Tech Support Forum banner
Status
Not open for further replies.
1 - 20 of 41 Posts

·
Registered
Joined
·
26 Posts
Discussion Starter · #1 ·
Older laptop - HP ze4900, XP home sp2
Issues: Pop up window
Generic Host Process for win32 services
szAppName: svchost.exe szAppVer: 5.1.2600.2180 szModName: ntdll.dll
szModVer: 5.1.2600.3520 offset: 00020a30

The laptop has been soooo slow also. When navigating to a site via firefox I am "redirected" and "jump!". I have been accessing sites by going through the cache option. I notice in my immediate history there is a site listed at Kyber Networks welcome Page Wi-Fi, when googled I could only find that it is a service that is used at Holiday Inn Hotels.

The cursor and typing can't "keep up" with the computer. I will have to wait until it starts blinking in order to type. My windows taskbar located at the bottom of the screen gets locked up on occasion and the clock will stop. If I restart, the clock and taskbar restart. I have ran Malware multi times. Thank you in advance for you help!!
 

·
Registered
Joined
·
1,133 Posts
Good day seagrey10 and welcome to TSF :)

I am turtledove and will be happy to assist you.
Please read the following and follow the steps given.

Note:
*The fixes I give are for this Computer issue only.
*Please Copy/Paste instructions to Notepad and save to your desktop.
*Please note, no reply in 72 hours may get your log closed if I'm not notified ahead of time.
*This may not solve problems related to hardware or software conflicts.
*Be sure Word Wrap is OFF in Notepad before you post replies.
*Uninstall any/all file sharing programs before doing the instructions at this link:
http://www.techsupportforum.com/for...-posting-for-malware-removal-help-305963.html

Once the above logs are posted I will review them and reply as soon as possible.

Thank you for your patience

turtledove
 

·
Registered
Joined
·
26 Posts
Discussion Starter · #3 ·
Test - everytime I try to post my logs laptop reports that I am offline - even though I am online. So frustrating!! So I thought I would try a test instead of the logs to see if I can even post.
 

·
Registered
Joined
·
26 Posts
I will post the third log like the previous 2, via zip. I can't seem to post it, it blocks the internet. I apologize for the hassle.


.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Owner at 5:28:11.64 on Tue 03/22/2011
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_24
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1246.372 [GMT -7:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *Disabled*
.
============== Running Processes ===============
.
C:\Program Files\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lxducoms.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe
C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe
C:\Program Files\Sprint\Sprint SmartView\SwiApiMuxCdma.exe
C:\WINDOWS\System32\wbem\unsecapp.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\System32\mshta.exe
C:\Documents and Settings\Owner\My Documents\Downloads\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyServer = http=127.0.0.1:8074
uInternet Settings,ProxyOverride = <local>
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: VIPTToolbarManager Class: {1a2641ae-2c42-4c51-a05f-8ecec3fdc94d} - c:\program files\visual ip trace 2007\VisualIPTraceIE.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: Visual IP Trace: {e70c26ae-dff1-40a8-8d37-19180f56f0aa} - c:\program files\visual ip trace 2007\VisualIPTraceIE.dll
TB: StumbleUpon Toolbar: {5093eb4c-3e93-40ab-9266-b607ba87bdc8} - c:\program files\stumbleupon\StumbleUponIEBar.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [NeroCheck] c:\windows\system32\NeroCheck.exe
mRun: [WatchDog] c:\program files\intervideo\dvd check\DVDCheck.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [snpstd] c:\windows\vsnpstd.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRun: [Sprint SmartView] "c:\program files\sprint\sprint smartview\SprintSV.exe" -a
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\docume~1\owner\startm~1\programs\startup\palmon~1.lnk - c:\program files\palmone\register.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dvdche~1.lnk - c:\program files\intervideo\dvd check\DVDCheck.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hotsyn~1.lnk - c:\program files\palmone\Hotsync.exe
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1189097897372
DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab
DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} - hxxps://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5251/mcfscan.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\1ljkwmjk.default\
FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\avg\avg10\Firefox
FF - Ext: Java Quick Starter: [email protected] - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: CacheViewer: {71328583-3CA7-4809-B4BA-570A85818FBB} - %profile%\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 251728]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 299984]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-1-6 6128720]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-10-22 265400]
R2 lxdu_device;lxdu_device;c:\windows\system32\lxducoms.exe -service --> c:\windows\system32\lxducoms.exe -service [?]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 123472]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 30288]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 26192]
S3 SMALUSB;Digital Camera Driver;c:\windows\system32\drivers\smalidt.sys [2008-1-12 9216]
S3 StumbleUponUpdateService;StumbleUponUpdateService;c:\program files\stumbleupon\StumbleUponUpdateService.exe [2009-6-3 120168]
.
=============== Created Last 30 ================
.
2011-03-21 21:37:06 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-21 21:37:06 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-03-15 18:06:28 56320 ---ha-w- c:\windows\system32\cidatutl.dll
2011-03-12 01:14:45 552400 ----a-w- c:\program files\mozilla firefox\uninstall\helper.exe
2011-03-11 17:16:46 90112 ----a-r- c:\windows\system32\hpovst08.dll
2011-03-11 17:16:45 565248 ----a-r- c:\windows\system32\hpotscl.dll
2011-03-11 17:16:44 274432 ----a-r- c:\windows\system32\hpgwiamd.dll
2011-03-07 03:56:17 -------- d-----w- c:\docume~1\owner\applic~1\Sprint
2011-03-07 03:47:36 17920 ----a-w- c:\windows\system32\apintfnt.dll
2011-03-07 03:43:25 -------- d-----w- c:\program files\common files\Research in Motion
2011-03-07 03:43:01 -------- d-----w- c:\program files\Novatel Wireless
2011-03-07 03:43:00 -------- d-----w- c:\program files\Sprint
2011-03-07 03:38:15 -------- d-----w- c:\docume~1\alluse~1\applic~1\Sprint
2011-03-05 20:47:20 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2011-03-05 20:32:35 581192 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll
2011-03-05 20:32:35 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2011-03-05 20:32:33 -------- d-----w- c:\program files\PdaNet for Android
2011-03-04 10:34:36 -------- d-----w- C:\AVG10
.
==================== Find3M ====================
.
2011-03-21 21:36:38 73728 ----a-w- c:\windows\system32\javacpl.cpl
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover
Windows 5.1.2600 Disk: HTS424040M9AT00 rev.MA2OA72A -> Harddisk0\DR0 -> \Device\Ide\IdePort0 P0T0L0-3
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x89DEFEC5]<<
_asm { PUSH EBP; MOV EBP, ESP; SUB ESP, 0x1c; PUSH EBX; PUSH ESI; MOV DWORD [EBP-0x4], 0x8893d872; SUB DWORD [EBP-0x4], 0x8893d12e; PUSH EDI; CALL 0xffffffffffffdf33; }
1 nt!IofCallDriver[0x804E37D5] -> \Device\Harddisk0\DR0[0x89F5CAB8]
3 CLASSPNP[0xF7A3505B] -> nt!IofCallDriver[0x804E37D5] -> \Device\00000092[0x89F6E650]
5 ACPI[0xF79AB620] -> nt!IofCallDriver[0x804E37D5] -> [0x89F7D940]
[0x89E9F790] -> IRP_MJ_CREATE -> 0x89DEFEC5
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
detected disk devices:
\Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskHTS424040M9AT00_________________________MA2OA72A#5&1545bf8&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi DriverStartIo -> 0x89DEFAEA
user & kernel MBR OK
sectors 78140158 (+255): user != kernel
Warning: possible TDL3 rootkit infection !
.
============= FINISH: 5:31:13.99 ===============
 

