Jump to content

robvac3

Members
  • Posts

    8
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Great! Should I run defogger to turn my cd burner back on? Once you're conviced we got it, how can I create a new saved confg to boot back to should I run into a problem again? Robert
  2. Hi, I rebooted earlier. I ran TDSSKiller scan again and it found no problems.
  3. Hello, I ran the applications you suggested, and each ran fine. The TDSSKiller found a rootkit problem, for which I chose cure. I pasted the text below. BTW, my PC is running Windows 7. I browsed a bunch of websites with no apparent issues. I will continue to use my PC and let you know again how its running. Thanks, Robert 2011/01/22 14:24:06.0848 TDSS rootkit removing tool 2.4.14.0 Jan 18 2011 09:33:51 2011/01/22 14:24:06.0848 ================================================================================ 2011/01/22 14:24:06.0848 SystemInfo: 2011/01/22 14:24:06.0848 2011/01/22 14:24:06.0848 OS Version: 6.1.7600 ServicePack: 0.0 2011/01/22 14:24:06.0848 Product type: Workstation 2011/01/22 14:24:06.0849 ComputerName: ROB-PC7 2011/01/22 14:24:06.0849 UserName: Rob 2011/01/22 14:24:06.0850 Windows directory: C:\Windows 2011/01/22 14:24:06.0850 System windows directory: C:\Windows 2011/01/22 14:24:06.0850 Running under WOW64 2011/01/22 14:24:06.0850 Processor architecture: Intel x64 2011/01/22 14:24:06.0850 Number of processors: 2 2011/01/22 14:24:06.0850 Page size: 0x1000 2011/01/22 14:24:06.0850 Boot type: Normal boot 2011/01/22 14:24:06.0850 ================================================================================ 2011/01/22 14:24:06.0851 Utility is running under WOW64 2011/01/22 14:24:07.0144 Initialize success 2011/01/22 14:24:11.0504 ================================================================================ 2011/01/22 14:24:11.0505 Scan started 2011/01/22 14:24:11.0505 Mode: Manual; 2011/01/22 14:24:11.0505 ================================================================================ 2011/01/22 14:24:12.0891 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 2011/01/22 14:24:13.0062 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 2011/01/22 14:24:13.0187 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 2011/01/22 14:24:13.0261 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/01/22 14:24:13.0401 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 2011/01/22 14:24:13.0553 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 2011/01/22 14:24:13.0821 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys 2011/01/22 14:24:14.0011 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 2011/01/22 14:24:14.0148 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 2011/01/22 14:24:14.0271 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 2011/01/22 14:24:14.0328 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 2011/01/22 14:24:14.0444 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 2011/01/22 14:24:14.0548 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys 2011/01/22 14:24:14.0661 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/01/22 14:24:14.0713 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys 2011/01/22 14:24:14.0799 ApfiltrService (9815014f3e30357168da272088c6f12f) C:\Windows\system32\DRIVERS\Apfiltr.sys 2011/01/22 14:24:14.0958 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 2011/01/22 14:24:15.0035 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 2011/01/22 14:24:15.0121 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 2011/01/22 14:24:15.0182 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/01/22 14:24:15.0376 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 2011/01/22 14:24:15.0510 athr (5d4529ac4156e16bedb01441ae0cf984) C:\Windows\system32\DRIVERS\athrx.sys 2011/01/22 14:24:15.0689 AtiHdmiService (38467ff83c2b4265d51f418812a91e3c) C:\Windows\system32\drivers\AtiHdmi.sys 2011/01/22 14:24:15.0891 atikmdag (c5758bf1dfd762a5b17041ff061b7750) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/01/22 14:24:16.0169 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys 2011/01/22 14:24:16.0290 AvgLdx64 (b447db072bf939db9e07bef2adf4ecbd) C:\Windows\system32\Drivers\avgldx64.sys 2011/01/22 14:24:16.0376 AvgMfx64 (405baabbb48f9176e220020b1a77c47b) C:\Windows\system32\Drivers\avgmfx64.sys 2011/01/22 14:24:16.0441 AvgTdiA (ce90aec358a809e7bce6bb0f1da84622) C:\Windows\system32\Drivers\avgtdia.sys 2011/01/22 14:24:16.0566 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 2011/01/22 14:24:16.0702 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 2011/01/22 14:24:16.0884 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys 2011/01/22 14:24:17.0029 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 2011/01/22 14:24:17.0194 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/01/22 14:24:17.0242 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys 2011/01/22 14:24:17.0348 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/01/22 14:24:17.0399 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/01/22 14:24:17.0445 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 2011/01/22 14:24:17.0556 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/01/22 14:24:17.0599 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/01/22 14:24:17.0707 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/01/22 14:24:17.0764 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/01/22 14:24:17.0923 CAXHWAZL (d1787e11c6a0078ddeaf8cf3ee2ab293) C:\Windows\system32\DRIVERS\CAXHWAZL.sys 2011/01/22 14:24:17.0979 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/01/22 14:24:18.0138 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 2011/01/22 14:24:18.0261 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 2011/01/22 14:24:18.0314 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 2011/01/22 14:24:18.0464 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/01/22 14:24:18.0495 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 2011/01/22 14:24:18.0536 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys 2011/01/22 14:24:18.0692 CnxtHdAudService (20f3f8674d7dee5d90a352b775d5d5ba) C:\Windows\system32\drivers\CHDRT64.sys 2011/01/22 14:24:18.0805 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 2011/01/22 14:24:18.0871 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 2011/01/22 14:24:18.0970 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/01/22 14:24:19.0115 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys 2011/01/22 14:24:19.0168 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 2011/01/22 14:24:19.0291 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 2011/01/22 14:24:19.0457 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 2011/01/22 14:24:19.0534 DXGKrnl (24ce1ecf9d0ae0301775b07f5fea175b) C:\Windows\System32\drivers\dxgkrnl.sys 2011/01/22 