Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rootkit Infection?


  • This topic is locked This topic is locked
2 replies to this topic

#1 Clint G

Clint G

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Utah
  • Local time:05:45 PM

Posted 17 September 2009 - 04:05 PM

I posted in the wrong forum and am now trying to get help here as requested by the forum moderator.
I can't run DSS or HJT. I did run Rootrepeal and posted a log at the wrong forum. I have downloaded System Repair Engineer and here is a copy of the log:

2009-09-17,14:56:57

System Repair Engineer 2.8.1.1279
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 3 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been selected:
	All Boot Items (Including Registry, Startup Folders, Services and so on)
	Browser Add-ons
	Running Processes (Including process model information)
	File Associations
	Winsock Provider
	Autorun.Inf
	HOSTS File
	Process Privileges Scan
	Scheduled Tasks
	Windows Security Update Check
	API HOOK
	Hidden Process


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
	<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
	<load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
	<shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
	<Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
	<AppInit_DLLs><cru629.dat>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
	<UIHost><logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
	<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
	<PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
	<CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
	<WebCheck><C:\WINDOWS\system32\webcheck.dll>  [(Verified)Microsoft Windows]
	<SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
	<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
	<UPnPMonitor><C:\WINDOWS\system32\upnpui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
	<WinlogonNotify: avgrsstarter><avgrsstx.dll>  [(Verified)AVG Technologies]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
	<WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
	<WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
	<WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
	<WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
	<WinlogonNotify: igfxcui><igfxdev.dll>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
	<WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
	<WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
	<WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
	<WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
	<WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
	<WinlogonNotify: WgaLogon><WgaLogon.dll>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
	<WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
	<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
	<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
	<Internet Explorer Version Update><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
	<Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
	<Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{64633729-74ba-47eb-9edb-45ed41979959}]
	<N/A><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
	<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
	<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
	<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
	<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
	<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
	<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
	<Address Book 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
	<Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
	<Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
	<N/A><c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
	<SCRNSAVE.EXE><C:\WINDOWS\system32\GPhotos.scr>  [Google Inc.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
	<Ad-Watch><; C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe>  [(Verified)Lavasoft AB]
	<Adobe Reader Speed Launcher><; "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe">  [(Verified)"Adobe Systems, Incorporated"]
	<AVG8_TRAY><; C:\PROGRA~1\AVG\AVG8\avgtray.exe>  [(Verified)AVG Technologies]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
	<BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}><; "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe">  [(Verified)Nero AG]
	<ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
	<HP Software Update><; C:\Program Files\HP\HP Software Update\HPWuSchd2.exe>  [Hewlett-Packard Co.]
	<igfxhkcmd><; C:\WINDOWS\system32\hkcmd.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
	<igfxpers><; C:\WINDOWS\system32\igfxpers.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
	<igfxtray><; C:\WINDOWS\system32\igfxtray.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
	<Monopod><; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\a.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
	<NeroFilterCheck><; C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe>  [(Verified)Nero AG]
	<PDVDDXSrv><; "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe">  [(Verified)CyberLink]
	<RoxioAudioCentral><; "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe">  [Roxio, Inc.]
	<RoxioDragToDisc><; "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe">  [Roxio]
	<RoxioEngineUtility><; "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe">  [Roxio]
	<SoundMAXPnP><; C:\Program Files\Analog Devices\Core\smax4pnp.exe>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
	<SunJavaUpdateSched><; "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe">  [(Verified)"Sun Microsystems, Inc."]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
	<swg><; "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe">  [(Verified)Google Inc]

==================================
Startup Folders
N/A

==================================
Services
[AVG Free8 E-mail Scanner / avg8emc][Stopped/Auto Start]
  <C:\PROGRA~1\AVG\AVG8\avgemc.exe><AVG Technologies CZ, s.r.o.>
[AVG Free8 WatchDog / avg8wd][Running/Auto Start]
  <C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe><AVG Technologies CZ, s.r.o.>
[Google Software Updater / gusvc][Stopped/Manual Start]
  <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[hpqcxs08 / hpqcxs08][Running/Manual Start]
  <C:\WINDOWS\system32\svchost.exe -k hpdevmgmt-->C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll><Hewlett-Packard Co.>
[HP CUE DeviceDiscovery Service / hpqddsvc][Running/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k hpdevmgmt-->C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll><Hewlett-Packard Co.>
[Lavasoft Ad-Aware Service / Lavasoft Ad-Aware Service][Stopped/Auto Start]
  <"C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe"><Lavasoft>
[NBService / NBService][Stopped/Manual Start]
  <C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe><Nero AG>
[Net Driver HPZ12 / Net Driver HPZ12][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k HPZ12-->C:\WINDOWS\system32\HPZinw12.dll><Hewlett-Packard>
[NMIndexingService / NMIndexingService][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe"><Nero AG>
[Pml Driver HPZ12 / Pml Driver HPZ12][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k HPZ12-->C:\WINDOWS\system32\HPZipm12.dll><Hewlett-Packard>