Attachments

·
Registered
Joined
·
26 Posts
Discussion Starter · #7 ·
The problems I am having is Firefox redirect or Jump - hijacking search results. Laptop is slow, you have to wait for the cursor to blink in order to type. Pop up window "Generic Host Process for Win 32 Service. The windows task bar at the bottom locks up and the clock stops. The audio stopped working a few months ago. I don't think it is the cmos battery, as this particular laptop has an intergrated cmos battery direct to mboard. The only way to replace would require soldering it to the motherboard, which is high risk for damage. The bios settings remain the same at startup.

I have my OEM XP home SP2 disc on hand.
 

·
Registered
Joined
·
1,133 Posts
Good Day seagrey10 :smile:

Read through this entire procedure and if you have any questions, please ask them before you begin. Then either print out, or copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.


It will require more than 1 round to clean the system. Please stay with me until given the 'all clear' even if symptoms seem to abate.

Download ComboFix from one of these locations:

Link 1
Link 2


* IMPORTANT- Save ComboFix.exe to your Desktop

====================================================

Open notepad and copy/paste the text in the code box below into it:

DDS::
uInternet Settings,ProxyServer = http=127.0.0.1:8074
uInternet Settings,ProxyOverride = <local>
Save this as "CFScript.txt", and as Type: All Files (*.*)
in the same location as ComboFix.exe


***************************************************

Disable your AntiVirus and AntiSpyware applications as they will interfere with our tools and the removal. If you are unsure how to do this, please refer to our sticky topic How to disable your security applications

Regarding AVG - Due to recent changes in AVG and how it interacts with ComboFix, before running ComboFix, AVG must be uninstalled via Start>Control Panel>Add or Remove programs panel.

If you have difficulty uninstalling AVG, download Opswat AppRemover for AVG. The download for the AVG uninstaller can be found here > http://www.appremover.com/appremover/avg/AppRemover.exe

====================================================




Referring tothe picture above, drag CFScript into ComboFix.exe


  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.





Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:





Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.

Thank you,
Turtledove
 

·
Registered
Joined
·
26 Posts
Discussion Starter · #9 ·
In your instructions you didn't mention if I should have disabled any malware programs. At the very end of the process a windows reporting error popped up - it referenced P5V.exe, I opted not to send report. Not sure if this pertains to this, but thought I should mention it.



