 RDPWD - ok
22:17:01.0000 0260 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:17:01.0156 0260 redbook - ok
22:17:01.0250 0260 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
22:17:01.0296 0260 rimmptsk - ok
22:17:01.0375 0260 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
22:17:01.0421 0260 rimsptsk - ok
22:17:01.0484 0260 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
22:17:01.0546 0260 rismxdp - ok
22:17:01.0687 0260 s24trans (eadfb87f911a7a75d1b80617f92901e8) C:\WINDOWS\system32\DRIVERS\s24trans.sys
22:17:01.0734 0260 s24trans ( UnsignedFile.Multi.Generic ) - warning
22:17:01.0734 0260 s24trans - detected UnsignedFile.Multi.Generic (1)
22:17:01.0843 0260 s616bus (ef4b5a8d53f15cb269469dd4e4bb0109) C:\WINDOWS\system32\DRIVERS\s616bus.sys
22:17:01.0859 0260 s616bus - ok
22:17:02.0015 0260 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
22:17:02.0265 0260 sdbus - ok
22:17:02.0406 0260 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:17:02.0578 0260 Secdrv - ok
22:17:02.0687 0260 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:17:02.0843 0260 serenum - ok
22:17:02.0906 0260 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
22:17:03.0078 0260 Serial - ok
22:17:03.0187 0260 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
22:17:03.0328 0260 sffdisk - ok
22:17:03.0421 0260 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
22:17:03.0562 0260 sffp_sd - ok
22:17:03.0640 0260 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:17:03.0828 0260 Sfloppy - ok
22:17:03.0890 0260 Simbad - ok
22:17:03.0968 0260 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
22:17:04.0140 0260 sisagp - ok
22:17:04.0281 0260 sonypvd3 (a35c234751ac5cbda631e68ef8b86aac) C:\WINDOWS\system32\DRIVERS\sonypvd3.sys
22:17:04.0312 0260 sonypvd3 ( UnsignedFile.Multi.Generic ) - warning
22:17:04.0312 0260 sonypvd3 - detected UnsignedFile.Multi.Generic (1)
22:17:04.0421 0260 sonypvf3 (f576ee7cc67a9b1e6a0f6a9ec1b1e6ab) C:\WINDOWS\system32\drivers\sonypvf3.sys
22:17:04.0453 0260 sonypvf3 ( UnsignedFile.Multi.Generic ) - warning
22:17:04.0453 0260 sonypvf3 - detected UnsignedFile.Multi.Generic (1)
22:17:04.0531 0260 sonypvl3 (747fab4fd4ddf34aea347fea82f0b529) C:\WINDOWS\system32\drivers\sonypvl3.sys
22:17:04.0562 0260 sonypvl3 ( UnsignedFile.Multi.Generic ) - warning
22:17:04.0562 0260 sonypvl3 - detected UnsignedFile.Multi.Generic (1)
22:17:04.0640 0260 sonypvt3 (6db72277b2d0db32d6b4a3882e966a97) C:\WINDOWS\system32\drivers\sonypvt3.sys
22:17:04.0703 0260 sonypvt3 ( UnsignedFile.Multi.Generic ) - warning
22:17:04.0703 0260 sonypvt3 - detected UnsignedFile.Multi.Generic (1)
22:17:04.0828 0260 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
22:17:05.0062 0260 SONYPVU1 - ok
22:17:05.0187 0260 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
22:17:05.0250 0260 Sparrow - ok
22:17:05.0468 0260 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:17:05.0640 0260 splitter - ok
22:17:05.0750 0260 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:17:06.0000 0260 sr - ok
22:17:06.0140 0260 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:17:06.0203 0260 Srv - ok
22:17:06.0312 0260 sscebus (29ae754f4e9dcc08dcfd4aef07375d52) C:\WINDOWS\system32\DRIVERS\sscebus.sys
22:17:06.0312 0260 sscebus - ok
22:17:06.0437 0260 sscemdfl (48de57f9c5a7f39ec3ea5cfbf163b811) C:\WINDOWS\system32\DRIVERS\sscemdfl.sys
22:17:06.0453 0260 sscemdfl - ok
22:17:06.0562 0260 sscemdm (600d634c721e57e4b89d3dfdd381cdb7) C:\WINDOWS\system32\DRIVERS\sscemdm.sys
22:17:06.0593 0260 sscemdm - ok
22:17:07.0171 0260 STHDA (58f855684e163466a5c565adf0865536) C:\WINDOWS\system32\drivers\sthda.sys
22:17:07.0781 0260 STHDA - ok
22:17:07.0921 0260 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:17:08.0156 0260 swenum - ok
22:17:08.0218 0260 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:17:08.0375 0260 swmidi - ok
22:17:08.0484 0260 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
22:17:08.0609 0260 symc810 - ok
22:17:08.0703 0260 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
22:17:08.0890 0260 symc8xx - ok
22:17:08.0984 0260 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
22:17:09.0171 0260 sym_hi - ok
22:17:09.0265 0260 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
22:17:09.0437 0260 sym_u3 - ok
22:17:09.0578 0260 SynTP (936cd58395d36659bb798b961ef7357f) C:\WINDOWS\system32\DRIVERS\SynTP.sys
22:17:09.0593 0260 SynTP - ok
22:17:09.0703 0260 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:17:09.0859 0260 sysaudio - ok
