Jump to content

Need help, Can't access google or bing


nic977

Recommended Posts

I am having problem to access google or bing, malwarebytes scan didn't pick up anything, below is my hijackthis log

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 9:28:04 PM, on 11/13/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\AVG\AVG9\avgchsvx.exe

C:\Program Files\AVG\AVG9\avgrsx.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\WINDOWS\system32\spoolsv.exe

c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe

C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG9\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe

C:\Program Files\AVG\AVG9\avgnsx.exe

C:\WINDOWS\system32\PSIService.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\AVG\AVG9\avgemc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Splashtop\Splashtop Remote\Server\SRServer.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\ASUS\ASUS Sync\asusUPCTLoader.exe

C:\Program Files\Citrix\ICA Client\concentr.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\Citrix\ICA Client\wfcrun32.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Dell Support Center\gs_agent\dsc.exe

C:\Program Files\Belkin\F5D8053v4\BelkinWCUI.exe

C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll

O1 - Hosts: 95.64.61.141 www.google.com

O1 - Hosts: 95.64.61.142 www.bing.com

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll

O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll

O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide

O4 - HKLM\..\Run: [Monitor] "C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [ASUS Sync Loader] "C:\Program Files\ASUS\ASUS Sync\asusUPCTLoader.exe" -startup

O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S

O4 - HKLM\..\Run: [volmgr] %APPDATA%\volmgr.exe

O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup

O4 - HKCU\..\Run: [security Protection] C:\Documents and Settings\All Users\Application Data\defender.exe /min

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

O4 - Global Startup: Belkin Wireless Networking Utility.lnk = %ProgramFiles%\Belkin\F5D8053v4\BelkinWCUI.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: Sportsbook.com - {a0cadf8e-1c3d-4463-89f9-b6db8e1fe580} - C:\Documents and Settings\Nicole\Start Menu\Programs\Sportsbook.com\Sportsbook.com.lnk (HKCU)

O15 - ESC Trusted Zone: http://*.update.microsoft.com

O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://webmail.gsa.gov/s02ggems02/iNotes6W.cab

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab

O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe

O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe

O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe

O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe

O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe

O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe

O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe

O23 - Service: SplashtopR Remote Service (SplashtopRemoteService) - Splashtop Inc. - C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: Splashtop Software Updater Service (SSUService) - Splashtop Inc. - C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe

O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

O23 - Service: Windows Defender (WinDefend) - Unknown owner - C:\Program Files\Windows Defender\MsMpEng.exe

--

End of file - 14888 bytes

please help!!

Link to post
Share on other sites

Hello nic977! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/paste in your next reply.

I just want to know everything, so follow the instructions on this thread and post your log files from Malwarebytes' Anti-Malware and DDS.

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17

Run by Nicole at 18:15:04 on 2011-11-14

Microsoft Windows XP Professional 5.1.2600.3.950.853.1033.18.3061.1990 [GMT -5:00]

.

AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\Program Files\AVG\AVG9\avgchsvx.exe

C:\Program Files\AVG\AVG9\avgrsx.exe

C:\WINDOWS\system32\spoolsv.exe

c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

svchost.exe

C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG9\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe

C:\Program Files\AVG\AVG9\avgnsx.exe

C:\WINDOWS\system32\PSIService.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\AVG\AVG9\avgemc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Splashtop\Splashtop Remote\Server\SRServer.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wscript.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\ASUS\ASUS Sync\asusUPCTLoader.exe

C:\Program Files\Citrix\ICA Client\concentr.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe

C:\Program Files\Citrix\ICA Client\wfcrun32.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\Dell Support Center\gs_agent\dsc.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Belkin\F5D8053v4\BelkinWCUI.exe

C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\WINDOWS\system32\conime.exe

.

============== Pseudo HJT Report ===============

.

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

mSearch Bar = hxxp://www.google.com/ie

uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5080421

uInternet Settings,ProxyOverride = local

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll

BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\5.0.1423.0\npwinext.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

TB: @c:\program files\msn toolbar\platform\5.0.1423.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\5.0.1423.0\npwinext.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background

uRun: [Advanced SystemCare 3] "c:\program files\iobit\advanced systemcare 3\AWC.exe" /startup

uRun: [security Protection] c:\documents and settings\all users\application data\defender.exe /min

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam10\QuickCam10.exe" /hide

mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"

mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume

mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [ASUS Sync Loader] "c:\program files\asus\asus sync\asusUPCTLoader.exe" -startup

mRun: [ASUSWebStorage] c:\program files\asus\asus webstorage\3.0.84.161\AsusWSPanel.exe /S

mRun: [volmgr] %APPDATA%\volmgr.exe

mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup

StartupFolder: c:\docume~1\nicole\startm~1\programs\startup\pictur~1.lnk - c:\program files\sony\sony picture utility\volumewatcher\SPUVolumeWatcher.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\belkin~1.lnk - c:\program files\belkin\f5d8053v4\BelkinWCUI.exe

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1 71.250.0.12

TCP: Interfaces\{655B1403-402E-412C-8B77-205A48BA6F1C} : DhcpNameServer = 192.168.1.1 71.250.0.12

TCP: Interfaces\{EE72F085-D571-48DE-B25D-605D6DE28DFF} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{F672D9BA-AE9B-4824-8690-0EEC335DDC5F} : DhcpNameServer = 192.168.1.1

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Notify: avgrsstarter - avgrsstx.dll

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

LSA: Notification Packages = scecli jujotufu.dll

Hosts: 95.64.61.141 www.google.com

Hosts: 95.64.61.142 www.bing.com

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\nicole\application data\mozilla\firefox\profiles\mkl2ntzb.default\

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig

FF - prefs.js: keyword.URL - hxxp://search.internet-search-results.com/?sid=10101179100&s=

FF - prefs.js: network.proxy.type - 0

FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll

FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll

FF - plugin: c:\documents and settings\nicole\local settings\application data\unity\webplayer\loader\npUnity3D32.dll

FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: c:\program files\microsoft\office live\npOLW.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll

FF - plugin: c:\program files\msn toolbar\platform\5.0.1423.0\npwinext.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

.

---- FIREFOX POLICIES ----

FF - user.js: browser.search.selectedEngine - Search

FF - user.js: browser.search.order.1 - Search

FF - user.js: keyword.URL - hxxp://search.internet-search-results.com/?sid=10101179100&s=

============= SERVICES / DRIVERS ===============

.

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-4-24 216400]

R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-4-24 29712]

R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-4-24 243152]

R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2009-9-8 65584]

R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\adobe\photoshop elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]

R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-7-21 921952]

R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-15 308136]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-4-20 54752]

R2 SplashtopRemoteService;SplashtopR Remote Service;c:\program files\splashtop\splashtop remote\server\SRService.exe [2011-7-7 424264]

R2 SSUService;Splashtop Software Updater Service;c:\program files\splashtop\splashtop software updater\SSUService.exe [2011-9-21 366408]

R2 WDDMService;WD SmartWare Drive Manager;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2009-11-13 110592]

R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\western digital\wd smartware\front parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]

R3 Alidevice;Alidevice;c:\windows\system32\drivers\alidevice.sys [2010-3-8 6656]

R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2008-12-24 517632]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2010-3-5 11520]

S1 c2scsi;c2scsi;c:\windows\system32\drivers\c2scsi.sys [2009-1-7 244736]

S2 ALIEHCD;ALi PCI to USB Enhanced Host Controller;c:\windows\system32\drivers\AliEhci.sys [2008-5-21 104088]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-5-21 135664]

S2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files\roxio\digital home 10\RoxioUpnpService10.exe [2007-8-24 362992]

S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxLiveShare10.exe [2007-8-24 309744]

S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxWatch10.exe [2007-8-24 166384]

S2 srv1424;srv1424;c:\windows\system32\svchost.exe -k netsvcs [2004-8-11 14336]

S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]

S3 alihub;Generic Hub on USB 2.0 Bus;c:\windows\system32\drivers\AliHub.sys [2008-5-21 17835]

S3 aliroothub;USB 2.0 Root Hub;c:\windows\system32\drivers\AliRtHub.sys [2008-5-21 5337]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg9\toolbar\ToolbarBroker.exe [2010-10-27 947528]

S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [2009-5-9 18560]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]

S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-4-21 30192]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-5-21 135664]

S3 MRVW225;Zonet 802.11g USB Drive for Windows XP;c:\windows\system32\drivers\MRVW225.sys [2005-12-21 299904]

S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files\roxio\digital home 10\RoxioUPnPRenderer10.exe [2007-8-24 72176]

S3 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe [2007-8-24 1083888]

S4 SessionLauncher;SessionLauncher;c:\docume~1\nicole\locals~1\temp\dx9\sessionlauncher.exe --> c:\docume~1\nicole\locals~1\temp\dx9\SessionLauncher.exe [?]

.

=============== Created Last 30 ================

.

