Blue screen, wifi trouble, XD memory card problems [Archive]

View Full Version : Blue screen, wifi trouble, XD memory card problems

bhubertus

2011-12-28, 17:26

TIA for any and all help. :-)
Here are the contents of my dds.txt:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13
Run by Sandra at 10:00:11 on 2011-12-28
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1527.807 [GMT -6:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
svchost.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Canon\DIAS\CnxDIAS.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\PROGRA~1\PANASO~1\REMOTE~1\KaNTSRV.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\PROGRA~1\Discover\SOAN\DISCOV~1.EXE
C:\Program Files\Browny02\Brother\BrStMonW.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe
C:\Program Files\ControlCenter4\BrCtrlCntr.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Zinio Alert Messenger\Zinio Alert Messenger.exe
C:\WINDOWS\system32\OBroker.exe
C:\Program Files\ControlCenter4\BrCcUxSys.exe
C:\Program Files\Browny02\BrYNSvc.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Documents and Settings\Sandra\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sandra\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sandra\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sandra\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sandra\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sandra\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sandra\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sandra\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://toolbar.google.com/done
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Secure Online Account Numbers Helper: {435eaa86-d32b-484f-869c-53745fcb1642} - c:\program files\discover\soan\DiscoverSOANHelper.dll
BHO: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
TB: Secure Online Account Numbers: {a8c7c2ca-6dfd-4e16-8458-592361564d38} - c:\program files\discover\soan\DiscoverSOANToolbar.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\sandra\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [THotkey] c:\program files\toshiba\toshiba applet\thotkey.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [SmoothView] c:\program files\toshiba\toshiba zooming utility\SmoothView.exe
mRun: [Tvs] c:\program files\toshiba\tvs\TvsTray.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\soundmax\SMax4PNP.exe
mRun: [SoundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [TFncKy] TFncKy.exe
mRun: [TPSMain] TPSMain.exe
mRun: [PadTouch] c:\program files\toshiba\touch and launch\PadExe.exe
mRun: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
mRun: [IntelWireless] c:\program files\intel\wireless\bin\ifrmewrk.exe /tf Intel PROSet/Wireless
mRun: [EOUApp] c:\program files\intel\wireless\bin\EOUWiz.exe
mRun: [Notebook Maximizer] c:\program files\notebook maximizer\maximizer_startup.exe
mRun: [CFSServ.exe] CFSServ.exe -NoClient
mRun: [DAEMON Tools-1033] "c:\program files\d-tools\daemon.exe" -lang 1033
mRun: [PaperPort PTD] c:\program files\scansoft\paperport\pptd40nt.exe
mRun: [IndexSearch] c:\program files\scansoft\paperport\IndexSearch.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [REGSHAVE] c:\program files\regshave\REGSHAVE.EXE /AUTORUN
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Secure Online Account Numbers] c:\progra~1\discover\soan\DISCOV~1.EXE /dontopenmycards
mRun: [ControlCenter4] c:\program files\controlcenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] c:\program files\browny02\brother\BrStMonW.exe /AUTORUN
StartupFolder: c:\docume~1\sandra\startm~1\programs\startup\zinioa~1.lnk - c:\program files\zinio alert messenger\Zinio Alert Messenger.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - c:\windows\system32\RAMASST.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0\bin\npjpi150.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - hxxps://www.topproduceronline.com/downloads/msjavx86.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: igfxcui - igfxsrvc.dll
Notify: IntelWireless - c:\program files\intel\wireless\bin\LgNotify.dll
SEH: IBShellExecuteHook: {54697f09-baf4-422e-8e7a-a563b020b1a5} - c:\idrive for ibackup\IBShellView.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\sandra\application data\mozilla\firefox\profiles\krdbdvsr.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.type - 1
FF - component: c:\program files\discover\soan\components\SlimOrbAddonDiscoverSOAN.dll
FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
FF - plugin: c:\documents and settings\sandra\local settings\application data\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre1.5.0\bin\NPJPI150.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Secure Online Account Numbers: discoversoan@orbiscom - c:\program files\discover\SOAN
.
============= SERVICES / DRIVERS ===============
.
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2005-9-13 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2005-9-13 5248]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-8-9 11608]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-8-9 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-8-9 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-8-9 66616]
R2 IBFs;IBackup File System Driver;c:\idrive for ibackup\IBfs.sys [2005-6-7 36548]
R3 BrYNSvc;BrYNSvc;c:\program files\browny02\BrYNSvc.exe [2011-9-11 245760]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-4-18 136176]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-4-18 136176]
S3 IBNP;IBackup Network Provider; [x]
S3 nwusbmdm;Novatel Wireless Merlin CDMA EV-DO Modem Driver;c:\windows\system32\drivers\nwusbmdm.sys [2005-9-13 63360]
S3 nwusbser;Novatel Wireless Merlin CDMA EV-DO Status Port;c:\windows\system32\drivers\nwusbser.sys [2005-9-13 63360]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-31 23:43:21 832512 ----a-w- c:\windows\system32\wininet.dll
2011-10-31 23:43:21 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-10-31 23:43:21 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2011-10-31 23:43:20 17408 ----a-w- c:\windows\system32\corpol.dll
2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:33:08 2192768 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52:03 2069376 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13:22 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
.
============= FINISH: 10:01:32.02 ===============

Jack&Jill

2012-01-08, 17:27

Hello and welcome to Safer Networking.

I am currently assessing your situation and will be back with a fix for your problem as soon as possible.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this, click Thread Tools, then click Subscribe to this Thread. Under the Notification Type: title, make sure it is set to Instant notification by email, then click Add Subscription.

Please be patient with me during this time.

Meanwhile, please make a reply to this topic to acknowledge that you have read this and is still with me to tackle the problem until the end. If I do not get any response within 3 days, this topic will be closed.

bhubertus

2012-01-08, 19:17

Hello,

I've read your reply and I'm still here.

Thx

Jack&Jill

2012-01-09, 01:42

Hello bhubertus :),

Welcome to Safer Networking. I am Jack&Jill, and I will be helping you out.

Before we go further, there are a few things that I would like to make clear so that we are share the same understanding.

Please observe and follow these Forum Rules (http://forums.spybot.info/showthread.php?t=288).
Any advice is for your computer only and is taken at your own risk. Fixes sometimes will cause unexpected results, but I will do my best to assist you.
Please read the instructions carefully and follow them closely, in the order they are presented to you.
If you have any doubts or problems during the fix, please stop and ask.
All the tools that I will ask you to download and use are safe. Please allow if prompted by any of your security softwares.
Do not use or run any malware cleaning tools without supervision as they may cause more harm if improperly used.
Refrain from installing any new programs except those that I request during the fix to prevent interference to my diagnosis of the problem.
Lack of malware symptoms does not mean your computer is clean. Stick to this topic until I give the All Clear.
If you do not reply within 3 days, this topic will be closed.
If you are agreeable to the above, then everything should go smoothly :) . We may begin.