ComboFix 11-03-23.05 - Owner 03/24/2011 6:16.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1246.840 [GMT -7:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\boost_interprocess\20110305124149.500000
c:\documents and settings\Owner\Application Data\install
c:\documents and settings\Owner\Desktop\msg.txt
c:\documents and settings\Owner\Recent\Thumbs.db
c:\windows\system32\crt.dat
c:\windows\Tasks\At1.job
c:\windows\Tasks\At10.job
c:\windows\Tasks\At11.job
c:\windows\Tasks\At12.job
c:\windows\Tasks\At13.job
c:\windows\Tasks\At14.job
c:\windows\Tasks\At15.job
c:\windows\Tasks\At16.job
c:\windows\Tasks\At17.job
c:\windows\Tasks\At18.job
c:\windows\Tasks\At19.job
c:\windows\Tasks\At2.job
c:\windows\Tasks\At20.job
c:\windows\Tasks\At21.job
c:\windows\Tasks\At22.job
c:\windows\Tasks\At23.job
c:\windows\Tasks\At24.job
c:\windows\Tasks\At3.job
c:\windows\Tasks\At4.job
c:\windows\Tasks\At5.job
c:\windows\Tasks\At6.job
c:\windows\Tasks\At7.job
c:\windows\Tasks\At8.job
c:\windows\Tasks\At9.job
c:\windows\YAHELITE.INI
.
Infected copy of c:\windows\system32\drivers\mouclass.sys was found and disinfected
Restored copy from - Kitty had a snack :p
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SSHNAS
.
.
((((((((((((((((((((((((( Files Created from 2011-02-24 to 2011-03-24 )))))))))))))))))))))))))))))))
.
.
2011-03-24 01:28 . 2011-03-24 01:28 135 ----a-w- C:\DeletePrintJobs.cmd
2011-03-21 21:37 . 2011-03-21 21:36 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-21 21:37 . 2011-03-21 21:36 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-03-15 18:06 . 2011-03-15 18:06 56320 ---ha-w- c:\windows\system32\cidatutl.dll
2011-03-12 18:09 . 2011-03-12 18:09 -------- d-----w- c:\documents and settings\Owner\Application Data\Ahead
2011-03-12 01:14 . 2011-03-12 07:38 552400 ----a-w- c:\program files\Mozilla Firefox\uninstall\helper.exe
2011-03-11 17:16 . 2004-01-05 07:27 90112 ----a-r- c:\windows\system32\hpovst08.dll
2011-03-11 17:16 . 2004-01-05 07:27 565248 ----a-r- c:\windows\system32\hpotscl.dll
2011-03-11 17:16 . 2004-01-05 07:27 274432 ----a-r- c:\windows\system32\hpgwiamd.dll
2011-03-09 23:41 . 2011-03-09 23:41 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple Computer
2011-03-09 23:41 . 2011-03-09 23:41 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Apple Computer
2011-03-07 03:56 . 2011-03-07 03:56 -------- d-----w- c:\documents and settings\Owner\Application Data\Sprint
2011-03-07 03:47 . 2005-03-15 19:11 17920 ----a-w- c:\windows\system32\apintfnt.dll
2011-03-07 03:43 . 2011-03-07 03:43 -------- d-----w- c:\program files\Common Files\Research in Motion
2011-03-07 03:43 . 2011-03-07 03:43 -------- d-----w- c:\program files\Novatel Wireless
2011-03-07 03:43 . 2011-03-07 03:43 -------- d-----w- c:\program files\Sprint
2011-03-07 03:38 . 2011-03-07 03:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Sprint
2011-03-05 20:47 . 2008-03-21 21:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2011-03-05 20:32 . 2009-11-08 09:41 581192 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll
2011-03-05 20:32 . 2009-11-08 09:41 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2011-03-05 20:32 . 2011-03-11 21:41 -------- d-----w- c:\program files\PdaNet for Android
2011-03-04 10:34 . 2011-03-04 10:34 -------- d-----w- C:\AVG10
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-21 21:36 . 2007-09-22 09:00 73728 ----a-w- c:\windows\system32\javacpl.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-31 4670704]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-10-08 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-10-08 126976]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2005-07-04 184320]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"snpstd"="c:\windows\vsnpstd.exe" [2004-06-10 286720]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-01-10 385024]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-01-15 267048]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 110592]
"Sprint SmartView"="c:\program files\Sprint\Sprint SmartView\SprintSV.exe" [2008-10-15 17664]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
.
c:\documents and settings\Owner\Start Menu\Programs\Startup\
palmOne Registration.lnk - c:\program files\palmOne\register.exe [2005-9-19 2367488]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-29 607584]
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2007-9-6 184320]
HOTSYNCSHORTCUTNAME.lnk - c:\program files\palmOne\Hotsync.exe [2004-6-9 471040]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\palmOne\\Hotsync.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\lxducoms.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Sprint\\Sprint SmartView\\SwiApiMux.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
.
R2 lxdu_device;lxdu_device;c:\windows\system32\lxducoms.exe -service --> c:\windows\system32\lxducoms.exe -service [?]
S3 SMALUSB;Digital Camera Driver;c:\windows\system32\drivers\smalidt.sys [1/12/2008 4:17 AM 9216]
S3 StumbleUponUpdateService;StumbleUponUpdateService;c:\program files\StumbleUpon\StumbleUponUpdateService.exe [6/3/2009 1:52 PM 120168]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2010-11-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 22:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\1ljkwmjk.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: [email protected] - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: CacheViewer: {71328583-3CA7-4809-B4BA-570A85818FBB} - %profile%\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe
AddRemove-ShockwaveFlash - c:\windows\system32\Macromed\Flash\FlashUtil9c.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2011-03-24 06:31
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover
Windows 5.1.2600 Disk: HTS424040M9AT00 rev.MA2OA72A -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
.
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
detected disk devices:
detected hooks:
\Driver\atapi DriverStartIo -> 0xF78AE7C6
user & kernel MBR OK
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1123561945-436374069-1343024091-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3544)
c:\windows\system32\WININET.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lxducoms.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\System32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Yahoo!\Messenger\ymsgr_tray.exe
.
**************************************************************************
.
Completion time: 2011-03-24 06:39:12 - machine was rebooted
ComboFix-quarantined-files.txt 2011-03-24 13:38
.
Pre-Run: 17,072,586,752 bytes free
Post-Run: 21,988,929,536 bytes free
.
- - End Of File - - B0B8C59F2F51CCDEEBF1038720F0A589
 

·
Registered
Joined
·
1,133 Posts
Good day seagrey10,

Please copy these instructions for easy reference or print them out.
If any problems let me know.

Please download TDSSKiller.zip and extract (unzip) it to your Desktop.

  • Double click on TDSSKiller.exe to launch it.
  • Click on Start Scan, the scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • Now click on Report to open the log file created by TDSSKiller in your root directory
  • To find the log go to Start > Computer > C:\TDSSKiller 2.4.0.0_DD.MM.YYYY_HH.MM.SS_log.txt
  • Post the contents of that log in your next reply please.
  • DO NOT TRY TO FIX ANYTHING AT THIS POINT



Let me know how your computer is running
Any new problems?

Thank you
TD
 

·
Registered
Joined
·
26 Posts
Discussion Starter · #11 ·
Laptop is running a lot better, there is no hesitation with the cursor. It is not loading web pages - it will go to a page and nothing, blank - but at the bottom right hand corner it will say done, then it takes a while to load. I'm running without virus protection because I removed AVG, however I don't want to use AVG - suggestions? I will run the next set of directions and post.
Thank you for all your help!!
 