==================================
Drivers
[a320raid / a320raid][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\a320raid.sys><Adaptec, Inc.>
[PERC 320/DC SCSI RAID Miniport Driver / aac][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\aac.sys><Adaptec, Inc.>
[aarich / aarich][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\aarich.sys><Adaptec, Inc.>
[Adaptec Ultra320 SCSI Cards / adpu320][Running/Boot Start]
  <\SystemRoot\system32\drivers\adpu320.sys><Adaptec, Inc.>
[AVG Free AVI Loader Driver x86 / AvgLdx86][Running/System Start]
  <\SystemRoot\System32\Drivers\avgldx86.sys><AVG Technologies CZ, s.r.o.>
[AVG Free On-access Scanner Minifilter Driver x86 / AvgMfx86][Running/System Start]
  <\SystemRoot\System32\Drivers\avgmfx86.sys><AVG Technologies CZ, s.r.o.>
[AVG Free8 Network Redirector / AvgTdiX][Running/System Start]
  <\SystemRoot\System32\Drivers\avgtdix.sys><AVG Technologies CZ, s.r.o.>
[Broadcom NetXtreme 57xx Gigabit Controller / b57w2k][Running/Manual Start]
  <system32\DRIVERS\b57xp32.sys><Broadcom Corporation>
[catchme / catchme][Stopped/Manual Start]
  <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys><N/A>
[DELL CERC SATA 1.5/6ch RAID Miniport Driver / cercsr6][Running/Boot Start]
  <\SystemRoot\system32\drivers\cercsr6.sys><Adaptec, Inc.>
[Intel(R) PRO/1000 Adapter Driver / E1000][Stopped/Manual Start]
  <system32\DRIVERS\e1000325.sys><Intel Corporation>
[fasttx2k / fasttx2k][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\fasttx2k.sys><Promise Technology, Inc.>
[IEEE-1284.4 Driver HPZid412 / HPZid412][Stopped/Manual Start]
  <system32\DRIVERS\HPZid412.sys><HP>
[Print Class Driver for IEEE-1284.4 HPZipr12 / HPZipr12][Stopped/Manual Start]
  <system32\DRIVERS\HPZipr12.sys><HP>
[USB to IEEE-1284.4 Translation Driver HPZius12 / HPZius12][Stopped/Manual Start]
  <system32\DRIVERS\HPZius12.sys><HP>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[Intel AHCI/RAID Controller / iaStor][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\iaStor.sys><Intel Corporation>
[Lbd / Lbd][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\Lbd.sys><Lavasoft AB>
[DELL PERC RAID Driver / megasas][Running/Boot Start]
  <\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[senfilt / senfilt][Running/Manual Start]
  <system32\drivers\senfilt.sys><Creative Technology Ltd.>
[smwdm / smwdm][Running/Manual Start]
  <system32\drivers\smwdm.sys><Analog Devices, Inc.>
[Symmpi / Symmpi][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\symmpi.sys><LSI Logic>
[vmscsi / vmscsi][Stopped/Disabled]
  <system32\drivers\vmscsi.sys><VMware, Inc.>

