Jump to content

JimPI

Members
 View Profile  See their activity

  • Posts

    4

  • Joined

  • Last visited

Reputation

0 Neutral
  1. JimPI
    I was unable to get the new Java version to install, or to delete the older versions, using your instructions as this computer is on a network and I don't apparently have access to where the older versions are stored. However, I did get Java to update through the Control Panel so I think we're all good there. With the ESET scanner, when it goes to install that ActiveX portion, it says it will be done so for ALL users. My work computer has two log ins, one for me and one for my boss. Will this ActiveX affect ANYTHING on the other log in part of this computer?
  2. JimPI
    My apologies for not replying sooner. The computer we're dealing with is the one at my office and I was out on the road most of the day yesterday. Nikita was, we think, 12 when she died. We got her from the local Humane Society and they estimated she was about 2 years old at the time. Nothing but skin and bones with "brillo pad" fur. Didn't take too long for us to fix all that Ok, as to the computer. There is another symptom I failed to mention. "Something" is cycling the hard drive about once every two seconds. If I open the Task Manager and click on Performance, I can see it spike about every other second, going from like 2% to 40+%, then back down. Log from Combofix: ComboFix 11-06-09.01 - JimCobb 06/09/2011 12:41:41.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.95 [GMT -5:00] Running from: c:\documents and settings\JimCobb\Desktop\ComboFix.exe AV: Sunbelt VIPRE *Disabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C} FW: Sunbelt VIPRE *Enabled* {FF1CD5B7-1553-4625-A258-1775385CED33} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\drvrtmp . . ((((((((((((((((((((((((( Files Created from 2011-05-09 to 2011-06-09 ))))))))))))))))))))))))))))))) . . 2011-06-09 17:31 . 2011-06-09 17:32 -------- d-----w- C:\32788R22FWJFW 2011-06-08 18:58 . 2010-11-02 15:17 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys 2011-06-08 18:54 . 2010-10-11 14:59 45568 ------w- c:\windows\system32\dllcache\wab.exe 2011-06-08 14:22 . 2011-06-08 14:22 -------- d-----w- c:\windows\CD95F661A5C444F5A6AAECDD91C240C2.TMP 2011-06-06 23:51 . 2011-06-06 23:51 -------- d-----w- c:\documents and settings\rhrodey\Local Settings\Application Data\Help 2011-06-06 22:17 . 2011-06-06 22:17 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\Google 2011-06-06 22:13 . 2011-06-06 22:13 -------- d-----w- c:\documents and settings\rhrodey\Local Settings\Application Data\Adobe 2011-06-06 22:09 . 2011-06-06 22:09 -------- d-----w- c:\documents and settings\rhrodey\Local Settings\Application Data\Mozilla 2011-06-06 22:08 . 2011-06-06 22:08 -------- d-----w- c:\program files\Common Files\EPSON 2011-06-06 22:08 . 2001-05-21 06:03 139264 ----a-w- c:\windows\system32\EBAPI2.dll 2011-06-06 22:07 . 2006-10-31 05:10 51360 ----a-w- c:\windows\system32\EpPicPrt.dll 2011-06-06 22:07 . 2006-10-31 05:10 51360 ----a-w- c:\windows\system32\EpPicMgr.dll 2011-06-06 22:07 . 2006-10-20 05:10 80024 ----a-w- c:\windows\system32\PICSDK.dll 2011-06-06 22:07 . 2006-10-20 05:10 501912 ----a-w- c:\windows\system32\PICSDK2.dll 2011-06-06 22:07 . 2006-10-20 05:10 108704 ----a-w- c:\windows\system32\PICEntry.dll 2011-06-06 22:07 . 2011-06-06 22:07 -------- d-----w- c:\documents and settings\rhrodey\Application Data\InstallShield 2011-06-06 22:04 . 2008-04-13 17:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2011-06-06 22:04 . 2008-04-13 17:47 25856 ----a-w- c:\windows\system32\dllcache\usbprint.sys 2011-06-06 22:03 . 2011-06-06 22:03 -------- d-----w- c:\documents and settings\rhrodey\Application Data\Malwarebytes 2011-06-06 21:55 . 2011-06-06 22:05 -------- d-----w- c:\program files\EPSON 2011-06-06 21:55 . 2003-06-27 07:39 75324 ----a-w- c:\windows\system32\EBPMON2.DLL 2011-06-06 21:55 . 2003-05-21 07:27 64000 ----a-w- c:\windows\system32\ECBTEG.DLL 2011-06-06 21:55 . 2000-06-07 06:01 34304 ----a-w- c:\windows\system32\EBPCHP.DLL 2011-06-06 21:55 . 2011-06-06 22:08 -------- d-----w- C:\epson 2011-06-06 21:46 . 2011-06-06 21:46 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-02 20:03 . 2011-06-02 20:03 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll 2011-06-02 20:03 . 2011-06-02 20:03 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll 2011-06-02 20:03 . 2011-06-02 20:03 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll 2011-06-02 20:03 . 2011-06-02 20:03 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll 2011-06-02 20:03 . 2011-06-02 20:03 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll 2011-06-02 20:03 . 2011-06-02 20:03 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll 2011-06-02 20:03 . 2011-06-02 20:03 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll 2011-06-02 20:03 . 2011-06-02 20:03 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll 2011-05-11 21:55 . 2011-05-11 21:55 42832 ----a-w- c:\windows\system32\sbbd.exe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-05-29 14:11 . 2010-11-22 18:10 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-05-29 14:11 . 2010-11-22 18:10 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-11 21:26 . 2010-09-15 08:24 74968 ----a-w- c:\windows\system32\drivers\sbapifs.sys 2011-05-11 21:26 . 2010-09-15 08:24 21592 ----a-w- c:\windows\system32\drivers\sbaphd.sys 2011-04-29 19:15 . 2011-04-29 19:15 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2011-04-05 22:35 . 2010-08-26 17:36 94040 ----a-w- c:\windows\system32\drivers\sbhips.sys 2011-04-05 22:35 . 2010-08-26 17:36 212568 ----a-w- c:\windows\system32\drivers\sbtis.sys 2011-04-05 22:35 . 2010-08-26 17:36 332248 ----a-w- c:\windows\system32\drivers\SbFw.sys 2011-06-02 20:03 . 2011-06-02 20:03 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\documents and settings\JimCobb\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\documents and settings\JimCobb\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\documents and settings\JimCobb\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\documents and settings\JimCobb\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2004-07-19 306688] "PhonePad"="\\Server\data\PhonePad 4.x\PhonePad4.exe" [2010-04-08 11724288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184] "PCMService"="c:\program files\Dell\Media Experience\PCMService.exe" [2004-04-12 290816] "VirtualDrive"="c:\program files\FarStone\VirtualDrive\VDTask.exe" [2002-08-13 86016] "vcdplayx"="c:\windows\vcdplayx.exe" [2002-08-13 57344] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 849280] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-05-29 1047656] "SBAMTray"="c:\program files\Sunbelt Software\VIPRE\SBAMTray.exe" [2011-05-11 1353040] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584] . c:\documents and settings\JimCobb\Start Menu\Programs\Startup\ Dropbox.lnk - c:\documents and settings\JimCobb\Application Data\Dropbox\bin\Dropbox.exe [2011-5-25 24176560] Shrink Pic.lnk - c:\program files\Shrink Pic\shrink_pic.exe [2009-5-4 2528256] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ EPSON Status Monitor 3 Environment Check 2.lnk - c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_SRCV02.EXE [2011-6-6 135680] WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2011-4-15 610120] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBPIMSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableNotifications"= 1 (0x1) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\FarStone\\VirtualDrive\\MGR.