--------------------

Your log looks clean. Your problem could be not malware related. What other symptoms do you experience?

Is this a business machine?

bhubertus

2012-01-10, 08:02

This is my home laptop. I'm not sure if it's an infection or not but I had some some odd things happen in the past. First of all, my previous laptop died when I got a blue screen and it wouldn't boot anymore. I took it to a place to clean it and they said system files had been corrupted. I can't remember for sure if they were able to find evidence of malware but I bought an ATA to USB adapter and transferred my photos, etc to this laptop. (They're both older laptops, bought probably around 2005.)

About a month ago I used this laptop to pull pictures off of my camera's xD card and something weird happened. It pulled ~70 pics out of ~1000 and then wasn't able to access the card anymore (of the 70 pics only 1 was actually viewable). I had a software guy at my work look at the xD card using a linux system and he determined that a quick format command had been issued and he was able to recover the photos. He speculated that it could be a driver problem while accessing the xD card or even possibly a virus (I could imagine a particularly sh*tty virus that would format a memory card when transferring photos). Then a couple weeks later I got the blue screen out of the blue and it felt somewhat like deja vu from the previous laptop dying.

So the combination of one laptop dying a blue screen death, transferring files from it to another laptop which then mysteriously eats the pictures from a memory card, then having a similar-feeling blue screen made me suspect malware of some sort. Kind of a long explanation but I wanted you to know my experience so far.

Jack&Jill

2012-01-10, 08:46

Hello bhubertus :),

Well, the symptoms do sound like hardware issues considering the age.

Lets take a look to be sure. It would be prudent to do some backing up if you haven't.

There are also some outdated programs that could become a security risk if not addressed, but we will work on them only after we have confirmed the hardware status.

--------------------

Please download MiniToolBox© by farbar and save it to your desktop. Click here. (http://download.bleepingcomputer.com/farbar/MiniToolBox.exe)

Double click on MiniToolBox.exe to run it.
Please check (tick) the following options:
List last 10 Event Viewer Errors
List Users, Partitions and Memory size.
List Minidump Files
Click on the GO button. A log will open.
Please post the contents of this log. It can also be found on the desktop as Result.txt.

--------------------

Please download aswMBR and save it to your desktop. Click here. (http://public.avast.com/~gmerek/aswMBR.exe)

Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
If you need help to disable your protection programs see here (http://www.techsupportforum.com/security-center/virus-trojan-spyware-help/490111-how-disable-your-security-applications.html) and here (http://www.bleepingcomputer.com/forums/topic114351.html).
Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.
When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.
Please post the contents of the log in your next reply.

--------------------

Please post back:
1. MiniToolBox result
2. aswMBR log

bhubertus

2012-01-11, 06:00

1. MiniToolBox result

MiniToolBox by Farbar
Ran by Sandra (administrator) on 10-01-2012 at 21:55:32
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/10/2012 09:54:38 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2012/01/10 21:54:38.292]: [00000212]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[208.69.32.145]

Error: (01/10/2012 09:53:28 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2012/01/10 21:53:28.752]: [00000212]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[208.69.32.145]

Error: (01/10/2012 09:52:19 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2012/01/10 21:52:19.712]: [00000212]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[208.69.32.145]

Error: (01/10/2012 09:51:10 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2012/01/10 21:51:10.683]: [00000212]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[208.69.32.145]

Error: (01/10/2012 09:50:01 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2012/01/10 21:50:01.674]: [00000212]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[208.69.32.145]

Error: (01/10/2012 09:48:52 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2012/01/10 21:48:52.655]: [00000212]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[208.69.32.145]

Error: (01/10/2012 09:47:43 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2012/01/10 21:47:43.635]: [00000212]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[208.69.32.145]

Error: (01/10/2012 09:46:34 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2012/01/10 21:46:34.626]: [00000212]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[208.69.32.145]

Error: (01/10/2012 09:45:25 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2012/01/10 21:45:25.607]: [00000212]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[208.69.32.145]

Error: (01/10/2012 09:44:16 PM) (Source: Brother BrLog) (User: )
Description: STI BrtSTI: [2012/01/10 21:44:16.598]: [00000212]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[208.69.32.145]

System errors:
=============
Error: (01/10/2012 09:41:00 PM) (Source: Dhcp) (User: )
Description: Your computer was not assigned an address from the network (by the DHCP
Server) for the Network Card with network address 0012F0410A29. The following error
occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Error: (01/04/2012 11:46:40 AM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.11 on the
Network Card with network address 0012F0410A29.

Error: (01/01/2012 01:57:17 AM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (01/01/2012 01:57:17 AM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (01/01/2012 01:57:08 AM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.1.8 on the
Network Card with network address 0012F0410A29.

Error: (12/28/2011 10:20:58 AM) (Source: Dhcp) (User: )
Description: Your computer was not assigned an address from the network (by the DHCP
Server) for the Network Card with network address 0012F0410A29. The following error
occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Error: (12/28/2011 10:17:21 AM) (Source: Service Control Manager) (User: )
Description: The Panasonic Trap Monitor Service service terminated with the following error:
%%183

Error: (12/28/2011 10:00:14 AM) (Source: Service Control Manager) (User: )
Description: The CL500_510 Remote Server service has reported an invalid current state 0.

Error: (12/28/2011 09:57:45 AM) (Source: Service Control Manager) (User: )
Description: The Panasonic Trap Monitor Service service terminated with the following error:
%%183

Error: (12/28/2011 09:38:02 AM) (Source: System Error) (User: )
Description: Error code 1000008e, parameter1 c0000005, parameter2 bf955389, parameter3 a7635c00, parameter4 00000000.

Microsoft Office Sessions:
=========================
Error: (01/10/2012 09:54:38 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2012/01/10 21:54:38.292]: [00000212]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[208.69.32.145]

Error: (01/10/2012 09:53:28 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2012/01/10 21:53:28.752]: [00000212]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[208.69.32.145]

Error: (01/10/2012 09:52:19 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2012/01/10 21:52:19.712]: [00000212]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[208.69.32.145]

Error: (01/10/2012 09:51:10 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2012/01/10 21:51:10.683]: [00000212]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[208.69.32.145]

Error: (01/10/2012 09:50:01 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2012/01/10 21:50:01.674]: [00000212]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[208.69.32.145]

Error: (01/10/2012 09:48:52 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2012/01/10 21:48:52.655]: [00000212]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[208.69.32.145]

Error: (01/10/2012 09:47:43 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2012/01/10 21:47:43.635]: [00000212]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[208.69.32.145]

Error: (01/10/2012 09:46:34 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2012/01/10 21:46:34.626]: [00000212]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[208.69.32.145]

Error: (01/10/2012 09:45:25 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2012/01/10 21:45:25.607]: [00000212]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[208.69.32.145]