·
Registered
Joined
·
26 Posts
Discussion Starter · #12 ·
2011/03/24 20:17:27.0227 2012 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/24 20:17:27.0658 2012 ================================================================================
2011/03/24 20:17:27.0658 2012 SystemInfo:
2011/03/24 20:17:27.0658 2012
2011/03/24 20:17:27.0658 2012 OS Version: 5.1.2600 ServicePack: 2.0
2011/03/24 20:17:27.0658 2012 Product type: Workstation
2011/03/24 20:17:27.0668 2012 ComputerName: LAPTOP-HP
2011/03/24 20:17:27.0668 2012 UserName: Owner
2011/03/24 20:17:27.0668 2012 Windows directory: C:\WINDOWS
2011/03/24 20:17:27.0668 2012 System windows directory: C:\WINDOWS
2011/03/24 20:17:27.0668 2012 Processor architecture: Intel x86
2011/03/24 20:17:27.0668 2012 Number of processors: 1
2011/03/24 20:17:27.0668 2012 Page size: 0x1000
2011/03/24 20:17:27.0668 2012 Boot type: Normal boot
2011/03/24 20:17:27.0668 2012 ================================================================================
2011/03/24 20:17:28.0088 2012 Initialize success
2011/03/24 20:17:33.0176 2004 ================================================================================
2011/03/24 20:17:33.0176 2004 Scan started
2011/03/24 20:17:33.0176 2004 Mode: Manual;
2011/03/24 20:17:33.0176 2004 ================================================================================
2011/03/24 20:17:35.0749 2004 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/03/24 20:17:35.0899 2004 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/03/24 20:17:36.0030 2004 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
2011/03/24 20:17:36.0210 2004 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
2011/03/24 20:17:36.0550 2004 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/03/24 20:17:36.0761 2004 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/03/24 20:17:36.0981 2004 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/03/24 20:17:37.0191 2004 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/03/24 20:17:37.0392 2004 BCM43XX (37f385a93c620cbe0f89c17e45f697a1) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2011/03/24 20:17:37.0672 2004 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/03/24 20:17:37.0772 2004 BlueletAudio (0744aa40fe6fa9c471fa59ccb5ca1f73) C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
2011/03/24 20:17:37.0922 2004 BlueletSCOAudio (01d1832f2b13dfaf7384884f7c3e0124) C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys
2011/03/24 20:17:38.0013 2004 BT (51eff72092088948933298c12ed23fd1) C:\WINDOWS\system32\DRIVERS\btnetdrv.sys
2011/03/24 20:17:38.0213 2004 btaudio (37a82e22af9fc86c428a5f3c3851dcc1) C:\WINDOWS\system32\drivers\btaudio.sys
2011/03/24 20:17:38.0383 2004 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys
2011/03/24 20:17:38.0453 2004 BthEnum (d24b8d1784c68a25060fffbe8ed34b76) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
2011/03/24 20:17:38.0623 2004 BTHidEnum (e69d9e7854095a9c81acee40d766fe2d) C:\WINDOWS\system32\DRIVERS\vbtenum.sys
2011/03/24 20:17:38.0703 2004 BTHidMgr (a9164c2a39bd917b9f42ae087560ac3d) C:\WINDOWS\system32\Drivers\BTHidMgr.sys
2011/03/24 20:17:38.0884 2004 BthPan (10355270be12641b9764235da39dcf0f) C:\WINDOWS\system32\DRIVERS\bthpan.sys
2011/03/24 20:17:38.0984 2004 BTHPORT (95ef6f3f386d93ee1e4d9ca45a50252a) C:\WINDOWS\system32\Drivers\BTHport.sys
2011/03/24 20:17:39.0164 2004 BTHUSB (f06d4cb9918b462a84d9ac00027efc30) C:\WINDOWS\system32\Drivers\BTHUSB.sys
2011/03/24 20:17:39.0324 2004 btkrnl (9f704f40cd50ae05bbfc492c0342e765) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
2011/03/24 20:17:39.0535 2004 BTWDNDIS (485020a1e1fc5c51a800ca69c618d881) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
2011/03/24 20:17:39.0605 2004 btwhid (c51d50cf24da69a9c499e65b0edb3bb7) C:\WINDOWS\system32\DRIVERS\btwhid.sys
2011/03/24 20:17:39.0795 2004 BTWUSB (1166cb501e1c34750a91600579efeab3) C:\WINDOWS\system32\Drivers\btwusb.sys
2011/03/24 20:17:39.0885 2004 CAMCAUD (df813edff93fde099e95f1b48a665d0c) C:\WINDOWS\system32\drivers\camcaud.sys
2011/03/24 20:17:40.0095 2004 CAMCHALA (cb9eda5216b6218e0a377813a767bf7e) C:\WINDOWS\system32\drivers\camchal.sys
2011/03/24 20:17:40.0296 2004 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/03/24 20:17:40.0356 2004 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/03/24 20:17:40.0556 2004 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/03/24 20:17:40.0736 2004 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/03/24 20:17:40.0827 2004 Cdrom (7b53584d94e9d8716b2de91d5f1cb42d) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/03/24 20:17:41.0057 2004 CmBatt (4266be808f85826aedf3c64c1e240203) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/03/24 20:17:41.0267 2004 Compbatt (df1b1a24bf52d0ebc01ed4ece8979f50) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/03/24 20:17:41.0427 2004 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/03/24 20:17:41.0668 2004 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
2011/03/24 20:17:42.0038 2004 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
2011/03/24 20:17:42.0399 2004 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/03/24 20:17:42.0539 2004 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2011/03/24 20:17:42.0769 2004 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/03/24 20:17:43.0190 2004 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/03/24 20:17:43.0280 2004 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys
2011/03/24 20:17:43.0430 2004 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
2011/03/24 20:17:43.0510 2004 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/03/24 20:17:43.0651 2004 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/03/24 20:17:43.0741 2004 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/03/24 20:17:43.0931 2004 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/03/24 20:17:44.0011 2004 GEARAspiWDM (4ac51459805264affd5f6fdfb9d9235f) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2011/03/24 20:17:44.0211 2004 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/03/24 20:17:44.0292 2004 GTNDIS5 (fc80052194d5708254a346568f0e77c0) C:\WINDOWS\system32\GTNDIS5.SYS
2011/03/24 20:17:44.0502 2004 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/03/24 20:17:44.0642 2004 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/03/24 20:17:44.0932 2004 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/03/24 20:17:45.0083 2004 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/03/24 20:17:45.0173 2004 HSFHWICH (a4877a17e87d6e6ab959b36b9ef3de8a) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys
2011/03/24 20:17:45.0423 2004 HSF_DP (dfa8f86c0dbca7db948043aa3be6793b) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
2011/03/24 20:17:45.0694 2004 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/03/24 20:17:45.0984 2004 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/03/24 20:17:46.0224 2004 ialm (510a5e1cb84e82d4e89dff3d96752048) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2011/03/24 20:17:46.0425 2004 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/03/24 20:17:46.0565 2004 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/03/24 20:17:46.0775 2004 ip6fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/03/24 20:17:46.0965 2004 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/03/24 20:17:47.0096 2004 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/03/24 20:17:47.0286 2004 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/03/24 20:17:47.0486 2004 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/03/24 20:17:47.0556 2004 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/03/24 20:17:47.0807 2004 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/03/24 20:17:47.0857 2004 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/03/24 20:17:48.0057 2004 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
2011/03/24 20:17:48.0147 2004 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/03/24 20:17:48.0407 2004 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/03/24 20:17:48.0588 2004 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/03/24 20:17:48.0688 2004 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
2011/03/24 20:17:48.0908 2004 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/03/24 20:17:49.0068 2004 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/03/24 20:17:49.0149 2004 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/03/24 20:17:49.0339 2004 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/03/24 20:17:49.0449 2004 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/03/24 20:17:49.0629 2004 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2011/03/24 20:17:49.0709 2004 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/03/24 20:17:49.0910 2004 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/03/24 20:17:49.0960 2004 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/03/24 20:17:50.0040 2004 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/03/24 20:17:50.0200 2004 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/03/24 20:17:50.0270 2004 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