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Documents and Settings\\JimCobb\\Application Data\\Dropbox\\bin\\Dropbox.exe"= . R1 cdawdm;CDAWDM;c:\windows\SYSTEM32\DRIVERS\cdawdm.sys [8/13/2002 2:00 AM 57877] R1 sbaphd;sbaphd;c:\windows\SYSTEM32\DRIVERS\sbaphd.sys [9/15/2010 3:24 AM 21592] R1 SbFw;SbFw;c:\windows\SYSTEM32\DRIVERS\SbFw.sys [8/26/2010 12:36 PM 332248] R1 SBRE;SBRE;c:\windows\SYSTEM32\DRIVERS\SBREDrv.sys [4/29/2011 2:15 PM 101720] R1 SbTis;SbTis;c:\windows\SYSTEM32\DRIVERS\sbtis.sys [8/26/2010 12:36 PM 212568] R2 sbapifs;sbapifs;c:\windows\SYSTEM32\DRIVERS\sbapifs.sys [9/15/2010 3:24 AM 74968] R3 MBAMProtector;MBAMProtector;c:\windows\SYSTEM32\DRIVERS\mbam.sys [11/22/2010 1:10 PM 22712] R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\SYSTEM32\DRIVERS\SbFwIm.sys [5/25/2010 2:24 PM 69208] S3 SbHips;sbhips;c:\windows\SYSTEM32\DRIVERS\sbhips.sys [8/26/2010 12:36 PM 94040] . Contents of the 'Scheduled Tasks' folder . 2011-06-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-11 20:01] . 2011-06-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-11 20:01] . 2011-06-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-587681513-438242067-2709701691-1005Core.job - c:\documents and settings\JimCobb\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-12-07 21:06] . 2011-06-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-587681513-438242067-2709701691-1005UA.job - c:\documents and settings\JimCobb\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-12-07 21:06] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/advanced_search?hl=en uInternet Connection Wizard,ShellNext = hxxp://us.mcafee.com/root/campaign.asp?cid=8953&affid=105-25 TCP: DhcpNameServer = 192.168.1.254 FF - ProfilePath - c:\documents and settings\JimCobb\Application Data\Mozilla\Firefox\Profiles\ukr8h593.default\ FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-06-09 12:54 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'explorer.exe'(440) c:\windows\system32\WININET.dll c:\program files\Sunbelt Software\VIPRE\oehook.dll c:\documents and settings\JimCobb\Application Data\Dropbox\bin\DropboxExt.14.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll . Completion time: 2011-06-09 12:59:20 ComboFix-quarantined-files.txt 2011-06-09 17:58 . Pre-Run: 116,903,161,856 bytes free Post-Run: 118,302,679,040 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\windows [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\windows="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - BD7DD693CCBA99A7540765B4459C7098
  3. JimPI
    Thank you for the help, Kenny94. On a side note, I also LOVE huskies! Our Nikita passed away a couple years ago and we've been thinking of rescuing another one. Per instructions, I first ran the TDSSKiller. It did find one infection and cured it. Here is a copy/paste of the txt file from the scan. 2011/06/08 09:23:44.0484 2624 TDSS rootkit removing tool 2.5.4.0 Jun 7 2011 17:31:48 2011/06/08 09:23:44.0796 2624 ================================================================================ 2011/06/08 09:23:44.0796 2624 SystemInfo: 2011/06/08 09:23:44.0796 2624 2011/06/08 09:23:44.0796 2624 OS Version: 5.1.2600 ServicePack: 3.0 2011/06/08 09:23:44.0796 2624 Product type: Workstation 2011/06/08 09:23:44.0796 2624 ComputerName: JIM 2011/06/08 09:23:44.0796 2624 UserName: JimCobb 2011/06/08 09:23:44.0796 2624 Windows directory: C:\windows 2011/06/08 09:23:44.0796 2624 System windows directory: C:\windows 2011/06/08 09:23:44.0796 2624 Processor architecture: Intel x86 2011/06/08 09:23:44.0796 2624 Number of processors: 1 2011/06/08 09:23:44.0796 2624 Page size: 0x1000 2011/06/08 09:23:44.0796 2624 Boot type: Normal boot 2011/06/08 09:23:44.0796 2624 ================================================================================ 2011/06/08 09:23:47.0140 2624 Initialize success 2011/06/08 09:24:04.0234 3764 ================================================================================ 2011/06/08 09:24:04.0234 3764 Scan started 2011/06/08 09:24:04.0234 3764 Mode: Manual; 2011/06/08 09:24:04.0234 3764 ================================================================================ 2011/06/08 09:24:07.0234 3764 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\windows\system32\DRIVERS\ABP480N5.SYS 2011/06/08 09:24:07.0718 3764 ACPI (8fd99680a539792a30e97944fdaecf17) C:\windows\system32\DRIVERS\ACPI.sys 2011/06/08 09:24:08.0140 3764 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\windows\system32\drivers\ACPIEC.sys 2011/06/08 09:24:08.0656 3764 adpu160m (9a11864873da202c996558b2106b0bbc) C:\windows\system32\DRIVERS\adpu160m.sys 2011/06/08 09:24:09.0156 3764 aec (8bed39e3c35d6a489438b8141717a557) C:\windows\system32\drivers\aec.sys 2011/06/08 09:24:09.0625 3764 AFD (7e775010ef291da96ad17ca4b17137d7) C:\windows\System32\drivers\afd.sys 2011/06/08 09:24:09.0843 3764 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\windows\system32\DRIVERS\agp440.sys 2011/06/08 09:24:09.0937 3764 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\windows\system32\DRIVERS\agpCPQ.sys 2011/06/08 09:24:09.0984 3764 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\windows\system32\DRIVERS\aha154x.sys 2011/06/08 09:24:10.0046 3764 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\windows\system32\DRIVERS\aic78u2.sys 2011/06/08 09:24:10.0125 3764 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\windows\system32\DRIVERS\aic78xx.sys 2011/06/08 09:24:10.0187 3764 AliIde (1140ab9938809700b46bb88e46d72a96) C:\windows\system32\DRIVERS\aliide.sys 2011/06/08 09:24:10.0234 3764 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\windows\system32\DRIVERS\alim1541.sys 2011/06/08 09:24:10.0281 3764 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\windows\system32\DRIVERS\amdagp.sys 2011/06/08 09:24:10.0312 3764 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\windows\system32\DRIVERS\amsint.sys 2011/06/08 09:24:10.0390 3764 asc (62d318e9a0c8fc9b780008e724283707) C:\windows\system32\DRIVERS\asc.sys 2011/06/08 09:24:10.0437 3764 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\windows\system32\DRIVERS\asc3350p.sys 2011/06/08 09:24:10.0484 3764 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\windows\system32\DRIVERS\asc3550.sys 2011/06/08 