Error: (01/10/2012 09:44:16 PM) (Source: Brother BrLog)(User: )
Description: STIBrtSTI: [2012/01/10 21:44:16.598]: [00000212]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[208.69.32.145]

========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 1527.42 MB
Available physical RAM: 860.9 MB
Total Pagefile: 2136.75 MB
Available Pagefile: 1467.75 MB
Total Virtual: 2047.88 MB
Available Virtual: 1978.2 MB

========================= Partitions: =====================================

1 Drive c: (SQ003520) (Fixed) (Total:74.33 GB) (Free:23.98 GB) NTFS

========================= Users: ========================================

User accounts for \\SANDRA-LAPTOP

Administrator ASPNET Guest
HelpAssistant Sandra SUPPORT_388945a0

========================= Minidump Files ==================================

C:\WINDOWS\Minidump\Mini012006-01.dmp
C:\WINDOWS\Minidump\Mini122811-01.dmp

**** End of log ****

2. aswMBR log

aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-10 22:03:23
-----------------------------
22:03:23.917 OS Version: Windows 5.1.2600 Service Pack 3
22:03:23.917 Number of processors: 1 586 0xD08
22:03:23.917 ComputerName: SANDRA-LAPTOP UserName: Sandra
22:03:25.420 Initialize success
22:04:36.432 AVAST engine defs: 12011001
22:04:59.445 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
22:04:59.445 Disk 0 Vendor: FUJITSU_MHT2080AT 0022 Size: 76319MB BusType: 3
22:04:59.445 Device \Driver\atapi -> DriverStartIo f7483864
22:04:59.445 Device \Driver\atapi -> MajorFunction 89f1bf00
22:04:59.465 Disk 0 MBR read successfully
22:04:59.475 Disk 0 MBR scan
22:04:59.535 Disk 0 unknown MBR code
22:04:59.535 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76112 MB offset 63
22:04:59.565 Disk 0 Partition 2 00 88 Linux plaintext A*Kárò'ó 203 MB offset 155878695
22:04:59.575 Disk 0 scanning sectors +156296385
22:04:59.615 Disk 0 scanning C:\WINDOWS\system32\drivers
22:05:15.187 Service scanning
22:05:16.489 Modules scanning
22:05:33.374 Module: C:\WINDOWS\system32\dla\tfsndres.sys **SUSPICIOUS**
22:05:39.522 Disk 0 trace - called modules:
22:05:39.542 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x89f1bf00]<<
22:05:39.552 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a3d0ab8]
22:05:39.552 3 CLASSPNP.SYS[f7657fd7] -> nt!IofCallDriver -> \Device\0000007c[0x8a454978]
22:05:39.552 5 ACPI.sys[f7588620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a37f940]
22:05:39.562 \Driver\atapi[0x8a380b08] -> IRP_MJ_CREATE -> 0x89f1bf00
22:05:40.183 AVAST engine scan C:\WINDOWS
22:06:08.935 AVAST engine scan C:\WINDOWS\system32
22:08:21.275 AVAST engine scan C:\WINDOWS\system32\drivers
22:08:38.620 AVAST engine scan C:\Documents and Settings\Sandra
22:50:39.044 AVAST engine scan C:\Documents and Settings\All Users
22:51:37.238 Scan finished successfully
22:55:00.059 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Sandra\Desktop\MBR.dat"
22:55:00.059 The log file has been saved successfully to "C:\Documents and Settings\Sandra\Desktop\aswMBR.txt"

Jack&Jill

2012-01-11, 06:52

Hello bhubertus :),

Disable CD Emulation drivers

Please download DeFogger© by jpshortstuff and save it to your desktop. Click here. (http://www.jpshortstuff.247fixes.com/Defogger.exe)
Double click on DeFogger.exe to run the tool.
The application window will appear.
Click the Disable button to disable your CD Emulation drivers.
Click Yes to continue.
A Finished! message will appear, then click OK.
DeFogger will now ask to reboot the machine, click OK.
DO NOT re-enable these drivers until otherwise instructed.

If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

Then, repeat the aswMBR step and post back the latest result.

--------------------

Please download TDSSKiller© from Kaspersky and save it to your desktop. Click here. (http://support.kaspersky.com/downloads/utils/tdsskiller.exe)

Alternatively, you may get the zip version (http://support.kaspersky.com/downloads/utils/tdsskiller.zip) and extract the file to the desktop.
Double click on TDSSKiller.exe to execute it.
Click on Change parameters, then check (tick) Verify driver digital signatures and Detect TDLFS file system.
Click OK and press Start scan to begin.
If anything is found, please change all the actions to Skip only. <-- Important, please select Skip only, DO NOT proceed other actions.
Then click on Continue at the lower right corner.
You may be prompted to reboot your computer, please consent.
Once complete, a log will be produced at C:\. It will be named TDSSKiller.Version_Date_Time_log.txt, for example, C:\TDSSKiller.2.4.12.0_26.12.2010_23.12.11_log.txt.
Please post the contents of this log.

--------------------

Please zip this file up and attach it in your reply:
C:\WINDOWS\Minidump\Mini122811-01.dmp

--------------------

Please post back:
1. new aswMBR log
2. TDSSKiller log
3. the minidump file as attachment

bhubertus

2012-01-12, 04:03

1. new aswMBR log

aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-11 19:54:11
-----------------------------
19:54:11.666 OS Version: Windows 5.1.2600 Service Pack 3
19:54:11.686 Number of processors: 1 586 0xD08
19:54:11.686 ComputerName: SANDRA-LAPTOP UserName: Sandra
19:54:32.496 Initialize success
19:54:46.296 AVAST engine defs: 12011001
19:55:39.913 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
19:55:39.913 Disk 0 Vendor: FUJITSU_MHT2080AT 0022 Size: 76319MB BusType: 3
19:55:39.943 Disk 0 MBR read successfully
19:55:39.943 Disk 0 MBR scan
19:55:40.003 Disk 0 unknown MBR code
19:55:40.003 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76112 MB offset 63
19:55:40.033 Disk 0 Partition 2 00 88 Linux plaintext A*Kárò'ó 203 MB offset 155878695
19:55:40.073 Disk 0 scanning sectors +156296385
19:55:40.123 Disk 0 scanning C:\WINDOWS\system32\drivers
19:55:55.445 Service scanning
19:55:56.767 Modules scanning
19:56:04.959 Module: C:\WINDOWS\system32\dla\tfsndres.sys **SUSPICIOUS**
19:56:06.421 Disk 0 trace - called modules:
19:56:06.802 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
19:56:06.802 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a3cfab8]
19:56:06.812 3 CLASSPNP.SYS[f7657fd7] -> nt!IofCallDriver -> \Device\0000007b[0x8a453788]
19:56:06.812 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a3874d0]
19:56:07.372 AVAST engine scan C:\WINDOWS
19:56:34.762 AVAST engine scan C:\WINDOWS\system32
19:58:47.453 AVAST engine scan C:\WINDOWS\system32\drivers
19:59:05.408 AVAST engine scan C:\Documents and Settings\Sandra
20:45:25.206 AVAST engine scan C:\Documents and Settings\All Users
20:46:25.943 Scan finished successfully
20:50:44.965 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Sandra\Desktop\MBR.dat"
20:50:44.965 The log file has been saved successfully to "C:\Documents and Settings\Sandra\Desktop\aswMBR2.txt"