2011-11-14 23:14:52 -------- d-----w- C:\c0e1f252f7a17ec37b

2011-11-14 01:41:55 388096 ----a-r- c:\documents and settings\nicole\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2011-11-14 01:41:54 -------- d-----w- c:\program files\Trend Micro

2011-11-12 19:12:55 -------- d-----w- c:\documents and settings\all users\application data\Citrix

2011-11-12 19:12:33 -------- d-----w- c:\documents and settings\nicole\local settings\application data\Citrix

2011-11-12 19:12:21 -------- d-----w- c:\program files\Citrix

2011-11-12 18:56:38 -------- d-----w- c:\documents and settings\nicole\pdmcache

.

==================== Find3M ====================

.

2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-09-26 15:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 15:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-26 15:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll

2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys

2011-08-31 21:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll

2011-08-22 23:48:54 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-08-22 23:48:54 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-08-22 11:56:39 385024 ----a-w- c:\windows\system32\html.iec

2011-08-18 20:28:41 878080 ----a-w- c:\documents and settings\all users\application data\56EA.tmp

2011-08-18 15:59:59 0 ----a-w- c:\documents and settings\all users\application data\xpbf.exe

2011-08-18 15:59:58 0 ----a-w- c:\documents and settings\all users\application data\wieq.exe

2011-08-18 15:59:58 0 ----a-w- c:\documents and settings\all users\application data\nlkh.exe

2011-08-18 15:59:58 0 ----a-w- c:\documents and settings\all users\application data\fxtg.exe

2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys

.

=================== ROOTKIT ====================

.

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

Windows 5.1.2600 Disk: ST3500630AS rev.3.ADG -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3

.

device: opened successfully

user: MBR read successfully

.

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A6D64C0]<<

_asm { MOV EAX, [ESP+0x4]; MOV ECX, [0x8a6dd8a4]; PUSH ESI; MOV ESI, [ESP+0xc]; PUSH EDI; MOV EDI, [ESI+0x60]; CMP EAX, [0x8a6dd730]; JNZ 0x1f; MOV [ESP+0xc], ECX; }

1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x8AECFAB8]

3 CLASSPNP[0xBA0E8FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000075[0x8AED7F18]

5 ACPI[0xB9F7F620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x8AED2940]

\Driver\atapi[0x8ADDEF38] -> IRP_MJ_CREATE -> 0x8A6D64C0

error: Read A device attached to the system is not functioning.

kernel: MBR read successfully

_asm { MOV AX, 0x0; MOV SS, AX; MOV SP, 0x7c00; MOV DS, AX; CLD ; MOV CX, 0x80; MOV SI, SP; MOV DI, 0x600; MOV ES, AX; REP MOVSD ; JMP FAR 0x0:0x62d; }

detected disk devices:

detected hooks:

\Driver\atapi DriverStartIo -> 0x8A6D62E0

user & kernel MBR OK

Warning: possible TDL3 rootkit infection !

.

============= FINISH: 18:16:32.18 ===============

Link to post
Share on other sites

sorry, here it is

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 4/24/2008 2:32:35 PM

System Uptime: 11/14/2011 6:11:29 PM (0 hours ago)

.

Motherboard: Dell Inc. | | 0FM586

Processor: Intel® Core2 Quad CPU Q6600 @ 2.40GHz | Socket 775 | 1580/266mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 462 GiB total, 138.405 GiB free.

D: is CDROM ()

G: is CDROM (UDF)

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1170: 8/17/2011 9:18:54 AM - System Checkpoint

RP1171: 8/17/2011 8:28:43 PM - Software Distribution Service 3.0

RP1172: 8/17/2011 10:00:26 PM - Software Distribution Service 3.0

RP1173: 8/18/2011 4:41:02 PM - Software Distribution Service 3.0

RP1174: 8/19/2011 5:04:16 PM - Software Distribution Service 3.0

RP1175: 9/22/2011 12:33:48 PM - Avg Update

RP1176: 9/22/2011 12:35:53 PM - Avg Update

RP1177: 9/22/2011 12:38:13 PM - Software Distribution Service 3.0

RP1178: 9/22/2011 9:17:25 PM - Software Distribution Service 3.0

RP1179: 9/22/2011 9:47:06 PM - Software Distribution Service 3.0

RP1180: 10/23/2011 6:04:45 PM - Software Distribution Service 3.0

RP1181: 10/23/2011 6:05:53 PM - Avg Update

RP1182: 10/23/2011 9:00:16 PM - Software Distribution Service 3.0

RP1183: 11/4/2011 8:33:56 AM - Software Distribution Service 3.0

RP1184: 11/4/2011 8:43:17 AM - Software Distribution Service 3.0

RP1185: 11/5/2011 12:07:17 PM - Software Distribution Service 3.0

RP1186: 11/5/2011 9:00:25 PM - Software Distribution Service 3.0

RP1187: 11/11/2011 8:20:57 AM - Software Distribution Service 3.0

RP1188: 11/11/2011 1:00:14 PM - Software Distribution Service 3.0

RP1189: 11/12/2011 11:24:30 AM - Software Distribution Service 3.0

RP1190: 11/12/2011 10:00:25 PM - Software Distribution Service 3.0

RP1191: 11/13/2011 3:30:26 PM - Software Distribution Service 3.0

RP1192: 11/13/2011 3:45:28 PM - Unsigned driver install

RP1193: 11/13/2011 8:41:53 PM - Installed HiJackThis

RP1194: 11/14/2011 6:14:48 PM - Software Distribution Service 3.0

.

==== Installed Programs ======================

.

Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Photoshop Elements 6.0

Adobe Photoshop Elements 7.0

Adobe Photoshop Lightroom 2.2

Adobe Reader 8.1.2

Adobe Reader 8.1.2 Security Update 1 (KB403742)

Adobe Shockwave Player 11.5

Advanced SystemCare 3

ALi USB2.0 Driver

AOLIcon

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ASUS Android USB Drivers

ASUS Sync

ASUS WebStorage

AVG Free 9.0

Belkin N Wireless USB Adapter Setup

Bing Bar

Bing Bar Platform

Bonjour

Browser Address Error Redirector

Canon Camera Access Library

Canon Camera Support Core Library

Canon Camera WIA Driver

Canon CanoScan Toolbox 4.5

Canon EOS 5D WIA Driver

Canon RAW Image Task for ZoomBrowser EX

Canon Utilities CameraWindow

Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX

Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX

Canon Utilities Digital Photo Professional 3.3

Canon Utilities EOS Utility

Canon Utilities MyCamera

Canon Utilities Original Data Security Tools

Canon Utilities PhotoStitch

Canon Utilities Picture Style Editor

Canon Utilities RemoteCapture Task for ZoomBrowser EX

Canon Utilities WFT-E1/E2/E3 Utility

Canon Utilities ZoomBrowser EX

Canon ZoomBrowser EX Memory Card Utility

Citrix online plug-in - web

Citrix online plug-in (DV)

Citrix online plug-in (HDX)

Citrix online plug-in (USB)

Citrix online plug-in (Web)

Compatibility Pack for the 2007 Office system

Corel Paint Shop Pro X

Data Lifeguard Diagnostic for Windows

Dell DataSafe Online

Dell Driver Reset Tool

Dell Support Center (Support Software)

Dell System Restore

DirectXInstallService

Documentation & Support Launcher

DYNA Font

EMC 10 Content

ESET Online Scanner v3

FileZilla Client 3.3.2

Games, Music, & Photos Launcher

Google Desktop

Google Toolbar for Internet Explorer

Google Update Helper

High Definition Audio Driver Package - KB835221

HiJackThis

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB954708)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

Intel® Graphics Media Accelerator Driver

Intel® PRO Network Connections Drivers

iTunes

J2SE Runtime Environment 5.0 Update 6

Java 6 Update 17

Junk Mail filter update

LeapFrog Connect

LeapFrog Tag Plugin

Learn2 Player (Uninstall Only)

Logitech QuickCam

Logitech?Camera Driver

Malwarebytes' Anti-Malware version 1.51.2.1300

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Default Manager

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft Office Live Add-in 1.3

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Professional Edition 2003

Microsoft Plus! Digital Media Edition Installer

Microsoft Plus! Photo Story 2 LE

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Sync Framework Runtime Native v1.0 (x86)

Microsoft Sync Framework Services Native v1.0 (x86)

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Windows XP Video Decoder Checkup Utility

Microsoft WinUsb 2.0

Microsoft Works

Mozilla Firefox 8.0 (x86 en-US)

MSVCRT

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB973685)

MSXML 6.0 Parser (KB933579)

Musicmatch for Windows Media Player

OGA Notifier 2.0.0048.0

PowerDVD

QuickTime

Realtek High Definition Audio Driver

Roxio Activation Module

Roxio BackOnTrack

Roxio CinePlayer

Roxio CinePlayer Decoder Pack

Roxio Disc Gallery

Roxio DLA

Roxio Easy Media Creator 10 Suite

Roxio File Backup

Roxio MediaShare

Roxio Update Manager

SDFormatter

SearchAssist

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft Windows (KB2564958)

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB976325)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950759)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953838)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956390)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958215)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960714)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371-v2)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974455)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB976325)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Segoe UI

Skype Click to Call

Skype? 5.5

SmartSound Quicktracks Plugin

Sonic RecordNow! Plus

Sony Picture Utility

Sony USB Driver

Spelling Dictionaries Support For Adobe Reader 8

Splashtop Remote

Sportsbook.com

Sun Download Manager 2.0 (web)

Synergy

Unity Web Player

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB978506)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2616676-v2)

Update for Windows XP (KB2641690)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB961503)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update for Windows XP (KB976749)

Update for Windows XP (KB978207)

Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)

Viewpoint Media Player

VLC media player 1.1.9

Vuze

WD SmartWare

WebFldrs XP

WinAce Archiver

Windows Defender

Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)

Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Imaging Component

Windows Installer 3.1 (KB893803)

Windows Internet Explorer 8

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Mail

Windows Live Messenger

Windows Live Photo Gallery

Windows Live Sync

Windows Live Toolbar

Windows Live Upload Tool

Windows Live Writer

Windows Media Format 11 runtime

Windows Media Player 10

Windows Media Player 10 Hotfix - KB888656

Windows Media Player 11

Windows XP Service Pack 3

WinRAR archiver

XML Paper Specification Shared Components Pack 1.0

.