==================================
Browser Add-ons
[&Yahoo! Toolbar Helper]
  {02478D38-C3F9-4efb-9B51-7695ECA05670} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[AVG Security Toolbar BHO]
  {A3BC75A2-1F87-4686-AA43-5347D756017C} <C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll, (Signed) >
[Java Plug-in 1.6.0_07]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[]
  {53F6FCCD-9E22-4d71-86EA-6E43136192AB} <, >
[ClipBookBtn Class]
  {58ECB495-38F0-49cb-A538-10282ABF65E7} <C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll, (Signed) Hewlett-Packard Co.>
[EnhSelectionBtn Class]
  {700259D7-1666-479a-93B1-3250410481E8} <C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll, (Signed) Hewlett-Packard Co.>
[]
  {925DAB62-F9AC-4221-806A-057BFB1014AA} <, >
[&Research]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation>
[]
  {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[Yahoo! Toolbar]
  {EF99BD32-C1FB-11D2-892F-0090271D4F88} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[Google Toolbar]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll, (Signed) Google Inc.>
[MSN Toolbar]
  {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} <C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll, (Signed) Microsoft Corp.>
[AVG Security Toolbar]
  {CCC7A320-B3CA-4199-B1A6-9F516DD69829} <C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll, (Signed) >
[Shockwave ActiveX Control]
  {166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\Adobe\Director\SwDir.dll, (Signed) Adobe Systems, Inc.>
[WebIQ Engine Application Object]
  {315B0BFB-2BD4-481B-80A3-A9B80727C61B} <C:\Program Files\Usability Sciences\WebIQ Engine\WebIQEngine.dll, (Signed) Usability Sciences Corporation>
[MSN Photo Upload Tool]
  {4F1E5B1A-2A80-42CA-8532-2D05CB959537} <C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll, (Signed) Microsoft® Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[Symantec Download Manager]
  {6A344D34-5231-452A-8A57-D064AC9B7862} <C:\WINDOWS\Downloaded Program Files\symdlmgr.dll, Symantec Corporation>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[Java Plug-in 1.6.0_07]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[]
  {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <, >
[Java Plug-in 1.6.0_07]
  {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_07]
  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll, (Signed) Sun Microsystems, Inc.>
[Google Script Object]
  {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll, (Signed) Google Inc.>
[&Yahoo! Toolbar Helper]
  {02478D38-C3F9-4EFB-9B51-7695ECA05670} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[HP Print Enhancer]
  {0347C33E-8762-4905-BF09-768834316C61} <C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll, (Signed) Hewlett-Packard Co.>
[HP Print Clips]
  {053F9267-DC04-4294-A72C-58F732D338C0} <C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll, (Signed) Hewlett-Packard Co.>
[ActiveMovieControl Object]
  {05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, >
[]
  {14528701-EB26-4DDD-BDF3-5B3A3BF85CA5} <, >
[Shockwave ActiveX Control]
  {166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\Adobe\Director\SwDir.dll, (Signed) Adobe Systems, Inc.>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, (Signed) Microsoft Corporation>
[Adobe PDF Link Helper]
  {18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[InformationCardSigninHelper Class]
  {19916E01-B44E-4E31-94A4-4696DF46157B} <C:\WINDOWS\system32\icardie.dll, (Signed) Microsoft Corporation>
[MSN Toolbar]
  {1E61ED7C-7CB8-49D6-B9E9-AB4C880C8414} <C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll, (Signed) Microsoft Corp.>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[]
  {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} <, >
[Google Toolbar]
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll, (Signed) Google Inc.>
[Shockwave ActiveX Control]
  {233C1507-6A77-46A4-9443-F871F945D258} <C:\WINDOWS\system32\Adobe\Director\swdir.dll, (Signed) Adobe Systems, Inc.>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[WebIQ Engine Application Object]
  {315B0BFB-2BD4-481B-80A3-A9B80727C61B} <C:\Program Files\Usability Sciences\WebIQ Engine\WebIQEngine.dll, (Signed) Usability Sciences Corporation>
[]
  {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} <, >
[]
  {3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEBF} <, >
[]
  {3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEC0} <, >
[Microsoft Office Control]
  {4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} <C:\PROGRA~1\MICROS~3\OFFICE11\AUTHZAX.DLL, (Signed) Microsoft Corporation>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[]
  {49232000-16E4-426C-A231-62846947304B} <, >
[]
  {4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E} <, >
[RBEventsXML Class]
  {4C1F42FC-C61D-4CF7-A22A-5E0724A28798} <C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprbxml.dll, Hewlett-Packard Co.>
[Microsoft Terminal Services Client Control (redist)]
  {4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
  {4EDCB26C-D24C-4e72-AF07-B576699AC0DE} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[MSN Photo Upload Tool]
  {4F1E5B1A-2A80-42CA-8532-2D05CB959537} <C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll, (Signed) Microsoft® Corporation>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, (Signed) Microsoft Corporation>
[]
  {53F6FCCD-9E22-4D71-86EA-6E43136192AB} <, >
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[]
  {58ECB495-38F0-49CB-A538-10282ABF65E7} <, >
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[Symantec Download Manager]
  {6A344D34-5231-452A-8A57-D064AC9B7862} <C:\WINDOWS\Downloaded Program Files\symdlmgr.dll, Symantec Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[]
  {6D53EC84-6AAE-4787-AEEE-F4628F01010C} <, >
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[]
  {700259D7-1666-479A-93B1-3250410481E8} <, >
[]
  {732E5459-A239-4E08-A411-2C6CCF313F1D} <, >
[Microsoft Terminal Services Client Control (redist)]
  {7390f3d8-0439-4c05-91e3-cf5cb290c3d0} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
  {7584c670-2274-4efb-b00b-d6aaba6d3850} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[XML DOM Document 4.0]
  {88D969C0-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XML HTTP 4.0]
  {88D969C5-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XML DOM Document 6.0]
  {88D96A05-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[Free Threaded XML DOM Document 6.0]
  {88D96A06-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[XSL Template 6.0]
  {88D96A08-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[XML HTTP 6.0]
  {88D96A0A-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[]
  {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <, >
[Microsoft Terminal Services Client Control (redist)]
  {9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[]
  {925DAB62-F9AC-4221-806A-057BFB1014AA} <, >
[]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[AVG Security Toolbar BHO]
  {A3BC75A2-1F87-4686-AA43-5347D756017C} <C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll, (Signed) >
[]
  {A526A2C7-723E-4081-BF70-A7A9913E8C4A} <, >
[Google Toolbar Helper]