2. TDSSKiller log

20:53:44.0694 1860 TDSS rootkit removing tool 2.7.0.0 Jan 10 2012 09:14:26
20:53:46.0707 1860 ============================================================
20:53:46.0707 1860 Current date / time: 2012/01/11 20:53:46.0707
20:53:46.0707 1860 SystemInfo:
20:53:46.0707 1860
20:53:46.0707 1860 OS Version: 5.1.2600 ServicePack: 3.0
20:53:46.0707 1860 Product type: Workstation
20:53:46.0707 1860 ComputerName: SANDRA-LAPTOP
20:53:46.0707 1860 UserName: Sandra
20:53:46.0707 1860 Windows directory: C:\WINDOWS
20:53:46.0707 1860 System windows directory: C:\WINDOWS
20:53:46.0707 1860 Processor architecture: Intel x86
20:53:46.0707 1860 Number of processors: 1
20:53:46.0707 1860 Page size: 0x1000
20:53:46.0707 1860 Boot type: Normal boot
20:53:46.0707 1860 ============================================================
20:53:50.0702 1860 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000, SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000054
20:53:50.0793 1860 Initialize success
20:54:10.0211 2792 ============================================================
20:54:10.0211 2792 Scan started
20:54:10.0211 2792 Mode: Manual; SigCheck; TDLFS;
20:54:10.0211 2792 ============================================================
20:54:11.0012 2792 Abiosdsk - ok
20:54:11.0062 2792 abp480n5 - ok
20:54:11.0142 2792 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:54:13.0826 2792 ACPI - ok
20:54:13.0976 2792 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
20:54:14.0216 2792 ACPIEC - ok
20:54:14.0236 2792 adpu160m - ok
20:54:14.0336 2792 aeaudio (f13d8e7e1faa31019c25eb17b5fb2662) C:\WINDOWS\system32\drivers\aeaudio.sys
20:54:14.0397 2792 aeaudio - ok
20:54:14.0687 2792 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:54:14.0897 2792 aec - ok
20:54:15.0017 2792 AegisP (f498fd605c08404b20a48954c722ff74) C:\WINDOWS\system32\DRIVERS\AegisP.sys
20:54:15.0088 2792 AegisP ( UnsignedFile.Multi.Generic ) - warning
20:54:15.0088 2792 AegisP - detected UnsignedFile.Multi.Generic (1)
20:54:15.0198 2792 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:54:15.0318 2792 AFD - ok
20:54:15.0578 2792 AgereSoftModem (b06d36c988152b4c8dea71235f6d1011) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
20:54:15.0909 2792 AgereSoftModem - ok
20:54:15.0959 2792 Aha154x - ok
20:54:16.0009 2792 aic78u2 - ok
20:54:16.0059 2792 aic78xx - ok
20:54:16.0109 2792 AliIde - ok
20:54:16.0179 2792 amsint - ok
20:54:16.0329 2792 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:54:16.0520 2792 Arp1394 - ok
20:54:16.0580 2792 asc - ok
20:54:16.0630 2792 asc3350p - ok
20:54:16.0670 2792 asc3550 - ok
20:54:16.0770 2792 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
20:54:16.0790 2792 ASCTRM ( UnsignedFile.Multi.Generic ) - warning
20:54:16.0790 2792 ASCTRM - detected UnsignedFile.Multi.Generic (1)
20:54:16.0880 2792 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:54:17.0060 2792 AsyncMac - ok
20:54:17.0221 2792 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:54:17.0361 2792 atapi - ok
20:54:17.0471 2792 Atdisk - ok
20:54:17.0571 2792 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:54:17.0741 2792 Atmarpc - ok
20:54:17.0801 2792 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:54:18.0012 2792 audstub - ok
20:54:18.0202 2792 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
20:54:18.0252 2792 avgio - ok
20:54:18.0292 2792 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:54:18.0382 2792 avgntflt - ok
20:54:18.0482 2792 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:54:18.0522 2792 avipbb - ok
20:54:18.0633 2792 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:54:18.0803 2792 Beep - ok
20:54:18.0943 2792 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:54:19.0143 2792 cbidf2k - ok
20:54:19.0203 2792 cd20xrnt - ok
20:54:19.0274 2792 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:54:19.0444 2792 Cdaudio - ok
20:54:19.0554 2792 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:54:19.0734 2792 Cdfs - ok
20:54:19.0914 2792 Cdr4_xp (c269488c6432b58922c5a3a5fa6ee119) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
20:54:19.0965 2792 Cdr4_xp ( UnsignedFile.Multi.Generic ) - warning
20:54:19.0965 2792 Cdr4_xp - detected UnsignedFile.Multi.Generic (1)
20:54:20.0025 2792 Cdralw2k (baced3e0135a880d5249b09000aee285) C:\WINDOWS\system32\drivers\Cdralw2k.sys
20:54:20.0055 2792 Cdralw2k ( UnsignedFile.Multi.Generic ) - warning
20:54:20.0055 2792 Cdralw2k - detected UnsignedFile.Multi.Generic (1)
20:54:20.0125 2792 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:54:20.0295 2792 Cdrom - ok
20:54:20.0395 2792 Changer - ok
20:54:20.0505 2792 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
20:54:20.0676 2792 CmBatt - ok
20:54:20.0696 2792 CmdIde - ok
20:54:20.0746 2792 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
20:54:20.0916 2792 Compbatt - ok
20:54:21.0056 2792 Cpqarray - ok
20:54:21.0166 2792 d347bus (5776322f93cdb91086111f5ffbfda2a0) C:\WINDOWS\system32\DRIVERS\d347bus.sys
20:54:21.0226 2792 d347bus ( UnsignedFile.Multi.Generic ) - warning
20:54:21.0226 2792 d347bus - detected UnsignedFile.Multi.Generic (1)
20:54:21.0246 2792 d347prt (b49f79ace459763f4e0380071be9cb45) C:\WINDOWS\System32\Drivers\d347prt.sys
20:54:21.0286 2792 d347prt ( UnsignedFile.Multi.Generic ) - warning
20:54:21.0286 2792 d347prt - detected UnsignedFile.Multi.Generic (1)
20:54:21.0306 2792 dac2w2k - ok
20:54:21.0327 2792 dac960nt - ok
20:54:21.0357 2792 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:54:21.0547 2792 Disk - ok
20:54:21.0647 2792 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
20:54:21.0927 2792 dmboot - ok
20:54:21.0977 2792 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
20:54:22.0178 2792 dmio - ok
20:54:22.0368 2792 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:54:22.0548 2792 dmload - ok
20:54:22.0598 2792 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:54:22.0759 2792 DMusic - ok
20:54:22.0799 2792 dpti2o - ok
20:54:22.0899 2792 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:54:23.0039 2792 drmkaud - ok
20:54:23.0129 2792 drvmcdb (f41619ae216b51d68dda163805eefaa9) C:\WINDOWS\system32\drivers\drvmcdb.sys
20:54:23.0179 2792 drvmcdb ( UnsignedFile.Multi.Generic ) - warning
20:54:23.0179 2792 drvmcdb - detected UnsignedFile.Multi.Generic (1)
20:54:23.0209 2792 drvnddm (b295700e684ed1984db1d6be40354421) C:\WINDOWS\system32\drivers\drvnddm.sys
20:54:23.0269 2792 drvnddm ( UnsignedFile.Multi.Generic ) - warning
20:54:23.0269 2792 drvnddm - detected UnsignedFile.Multi.Generic (1)
20:54:23.0339 2792 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:54:23.0530 2792 Fastfat - ok
20:54:23.0580 2792 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
20:54:23.0750 2792 Fdc - ok
20:54:23.0770 2792 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
20:54:23.0940 2792 Fips - ok
20:54:24.0070 2792 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
20:54:24.0251 2792 Flpydisk - ok
20:54:24.0371 2792 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:54:24.0541 2792 FltMgr - ok
20:54:24.0601 2792 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:54:24.0822 2792 Fs_Rec - ok