==== Event Viewer Messages From Past Week ========

.

11/12/2011 3:25:51 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: iaStor

11/12/2011 3:25:49 PM, error: Service Control Manager [7023] - The srv1424 service terminated with the following error: The specified module could not be found.

11/12/2011 3:25:49 PM, error: Service Control Manager [7000] - The Windows Defender service failed to start due to the following error: Access is denied.

11/12/2011 3:25:49 PM, error: Service Control Manager [7000] - The SessionLauncher service failed to start due to the following error: The system cannot find the path specified.

11/12/2011 3:25:49 PM, error: Service Control Manager [7000] - The ALi PCI to USB Enhanced Host Controller service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

11/12/2011 11:24:42 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.115.1674.0).

.

==== End Of File ===========================

Link to post
Share on other sites

Step 1

I also see you have Viewpoint installed...

Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This will change from what we know in 2006 read this article: -http://www.clickz.com/news/article.php/3561546

I suggest you remove the program now. Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present.


  • Viewpoint
  • Viewpoint Manager
  • Viewpoint Media Player

Step 2

Now it's time to clean the cache of Java, because of malware. Malware found in this cache directory are not associated with the Java that was downloaded and installed on the system. A cache directory is aa temporary storage location. When the browser runs an applet or application, Java stores files into its cache directory for better performance.

Click Start => Control Panel.

Double-click the Java icon in the control panel. The Java Control Panel appears.

plugin_cache1.jpg

Click Settings under Temporary Internet Files. The Temporary Files Settings dialog box appears.

plugin_cache2.jpg

Click Delete Files. The Delete Temporary Files dialog box appears.

plugin_cache3.jpg

Click OK on Delete Temporary Files window. Note: This deletes all the Downloaded Applications and Applets from the cache.

Click OK on Temporary Files Settings window. Note: If you want to delete a specific application and applet from the cache, click on View Application and View Applet options respectively.

Step 3

Download the latest version of TDSSKiller from here and save it to your Desktop.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg
  7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

In your next reply, please post the following log files:

  • TDSSKiller log
  • a new fresh DDS log only

Link to post
Share on other sites

I did all above, but the system hangs when it tried to restart, it was stuck at the logging off screen and I have to manually shut it down. When I turn it back on again, all programs are gone and there is this "System Fix" software stating there is a hard disk failure...I can't close that program, can't shut down the computer and can't really do anything :(

Link to post
Share on other sites

Please download Unhide.exe . Onnce the program has been downloaded, double-click on the Unhide.exe icon on your desktop and allow the program to run. This program will remove the +H, or hidden, attribute from all the files on your hard drives. If there are any files that were purposely hidden by you, you will need to hide them again after this tool is run.

Link to post
Share on other sites

I did that, most of the files and folders are back, but the program menu are empty, the folders are there when I click all program, but they are empty though. I ran a dds scan and here are the result

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17

Run by Nicole at 14:10:51 on 2011-11-16

Microsoft Windows XP Professional 5.1.2600.3.950.853.1033.18.3061.2059 [GMT -5:00]

.

AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

C:\WINDOWS\system32\svchost -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\Program Files\AVG\AVG9\avgchsvx.exe

C:\Program Files\AVG\AVG9\avgrsx.exe

C:\WINDOWS\system32\spoolsv.exe

c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe

C:\WINDOWS\System32\SCardSvr.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG9\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\AVG\AVG9\avgnsx.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe

C:\WINDOWS\system32\PSIService.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe

C:\Program Files\Dell Support Center\bin\sprtsvc.exe

C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\AVG\AVG9\avgemc.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Program Files\Windows Media Player\WMPNetwk.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Splashtop\Splashtop Remote\Server\SRServer.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\ASUS\ASUS Sync\asusUPCTLoader.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe

C:\Program Files\Citrix\ICA Client\concentr.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe

C:\Program Files\Citrix\ICA Client\wfcrun32.exe

C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

C:\WINDOWS\system32\conime.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

mSearch Bar = hxxp://www.google.com/ie

uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5080421

uInternet Settings,ProxyOverride = local

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll

BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\5.0.1423.0\npwinext.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

TB: @c:\program files\msn toolbar\platform\5.0.1423.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\5.0.1423.0\npwinext.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background

uRun: [Advanced SystemCare 3] "c:\program files\iobit\advanced systemcare 3\AWC.exe" /startup

uRun: [security Protection] c:\documents and settings\all users\application data\defender.exe /min

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam10\QuickCam10.exe" /hide

mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"

mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume

mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [ASUS Sync Loader] "c:\program files\asus\asus sync\asusUPCTLoader.exe" -startup

mRun: [ASUSWebStorage] c:\program files\asus\asus webstorage\3.0.84.161\AsusWSPanel.exe /S

mRun: [volmgr] %APPDATA%\volmgr.exe

mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup

StartupFolder: c:\docume~1\nicole\startm~1\programs\startup\pictur~1.lnk - c:\program files\sony\sony picture utility\volumewatcher\SPUVolumeWatcher.exe

dPolicies-explorer: NoDesktop = 1 (0x1)

dPolicies-system: DisableTaskMgr = 1 (0x1)

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

TCP: Interfaces\{EE72F085-D571-48DE-B25D-605D6DE28DFF} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{F672D9BA-AE9B-4824-8690-0EEC335DDC5F} : DhcpNameServer = 192.168.1.1

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Notify: avgrsstarter - avgrsstx.dll

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

LSA: Notification Packages = scecli jujotufu.dll

Hosts: 95.64.61.141 www.google.com

Hosts: 95.64.61.142 www.bing.com

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\nicole\application data\mozilla\firefox\profiles\mkl2ntzb.default\

FF - prefs.js: browser.search.selectedEngine - Search

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig

FF - prefs.js: keyword.URL - hxxp://search.internet-search-results.com/?sid=10101179100&s=

FF - prefs.js: network.proxy.type - 0

FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll

FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll

FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: c:\program files\microsoft\office live\npOLW.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll

FF - plugin: c:\program files\msn toolbar\platform\5.0.1423.0\npwinext.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

.

---- FIREFOX POLICIES ----

FF - user.js: browser.search.selectedEngine - Search

FF - user.js: browser.search.order.1 - Search

FF - user.js: keyword.URL - hxxp://search.internet-search-results.com/?sid=10101179100&s=

============= SERVICES / DRIVERS ===============

.

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-4-24 216400]

R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-4-24 29712]

R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-4-24 243152]

R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2009-9-8 65584]

R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\adobe\photoshop elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]

R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-7-21 921952]

R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-15 308136]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-4-20 54752]

R2 SplashtopRemoteService;SplashtopR Remote Service;c:\program files\splashtop\splashtop remote\server\SRService.exe [2011-7-7 424264]

R2 SSUService;Splashtop Software Updater Service;c:\program files\splashtop\splashtop software updater\SSUService.exe [2011-11-10 370504]

R2 WDDMService;WD SmartWare Drive Manager;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2009-11-13 110592]

R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\western digital\wd smartware\front parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]

R3 Alidevice;Alidevice;c:\windows\system32\drivers\alidevice.sys [2010-3-8 6656]

R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2008-12-24 517632]

S1 c2scsi;c2scsi;c:\windows\system32\drivers\c2scsi.sys [2009-1-7 244736]

S2 ALIEHCD;ALi PCI to USB Enhanced Host Controller;c:\windows\system32\drivers\AliEhci.sys [2008-5-21 104088]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-5-21 135664]

S2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files\roxio\digital home 10\RoxioUpnpService10.exe [2007-8-24 362992]

S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxLiveShare10.exe [2007-8-24 309744]

S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxWatch10.exe [2007-8-24 166384]

S2 srv1424;srv1424;c:\windows\system32\svchost.exe -k netsvcs [2004-8-11 14336]

S2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]

S3 alihub;Generic Hub on USB 2.0 Bus;c:\windows\system32\drivers\AliHub.sys [2008-5-21 17835]

S3 aliroothub;USB 2.0 Root Hub;c:\windows\system32\drivers\AliRtHub.sys [2008-5-21 5337]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg9\toolbar\ToolbarBroker.exe [2010-10-27 947528]

S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [2009-5-9 18560]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]

S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-4-21 30192]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-5-21 135664]

S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]

S3 MRVW225;Zonet 802.11g USB Drive for Windows XP;c:\windows\system32\drivers\MRVW225.sys [2005-12-21 299904]

S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files\roxio\digital home 10\RoxioUPnPRenderer10.exe [2007-8-24 72176]

S3 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe [2007-8-24 1083888]

S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2010-3-5 11520]

S4 SessionLauncher;SessionLauncher;c:\docume~1\nicole\locals~1\temp\dx9\sessionlauncher.exe --> c:\docume~1\nicole\locals~1\temp\dx9\SessionLauncher.exe [?]