  {AA58ED58-01DD-4D91-8333-CF10577473F7} <C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll, (Signed) Google Inc.>
[Google Toolbar Notifier BHO]
  {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\5.2.4329.1504\swg.dll, (Signed) Google Inc.>
[Google Dictionary Compression sdch]
  {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} <C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll, (Signed) Google Inc.>
[Adobe PDF Reader]
  {CA8A9780-280D-11CF-A24D-444553540000} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll, (Signed) Adobe Systems, Inc.>
[AVG Security Toolbar]
  {CCC7A320-B3CA-4199-B1A6-9F516DD69829} <C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll, (Signed) >
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[]
  {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} <, >
[Microsoft Url Search Hook]
  {CFBFAE00-17A6-11D0-99CB-00C04FD64497} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.>
[MSN Toolbar Helper]
  {D2CE3E00-F94A-4740-988E-03DC2F38C34F} <C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll, (Signed) Microsoft Corp.>
[QuickTimeCheck Class]
  {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} <C:\WINDOWS\system32\QUICKT~1.OCX, Apple Computer, Inc.>
[Microsoft Silverlight]
  {DFEAF541-F3E1-4C24-ACAC-99C30715084A} <c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll, (Signed)  Microsoft Corporation>
[]
  {E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[]
  {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} <, >
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[Yahoo! Toolbar]
  {EF99BD32-C1FB-11D2-892F-0090271D4F88} <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[XML DOM Document 3.0]
  {F5078F32-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[]
  {FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[SingleInstance Class]
  {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} <C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll, (Signed) Yahoo! Inc>
[Add to Google Photos Screensa&ver]
  <res://C:\WINDOWS\system32\GPhotos.scr/200, N/A>
[E&xport to Microsoft Excel]
  <res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
Running Processes
[PID: 640 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 688 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 712 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
	[C:\WINDOWS\system32\avgrsstx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 756 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]
[PID: 768 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[PID: 936 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1004 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
	[\\?\globalroot\Device\__max++>\5EFAB6B2.x86.dll]  [N/A, ]
[PID: 1044 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
	[\\?\globalroot\Device\__max++>\5EFAB6B2.x86.dll]  [N/A, ]
[PID: 1132 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1164 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
	[\\?\globalroot\Device\__max++>\5EFAB6B2.x86.dll]  [N/A, ]
[PID: 1356 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
	[\\?\globalroot\Device\__max++>\5EFAB6B2.x86.dll]  [N/A, ]
	[C:\WINDOWS\system32\hpz3l5ha.dll]  [Hewlett-Packard Company, 61.071.244.00]
	[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp5ha.dll]  [Hewlett-Packard Corporation, 61.071.244.00]
[PID: 1540 / Administrator][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
	[C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll]  [Sun Microsystems, Inc., 3.00]
	[C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\stlport_vc7145.dll]  [STLport Consulting, Inc., 4.5.2003.0120]
	[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 9.1.0.2009022700]
	[C:\WINDOWS\system32\igfxpph.dll]  [Intel Corporation, 3.0.0.4410]
	[C:\WINDOWS\system32\hccutils.DLL]  [Intel Corporation, 3.0.0.4410]
	[C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3.0.0.4410]
	[C:\WINDOWS\system32\igfxress.dll]  [Intel Corporation, 3.0.0.4410]
	[C:\WINDOWS\system32\igfxsrvc.dll]  [Intel Corporation, 3.0.0.4410]
	[C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll]  [Nero AG, 2, 7, 3, 2]
	[C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
	[C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
	[C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
	[C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll]  [Malwarebytes Corporation, 1, 2, 0, 0]
	[C:\Program Files\AVG\AVG8\avgse.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 1596 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1692 / SYSTEM][C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avglogx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\PROGRA~1\AVG\AVG8\avgwd.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\PROGRA~1\AVG\AVG8\avgcfgx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\PROGRA~1\AVG\AVG8\avgamnot.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\PROGRA~1\AVG\AVG8\avgsched.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\PROGRA~1\AVG\AVG8\avgwdwsc.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\PROGRA~1\AVG\AVG8\avglngx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 1740 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
	[c:\program files\hp\digital imaging\bin\hpqddsvc.dll]  [Hewlett-Packard Co., 110.0.180.000]
	[c:\program files\hp\digital imaging\bin\hpqddcmn.dll]  [Hewlett-Packard Co., 110.0.180.000]
	[c:\program files\hp\digital imaging\bin\hpqcxs08.dll]  [Hewlett-Packard Co., 120.0.194.000]
[PID: 1768 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
	[c:\windows\system32\hpzinw12.dll]  [Hewlett-Packard, 12,1,2,54]
[PID: 1816 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
	[c:\windows\system32\hpzipm12.dll]  [Hewlett-Packard, 12,1,2,54]
[PID: 1924 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 580 / SYSTEM][C:\PROGRA~1\AVG\AVG8\avgrsx.exe]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avglogx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\PROGRA~1\AVG\AVG8\avgcorex.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.408]
	[C:\PROGRA~1\AVG\AVG8\avgcrlpx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
[PID: 588 / SYSTEM][C:\PROGRA~1\AVG\AVG8\avgnsx.exe]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\Program Files\AVG\AVG8\avglogx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[C:\PROGRA~1\AVG\AVG8\avgcfgx.dll]  [AVG Technologies CZ, s.r.o., 8.5.0.401]
	[\\?\globalroot\Device\__max++>\5EFAB6B2.x86.dll]  [N/A, ]
[PID: 900 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 1736 / Administrator][C:\WINDOWS\msb.exe]  [N/A, ]
	[\\?\globalroot\Device\__max++>\5EFAB6B2.x86.dll]  [N/A, ]
[PID: 2508 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
	[\\?\globalroot\Device\__max++>\5EFAB6B2.x86.dll]  [N/A, ]
[PID: 3760 / Administrator][C:\Documents and Settings\Administrator\Desktop\System Repair Engineer\SREngLdr.EXE]  [Smallfrogs Studio, 2.8.1.1279]
[PID: 3768 / Administrator][C:\Documents and Settings\Administrator\Desktop\System Repair Engineer\SREebd36e6a.EXE]  [Smallfrogs Studio, 2.8.1.1279]
	[C:\Documents and Settings\Administrator\Desktop\System Repair Engineer\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
	[\\?\globalroot\Device\__max++>\5EFAB6B2.x86.dll]  [N/A, ]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1 localhost