14:24:19.0704 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 2011/01/22 14:24:19.0939 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 2011/01/22 14:24:20.0049 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 2011/01/22 14:24:20.0125 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 2011/01/22 14:24:20.0240 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 2011/01/22 14:24:20.0315 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 2011/01/22 14:24:20.0446 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 2011/01/22 14:24:20.0488 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 2011/01/22 14:24:20.0515 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/01/22 14:24:20.0630 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 2011/01/22 14:24:20.0722 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 2011/01/22 14:24:20.0812 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 2011/01/22 14:24:20.0898 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 2011/01/22 14:24:21.0007 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/01/22 14:24:21.0186 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 2011/01/22 14:24:21.0241 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 2011/01/22 14:24:21.0383 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/01/22 14:24:21.0417 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/01/22 14:24:21.0444 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 2011/01/22 14:24:21.0545 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 2011/01/22 14:24:21.0687 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 2011/01/22 14:24:21.0767 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 2011/01/22 14:24:21.0886 HSF_DPV (26c5d00321937e49b6bc91029947d094) C:\Windows\system32\DRIVERS\CAX_DPV.sys 2011/01/22 14:24:22.0009 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 2011/01/22 14:24:22.0116 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 2011/01/22 14:24:22.0257 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/01/22 14:24:22.0319 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys 2011/01/22 14:24:22.0616 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys 2011/01/22 14:24:22.0894 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 2011/01/22 14:24:22.0942 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 2011/01/22 14:24:22.0986 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 2011/01/22 14:24:23.0093 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/01/22 14:24:23.0149 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 2011/01/22 14:24:23.0264 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 2011/01/22 14:24:23.0385 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 2011/01/22 14:24:23.0443 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 2011/01/22 14:24:23.0544 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/01/22 14:24:23.0600 k57nd60a (249ee2d26cb1530f3bede0ac8b9e3099) C:\Windows\system32\DRIVERS\k57nd60a.sys 2011/01/22 14:24:23.0714 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/01/22 14:24:23.0767 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/01/22 14:24:23.0877 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys 2011/01/22 14:24:23.0963 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys 2011/01/22 14:24:24.0091 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 2011/01/22 14:24:24.0231 L1E (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys 2011/01/22 14:24:24.0467 LHidFilt (97caaa9fd47af67e590552c34ce2d9b1) C:\Windows\system32\DRIVERS\LHidFilt.Sys 2011/01/22 14:24:24.0659 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 2011/01/22 14:24:24.0780 LMouFilt (1a3c49b3edba8f8faf49ad5679813321) C:\Windows\system32\DRIVERS\LMouFilt.Sys 2011/01/22 14:24:24.0872 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/01/22 14:24:24.0996 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/01/22 14:24:25.0046 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/01/22 14:24:25.0141 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/01/22 14:24:25.0194 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 2011/01/22 14:24:25.0304 LUsbFilt (d67f18191c0ced7212d771190f032158) C:\Windows\system32\Drivers\LUsbFilt.Sys 2011/01/22 14:24:25.0399 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys 2011/01/22 14:24:25.0511 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 2011/01/22 14:24:25.0558 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/01/22 14:24:25.0668 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 2011/01/22 14:24:25.0719 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 2011/01/22 14:24:25.0845 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 2011/01/22 14:24:26.0015 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 2011/01/22 14:24:26.0054 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 2011/01/22 14:24:26.0158 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 2011/01/22 14:24:26.0207 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 2011/01/22 14:24:26.0263 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 2011/01/22 14:24:26.0367 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/01/22 14:24:26.0414 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/01/22 14:24:26.0470 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/01/22 14:24:26.0600 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 2011/01/22 14:24:26.0643 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 2011/01/22 14:24:26.0779 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 2011/01/22 14:24:26.0826 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 2011/01/22 14:24:26.0936 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 2011/01/22 14:24:27.0060 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 2011/01/22 14:24:27.0099 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/01/22 14:24:27.0137 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 2011/01/22 14:24:27.0175 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 2011/01/22 14:24:27.0273 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/01/22 14:24:27.0325 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 2011/01/22 14:24:27.0372 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/01/22 14:24:27.0477 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 2011/01/22 14:24:27.0541 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 2011/01/22 14:24:27.0667 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 2011/01/22 14:24:27.0781 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/01/22 14:24:27.0841 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/01/22 14:24:27.0931 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/01/22 14:24:27.0979 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/01/22 14:24:28.0021 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 2011/01/22 14:24:28.0124 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 2011/01/22 14:24:28.0163 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 2011/01/22 14:24:28.0312 netr28x (b72bb9496a126fcfc7fc5945ded9b411) C:\Windows\system32\DRIVERS\netr28x.sys 2011/01/22 14:24:28.0442 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/01/22 14:24:28.0497 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 2011/01/22 14:24:28.0535 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 2011/01/22 14:24:28.0675 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys 2011/01/22 14:24:28.0813 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys 2011/01/22 14:24:28.0865 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 2011/01/22 14:24:28.0978 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys 2011/01/22 14:24:29.0015 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys 2011/01/22 14:24:29.0117 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 2011/01/22 14:24:29.0245 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/01/22 14:24:29.0324 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 2011/01/22 14:24:29.0410 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 2011/01/22 14:24:29.0459 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 2011/01/22 14:24:29.0495 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 2011/01/22 14:24:29.0598 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/01/22 14:24:29.0644 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 2011/01/22 14:24:29.0686 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 2011/01/22 14:24:29.0862 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 2011/01/22 14:24:29.0900 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 2011/01/22 14:24:30.0033 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 2011/01/22 14:24:30.0106 PTDUBus (bccea08c45bea866ffd2af32d23611b5) C:\Windows\system32\DRIVERS\PTDUBus.sys 2011/01/22 14:24:30.0267 PTDUMdm (f94a0753921e97cebb9002682097149a) C:\Windows\system32\DRIVERS\PTDUMdm.sys 2011/01/22 14:24:30.0353 PTDUVsp (ac70cdae9e26d26ef6f41c3c23087aae) C:\Windows\system32\DRIVERS\PTDUVsp.sys 2011/01/22 14:24:30.0413 PTDUWFLT (1d2bd34a8e5c9efd75085af598a7d9b4) C:\Windows\system32\DRIVERS\PTDUWFLT.sys 2011/01/22 14:24:30.0566 PTDUWWAN (3d47d2ae93fdf671c3c997b2fac4e13f) C:\Windows\system32\DRIVERS\PTDUWWAN.sys 2011/01/22 14:24:30.0674 PxHlpa64 (a6bf0a9b5a30d743623ca0d3be35df05) C:\Windows\system32\Drivers\PxHlpa64.sys 2011/01/22 14:24:30.0818 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 2011/01/22 14:24:30.0960 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/01/22 14:24:31.0013 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 2011/01/22 14:24:31.0063 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 2011/01/22 14:24:31.0166 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/01/22 14:24:31.0231 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/01/22 14:24:31.0349 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/01/22 14:24:31.0392 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 2011/01/22 14:24:31.0438 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 2011/01/22 14:24:31.0550 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/01/22 14:24:31.0594 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/01/22 14:24:31.0651 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 2011/01/22 14:24:31.0749 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 2011/01/22 14:24:31.0799 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 2011/01/22 14:24:31.0859 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 2011/01/22 14:24:31.0992 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys 2011/01/22 14:24:32.0151 RimVSerPort (0de22421179d5a8440b68517ddf2b051) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys 2011/01/22 14:24:32.0274 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys 2011/01/22 14:24:32.0442 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 2011/01/22 14:24:32.0513 RSUSBSTOR (2db8116d52b19216812c4e6d5d837810) C:\Windows\System32\Drivers\RtsUStor.sys 2011/01/22 14:24:32.0687 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 2011/01/22 14:24:32.0826 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 2011/01/22 14:24:32.0915 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2011/01/22 14:24:33.0051 Ser2ph (de3135e7ed559fc1c1b92aa7ba52ccdb) C:\Windows\system32\DRIVERS\ser2ph64.sys 2011/01/22 14:24:33.0130 Ser2rs (487fe5ca3b50cf31989298108f192a73) C:\Windows\system32\DRIVERS\ser2rs64.sys 2011/01/22 14:24:33.0237 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 2011/01/22 14:24:33.0295 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 2011/01/22 14:24:33.0405 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 2011/01/22 14:24:33.0478 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 2011/01/22 14:24:33.0500 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 2011/01/22 14:24:33.0522 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys 2011/01/22 14:24:33.0619 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/01/22 14:24:33.0755 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/01/22 14:24:33.0805 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/01/22 14:24:33.0918 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 2011/01/22 14:24:34.0024 SMSIVZAM5X64 (b5d3c24e4ea8e6d4850e83dad8c510d4) C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS 2011/01/22 14:24:34.0150 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 2011/01/22 14:24:34.0253 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys 2011/01/22 14:24:34.0373 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys 2011/01/22 14:24:34.0460 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS 2011/01/22 14:24:34.0610 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 2011/01/22 14:24:34.0750 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 2011/01/22 14:24:34.0873 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys 2011/01/22 14:24:34.0934 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 2011/01/22 14:24:35.0033 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 2011/01/22 14:24:35.0237 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys 2011/01/22 14:24:35.0415 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys 2011/01/22 14:24:35.0541 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 2011/01/22 14:24:35.0596 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 2011/01/22 14:24:35.0636 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 2011/01/22 14:24:35.0740 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 2011/01/22 14:24:35.0778 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 2011/01/22 14:24:35.0930 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/01/22 14:24:35.0978 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 2011/01/22 14:24:36.0106 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 2011/01/22 14:24:36.0175 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys 2011/01/22 14:24:36.0287 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 2011/01/22 14:24:36.0372 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 2011/01/22 14:24:36.0480 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 2011/01/22 14:24:36.0524 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 2011/01/22 14:24:36.0576 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/01/22 14:24:36.0712 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 2011/01/22 14:24:36.0753 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys 2011/01/22 14:24:36.0885 usbfilter (6648c6d7323a2ce0c4776c36cefbcb14) C:\Windows\system32\DRIVERS\usbfilter.sys 2011/01/22 14:24:36.0991 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys 2011/01/22 14:24:37.0094 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys 2011/01/22 14:24:37.0136 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 2011/01/22 14:24:37.0162 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/01/22 14:24:37.0254 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/01/22 14:24:37.0319 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys 2011/01/22 14:24:37.0469 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 2011/01/22 14:24:37.0543 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/01/22 14:24:37.0624 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 2011/01/22 14:24:37.0675 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 2011/01/22 14:24:37.0723 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 2011/01/22 14:24:37.0810 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 2011/01/22 14:24:37.0868 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 2011/01/22 14:24:37.0910 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 2011/01/22 14:24:37.0998 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/01/22 14:24:38.0057 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 2011/01/22 14:24:38.0136 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 2011/01/22 14:24:38.0179 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 2011/01/22 14:24:38.0251 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 2011/01/22 14:24:38.0299 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/01/22 14:24:38.0320 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/01/22 14:24:38.0479 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 2011/01/22 14:24:38.0553 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 2011/01/22 14:24:38.0740 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/01/22 14:24:38.0795 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 2011/01/22 14:24:38.0857 winachsf (a6ea7a3fc4b00f48535b506db1e86efd) C:\Windows\system32\DRIVERS\CAX_CNXT.sys 2011/01/22 14:24:39.0044 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys 2011/01/22 14:24:39.0186 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/01/22 14:24:39.0276 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 2011/01/22 14:24:39.0397 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 2011/01/22 14:24:39.0467 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/01/22 14:24:39.0606 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys 2011/01/22 14:24:39.0764 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0) 2011/01/22 14:24:39.0771 ================================================================================ 2011/01/22 14:24:39.0771 Scan finished 2011/01/22 14:24:39.0771 ================================================================================ 2011/01/22 14:24:39.0793 Detected object count: 1 2011/01/22 14:24:53.0138 \HardDisk0 - will be cured after reboot 2011/01/22 14:24:53.0139 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure 2011/01/22 14:25:15.0439 Deinitialize success
  4. Hi, Well, did a little more browsing this morning, and got my "congratulations, You won a Wal Mart gift Card" pop-up and new browser window. Also, when I click on a new tab from an open browser window, I intermittantly get the new tab windo to open, but it stays in processing mode. Meaning, the little spinning icon indicating that the window is opening just hangs there, and the new tab window never opens. The only way I can close my browser when it hangs its to close the process in task manager. Often I will see more ieExplorer processes running in there than I have open. Makes me fearful that there is stuff running in the background. Thank you. Robert
  5. Hello, When I start IE it often hangs as if there is some process running in the background. When IE does open, and I start navigating through websites, I often get advertising pages popping up with a news or walmart website that contains a dialog box that prevents me from closing the window. I often have to close IE from task manager. Occasionally, an application called Whitesmoke gets loaded. I'll uninstall the app via control panel, and MalwareBytes goes after remaing files. This has happened twice. Please help! Malwarebytes log: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5554 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 1/19/2011 10:38:21 AM mbam-log-2011-01-19 (10-38-21).txt Scan type: Quick scan Objects scanned: 205849 Time elapsed: 5 minute(s), 2 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) DDS.txt file DDS (Ver_10-10-10.03) - NTFS_AMD64 Run by Rob at 11:32:23.93 on Wed 01/19/2011 Internet Explorer: 8.0.7600.16385 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3838.2269 [GMT -7:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Program Files (x86)\AVG\AVG9\avgchsva.exe C:\Program Files (x86)\AVG\AVG9\avgrsa.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe C:\Windows\system32\svchost.exe -k HsfXAudioService C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe C:\Windows\System32\tcpsvcs.exe C:\Windows\System32\snmp.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe C:\Program Files (x86)\AVG\AVG9\avgnsa.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\AVG\AVG9\avgemc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files (x86)\PayPal Payment Request Wizard\QB US edition\OEHook.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Apoint2K\HidFind.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe C:\Windows\system32\conhost.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\sppsvc.exe C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files (x86)\Microsoft Streets & Trips 2010\StreetsOlkShim.exe C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Rob\Desktop\dds.scr C:\Windows\system32\conhost.exe ============== Pseudo HJT Report =============== uDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv52_series&r=2736100995b6l03c0z1h5a4751t295 uStart Page = hxxp://www.google.com/ mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv52_series&r=2736091095b6l03c0z1h5a4751t295 mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv52_series&r=2736091095b6l03c0z1h5a4751t295 uInternet Settings,ProxyServer = http=127.0.0.1:5555 uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized mRun: [intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup mRun: [<NO NAME>] mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" dRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe -update activex StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\PayPal Payment Request Wizard\QB US edition\OEHook.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll Trusted Zone: real.com\rhap-app-4-0 Trusted Zone: real.com\rhapreg DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File mRun-x64: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe mRun-x64: [Apoint] C:\Program Files\Apoint2K\Apoint.exe mRun-x64: [Acer ePower Management] C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe mRun-x64: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE AppInit_DLLs-X64: avgrssta.dll Hosts: 127.0.0.1 www.spywareinfo.com ============= SERVICES / DRIVERS =============== R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-11-12 52856] R1 AvgLdx64;AVG Free AVI Loader Driver x64;C:\Windows\System32\drivers\avgldx64.sys [2010-9-21 269904] R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-21 35536] R1 AvgTdiA;AVG Free Network Redirector x64;C:\Windows\System32\drivers\avgtdia.sys [2010-9-21 317520] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-9-21 203264] R2 avg9emc;AVG Free E-mail Scanner;C:\Program Files (x86)\AVG\AVG9\avgemc.exe [2010-9-21 921952] R2 avg9wd;AVG Free WatchDog;C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2010-9-21 308136] R2 ePowerSvc;Acer ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2010-9-21 844320] R2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 27136] R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-8-20 62720] R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2009-8-14 240160] R3 CAXHWAZL;CAXHWAZL;C:\Windows\System32\drivers\CAXHWAZL.sys [2010-9-21 292864] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-6-20 317480] R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-9-21 34872] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-22 135664] S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-10-26 517448] S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\System32\drivers\netr28x.sys [2009-6-10 620544] S3 PTDUBus;PANTECH UM175 Composite Device Driver ;C:\Windows\System32\drivers\PTDUBus.sys [2010-9-25 70672] S3 PTDUMdm;PANTECH UM175 Drivers;C:\Windows\System32\drivers\PTDUMdm.sys [2010-9-25 173456] S3 PTDUVsp;PANTECH UM175 Diagnostic Port;C:\Windows\System32\drivers\PTDUVsp.sys [2010-9-25 173456] S3 PTDUWFLT;PTDUWWAN Filter Driver;C:\Windows\System32\drivers\PTDUWFLT.sys [2010-9-25 12688] S3 PTDUWWAN;PANTECH UM175 WWAN Driver;C:\Windows\System32\drivers\PTDUWWAN.sys [2010-9-25 141840] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2009-8-14 216064] S3 Ser2ph;Microsoft USB GPS driver;C:\Windows\System32\drivers\ser2ph64.sys [2009-5-19 89600] S3 Ser2rs;Radioshack USB to Serial Driver;C:\Windows\System32\drivers\ser2rs64.sys [2010-9-22 90112] S3 SMSIVZAM5X64;SMSIVZAM5X64 NDIS Protocol Driver;C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS [2009-5-25 43032] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864] S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-9-23 1255736] =============== Created Last 30 ================ 2011-01-13 10:02:06 -------- d-----w- C:\4af8b507e5a78e3e13187c 2010-12-27 14:48:16 0 ----a-w- C:\Windows\SysWow64\lsp56CF.tmp 2010-12-26 18:26:36 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2010-12-26 18:26:07 -------- d-----w- C:\Program Files (x86)\LeapFrog 2010-12-26 18:26:07 -------- d-----w- C:\PROGRA~3\Leapfrog 2010-12-25 21:50:03 -------- d-----w- C:\Program Files (x86)\Search Toolbar 2010-12-25 21:49:56 -------- d-----w- C:\Program Files\ZalmanFrisbee 2010-12-25 15:44:36 -------- d-----r- C:\Program Files (x86)\Skype ==================== Find3M ==================== 2011-01-13 06:15:22 256 ----a-w- C:\Windows\SysWow64\pool.bin 2010-12-21 01:08:40 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2010-11-04 06:35:53 1194496 ----a-w- C:\Windows\System32\wininet.dll 2010-11-04 06:31:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll 2010-11-04 05:52:17 978944 ----a-w- C:\Windows\SysWow64\wininet.dll 2010-11-04 05:48:36 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll 2010-11-04 05:16:14 482816 ----a-w- C:\Windows\System32\html.iec 2010-11-04 04:41:26 386048 ----a-w- C:\Windows\SysWow64\html.iec 2010-11-04 04:35:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2010-11-04 04:08:54 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2010-11-02 05:18:59 662528 ----a-w- C:\Windows\System32\XpsPrint.dll 2010-11-02 05:18:59 229888 ----a-w- C:\Windows\System32\XpsRasterService.dll 2010-11-02 05:18:58 470016 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2010-11-02 05:18:17 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll 2010-11-02 05:17:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll 2010-11-02 05:17:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll 2010-11-02 05:16:53 1114624 ----a-w- C:\Windows\System32\schedsvc.dll 2010-11-02 05:12:53 1133568 ----a-w- C:\Windows\System32\FntCache.dll 2010-11-02 05:12:25 1540608 ----a-w- C:\Windows\System32\DWrite.dll 2010-11-02 05:12:08 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll 2010-11-02 05:12:07 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll 2010-11-02 05:12:06 902656 ----a-w- C:\Windows\System32\d2d1.dll 2010-11-02 05:12:06 197120 ----a-w- C:\Windows\System32\d3d10_1.dll 2010-11-02 05:10:47 464384 ----a-w- C:\Windows\System32\taskeng.exe 2010-11-02 05:10:32 285696 ----a-w- C:\Windows\System32\schtasks.exe 2010-11-02 04:59:08 144384 ----a-w- C:\Windows\System32\cdd.dll 2010-11-02 04:41:36 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2010-11-02 04:41:36 283648 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll 2010-11-02 04:41:36 135168 ----a-w- C:\Windows\SysWow64\XpsRasterService.dll 2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll 2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll 2010-11-02 04:35:51 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll 2010-11-02 04:35:35 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll 2010-11-02 04:35:34 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2010-11-02 04:35:34 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll 2010-11-02 04:35:34 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll 2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe 2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe 2010-10-27 05:06:22 2048 ----a-w- C:\Windows\System32\tzres.dll 2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll ============= FINISH: 11:34:30.89 =============== Thank you! Robert Attach.zip
  6. Sorry, I forgot to attach the MBAM log file. Here it is. Thanks, Robert MBAM log Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4886 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 10/19/2010 3:28:26 PM mbam-log-2010-10-19 (15-28-26).txt Scan type: Quick scan Objects scanned: 177488 Time elapsed: 6 minute(s), 8 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  7. Hi, I have a Windows 7 laptop from Gateway. Recently got infected and reloaded my operating system. I am suspicious that my recovery disks might even be infected. In any event, I'm infected again. It seems to be related to my browser (IExplorer and Firefox). Browser windows suddenly pop up with ads, sometimes just sound files turn on. MBAM, Spybot, Hijack This and AVG can't fix this problem. Please help! I will post DDS.txt below, and I will attach the attach.ZIP file, but I was unable to download GMER. If you can give me another link to it, I will gladly download and get that file over too. Thank you in advance for you help! Robert DDS.txt DDS (Ver_10-10-10.03) - NTFS_AMD64 Run by Rob at 21:43:00.63 on Tue 10/19/2010 Internet Explorer: 8.0.7600.16385 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3838.2205 [GMT -6:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Program Files (x86)\AVG\AVG9\avgchsva.exe C:\Program Files (x86)\AVG\AVG9\avgrsa.exe C:\Windows\system32\lsm.exe C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe C:\Windows\system32\svchost.exe -k HsfXAudioService C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe C:\Windows\System32\tcpsvcs.exe C:\Windows\System32\snmp.exe C:\Program Files (x86)\AVG\AVG9\avgnsa.exe C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe C:\Program Files (x86)\AVG\AVG9\avgemc.exe C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files (x86)\PayPal Payment Request Wizard\QB US edition\OEHook.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Apoint2K\HidFind.exe C:\Program Files\Apoint2K\Apntex.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\AVG\AVG9\avgtray .exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe C:\Windows\system32\taskmgr.exe C:\PROGRA~2\Intuit\QUICKB~1\QBDBMgr.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\PROGRA~2\Yahoo!\MESSEN~1\YAHOOM~1.EXE C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\sysWow64\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Users\Rob\Desktop\dds.scr C:\Windows\system32\conhost.exe ============== Pseudo HJT Report =============== uDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv52_series&r=2736100995b6l03c0z1h5a4751t295 uStart Page = hxxp://www.google.com/ mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv52_series&r=2736091095b6l03c0z1h5a4751t295 mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=nv52_series&r=2736091095b6l03c0z1h5a4751t295 uInternet Settings,ProxyServer = http=127.0.0.1:5555 uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll BHO: {5c255c8a-e604-49b4-9d64-90988571cecb} - __BHODemonDisabled BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll__BHODemonDisabled BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll__BHODemonDisabled BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll__BHODemonDisabled BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet mRun: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe dRunOnce: [FlashPlayerUpdate] C:\Windows\SysWow64\Macromed\Flash\FlashUtil10b.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\PayPal Payment Request Wizard\QB US edition\OEHook.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll Trusted Zone: real.com\rhap-app-4-0 Trusted Zone: real.com\rhapreg DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File mRun-x64: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe mRun-x64: [Apoint] C:\Program Files\Apoint2K\Apoint.exe mRun-x64: [Acer ePower Management] C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe mRun-x64: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE AppInit_DLLs-X64: avgrssta.dll Hosts: 127.0.0.1 www.spywareinfo.com ============= SERVICES / DRIVERS =============== R1 AvgLdx64;AVG Free AVI Loader Driver x64;C:\Windows\System32\drivers\avgldx64.sys [2010-9-21 269904] R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-21 35536] R1 AvgTdiA;AVG Free Network Redirector x64;C:\Windows\System32\drivers\avgtdia.sys [2010-9-21 317520] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-9-21 203264] R2 avg9emc;AVG Free E-mail Scanner;C:\Program Files (x86)\AVG\AVG9\avgemc.exe [2010-9-21 921952] R2 avg9wd;AVG Free WatchDog;C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2010-9-21 308136] R2 ePowerSvc;Acer ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2010-9-21 844320] R2 HsfXAudioService;HsfXAudioService;C:\Windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 27136] R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-8-20 62720] R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2009-8-15 240160] R3 CAXHWAZL;CAXHWAZL;C:\Windows\System32\drivers\CAXHWAZL.sys [2010-9-21 292864] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-6-20 317480] R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-9-21 34872] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-22 135664] S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-9-21 431432] S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\System32\drivers\netr28x.sys [2009-6-10 620544] S3 PTDUBus;PANTECH UM175 Composite Device Driver ;C:\Windows\System32\drivers\PTDUBus.sys [2010-9-25 70672] S3 PTDUMdm;PANTECH UM175 Drivers;C:\Windows\System32\drivers\PTDUMdm.sys [2010-9-25 173456] S3 PTDUVsp;PANTECH UM175 Diagnostic Port;C:\Windows\System32\drivers\PTDUVsp.sys [2010-9-25 173456] S3 PTDUWFLT;PTDUWWAN Filter Driver;C:\Windows\System32\drivers\PTDUWFLT.sys [2010-9-25 12688] S3 PTDUWWAN;PANTECH UM175 WWAN Driver;C:\Windows\System32\drivers\PTDUWWAN.sys [2010-9-25 141840] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2009-8-15 216064] S3 Ser2rs;Radioshack USB to Serial Driver;C:\Windows\System32\drivers\ser2rs64.sys [2010-9-22 90112] S3 SMSIVZAM5X64;SMSIVZAM5X64 NDIS Protocol Driver;C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS [2009-5-25 43032] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864] S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-9-23 1255736] =============== Created Last 30 ================ 2010-10-20 03:21:34 -------- d-----w- C:\Users\Rob\AppData\Local\Yahoo 2010-10-19 23:24:40 -------- d-----w- C:\Program Files (x86)\Yahoo! 2010-10-19 20:09:31 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2010-10-19 14:06:06 -------- d-----w- C:\Users\Rob\AppData\Local\ElevatedDiagnostics 2010-10-19 14:00:38 101376 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPWN7.DLL 2010-10-17 15:32:29 388096 ----a-r- C:\Users\Rob\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-10-17 15:32:29 -------- d-----w- C:\Program Files (x86)\Trend Micro 2010-10-17 14:02:33 74760 ----a-w- C:\PROGRA~3\V6883NMx.exe 2010-10-15 20:20:43 -------- d-----w- C:\Program Files (x86)\Citrix 2010-10-15 20:19:42 -------- d-----w- C:\Users\Rob\AppData\Local\Deployment 2010-10-15 20:19:42 -------- d-----w- C:\Users\Rob\AppData\Local\Apps 2010-10-14 22:48:18 3123712 ----a-w- C:\Windows\System32\win32k.sys 2010-10-09 19:08:16 569397 ----a-w- C:\Program Files (x86)\Internet Explorer\PLUGINS\RichFX\Player\nprfxins.dll 2010-10-09 19:08:13 -------- d-----w- C:\Program Files (x86)\V CAST Music with Rhapsody 2010-10-01 03:01:16 230400 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzppw71.dll 2010-09-30 16:29:48 184832 ----a-w- C:\Windows\System32\drivers\usbvideo.sys 2010-09-30 16:29:47 243712 ----a-w- C:\Windows\System32\drivers\ks.sys 2010-09-29 14:09:41 929844 ----a-w- C:\Windows\SysWow64\MFC42D.DLL 2010-09-29 14:09:41 798773 ----a-w- C:\Windows\SysWow64\MFCO42D.DLL 2010-09-29 14:09:41 385100 ----a-w- C:\Windows\SysWow64\MSVCRTD.DLL 2010-09-29 14:09:39 -------- d-----w- C:\Program Files (x86)\PayPal Payment Request Wizard 2010-09-29 14:09:01 692224 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll 2010-09-29 14:09:01 57344 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll 2010-09-29 14:09:01 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe 2010-09-29 14:09:01 237568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll 2010-09-29 14:09:01 155648 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll 2010-09-29 14:09:00 282756 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll 2010-09-29 14:09:00 163972 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll 2010-09-29 13:22:17 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2010-09-29 13:22:17 2048 ----a-w- C:\Windows\System32\tzres.dll 2010-09-29 13:21:56 13312 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll 2010-09-29 13:21:56 13312 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll 2010-09-28 22:26:50 33792 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\sdt1cpc.dll 2010-09-25 14:46:13 -------- d-----w- C:\Users\Rob\AppData\Roaming\Verizon Wireless 2010-09-25 14:45:35 -------- d-----w- C:\PROGRA~3\Verizon Wireless 2010-09-25 14:45:34 -------- d-----w- C:\Program Files (x86)\Verizon Wireless 2010-09-25 14:19:22 70672 ----a-w- C:\Windows\System32\drivers\PTDUBus.sys 2010-09-25 14:19:22 173456 ----a-w- C:\Windows\System32\drivers\PTDUVsp.sys 2010-09-25 14:19:22 173456 ----a-w- C:\Windows\System32\drivers\PTDUMdm.sys 2010-09-25 14:19:22 141840 ----a-w- C:\Windows\System32\drivers\PTDUWWAN.sys 2010-09-25 14:19:22 12688 ----a-w- C:\Windows\System32\drivers\PTDUWFLT.sys 2010-09-25 14:19:21 -------- d-----w- C:\Program Files\PANTECH 2010-09-24 18:03:25 -------- d-----w- C:\Users\Rob\AppData\Local\Adobe 2010-09-24 05:30:27 -------- d-----w- C:\Windows\pss 2010-09-24 05:07:09 100952 ----a-w- C:\Windows\SysWow64\PTDUWmcp.dll 2010-09-24 05:07:09 100952 ----a-w- C:\Windows\System32\PTDUWmcp.dll 2010-09-24 05:07:08 111704 ----a-w- C:\Windows\SysWow64\PTDUWmcp64.dll 2010-09-24 05:07:08 111704 ----a-w- C:\Windows\System32\PTDUWmcp64.dll 2010-09-23 17:11:00 -------- d-----w- C:\Windows\SysWow64\drivers\avg 2010-09-23 17:01:04 -------- d-----w- C:\Windows\SysWow64\Wat 2010-09-23 17:01:04 -------- d-----w- C:\Windows\System32\Wat 2010-09-23 09:52:58 311808 ----a-w- C:\Windows\System32\msv1_0.dll 2010-09-23 09:52:58 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll 2010-09-23 09:44:13 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll 2010-09-23 09:44:13 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll 2010-09-23 09:44:13 48960 ----a-w- C:\Windows\System32\netfxperf.dll 2010-09-23 09:44:13 444752 ----a-w- C:\Windows\System32\mscoree.dll 2010-09-23 09:44:13 320352 ----a-w- C:\Windows\System32\PresentationHost.exe 2010-09-23 09:44:13 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll 2010-09-23 09:44:13 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe 2010-09-23 09:44:13 1942856 ----a-w- C:\Windows\System32\dfshim.dll 2010-09-23 09:44:13 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll 2010-09-23 09:44:13 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll 2010-09-23 03:08:43 -------- d-----w- C:\Users\Rob\AppData\Roaming\Sisi 2010-09-22 21:29:08 -------- d-----w- C:\Users\Rob\AppData\Roaming\Malwarebytes 2010-09-22 21:28:56 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys 2010-09-22 21:28:54 24664 ----a-w- C:\Windows\System32\drivers\mbam.sys 2010-09-22 21:28:54 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2010-09-22 18:56:57 -------- d-----w- C:\Program Files\Common Files\Intuit 2010-09-22 18:48:19 3833856 ----a-w- C:\Windows\SysWow64\cdintf300.dll 2010-09-22 18:46:13 -------- d-----w- C:\Users\Rob\AppData\Local\Intuit 2010-09-22 18:44:37 -------- d-----w- C:\Program Files (x86)\Common Files\supportsoft 2010-09-22 18:44:09 4194304 ----a-w- C:\Windows\SysWow64\cdintf400.dll 2010-09-22 18:42:13 -------- d-----w- C:\Program Files (x86)\Intuit 2010-09-22 18:42:13 -------- d-----w- C:\Program Files (x86)\Common Files\Intuit 2010-09-22 18:35:48 -------- d-----w- C:\Program Files (x86)\MSXML 4.0 2010-09-22 18:27:26 -------- d-----w- C:\Program Files (x86)\Akamai 2010-09-22 18:19:47 72192 ----a-w- C:\Windows\System32\KemXML.dll 2010-09-22 18:19:47 228864 ----a-w- C:\Windows\System32\kemutb.dll 2010-09-22 18:19:47 218112 ----a-w- C:\Windows\System32\KemUtil.dll 2010-09-22 18:19:47 152064 ----a-w- C:\Windows\System32\KemWnd.dll 2010-09-22 18:19:29 -------- d-----w- C:\Program Files\Common Files\Logitech 2010-09-22 17:49:51 90112 ----a-w- C:\Windows\System32\drivers\ser2rs64.sys 2010-09-22 17:49:49 749568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll 2010-09-22 17:49:49 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll 2010-09-22 17:49:49 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe 2010-09-22 17:49:49 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll 2010-09-22 17:49:49 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll 2010-09-22 17:49:49 192644 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll 2010-09-22 17:49:49 180224 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll 2010-09-22 17:49:48 323716 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll 2010-09-22 17:36:49 861184 ----a-w- C:\Windows\System32\oleaut32.dll 2010-09-22 08:11:12 -------- d-----w- C:\Users\Rob\AppData\Roaming\Kuax 2010-09-22 08:05:45 77878 ----a-w- C:\Windows\SysWow64\temp.001 2010-09-22 08:05:45 37136 ----a-w- C:\Windows\SysWow64\temp.000 2010-09-22 08:05:45 295000 ----a-w- C:\Windows\SysWow64\temp.002 2010-09-22 08:05:45 164864 ----a-w- C:\Windows\SysWow64\UNWISE32.EXE 2010-09-22 08:04:54 -------- d-----w- C:\Program Files (x86)\HyperTerminal 2010-09-21 20:16:15 -------- d-----w- C:\Users\Rob\AppData\Roaming\Intuit 2010-09-21 20:12:06 -------- d-----w- C:\Users\Rob\AppData\Local\Mozilla 2010-09-21 20:10:03 -------- dc----w- C:\Users\Rob\AppData\Local\MigWiz 2010-09-21 19:39:52 -------- d-----w- C:\Users\Rob\AppData\Local\Microsoft Help 2010-09-21 17:41:59 53248 ----a-w- C:\Windows\SysWow64\aticalcl.dll 2010-09-21 17:41:59 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll 2010-09-21 17:41:59 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll 2010-09-21 17:41:59 41984 ----a-w- C:\Windows\System32\aticalcl64.dll 2010-09-21 17:41:59 3264512 ----a-w- C:\Windows\SysWow64\aticaldd.dll 2010-09-21 17:41:59 251904 ----a-w- C:\Windows\System32\atiadlxx.dll 2010-09-21 17:41:59 184320 ----a-w- C:\Windows\SysWow64\atiadlxy.dll 2010-09-21 17:41:59 118784 ----a-w- C:\Windows\System32\atibtmon.exe 2010-09-21 17:41:26 -------- d-----w- C:\Windows\Lan 2010-09-21 17:40:23 431104 ----a-w- C:\Windows\WisMvImg.exe 2010-09-21 17:40:23 159744 ----a-w- C:\Windows\PatchFul.exe 2010-09-21 17:40:22 382976 ----a-w- C:\Windows\WisGAPasx64.exe 2010-09-21 17:40:22 335872 ----a-w- C:\Windows\ParseModule_X64.exe 2010-09-21 17:40:21 322048 ----a-w- C:\Windows\WisGAPas.exe 2010-09-21 17:40:21 225280 ----a-w- C:\Windows\ParseModule_X86.exe 2010-09-21 17:28:51 13048 ----a-w- C:\Windows\System32\avgrssta.dll 2010-09-21 17:28:49 317520 ----a-w- C:\Windows\System32\drivers\avgtdia.sys 2010-09-21 17:28:43 269904 ----a-w- C:\Windows\System32\drivers\avgldx64.sys 2010-09-21 17:28:42 35536 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys 2010-09-21 17:28:41 -------- d-----w- C:\Windows\System32\drivers\Avg 2010-09-21 17:25:22 -------- d-----w- C:\Program Files (x86)\AVG 2010-09-21 17:15:51 -------- d-----w- C:\Users\Rob\AppData\Local\Google 2010-09-21 17:15:08 220672 ----a-w- C:\Windows\System32\wintrust.dll 2010-09-21 17:15:08 172032 ----a-w- C:\Windows\SysWow64\wintrust.dll 2010-09-21 17:15:08 139264 ----a-w- C:\Windows\System32\cabview.dll 2010-09-21 17:15:08 132608 ----a-w- C:\Windows\SysWow64\cabview.dll 2010-09-21 17:12:25 -------- d-----w- C:\Program Files\CONEXANT 2010-09-21 17:12:21 740864 ----a-w- C:\Windows\System32\drivers\CAX_CNXT.sys 2010-09-21 17:12:21 292864 ----a-w- C:\Windows\System32\drivers\CAXHWAZL.sys 2010-09-21 17:12:21 1485824 ----a-w- C:\Windows\System32\drivers\CAX_DPV.sys 2010-09-21 17:12:16 -------- d-----w- C:\Backup 2010-09-21 17:10:25 6982480 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{28E9171E-C317-4AD9-BAC7-000395DEB5F2}\mpengine.dll 2010-09-21 16:57:07 -------- d-----w- C:\Users\Rob\AppData\Local\ATI 2010-09-21 16:56:27 -------- d-----w- C:\Users\Rob\AppData\Local\Power2Go 2010-09-21 16:39:26 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll 2010-09-21 16:39:26 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll 2010-09-21 16:39:02 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2010-09-21 16:38:08 -------- d-----w- C:\Program Files (x86)\Microsoft 2010-09-21 16:37:50 -------- d-----w- C:\Program Files (x86)\Windows Live SkyDrive 2010-09-21 16:36:59 74520 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\3659b0ea1cb59ab\DSETUP.dll 2010-09-21 16:36:59 484632 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\3659b0ea1cb59ab\DXSETUP.exe 2010-09-21 16:36:59 1670936 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\3659b0ea1cb59ab\dsetup32.dll 2010-09-21 16:36:16 140066664 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\wlcE06F.tmp 2010-09-21 16:36:05 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live 2010-09-21 16:35:46 -------- d-----w- C:\Users\Rob\AppData\Local\Packard Bell 2010-09-21 16:35:03 -------- d-----w- C:\Program Files (x86)\Common Files\CyberLink 2010-09-21 16:34:14 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll 2010-09-21 16:31:30 505128 ----a-w- C:\Windows\SysWow64\msvcp71.dll 2010-09-21 16:31:30 353576 ----a-w- C:\Windows\SysWow64\msvcr71.dll 2010-09-21 16:31:30 1066544 ----a-w- C:\Windows\SysWow64\MFC71.dll 2010-09-21 16:31:30 1053232 ----a-w- C:\Windows\SysWow64\MFC71u.dll 2010-09-21 16:29:13 -------- d-----w- C:\Program Files (x86)\Launch Manager 2010-09-21 16:28:40 -------- d-----w- C:\Program Files (x86)\VideoWebCamera 2010-09-21 16:27:59 -------- d-----w- C:\Program Files\Apoint2K 2010-09-21 16:25:07 34872 ----a-w- C:\Windows\System32\drivers\usbfilter.sys 2010-09-21 16:25:06 -------- d-----w- C:\Program Files (x86)\AMD 2010-09-21 16:22:56 -------- d-----w- C:\Program Files\ATI 2010-09-21 16:22:54 -------- d-----w- C:\Program Files (x86)\ATI Technologies 2010-09-21 16:19:12 -------- d-----w- C:\Users\Rob\AppData\Local\VirtualStore ==================== Find3M ==================== 2010-09-08 05:36:17 1192960 ----a-w- C:\Windows\System32\wininet.dll 2010-09-08 05:34:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll 2010-09-08 04:30:04 978432 ----a-w- C:\Windows\SysWow64\wininet.dll 2010-09-08 04:28:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll 2010-09-08 04:16:38 482816 ----a-w- C:\Windows\System32\html.iec 2010-09-08 03:35:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2010-09-08 03:22:31 386048 ----a-w- C:\Windows\SysWow64\html.iec 2010-09-08 02:48:16 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2010-09-01 05:12:09 12625920 ----a-w- C:\Windows\System32\wmploc.DLL 2010-09-01 04:23:49 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL 2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll 2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll 2010-08-27 06:14:02 236032 ----a-w- C:\Windows\System32\srvsvc.dll 2010-08-27 05:46:48 9728 ----a-w- C:\Windows\SysWow64\sscore.dll 2010-08-27 03:38:04 463360 ----a-w- C:\Windows\System32\drivers\srv.sys 2010-08-27 03:37:48 402944 ----a-w- C:\Windows\System32\drivers\srv2.sys 2010-08-27 03:37:26 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys 2010-08-26 05:27:28 148992 ----a-w- C:\Windows\System32\t2embed.dll 2010-08-26 04:39:58 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll 2010-08-21 06:38:47 1024512 ----a-w- C:\Windows\System32\wmpmde.dll 2010-08-21 06:36:49 340992 ----a-w- C:\Windows\System32\schannel.dll 2010-08-21 06:31:06 633856 ----a-w- C:\Windows\System32\comctl32.dll 2010-08-21 06:29:47 558592 ----a-w- C:\Windows\System32\spoolsv.exe 2010-08-21 05:36:33 738816 ----a-w- C:\Windows\SysWow64\wmpmde.dll 2010-08-21 05:36:24 224256 ----a-w- C:\Windows\SysWow64\schannel.dll 2010-08-21 05:33:24 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll 2010-07-29 06:30:34 82944 ----a-w- C:\Windows\SysWow64\iccvid.dll ============= FINISH: 21:44:20.00 =============== Attach.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.