2011/03/24 20:17:50.0450 2004 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/03/24 20:17:50.0551 2004 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2011/03/24 20:17:50.0731 2004 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/03/24 20:17:50.0801 2004 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/03/24 20:17:50.0981 2004 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/03/24 20:17:51.0011 2004 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/03/24 20:17:51.0091 2004 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/03/24 20:17:51.0292 2004 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/03/24 20:17:51.0352 2004 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/03/24 20:17:51.0562 2004 Nmea (b0d5188e282dc4edae7020f333427bc8) C:\WINDOWS\system32\DRIVERS\pctnullport.sys
2011/03/24 20:17:51.0642 2004 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2011/03/24 20:17:51.0902 2004 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/03/24 20:17:52.0153 2004 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/03/24 20:17:52.0243 2004 NWADI (0973c0c696780161f4526586d5eac422) C:\WINDOWS\system32\DRIVERS\NWADIenum.sys
2011/03/24 20:17:52.0433 2004 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/03/24 20:17:52.0473 2004 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/03/24 20:17:52.0543 2004 PalmUSBD (240c0d4049a833b16b63b636acf01672) C:\WINDOWS\system32\drivers\PalmUSBD.sys
2011/03/24 20:17:52.0724 2004 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\drivers\Parport.sys
2011/03/24 20:17:52.0894 2004 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/03/24 20:17:52.0954 2004 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/03/24 20:17:53.0094 2004 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\WINDOWS\system32\Drivers\PCASp50.sys
2011/03/24 20:17:53.0325 2004 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/03/24 20:17:53.0385 2004 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/03/24 20:17:53.0415 2004 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/03/24 20:17:53.0495 2004 PCTINDIS5 (d6da0b85889d8236e2a3e80826ad104b) C:\WINDOWS\system32\PCTINDIS5.SYS
2011/03/24 20:17:53.0955 2004 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/03/24 20:17:54.0056 2004 PRISM_A02 (c383926d4ba41afbca592b2ad1fe4109) C:\WINDOWS\system32\DRIVERS\WUSB54AG.sys
2011/03/24 20:17:54.0246 2004 Processor (0d97d88720a4087ec93af7dbb303b30a) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/03/24 20:17:54.0346 2004 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/03/24 20:17:54.0496 2004 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/03/24 20:17:54.0576 2004 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/03/24 20:17:54.0887 2004 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/03/24 20:17:55.0077 2004 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/03/24 20:17:55.0117 2004 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/03/24 20:17:55.0197 2004 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/03/24 20:17:55.0387 2004 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/03/24 20:17:55.0428 2004 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/03/24 20:17:55.0628 2004 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/03/24 20:17:55.0718 2004 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/03/24 20:17:55.0928 2004 RFCOMM (99c4b74981a1413f142a3903130088cb) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
2011/03/24 20:17:56.0008 2004 RimVSerPort (d9b34325ee5df78b8f28a3de9f577c7d) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
2011/03/24 20:17:56.0199 2004 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/03/24 20:17:56.0309 2004 RTL8023xp (cf84b1f0e8b14d4120aaf9cf35cbb265) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
2011/03/24 20:17:56.0479 2004 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/03/24 20:17:56.0579 2004 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/03/24 20:17:56.0790 2004 Serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/03/24 20:17:56.0890 2004 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\drivers\Serial.sys
2011/03/24 20:17:57.0100 2004 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/03/24 20:17:57.0220 2004 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/03/24 20:17:57.0440 2004 SMALUSB (9f9028adede4b16c931f228b9d3516a4) C:\WINDOWS\system32\DRIVERS\smalidt.sys
2011/03/24 20:17:57.0571 2004 snpstd (06527d4b5d04b6a856939169bebf48bc) C:\WINDOWS\system32\DRIVERS\snpstd.sys
2011/03/24 20:17:57.0841 2004 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
2011/03/24 20:17:58.0161 2004 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/03/24 20:17:58.0362 2004 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/03/24 20:17:58.0572 2004 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/03/24 20:17:58.0642 2004 Sus2pl (3461268d6daa38b65de2936f521afbc4) C:\WINDOWS\system32\DRIVERS\sus2pl.sys
2011/03/24 20:17:58.0883 2004 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/03/24 20:17:58.0973 2004 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2011/03/24 20:17:59.0153 2004 swmsflt (eda7336cd2e334b4db321bc60b7da11e) C:\WINDOWS\System32\drivers\swmsflt.sys
2011/03/24 20:17:59.0243 2004 swmx00 (5d3c9f767eaded3e14fa4ce6cf9f7725) C:\WINDOWS\system32\DRIVERS\swmx00.sys
2011/03/24 20:17:59.0433 2004 SWNC5E00 (e0919389fb29ed5c03b0b664236abe50) C:\WINDOWS\system32\DRIVERS\SWNC5E00.sys
2011/03/24 20:17:59.0744 2004 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/03/24 20:18:00.0014 2004 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/03/24 20:18:00.0194 2004 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/03/24 20:18:00.0254 2004 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/03/24 20:18:00.0435 2004 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/03/24 20:18:00.0495 2004 tmcomm (df8444a8fa8fd38d8848bdd40a8403b3) C:\WINDOWS\system32\drivers\tmcomm.sys
2011/03/24 20:18:00.0715 2004 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
2011/03/24 20:18:01.0386 2004 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
2011/03/24 20:18:01.0586 2004 USBAAPL (f340199e8cb097e1acd58a967c665919) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/03/24 20:18:01.0667 2004 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/03/24 20:18:01.0927 2004 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/03/24 20:18:02.0017 2004 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/03/24 20:18:02.0197 2004 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/03/24 20:18:02.0287 2004 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/03/24 20:18:02.0538 2004 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/03/24 20:18:02.0698 2004 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/03/24 20:18:02.0818 2004 VComm (9ebee4a060c5364a31aeaa04eac2af1e) C:\WINDOWS\system32\DRIVERS\VComm.sys
2011/03/24 20:18:02.0998 2004 VcommMgr (d1ddff84dc3060456c8bc0c47af8cbb2) C:\WINDOWS\system32\Drivers\VcommMgr.sys
2011/03/24 20:18:03.0069 2004 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2011/03/24 20:18:03.0239 2004 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/03/24 20:18:03.0339 2004 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/03/24 20:18:03.0569 2004 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
2011/03/24 20:18:03.0810 2004 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/03/24 20:18:04.0050 2004 winachsf (473ee64c368ce2eed110376c11960259) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2011/03/24 20:18:04.0270 2004 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
2011/03/24 20:18:04.0370 2004 WmiAcpi (ae2c8544e747c20062db27456ea2d67a) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/03/24 20:18:04.0581 2004 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/03/24 20:18:04.0661 2004 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/03/24 20:18:04.0901 2004 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/03/24 20:18:05.0252 2004 ================================================================================
2011/03/24 20:18:05.0252 2004 Scan finished
2011/03/24 20:18:05.0252 2004 ================================================================================
 