==================================
Process Privileges Scan
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3760, C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DESKTOP\SYSTEM REPAIR ENGINEER\SRENGLDR.EXE]

==================================
Scheduled Tasks
[Enabled] {BB65B0FB-5712-401b-B616-E69AC55E2757}.job
		C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\a.exe 
[Enabled] {7B02EF0B-A410-4938-8480-9BA26420A627}.job
		C:\WINDOWS\msb.exe 
[Enabled] PCConfidential.job
		C:\Program Files\Winferno\PC Confidential\PCConfidential.exe 
[Enabled] Ad-Aware Update (Weekly).job
		C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe 

==================================
Windows Security Update Check
N/A

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================

Please help.

Here is the RootRepeal Log:

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/09/17 11:08
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: a320raid.sys
Image Path: a320raid.sys
Address: 0xF742F000 Size: 237568 File Visible: - Signed: -
Status: -

Name: aac.sys
Image Path: aac.sys
Address: 0xF7647000 Size: 36224 File Visible: - Signed: -
Status: -

Name: aarich.sys
Image Path: aarich.sys
Address: 0xF7860000 Size: 225280 File Visible: - Signed: -
Status: -

Name: ACPI.sys
Image Path: ACPI.sys
Address: 0xF75A8000 Size: 187776 File Visible: - Signed: -
Status: -

Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x804D7000 Size: 2260992 File Visible: - Signed: -
Status: -

Name: adpu160m.sys
Image Path: adpu160m.sys
Address: 0xF7469000 Size: 101888 File Visible: - Signed: -
Status: -

Name: adpu320.sys
Image Path: adpu320.sys
Address: 0xF740B000 Size: 147456 File Visible: - Signed: -
Status: -

Name: afd.sys
Image Path: C:\WINDOWS\System32\drivers\afd.sys
Address: 0xA95EE000 Size: 138496 File Visible: - Signed: -
Status: -

Name: aic78u2.sys
Image Path: aic78u2.sys
Address: 0xF7637000 Size: 55168 File Visible: - Signed: -
Status: -

Name: aic78xx.sys
Image Path: aic78xx.sys
Address: 0xF7627000 Size: 56960 File Visible: - Signed: -
Status: -

Name: atapi.sys
Image Path: atapi.sys
Address: 0xF749A000 Size: 96512 File Visible: - Signed: -
Status: -

Name: ATMFD.DLL
Image Path: C:\WINDOWS\System32\ATMFD.DLL
Address: 0xBFFA0000 Size: 286720 File Visible: - Signed: -
Status: -

Name: audstub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\audstub.sys
Address: 0xBA76A000 Size: 3072 File Visible: - Signed: -
Status: -

Name: avgldx86.sys
Image Path: C:\WINDOWS\System32\Drivers\avgldx86.sys
Address: 0xA9462000 Size: 328576 File Visible: - Signed: -
Status: -

Name: avgmfx86.sys
Image Path: C:\WINDOWS\System32\Drivers\avgmfx86.sys
Address: 0xF7777000 Size: 21120 File Visible: - Signed: -
Status: -

Name: avgtdix.sys
Image Path: C:\WINDOWS\System32\Drivers\avgtdix.sys
Address: 0xA965E000 Size: 101888 File Visible: - Signed: -
Status: -

Name: b57xp32.sys
Image Path: C:\WINDOWS\system32\DRIVERS\b57xp32.sys
Address: 0xB9BFA000 Size: 132608 File Visible: - Signed: -
Status: -

Name: BOOTVID.dll
Image Path: C:\WINDOWS\system32\BOOTVID.dll
Address: 0xF7897000 Size: 12288 File Visible: - Signed: -
Status: -

Name: Cdfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Address: 0xA8A78000 Size: 63744 File Visible: - Signed: -
Status: -

Name: cdrom.sys
Image Path: C:\WINDOWS\system32\DRIVERS\cdrom.sys
Address: 0xBA8DD000 Size: 62976 File Visible: - Signed: -
Status: -

Name: cdudf_xp.SYS
Image Path: C:\WINDOWS\System32\Drivers\cdudf_xp.SYS
Address: 0xA978A000 Size: 249344 File Visible: - Signed: -
Status: -

Name: cercsr6.sys
Image Path: cercsr6.sys
Address: 0xF7717000 Size: 29120 File Visible: - Signed: -
Status: -

Name: CLASSPNP.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Address: 0xF7667000 Size: 53248 File Visible: - Signed: -
Status: -

Name: disk.sys
Image Path: disk.sys
Address: 0xF7657000 Size: 36352 File Visible: - Signed: -
Status: -

Name: dmio.sys
Image Path: dmio.sys
Address: 0xF74B2000 Size: 153344 File Visible: - Signed: -
Status: -

Name: dmload.sys
Image Path: dmload.sys
Address: 0xF798D000 Size: 5888 File Visible: - Signed: -
Status: -

Name: drmk.sys
Image Path: C:\WINDOWS\system32\drivers\drmk.sys
Address: 0xBA90D000 Size: 61440 File Visible: - Signed: -
Status: -

Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xA944A000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF79F7000 Size: 8192 File Visible: No Signed: -
Status: -