.

=============== Created Last 30 ================

.

2011-11-14 01:41:55 388096 ----a-r- c:\documents and settings\nicole\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2011-11-14 01:41:54 -------- d-----w- c:\program files\Trend Micro

2011-11-12 19:12:55 -------- d-----w- c:\documents and settings\all users\application data\Citrix

2011-11-12 19:12:33 -------- d-----w- c:\documents and settings\nicole\local settings\application data\Citrix

2011-11-12 19:12:21 -------- d-----w- c:\program files\Citrix

2011-11-12 18:56:38 -------- d-----w- c:\documents and settings\nicole\pdmcache

.

==================== Find3M ====================

.

2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-09-26 15:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 15:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-26 15:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll

2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys

2011-08-31 21:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll

2011-08-22 23:48:54 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-08-22 23:48:54 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-08-22 11:56:39 385024 ----a-w- c:\windows\system32\html.iec

2011-08-18 20:28:41 878080 ----a-w- c:\documents and settings\all users\application data\56EA.tmp

.

============= FINISH: 14:12:17.23 ===============

Link to post
Share on other sites

This is the one i ran yesterday

.0718 5372 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

20:11:48.0765 5372 symc810 - ok

20:11:49.0312 5372 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

20:11:49.0343 5372 symc8xx - ok

20:11:50.0078 5372 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

20:11:50.0125 5372 sym_hi - ok

20:11:50.0750 5372 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

20:11:50.0781 5372 sym_u3 - ok

20:11:51.0343 5372 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

20:11:51.0359 5372 sysaudio - ok

20:11:51.0640 5372 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

20:11:51.0734 5372 Tcpip - ok

20:11:51.0921 5372 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

20:11:51.0953 5372 TDPIPE - ok

20:11:52.0234 5372 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

20:11:52.0265 5372 TDTCP - ok

20:11:52.0484 5372 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

20:11:52.0531 5372 TermDD - ok

20:11:52.0781 5372 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys

20:11:52.0812 5372 TosIde - ok

20:11:52.0937 5372 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

20:11:52.0953 5372 Udfs - ok

20:11:53.0125 5372 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

20:11:53.0156 5372 ultra - ok

20:11:53.0468 5372 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

20:11:53.0546 5372 Update - ok

20:11:53.0984 5372 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys

20:11:54.0015 5372 USBAAPL - ok

20:11:54.0218 5372 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

20:11:54.0234 5372 usbaudio - ok

20:11:54.0515 5372 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

20:11:54.0546 5372 usbccgp - ok

20:11:54.0890 5372 USBCCID (6b5e4d5e6e5ecd6acd14aed59768ce5c) C:\WINDOWS\system32\DRIVERS\usbccid.sys

20:11:54.0953 5372 USBCCID - ok

20:11:55.0078 5372 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

20:11:55.0140 5372 usbehci - ok

20:11:55.0359 5372 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

20:11:55.0390 5372 usbhub - ok

20:11:55.0578 5372 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys

20:11:55.0593 5372 usbohci - ok

20:11:55.0984 5372 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

20:11:56.0031 5372 usbprint - ok

20:11:56.0468 5372 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

20:11:56.0500 5372 usbscan - ok

20:11:56.0906 5372 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

20:11:56.0921 5372 USBSTOR - ok

20:11:57.0078 5372 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

20:11:57.0109 5372 usbuhci - ok

20:11:57.0421 5372 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

20:11:57.0453 5372 VgaSave - ok

20:11:57.0515 5372 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

20:11:57.0843 5372 viaagp - ok

20:11:58.0000 5372 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

20:11:58.0046 5372 ViaIde - ok

20:11:58.0265 5372 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

20:11:58.0312 5372 VolSnap - ok

20:11:58.0546 5372 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

20:11:58.0562 5372 Wanarp - ok

20:11:58.0703 5372 wanatw - ok

20:11:58.0875 5372 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys

20:11:58.0921 5372 WDC_SAM - ok

20:11:59.0093 5372 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys

20:11:59.0218 5372 Wdf01000 - ok

20:11:59.0343 5372 WDICA - ok

20:11:59.0593 5372 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

20:11:59.0625 5372 wdmaud - ok

20:11:59.0875 5372 WinUSB (30fc6e5448d0cbaaa95280eeef7fedae) C:\WINDOWS\system32\DRIVERS\WinUSB.sys

20:11:59.0906 5372 WinUSB - ok

20:12:00.0281 5372 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

20:12:00.0312 5372 WpdUsb - ok

20:12:00.0640 5372 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

20:12:00.0656 5372 WSTCODEC - ok

20:12:00.0984 5372 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

20:12:01.0250 5372 WudfPf - ok

20:12:01.0515 5372 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

20:12:01.0562 5372 WudfRd - ok

20:12:01.0625 5372 MBR (0x1B8) (7c813d1ed418f46302a154e14cf3bdc5) \Device\Harddisk0\DR0

20:12:01.0656 5372 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.a ) - infected

20:12:01.0656 5372 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.a (0)

20:12:01.0671 5372 Boot (0x1200) (874e2e39c12e5e59c35e501b9686ef7c) \Device\Harddisk0\DR0\Partition0

20:12:01.0703 5372 \Device\Harddisk0\DR0\Partition0 - ok

20:12:01.0703 5372 ============================================================

20:12:01.0703 5372 Scan finished

20:12:01.0703 5372 ============================================================

20:12:01.0718 5756 Detected object count: 1

20:12:01.0718 5756 Actual detected object count: 1

20:15:41.0343 5756 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.a ) - will be cured on reboot

20:15:41.0343 5756 \Device\Harddisk0\DR0 - ok

20:15:41.0343 5756 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.a ) - User select action: Cure

21:50:09.0828 0144 Deinitialize success

Link to post
Share on other sites

This is the one I just ran today, but google and bing is still not accessible, yahoo is working though

10:54:46.0406 4952 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50

10:54:46.0671 4952 ============================================================

10:54:46.0671 4952 Current date / time: 2011/11/16 10:54:46.0671

10:54:46.0671 4952 SystemInfo:

10:54:46.0671 4952

10:54:46.0671 4952 OS Version: 5.1.2600 ServicePack: 3.0

10:54:46.0671 4952 Product type: Workstation

10:54:46.0671 4952 ComputerName: MROOM

10:54:46.0671 4952 UserName: Nicole

10:54:46.0671 4952 Windows directory: C:\WINDOWS

10:54:46.0671 4952 System windows directory: C:\WINDOWS

10:54:46.0671 4952 Processor architecture: Intel x86

10:54:46.0671 4952 Number of processors: 4

10:54:46.0671 4952 Page size: 0x1000

10:54:46.0671 4952 Boot type: Normal boot

10:54:46.0671 4952 ============================================================

10:54:47.0203 4952 Initialize success

10:54:48.0562 1104 ============================================================

10:54:48.0562 1104 Scan started

10:54:48.0562 1104 Mode: Manual;

10:54:48.0562 1104 ============================================================

10:54:49.0250 1104 .ohci1394 - ok

10:54:49.0406 1104 Abiosdsk - ok

10:54:49.0453 1104 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

10:54:49.0453 1104 abp480n5 - ok

10:54:49.0500 1104 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

10:54:49.0500 1104 ACPI - ok

10:54:49.0531 1104 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

10:54:49.0531 1104 ACPIEC - ok

10:54:49.0546 1104 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

10:54:49.0546 1104 adpu160m - ok

10:54:49.0578 1104 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

10:54:49.0578 1104 aec - ok

10:54:49.0609 1104 AegisP (023867b6606fbabcdd52e089c4a507da) C:\WINDOWS\system32\DRIVERS\AegisP.sys

10:54:49.0625 1104 AegisP - ok

10:54:49.0640 1104 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

10:54:49.0656 1104 AFD - ok

10:54:49.0671 1104 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

10:54:49.0671 1104 agp440 - ok

10:54:49.0671 1104 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

10:54:49.0687 1104 agpCPQ - ok

10:54:49.0687 1104 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

10:54:49.0687 1104 Aha154x - ok

10:54:49.0703 1104 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

10:54:49.0703 1104 aic78u2 - ok

10:54:49.0750 1104 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

10:54:49.0765 1104 aic78xx - ok

10:54:49.0796 1104 Alidevice (2f17c06cda54bfbe13c4046b19055f7b) C:\WINDOWS\system32\drivers\Alidevice.sys