09:24:10.0578 3764 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\windows\system32\DRIVERS\asyncmac.sys 2011/06/08 09:24:10.0625 3764 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\windows\system32\DRIVERS\atapi.sys 2011/06/08 09:24:10.0718 3764 Atmarpc (9916c1225104ba14794209cfa8012159) C:\windows\system32\DRIVERS\atmarpc.sys 2011/06/08 09:24:10.0828 3764 audstub (d9f724aa26c010a217c97606b160ed68) C:\windows\system32\DRIVERS\audstub.sys 2011/06/08 09:24:10.0875 3764 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\windows\system32\drivers\Beep.sys 2011/06/08 09:24:10.0984 3764 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\windows\system32\DRIVERS\cbidf2k.sys 2011/06/08 09:24:11.0031 3764 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\windows\system32\drivers\cbidf2k.sys 2011/06/08 09:24:11.0078 3764 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\windows\system32\DRIVERS\cd20xrnt.sys 2011/06/08 09:24:11.0125 3764 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\windows\system32\drivers\Cdaudio.sys 2011/06/08 09:24:11.0156 3764 cdawdm (37cbaf18ed3659a7ad0d31fac71a0eb5) C:\windows\system32\DRIVERS\CDAWDM.sys 2011/06/08 09:24:11.0203 3764 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\windows\system32\drivers\Cdfs.sys 2011/06/08 09:24:11.0250 3764 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\windows\system32\DRIVERS\cdrom.sys 2011/06/08 09:24:11.0359 3764 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\windows\system32\DRIVERS\cmdide.sys 2011/06/08 09:24:11.0437 3764 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\windows\system32\DRIVERS\cpqarray.sys 2011/06/08 09:24:11.0703 3764 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\windows\system32\DRIVERS\dac2w2k.sys 2011/06/08 09:24:12.0281 3764 dac960nt (683789caa3864eb46125ae86ff677d34) C:\windows\system32\DRIVERS\dac960nt.sys 2011/06/08 09:24:12.0765 3764 Disk (044452051f3e02e7963599fc8f4f3e25) C:\windows\system32\DRIVERS\disk.sys 2011/06/08 09:24:13.0328 3764 dmboot (d992fe1274bde0f84ad826acae022a41) C:\windows\system32\drivers\dmboot.sys 2011/06/08 09:24:14.0218 3764 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\windows\system32\drivers\dmio.sys 2011/06/08 09:24:14.0453 3764 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\windows\system32\drivers\dmload.sys 2011/06/08 09:24:14.0781 3764 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\windows\system32\drivers\DMusic.sys 2011/06/08 09:24:15.0281 3764 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\windows\system32\DRIVERS\dpti2o.sys 2011/06/08 09:24:15.0687 3764 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\windows\system32\drivers\drmkaud.sys 2011/06/08 09:24:15.0843 3764 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\windows\system32\DRIVERS\e100b325.sys 2011/06/08 09:24:15.0968 3764 Fastfat (38d332a6d56af32635675f132548343e) C:\windows\system32\drivers\Fastfat.sys 2011/06/08 09:24:16.0078 3764 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\windows\system32\DRIVERS\fdc.sys 2011/06/08 09:24:16.0109 3764 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\windows\system32\drivers\Fips.sys 2011/06/08 09:24:16.0156 3764 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\windows\system32\DRIVERS\flpydisk.sys 2011/06/08 09:24:16.0203 3764 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\windows\system32\drivers\fltmgr.sys 2011/06/08 09:24:16.0265 3764 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\windows\system32\drivers\Fs_Rec.sys 2011/06/08 09:24:16.0296 3764 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\windows\system32\DRIVERS\ftdisk.sys 2011/06/08 09:24:16.0328 3764 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\windows\system32\DRIVERS\msgpc.sys 2011/06/08 09:24:16.0390 3764 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\windows\system32\DRIVERS\hidusb.sys 2011/06/08 09:24:16.0593 3764 hpn (b028377dea0546a5fcfba928a8aefae0) C:\windows\system32\DRIVERS\hpn.sys 2011/06/08 09:24:16.0687 3764 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\windows\system32\Drivers\HTTP.sys 2011/06/08 09:24:16.0718 3764 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\windows\system32\drivers\i2omgmt.sys 2011/06/08 09:24:16.0734 3764 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\windows\system32\DRIVERS\i2omp.sys 2011/06/08 09:24:16.0812 3764 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\windows\system32\DRIVERS\i8042prt.sys 2011/06/08 09:24:16.0984 3764 ialm (9a883c3c4d91292c0d09de7c728e781c) C:\windows\system32\DRIVERS\ialmnt5.sys 2011/06/08 09:24:17.0171 3764 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\windows\system32\DRIVERS\imapi.sys 2011/06/08 09:24:17.0203 3764 ini910u (4a40e045faee58631fd8d91afc620719) C:\windows\system32\DRIVERS\ini910u.sys 2011/06/08 09:24:17.0312 3764 IntelC51 (7509c548400f4c9e0211e3f6e66abbe6) C:\windows\system32\DRIVERS\IntelC51.sys 2011/06/08 09:24:17.0421 3764 IntelC52 (9584ffdd41d37f2c239681d0dac2513e) C:\windows\system32\DRIVERS\IntelC52.sys 2011/06/08 09:24:17.0484 3764 IntelC53 (cf0b937710cec6ef39416edecd803cbb) C:\windows\system32\DRIVERS\IntelC53.sys 2011/06/08 09:24:17.0531 3764 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\windows\system32\DRIVERS\intelide.sys 2011/06/08 09:24:17.0562 3764 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\windows\system32\DRIVERS\intelppm.sys 2011/06/08 09:24:17.0578 3764 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\windows\system32\drivers\ip6fw.sys 2011/06/08 09:24:17.0625 3764 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\windows\system32\DRIVERS\ipfltdrv.sys 2011/06/08 09:24:17.0656 3764 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\windows\system32\DRIVERS\ipinip.sys 2011/06/08 09:24:17.0703 3764 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\windows\system32\DRIVERS\ipnat.sys 2011/06/08 09:24:17.0750 3764 IPSec (23c74d75e36e7158768dd63d92789a91) C:\windows\system32\DRIVERS\ipsec.sys 2011/06/08 09:24:17.0781 3764 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\windows\system32\DRIVERS\irenum.sys 2011/06/08 09:24:17.0812 3764 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\windows\system32\DRIVERS\isapnp.sys 2011/06/08 09:24:17.0843 3764 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\windows\system32\DRIVERS\kbdclass.sys 2011/06/08 09:24:17.0890 3764 kmixer (692bcf44383d056aed41b045a323d378) C:\windows\system32\drivers\kmixer.sys 2011/06/08 09:24:17.0921 3764 KSecDD (b467646c54cc746128904e1654c750c1) C:\windows\system32\drivers\KSecDD.sys 2011/06/08 09:24:18.0015 3764 MBAMProtector (3d2c13377763eeac0ca6fb46f57217ed) C:\windows\system32\drivers\mbam.sys 2011/06/08 09:24:18.0093 3764 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\windows\system32\drivers\mnmdd.sys 2011/06/08 09:24:18.0140 3764 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\windows\system32\drivers\Modem.sys 2011/06/08 