22:17:10.0000 0260 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:17:10.0140 0260 Tcpip - ok
22:17:10.0234 0260 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:17:10.0437 0260 TDPIPE - ok
22:17:10.0562 0260 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:17:10.0687 0260 TDTCP - ok
22:17:10.0828 0260 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:17:10.0953 0260 TermDD - ok
22:17:11.0031 0260 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
22:17:11.0203 0260 TosIde - ok
22:17:11.0296 0260 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:17:11.0453 0260 Udfs - ok
22:17:11.0593 0260 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
22:17:11.0671 0260 ultra - ok
22:17:11.0734 0260 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:17:11.0921 0260 Update - ok
22:17:12.0046 0260 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
22:17:12.0093 0260 USBAAPL - ok
22:17:12.0203 0260 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:17:12.0343 0260 usbccgp - ok
22:17:12.0453 0260 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:17:12.0703 0260 usbehci - ok
22:17:12.0843 0260 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:17:12.0968 0260 usbhub - ok
22:17:13.0031 0260 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:17:13.0187 0260 usbprint - ok
22:17:13.0265 0260 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:17:13.0468 0260 usbscan - ok
22:17:13.0531 0260 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:17:13.0734 0260 USBSTOR - ok
22:17:13.0828 0260 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:17:14.0031 0260 usbuhci - ok
22:17:14.0140 0260 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
22:17:14.0328 0260 usb_rndisx - ok
22:17:14.0468 0260 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:17:14.0671 0260 VgaSave - ok
22:17:14.0765 0260 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
22:17:14.0937 0260 viaagp - ok
22:17:15.0062 0260 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
22:17:15.0234 0260 ViaIde - ok
22:17:15.0312 0260 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:17:15.0531 0260 VolSnap - ok
22:17:15.0625 0260 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:17:15.0859 0260 Wanarp - ok
22:17:15.0921 0260 WDICA - ok
22:17:16.0031 0260 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:17:16.0187 0260 wdmaud - ok
22:17:16.0390 0260 winachsf (a8596cf86d445269a42ecc08b7066a4c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
22:17:16.0437 0260 winachsf - ok
22:17:16.0609 0260 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
22:17:17.0125 0260 WmiAcpi - ok
22:17:17.0171 0260 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
22:17:17.0531 0260 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
22:17:17.0531 0260 \Device\Harddisk0\DR0 - detected TDSS File System (1)
22:17:17.0546 0260 Boot (0x1200) (02b4cb0f54113a343e249a29581725e8) \Device\Harddisk0\DR0\Partition0
22:17:17.0546 0260 \Device\Harddisk0\DR0\Partition0 - ok
22:17:17.0546 0260 ============================================================
22:17:17.0546 0260 Scan finished
22:17:17.0546 0260 ============================================================
22:17:17.0562 3456 Detected object count: 9
22:17:17.0562 3456 Actual detected object count: 9
22:17:22.0265 3456 APPDRV ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:22.0265 3456 APPDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:22.0281 3456 DXEC02 ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:22.0281 3456 DXEC02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:22.0281 3456 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:22.0281 3456 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:22.0281 3456 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:22.0281 3456 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:22.0281 3456 sonypvd3 ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:22.0281 3456 sonypvd3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:22.0281 3456 sonypvf3 ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:22.0281 3456 sonypvf3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:22.0281 3456 sonypvl3 ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:22.0281 3456 sonypvl3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:22.0281 3456 sonypvt3 ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:22.0281 3456 sonypvt3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:22.0296 3456 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
22:17:22.0296 3456 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip


The screen that had the reboot option never appeared.?
  • 0

#6
mcbassin
Posted 14 February 2012 - 10:23 PM

mcbassin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Here is a picture of the scan results

Attached Thumbnails

  • tdss.jpg

  • 0

#7
Render
Posted 15 February 2012 - 04:53 AM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
We need to temporarily remove your Anti-Virus, as it interes with the fix I want to run. You can reinstall it again later. If you are not happy about doing this, please let me know before proceding

Download AppRemover and run it.

Click Next >>
Posted Image


Ensure "Remove Security Application" is collected and click Next >>
Posted Image


AppRemover will scan all the security applications on your PC
Posted Image

Select Any AVG entries from the applications offered and click Next >> twice.
Posted Image

Follow any further on-screen instructions. If asked to reboot,please do so.

Note: Please do not browse the internet or open any email attachments until your Anti-Virus is re-installed

NEXT...

Posted Image Please download ComboFix from one of these locations:

Bleepingcomputer
ForoSpyware

Notes:
  • Do not mouse-click Combofix's window while it is running. That may cause it to stall.
  • ComboFix may reset a number of Internet Explorer's settings, including making Internet Explorer the default browser.
  • Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
  • CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
  • If you are using personal certificates I recommend you to export them before running ComboFix and save them to external media.
Please carefully follow all steps below:
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
    Notes: Combofix will run without the Recovery Console installed. Skip the Recovery Console part if you're running Vista or Windows 7.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Posted Image

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

  • Click on Yes. ComboFix will now start scanning your computer for known infections. This procedure can take some time, so please be patient.
  • When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Give it at least 20-30 minutes to finish if needed.

Please do not attach the scan results from Combofix. Use copy/paste.
  • 0

#8
mcbassin
Posted 15 February 2012 - 10:03 PM

mcbassin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
I got avg disabled but now the internet won't work because the driver is missing?
  • 0

#9
mcbassin
Posted 15 February 2012 - 10:04 PM

mcbassin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
I can't download combofix because I can't connect to Internet. What would have wiped out the driver?
  • 0

#10
mcbassin
Posted 15 February 2012 - 10:23 PM

mcbassin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Okay I was able to re install the driver and combofix is now running
  • 0