20:54:24.0922 2792 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:54:25.0122 2792 Ftdisk - ok
20:54:25.0242 2792 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:54:25.0412 2792 Gpc - ok
20:54:25.0563 2792 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:54:25.0713 2792 HidUsb - ok
20:54:25.0753 2792 hpn - ok
20:54:25.0833 2792 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:54:25.0933 2792 HTTP - ok
20:54:25.0953 2792 i2omgmt - ok
20:54:25.0973 2792 i2omp - ok
20:54:26.0043 2792 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:54:26.0214 2792 i8042prt - ok
20:54:26.0354 2792 ialm (510a5e1cb84e82d4e89dff3d96752048) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
20:54:26.0614 2792 ialm - ok
20:54:26.0744 2792 IBFs (34aadf1be3c56df6fa8a974d7b46593e) C:\IDrive for IBackup\IBfs.sys
20:54:26.0794 2792 IBFs ( UnsignedFile.Multi.Generic ) - warning
20:54:26.0794 2792 IBFs - detected UnsignedFile.Multi.Generic (1)
20:54:26.0915 2792 IBNP - ok
20:54:27.0025 2792 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:54:27.0205 2792 Imapi - ok
20:54:27.0235 2792 ini910u - ok
20:54:27.0285 2792 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
20:54:27.0455 2792 IntelIde - ok
20:54:27.0525 2792 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:54:27.0686 2792 intelppm - ok
20:54:27.0776 2792 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:54:27.0956 2792 Ip6Fw - ok
20:54:28.0076 2792 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:54:28.0256 2792 IpFilterDriver - ok
20:54:28.0377 2792 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:54:28.0557 2792 IpInIp - ok
20:54:28.0647 2792 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:54:28.0807 2792 IpNat - ok
20:54:28.0867 2792 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:54:29.0028 2792 IPSec - ok
20:54:29.0118 2792 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:54:29.0278 2792 IRENUM - ok
20:54:29.0388 2792 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:54:29.0669 2792 isapnp - ok
20:54:29.0959 2792 Iviaspi (f59c3569a2f2c464bb78cb1bdcdca55e) C:\WINDOWS\system32\drivers\iviaspi.sys
20:54:30.0029 2792 Iviaspi ( UnsignedFile.Multi.Generic ) - warning
20:54:30.0029 2792 Iviaspi - detected UnsignedFile.Multi.Generic (1)
20:54:30.0229 2792 IWCA (872d090ca5c306f62d1982bce6302376) C:\WINDOWS\system32\DRIVERS\iwca.sys
20:54:30.0460 2792 IWCA - ok
20:54:30.0610 2792 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:54:30.0780 2792 Kbdclass - ok
20:54:30.0880 2792 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:54:31.0030 2792 kbdhid - ok
20:54:31.0161 2792 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:54:31.0361 2792 kmixer - ok
20:54:31.0501 2792 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:54:31.0621 2792 KSecDD - ok
20:54:31.0711 2792 lbrtfdc - ok
20:54:31.0792 2792 meiudf (6a75fd0b5f008d711dc44d9693e8d632) C:\WINDOWS\system32\Drivers\meiudf.sys
20:54:31.0842 2792 meiudf ( UnsignedFile.Multi.Generic ) - warning
20:54:31.0842 2792 meiudf - detected UnsignedFile.Multi.Generic (1)
20:54:31.0982 2792 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:54:32.0192 2792 mnmdd - ok
20:54:32.0302 2792 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
20:54:32.0463 2792 Modem - ok
20:54:32.0603 2792 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:54:32.0773 2792 Mouclass - ok
20:54:32.0913 2792 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:54:33.0083 2792 mouhid - ok
20:54:33.0154 2792 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:54:33.0344 2792 MountMgr - ok
20:54:33.0654 2792 mraid35x - ok
20:54:33.0714 2792 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:54:33.0895 2792 MRxDAV - ok
20:54:34.0035 2792 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:54:34.0225 2792 MRxSmb - ok
20:54:34.0305 2792 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:54:34.0475 2792 Msfs - ok
20:54:34.0606 2792 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:54:34.0776 2792 MSKSSRV - ok
20:54:34.0856 2792 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:54:35.0036 2792 MSPCLOCK - ok
20:54:35.0126 2792 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:54:35.0317 2792 MSPQM - ok
20:54:35.0367 2792 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:54:35.0537 2792 mssmbios - ok
20:54:35.0617 2792 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:54:35.0757 2792 Mup - ok
20:54:35.0968 2792 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:54:36.0148 2792 NDIS - ok
20:54:36.0318 2792 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:54:36.0368 2792 NdisTapi - ok
20:54:36.0568 2792 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:54:36.0749 2792 Ndisuio - ok
20:54:36.0799 2792 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:54:36.0959 2792 NdisWan - ok
20:54:37.0069 2792 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:54:37.0189 2792 NDProxy - ok
20:54:37.0370 2792 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:54:37.0550 2792 NetBIOS - ok
20:54:37.0710 2792 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:54:37.0890 2792 NetBT - ok
20:54:38.0011 2792 Netdevio (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS\netdevio.sys
20:54:38.0051 2792 Netdevio ( UnsignedFile.Multi.Generic ) - warning
20:54:38.0051 2792 Netdevio - detected UnsignedFile.Multi.Generic (1)
20:54:38.0141 2792 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:54:38.0291 2792 NIC1394 - ok
20:54:38.0391 2792 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:54:38.0571 2792 Npfs - ok
20:54:38.0732 2792 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:54:38.0962 2792 Ntfs - ok
20:54:39.0122 2792 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:54:39.0322 2792 Null - ok
20:54:39.0413 2792 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:54:39.0603 2792 NwlnkFlt - ok
20:54:39.0703 2792 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:54:39.0873 2792 NwlnkFwd - ok
20:54:40.0053 2792 nwusbmdm (005634fc30e95f1c2691095c7f79371b) C:\WINDOWS\system32\DRIVERS\nwusbmdm.sys
20:54:40.0174 2792 nwusbmdm - ok
20:54:40.0284 2792 nwusbser (005634fc30e95f1c2691095c7f79371b) C:\WINDOWS\system32\DRIVERS\nwusbser.sys
20:54:40.0304 2792 nwusbser - ok
20:54:40.0414 2792 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:54:40.0574 2792 ohci1394 - ok
20:54:40.0714 2792 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
20:54:40.0885 2792 Parport - ok
20:54:40.0995 2792 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:54:41.0165 2792 PartMgr - ok
20:54:41.0275 2792 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
20:54:41.0465 2792 ParVdm - ok
20:54:41.0566 2792 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
20:54:41.0766 2792 PCI - ok
20:54:41.0806 2792 PCIDump - ok
20:54:41.0906 2792 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:54:42.0106 2792 PCIIde - ok
20:54:42.0166 2792 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
20:54:42.0337 2792 Pcmcia - ok
20:54:42.0437 2792 PDCOMP - ok
20:54:42.0487 2792 PDFRAME - ok
20:54:42.0507 2792 PDRELI - ok
20:54:42.0527 2792 PDRFRAME - ok
20:54:42.0547 2792 perc2 - ok
20:54:42.0567 2792 perc2hib - ok
20:54:42.0647 2792 Pfc (6c1618a07b49e3873582b6449e744088) C:\WINDOWS\system32\drivers\pfc.sys