Name: dvd_2K.SYS
Image Path: C:\WINDOWS\System32\Drivers\dvd_2K.SYS
Address: 0xF772F000 Size: 20512 File Visible: - Signed: -
Status: -

Name: Dxapi.sys
Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys
Address: 0xA96FB000 Size: 12288 File Visible: - Signed: -
Status: -

Name: dxg.sys
Image Path: C:\WINDOWS\System32\drivers\dxg.sys
Address: 0xBF9C3000 Size: 73728 File Visible: - Signed: -
Status: -

Name: dxgthk.sys
Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys
Address: 0xA986B000 Size: 4096 File Visible: - Signed: -
Status: -

Name: fasttx2k.sys
Image Path: fasttx2k.sys
Address: 0xF783D000 Size: 140544 File Visible: - Signed: -
Status: -

Name: Fips.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fips.SYS
Address: 0xF7527000 Size: 44544 File Visible: - Signed: -
Status: -

Name: fltmgr.sys
Image Path: fltmgr.sys
Address: 0xBAFE0000 Size: 129792 File Visible: - Signed: -
Status: -

Name: Fs_Rec.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Address: 0xF79AD000 Size: 7936 File Visible: - Signed: -
Status: -

Name: ftdisk.sys
Image Path: ftdisk.sys
Address: 0xF74D8000 Size: 125056 File Visible: - Signed: -
Status: -

Name: hal.dll
Image Path: C:\WINDOWS\system32\hal.dll
Address: 0x806FF000 Size: 134400 File Visible: - Signed: -
Status: -

Name: HIDCLASS.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS
Address: 0xA914A000 Size: 36864 File Visible: - Signed: -
Status: -

Name: HIDPARSE.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS
Address: 0xF7757000 Size: 28672 File Visible: - Signed: -
Status: -

Name: hidusb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\hidusb.sys
Address: 0xA8A74000 Size: 10368 File Visible: - Signed: -
Status: -

Name: HTTP.sys
Image Path: C:\WINDOWS\System32\Drivers\HTTP.sys
Address: 0xA8857000 Size: 264832 File Visible: - Signed: -
Status: -

Name: ialmdd5.DLL
Image Path: C:\WINDOWS\System32\ialmdd5.DLL
Address: 0xBFA3A000 Size: 929792 File Visible: - Signed: -
Status: -

Name: ialmdev5.DLL
Image Path: C:\WINDOWS\System32\ialmdev5.DLL
Address: 0xBFA05000 Size: 217088 File Visible: - Signed: -
Status: -

Name: ialmdnt5.dll
Image Path: C:\WINDOWS\System32\ialmdnt5.dll
Address: 0xBF9E3000 Size: 139264 File Visible: - Signed: -
Status: -

Name: ialmnt5.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
Address: 0xB9C2F000 Size: 1302688 File Visible: - Signed: -
Status: -

Name: ialmrnt5.dll
Image Path: C:\WINDOWS\System32\ialmrnt5.dll
Address: 0xBF9D5000 Size: 57344 File Visible: - Signed: -
Status: -

Name: iaStor.sys
Image Path: iaStor.sys
Address: 0xF7B1F000 Size: 786432 File Visible: - Signed: -
Status: -

Name: imapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\imapi.sys
Address: 0xBA8ED000 Size: 42112 File Visible: - Signed: -
Status: -

Name: intelide.sys
Image Path: intelide.sys
Address: 0xF798B000 Size: 5504 File Visible: - Signed: -
Status: -

Name: intelppm.sys
Image Path: C:\WINDOWS\system32\DRIVERS\intelppm.sys
Address: 0xBA91D000 Size: 36352 File Visible: - Signed: -
Status: -

Name: ipnat.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipnat.sys
Address: 0xA9638000 Size: 152832 File Visible: - Signed: -
Status: -

Name: ipsec.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipsec.sys
Address: 0xA96D0000 Size: 75264 File Visible: - Signed: -
Status: -

Name: isapnp.sys
Image Path: isapnp.sys
Address: 0xF75F7000 Size: 37248 File Visible: - Signed: -
Status: -

Name: kbdclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Address: 0xF7817000 Size: 24576 File Visible: - Signed: -
Status: -

Name: kbdhid.sys
Image Path: C:\WINDOWS\system32\DRIVERS\kbdhid.sys
Address: 0xA8650000 Size: 14592 File Visible: - Signed: -
Status: -

Name: KDCOM.DLL
Image Path: C:\WINDOWS\system32\KDCOM.DLL
Address: 0xF7987000 Size: 8192 File Visible: - Signed: -
Status: -

Name: kmixer.sys
Image Path: C:\WINDOWS\system32\drivers\kmixer.sys
Address: 0xA8714000 Size: 172416 File Visible: - Signed: -
Status: -

Name: ks.sys
Image Path: C:\WINDOWS\system32\drivers\ks.sys
Address: 0xB9B4F000 Size: 143360 File Visible: - Signed: -
Status: -

Name: KSecDD.sys
Image Path: KSecDD.sys
Address: 0xBAF17000 Size: 92928 File Visible: - Signed: -
Status: -

Name: Lbd.sys
Image Path: Lbd.sys
Address: 0xF7677000 Size: 57472 File Visible: - Signed: -
Status: -

Name: megasas.sys
Image Path: megasas.sys
Address: 0xF771F000 Size: 17664 File Visible: - Signed: -
Status: -