10:54:49.0796 1104 Alidevice - ok

10:54:49.0828 1104 ALIEHCD (c5f267a1ea036a662e42691b790ca283) C:\WINDOWS\system32\Drivers\ALIEHCI.sys

10:54:49.0828 1104 ALIEHCD - ok

10:54:49.0859 1104 alihub (c437810476529836b0329ef51a734aa6) C:\WINDOWS\system32\DRIVERS\AliHub.sys

10:54:49.0859 1104 alihub - ok

10:54:49.0875 1104 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

10:54:49.0875 1104 AliIde - ok

10:54:49.0890 1104 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

10:54:49.0890 1104 alim1541 - ok

10:54:49.0906 1104 aliroothub (8fae0ad01154140fa8e1da0eca833936) C:\WINDOWS\system32\DRIVERS\AliRtHub.sys

10:54:49.0906 1104 aliroothub - ok

10:54:49.0906 1104 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

10:54:49.0921 1104 amdagp - ok

10:54:49.0937 1104 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

10:54:49.0937 1104 amsint - ok

10:54:49.0968 1104 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

10:54:49.0968 1104 Arp1394 - ok

10:54:49.0984 1104 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

10:54:50.0000 1104 asc - ok

10:54:50.0000 1104 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

10:54:50.0000 1104 asc3350p - ok

10:54:50.0015 1104 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

10:54:50.0015 1104 asc3550 - ok

10:54:50.0062 1104 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

10:54:50.0062 1104 AsyncMac - ok

10:54:50.0109 1104 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

10:54:50.0109 1104 atapi - ok

10:54:50.0125 1104 Atdisk - ok

10:54:50.0140 1104 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

10:54:50.0156 1104 Atmarpc - ok

10:54:50.0187 1104 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

10:54:50.0203 1104 audstub - ok

10:54:50.0250 1104 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\System32\Drivers\avgldx86.sys

10:54:50.0250 1104 AvgLdx86 - ok

10:54:50.0281 1104 AvgMfx86 (80ff2b1b7eeda966394f0baa895bbf4b) C:\WINDOWS\System32\Drivers\avgmfx86.sys

10:54:50.0281 1104 AvgMfx86 - ok

10:54:50.0359 1104 AvgTdiX (9a7a93388f503a34e7339ae7f9997449) C:\WINDOWS\System32\Drivers\avgtdix.sys

10:54:50.0359 1104 AvgTdiX - ok

10:54:50.0390 1104 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

10:54:50.0390 1104 Beep - ok

10:54:50.0453 1104 c2scsi (9a410a90f06a2812a24a164d896ea755) C:\WINDOWS\system32\drivers\c2scsi.sys

10:54:50.0453 1104 c2scsi - ok

10:54:50.0500 1104 CamDrL (0f5ca31bb3fdb5c1e63c170cfbecc93b) C:\WINDOWS\system32\DRIVERS\Camdrl.sys

10:54:50.0515 1104 CamDrL - ok

10:54:50.0515 1104 catchme - ok

10:54:50.0546 1104 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

10:54:50.0546 1104 cbidf - ok

10:54:50.0546 1104 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

10:54:50.0546 1104 cbidf2k - ok

10:54:50.0578 1104 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

10:54:50.0593 1104 CCDECODE - ok

10:54:50.0609 1104 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

10:54:50.0609 1104 cd20xrnt - ok

10:54:50.0640 1104 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

10:54:50.0656 1104 Cdaudio - ok

10:54:50.0671 1104 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

10:54:50.0687 1104 Cdfs - ok

10:54:50.0734 1104 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

10:54:50.0734 1104 Cdrom - ok

10:54:50.0750 1104 Changer - ok

10:54:50.0796 1104 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys

10:54:50.0796 1104 CmdIde - ok

10:54:50.0828 1104 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

10:54:50.0828 1104 Cpqarray - ok

10:54:50.0906 1104 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\WINDOWS\system32\DRIVERS\ctxusbm.sys

10:54:50.0906 1104 ctxusbm - ok

10:54:50.0953 1104 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

10:54:50.0953 1104 dac2w2k - ok

10:54:51.0000 1104 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

10:54:51.0000 1104 dac960nt - ok

10:54:51.0046 1104 DELL_A02 (42f8f6db03ef5c5a70d3bb0ba3273927) C:\WINDOWS\system32\DRIVERS\PRISMA02.sys

10:54:51.0078 1104 DELL_A02 - ok

10:54:51.0109 1104 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

10:54:51.0109 1104 Disk - ok

10:54:51.0156 1104 DLABOIOM (d8d58a84f3ece3359df95fd2e459b330) C:\WINDOWS\system32\DLA\DLABOIOM.SYS

10:54:51.0156 1104 DLABOIOM - ok

10:54:51.0187 1104 DLACDBHM (ec6ae8bc9f773382d2eed49e4dfdae2a) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS

10:54:51.0187 1104 DLACDBHM - ok

10:54:51.0203 1104 DLADResN (27c78078bd9c4f2de2ad3eb04bfe101b) C:\WINDOWS\system32\DLA\DLADResN.SYS

10:54:51.0203 1104 DLADResN - ok

10:54:51.0218 1104 DLAIFS_M (7f2d93e560b763ef5d11422d78da8ed0) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS

10:54:51.0218 1104 DLAIFS_M - ok

10:54:51.0234 1104 DLAOPIOM (f643637de6aac57e38d197aa63d9ea74) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS

10:54:51.0234 1104 DLAOPIOM - ok

10:54:51.0250 1104 DLAPoolM (340705474807f57a46d59d18fc2959f1) C:\WINDOWS\system32\DLA\DLAPoolM.SYS

10:54:51.0250 1104 DLAPoolM - ok

10:54:51.0265 1104 DLARTL_N (0605b66052f82b6f07204dbdb61c13ff) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS

10:54:51.0281 1104 DLARTL_N - ok

10:54:51.0296 1104 DLAUDFAM (6984ea763907c045ce813468882bc587) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS

10:54:51.0312 1104 DLAUDFAM - ok

10:54:51.0328 1104 DLAUDF_M (12b30c449cfd36adbed53eb6560933c6) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS

10:54:51.0328 1104 DLAUDF_M - ok

10:54:51.0375 1104 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

10:54:51.0406 1104 dmboot - ok

10:54:51.0421 1104 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

10:54:51.0421 1104 dmio - ok

10:54:51.0421 1104 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

10:54:51.0421 1104 dmload - ok

10:54:51.0453 1104 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

10:54:51.0453 1104 DMusic - ok

10:54:51.0484 1104 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

10:54:51.0484 1104 dpti2o - ok

10:54:51.0500 1104 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

10:54:51.0500 1104 drmkaud - ok

10:54:51.0515 1104 drvmcdb (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS

10:54:51.0515 1104 drvmcdb - ok

10:54:51.0531 1104 drvnddm (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS

10:54:51.0546 1104 drvnddm - ok

10:54:51.0562 1104 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys

10:54:51.0562 1104 E100B - ok

10:54:51.0578 1104 e1express (34aaa3b298a852b3663e6e0d94d12945) C:\WINDOWS\system32\DRIVERS\e1e5132.sys

10:54:51.0593 1104 e1express - ok

10:54:51.0656 1104 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

10:54:51.0671 1104 Fastfat - ok

10:54:51.0703 1104 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

10:54:51.0718 1104 Fdc - ok

10:54:51.0718 1104 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

10:54:51.0734 1104 Fips - ok

10:54:51.0765 1104 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

10:54:51.0765 1104 Flpydisk - ok

10:54:51.0796 1104 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

10:54:51.0812 1104 FltMgr - ok

10:54:51.0843 1104 FlyUsb (8efa9bfc940d9eb9348d9dafb839fe25) C:\WINDOWS\system32\DRIVERS\FlyUsb.sys

10:54:51.0843 1104 FlyUsb - ok

10:54:51.0890 1104 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys

10:54:51.0890 1104 fssfltr - ok

10:54:51.0906 1104 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

10:54:51.0906 1104 Fs_Rec - ok

10:54:51.0921 1104 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

10:54:51.0937 1104 Ftdisk - ok

10:54:51.0984 1104 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

10:54:51.0984 1104 GEARAspiWDM - ok

10:54:52.0031 1104 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

10:54:52.0031 1104 Gpc - ok

10:54:52.0078 1104 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

10:54:52.0078 1104 HDAudBus - ok

10:54:52.0125 1104 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

10:54:52.0125 1104 HidUsb - ok

10:54:52.0156 1104 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

10:54:52.0171 1104 hpn - ok

10:54:52.0234 1104 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

10:54:52.0234 1104 HTTP - ok

10:54:52.0250 1104 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

10:54:52.0250 1104 i2omgmt - ok

10:54:52.0265 1104 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

10:54:52.0281 1104 i2omp - ok

10:54:52.0296 1104 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

10:54:52.0312 1104 i8042prt - ok

10:54:52.0437 1104 ialm (28423512370705aeda6a652fedb25468) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

10:54:52.0562 1104 ialm - ok

10:54:52.0593 1104 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\WINDOWS\system32\drivers\iaStor.sys

10:54:52.0593 1104 iaStor - ok

10:54:52.0656 1104 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

10:54:52.0656 1104 Imapi - ok

10:54:52.0671 1104 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

10:54:52.0671 1104 ini910u - ok

10:54:52.0781 1104 IntcAzAudAddService (17bbbabb21f86b650b2626045a9d016c) C:\WINDOWS\system32\drivers\RtkHDAud.sys

10:54:52.0828 1104 IntcAzAudAddService - ok

10:54:52.0859 1104 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

10:54:52.0875 1104 IntelIde - ok

10:54:52.0890 1104 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

10:54:52.0890 1104 intelppm - ok

10:54:52.0921 1104 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

10:54:52.0921 1104 Ip6Fw - ok

10:54:52.0937 1104 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

10:54:52.0937 1104 IpFilterDriver - ok

10:54:52.0953 1104 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

10:54:52.0968 1104 IpInIp - ok

10:54:52.0968 1104 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

10:54:52.0984 1104 IpNat - ok

10:54:53.0000 1104 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

10:54:53.0000 1104 IPSec - ok

10:54:53.0000 1104 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

10:54:53.0015 1104 IRENUM - ok

10:54:53.0031 1104 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

10:54:53.0031 1104 isapnp - ok

10:54:53.0046 1104 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

10:54:53.0046 1104 Kbdclass - ok

10:54:53.0078 1104 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

10:54:53.0078 1104 kbdhid - ok

10:54:53.0093 1104 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

10:54:53.0109 1104 kmixer - ok

10:54:53.0140 1104 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

10:54:53.0140 1104 KSecDD - ok

10:54:53.0156 1104 lbrtfdc - ok

10:54:53.0250 1104 LVcKap (9a3d4fc6b86e7e36473079ab76ac703d) C:\WINDOWS\system32\DRIVERS\LVcKap.sys

10:54:53.0312 1104 LVcKap - ok

10:54:53.0390 1104 LVMVDrv (0acbc11f19320af6c19f2e20013d9095) C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys

10:54:53.0406 1104 LVMVDrv - ok

10:54:53.0421 1104 LVPr2Mon (12866641284ebb41e627bb53c04da959) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys

10:54:53.0421 1104 LVPr2Mon - ok

10:54:53.0437 1104 LVUSBSta - ok

10:54:53.0453 1104 MBAMSwissArmy - ok

10:54:53.0484 1104 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

10:54:53.0484 1104 mnmdd - ok

10:54:53.0515 1104 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

10:54:53.0515 1104 Modem - ok

10:54:53.0546 1104 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

10:54:53.0546 1104 Mouclass - ok

10:54:53.0578 1104 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

10:54:53.0578 1104 mouhid - ok

10:54:53.0593 1104 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

10:54:53.0593 1104 MountMgr - ok

10:54:53.0609 1104 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

10:54:53.0609 1104 mraid35x - ok

10:54:53.0640 1104 MRVW225 (b79f48ae900eb9e171f72c6e2fec2c55) C:\WINDOWS\system32\DRIVERS\MRVW225.sys

10:54:53.0656 1104 MRVW225 - ok

10:54:53.0671 1104 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

10:54:53.0671 1104 MRxDAV - ok

10:54:53.0750 1104 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

10:54:53.0750 1104 MRxSmb - ok

10:54:53.0765 1104 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

10:54:53.0765 1104 Msfs - ok

10:54:53.0796 1104 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

10:54:53.0796 1104 MSKSSRV - ok

10:54:53.0828 1104 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

10:54:53.0828 1104 MSPCLOCK - ok

10:54:53.0843 1104 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

10:54:53.0843 1104 MSPQM - ok

10:54:53.0875 1104 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

10:54:53.0875 1104 mssmbios - ok

10:54:53.0921 1104 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

10:54:53.0921 1104 MSTEE - ok

10:54:53.0968 1104 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

10:54:53.0984 1104 Mup - ok

10:54:54.0031 1104 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

10:54:54.0031 1104 NABTSFEC - ok

10:54:54.0078 1104 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

10:54:54.0093 1104 NDIS - ok

10:54:54.0125 1104 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

10:54:54.0125 1104 NdisIP - ok

10:54:54.0203 1104 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

10:54:54.0203 1104 NdisTapi - ok

10:54:54.0234 1104 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

10:54:54.0234 1104 Ndisuio - ok

10:54:54.0265 1104 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

10:54:54.0265 1104 NdisWan - ok

10:54:54.0343 1104 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

10:54:54.0343 1104 NDProxy - ok

10:54:54.0359 1104 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

10:54:54.0359 1104 NetBIOS - ok

10:54:54.0375 1104 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

10:54:54.0375 1104 NetBT - ok

10:54:54.0421 1104 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

10:54:54.0421 1104 NIC1394 - ok

10:54:54.0437 1104 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

10:54:54.0437 1104 Npfs - ok

10:54:54.0468 1104 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

10:54:54.0468 1104 Ntfs - ok

10:54:54.0484 1104 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

10:54:54.0484 1104 Null - ok

10:54:54.0546 1104 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

10:54:54.0593 1104 nv - ok

10:54:54.0625 1104 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

10:54:54.0625 1104 NwlnkFlt - ok

10:54:54.0640 1104 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

10:54:54.0640 1104 NwlnkFwd - ok

10:54:54.0640 1104 ohci1394 - ok

10:54:54.0671 1104 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

10:54:54.0671 1104 Parport - ok

10:54:54.0703 1104 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

10:54:54.0703 1104 PartMgr - ok

10:54:54.0718 1104 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

10:54:54.0718 1104 ParVdm - ok

10:54:54.0718 1104 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

10:54:54.0734 1104 PCI - ok

10:54:54.0734 1104 PCIDump - ok

10:54:54.0750 1104 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

10:54:54.0750 1104 PCIIde - ok

10:54:54.0765 1104 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

10:54:54.0765 1104 Pcmcia - ok

10:54:54.0781 1104 PDCOMP - ok

10:54:54.0781 1104 PDFRAME - ok

10:54:54.0796 1104 PDRELI - ok

10:54:54.0796 1104 PDRFRAME - ok

10:54:54.0812 1104 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

10:54:54.0828 1104 perc2 - ok

10:54:54.0828 1104 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

10:54:54.0828 1104 perc2hib - ok

10:54:54.0875 1104 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

10:54:54.0875 1104 PptpMiniport - ok

10:54:54.0890 1104 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

10:54:54.0890 1104 PSched - ok

10:54:54.0890 1104 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

10:54:54.0906 1104 Ptilink - ok

10:54:54.0937 1104 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\WINDOWS\system32\Drivers\PxHelp20.sys

10:54:54.0953 1104 PxHelp20 - ok

10:54:54.0984 1104 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

10:54:54.0984 1104 ql1080 - ok

10:54:55.0000 1104 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

10:54:55.0000 1104 Ql10wnt - ok

10:54:55.0046 1104 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

10:54:55.0046 1104 ql12160 - ok

10:54:55.0078 1104 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

10:54:55.0078 1104 ql1240 - ok

10:54:55.0109 1104 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

10:54:55.0109 1104 ql1280 - ok

10:54:55.0125 1104 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

10:54:55.0125 1104 RasAcd - ok

10:54:55.0171 1104 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

10:54:55.0171 1104 Rasl2tp - ok

10:54:55.0203 1104 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

10:54:55.0203 1104 RasPppoe - ok

10:54:55.0234 1104 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

10:54:55.0234 1104 Raspti - ok

10:54:55.0265 1104 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

10:54:55.0265 1104 Rdbss - ok

10:54:55.0281 1104 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

10:54:55.0296 1104 RDPCDD - ok

10:54:55.0312 1104 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

10:54:55.0328 1104 rdpdr - ok

10:54:55.0375 1104 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

10:54:55.0390 1104 RDPWD - ok

10:54:55.0437 1104 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

10:54:55.0437 1104 redbook - ok

10:54:55.0500 1104 rt2870 (c2a6f7f35e617744a65dbfb0c0a64adc) C:\WINDOWS\system32\DRIVERS\rt2870.sys

10:54:55.0515 1104 rt2870 - ok

10:54:55.0562 1104 RT61 (581e74880aeb1dba1cb5ac8e6e6c0a69) C:\WINDOWS\system32\DRIVERS\RT61.sys

10:54:55.0562 1104 RT61 - ok

10:54:55.0593 1104 RxFilter (80cae340f37b52d1cb75ff74e6a087cd) C:\WINDOWS\system32\DRIVERS\RxFilter.sys

10:54:55.0609 1104 RxFilter - ok

10:54:55.0656 1104 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

10:54:55.0656 1104 Secdrv - ok

10:54:55.0687 1104 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

10:54:55.0687 1104 serenum - ok

10:54:55.0718 1104 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

10:54:55.0718 1104 Serial - ok

10:54:55.0765 1104 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

10:54:55.0765 1104 Sfloppy - ok

10:54:55.0796 1104 Simbad - ok

10:54:55.0828 1104 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys

10:54:55.0828 1104 sisagp - ok

10:54:55.0859 1104 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

10:54:55.0859 1104 SLIP - ok

10:54:55.0906 1104 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

10:54:55.0906 1104 Sparrow - ok

10:54:55.0937 1104 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

10:54:55.0937 1104 splitter - ok

10:54:55.0968 1104 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

10:54:55.0968 1104 sr - ok

10:54:55.0984 1104 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

10:54:56.0000 1104 Srv - ok

10:54:56.0046 1104 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

10:54:56.0046 1104 streamip - ok

10:54:56.0062 1104 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

10:54:56.0062 1104 swenum - ok

10:54:56.0093 1104 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

10:54:56.0093 1104 swmidi - ok

10:54:56.0109 1104 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

10:54:56.0125 1104 symc810 - ok

10:54:56.0140 1104 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

10:54:56.0140 1104 symc8xx - ok

10:54:56.0171 1104 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

10:54:56.0171 1104 sym_hi - ok

10:54:56.0187 1104 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

10:54:56.0187 1104 sym_u3 - ok

10:54:56.0203 1104 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

10:54:56.0218 1104 sysaudio - ok

10:54:56.0265 1104 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

10:54:56.0281 1104 Tcpip - ok

10:54:56.0296 1104 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

10:54:56.0296 1104 TDPIPE - ok

10:54:56.0328 1104 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

10:54:56.0328 1104 TDTCP - ok

10:54:56.0343 1104 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

10:54:56.0359 1104 TermDD - ok

10:54:56.0375 1104 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys

10:54:56.0375 1104 TosIde - ok

10:54:56.0390 1104 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

10:54:56.0390 1104 Udfs - ok

10:54:56.0421 1104 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

10:54:56.0421 1104 ultra - ok

10:54:56.0437 1104 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

10:54:56.0437 1104 Update - ok

10:54:56.0500 1104 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys

10:54:56.0500 1104 USBAAPL - ok

10:54:56.0500 1104 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

10:54:56.0515 1104 usbaudio - ok

10:54:56.0531 1104 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

10:54:56.0531 1104 usbccgp - ok

10:54:56.0562 1104 USBCCID (6b5e4d5e6e5ecd6acd14aed59768ce5c) C:\WINDOWS\system32\DRIVERS\usbccid.sys

10:54:56.0562 1104 USBCCID - ok

10:54:56.0593 1104 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

10:54:56.0593 1104 usbehci - ok

10:54:56.0609 1104 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

10:54:56.0609 1104 usbhub - ok

10:54:56.0640 1104 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys

10:54:56.0640 1104 usbohci - ok

10:54:56.0671 1104 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

10:54:56.0671 1104 usbprint - ok

10:54:56.0703 1104 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

10:54:56.0703 1104 usbscan - ok

10:54:56.0750 1104 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

10:54:56.0765 1104 USBSTOR - ok

10:54:56.0765 1104 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

10:54:56.0765 1104 usbuhci - ok

10:54:56.0796 1104 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

10:54:56.0796 1104 VgaSave - ok

10:54:56.0828 1104 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

10:54:56.0828 1104 viaagp - ok

10:54:56.0843 1104 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

10:54:56.0843 1104 ViaIde - ok

10:54:56.0859 1104 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

10:54:56.0875 1104 VolSnap - ok

10:54:56.0906 1104 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

10:54:56.0921 1104 Wanarp - ok

10:54:56.0921 1104 wanatw - ok

10:54:56.0968 1104 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys

10:54:56.0984 1104 WDC_SAM - ok

10:54:57.0000 1104 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys

10:54:57.0015 1104 Wdf01000 - ok

10:54:57.0015 1104 WDICA - ok

10:54:57.0046 1104 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

10:54:57.0046 1104 wdmaud - ok

10:54:57.0093 1104 WinUSB (30fc6e5448d0cbaaa95280eeef7fedae) C:\WINDOWS\system32\DRIVERS\WinUSB.sys

10:54:57.0093 1104 WinUSB - ok

10:54:57.0156 1104 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

10:54:57.0187 1104 WpdUsb - ok

10:54:57.0218 1104 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

10:54:57.0234 1104 WSTCODEC - ok

10:54:57.0281 1104 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

10:54:57.0281 1104 WudfPf - ok

10:54:57.0328 1104 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

10:54:57.0328 1104 WudfRd - ok

10:54:57.0390 1104 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0

10:54:57.0390 1104 \Device\Harddisk0\DR0 - ok

10:54:57.0406 1104 Boot (0x1200) (874e2e39c12e5e59c35e501b9686ef7c) \Device\Harddisk0\DR0\Partition0

10:54:57.0406 1104 \Device\Harddisk0\DR0\Partition0 - ok

10:54:57.0406 1104 ============================================================

10:54:57.0406 1104 Scan finished

10:54:57.0406 1104 ============================================================

10:54:57.0421 2972 Detected object count: 0

10:54:57.0421 2972 Actual detected object count: 0

10:55:00.0625 4916 Deinitialize success

Link to post
Share on other sites

  1. Please download Restore Accessories Program Files Menu with accrestore.zip for XP
  2. Extract (unzip) the tool, double-click on it to run and ensure that the following check boxes are checked (as shown below):
    restore-start-menu-accessories-folder.png
  3. Then click on the Restore button.

Next:

Follow the instructions here to run ComboFix:

www.bleepingcomputer.com/combofix/how-to-use-combofix#use

When you are ready, please post the log.txt .

Link to post
Share on other sites

here is the combofix log

ComboFix 11-11-16.01 - Nicole 6/2011 Wed 18:41:49.2.4 - x86

Microsoft Windows XP Professional 5.1.2600.3.950.853.1033.18.3061.2107 [GMT -5:00]

Running from: c:\documents and settings\Nicole\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

.

((((((((((((((((((((((((((((((((((((((( Files deleted )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Application Data\.wtav

c:\documents and settings\All Users\Application Data\56EA.tmp

c:\documents and settings\All Users\Application Data\avbase.dat

c:\documents and settings\All Users\Application Data\TEMP

c:\documents and settings\Nicole\Local Settings\Application Data\exxg.exe

c:\documents and settings\Nicole\Local Settings\Application Data\itex.exe

c:\documents and settings\Nicole\Local Settings\Application Data\malc.exe

c:\documents and settings\Nicole\Local Settings\Application Data\pgae.exe

c:\documents and settings\Nicole\My Documents\~WRL1153.tmp

c:\documents and settings\Nicole\My Documents\~WRL2617.tmp

C:\Install.exe

c:\windows\assembly\GAC\__AssemblyInfo__.ini

c:\windows\CSC\d6

c:\windows\jestertb.dll

.

.

((((((((((((((((((((((((( Files created from 2011-10-16 to 2011-11-16 )))))))))))))))))))))))))))))))

.

.

2011-11-16 15:10 . 2011-11-16 15:10 -------- d-----w- c:\documents and settings\Administrator\Application Data\ASUS WebStorage

2011-11-14 01:41 . 2011-11-14 01:41 388096 ----a-r- c:\documents and settings\Nicole\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-11-14 01:41 . 2011-11-14 01:41 -------- d-----w- c:\program files\Trend Micro

2011-11-12 19:12 . 2011-11-12 19:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Citrix

2011-11-12 19:12 . 2011-11-12 19:12 -------- d-----w- c:\documents and settings\Nicole\Local Settings\Application Data\Citrix

2011-11-12 19:12 . 2011-11-12 19:12 -------- d-----w- c:\program files\Citrix

2011-11-12 18:56 . 2011-11-12 18:57 -------- d-----w- c:\documents and settings\Nicole\pdmcache

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-18 06:28 . 2010-10-28 00:39 6668624 ------w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll

2011-10-10 14:22 . 2004-08-11 22:12 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-09-28 07:06 . 2004-08-11 22:00 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-09-26 15:41 . 2007-10-09 17:03 611328 ----a-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 15:41 . 2004-08-11 22:00 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-26 15:41 . 2004-08-11 22:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll

2011-09-22 16:35 . 2008-04-24 18:53 29712 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2011-09-06 13:20 . 2004-08-11 22:00 1858944 ----a-w- c:\windows\system32\win32k.sys

2011-08-31 21:00 . 2010-10-29 21:26 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-08-22 23:48 . 2004-08-11 22:00 916480 ----a-w- c:\windows\system32\wininet.dll

2011-08-22 23:48 . 2004-08-11 22:00 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-08-22 23:48 . 2004-08-11 22:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-08-22 11:56 . 2004-08-11 22:00 385024 ----a-w- c:\windows\system32\html.iec

2009-09-13 04:05 . 2009-09-13 04:05 124240 ----a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll

2009-09-13 04:06 . 2009-09-13 04:06 13136 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll

2009-09-13 04:06 . 2009-09-13 04:06 70488 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll

2009-09-13 04:06 . 2009-09-13 04:06 91480 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll

2009-09-13 04:06 . 2009-09-13 04:06 22360 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll

2009-09-13 04:07 . 2009-09-13 04:07 255312 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll

2009-09-13 04:06 . 2009-09-13 04:06 31064 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll

2009-09-13 04:06 . 2009-09-13 04:06 40280 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll

2009-08-14 18:33 . 2009-08-14 18:33 652640 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll

2009-09-13 04:06 . 2009-09-13 04:06 23896 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll

2011-11-12 16:54 . 2011-11-12 16:54 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2010-06-11 18:05 . 2010-09-10 15:36 253952 ----a-w- c:\program files\mozilla firefox\components\CheckTudouVa.dll

2010-09-04 11:33 . 2009-11-19 03:43 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2011-03-18 2471240]

.