20:54:42.0677 2792 Pfc ( UnsignedFile.Multi.Generic ) - warning
20:54:42.0677 2792 Pfc - detected UnsignedFile.Multi.Generic (1)
20:54:42.0767 2792 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:54:42.0948 2792 PptpMiniport - ok
20:54:42.0968 2792 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:54:43.0538 2792 PSched - ok
20:54:43.0579 2792 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:54:43.0789 2792 Ptilink - ok
20:54:43.0879 2792 PxHelp20 (9ad4d2414b18900a192d47c417b01a13) C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:54:43.0909 2792 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
20:54:43.0909 2792 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
20:54:43.0989 2792 ql1080 - ok
20:54:44.0029 2792 Ql10wnt - ok
20:54:44.0059 2792 ql12160 - ok
20:54:44.0069 2792 ql1240 - ok
20:54:44.0089 2792 ql1280 - ok
20:54:44.0169 2792 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:54:44.0340 2792 RasAcd - ok
20:54:44.0410 2792 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:54:44.0560 2792 Rasl2tp - ok
20:54:44.0610 2792 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:54:44.0760 2792 RasPppoe - ok
20:54:44.0800 2792 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:54:44.0991 2792 Raspti - ok
20:54:45.0051 2792 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:54:45.0231 2792 Rdbss - ok
20:54:45.0301 2792 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:54:45.0531 2792 RDPCDD - ok
20:54:45.0621 2792 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
20:54:45.0672 2792 RDPWD - ok
20:54:45.0762 2792 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:54:45.0922 2792 redbook - ok
20:54:46.0022 2792 s24trans (85a26a3bb748dfd3170cdbf45b0dd7fd) C:\WINDOWS\system32\DRIVERS\s24trans.sys
20:54:46.0062 2792 s24trans ( UnsignedFile.Multi.Generic ) - warning
20:54:46.0062 2792 s24trans - detected UnsignedFile.Multi.Generic (1)
20:54:46.0192 2792 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
20:54:46.0332 2792 sdbus - ok
20:54:46.0443 2792 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:54:46.0623 2792 Secdrv - ok
20:54:46.0733 2792 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:54:46.0913 2792 Serenum - ok
20:54:47.0023 2792 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
20:54:47.0214 2792 Serial - ok
20:54:47.0254 2792 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
20:54:47.0464 2792 sffdisk - ok
20:54:47.0494 2792 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
20:54:47.0674 2792 sffp_sd - ok
20:54:47.0714 2792 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:54:47.0855 2792 Sfloppy - ok
20:54:47.0885 2792 Simbad - ok
20:54:48.0055 2792 SMNDIS5 (4ef5ea44583c37383c289d4b8c354698) C:\PROGRA~1\VERIZO~1\VZACCE~1\SMNDIS5.SYS
20:54:48.0095 2792 SMNDIS5 ( UnsignedFile.Multi.Generic ) - warning
20:54:48.0095 2792 SMNDIS5 - detected UnsignedFile.Multi.Generic (1)
20:54:48.0205 2792 smwdm (014ab093e6452ea88031bb6e22919bb5) C:\WINDOWS\system32\drivers\smwdm.sys
20:54:48.0295 2792 smwdm - ok
20:54:48.0365 2792 Sparrow - ok
20:54:48.0456 2792 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:54:48.0626 2792 splitter - ok
20:54:48.0716 2792 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
20:54:48.0876 2792 sr - ok
20:54:49.0036 2792 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:54:49.0157 2792 Srv - ok
20:54:49.0237 2792 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
20:54:49.0327 2792 sscdbhk5 ( UnsignedFile.Multi.Generic ) - warning
20:54:49.0327 2792 sscdbhk5 - detected UnsignedFile.Multi.Generic (1)
20:54:49.0477 2792 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
20:54:49.0487 2792 ssmdrv - ok
20:54:49.0617 2792 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
20:54:49.0657 2792 ssrtln ( UnsignedFile.Multi.Generic ) - warning
20:54:49.0657 2792 ssrtln - detected UnsignedFile.Multi.Generic (1)
20:54:49.0737 2792 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
20:54:49.0958 2792 StillCam - ok
20:54:50.0078 2792 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:54:50.0258 2792 swenum - ok
20:54:50.0388 2792 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:54:50.0549 2792 swmidi - ok
20:54:50.0629 2792 symc810 - ok
20:54:50.0699 2792 symc8xx - ok
20:54:50.0779 2792 SYMIDSCO - ok
20:54:50.0829 2792 sym_hi - ok
20:54:50.0889 2792 sym_u3 - ok
20:54:51.0009 2792 SynTP (f6770219b73bd989d5613d2e9c78a227) C:\WINDOWS\system32\DRIVERS\SynTP.sys
20:54:51.0149 2792 SynTP - ok
20:54:51.0250 2792 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:54:51.0420 2792 sysaudio - ok
20:54:51.0560 2792 TBiosDrv (eeca2b57545e7b7be949b5e70e31444f) C:\WINDOWS\system32\drivers\TBiosDrv.sys
20:54:51.0650 2792 TBiosDrv ( UnsignedFile.Multi.Generic ) - warning
20:54:51.0650 2792 TBiosDrv - detected UnsignedFile.Multi.Generic (1)
20:54:51.0810 2792 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:54:52.0011 2792 Tcpip - ok
20:54:52.0111 2792 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:54:52.0301 2792 TDPIPE - ok
20:54:52.0391 2792 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:54:52.0561 2792 TDTCP - ok
20:54:52.0622 2792 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:54:52.0782 2792 TermDD - ok
20:54:52.0942 2792 tfsnboio (2aceb9567639ff2db9d862104a80227a) C:\WINDOWS\system32\dla\tfsnboio.sys
20:54:52.0992 2792 tfsnboio ( UnsignedFile.Multi.Generic ) - warning
20:54:52.0992 2792 tfsnboio - detected UnsignedFile.Multi.Generic (1)
20:54:53.0102 2792 tfsncofs (d9f936eac2a6d55e3de87bedff8137a9) C:\WINDOWS\system32\dla\tfsncofs.sys
20:54:53.0162 2792 tfsncofs ( UnsignedFile.Multi.Generic ) - warning
20:54:53.0162 2792 tfsncofs - detected UnsignedFile.Multi.Generic (1)
20:54:53.0232 2792 tfsndrct (0fd9805bc047ada2cff540d4b7fa71fb) C:\WINDOWS\system32\dla\tfsndrct.sys
20:54:53.0282 2792 tfsndrct ( UnsignedFile.Multi.Generic ) - warning
20:54:53.0282 2792 tfsndrct - detected UnsignedFile.Multi.Generic (1)
20:54:53.0343 2792 tfsndres (f8b907198e2540a4a340f1e6775f7b71) C:\WINDOWS\system32\dla\tfsndres.sys
20:54:53.0383 2792 tfsndres ( UnsignedFile.Multi.Generic ) - warning
20:54:53.0383 2792 tfsndres - detected UnsignedFile.Multi.Generic (1)
20:54:53.0443 2792 tfsnifs (fb11349b31346290d098941f0216cc45) C:\WINDOWS\system32\dla\tfsnifs.sys
20:54:53.0513 2792 tfsnifs ( UnsignedFile.Multi.Generic ) - warning
20:54:53.0513 2792 tfsnifs - detected UnsignedFile.Multi.Generic (1)
20:54:53.0573 2792 tfsnopio (1994265f3a90e23a9434bba687f1a069) C:\WINDOWS\system32\dla\tfsnopio.sys
20:54:53.0643 2792 tfsnopio ( UnsignedFile.Multi.Generic ) - warning
20:54:53.0643 2792 tfsnopio - detected UnsignedFile.Multi.Generic (1)
20:54:53.0743 2792 tfsnpool (0b3d2bd550aa63bfd25ae8c5afbf7f76) C:\WINDOWS\system32\dla\tfsnpool.sys
20:54:53.0773 2792 tfsnpool ( UnsignedFile.Multi.Generic ) - warning
20:54:53.0773 2792 tfsnpool - detected UnsignedFile.Multi.Generic (1)
20:54:53.0883 2792 tfsnudf (716edddba259a2d699332df95301edda) C:\WINDOWS\system32\dla\tfsnudf.sys
20:54:53.0943 2792 tfsnudf ( UnsignedFile.Multi.Generic ) - warning
20:54:53.0943 2792 tfsnudf - detected UnsignedFile.Multi.Generic (1)
20:54:54.0034 2792 tfsnudfa (a8ee7bbdd0b8c01e38221d0dca2e7aaa) C:\WINDOWS\system32\dla\tfsnudfa.sys
20:54:54.0104 2792 tfsnudfa ( UnsignedFile.Multi.Generic ) - warning
20:54:54.0104 2792 tfsnudfa - detected UnsignedFile.Multi.Generic (1)
20:54:54.0234 2792 tifm21 (467ff7fb078dcec24c3f4db602190e3d) C:\WINDOWS\system32\drivers\tifm21.sys
20:54:54.0314 2792 tifm21 - ok
20:54:54.0374 2792 TosIde - ok
20:54:54.0484 2792 TVALD (7420b0c35be9d7e9651ceb1456948c87) C:\WINDOWS\system32\DRIVERS\NBSMI.sys
20:54:54.0524 2792 TVALD ( UnsignedFile.Multi.Generic ) - warning
20:54:54.0524 2792 TVALD - detected UnsignedFile.Multi.Generic (1)
20:54:54.0624 2792 Tvs (ae90ad1420e25177f6ceb286da9eedc4) C:\WINDOWS\system32\DRIVERS\Tvs.sys
20:54:54.0674 2792 Tvs ( UnsignedFile.Multi.Generic ) - warning
20:54:54.0674 2792 Tvs - detected UnsignedFile.Multi.Generic (1)
20:54:54.0815 2792 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:54:54.0975 2792 Udfs - ok
20:54:55.0045 2792 ultra - ok
20:54:55.0185 2792 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:54:55.0365 2792 Update - ok
20:54:55.0466 2792 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:54:55.0646 2792 usbccgp - ok
20:54:55.0776 2792 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:54:55.0936 2792 usbehci - ok
20:54:56.0076 2792 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:54:56.0247 2792 usbhub - ok
20:54:56.0377 2792 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:54:56.0557 2792 usbohci - ok
20:54:56.0647 2792 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:54:56.0788 2792 USBSTOR - ok
20:54:56.0868 2792 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:54:57.0038 2792 usbuhci - ok
20:54:57.0108 2792 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:54:57.0278 2792 VgaSave - ok
20:54:57.0348 2792 ViaIde - ok
20:54:57.0448 2792 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
20:54:57.0629 2792 VolSnap - ok
20:54:58.0019 2792 w29n51 (c89da341fcc883a3d79dc11727484fc2) C:\WINDOWS\system32\DRIVERS\w29n51.sys
20:54:58.0510 2792 w29n51 - ok
20:54:58.0670 2792 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:54:58.0860 2792 Wanarp - ok
20:54:59.0021 2792 wanatw - ok
20:54:59.0071 2792 WDICA - ok
20:54:59.0141 2792 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:54:59.0301 2792 wdmaud - ok
20:54:59.0501 2792 yukonwxp (bac4e920c920168c302c90c0f37740f6) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
20:54:59.0612 2792 yukonwxp - ok
20:54:59.0652 2792 MBR (0x1B8) (c30dc047bf3a4678e0707b0af80d6b28) \Device\Harddisk0\DR0
20:54:59.0982 2792 \Device\Harddisk0\DR0 - ok
20:54:59.0982 2792 Boot (0x1200) (6b6631300ae10c9db5f001b0b139b631) \Device\Harddisk0\DR0\Partition0
20:54:59.0982 2792 \Device\Harddisk0\DR0\Partition0 - ok
20:54:59.0992 2792 ============================================================
20:54:59.0992 2792 Scan finished
20:54:59.0992 2792 ============================================================
20:55:00.0122 2256 Detected object count: 30
20:55:00.0122 2256 Actual detected object count: 30
20:55:39.0409 2256 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0409 2256 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0419 2256 ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0419 2256 ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0419 2256 Cdr4_xp ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0419 2256 Cdr4_xp ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0419 2256 Cdralw2k ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0419 2256 Cdralw2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0419 2256 d347bus ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0419 2256 d347bus ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0419 2256 d347prt ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0419 2256 d347prt ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0419 2256 drvmcdb ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0419 2256 drvmcdb ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0419 2256 drvnddm ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0419 2256 drvnddm ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0429 2256 IBFs ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0429 2256 IBFs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0429 2256 Iviaspi ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0429 2256 Iviaspi ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0429 2256 meiudf ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0429 2256 meiudf ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0429 2256 Netdevio ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0429 2256 Netdevio ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0429 2256 Pfc ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0429 2256 Pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0429 2256 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0429 2256 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0429 2256 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0429 2256 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0429 2256 SMNDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0429 2256 SMNDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0439 2256 sscdbhk5 ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0439 2256 sscdbhk5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0439 2256 ssrtln ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0439 2256 ssrtln ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0439 2256 TBiosDrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0439 2256 TBiosDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0439 2256 tfsnboio ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0439 2256 tfsnboio ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0439 2256 tfsncofs ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0439 2256 tfsncofs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0439 2256 tfsndrct ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0439 2256 tfsndrct ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0439 2256 tfsndres ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0439 2256 tfsndres ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0439 2256 tfsnifs ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0439 2256 tfsnifs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0449 2256 tfsnopio ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0449 2256 tfsnopio ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0449 2256 tfsnpool ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0449 2256 tfsnpool ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0449 2256 tfsnudf ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0449 2256 tfsnudf ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0449 2256 tfsnudfa ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0449 2256 tfsnudfa ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0449 2256 TVALD ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0449 2256 TVALD ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:55:39.0449 2256 Tvs ( UnsignedFile.Multi.Generic ) - skipped by user
20:55:39.0449 2256 Tvs ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:57:16.0118 1864 Deinitialize success