Name: mnmdd.SYS
Image Path: C:\WINDOWS\System32\Drivers\mnmdd.SYS
Address: 0xF79AF000 Size: 4224 File Visible: - Signed: -
Status: -

Name: mouclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mouclass.sys
Address: 0xF781F000 Size: 23040 File Visible: - Signed: -
Status: -

Name: mouhid.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mouhid.sys
Address: 0xA8634000 Size: 12160 File Visible: - Signed: -
Status: -

Name: MountMgr.sys
Image Path: MountMgr.sys
Address: 0xF7607000 Size: 42368 File Visible: - Signed: -
Status: -

Name: mrxdav.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Address: 0xA9085000 Size: 180608 File Visible: - Signed: -
Status: -

Name: mrxsmb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Address: 0xA94B3000 Size: 455296 File Visible: - Signed: -
Status: -

Name: Msfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS
Address: 0xF7767000 Size: 19072 File Visible: - Signed: -
Status: -

Name: msgpc.sys
Image Path: C:\WINDOWS\system32\DRIVERS\msgpc.sys
Address: 0xF76C7000 Size: 35072 File Visible: - Signed: -
Status: -

Name: mssmbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Address: 0xBADDF000 Size: 15488 File Visible: - Signed: -
Status: -

Name: Mup.sys
Image Path: Mup.sys
Address: 0xBAE43000 Size: 105344 File Visible: - Signed: -
Status: -

Name: NDIS.sys
Image Path: NDIS.sys
Address: 0xBAE5D000 Size: 182656 File Visible: - Signed: -
Status: -

Name: ndistapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Address: 0xBADFB000 Size: 10112 File Visible: - Signed: -
Status: -

Name: ndisuio.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Address: 0xA930A000 Size: 14592 File Visible: - Signed: -
Status: -

Name: ndiswan.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Address: 0xB9A54000 Size: 91520 File Visible: - Signed: -
Status: -

Name: NDProxy.SYS
Image Path: C:\WINDOWS\System32\Drivers\NDProxy.SYS
Address: 0xF76F7000 Size: 40576 File Visible: - Signed: -
Status: -

Name: netbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbios.sys
Address: 0xF7537000 Size: 34688 File Visible: - Signed: -
Status: -

Name: netbt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbt.sys
Address: 0xA9610000 Size: 162816 File Visible: - Signed: -
Status: -

Name: Npfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS
Address: 0xF776F000 Size: 30848 File Visible: - Signed: -
Status: -

Name: Ntfs.sys
Image Path: Ntfs.sys
Address: 0xBAE8A000 Size: 574976 File Visible: - Signed: -
Status: -

Name: ntoskrnl.exe
Image Path: C:\WINDOWS\system32\ntoskrnl.exe
Address: 0x804D7000 Size: 2260992 File Visible: - Signed: -
Status: -

Name: Null.SYS
Image Path: C:\WINDOWS\System32\Drivers\Null.SYS
Address: 0xF7AAF000 Size: 2944 File Visible: - Signed: -
Status: -

Name: parport.sys
Image Path: C:\WINDOWS\system32\DRIVERS\parport.sys
Address: 0xB9A88000 Size: 80128 File Visible: - Signed: -
Status: -

Name: PartMgr.sys
Image Path: PartMgr.sys
Address: 0xF770F000 Size: 19712 File Visible: - Signed: -
Status: -

Name: pci.sys
Image Path: pci.sys
Address: 0xF7597000 Size: 68224 File Visible: - Signed: -
Status: -

Name: pciide.sys
Image Path: pciide.sys
Address: 0xF7A4F000 Size: 3328 File Visible: - Signed: -
Status: -

Name: PCIIDEX.SYS
Image Path: C:\WINDOWS\System32\DRIVERS\PCIIDEX.SYS
Address: 0xF7707000 Size: 28672 File Visible: - Signed: -
Status: -

Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x804D7000 Size: 2260992 File Visible: - Signed: -
Status: -

Name: portcls.sys
Image Path: C:\WINDOWS\system32\drivers\portcls.sys
Address: 0xB9B72000 Size: 147456 File Visible: - Signed: -
Status: -

Name: psched.sys
Image Path: C:\WINDOWS\system32\DRIVERS\psched.sys
Address: 0xB9A43000 Size: 69120 File Visible: - Signed: -
Status: -

Name: ptilink.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ptilink.sys
Address: 0xF7807000 Size: 17792 File Visible: - Signed: -
Status: -

Name: pwd_2k.SYS
Image Path: C:\WINDOWS\System32\Drivers\pwd_2k.SYS
Address: 0xB9A6B000 Size: 116512 File Visible: - Signed: -
Status: -

Name: PxHelp20.sys
Image Path: PxHelp20.sys
Address: 0xF7687000 Size: 36320 File Visible: - Signed: -
Status: -

Name: rasacd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasacd.sys
Address: 0xF7947000 Size: 8832 File Visible: - Signed: -
Status: -

Name: rasl2tp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Address: 0xBA8BD000 Size: 51328 File Visible: - Signed: -
Status: -

Name: raspppoe.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Address: 0xBA8AD000 Size: 41472 File Visible: - Signed: -
Status: -

Name: raspptp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspptp.sys
Address: 0xF76B7000 Size: 48384 File Visible: - Signed: -
Status: -