Advertisements

#11
mcbassin
Posted 15 February 2012 - 10:59 PM

mcbassin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
ComboFix 12-02-15.01 - Mike 02/15/2012 22:20:34.2.2 - x86
Running from: c:\documents and settings\Mike\Desktop\ComboFix.exe
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Application Data\TEMP\AVG\avgmfapx.exe
c:\documents and settings\All Users\Application Data\TEMP\AVG\avgmfarx.dll
c:\documents and settings\All Users\Application Data\TEMP\AVG\avgntdumpx.exe
c:\documents and settings\All Users\Application Data\TEMP\AVG\avgrunasx.exe
c:\documents and settings\All Users\Application Data\TEMP\AVG\avi7.avg
c:\documents and settings\All Users\Application Data\TEMP\AVG\htmlayout.dll
c:\documents and settings\All Users\Application Data\TEMP\AVG\incavi.avm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_cz.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_da.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_es.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_fr.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ge.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_hu.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_id.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_in.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_it.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_jp.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ko.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ms.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_nl.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pb.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pl.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_pt.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_ru.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sc.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sk.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_sp.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_tr.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_us.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zh.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\license_zt.htm
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaconf.txt
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfacz.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfada.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaes.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfafr.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfage.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfahu.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaid.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfain.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfait.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfajp.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfako.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfams.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfanl.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfapb.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfapl.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfapt.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaru.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfasc.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfask.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfasp.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfatr.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaus.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfavera.txt
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfaverx.txt
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfazh.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\mfazt.lns
c:\documents and settings\All Users\Application Data\TEMP\AVG\microavi.avg
c:\documents and settings\All Users\Application Data\TEMP\AVG\miniavi.avg
c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.exe
c:\documents and settings\All Users\Application Data\TEMP\AVG\setup.ini
c:\windows\Downloaded Installations\BMP
c:\windows\Downloaded Installations\BMP\{44C774BE-1389-4E84-B5DE-54D9FB4A2253}\1033.MST
c:\windows\Downloaded Installations\BMP\{44C774BE-1389-4E84-B5DE-54D9FB4A2253}\BACS.msi
.
.
((((((((((((((((((((((((( Files Created from 2012-01-16 to 2012-02-16 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-14 03:59 . 2011-12-14 03:59 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-10 21:24 . 2010-06-22 04:25 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-25 21:57 . 2004-08-10 18:51 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 13:25 . 2004-08-10 18:51 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-18 12:35 . 2004-08-10 18:51 60416 ----a-w- c:\windows\system32\packager.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-06-21 1207080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-06-03 851968]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-03-30 8491008]
"nwiz"="nwiz.exe" [2008-03-30 1626112]
"NVHotkey"="nvHotkey.dll" [2008-03-30 86016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-03-30 81920]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-07-25 823296]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-07-25 974848]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2007-07-20 1228800]
"SigmatelSysTrayApp"="stsystra.exe" [2007-06-06 405504]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-11-01 189736]
"UVS11 Preload"="c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-07-23 341232]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"KADxMain"="c:\windows\system32\KADxMain.exe" [2006-11-02 282624]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-11-13 421736]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-12-4 50688]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Picture Package Menu.lnk - c:\program files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [2008-12-4 151552]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R1 sonypvd3;Sony DVD Handycam;c:\windows\system32\DRIVERS\sonypvd3.sys [2004-12-07 64964]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-19 135664]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-19 135664]
R3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\DRIVERS\sscebus.sys [2009-05-13 90240]
R3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\DRIVERS\sscemdfl.sys [2009-05-13 14976]
R3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\DRIVERS\sscemdm.sys [2009-05-13 121856]
R4 PuranDefrag;PuranDefrag;c:\windows\system32\PuranDefragS.exe [2010-05-17 233472]
S0 sonypvl3;sonypvl3; [x]
S1 sonypvf3;sonypvf3; [x]
S1 sonypvt3;sonypvt3; [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2010-12-10 92008]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-12 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-05 15:53]
.
2012-02-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cb6cf3cf91964e.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-19 03:07]
.
2012-02-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cce15f4d6fd37e.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-19 03:07]
.
2012-02-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-19 03:07]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
Trusted Zone: basszone.com\www
TCP: DhcpNameServer = 192.168.2.1 65.77.64.11 4.2.2.1
DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} - hxxp://www.nextdaypets.com/assets/js/ImageUploader6.cab
FF - ProfilePath - c:\documents and settings\Mike\Application Data\Mozilla\Firefox\Profiles\k55y3j8y.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: [email protected] - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Move Media Player: [email protected] - c:\documents and settings\Mike\Application Data\Move Networks
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
- - - - ORPHANS REMOVED - - - -
.
Notify-avgrsstarter - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-15 22:38
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2012-02-15 22:42:25
ComboFix-quarantined-files.txt 2012-02-16 04:42
.
Pre-Run: 71,299,538,944 bytes free
Post-Run: 76,990,156,800 bytes free
.
- - End Of File - - C45548E9E605045BD871041086CADB49
  • 0

#12
Render
Posted 16 February 2012 - 12:50 PM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
From the Start menu open your Computer
You should see something like this:

Posted Image

Right click your system partition (usually C) and select Properties

Posted Image

Select Tools tab and then Check now...
The second window will popup
Ensure you have ticks in both boxes
Then click Start
Windows will schedule it for the next boot
Reboot

Once that has completed:

Go to Start > All Programs > Accessories
Right click Command Prompt and select Run as administrator
When the prompt opens type the following bolded text and press enter

sfc /scannow (Note: There is a space between sfc and /scannow)

On completion reboot

Let me know then if there is any improvement
  • 0

#13
mcbassin
Posted 17 February 2012 - 10:01 PM

mcbassin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
It seems to be running faster now. What do you recommend doing next? How do I turn my AVG back on?
  • 0

#14
Render
Posted 18 February 2012 - 06:52 AM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Please wait a moment with AV and do this:

We should proceed with general antimalware scan which can take quite a long time so please be patient.

Download Virus Removal Tool (VRT) from Here to your desktop
(You have to enter your e-mail address and click on Submit Form button. Please download latest English version of this tool)

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
(Please be patient as this scan can take a few hours)
Posted Image

Allow VRT to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post


Now the Analysis

Rerun VRT and select the Manual Disinfection tab and press Start Gathering System Information

Posted Image

On completion click the link to locate the zip file to upload and attach to your next post

Posted Image
  • 0

#15
mcbassin
Posted 18 February 2012 - 01:49 PM

mcbassin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
I hope this is the file you're looking for.

Attached Files


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP