Jump to content

infectedputer

Honorary Members
  • Posts

    25
  • Joined

  • Last visited

Reputation

0 Neutral
  1. everything has been fine, I just wanted to make sure there are no backdoors open. thanks
  2. How does it look? ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=68a1438a4c8d5b44a219e3ca9098e86f # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-11-13 03:48:53 # local_time=2011-11-12 07:48:53 (-0800, Pacific Standard Time) # country="United States" # lang=9 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=5892 16776573 100 100 0 157759809 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=137210 # found=1 # cleaned=1 # scan_time=3896 C:\Users\Renee\Music\Feist - The Reminder (2007)\01 Feist - So Sorry.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan (cleaned - quarantined) 00000000000000000000000000000000 C # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=68a1438a4c8d5b44a219e3ca9098e86f # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-11-25 05:48:43 # local_time=2011-11-24 09:48:43 (-0800, Pacific Standard Time) # country="United States" # lang=1033 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=5892 16776573 100 100 0 158803580 0 0 # compatibility_mode=8192 67108863 100 0 126206 126206 0 0 # scanned=159827 # found=0 # cleaned=0 # scan_time=4114
  3. Not really sure what "the file" as there are more than one but I uploaded tsk0000.dta see http://www.virustotal.com/file-scan/report.html?id=4bb23e4c37bb2a0daf465fe93c0af6e0d3e6ae85605382e08ffe80403cbc2daf-1322021714
  4. 00:46:32.0368 7748 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50 00:46:34.0380 7748 ============================================================ 00:46:34.0380 7748 Current date / time: 2011/11/20 00:46:34.0380 00:46:34.0380 7748 SystemInfo: 00:46:34.0380 7748 00:46:34.0380 7748 OS Version: 6.0.6002 ServicePack: 2.0 00:46:34.0380 7748 Product type: Workstation 00:46:34.0380 7748 ComputerName: RENEE-PC 00:46:34.0380 7748 UserName: Renee 00:46:34.0380 7748 Windows directory: C:\Windows 00:46:34.0380 7748 System windows directory: C:\Windows 00:46:34.0380 7748 Processor architecture: Intel x86 00:46:34.0380 7748 Number of processors: 2 00:46:34.0380 7748 Page size: 0x1000 00:46:34.0380 7748 Boot type: Normal boot 00:46:34.0380 7748 ============================================================ 00:46:35.0254 7748 Initialize success 00:47:59.0697 4092 ============================================================ 00:47:59.0697 4092 Scan started 00:47:59.0697 4092 Mode: Manual; SigCheck; TDLFS; 00:47:59.0697 4092 ============================================================ 00:48:00.0212 4092 26973325 (186b54479d98e48aee0e9ada4b3c4d31) C:\Windows\system32\DRIVERS\26973325.sys 00:48:00.0368 4092 26973325 - ok 00:48:00.0508 4092 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 00:48:00.0524 4092 ACPI - ok 00:48:00.0680 4092 ADIHdAudAddService (a51ea92451897824c5c7474a160af773) C:\Windows\system32\drivers\ADIHdAud.sys 00:48:00.0789 4092 ADIHdAudAddService - ok 00:48:00.0945 4092 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 00:48:00.0976 4092 adp94xx - ok 00:48:01.0023 4092 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 00:48:01.0038 4092 adpahci - ok 00:48:01.0101 4092 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 00:48:01.0101 4092 adpu160m - ok 00:48:01.0163 4092 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 00:48:01.0179 4092 adpu320 - ok 00:48:01.0304 4092 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys 00:48:01.0366 4092 AFD - ok 00:48:01.0506 4092 agp440 (198636e76971ebc96404547ec0fd5e75) C:\Windows\system32\drivers\agp440.sys 00:48:01.0506 4092 agp440 - ok 00:48:01.0553 4092 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 00:48:01.0569 4092 aic78xx - ok 00:48:01.0600 4092 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys 00:48:01.0600 4092 aliide - ok 00:48:01.0647 4092 amdagp (2363abc8989a14fd7247ca6f4e89d397) C:\Windows\system32\drivers\amdagp.sys 00:48:01.0662 4092 amdagp - ok 00:48:01.0694 4092 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys 00:48:01.0694 4092 amdide - ok 00:48:01.0740 4092 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 00:48:01.0943 4092 AmdK7 - ok 00:48:01.0990 4092 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys 00:48:02.0052 4092 AmdK8 - ok 00:48:02.0302 4092 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 00:48:02.0302 4092 arc - ok 00:48:02.0364 4092 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 00:48:02.0364 4092 arcsas - ok 00:48:02.0442 4092 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 00:48:02.0598 4092 AsyncMac - ok 00:48:02.0661 4092 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 00:48:02.0661 4092 atapi - ok 00:48:02.0754 4092 b57nd60x (8e287eb3a52fd30c999482c576f4a61b) C:\Windows\system32\DRIVERS\b57nd60x.sys 00:48:02.0832 4092 b57nd60x - ok 00:48:02.0957 4092 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 00:48:03.0020 4092 Beep - ok 00:48:03.0144 4092 blbdrive - ok 00:48:03.0238 4092 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys 00:48:03.0269 4092 bowser - ok 00:48:03.0347 4092 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 00:48:03.0394 4092 BrFiltLo - ok 00:48:03.0441 4092 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 00:48:03.0472 4092 BrFiltUp - ok 00:48:03.0550 4092 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 00:48:03.0612 4092 Brserid - ok 00:48:03.0675 4092 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 00:48:03.0753 4092 BrSerWdm - ok 00:48:03.0800 4092 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 00:48:03.0846 4092 BrUsbMdm - ok 00:48:03.0846 4092 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 00:48:03.0909 4092 BrUsbSer - ok 00:48:03.0987 4092 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys 00:48:04.0002 4092 BthEnum - ok 00:48:04.0049 4092 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 00:48:04.0096 4092 BTHMODEM - ok 00:48:04.0190 4092 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 00:48:04.0236 4092 BthPan - ok 00:48:04.0392 4092 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys 00:48:04.0470 4092 BTHPORT - ok 00:48:04.0564 4092 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys 00:48:04.0595 4092 BTHUSB - ok 00:48:04.0658 4092 btwaudio (636f45a8500c1438cfa7dee15fc5c184) C:\Windows\system32\drivers\btwaudio.sys 00:48:04.0673 4092 btwaudio - ok 00:48:04.0704 4092 btwavdt (bf9256ff01b093a5d90bb7a35ec90410) C:\Windows\system32\drivers\btwavdt.sys 00:48:04.0704 4092 btwavdt - ok 00:48:04.0767 4092 btwrchid (0ab8c1ac177afb27309e1072faf34a37) C:\Windows\system32\DRIVERS\btwrchid.sys 00:48:04.0782 4092 btwrchid - ok 00:48:04.0907 4092 catchme - ok 00:48:05.0094 4092 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 00:48:05.0157 4092 cdfs - ok 00:48:05.0360 4092 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 00:48:05.0406 4092 cdrom - ok 00:48:05.0531 4092 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys 00:48:05.0578 4092 circlass - ok 00:48:05.0640 4092 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 00:48:05.0640 4092 CLFS - ok 00:48:05.0687 4092 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 00:48:05.0718 4092 CmBatt - ok 00:48:05.0812 4092 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys 00:48:05.0812 4092 cmdide - ok 00:48:05.0843 4092 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 00:48:05.0859 4092 Compbatt - ok 00:48:05.0874 4092 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 00:48:05.0874 4092 crcdisk - ok 00:48:05.0906 4092 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 00:48:05.0968 4092 Crusoe - ok 00:48:06.0124 4092 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys 00:48:06.0155 4092 DfsC - ok 00:48:06.0264 4092 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 00:48:06.0264 4092 disk - ok 00:48:06.0358 4092 DLABMFSM (475024f44e0b0ff2e89b0b7450c51e9a) C:\Windows\system32\DLA\DLABMFSM.SYS 00:48:06.0358 4092 DLABMFSM - ok 00:48:06.0374 4092 DLABOIOM (d418a2c037f0367af8ceb955f8162219) C:\Windows\system32\DLA\DLABOIOM.SYS 00:48:06.0389 4092 DLABOIOM - ok 00:48:06.0436 4092 DLACDBHM (5230cdb7e715f3a3b4a882e254cdd35d) C:\Windows\system32\Drivers\DLACDBHM.SYS 00:48:06.0436 4092 DLACDBHM - ok 00:48:06.0498 4092 DLADResM (c696b47b36c278a349b433b206e4b105) C:\Windows\system32\DLA\DLADResM.SYS 00:48:06.0514 4092 DLADResM - ok 00:48:06.0545 4092 DLAIFS_M (97e1cc730f1f931c5232013432584334) C:\Windows\system32\DLA\DLAIFS_M.SYS 00:48:06.0545 4092 DLAIFS_M - ok 00:48:06.0592 4092 DLAOPIOM (d98be003d85c0251a3db5851a29c6ba8) C:\Windows\system32\DLA\DLAOPIOM.SYS 00:48:06.0608 4092 DLAOPIOM - ok 00:48:06.0608 4092 DLAPoolM (3821ad5aa0ac0f05625923cfcc0c0fbb) C:\Windows\system32\DLA\DLAPoolM.SYS 00:48:06.0623 4092 DLAPoolM - ok 00:48:06.0670 4092 DLARTL_M (77fe51f0f8d86804cb81f6ef6bfb86dd) C:\Windows\system32\Drivers\DLARTL_M.SYS 00:48:06.0686 4092 DLARTL_M - ok 00:48:06.0732 4092 DLAUDFAM (0fdd55d09da1657fc28ebc015f5f45d6) C:\Windows\system32\DLA\DLAUDFAM.SYS 00:48:06.0748 4092 DLAUDFAM - ok 00:48:06.0795 4092 DLAUDF_M (147bc35eba264118988f5c5580860336) C:\Windows\system32\DLA\DLAUDF_M.SYS 00:48:06.0795 4092 DLAUDF_M - ok 00:48:06.0920 4092 DozeHDD (e00b3ce273b17aee1259c105df5524ca) C:\Windows\system32\DRIVERS\DozeHDD.sys 00:48:06.0935 4092 DozeHDD - ok 00:48:07.0013 4092 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 00:48:07.0060 4092 drmkaud - ok 00:48:07.0185 4092 DRVMCDB (83106585494d5eb96f59187200c144bd) C:\Windows\system32\Drivers\DRVMCDB.SYS 00:48:07.0200 4092 DRVMCDB - ok 00:48:07.0232 4092 DRVNDDM (ffc371525aa55d1bae18715ebcb8797c) C:\Windows\system32\Drivers\DRVNDDM.SYS 00:48:07.0247 4092 DRVNDDM - ok 00:48:07.0294 4092 DXGKrnl (fb85f7f69e9b109820409243f578cc4d) C:\Windows\System32\drivers\dxgkrnl.sys 00:48:07.0403 4092 DXGKrnl - ok 00:48:07.0528 4092 e1express (e4563be48ef4e8d8ad3edd92bb01ad9a) C:\Windows\system32\DRIVERS\e1e6032.sys 00:48:07.0544 4092 e1express - ok 00:48:07.0590 4092 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 00:48:07.0653 4092 E1G60 - ok 00:48:07.0762 4092 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 00:48:07.0778 4092 Ecache - ok 00:48:07.0824 4092 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 00:48:07.0840 4092 elxstor - ok 00:48:07.0965 4092 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 00:48:07.0996 4092 exfat - ok 00:48:08.0043 4092 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 00:48:08.0074 4092 fastfat - ok 00:48:08.0199 4092 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys 00:48:08.0277 4092 fdc - ok 00:48:08.0355 4092 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 00:48:08.0355 4092 FileInfo - ok 00:48:08.0402 4092 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 00:48:08.0448 4092 Filetrace - ok 00:48:08.0495 4092 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 00:48:08.0558 4092 flpydisk - ok 00:48:08.0667 4092 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 00:48:08.0682 4092 FltMgr - ok 00:48:08.0745 4092 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 00:48:08.0776 4092 Fs_Rec - ok 00:48:08.0916 4092 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 00:48:08.0932 4092 gagp30kx - ok 00:48:08.0994 4092 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys 00:48:08.0994 4092 GEARAspiWDM - ok 00:48:09.0119 4092 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 00:48:09.0166 4092 HdAudAddService - ok 00:48:09.0244 4092 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 00:48:09.0306 4092 HDAudBus - ok 00:48:09.0431 4092 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 00:48:09.0478 4092 HidBth - ok 00:48:09.0525 4092 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 00:48:09.0556 4092 HidIr - ok 00:48:09.0650 4092 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys 00:48:09.0696 4092 HidUsb - ok 00:48:09.0759 4092 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 00:48:09.0774 4092 HpCISSs - ok 00:48:09.0837 4092 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS 00:48:09.0868 4092 HSFHWAZL - ok 00:48:09.0946 4092 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys 00:48:09.0993 4092 HSF_DPV - ok 00:48:10.0118 4092 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys 00:48:10.0149 4092 HSXHWAZL - ok 00:48:10.0211 4092 HTTP (abbc72793f1c588b1a7db0cac69a4fe8) C:\Windows\system32\drivers\HTTP.sys 00:48:10.0258 4092 HTTP - ok 00:48:10.0289 4092 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 00:48:10.0305 4092 i2omp - ok 00:48:10.0570 4092 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 00:48:10.0617 4092 i8042prt - ok 00:48:10.0726 4092 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys 00:48:10.0898 4092 ialm - ok 00:48:10.0976 4092 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\DRIVERS\iaStor.sys 00:48:10.0976 4092 iaStor - ok 00:48:11.0054 4092 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 00:48:11.0054 4092 iaStorV - ok 00:48:11.0100 4092 IBMPMDRV (400d7095d5ae08970f839bcac1843106) C:\Windows\system32\DRIVERS\ibmpmdrv.sys 00:48:11.0116 4092 IBMPMDRV - ok 00:48:11.0256 4092 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 00:48:11.0256 4092 iirsp - ok 00:48:11.0334 4092 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 00:48:11.0334 4092 intelide - ok 00:48:11.0397 4092 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 00:48:11.0444 4092 intelppm - ok 00:48:11.0522 4092 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 00:48:11.0600 4092 IpFilterDriver - ok 00:48:11.0693 4092 IpInIp - ok 00:48:11.0740 4092 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 00:48:11.0834 4092 IPMIDRV - ok 00:48:11.0943 4092 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 00:48:11.0974 4092 IPNAT - ok 00:48:12.0052 4092 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 00:48:12.0083 4092 IRENUM - ok 00:48:12.0146 4092 isapnp (ce2997a0c3b0049a3188c4f0c7a04bc9) C:\Windows\system32\drivers\isapnp.sys 00:48:12.0146 4092 isapnp - ok 00:48:12.0224 4092 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 00:48:12.0239 4092 iScsiPrt - ok 00:48:12.0302 4092 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 00:48:12.0302 4092 iteatapi - ok 00:48:12.0348 4092 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 00:48:12.0364 4092 iteraid - ok 00:48:12.0395 4092 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 00:48:12.0395 4092 kbdclass - ok 00:48:12.0489 4092 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys 00:48:12.0536 4092 kbdhid - ok 00:48:12.0598 4092 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 00:48:12.0645 4092 KSecDD - ok 00:48:12.0785 4092 lenovo.smi (3c3f7f424e324c6971632c5de5ff458f) C:\Windows\system32\DRIVERS\smiif32.sys 00:48:12.0785 4092 lenovo.smi - ok 00:48:12.0863 4092 LenovoRd (007c3a7e6a864ab2b8c52df717a7254c) C:\Windows\system32\Drivers\LenovoRd.sys 00:48:12.0894 4092 LenovoRd - ok 00:48:13.0019 4092 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 00:48:13.0050 4092 lltdio - ok 00:48:13.0144 4092 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 00:48:13.0144 4092 LSI_FC - ok 00:48:13.0175 4092 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 00:48:13.0175 4092 LSI_SAS - ok 00:48:13.0222 4092 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 00:48:13.0222 4092 LSI_SCSI - ok 00:48:13.0269 4092 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 00:48:13.0284 4092 luafv - ok 00:48:13.0347 4092 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys 00:48:13.0347 4092 MBAMProtector - ok 00:48:13.0394 4092 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys 00:48:13.0409 4092 mdmxsdk - ok 00:48:13.0456 4092 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 00:48:13.0472 4092 megasas - ok 00:48:13.0503 4092 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 00:48:13.0534 4092 Modem - ok 00:48:13.0581 4092 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 00:48:13.0612 4092 monitor - ok 00:48:13.0690 4092 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 00:48:13.0690 4092 mouclass - ok 00:48:13.0784 4092 mouhid (a3a6dff7e9e757db3df51a833bc28885) C:\Windows\system32\drivers\mouhid.sys 00:48:13.0846 4092 mouhid - ok 00:48:13.0893 4092 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 00:48:13.0908 4092 MountMgr - ok 00:48:13.0971 4092 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 00:48:13.0971 4092 mpio - ok 00:48:14.0049 4092 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 00:48:14.0080 4092 mpsdrv - ok 00:48:14.0142 4092 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 00:48:14.0158 4092 Mraid35x - ok 00:48:14.0189 4092 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 00:48:14.0220 4092 MRxDAV - ok 00:48:14.0283 4092 mrxsmb (317eb668973951bad512ee8bebf9ed25) C:\Windows\system32\DRIVERS\mrxsmb.sys 00:48:14.0330 4092 mrxsmb - ok 00:48:14.0376 4092 mrxsmb10 (05716f0203b5c774a87384a1ff7b968f) C:\Windows\system32\DRIVERS\mrxsmb10.sys 00:48:14.0423 4092 mrxsmb10 - ok 00:48:14.0501 4092 mrxsmb20 (c70c50d101b92b45c42ba11ea9fe6cd1) C:\Windows\system32\DRIVERS\mrxsmb20.sys 00:48:14.0517 4092 mrxsmb20 - ok 00:48:14.0579 4092 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys 00:48:14.0595 4092 msahci - ok 00:48:14.0642 4092 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 00:48:14.0657 4092 msdsm - ok 00:48:14.0704 4092 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 00:48:14.0751 4092 Msfs - ok 00:48:14.0844 4092 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 00:48:14.0844 4092 msisadrv - ok 00:48:14.0907 4092 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 00:48:14.0938 4092 MSKSSRV - ok 00:48:15.0078 4092 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 00:48:15.0110 4092 MSPCLOCK - ok 00:48:15.0156 4092 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 00:48:15.0188 4092 MSPQM - ok 00:48:15.0250 4092 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 00:48:15.0266 4092 MsRPC - ok 00:48:15.0328 4092 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 00:48:15.0344 4092 mssmbios - ok 00:48:15.0375 4092 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 00:48:15.0406 4092 MSTEE - ok 00:48:15.0484 4092 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 00:48:15.0484 4092 Mup - ok 00:48:15.0546 4092 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 00:48:15.0562 4092 NativeWifiP - ok 00:48:15.0656 4092 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 00:48:15.0718 4092 NDIS - ok 00:48:15.0780 4092 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 00:48:15.0827 4092 NdisTapi - ok 00:48:15.0874 4092 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 00:48:15.0905 4092 Ndisuio - ok 00:48:15.0936 4092 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 00:48:15.0968 4092 NdisWan - ok 00:48:15.0999 4092 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 00:48:16.0046 4092 NDProxy - ok 00:48:16.0092 4092 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 00:48:16.0124 4092 NetBIOS - ok 00:48:16.0202 4092 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 00:48:16.0233 4092 netbt - ok 00:48:16.0326 4092 NETw3v32 (a15f219208843a5a210c8cb391384453) C:\Windows\system32\DRIVERS\NETw3v32.sys 00:48:16.0529 4092 NETw3v32 - ok 00:48:16.0732 4092 NETw4v32 (0f366d06511a76a0428b418c91ca0e31) C:\Windows\system32\DRIVERS\NETw4v32.sys 00:48:16.0950 4092 NETw4v32 - ok 00:48:17.0138 4092 NETw5v32 (83f310bf50985f2a52121f2614787c38) C:\Windows\system32\DRIVERS\NETw5v32.sys 00:48:17.0450 4092 NETw5v32 - ok 00:48:17.0574 4092 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 00:48:17.0574 4092 nfrd960 - ok 00:48:17.0637 4092 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 00:48:17.0668 4092 Npfs - ok 00:48:17.0715 4092 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 00:48:17.0746 4092 nsiproxy - ok 00:48:17.0855 4092 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 00:48:17.0918 4092 Ntfs - ok 00:48:18.0042 4092 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 00:48:18.0074 4092 ntrigdigi - ok 00:48:18.0183 4092 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 00:48:18.0198 4092 Null - ok 00:48:18.0557 4092 nvlddmkm (b28ed79a0c594c98628477d81d8475c8) C:\Windows\system32\DRIVERS\nvlddmkm.sys 00:48:19.0290 4092 nvlddmkm - ok 00:48:19.0524 4092 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys 00:48:19.0524 4092 nvraid - ok 00:48:19.0571 4092 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys 00:48:19.0571 4092 nvstor - ok 00:48:19.0618 4092 nv_agp (925eb9e53eca4473a2d156a02b7418e3) C:\Windows\system32\drivers\nv_agp.sys 00:48:19.0634 4092 nv_agp - ok 00:48:19.0649 4092 NwlnkFlt - ok 00:48:19.0665 4092 NwlnkFwd - ok 00:48:19.0743 4092 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 00:48:19.0774 4092 ohci1394 - ok 00:48:19.0883 4092 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\DRIVERS\parport.sys 00:48:19.0977 4092 Parport - ok 00:48:20.0102 4092 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 00:48:20.0117 4092 partmgr - ok 00:48:20.0211 4092 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\DRIVERS\parvdm.sys 00:48:20.0258 4092 Parvdm - ok 00:48:20.0320 4092 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 00:48:20.0336 4092 pci - ok 00:48:20.0367 4092 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys 00:48:20.0367 4092 pciide - ok 00:48:20.0445 4092 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys 00:48:20.0445 4092 pcmcia - ok 00:48:20.0492 4092 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys 00:48:20.0523 4092 pcouffin - ok 00:48:20.0663 4092 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 00:48:20.0819 4092 PEAUTH - ok 00:48:20.0928 4092 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 00:48:20.0960 4092 PptpMiniport - ok 00:48:21.0006 4092 PROCDD (1d80309fed4babf8ea9e7b84a394348b) C:\Windows\system32\DRIVERS\PROCDD.SYS 00:48:21.0006 4092 PROCDD - ok 00:48:21.0084 4092 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys 00:48:21.0131 4092 Processor - ok 00:48:21.0194 4092 psadd (f8a25f1dd8b2c332cbc663e3579566e7) C:\Windows\system32\DRIVERS\psadd.sys 00:48:21.0194 4092 psadd - ok 00:48:21.0240 4092 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 00:48:21.0287 4092 PSched - ok 00:48:21.0350 4092 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys 00:48:21.0350 4092 PxHelp20 - ok 00:48:21.0443 4092 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 00:48:21.0506 4092 ql2300 - ok 00:48:21.0552 4092 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 00:48:21.0552 4092 ql40xx - ok 00:48:21.0646 4092 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 00:48:21.0708 4092 QWAVEdrv - ok 00:48:21.0771 4092 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 00:48:21.0802 4092 RasAcd - ok 00:48:21.0880 4092 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 00:48:21.0927 4092 Rasl2tp - ok 00:48:21.0989 4092 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 00:48:22.0020 4092 RasPppoe - ok 00:48:22.0052 4092 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 00:48:22.0083 4092 RasSstp - ok 00:48:22.0145 4092 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 00:48:22.0176 4092 rdbss - ok 00:48:22.0239 4092 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 00:48:22.0270 4092 RDPCDD - ok 00:48:22.0348 4092 rdpdr (87ee019fe9fbff071d76ccf9ec794646) C:\Windows\system32\drivers\rdpdr.sys 00:48:22.0364 4092 rdpdr - ok 00:48:22.0426 4092 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 00:48:22.0442 4092 RDPENCDD - ok 00:48:22.0520 4092 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 00:48:22.0535 4092 RDPWD - ok 00:48:22.0629 4092 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys 00:48:22.0660 4092 RFCOMM - ok 00:48:22.0722 4092 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 00:48:22.0754 4092 rspndr - ok 00:48:22.0863 4092 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 00:48:22.0878 4092 sbp2port - ok 00:48:22.0956 4092 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 00:48:22.0988 4092 secdrv - ok 00:48:23.0019 4092 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys 00:48:23.0081 4092 Serenum - ok 00:48:23.0128 4092 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\DRIVERS\serial.sys 00:48:23.0190 4092 Serial - ok 00:48:23.0315 4092 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 00:48:23.0346 4092 sermouse - ok 00:48:23.0409 4092 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys 00:48:23.0440 4092 sffdisk - ok 00:48:23.0487 4092 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys 00:48:23.0502 4092 sffp_mmc - ok 00:48:23.0534 4092 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys 00:48:23.0565 4092 sffp_sd - ok 00:48:23.0627 4092 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys 00:48:23.0674 4092 sfloppy - ok 00:48:23.0736 4092 Shockprf (a3aee791db8c73882f4503bfaacd8c9e) C:\Windows\system32\DRIVERS\Apsx86.sys 00:48:23.0752 4092 Shockprf - ok 00:48:23.0799 4092 sisagp (e5773c4cff310d00a59db01ef4074135) C:\Windows\system32\drivers\sisagp.sys 00:48:23.0814 4092 sisagp - ok 00:48:23.0846 4092 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 00:48:23.0846 4092 SiSRaid2 - ok 00:48:23.0924 4092 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 00:48:23.0924 4092 SiSRaid4 - ok 00:48:23.0986 4092 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 00:48:24.0017 4092 Smb - ok 00:48:24.0080 4092 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 00:48:24.0080 4092 spldr - ok 00:48:24.0126 4092 srv (baa6018a27857b5ff0c03ce756b4a7a2) C:\Windows\system32\DRIVERS\srv.sys 00:48:24.0173 4092 srv - ok 00:48:24.0220 4092 srv2 (d69b44e3b000c2ff583f10c65489b4fb) C:\Windows\system32\DRIVERS\srv2.sys 00:48:24.0251 4092 srv2 - ok 00:48:24.0282 4092 srvnet (2d10de9022822772adaa120b15a9bd03) C:\Windows\system32\DRIVERS\srvnet.sys 00:48:24.0298 4092 srvnet - ok 00:48:24.0407 4092 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 00:48:24.0407 4092 swenum - ok 00:48:24.0454 4092 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 00:48:24.0454 4092 Symc8xx - ok 00:48:24.0516 4092 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 00:48:24.0516 4092 Sym_hi - ok 00:48:24.0563 4092 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 00:48:24.0579 4092 Sym_u3 - ok 00:48:24.0657 4092 SynTP (d1e06d0b79fdbf6e86ff7be04ff33651) C:\Windows\system32\DRIVERS\SynTP.sys 00:48:24.0657 4092 SynTP - ok 00:48:24.0750 4092 Tcpip (65877aa1b6a7cb797488e831698973e9) C:\Windows\system32\drivers\tcpip.sys 00:48:24.0813 4092 Tcpip - ok 00:48:24.0906 4092 Tcpip6 (65877aa1b6a7cb797488e831698973e9) C:\Windows\system32\DRIVERS\tcpip.sys 00:48:24.0938 4092 Tcpip6 - ok 00:48:25.0000 4092 tcpipreg (4b8f496292d40192acb052e030c023a7) C:\Windows\system32\drivers\tcpipreg.sys 00:48:25.0031 4092 tcpipreg - ok 00:48:25.0078 4092 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 00:48:25.0109 4092 TDPIPE - ok 00:48:25.0140 4092 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 00:48:25.0172 4092 TDTCP - ok 00:48:25.0218 4092 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 00:48:25.0250 4092 tdx - ok 00:48:25.0328 4092 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 00:48:25.0328 4092 TermDD - ok 00:48:25.0406 4092 TPDIGIMN (639ba7b37f25054cf5e82604e736d250) C:\Windows\system32\DRIVERS\ApsHM86.sys 00:48:25.0406 4092 TPDIGIMN - ok 00:48:25.0468 4092 TPM (cb258c2f726f1be73c507022be33ebb3) C:\Windows\system32\drivers\tpm.sys 00:48:25.0484 4092 TPM - ok 00:48:25.0546 4092 TPPWRIF (6412da2b8d079d821b99b3a99943284e) C:\Windows\system32\drivers\Tppwr32v.sys 00:48:25.0546 4092 TPPWRIF - ok 00:48:25.0593 4092 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 00:48:25.0624 4092 tssecsrv - ok 00:48:25.0671 4092 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 00:48:25.0702 4092 tunmp - ok 00:48:25.0733 4092 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys 00:48:25.0764 4092 tunnel - ok 00:48:25.0811 4092 tvtfilter (49258a02a1e8d304ed88b0f1c56b1738) C:\Windows\system32\DRIVERS\tvtfilter.sys 00:48:25.0827 4092 tvtfilter ( UnsignedFile.Multi.Generic ) - warning 00:48:25.0827 4092 tvtfilter - detected UnsignedFile.Multi.Generic (1) 00:48:25.0858 4092 TVTI2C (8ab24d4b7da715c2c80455137910e792) C:\Windows\system32\DRIVERS\Tvti2c.sys 00:48:25.0905 4092 TVTI2C - ok 00:48:25.0952 4092 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys 00:48:25.0952 4092 uagp35 - ok 00:48:26.0014 4092 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 00:48:26.0045 4092 udfs - ok 00:48:26.0076 4092 UIUSys - ok 00:48:26.0170 4092 uliagpkx (5895ef4d0f1424392ee6439250e25677) C:\Windows\system32\drivers\uliagpkx.sys 00:48:26.0170 4092 uliagpkx - ok 00:48:26.0232 4092 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 00:48:26.0248 4092 uliahci - ok 00:48:26.0279 4092 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 00:48:26.0295 4092 UlSata - ok 00:48:26.0310 4092 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 00:48:26.0326 4092 ulsata2 - ok 00:48:26.0373 4092 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 00:48:26.0404 4092 umbus - ok 00:48:26.0466 4092 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys 00:48:26.0482 4092 usbaudio - ok 00:48:26.0544 4092 usbccgp (922b2ebd5118b9ab120410807131a921) C:\Windows\system32\DRIVERS\usbccgp.sys 00:48:26.0560 4092 usbccgp - ok 00:48:26.0607 4092 USBCCID (68ab390b18a743aab32c669167aa6a61) C:\Windows\system32\DRIVERS\usbccid.sys 00:48:26.0654 4092 USBCCID - ok 00:48:26.0700 4092 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 00:48:26.0747 4092 usbcir - ok 00:48:26.0888 4092 usbehci (3d045eaa73414be8f877f292a84abba2) C:\Windows\system32\DRIVERS\usbehci.sys 00:48:26.0903 4092 usbehci - ok 00:48:26.0950 4092 usbhub (1ae77a4c4e4f526ef9759c31a123f2b0) C:\Windows\system32\DRIVERS\usbhub.sys 00:48:26.0997 4092 usbhub - ok 00:48:27.0044 4092 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 00:48:27.0075 4092 usbohci - ok 00:48:27.0090 4092 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 00:48:27.0137 4092 usbprint - ok 00:48:27.0293 4092 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 00:48:27.0309 4092 USBSTOR - ok 00:48:27.0371 4092 usbuhci (f69c1aad04f28415f3fbe99fbe56030b) C:\Windows\system32\DRIVERS\usbuhci.sys 00:48:27.0387 4092 usbuhci - ok 00:48:27.0449 4092 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 00:48:27.0496 4092 usbvideo - ok 00:48:27.0574 4092 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys 00:48:27.0621 4092 vga - ok 00:48:27.0636 4092 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 00:48:27.0699 4092 VgaSave - ok 00:48:27.0824 4092 viaagp (66e64d5cbeb047c90e65f0962483a5b2) C:\Windows\system32\drivers\viaagp.sys 00:48:27.0839 4092 viaagp - ok 00:48:27.0870 4092 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 00:48:27.0933 4092 ViaC7 - ok 00:48:27.0980 4092 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys 00:48:27.0980 4092 viaide - ok 00:48:28.0042 4092 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 00:48:28.0058 4092 volmgr - ok 00:48:28.0120 4092 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 00:48:28.0120 4092 volmgrx - ok 00:48:28.0229 4092 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 00:48:28.0245 4092 volsnap - ok 00:48:28.0276 4092 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 00:48:28.0292 4092 vsmraid - ok 00:48:28.0354 4092 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 00:48:28.0416 4092 WacomPen - ok 00:48:28.0494 4092 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 00:48:28.0526 4092 Wanarp - ok 00:48:28.0526 4092 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 00:48:28.0541 4092 Wanarpv6 - ok 00:48:28.0619 4092 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys 00:48:28.0619 4092 Wd - ok 00:48:28.0713 4092 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 00:48:28.0744 4092 Wdf01000 - ok 00:48:28.0884 4092 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys 00:48:29.0009 4092 winachsf - ok 00:48:29.0337 4092 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys 00:48:29.0368 4092 WmiAcpi - ok 00:48:29.0664 4092 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys 00:48:29.0711 4092 WpdUsb - ok 00:48:30.0008 4092 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 00:48:30.0054 4092 ws2ifsl - ok 00:48:30.0304 4092 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 00:48:30.0320 4092 WUDFRd - ok 00:48:30.0413 4092 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys 00:48:30.0429 4092 XAudio - ok 00:48:30.0476 4092 MBR (0x1B8) (9650019db691dc5964f402625d4c73ff) \Device\Harddisk0\DR0 00:48:30.0663 4092 \Device\Harddisk0\DR0 - ok 00:48:30.0678 4092 Boot (0x1200) (960018d6589370c522a315bf863cbf68) \Device\Harddisk0\DR0\Partition0 00:48:30.0678 4092 \Device\Harddisk0\DR0\Partition0 - ok 00:48:30.0678 4092 ============================================================ 00:48:30.0678 4092 Scan finished 00:48:30.0678 4092 ============================================================ 00:48:30.0694 6504 Detected object count: 1 00:48:30.0694 6504 Actual detected object count: 1 00:49:14.0920 6504 C:\Windows\system32\DRIVERS\tvtfilter.sys - copied to quarantine 00:49:14.0920 6504 tvtfilter ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 00:49:34.0358 0380 Deinitialize success
  5. combofix log ComboFix 11-11-18.02 - ME 11/18/2011 20:42:55.2.2 - x86 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2014.949 [GMT -8:00] Running from: c:\users\ME\Desktop\malware\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\ME\AppData\Roaming\inst.exe c:\windows\system32\TPAPSLOG.LOG c:\windows\system32\TPHDLOG0.LOG . ---- Previous Run ------- . c:\windows\system32\TPAPSLOG.LOG c:\windows\system32\TPHDLOG0.LOG . . ((((((((((((((((((((((((( Files Created from 2011-10-19 to 2011-11-19 ))))))))))))))))))))))))))))))) . . 2011-11-19 04:50 . 2011-11-19 04:50 -------- d-----w- c:\users\ME\AppData\Local\temp 2011-11-19 04:50 . 2011-11-19 04:50 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-11-19 04:30 . 2011-11-19 04:30 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9AEAE890-D6D6-4285-B2AB-17973B07A9B8}\offreg.dll 2011-11-19 04:30 . 2011-10-07 03:48 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9AEAE890-D6D6-4285-B2AB-17973B07A9B8}\mpengine.dll 2011-11-17 04:43 . 2011-11-17 04:43 -------- d-----w- c:\programdata\Kaspersky Lab 2011-11-17 04:42 . 2011-11-17 13:57 133208 ----a-w- c:\windows\system32\drivers\26973325.sys 2011-11-15 06:27 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll 2011-11-15 06:27 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe 2011-11-15 06:27 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll 2011-11-15 06:27 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll 2011-11-15 06:26 . 2009-08-07 03:23 171608 ----a-w- c:\windows\system32\wuwebv.dll 2011-11-15 06:26 . 2009-08-07 02:44 33792 ----a-w- c:\windows\system32\wuapp.exe 2011-11-13 02:36 . 2011-11-13 02:36 -------- d-----w- c:\program files\ESET 2011-11-12 20:50 . 2011-11-12 20:50 -------- d-----w- c:\users\ME\AppData\Roaming\Malwarebytes 2011-11-12 20:50 . 2011-11-12 20:50 -------- d-----w- c:\programdata\Malwarebytes 2011-11-12 20:50 . 2011-11-12 20:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-11-12 20:50 . 2011-09-01 01:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-15 06:23 . 2011-06-24 04:27 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-03 13:06 . 2010-08-22 22:32 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-10-31 03:36 . 2011-06-07 23:02 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TPFNF7"="c:\progra~1\Lenovo\NPDIRECT\TPFNF7SP.exe" [2010-03-26 62312] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-22 820520] "TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2010-07-28 69560] "PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2010-08-25 894312] "BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BTVLogEx.DLL" [2010-08-25 214576] "TpShocks"="TpShocks.exe" [2007-11-22 181536] "EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2009-12-01 256576] "TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-03-04 487424] "DiskeeperSystray"="c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-11-15 217176] "AwaySch"="c:\program files\Lenovo\AwayTask\AwaySch.EXE" [2006-11-07 91688] "LPManager"="c:\progra~1\THINKV~1\PrdCtr\LPMGR.exe" [2008-01-11 144728] "ACTray"="c:\program files\ThinkPad\ConnectUtilities\ACTray.exe" [2007-07-05 419112] "ACWLIcon"="c:\program files\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2007-07-05 124200] "LenovoOobeOffers"="c:\swtools\LenovoWelcome\LenovoOobeOffers.exe" [2006-12-29 28672] "gemstrmw"="c:\windows\system32\gemstrmw.exe" [2004-09-15 24576] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "LPMailChecker"="c:\progra~1\THINKV~1\PrdCtr\LPMLCHK.exe" [2008-01-11 124248] "cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2007-11-30 2872632] "Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-30 583048] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-15 13556256] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-15 92704] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-12-07 1282048] "MaxMenuMgr"="c:\program files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-09-26 185640] "Message Center Plus"="c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-28 49976] "TPKMAPHELPER"="c:\program files\ThinkPad\Utilities\TpKmapAp.exe" [2007-02-27 992816] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-30 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-08 421160] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-09-01 449608] . c:\users\ME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ LenovoWelcome.lnk - c:\swtools\LenovoWelcome\LenovoWelcome.cmd [2007-3-21 972] _uninst_26973325.lnk - c:\users\ME\AppData\Local\Temp\_uninst_26973325.bat [N/A] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-11-5 113664] Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2007-3-29 719664] Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-11-3 50688] ImageMixer 3 SE Camera Monitor Ver.6.lnk - c:\program files\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\CameraMonitor.exe [2010-8-22 537968] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-08-10 133104] R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2010-04-07 45496] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 167936] R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-08-10 133104] S0 26973325;26973325;c:\windows\system32\DRIVERS\26973325.sys [2011-11-17 133208] S0 DozeHDD;DozeHDD;c:\windows\System32\DRIVERS\DozeHDD.sys [2010-08-25 24304] S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM86.sys [2007-10-17 19504] S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-13 13480] S2 DozeSvc;Lenovo Doze Mode Service;c:\program files\ThinkPad\Utilities\DOZESVC.EXE [2010-08-25 132456] S2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-09-26 189736] S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [2010-04-07 93032] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-09-01 366152] S2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2010-08-25 75112] S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2010-04-07 63928] S2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [2007-01-09 569344] S3 LenovoRd;LenovoRd;c:\windows\system32\Drivers\LenovoRd.sys [2007-06-08 81280] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-09-01 22216] S3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2009-03-04 4232704] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2009-08-20 47360] S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2007-05-22 30336] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 62560315 *NewlyCreated* - 94076420 *Deregistered* - 62560315 *Deregistered* - 94076420 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bthsvcs REG_MULTI_SZ BthServ . Contents of the 'Scheduled Tasks' folder . 2011-11-19 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 22:54] . 2011-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-10 00:15] . 2011-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-10 00:15] . 2011-11-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4057668369-3778188557-1293128559-1005Core.job - c:\users\ME\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-29 01:59] . 2011-11-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4057668369-3778188557-1293128559-1005UA.job - c:\users\ME\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-29 01:59] . 2011-11-19 c:\windows\Tasks\User_Feed_Synchronization-{7EF5CC87-B7E2-45CF-82EB-C3E2E5868936}.job - c:\windows\system32\msfeedssync.exe [2009-08-22 20:13] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: MasterCook: Select Image - c:\program files\MasterCook 9\Web\MCIEContext.hta TCP: DhcpNameServer = 192.168.200.1 FF - ProfilePath - c:\users\ME\AppData\Roaming\Mozilla\Firefox\Profiles\h7tic5hf.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - user.js: yahoo.homepage.dontask - true . - - - - ORPHANS REMOVED - - - - . HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe HKU-Default-Run-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-11-18 20:50 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Completion time: 2011-11-18 20:53:36 ComboFix-quarantined-files.txt 2011-11-19 04:53 . Pre-Run: 16,362,446,848 bytes free Post-Run: 16,461,332,480 bytes free . - - End Of File - - A1A24ACE208A350B526E97C47928509F
  6. the same windows error continues for pages, a windows update (first in a long time) failed here is the end of the file 11/14/2011 10:16:59 PM, Error: Service Control Manager [7034] - The ThinkPad PM Service service terminated unexpectedly. It has done this 1 time(s). 11/14/2011 10:16:59 PM, Error: Service Control Manager [7034] - The LiveUpdate Notice Service service terminated unexpectedly. It has done this 1 time(s). 11/12/2011 8:11:00 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. 11/12/2011 8:11:00 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 11/12/2011 8:11:00 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 11/12/2011 6:21:20 PM, Error: EventLog [6008] - The previous system shutdown at 6:17:38 PM on 11/12/2011 was unexpected. 11/12/2011 6:14:07 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 11/12/2011 5:40:02 PM, Error: Service Control Manager [7034] - The tvtnetwk service terminated unexpectedly. It has done this 1 time(s). 11/12/2011 5:37:15 PM, Error: Service Control Manager [7034] - The XAudioService service terminated unexpectedly. It has done this 1 time(s). 11/12/2011 12:40:51 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} 11/12/2011 12:39:44 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: lenovo.smi spldr TPPWRIF Wanarpv6 11/12/2011 12:39:44 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 11/12/2011 12:39:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 11/12/2011 12:39:06 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21 11/12/2011 12:39:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 11/12/2011 12:38:56 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 11/12/2011 12:38:38 PM, Error: EventLog [6008] - The previous system shutdown at 12:36:31 PM on 11/12/2011 was unexpected. 11/12/2011 1:15:04 PM, Error: Service Control Manager [7001] - The Windows Media Player Network Sharing Service service depends on the UPnP Device Host service which failed to start because of the following error: The dependency service or group failed to start. . ==== End Of File ===========================
  7. === Event Viewer Messages From Past Week ======== . 11/17/2011 7:21:46 PM, Error: TPM [13] - The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer. 11/17/2011 7:21:46 PM, Error: Microsoft-Windows-TBS [516] - An error occurred while communicating with the TPM. The driver returned 0x8007045d. 11/16/2011 8:51:34 PM, Error: Service Control Manager [7001] - The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 11/16/2011 8:51:34 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 11/16/2011 8:25:32 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service. 11/16/2011 8:20:40 PM, Error: EventLog [6008] - The previous system shutdown at 8:16:09 PM on 11/16/2011 was unexpected. 11/15/2011 7:40:58 AM, Error: Service Control Manager [7023] - The Windows Modules Installer service terminated with the following error: The process cannot access the file because it is being used by another process. 11/15/2011 7:37:43 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Update for Windows Vista (KB2345886). 11/15/2011 7:37:43 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows Vista (KB981322). 11/15/2011 7:37:43 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows Vista (KB972270). 11/15/2011 7:37:43 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows Vista (KB2423089). 11/15/2011 7:37:43 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows Vista (KB2378111). 11/15/2011 7:37:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706be: Security Update for Windows Vista (KB2511455). 11/15/2011 7:37:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows Vista (KB2579686). 11/15/2011 7:37:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows Vista (KB2567680). 11/15/2011 7:37:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows Vista (KB2507618). 11/15/2011 7:37:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows Vista (KB2419640). 11/15/2011 7:37:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Windows Vista (KB2207566). 11/15/2011 7:37:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft Silverlight (KB2617986). 11/15/2011 7:37:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft Office Outlook 2003 (KB2293428). 11/15/2011 7:37:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Security Update for Microsoft Office 2003 (KB976382). 11/15/2011 7:37:37 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800706ba: Microsoft .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 Security Update x86 (KB979910). 11/15/2011 6:52:50 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service. 11/15/2011 6:52:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Windows PowerShell 2.0 and WinRM 2.0 for Windows Vista (KB968930). 11/15/2011 6:52:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB975929). 11/15/2011 6:52:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB972145). 11/15/2011 6:52:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB2541763). 11/15/2011 6:52:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista Service Pack 2 (KB979688). 11/15/2011 6:52:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB975560). 11/15/2011 6:52:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2570947). 11/15/2011 6:52:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2296011). 11/15/2011 6:52:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Media Format Runtime 11 for Windows Vista (KB954155). 11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB980248). 11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB2563227). 11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB2533623). 11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Rights Management Services Client for Windows Vista (KB979099). 11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB979309). 11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB974571). 11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB974318). 11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB973565). 11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2620704). 11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2564958). 11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2556532). 11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2507938). 11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2481109). 11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2442962). 11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2079403). 11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Vista SP2 and Windows Server 2008 SP2 x86 (KB2539633). 11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Internet Explorer 8 for Windows Vista (KB2544521). 11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Microsoft .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 Update x86 (KB982536). 11/15/2011 6:52:11 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Cumulative Security Update for ActiveX Killbits for Windows Vista (KB2508272). 11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB970430). 11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB2641690). 11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB2545698). 11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB2505189). 11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB982799). 11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB978601). 11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB977816). 11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2588516). 11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2544893). 11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2483185). 11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2479943). 11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2412687). 11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2387149). 11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2305420). 11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2281679). 11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Microsoft .NET Framework 2.0 SP2 on Windows Vista SP2 and Windows Server 2008 SP2 x86 (KB2572075). 11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB2518866). 11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Microsoft .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 Update x86 (KB982525). 11/15/2011 6:52:10 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB2586448). 11/15/2011 6:52:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB976470). 11/15/2011 6:52:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB971029). 11/15/2011 6:52:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB2388210). 11/15/2011 6:52:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB2598845). 11/15/2011 6:52:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB981997). 11/15/2011 6:52:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB975558). 11/15/2011 6:52:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2536275). 11/15/2011 6:52:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2510531). 11/15/2011 6:52:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2503665). 11/15/2011 6:52:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2478935). 11/15/2011 6:52:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update Rollup for ActiveX Killbits for Windows Vista (KB2562937). 11/15/2011 6:52:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB2570791). 11/15/2011 6:52:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB982132). 11/15/2011 6:52:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB979687). 11/15/2011 6:52:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB979482). 11/15/2011 6:52:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2347290). 11/15/2011 6:52:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Microsoft .NET Framework 3.5 SP1, Windows Vista SP2, and Windows Server 2008 SP2 x86 (KB2416470). 11/15/2011 6:52:07 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Platform Update for Windows Vista (KB971644). 11/15/2011 6:52:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB971737). 11/15/2011 6:52:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Mail Junk E-mail Filter [November 2011] (KB905866). 11/15/2011 6:52:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB982665). 11/15/2011 6:52:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB978542). 11/15/2011 6:52:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2567053). 11/15/2011 6:52:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2536276). 11/15/2011 6:52:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2509553). 11/15/2011 6:52:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2508429). 11/15/2011 6:52:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2506212). 11/15/2011 6:52:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Platform Update Supplement for Windows Vista (KB2117917). 11/15/2011 6:52:05 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Update for Windows Vista (KB973687). 11/15/2011 6:52:05 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB975467). 11/15/2011 6:52:05 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2535512). 11/15/2011 6:52:05 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2532531). 11/15/2011 6:52:05 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070020: Security Update for Windows Vista (KB2393802). 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WUClient-SelfUpdate-Aux~31bf3856ad364e35~x86~en-US~7.4.7600.226 () into Staged(Staged) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WUClient-SelfUpdate-Aux~31bf3856ad364e35~x86~~7.4.7600.226 () into Staged(Staged) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WUClient-SelfUpdate-Aux-MiniLP~31bf3856ad364e35~x86~en-US~7.4.7600.226 () into Staged(Staged) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WUClient-SelfUpdate-Aux-AuxComp~31bf3856ad364e35~x86~en-US~7.4.7600.226 () into Staged(Staged) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WUClient-SelfUpdate-Aux-AuxComp~31bf3856ad364e35~x86~~7.4.7600.226 () into Staged(Staged) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Windows-Management-Protocols-Package~31bf3856ad364e35~x86~en-US~7.0.6002.18181 () into Absent(Absent) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Windows-Management-Protocols-Package~31bf3856ad364e35~x86~~7.0.6002.18181 () into Absent(Absent) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Windows-Management-Framework-Core~31bf3856ad364e35~x86~en-US~7.0.6002.18181 () into Absent(Absent) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Windows-Management-Framework-Core~31bf3856ad364e35~x86~~7.0.6002.18181 () into Absent(Absent) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Windows-Management-Framework-Core-MiniLP~31bf3856ad364e35~x86~en-US~7.0.6002.18181 () into Absent(Absent) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB982799_client~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB982799_client_2~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB982799_client_1~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB982665_client~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB982665_client_2~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB982665_client_1~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB982132_client~31bf3856ad364e35~x86~~6.0.1.2 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB982132_client_2~31bf3856ad364e35~x86~~6.0.1.2 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB982132_client_1~31bf3856ad364e35~x86~~6.0.1.2 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB981997_client~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB981997_client_2~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB981997_client_1~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB980842_client~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB980842_client_2~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB980248_client~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB980248_client_2~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB980248_client_1~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979899_client~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979899_client_2~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979688_client~31bf3856ad364e35~x86~~6.0.3.0 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979688_client_2~31bf3856ad364e35~x86~~6.0.3.0 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979687_client~31bf3856ad364e35~x86~~6.0.1.2 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979687_client_2~31bf3856ad364e35~x86~~6.0.1.2 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979687_client_1~31bf3856ad364e35~x86~~6.0.1.2 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979482_client~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979482_client_2~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979482_client_1~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979309_client~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979309_client_2~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979309_client_1~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979309_client_0~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979099_client~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979099_client_2~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979099_client_1~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB979099_client_0~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB978601_client~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB978601_client_2~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB978601_client_1~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB978601_client_0~31bf3856ad364e35~x86~~6.0.1.0 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB978542_client~31bf3856ad364e35~x86~~6.0.1.3 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB978542_client_2~31bf3856ad364e35~x86~~6.0.1.3 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB978542_client_1~31bf3856ad364e35~x86~~6.0.1.3 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB977816_client~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Package_for_KB977816_client_2~31bf3856ad364e35~x86~~6.0.1.1 () into Resolved(Resolved) state 11/15/2011 6:43:35 PM, Error: Microsoft-Windo
  8. DDS attach . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft® Windows Vista™ Home Basic Boot Device: \Device\HarddiskVolume2 Install Date: 11/3/2007 3:38:11 AM System Uptime: 11/17/2011 4:00:18 PM (3 hours ago) . Motherboard: LENOVO | | 7662CTO Processor: Intel® Core2 Duo CPU T7250 @ 2.00GHz | None | 2001/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 106 GiB total, 15.518 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP603: 11/15/2011 6:12:18 PM - Scheduled Checkpoint RP604: 11/16/2011 10:29:38 PM - Scheduled Checkpoint . ==== Installed Programs ====================== . . Access Help Activation Assistant for the 2007 Microsoft Office suites Adobe Flash Player 11 Plugin Adobe Flash Player ActiveX Adobe Photoshop CS Adobe Reader 8.3.1 Apple Application Support Apple Mobile Device Support Apple Software Update AutoUpdate Bonjour Canon RAW Image Task for ZoomBrowser EX Canon Utilities CameraWindow Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX Canon Utilities Digital Photo Professional 3.4 Canon Utilities EOS Utility Canon Utilities MyCamera Canon Utilities Original Data Security Tools Canon Utilities PhotoStitch Canon Utilities Picture Style Editor Canon Utilities RemoteCapture Task for ZoomBrowser EX Canon Utilities WFT-E1/E2/E3 Utility Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility Client Security - Password Manager Compatibility Pack for the 2007 Office system Curl RTE 6.0.2 Diskeeper Home DivX Codec DivX Converter DivX Player DivX Web Player Drag-to-Disc DVD Decrypter (Remove Only) DVD Shrink 3.2 DVDFab 6.0.4.0 (28/07/2009) EOS USB WIA Driver ESET Online Scanner v3 Facebook Plug-In ffdshow [rev 1723] [2007-12-24] Free Video Converter 1.0 Gemplus Smart Card Reader Tools Google Earth Plug-in Google Talk Plugin Google Update Helper Hamster Free Video Convertor HamsterFreeVideoConverter Handbrake 0.9.4 Help Center Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) ImageMixer 3 SE Ver.6 Transfer Utility ImageMixer 3 SE Ver.6 Video Tools Intel PROSet Wireless Intel® PRO Network Connections Drivers Intel® PROSet/Wireless WiFi Software InterVideo Register Manager InterVideo WinDVD iTunes Java Auto Updater Java 6 Update 29 Lenovo Auto Scroll Utility Lenovo Registration Lenovo System Interface Driver LiveUpdate 3.2 (Symantec Corporation) LiveUpdate Notice (Symantec Corporation) Maintenance Manager Malwarebytes' Anti-Malware version 1.51.2.1300 MasterCook Deluxe 9.1 Message Center Message Center Plus Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2572067) Microsoft .NET Framework 3.5 SP1 Microsoft Office 2003 Web Components Microsoft Office Professional Edition 2003 Microsoft Office Small Business Connectivity Components Microsoft Silverlight Microsoft SQL Server Native Client Microsoft SQL Server Setup Support Files (English) Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Mozilla Firefox 7.0.1 (x86 en-US) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Multimedia Center For Think Offerings Netflix Movie Viewer NVIDIA Drivers On Screen Display Picasa 3 Presentation Director Productivity Center Supplement for ThinkPad QuickTime Registry patch for Windows Vista USB S3 PM Enablement Registry patch of Changing Timing of IDLE IRP by Finger Print Driver for Windows Vista Registry Patch of Enabling Device Initiated Power Management(DIPM) on SATA for Windows Vista Registry patch to improve USB device detection on resume from sleep for Windows Vista Rescue and Recovery RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02 Seagate Manager Installer Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Skype™ 5.5 Sonic Icons for Lenovo SoundMAX Spelling Dictionaries Support For Adobe Reader 8 System Migration Assistant System Requirements Lab System Update ThinkPad Bluetooth with Enhanced Data Rate Software 6.0.1.4900 ThinkPad EasyEject Utility ThinkPad FullScreen Magnifier ThinkPad Hotkey Features Integration Setup ThinkPad Hotkey Features Setup ThinkPad Keyboard Customizer Utility ThinkPad Mobility Center Customization ThinkPad Modem ThinkPad Power Management Driver ThinkPad Power Manager ThinkPad UltraNav Driver ThinkPad UltraNav Utility ThinkVantage Access Connections ThinkVantage Active Protection System ThinkVantage Productivity Center ThinkVantage Technologies Welcome Message Trivial Pursuit Digital Choice v1.3.0 for Windows XP/Vista TVersity Codec Pack 1.2 Update for Microsoft .NET Framework 3.5 SP1 (KB963707) VideoLAN VLC media player 0.8.6i Wallpapers WD Discovery Software Windows Driver Package - Intel (e1express) Net (02/27/2007 9.7.37.0) Windows Driver Package - Intel (iaStor) hdc (02/12/2007 7.0.0.1020) Windows Driver Package - Intel hdc (11/15/2006 8.2.0.1011) Windows Driver Package - Intel hdc (12/06/2006 6.8.0.3002) Windows Driver Package - Intel System (09/15/2006 7.0.0.1011) Windows Driver Package - Intel System (09/15/2006 8.0.0.1008) Windows Driver Package - Intel System (09/15/2006 8.0.0.1010) Windows Driver Package - Intel System (09/15/2006 8.2.0.1000) Windows Driver Package - Intel USB (09/15/2006 8.0.0.1008) Windows Driver Package - Lenovo (IBMPMDRV) System (05/31/2007 1.43) Windows Live Toolbar Xvid 1.1.3 final uninstall . ====================
  9. DDS log . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18813 BrowserJavaVersion: 1.6.0_29 Run by ME at 19:25:52 on 2011-11-17 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2014.828 [GMT -8:00] . SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\ibmpmsvc.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\rundll32.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe C:\Windows\system32\IPSSVC.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe C:\Windows\system32\AEADISRV.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\Explorer.EXE C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\TpShocks.exe C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe C:\Program Files\Lenovo\Zoom\TpScrex.exe C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe C:\Program Files\Lenovo\AwayTask\AwaySch.EXE C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE C:\Program Files\Lenovo\Client Security Solution\cssauth.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Windows\System32\rundll32.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe C:\Windows\System32\TPHDEXLG.exe C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe C:\Program Files\Common Files\Lenovo\Logger\logmon.exe C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe C:\Program Files\Digital Line Detect\DLG.exe c:\program files\lenovo\system update\suservice.exe C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe C:\Program Files\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\CameraMonitor.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\ThinkPad\UTILIT~1\PWMUIAux.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Mozilla Firefox\firefox.exe c:\program files\windows defender\MpCmdRun.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\WmiApSrv.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll BHO: 1 (0x1) - No File BHO: IePasswordManagerHelper Class: {bf468356-bb7e-42d7-9f15-4f3b9bcfced2} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler mRun: [TPFNF7] c:\progra~1\lenovo\npdirect\TPFNF7SP.exe /r mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [TPHOTKEY] c:\program files\lenovo\hotkey\TPOSDSVC.exe mRun: [PWMTRV] rundll32 c:\progra~1\thinkpad\utilit~1\PWMTR32V.DLL,PwrMgrBkGndMonitor mRun: [bLOG] rundll32 c:\progra~1\thinkpad\utilit~1\BTVLogEx.DLL,StartBattLog mRun: [TpShocks] TpShocks.exe mRun: [EZEJMNAP] c:\progra~1\thinkpad\utilit~1\EzEjMnAp.Exe mRun: [TVT Scheduler Proxy] c:\program files\common files\lenovo\scheduler\scheduler_proxy.exe mRun: [DiskeeperSystray] "c:\program files\diskeeper corporation\diskeeper\DkIcon.exe" mRun: [AwaySch] c:\program files\lenovo\awaytask\AwaySch.EXE mRun: [LPManager] c:\progra~1\thinkv~1\prdctr\LPMGR.exe mRun: [ACTray] c:\program files\thinkpad\connectutilities\ACTray.exe mRun: [ACWLIcon] c:\program files\thinkpad\connectutilities\ACWLIcon.exe mRun: [LenovoOobeOffers] c:\swtools\lenovowelcome\lenovooobeoffers.exe /filepath="c:\swshare\firstrun.txt" mRun: [gemstrmw] c:\windows\system32\gemstrmw.exe /r mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [LPMailChecker] c:\progra~1\thinkv~1\prdctr\LPMLCHK.exe mRun: [cssauth] "c:\program files\lenovo\client security solution\cssauth.exe" silent mRun: [symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll" mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [MaxMenuMgr] "c:\program files\seagate\seagatemanager\freeagent status\StxMenuMgr.exe" mRun: [Message Center Plus] c:\program files\lenovo\message center plus\MCPLaunch.exe /start mRun: [TPKMAPHELPER] c:\program files\thinkpad\utilities\TpKmapAp.exe -helper mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" dRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe StartupFolder: c:\users\ME\appdata\roaming\micros~1\windows\startm~1\programs\startup\lenovo~1.lnk - c:\swtools\lenovowelcome\LenovoWelcome.cmd StartupFolder: c:\users\ME\appdata\roaming\micros~1\windows\startm~1\programs\startup\_unins~1.lnk - c:\users\renee\appdata\local\temp\_uninst_26973325.bat StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\thinkpad\bluetooth software\BTTray.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\imagem~1.lnk - c:\program files\pixela\imagemixer 3 se ver.6\transfer utility\CameraMonitor.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: MasterCook: Select Image - c:\program files\mastercook 9\web\MCIEContext.hta IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL IE: {E6EF5071-7647-4E85-9785-87B6CF5CB561} - {C92041C1-6D22-4069-BA0E-66246AA752B0} - c:\windows\system32\shdocvw.dll IE: {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - c:\program files\lenovo\client security solution\tvtpwm_ie_com.dll DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab TCP: DhcpNameServer = 192.168.200.1 TCP: Interfaces\{B0287FBF-A349-468B-A3AC-9CAEF7A47773} : DhcpNameServer = 192.168.200.1 . ================= FIREFOX =================== . FF - ProfilePath - c:\users\ME\appdata\roaming\mozilla\firefox\profiles\h7tic5hf.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\users\ME\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\users\ME\appdata\roaming\facebook\npfbplugin_1_0_3.dll FF - plugin: c:\users\ME\appdata\roaming\move networks\plugins\npqmp071505000011.dll FF - plugin: c:\users\ME\appdata\roaming\mozilla\plugins\npgoogletalk.dll FF - plugin: c:\users\ME\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll . ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true ============= SERVICES / DRIVERS =============== . R0 26973325;26973325;c:\windows\system32\drivers\26973325.sys [2011-11-16 133208] R0 DozeHDD;DozeHDD;c:\windows\system32\drivers\DOZEHDD.SYS [2010-11-5 24304] R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2007-10-16 19504] R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2010-11-5 13480] R2 DozeSvc;Lenovo Doze Mode Service;c:\program files\thinkpad\utilities\DOZESVC.EXE [2010-11-5 132456] R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-9-25 189736] R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\lenovo\virtscrl\lvvsst.exe [2010-11-5 93032] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-11-12 366152] R2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\thinkpad\utilities\PWMDBSVC.exe [2010-11-5 75112] R2 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2007-7-8 63928] R2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\lenovo\rescue and recovery\rrpservice.exe [2007-1-8 569344] R3 LenovoRd;LenovoRd;c:\windows\system32\drivers\LenovoRd.sys [2007-11-3 81280] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-11-12 22216] R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2009-3-4 4232704] R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [2007-5-22 30336] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-8-9 133104] S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\lenovo\hotkey\micmute.exe [2010-11-5 45496] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2006-11-2 167936] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-8-9 133104] . =============== Created Last 30 ================ . 2011-11-17 04:50:49 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{d1aaa792-2eb7-4746-a794-b94926808ce9}\offreg.dll 2011-11-17 04:43:35 -------- d-----w- c:\programdata\Kaspersky Lab 2011-11-17 04:42:02 133208 ----a-w- c:\windows\system32\drivers\26973325.sys 2011-11-15 07:48:16 6668624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{d1aaa792-2eb7-4746-a794-b94926808ce9}\mpengine.dll 2011-11-15 06:27:45 2421760 ----a-w- c:\windows\system32\wucltux.dll 2011-11-15 06:26:00 33792 ----a-w- c:\windows\system32\wuapp.exe 2011-11-15 06:26:00 171608 ----a-w- c:\windows\system32\wuwebv.dll 2011-11-13 02:36:42 -------- d-----w- c:\program files\ESET 2011-11-13 02:21:37 -------- d-sh--w- C:\$RECYCLE.BIN 2011-11-13 01:32:44 98816 ----a-w- c:\windows\sed.exe 2011-11-13 01:32:44 518144 ----a-w- c:\windows\SWREG.exe 2011-11-13 01:32:44 256000 ----a-w- c:\windows\PEV.exe 2011-11-13 01:32:44 208896 ----a-w- c:\windows\MBR.exe 2011-11-13 01:31:30 -------- d-----w- C:\ComboFix 2011-11-12 20:50:27 -------- d-----w- c:\users\ME\appdata\roaming\Malwarebytes 2011-11-12 20:50:14 -------- d-----w- c:\programdata\Malwarebytes 2011-11-12 20:50:10 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-12 20:50:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware . ==================== Find3M ==================== . 2011-11-15 06:23:32 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-03 13:06:03 472808 ----a-w- c:\windows\system32\deployJava1.dll . ============= FINISH: 19:26:37.61 ===============
  10. MBAM log Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 8165 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18813 11/16/2011 10:03:46 PM mbam-log-2011-11-16 (22-03-46).txt Scan type: Full scan (C:\|) Objects scanned: 319085 Time elapsed: 1 hour(s), 2 minute(s), 46 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  11. I had to run the full monte seems to be getting better but I still like someone to look at my logs, I'm woried my backdoor is getting accessed...
  12. Hello all, I'm following some of the instructions posted to combat a pesky re-direct issue. It seems TDSSKiller is recommend, but I can't get it run on my system. After downloaded and extracted to the desktop I double click the TDSSKiller icon, the hour glass runs for a few seconds but that is it. The program never actually runs. any ideas? thanks
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.