Jack&Jill

2012-01-13, 01:24

Hello bhubertus :),

I am not seeing any malware. All the earlier detections are not malicious. Your problem could be a driver or hardware issue.

As such, if you still want to troubleshoot the problem via the forums, I suggest you visit one of these sites and post your problem there at the tech section:
http://forums.whatthetech.com/index.php?
http://www.geekstogo.com/forum/
http://www.bleepingcomputer.com/forums/

Remember to link to this topic.

--------------------

To wrap up, here are some final steps.

Please uninstall:
Viewpoint Media Player

Spybot - Search & Destroy 1.3 is outdated. If you want to continue using Spybot, get the latest version here (http://www.safer-networking.org/en/spybotsd/index.html).

--------------------

Your Java Runtime Environment is outdated. Older versions have security vulnerabilities that can be exploited.

Please update JRE to the latest.
It is important that you uninstall any previous versions by using Add/Remove Programs in your Control Panel before installing a newer version. Please uninstall:

J2SE Runtime Environment 5.0

Go to the Java SE download page. Click here. (http://www.java.com/en/download/manual.jsp)
Under the Windows title, click on Windows 7, XP Offline (32-bit) or Windows 7, XP Offline (64-bit) and save the file to your desktop.
Close any programs you may have running, especially your web browser.
Then, from your desktop, double click on the download to install the newest version. Reboot your computer.

--------------------

Your Firefox browser is outdated. Older versions have security vulnerabilities that can be exploited.

Please update your Firefox browser to the latest. You may need to use Internet Explorer temporarily for this, or download the program first before continuing the uninstall step.
It is important that you uninstall any previous versions by using Add/Remove Programs in your Control Panel before installing a newer version. Please uninstall:

Mozilla Firefox (3.6.23)

Go to the Mozilla Firefox download page. Click here. (http://www.mozilla.com/en-US/firefox/upgrade.html)
Click on the Free Download button and save the setup file to a convenient location.
Double click on the setup file and follow the steps accordingly.

--------------------

Here are some articles about security:
Computer Security - a short guide to staying safer online (http://www.malwareremoval.com/forum/viewtopic.php?f=4&t=54766)
PC Safety and Security - What Do I Need? By Glaswegian (http://www.techsupportforum.com/security-center/general-computer-security/525915-pc-safety-security-what-do-i-need.html)
How to prevent malware: By miekiemoes (http://users.telenet.be/bluepatchy/miekiemoes/prevention.html)
So how did I get infected in the first place? By Tony Klein (http://forums.spybot.info/showthread.php?t=279)
Microsoft Online Safety (http://www.microsoft.com/protect/default.aspx)

bhubertus

2012-01-13, 16:32

Thanks! I updated the programs you mentioned.

When I reboot I get a window that says "DAEMON Tools" in the title bar and the message "Virtual SCSI driver not detected." Does this have anything to do with disabling the CD emulation drivers with DeFogger? You never mentioned to re-enable the drivers so I haven't.

Also, just curious - why did we uninstall Viewpoint Media Player? (I don't remember where it came from or if I ever used it).

Thanks again!

Jack&Jill

2012-01-13, 17:42

Hello bhubertus :),

You are welcome.

Re-enable CD Emulation drivers

Double click on DeFogger.exe to run the tool.
The application window will appear.
Click the Re-enable button to re-enable your CD Emulation drivers.
Click Yes to continue.
A Finished! message will appear, then click OK.
DeFogger will now ask to reboot the machine, click OK.
Your CD Emulation drivers are now re-enabled.

If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

--------------------

Viewpoint is not malware but considered as foistware since it is installed without consent through other softwares, most notably AOL and AOL Instant Messenger (AIM). That is why I recommended removal.

bhubertus

2012-01-15, 14:58

Ok, drivers are re-enabled. Thanks a bunch for your help! :-)

Jack&Jill

2012-01-15, 17:31

Most welcome :).

Jack&Jill

2012-01-19, 00:43

As we reach a point where we could not proceed further and you need to seek help from alternative sources, this topic is now closed.

We are glad to be of help up to this point. If you are satisfied with our assistance and wish to donate to help with the costs of this volunteer site, please read :
Your donation helps in improving Spybot-S&D! (http://www.safer-networking.org/en/donate/index.html)