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]

2011-03-18 12:11 2471240 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2011-03-18 2471240]

.

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2011-03-18 2471240]

.

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]

@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"

[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]

@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"

[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-21 68856]

"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2010-04-17 3872080]

"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-06-30 2329224]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-09-04 30192]

"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2007-02-08 774168]

"Monitor"="c:\program files\LeapFrog\LeapFrog Connect\Monitor.exe" [2010-11-19 193880]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]

"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]

"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-01-25 421160]

"ASUS Sync Loader"="c:\program files\ASUS\ASUS Sync\asusUPCTLoader.exe" [2011-05-11 638976]

"ASUSWebStorage"="c:\program files\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-03-22 734544]

"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2009-09-13 103768]

.

c:\documents and settings\Nicole\Start Menu\Programs\Startup\

Picture Motion Browser Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2008-6-2 344064]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2010-07-15 16:30 12536 ----a-w- c:\windows\system32\avgrsstx.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\srv1424]

@="service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

"FirewallOverride"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"DisableNotifications"= 1 (0x1)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\CyberLink\\PowerDVD DX\\PowerDVD.exe"=

"c:\\Program Files\\CyberLink\\PowerDVD DX\\PDVDDXSrv.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=

"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=

"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=

"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=

"c:\\Program Files\\FileZilla FTP Client\\filezilla.exe"=

"c:\\Program Files\\Roxio\\Digital Home 10\\RoxioUPnPRenderer10.exe"=

"c:\\Program Files\\Roxio\\Creator Classic 10\\Creator10.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\LeapFrog\\LeapFrog Connect\\LeapFrogConnect.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\Azureus\\Azureus.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\ASUS\\ASUS Sync\\asusUPCTLoader.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"65530:UDP"= 65530:UDP:Azureus UDP

"65530:TCP"= 65530:TCP:Azureus

"67:UDP"= 67:UDP:DHCP Server

.

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [4/24/2008 1:53 PM 216400]

R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [4/24/2008 1:53 PM 243152]

R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [9/8/2009 6:13 PM 65584]

R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [9/16/2008 11:03 AM 169312]

R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [7/21/2010 8:22 PM 921952]

R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [7/15/2010 11:30 AM 308136]

R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [11/13/2009 11:28 AM 110592]

R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [6/16/2009 8:58 AM 20480]

R3 Alidevice;Alidevice;c:\windows\system32\drivers\alidevice.sys [3/8/2010 7:11 PM 6656]

S1 c2scsi;c2scsi;c:\windows\system32\drivers\c2scsi.sys [1/7/2009 7:05 PM 244736]

S2 ALIEHCD;ALi PCI to USB Enhanced Host Controller;c:\windows\system32\drivers\AliEhci.sys [5/21/2008 6:00 PM 104088]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5/21/2010 9:33 AM 135664]

S2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files\Roxio\Digital Home 10\RoxioUpnpService10.exe [8/24/2007 2:53 PM 362992]

S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [8/24/2007 2:52 PM 309744]

S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [8/24/2007 2:52 PM 166384]

S2 srv1424;srv1424;c:\windows\system32\svchost.exe -k netsvcs [8/11/2004 5:00 PM 14336]

S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]

S3 alihub;Generic Hub on USB 2.0 Bus;c:\windows\system32\drivers\AliHub.sys [5/21/2008 6:00 PM 17835]

S3 aliroothub;USB 2.0 Root Hub;c:\windows\system32\drivers\AliRtHub.sys [5/21/2008 6:00 PM 5337]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [10/27/2010 7:45 PM 947528]

S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [5/9/2009 8:01 PM 18560]

S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [4/21/2008 7:49 AM 30192]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [5/21/2010 9:33 AM 135664]

S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]

S3 MRVW225;Zonet 802.11g USB Drive for Windows XP;c:\windows\system32\drivers\MRVW225.sys [12/21/2005 4:44 PM 299904]

S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [8/24/2007 2:53 PM 72176]

S3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [8/24/2007 2:52 PM 1083888]

S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [3/5/2010 1:57 PM 11520]

S4 SessionLauncher;SessionLauncher;c:\docume~1\Nicole\LOCALS~1\Temp\DX9\SessionLauncher.exe --> c:\docume~1\Nicole\LOCALS~1\Temp\DX9\SessionLauncher.exe [?]

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

srv1424

.

Contents of the 'Scheduled Tasks' folder

.

2011-02-28 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:50]

.

2011-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-21 14:33]

.

2011-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-21 14:33]

.

2011-11-15 c:\windows\Tasks\MP Scheduled Scan.job

- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 00:20]

.

2011-11-16 c:\windows\Tasks\VersionCheck.job

- c:\documents and settings\All Users\Application Data\WSTB\verupd.exe [2011-09-21 16:11]

.

.

------- Supplementary Scan -------

.

mSearch Bar = hxxp://www.google.com/ie

uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5080421

uInternet Settings,ProxyOverride = local

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

TCP: DhcpNameServer = 192.168.1.1 71.250.0.12

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

FF - ProfilePath - c:\documents and settings\Nicole\Application Data\Mozilla\Firefox\Profiles\mkl2ntzb.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig

FF - prefs.js: keyword.URL - hxxp://search.internet-search-results.com/?sid=10101179100&s=

FF - prefs.js: network.proxy.type - 0

FF - user.js: browser.search.order.1 - Search

FF - user.js: keyword.URL - hxxp://search.internet-search-results.com/?sid=10101179100&s=

.

- - - - ORPHANS REMOVED - - - -

.

HKLM-Run-volmgr - c:\documents and settings\Nicole\Application Data\volmgr.exe

SafeBoot-klmdb.sys

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-11-16 18:55

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.ohci1394]

"ImagePath"="\*"

.

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\srv1424]

"servicedll"="\\?\globalroot\Device\HarddiskVolume2\WINDOWS\temp\srv1424.tmp"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(8772)

c:\windows\system32\WININET.dll

c:\program files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll

c:\progra~1\ASUS\ASUSWE~1\3084~1.161\ASUSWS~1.DLL

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\AVG\AVG9\avgchsvx.exe

c:\program files\AVG\AVG9\avgrsx.exe

c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe

c:\windows\System32\SCardSvr.exe

c:\program files\AVG\AVG9\avgcsrvx.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\LeapFrog\LeapFrog Connect\CommandService.exe

c:\windows\system32\PSIService.exe

c:\program files\AVG\AVG9\avgnsx.exe

c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\program files\Dell Support Center\bin\sprtsvc.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Windows Media Player\WMPNetwk.exe

c:\program files\AVG\AVG9\avgcsrvx.exe

c:\program files\Canon\CAL\CALMAIN.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\system32\conime.exe

c:\program files\Citrix\ICA Client\wfcrun32.exe

c:\program files\Common Files\LogiShrd\LComMgr\LVComSX.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe

.

**************************************************************************

.

Completion time: 2011-11-16 19:00:57 - machine was rebooted

ComboFix-quarantined-files.txt 2011-11-17 00:00

.

Pre-Run: 153,554,997,248 bytes free

Post-Run: 155,313,434,624 bytes free

.

- - End Of File - - 405FA363D0BC6E29DB05A4777D6E591C

Link to post
Share on other sites

Open Notepad and copy and paste the text in the code box below into it:

http://forums.malwarebytes.org/index.php?showtopic=99783

Collect::
c:\documents and settings\All Users\Application Data\WSTB\verupd.exe
c:\windows\Tasks\VersionCheck.job

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Azureus\\Azureus.exe"=-
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"65530:UDP"=-
"65530:TCP"=-

FireFox::
FF - ProfilePath - c:\documents and settings\Nicole\Application Data\Mozilla\Firefox\Profiles\mkl2ntzb.default\
FF - prefs.js: keyword.URL - hxxp://search.internet-search-results.com/?sid=10101179100&s=
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.search.order.1 - Search
FF - user.js: keyword.URL - hxxp://search.internet-search-results.com/?sid=10101179100&s=

Save the file to your desktop and name it CFScript.txt

Then drag the CFScript.txt into the ComboFix.exe as shown in the screenshot below.

CFScriptB-4.gif

This will start ComboFix again. It may ask to reboot. Post the contents of Combofix.txt in your next reply.

Note: These instructions and script were created specifically for this user. If you are not this user, do NOT follow these instructions or use this script as it could damage the workings of your system.

In your next post here, please include ComboFix.txt and let me know how are things there.

Link to post
Share on other sites

  • 2 weeks later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.