·
Registered
Joined
·
1,133 Posts
Good day seagrey10,

Thank you for the information and log.
Please do the following:

Go to Start> Select the Run please.
When Run box open, Copy and paste the following inside the quotebox exactly including spaces/punctuation.
cmd /c mbr -t >Log.txt&Log.txt&del Log.txt
Post the resulting log that pops up please. We will go from there.
I'll get you a link for an Anti Virus after that. Please keep off the internet except for coming here in the meantime.

Thank you
TD
 

·
Registered
Joined
·
26 Posts
Discussion Starter · #14 ·
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover
Windows 5.1.2600 Disk: HTS424040M9AT00 rev.MA2OA72A -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
1 nt!IofCallDriver[0x804E37D5] -> \Device\Harddisk0\DR0[0x89F8AAB8]
3 CLASSPNP[0xF7A3505B] -> nt!IofCallDriver[0x804E37D5] -> \Device\0000008d[0x89F72178]
5 ACPI[0xF79AB620] -> nt!IofCallDriver[0x804E37D5] -> \Device\Ide\IdeDeviceP0T0L0-3[0x89F2ED98]
kernel: MBR read successfully
user & kernel MBR OK
 

·
Registered
Joined
·
26 Posts
Discussion Starter · #16 ·
That's a pretty thorough program - I would like to clean the "stragglers" from my system. Remnants from programs I have deleted or no longer need. I look in the add/remove programs, but these are not listed. Example would be AVG10, Esnet, which Java and Adobe to delete-sorry if I am jumping the gun! Or if I need to post a new thread. Thank you again!

No update on how its running yet since virus software install.

Avira AntiVir Personal
Report file date: Friday, March 25, 2011 00:08

Scanning for 2364983 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : Owner
Computer name : LAPTOP-HP

Version information:
BUILD.DAT : 10.0.0.611 31824 Bytes 1/14/2011 13:42:00
AVSCAN.EXE : 10.0.3.5 435368 Bytes 1/10/2011 21:23:31
AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 19:57:04
LUKE.DLL : 10.0.3.2 104296 Bytes 1/10/2011 21:23:40
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 06:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 16:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 21:23:50
VBASE002.VDF : 7.11.0.1 2048 Bytes 12/14/2010 21:23:50
VBASE003.VDF : 7.11.0.2 2048 Bytes 12/14/2010 21:23:50
VBASE004.VDF : 7.11.0.3 2048 Bytes 12/14/2010 21:23:50
VBASE005.VDF : 7.11.0.4 2048 Bytes 12/14/2010 21:23:50
VBASE006.VDF : 7.11.0.5 2048 Bytes 12/14/2010 21:23:50
VBASE007.VDF : 7.11.0.6 2048 Bytes 12/14/2010 21:23:50
VBASE008.VDF : 7.11.0.7 2048 Bytes 12/14/2010 21:23:50
VBASE009.VDF : 7.11.0.8 2048 Bytes 12/14/2010 21:23:50
VBASE010.VDF : 7.11.0.9 2048 Bytes 12/14/2010 21:23:50
VBASE011.VDF : 7.11.0.10 2048 Bytes 12/14/2010 21:23:50
VBASE012.VDF : 7.11.0.11 2048 Bytes 12/14/2010 21:23:50
VBASE013.VDF : 7.11.0.52 128000 Bytes 12/16/2010 22:54:35
VBASE014.VDF : 7.11.0.91 226816 Bytes 12/20/2010 00:12:47
VBASE015.VDF : 7.11.0.122 136192 Bytes 12/21/2010 02:09:26
VBASE016.VDF : 7.11.0.156 122880 Bytes 12/24/2010 16:41:13
VBASE017.VDF : 7.11.0.185 146944 Bytes 12/27/2010 21:39:57
VBASE018.VDF : 7.11.0.228 132608 Bytes 12/30/2010 23:23:58
VBASE019.VDF : 7.11.1.5 148480 Bytes 1/3/2011 00:45:39
VBASE020.VDF : 7.11.1.37 156672 Bytes 1/7/2011 16:30:06
VBASE021.VDF : 7.11.1.65 140800 Bytes 1/10/2011 20:12:43
VBASE022.VDF : 7.11.1.87 225280 Bytes 1/11/2011 21:47:36
VBASE023.VDF : 7.11.1.88 2048 Bytes 1/11/2011 21:47:36
VBASE024.VDF : 7.11.1.89 2048 Bytes 1/11/2011 21:47:36
VBASE025.VDF : 7.11.1.90 2048 Bytes 1/11/2011 21:47:36
VBASE026.VDF : 7.11.1.91 2048 Bytes 1/11/2011 21:47:37
VBASE027.VDF : 7.11.1.92 2048 Bytes 1/11/2011 21:47:37
VBASE028.VDF : 7.11.1.93 2048 Bytes 1/11/2011 21:47:37
VBASE029.VDF : 7.11.1.94 2048 Bytes 1/11/2011 21:47:37
VBASE030.VDF : 7.11.1.95 2048 Bytes 1/11/2011 21:47:37
VBASE031.VDF : 7.11.1.117 94208 Bytes 1/13/2011 20:34:25
Engineversion : 8.2.4.140
AEVDF.DLL : 8.1.2.1 106868 Bytes 1/10/2011 21:23:26
AESCRIPT.DLL : 8.1.3.52 1282426 Bytes 1/7/2011 00:51:44
AESCN.DLL : 8.1.7.2 127349 Bytes 1/10/2011 21:23:26
AESBX.DLL : 8.1.3.2 254324 Bytes 1/10/2011 21:23:26
AERDL.DLL : 8.1.9.2 635252 Bytes 1/10/2011 21:23:25
AEPACK.DLL : 8.2.4.7 512375 Bytes 1/7/2011 00:51:44
AEOFFICE.DLL : 8.1.1.10 201084 Bytes 1/10/2011 21:23:25
AEHEUR.DLL : 8.1.2.64 3154294 Bytes 1/7/2011 00:51:44
AEHELP.DLL : 8.1.16.0 246136 Bytes 1/10/2011 21:23:19
AEGEN.DLL : 8.1.5.1 397683 Bytes 1/7/2011 00:51:43
AEEMU.DLL : 8.1.3.0 393589 Bytes 1/10/2011 21:23:18
AECORE.DLL : 8.1.19.0 196984 Bytes 1/10/2011 21:23:18
AEBB.DLL : 8.1.1.0 53618 Bytes 1/10/2011 21:23:18
AVWINLL.DLL : 10.0.0.0 19304 Bytes 1/10/2011 21:23:32
AVPREF.DLL : 10.0.0.0 44904 Bytes 1/10/2011 21:23:30
AVREP.DLL : 10.0.0.8 62209 Bytes 6/17/2010 21:27:13
AVREG.DLL : 10.0.3.2 53096 Bytes 1/10/2011 21:23:31
AVSCPLR.DLL : 10.0.3.2 84328 Bytes 1/10/2011 21:23:31
AVARKT.DLL : 10.0.22.6 231784 Bytes 1/10/2011 21:23:27
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1/10/2011 21:23:28
SQLITE3.DLL : 3.6.19.0 355688 Bytes 6/17/2010 21:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 1/10/2011 21:23:31
NETNT.DLL : 10.0.0.0 11624 Bytes 6/17/2010 21:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 20:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 1/10/2011 21:23:52

Configuration settings for the scan:
Jobname.............................: Short system scan after installation
Configuration file..................: c:\program files\avira\antivir desktop\setupprf.dat
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Friday, March 25, 2011 00:08

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avconfig.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avshadow.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'setup.exe' - '1' Module(s) have been scanned
Scan process 'presetup.exe' - '1' Module(s) have been scanned
Scan process 'avira_antivir_personal_en.exe' - '1' Module(s) have been scanned
Scan process 'NOTEPAD.EXE' - '1' Module(s) have been scanned
Scan process 'ymsgr_tray.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'BTTray.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'vsnpstd.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'igfxtray.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'btwdins.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'lxducoms.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'BTNtService.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:

Starting to scan executable files (registry).
The registry was scanned ( '1705' files ).



End of the scan: Friday, March 25, 2011 00:09
Used time: 00:56 Minute(s)

The scan has been done completely.

0 Scanned directories
2185 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
2185 Files not concerned
5 Archives were scanned
0 Warnings
0 Notes
 

·
Registered
Joined
·
26 Posts
Discussion Starter · #17 ·
I just went back into Avira and saw that an update error- prior to my scan - the program did NOT indicate this - so I initiated an update but it failed- reason being no connection to the server??? I have internet - obviously. So, this scan is not complete because the database is outdated???
 

·
Registered
Joined
·
26 Posts
Discussion Starter · #18 ·
Avira AntiVir Personal - Free Antivirus Updater
Complete product update

Creation time: Fri Mar 25 00:29:57 2011


Operating system:
Windows XP (Service Pack 2) [5.1.2600] 32 bit

Product information:
Product version: 10.0.0.611
Updater: C:\Program Files\Avira\AntiVir Desktop\update.exe 10.0.0.35
Update resource: C:\Program Files\Avira\AntiVir Desktop\updaterc.dll 10.0.9.0
Library: C:\Program Files\Avira\AntiVir Desktop\update.dll 0.1.0.44
Plugin: C:\Program Files\Avira\AntiVir Desktop\updext.dll 10.0.0.8
GUI: C:\Program Files\Avira\AntiVir Desktop\updgui.dll 10.0.2.0

Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\
Backup folder: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\BACKUP\
Installation Directory: C:\Program Files\Avira\AntiVir Desktop\
Updater folder: C:\Program Files\Avira\AntiVir Desktop\
AppData folder: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\