09:24:18.0171 3764 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\windows\system32\drivers\MODEMCSA.sys 2011/06/08 09:24:18.0203 3764 mohfilt (59b8b11ff70728eec60e72131c58b716) C:\windows\system32\DRIVERS\mohfilt.sys 2011/06/08 09:24:18.0250 3764 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\windows\system32\DRIVERS\mouclass.sys 2011/06/08 09:24:18.0296 3764 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\windows\system32\DRIVERS\mouhid.sys 2011/06/08 09:24:18.0328 3764 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\windows\system32\drivers\MountMgr.sys 2011/06/08 09:24:18.0359 3764 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\windows\system32\DRIVERS\mraid35x.sys 2011/06/08 09:24:18.0406 3764 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\windows\system32\DRIVERS\mrxdav.sys 2011/06/08 09:24:18.0484 3764 MRxSmb (f3aefb11abc521122b67095044169e98) C:\windows\system32\DRIVERS\mrxsmb.sys 2011/06/08 09:24:18.0578 3764 Msfs (c941ea2454ba8350021d774daf0f1027) C:\windows\system32\drivers\Msfs.sys 2011/06/08 09:24:18.0609 3764 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\windows\system32\drivers\MSKSSRV.sys 2011/06/08 09:24:18.0656 3764 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\windows\system32\drivers\MSPCLOCK.sys 2011/06/08 09:24:18.0687 3764 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\windows\system32\drivers\MSPQM.sys 2011/06/08 09:24:18.0718 3764 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\windows\system32\DRIVERS\mssmbios.sys 2011/06/08 09:24:18.0734 3764 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\windows\system32\drivers\Mup.sys 2011/06/08 09:24:18.0781 3764 NDIS (1df7f42665c94b825322fae71721130d) C:\windows\system32\drivers\NDIS.sys 2011/06/08 09:24:18.0812 3764 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\windows\system32\DRIVERS\ndistapi.sys 2011/06/08 09:24:18.0843 3764 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\windows\system32\DRIVERS\ndisuio.sys 2011/06/08 09:24:18.0890 3764 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\windows\system32\DRIVERS\ndiswan.sys 2011/06/08 09:24:18.0921 3764 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\windows\system32\drivers\NDProxy.sys 2011/06/08 09:24:18.0953 3764 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\windows\system32\DRIVERS\netbios.sys 2011/06/08 09:24:18.0984 3764 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\windows\system32\DRIVERS\netbt.sys 2011/06/08 09:24:19.0062 3764 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\windows\system32\drivers\Npfs.sys 2011/06/08 09:24:19.0140 3764 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\windows\system32\drivers\Ntfs.sys 2011/06/08 09:24:19.0281 3764 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\windows\system32\DRIVERS\NuidFltr.sys 2011/06/08 09:24:19.0343 3764 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\windows\system32\drivers\Null.sys 2011/06/08 09:24:19.0453 3764 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\windows\system32\DRIVERS\nv4_mini.sys 2011/06/08 09:24:19.0546 3764 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\windows\system32\DRIVERS\nwlnkflt.sys 2011/06/08 09:24:19.0578 3764 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\windows\system32\DRIVERS\nwlnkfwd.sys 2011/06/08 09:24:19.0656 3764 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\windows\system32\DRIVERS\parport.sys 2011/06/08 09:24:19.0703 3764 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\windows\system32\drivers\PartMgr.sys 2011/06/08 09:24:19.0750 3764 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\windows\system32\drivers\ParVdm.sys 2011/06/08 09:24:19.0781 3764 PCI (a219903ccf74233761d92bef471a07b1) C:\windows\system32\DRIVERS\pci.sys 2011/06/08 09:24:19.0828 3764 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\windows\system32\DRIVERS\pciide.sys 2011/06/08 09:24:19.0859 3764 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\windows\system32\drivers\Pcmcia.sys 2011/06/08 09:24:20.0000 3764 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\windows\system32\DRIVERS\perc2.sys 2011/06/08 09:24:20.0015 3764 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\windows\system32\DRIVERS\perc2hib.sys 2011/06/08 09:24:20.0140 3764 Point32 (dcdf0421a1c14f2923e298a30fd7636d) C:\windows\system32\DRIVERS\point32.sys 2011/06/08 09:24:20.0171 3764 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\windows\system32\DRIVERS\raspptp.sys 2011/06/08 09:24:20.0203 3764 PSched (09298ec810b07e5d582cb3a3f9255424) C:\windows\system32\DRIVERS\psched.sys 2011/06/08 09:24:20.0234 3764 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\windows\system32\DRIVERS\ptilink.sys 2011/06/08 09:24:20.0281 3764 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\windows\system32\DRIVERS\ql1080.sys 2011/06/08 09:24:20.0312 3764 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\windows\system32\DRIVERS\ql10wnt.sys 2011/06/08 09:24:20.0328 3764 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\windows\system32\DRIVERS\ql12160.sys 2011/06/08 09:24:20.0359 3764 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\windows\system32\DRIVERS\ql1240.sys 2011/06/08 09:24:20.0390 3764 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\windows\system32\DRIVERS\ql1280.sys 2011/06/08 09:24:20.0421 3764 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\windows\system32\DRIVERS\rasacd.sys 2011/06/08 09:24:20.0453 3764 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\windows\system32\DRIVERS\rasl2tp.sys 2011/06/08 09:24:20.0468 3764 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\windows\system32\DRIVERS\raspppoe.sys 2011/06/08 09:24:20.0500 3764 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\windows\system32\DRIVERS\raspti.sys 2011/06/08 09:24:20.0609 3764 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\windows\system32\DRIVERS\rdbss.sys 2011/06/08 09:24:20.0671 3764 RDPCDD (4912d5b403614ce99c28420f75353332) C:\windows\system32\DRIVERS\RDPCDD.sys 2011/06/08 09:24:20.0718 3764 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\windows\system32\DRIVERS\rdpdr.sys 2011/06/08 09:24:20.0765 3764 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\windows\system32\drivers\RDPWD.sys 2011/06/08 09:24:20.0828 3764 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\windows\system32\DRIVERS\redbook.sys 2011/06/08 09:24:20.0937 3764 sbaphd (65a36563c0207824c8240662043c5304) C:\windows\system32\drivers\sbaphd.sys 2011/06/08 09:24:21.0031 3764 sbapifs (3d6ba67c758735918e323d4d6f64449a) C:\windows\system32\drivers\sbapifs.sys 2011/06/08 09:24:21.0109 3764 SbFw (eb4a2b5faa3decd33ed682a5569e287f) C:\windows\system32\drivers\SbFw.sys 2011/06/08 09:24:21.0234 3764 SBFWIMCL (f27b38d70b7621378161d6f48be04d2c) C:\windows\system32\DRIVERS\sbfwim.sys 2011/06/08 09:24:21.0328 3764 SbHips (53e5e7dc26bb920b97f258bbd52abfdc) C:\windows\system32\drivers\sbhips.sys 2011/06/08 09:24:21.0390 3764 SBRE (0505da5d357f18a5d42fc5dede6bc9a0) C:\windows\system32\drivers\SBREDrv.sys 2011/06/08 09:24:21.0468 3764 SbTis (44062a740434b7c3946096d615aaa91c) C:\windows\system32\drivers\sbtis.sys 2011/06/08 09:24:21.0578 3764 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\DRIVERS\secdrv.sys 2011/06/08 09:24:21.0687 3764 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\windows\system32\drivers\senfilt.sys 2011/06/08 09:24:21.0765 3764 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\windows\system32\DRIVERS\serenum.sys 2011/06/08 09:24:21.0796 3764 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\windows\system32\DRIVERS\serial.sys 2011/06/08 09:24:21.0828 3764 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\windows\system32\drivers\Sfloppy.sys 2011/06/08 09:24:21.0906 3764 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\windows\system32\DRIVERS\sisagp.sys 2011/06/08 09:24:21.0937 3764 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\windows\system32\drivers\smwdm.sys 2011/06/08 09:24:21.0984 3764 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\windows\system32\DRIVERS\sparrow.sys 2011/06/08 09:24:22.0000 3764 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\windows\system32\drivers\splitter.sys 2011/06/08 09:24:22.0031 3764 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\windows\system32\DRIVERS\sr.sys 2011/06/08 09:24:22.0109 3764 Srv (0f6aefad3641a657e18081f52d0c15af) C:\windows\system32\DRIVERS\srv.sys 2011/06/08 09:24:22.0218 3764 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\windows\system32\DRIVERS\swenum.sys 2011/06/08 09:24:22.0250 3764 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\windows\system32\drivers\swmidi.sys 2011/06/08 09:24:22.0343 3764 symc810 (1ff3217614018630d0a6758630fc698c) C:\windows\system32\DRIVERS\symc810.sys 2011/06/08 09:24:22.0406 3764 symc8xx (070e001d95cf725186ef8b20335f933c) C:\windows\system32\DRIVERS\symc8xx.sys 2011/06/08 09:24:22.0453 3764 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\windows\system32\DRIVERS\sym_hi.sys 2011/06/08 09:24:22.0484 3764 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\windows\system32\DRIVERS\sym_u3.sys 2011/06/08 09:24:22.0500 3764 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\windows\system32\drivers\sysaudio.sys 2011/06/08 09:24:22.0546 3764 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\windows\system32\DRIVERS\tcpip.sys 2011/06/08 09:24:22.0625 3764 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\windows\system32\drivers\TDPIPE.sys 2011/06/08 09:24:22.0671 3764 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\windows\system32\drivers\TDTCP.sys 2011/06/08 09:24:22.0718 3764 TermDD (88155247177638048422893737429d9e) C:\windows\system32\DRIVERS\termdd.sys 2011/06/08 09:24:22.0750 3764 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\windows\system32\DRIVERS\toside.sys 2011/06/08 09:24:22.0796 3764 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\windows\system32\drivers\Udfs.sys 2011/06/08 09:24:22.0843 3764 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\windows\system32\DRIVERS\ultra.sys 2011/06/08 09:24:22.0890 3764 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\windows\system32\DRIVERS\update.sys 2011/06/08 09:24:23.0250 3764 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\windows\system32\DRIVERS\usbehci.sys 2011/06/08 09:24:23.0281 3764 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\windows\system32\DRIVERS\usbhub.sys 2011/06/08 09:24:23.0328 3764 usbprint (a717c8721046828520c9edf31288fc00) C:\windows\system32\DRIVERS\usbprint.sys 2011/06/08 09:24:23.0421 3764 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\windows\system32\DRIVERS\USBSTOR.SYS 2011/06/08 09:24:23.0453 3764 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\windows\system32\DRIVERS\usbuhci.sys 2011/06/08 09:24:23.0468 3764 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\windows\System32\drivers\vga.sys 2011/06/08 09:24:23.0515 3764 viaagp (754292ce5848b3738281b4f3607eaef4) C:\windows\system32\DRIVERS\viaagp.sys 2011/06/08 09:24:23.0546 3764 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\windows\system32\DRIVERS\viaide.sys 2011/06/08 09:24:23.0562 3764 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\windows\system32\drivers\VolSnap.sys 2011/06/08 09:24:23.0640 3764 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\windows\system32\DRIVERS\wanarp.sys 2011/06/08 09:24:23.0718 3764 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\windows\system32\DRIVERS\Wdf01000.sys 2011/06/08 09:24:23.0796 3764 wdmaud (6768acf64b18196494413695f0c3a00f) C:\windows\system32\drivers\wdmaud.sys 2011/06/08 09:24:23.0843 3764 MBR (0x1B8) (9915cfa1050333c1a2f2259992638bb1) \Device\Harddisk0\DR0 2011/06/08 09:24:23.0843 3764 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0) 2011/06/08 09:24:23.0843 3764 ================================================================================ 2011/06/08 09:24:23.0843 3764 Scan finished 2011/06/08 09:24:23.0843 3764 ================================================================================ 2011/06/08 09:24:23.0843 2472 Detected object count: 1 2011/06/08 09:24:23.0843 2472 Actual detected object count: 1 2011/06/08 09:24:44.0203 2472 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot 2011/06/08 09:24:44.0203 2472 \Device\Harddisk0\DR0 - ok 2011/06/08 09:24:44.0203 2472 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure 2011/06/08 09:25:16.0390 4064 Deinitialize success I then ran the DDS. Here are the two txt files. . DDS (Ver_2011-06-03.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20 Run by JimCobb at 9:36:17 on 2011-06-08 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.71 [GMT -5:00] . AV: Sunbelt VIPRE *Enabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C} FW: Sunbelt VIPRE *Enabled* . ============== Running Processes =============== . C:\windows\system32\svchost -k DcomLaunch svchost.exe C:\windows\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\windows\system32\spoolsv.exe C:\windows\Explorer.EXE svchost.exe C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe C:\Program Files\Sunbelt Software\VIPRE\SBPIMSvc.exe C:\windows\system32\wuauclt.exe C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe C:\Program Files\Dell\Media Experience\PCMService.exe C:\Program Files\FarStone\VirtualDrive\VDTask.exe C:\WINDOWS\vcdplayx.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Dell Support\DSAgnt.exe C:\windows\system32\ctfmon.exe \\Server\data\PhonePad 4.x\PhonePad4.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Documents and Settings\JimCobb\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\Shrink Pic\shrink_pic.exe C:\windows\system32\wuauclt.exe C:\windows\system32\taskmgr.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\Documents and Settings\JimCobb\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\JimCobb\Local Settings\Application Data\Google\Chrome\Application\chrome.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/advanced_search?hl=en uDefault_Page_URL = hxxp://www.dell4me.com/mywaybiz uSearch Bar = hxxp://bfc.myway.com/search/de_srchlft.html uInternet Connection Wizard,ShellNext = hxxp://us.mcafee.com/root/campaign.asp?cid=8953&affid=105-25 mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: {BA52B914-B692-46c4-B683-905236F6F655} - No File uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [PhonePad] \\Server\data\PhonePad 4.x\PhonePad4.exe uRun: [Google Update] "c:\documents and settings\jimcobb\local settings\application data\google\update\GoogleUpdate.exe" /c mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [intelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe mRun: [PCMService] "c:\program files\dell\media experience\PCMService.exe" mRun: [VirtualDrive] "c:\program files\farstone\virtualdrive\VDTask.exe" /AutoRestore mRun: [vcdplayx] "c:\windows\vcdplayx.exe" mRun: [igfxtray] c:\windows\system32\igfxtray.exe mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe mRun: [igfxpers] c:\windows\system32\igfxpers.exe mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe" mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [sBAMTray] "c:\program files\sunbelt software\vipre\SBAMTray.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray StartupFolder: c:\docume~1\jimcobb\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\jimcobb\application data\dropbox\bin\Dropbox.exe StartupFolder: c:\docume~1\jimcobb\startm~1\programs\startup\shrink~1.lnk - c:\program files\shrink pic\shrink_pic.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\epsons~1.lnk - c:\windows\system32\spool\drivers\w32x86\3\E_SRCV02.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE IE: {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204 DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,84/mcinsctl.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_06-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab TCP: DhcpNameServer = 192.168.1.254 TCP: Interfaces\{86182866-AE6A-4EF5-B8E0-B4889FBD0BDE} : DhcpNameServer = 192.168.1.254 Notify: igfxcui - igfxdev.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\jimcobb\application data\mozilla\firefox\profiles\ukr8h593.default\ FF - plugin: c:\documents and settings\jimcobb\local settings\application data\google\update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . ============= SERVICES / DRIVERS =============== . R1 cdawdm;CDAWDM;c:\windows\system32\drivers\cdawdm.sys [2002-8-13 57877] R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [2010-9-15 21592] R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2010-8-26 332248] R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2011-4-29 101720] R1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [2010-8-26 212568] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-11-22 366640] R2 SBAMSvc;VIPRE Antivirus Premium;c:\program files\sunbelt software\vipre\SBAMSvc.exe [2011-5-11 2804280] R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2010-9-15 74968] R2 SBPIMSvc;SB Recovery Service;c:\program files\sunbelt software\vipre\SBPIMSvc.exe [2011-5-11 181584] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-11-22 22712] R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2010-5-25 69208] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-8-11 136176] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-8-11 136176] S3 SbHips;sbhips;c:\windows\system32\drivers\sbhips.sys [2010-8-26 94040] . =============== Created Last 30 ================ . 2011-06-08 14:22:24 -------- d-----w- c:\windows\CD95F661A5C444F5A6AAECDD91C240C2.TMP 2011-06-06 22:08:23 139264 ----a-w- c:\windows\system32\EBAPI2.dll 2011-06-06 22:08:23 -------- d-----w- c:\program files\common files\EPSON 2011-06-06 22:07:59 80024 ----a-w- c:\windows\system32\PICSDK.dll 2011-06-06 22:07:59 51360 ----a-w- c:\windows\system32\EpPicPrt.dll 2011-06-06 22:07:59 51360 ----a-w- c:\windows\system32\EpPicMgr.dll 2011-06-06 22:07:59 501912 ----a-w- c:\windows\system32\PICSDK2.dll 2011-06-06 22:07:59 108704 ----a-w- c:\windows\system32\PICEntry.dll 2011-06-06 22:04:11 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2011-06-06 22:04:11 25856 ----a-w- c:\windows\system32\dllcache\usbprint.sys 2011-06-06 21:55:26 75324 ----a-w- c:\windows\system32\EBPMON2.DLL 2011-06-06 21:55:26 64000 ----a-w- c:\windows\system32\ECBTEG.DLL 2011-06-06 21:55:26 34304 ----a-w- c:\windows\system32\EBPCHP.DLL 2011-06-06 21:55:26 -------- d-----w- c:\program files\EPSON 2011-06-06 21:55:04 -------- d-----w- C:\epson 2011-06-06 21:46:20 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-02 20:03:02 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll 2011-06-02 20:03:02 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll 2011-06-02 20:03:01 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll 2011-06-02 20:03:01 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll 2011-06-02 20:03:01 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll 2011-06-02 20:03:01 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll 2011-06-02 20:03:01 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2011-06-02 20:03:00 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll 2011-05-11 21:55:16 42832 ----a-w- c:\windows\system32\sbbd.exe . ==================== Find3M ==================== . 2011-05-29 14:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-05-29 14:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-11 21:26:04 74968 ----a-w- c:\windows\system32\drivers\sbapifs.sys 2011-05-11 21:26:04 21592 ----a-w- c:\windows\system32\drivers\sbaphd.sys 2011-04-29 19:15:42 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2011-04-05 22:35:20 94040 ----a-w- c:\windows\system32\drivers\sbhips.sys 2011-04-05 22:35:20 332248 ----a-w- c:\windows\system32\drivers\SbFw.sys 2011-04-05 22:35:20 212568 ----a-w- c:\windows\system32\drivers\sbtis.sys . ============= FINISH: 9:38:17.50 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-06-03.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 12/3/2004 3:52:45 PM System Uptime: 6/8/2011 9:26:50 AM (0 hours ago) . Motherboard: Dell Computer Corp. | | 0N6381 Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/533mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 149 GiB total, 110.285 GiB free. D: is CDROM () E: is Removable F: is Removable G: is Removable H: is Removable V: is CDROM () W: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP620: 11/25/2010 3:00:14 AM - Software Distribution Service 3.0 RP621: 11/26/2010 3:00:19 AM - Software Distribution Service 3.0 RP622: 11/27/2010 3:00:20 AM - Software Distribution Service 3.0 RP623: 11/28/2010 3:00:16 AM - Software Distribution Service 3.0 RP624: 11/29/2010 3:00:15 AM - Software Distribution Service 3.0 RP625: 11/30/2010 3:00:19 AM - Software Distribution Service 3.0 RP626: 11/30/2010 3:18:18 PM - Installed Microsoft Office Excel Viewer RP627: 12/1/2010 3:00:20 AM - Software Distribution Service 3.0 RP628: 12/2/2010 3:00:28 AM - Software Distribution Service 3.0 RP629: 12/3/2010 3:00:20 AM - Software Distribution Service 3.0 RP630: 12/4/2010 3:00:23 AM - Software Distribution Service 3.0 RP631: 12/5/2010 3:00:22 AM - Software Distribution Service 3.0 RP632: 12/6/2010 3:00:22 AM - Software Distribution Service 3.0 RP633: 12/7/2010 3:00:23 AM - Software Distribution Service 3.0 RP634: 12/8/2010 3:00:23 AM - Software Distribution Service 3.0 RP635: 12/9/2010 3:00:20 AM - Software Distribution Service 3.0 RP636: 12/10/2010 3:00:23 AM - Software Distribution Service 3.0 RP637: 12/11/2010 3:00:19 AM - Software Distribution Service 3.0 RP638: 12/12/2010 3:00:22 AM - Software Distribution Service 3.0 RP639: 12/13/2010 3:00:20 AM - Software Distribution Service 3.0 RP640: 12/14/2010 3:00:30 AM - Software Distribution Service 3.0 RP641: 12/15/2010 3:00:26 AM - Software Distribution Service 3.0 RP642: 12/16/2010 3:00:21 AM - Software Distribution Service 3.0 RP643: 12/17/2010 3:00:18 AM - Software Distribution Service 3.0 RP644: 12/18/2010 3:00:20 AM - Software Distribution Service 3.0 RP645: 12/19/2010 3:00:19 AM - Software Distribution Service 3.0 RP646: 12/20/2010 3:00:23 AM - Software Distribution Service 3.0 RP647: 12/21/2010 3:00:18 AM - Software Distribution Service 3.0 RP648: 12/22/2010 3:00:22 AM - Software Distribution Service 3.0 RP649: 12/23/2010 3:00:26 AM - Software Distribution Service 3.0 RP650: 12/24/2010 3:00:27 AM - Software Distribution Service 3.0 RP651: 12/25/2010 3:00:23 AM - Software Distribution Service 3.0 RP652: 12/26/2010 3:00:24 AM - Software Distribution Service 3.0 RP653: 12/27/2010 3:00:19 AM - Software Distribution Service 3.0 RP654: 12/28/2010 3:00:20 AM - Software Distribution Service 3.0 RP655: 12/29/2010 3:00:19 AM - Software Distribution Service 3.0 RP656: 12/30/2010 3:00:21 AM - Software Distribution Service 3.0 RP657: 12/31/2010 3:00:21 AM - Software Distribution Service 3.0 RP658: 1/1/2011 3:00:23 AM - Software Distribution Service 3.0 RP659: 1/2/2011 3:00:23 AM - Software Distribution Service 3.0 RP660: 1/3/2011 3:00:24 AM - Software Distribution Service 3.0 RP661: 1/4/2011 3:00:20 AM - Software Distribution Service 3.0 RP662: 1/5/2011 3:00:18 AM - Software Distribution Service 3.0 RP663: 1/6/2011 3:00:18 AM - Software Distribution Service 3.0 RP664: 1/7/2011 3:00:20 AM - Software Distribution Service 3.0 RP665: 1/8/2011 3:00:20 AM - Software Distribution Service 3.0 RP666: 1/9/2011 3:00:21 AM - Software Distribution Service 3.0 RP667: 1/10/2011 3:00:18 AM - Software Distribution Service 3.0 RP668: 1/11/2011 3:00:20 AM - Software Distribution Service 3.0 RP669: 1/12/2011 3:00:22 AM - Software Distribution Service 3.0 RP670: 1/13/2011 3:00:23 AM - Software Distribution Service 3.0 RP671: 1/14/2011 3:00:22 AM - Software Distribution Service 3.0 RP672: 1/15/2011 3:00:18 AM - Software Distribution Service 3.0 RP673: 1/16/2011 3:00:19 AM - Software Distribution Service 3.0 RP674: 1/17/2011 3:00:19 AM - Software Distribution Service 3.0 RP675: 1/18/2011 3:00:17 AM - Software Distribution Service 3.0 RP676: 1/19/2011 7:06:11 AM - System Checkpoint RP677: 1/20/2011 3:00:21 AM - Software Distribution Service 3.0 RP678: 1/21/2011 3:00:19 AM - Software Distribution Service 3.0 RP679: 1/22/2011 3:00:25 AM - Software Distribution Service 3.0 RP680: 1/23/2011 3:00:21 AM - Software Distribution Service 3.0 RP681: 1/24/2011 3:00:22 AM - Software Distribution Service 3.0 RP682: 1/25/2011 3:00:21 AM - Software Distribution Service 3.0 RP683: 1/26/2011 3:00:22 AM - Software Distribution Service 3.0 RP684: 1/27/2011 3:00:22 AM - Software Distribution Service 3.0 RP685: 1/27/2011 4:01:28 PM - Installed Kaspersky Anti-Virus 2011. RP686: 1/28/2011 3:00:23 AM - Software Distribution Service 3.0 RP687: 1/29/2011 3:00:23 AM - Software Distribution Service 3.0 RP688: 1/30/2011 3:00:24 AM - Software Distribution Service 3.0 RP689: 1/31/2011 3:00:24 AM - Software Distribution Service 3.0 RP690: 2/1/2011 3:00:19 AM - Software Distribution Service 3.0 RP691: 2/2/2011 3:00:24 AM - Software Distribution Service 3.0 RP692: 2/3/2011 3:00:23 AM - Software Distribution Service 3.0 RP693: 2/4/2011 3:00:22 AM - Software Distribution Service 3.0 RP694: 2/7/2011 8:49:38 AM - Software Distribution Service 3.0 RP695: 2/8/2011 3:00:21 AM - Software Distribution Service 3.0 RP696: 2/9/2011 3:00:24 AM - Software Distribution Service 3.0 RP697: 2/10/2011 3:00:19 AM - Software Distribution Service 3.0 RP698: 2/11/2011 3:00:26 AM - Software Distribution Service 3.0 RP699: 2/12/2011 3:00:25 AM - Software Distribution Service 3.0 RP700: 2/13/2011 3:00:23 AM - Software Distribution Service 3.0 RP701: 2/14/2011 3:00:23 AM - Software Distribution Service 3.0 RP702: 2/15/2011 3:00:23 AM - Software Distribution Service 3.0 RP703: 2/16/2011 3:00:20 AM - Software Distribution Service 3.0 RP704: 2/17/2011 3:00:23 AM - Software Distribution Service 3.0 RP705: 2/18/2011 3:00:21 AM - Software Distribution Service 3.0 RP706: 2/19/2011 3:00:23 AM - Software Distribution Service 3.0 RP707: 2/20/2011 3:00:20 AM - Software Distribution Service 3.0 RP708: 2/21/2011 3:00:20 AM - Software Distribution Service 3.0 RP709: 2/22/2011 3:00:24 AM - Software Distribution Service 3.0 RP710: 2/23/2011 3:00:23 AM - Software Distribution Service 3.0 RP711: 2/24/2011 3:00:22 AM - Software Distribution Service 3.0 RP712: 2/25/2011 3:00:24 AM - Software Distribution Service 3.0 RP713: 2/26/2011 3:00:23 AM - Software Distribution Service 3.0 RP714: 2/27/2011 3:00:23 AM - Software Distribution Service 3.0 RP715: 2/28/2011 3:00:24 AM - Software Distribution Service 3.0 RP716: 3/1/2011 3:00:25 AM - Software Distribution Service 3.0 RP717: 3/2/2011 3:00:24 AM - Software Distribution Service 3.0 RP718: 3/3/2011 3:00:24 AM - Software Distribution Service 3.0 RP719: 3/3/2011 9:06:21 AM - Installed WinZip 15.0 RP720: 3/4/2011 3:00:24 AM - Software Distribution Service 3.0 RP721: 3/5/2011 3:00:23 AM - Software Distribution Service 3.0 RP722: 3/6/2011 3:00:22 AM - Software Distribution Service 3.0 RP723: 3/7/2011 3:00:23 AM - Software Distribution Service 3.0 RP724: 3/8/2011 3:00:22 AM - Software Distribution Service 3.0 RP725: 3/9/2011 3:00:25 AM - Software Distribution Service 3.0 RP726: 3/10/2011 3:00:20 AM - Software Distribution Service 3.0 RP727: 3/11/2011 3:00:19 AM - Software Distribution Service 3.0 RP728: 3/12/2011 3:00:25 AM - Software Distribution Service 3.0 RP729: 3/13/2011 4:38:48 AM - System Checkpoint RP730: 3/14/2011 3:00:22 AM - Software Distribution Service 3.0 RP731: 3/15/2011 3:00:24 AM - Software Distribution Service 3.0 RP732: 3/16/2011 3:00:24 AM - Software Distribution Service 3.0 RP733: 3/17/2011 3:00:24 AM - Software Distribution Service 3.0 RP734: 3/18/2011 3:00:19 AM - Software Distribution Service 3.0 RP735: 3/19/2011 3:00:20 AM - Software Distribution Service 3.0 RP736: 3/20/2011 3:00:21 AM - Software Distribution Service 3.0 RP737: 3/21/2011 3:00:21 AM - Software Distribution Service 3.0 RP738: 3/22/2011 3:00:19 AM - Software Distribution Service 3.0 RP739: 3/23/2011 3:00:20 AM - Software Distribution Service 3.0 RP740: 3/24/2011 3:00:21 AM - Software Distribution Service 3.0 RP741: 3/25/2011 3:00:20 AM - Software Distribution Service 3.0 RP742: 3/26/2011 3:00:20 AM - Software Distribution Service 3.0 RP743: 3/27/2011 3:00:20 AM - Software Distribution Service 3.0 RP744: 3/28/2011 3:00:21 AM - Software Distribution Service 3.0 RP745: 3/29/2011 3:00:21 AM - Software Distribution Service 3.0 RP746: 3/30/2011 3:00:20 AM - Software Distribution Service 3.0 RP747: 3/31/2011 3:00:15 AM - Software Distribution Service 3.0 RP748: 4/1/2011 3:00:21 AM - Software Distribution Service 3.0 RP749: 4/2/2011 3:00:21 AM - Software Distribution Service 3.0 RP750: 4/3/2011 3:00:22 AM - Software Distribution Service 3.0 RP751: 4/4/2011 3:00:22 AM - Software Distribution Service 3.0 RP752: 4/5/2011 3:00:21 AM - Software Distribution Service 3.0 RP753: 4/6/2011 3:00:20 AM - Software Distribution Service 3.0 RP754: 4/7/2011 3:00:22 AM - Software Distribution Service 3.0 RP755: 4/8/2011 3:00:22 AM - Software Distribution Service 3.0 RP756: 4/9/2011 3:00:21 AM - Software Distribution Service 3.0 RP757: 4/10/2011 3:00:23 AM - Software Distribution Service 3.0 RP758: 4/11/2011 3:00:23 AM - Software Distribution Service 3.0 RP759: 4/12/2011 3:38:48 AM - System Checkpoint RP760: 4/13/2011 4:38:47 AM - System Checkpoint RP761: 4/14/2011 4:38:48 AM - System Checkpoint RP762: 4/15/2011 3:16:57 PM - Software Distribution Service 3.0 RP763: 5/9/2011 8:35:16 AM - Software Distribution Service 3.0 RP764: 5/11/2011 9:32:38 AM - Software Distribution Service 3.0 RP765: 5/24/2011 8:26:03 AM - Software Distribution Service 3.0 RP766: 5/25/2011 8:47:06 AM - Software Distribution Service 3.0 RP767: 6/6/2011 4:46:38 PM - Software Distribution Service 3.0 RP768: 6/6/2011 4:48:52 PM - Removed VIPRE Antivirus Premium. RP769: 6/6/2011 4:49:48 PM - Installed VIPRE Antivirus Premium. RP770: 6/6/2011 6:43:29 PM - Software Distribution Service 3.0 RP771: 6/7/2011 3:00:14 AM - Software Distribution Service 3.0 RP772: 6/7/2011 9:50:03 AM - Configured GFI LANguard 9.0 RP773: 6/8/2011 3:00:15 AM - Software Distribution Service 3.0 . ==== Installed Programs ====================== . Adobe Flash Player 10 Plugin Adobe Reader 9.4.4 AVI MPEG WMV RM to MP3 Converter 1.8.4 Classic PhoneTools Compatibility Pack for the 2007 Office system Dell Driver Reset Tool Dell Media Experience Dell Support 5.0.0 (630) Dell System Restore DiscWizard for Windows Download Updater (AOL LLC) Dropbox EPSON Printer Software G5a922EN Google Chrome Google Earth Plug-in Google Update Helper Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) Intel® 537EP V9x DFV PCI Modem Intel® Extreme Graphics 2 Driver Intel® PRO Network Adapters and Drivers Intel® PROSet for Wired Connections Internet Explorer Default Page J2SE Runtime Environment 5.0 Update 5 Java 2 Runtime Environment, SE v1.4.2_03 Java 2 Runtime Environment, SE v1.4.2_06 Java Auto Updater Java 6 Update 20 Malwarebytes' Anti-Malware version 1.51.0.1200 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB953297) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft IntelliPoint 6.1 Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Microsoft Office Excel Viewer Microsoft Office Word Viewer 2003 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Modem Event Monitor Modem Helper Mozilla Firefox 4.0.1 (x86 en-US) Mozilla Thunderbird (3.1.10) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Sam Spade version 1.14 Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Security Update for Step By Step Interactive Training (KB898458) Security Update for Step By Step Interactive Training (KB923723) Security Update for Windows Internet Explorer 8 (KB2183461) Security Update for Windows Internet Explorer 8 (KB2360131) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB976325) Security Update for Windows Internet Explorer 8 (KB978207) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371-v2) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB976325) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) Shrink Pic (remove) SoundMAX Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Windows Internet Explorer 8 (KB975364) Update for Windows Internet Explorer 8 (KB976662) Update for Windows Internet Explorer 8 (KB980182) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) VIPRE Antivirus Premium VirtualDrive WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage v1.3.0254.0 Windows Installer Clean Up Windows Internet Explorer 8 Windows Media Format Runtime Windows Media Player 10 Windows XP Service Pack 3 WinZip 15.5 WordPerfect Office 12 . ==== Event Viewer Messages From Past Week ======== . 6/7/2011 3:52:17 PM, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s). 6/7/2011 11:50:40 AM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period. 6/6/2011 4:50:20 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86. 6/6/2011 4:48:35 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 3.5 SP1 and .NET Framework 2.0 SP2 Security Update for Windows 2000, Windows Server 2003, and Windows XP x86 (KB979909). . ==== End Of File =========================== Please advise as to how you wish for me to proceed. Thanks!
  4. JimPI
    A few months ago, I was infected with one of those viruses where it kept telling me I was infected with something else and I needed to download their program to remove the infection. Malwarebytes took care of that for me without trouble. However, off and on since then, I've had trouble with something hijacking Firefox. I normally run Vipre antivirus and everything comes up clean. I've also run Malwarebytes a few times and again, nothing is showing up. Also, I upgraded Malwarebytes today to the free trial version of the full program and I've had tons of warnings about "something" trying to "phone home" to various IP addresses. I can't get DDS to work. I downloaded it and when I double clicked on it, I got a black window telling me about the program but nothing else happened. I'll attach the GMER log for review as well as the most recent Malwarebytes log. If need be, I can also post the log from all the IP addresses the computer keeps trying to connect with. Any help would be greatly appreciated! Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Database version: 6797 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 6/7/2011 10:20:03 AM mbam-log-2011-06-07 (10-20-02).txt Scan type: Quick scan Objects scanned: 178582 Time elapsed: 19 minute(s), 21 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ark.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.