Proxy settings:
System settings used

0:29:57 [UPD] [INFO] Checking whether newer files are available.
0:29:58 [UPD] [INFO] Select update server 'http://80.190.143.226/update'.
0:29:58 [UPD] [INFO] Downloading of 'http://80.190.143.226/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
0:29:59 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://80.190.143.226/update/idx/master.idx' failed. Error: A connection with the server could not be established
0:29:59 [UPD] [INFO]
Select update server 'http://62.146.66.189/update'.
0:29:59 [UPD] [INFO] Downloading of 'http://62.146.66.189/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
0:30:00 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://62.146.66.189/update/idx/master.idx' failed. Error: A connection with the server could not be established
0:30:00 [UPD] [INFO] Select update server 'http://62.146.66.188/update'.
0:30:00 [UPD] [INFO] Downloading of 'http://62.146.66.188/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
0:30:01 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://62.146.66.188/update/idx/master.idx' failed. Error: A connection with the server could not be established
0:30:01 [UPD] [INFO] Select update server 'http://62.146.66.187/update'.
0:30:01 [UPD] [INFO] Downloading of 'http://62.146.66.187/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
0:30:02 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://62.146.66.187/update/idx/master.idx' failed. Error: A connection with the server could not be established
0:30:02 [UPD] [INFO] Select update server 'http://62.146.66.186/update'.
0:30:02 [UPD] [INFO] Downloading of 'http://62.146.66.186/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
0:30:03 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://62.146.66.186/update/idx/master.idx' failed. Error: A connection with the server could not be established
0:30:03 [UPD] [INFO] Select update server 'http://62.146.66.185/update'.
0:30:03 [UPD] [INFO] Downloading of 'http://62.146.66.185/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
0:30:04 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://62.146.66.185/update/idx/master.idx' failed. Error: A connection with the server could not be established
0:30:04 [UPD] [INFO] Select update server 'http://62.146.66.184/update'.
0:30:04 [UPD] [INFO] Downloading of 'http://62.146.66.184/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
0:30:05 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://62.146.66.184/update/idx/master.idx' failed. Error: A connection with the server could not be established
0:30:05 [UPD] [INFO] Select update server 'http://62.146.66.183/update'.
0:30:05 [UPD] [INFO] Downloading of 'http://62.146.66.183/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
0:30:06 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://62.146.66.183/update/idx/master.idx' failed. Error: A connection with the server could not be established
0:30:06 [UPD] [INFO] Select update server 'http://62.146.66.182/update'.
0:30:06 [UPD] [INFO] Downloading of 'http://62.146.66.182/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
0:30:07 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://62.146.66.182/update/idx/master.idx' failed. Error: A connection with the server could not be established
0:30:07 [UPD] [INFO] Select update server 'http://62.146.66.181/update'.
0:30:07 [UPD] [INFO] Downloading of 'http://62.146.66.181/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
0:30:08 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://62.146.66.181/update/idx/master.idx' failed. Error: A connection with the server could not be established
0:30:08 [UPD] [INFO] Select update server 'http://89.105.213.18/update'.
0:30:08 [UPD] [INFO] Downloading of 'http://89.105.213.18/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
0:30:09 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://89.105.213.18/update/idx/master.idx' failed. Error: A connection with the server could not be established
0:30:09 [UPD] [INFO] Select update server 'http://89.105.213.17/update'.
0:30:09 [UPD] [INFO] Downloading of 'http://89.105.213.17/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
0:30:10 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://89.105.213.17/update/idx/master.idx' failed. Error: A connection with the server could not be established
0:30:10 [UPDLIB] [ERROR] No additional servers found, the update will be canceled.
0:30:10 [UPD] [ERROR] Generation of update structure failed. UpdateLib delivers error 537.


Summary:
********
0 Files downloaded
0 Files installed

Fri Mar 25 00:30:10 2011
The update failed!
 

·
Registered
Joined
·
26 Posts
Discussion Starter · #19 ·
Avira AntiVir Personal - Free Antivirus
***************************************

Copyright © 2000 - 2010 Avira GmbH.
All rights reserved.


Contents
********

0 Important information
1 System requirements
2 Important requirements for installation
3 Support service
4 Contact address


0 Important information
***********************

When attempting to update, users who have a previously installed ANSI
version of the Avira AntiVir Personal software package on a Microsoft
Windows 2000 or Microsoft Windows XP operating system receive an
update message.

To perform an update, proceed as follows:

1. Uninstall the installed version of Avira AntiVir Personal.
2. Download an up-to-date software package from the download area of
the Avira AntiVir Personal website at
Avira AntiVir Personal - Free Antivirus.
3. Install this software package on your computer.


1 System requirements
*********************

For Avira AntiVir Personal to work perfectly, the computer system
must fulfil the following requirements:

- Computer as from Pentium, at least 266 MHz

- Operating system
- Windows 2000, SP4 and update rollup 1 or
- Windows XP, SP2 (32 or 64 Bit) or
- Windows Vista (32 or 64 Bit, SP 1 recommended) or
- Windows 7 (32 or 64 Bit)

Program interface displays may differ depending on the operating
system.

- At least 100 MB of free hard disk memory space (more if using
Quarantine for temporary storage)

- At least 192 MB RAM under Windows 2000/XP

- At least 512 MB RAM under Windows Vista

- For installation: Administrator rights

- For all installations: Windows Internet Explorer 6.0 or higher
(NOTE I'M USING FIREFOX - SHOULD I INSTALL VIA IE???)



2 Important requirements for installation
*****************************************

For Avira AntiVir Personal to function perfectly on your computer,
ensure that the following requirements are satisfied:

- System requirements are fulfilled
- No other virus guards are installed (On-Access Scanner, Guard).
- You have administrator rights
- Internet and/or intranet connection is available
- All programs running on your computer have been terminated


3 Support service
*****************

All necessary information on our comprehensive support service can be
obtained from our website at Support for Avira AntiVir Personal.
Experts are available to answer your questions and provide further
help with technical problems.


4 Contact address
*****************

If you have any questions or requests concerning the Avira AntiVir
Personal product range, we will be pleased to help. Our contact
addresses can be found on the internet at:

Avira Contact
 

·
Registered
Joined
·
26 Posts
Discussion Starter · #20 ·
Went into IE, would not connect - so I ran the diagnostic and here is the log

Last diagnostic run time: 03/25/11 00:38:17 Network Adapter Diagnostic Network location detection info Using home Internet connection Network adapter identification info Network connection: Name=Local Area Connection, Device=Realtek RTL8139/810x Family Fast Ethernet NIC, MediaType=LAN, SubMediaType=LAN info Network connection: Name=Wireless Network Connection, Device=Broadcom 802.11b/g WLAN, MediaType=LAN, SubMediaType=WIRELESS info Network connection: Name=Local Area Connection 3, Device=Bluetooth PAN Network Adapter, MediaType=LAN, SubMediaType=LAN info Network connection: Name=3G Connection, Device=Bluetooth DUN Modem, MediaType=PHONE, SubMediaType=NONE info Network connection: Name=CDMA, Device=Bluetooth DUN Modem, MediaType=PHONE, SubMediaType=NONE warn This machine has more than one Ethernet or more than one Wireless adapter info Redirecting user to support call HTTP, HTTPS, FTP Diagnostic HTTP, HTTPS, FTP connectivity warn HTTP: Error 12029 connecting to Microsoft Corporation: Software, Smartphones, Online, Games, Cloud Computing, IT Business Technology, Downloads A connection with the server could not be established info HTTPS: Successfully connected to Microsoft Corporation: Software, Smartphones, Online, Games, Cloud Computing, IT Business Technology, Downloads. warn HTTP: Error 12029 connecting to Sign In A connection with the server could not be established warn FTP (Passive): Error 12031 connecting to ftp.microsoft.com: The connection with the server was reset warn FTP (Active): Error 12031 connecting to ftp.microsoft.com: The connection with the server was reset error Could not make an HTTP connection. error Could not make an FTP connection.

 
1 - 20 of 41 Posts
Status
Not open for further replies.
Top