Name: raspti.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspti.sys
Address: 0xF780F000 Size: 16512 File Visible: - Signed: -
Status: -

Name: RAW
Image Path: \FileSystem\RAW
Address: 0x804D7000 Size: 2260992 File Visible: - Signed: -
Status: -

Name: rdbss.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdbss.sys
Address: 0xA9523000 Size: 175744 File Visible: - Signed: -
Status: -

Name: RDPCDD.sys
Image Path: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Address: 0xF79B1000 Size: 4224 File Visible: - Signed: -
Status: -

Name: rdpdr.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdpdr.sys
Address: 0xB9A13000 Size: 196224 File Visible: - Signed: -
Status: -

Name: redbook.sys
Image Path: C:\WINDOWS\system32\DRIVERS\redbook.sys
Address: 0xBA8CD000 Size: 57600 File Visible: - Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA8E5B000 Size: 49152 File Visible: No Signed: -
Status: -

Name: SCSIPORT.SYS
Image Path: C:\WINDOWS\System32\DRIVERS\SCSIPORT.SYS
Address: 0xF7482000 Size: 98304 File Visible: - Signed: -
Status: -

Name: senfilt.sys
Image Path: C:\WINDOWS\system32\drivers\senfilt.sys
Address: 0xB9A9C000 Size: 732928 File Visible: - Signed: -
Status: -

Name: serenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\serenum.sys
Address: 0xBAE03000 Size: 15744 File Visible: - Signed: -
Status: -

Name: serial.sys
Image Path: C:\WINDOWS\system32\DRIVERS\serial.sys
Address: 0xBA8FD000 Size: 64512 File Visible: - Signed: -
Status: -

Name: smwdm.sys
Image Path: C:\WINDOWS\system32\drivers\smwdm.sys
Address: 0xB9B96000 Size: 260352 File Visible: - Signed: -
Status: -

Name: sr.sys
Image Path: sr.sys
Address: 0xBAFCE000 Size: 73472 File Visible: - Signed: -
Status: -

Name: srv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\srv.sys
Address: 0xA8F1B000 Size: 333952 File Visible: - Signed: -
Status: -

Name: swenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\swenum.sys
Address: 0xF79A9000 Size: 4352 File Visible: - Signed: -
Status: -

Name: symmpi.sys
Image Path: symmpi.sys
Address: 0xF7970000 Size: 93568 File Visible: - Signed: -
Status: -

Name: sysaudio.sys
Image Path: C:\WINDOWS\system32\drivers\sysaudio.sys
Address: 0xA8FAD000 Size: 60800 File Visible: - Signed: -
Status: -

Name: tcpip.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tcpip.sys
Address: 0xA9677000 Size: 361600 File Visible: - Signed: -
Status: -

Name: TDI.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\TDI.SYS
Address: 0xF77FF000 Size: 20480 File Visible: - Signed: -
Status: -

Name: termdd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\termdd.sys
Address: 0xF76D7000 Size: 40704 File Visible: - Signed: -
Status: -

Name: UdfReadr_xp.SYS
Image Path: C:\WINDOWS\System32\Drivers\UdfReadr_xp.SYS
Address: 0xA971D000 Size: 206464 File Visible: - Signed: -
Status: -

Name: update.sys
Image Path: C:\WINDOWS\system32\DRIVERS\update.sys
Address: 0xB99B5000 Size: 384768 File Visible: - Signed: -
Status: -

Name: usbccgp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbccgp.sys
Address: 0xA97EF000 Size: 32128 File Visible: - Signed: -
Status: -

Name: USBD.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBD.SYS
Address: 0xF79AB000 Size: 8192 File Visible: - Signed: -
Status: -

Name: usbehci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbehci.sys
Address: 0xF77F7000 Size: 30208 File Visible: - Signed: -
Status: -

Name: usbhub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbhub.sys
Address: 0xF7577000 Size: 59520 File Visible: - Signed: -
Status: -

Name: USBPORT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS
Address: 0xB9BD6000 Size: 147456 File Visible: - Signed: -
Status: -

Name: usbuhci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbuhci.sys
Address: 0xF77EF000 Size: 20608 File Visible: - Signed: -
Status: -

Name: vga.sys
Image Path: C:\WINDOWS\System32\drivers\vga.sys
Address: 0xF775F000 Size: 20992 File Visible: - Signed: -
Status: -

Name: VIDEOPRT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS
Address: 0xB9C1B000 Size: 81920 File Visible: - Signed: -
Status: -

Name: VolSnap.sys
Image Path: VolSnap.sys
Address: 0xF7617000 Size: 52352 File Visible: - Signed: -
Status: -

Name: wanarp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\wanarp.sys
Address: 0xF7547000 Size: 34560 File Visible: - Signed: -
Status: -

Name: watchdog.sys
Image Path: C:\WINDOWS\System32\watchdog.sys
Address: 0xF779F000 Size: 20480 File Visible: - Signed: -
Status: -

Name: wdmaud.sys
Image Path: C:\WINDOWS\system32\drivers\wdmaud.sys
Address: 0xA8D9E000 Size: 83072 File Visible: - Signed: -
Status: -

Name: Win32k
Image Path: \Driver\Win32k
Address: 0xBF800000 Size: 1847296 File Visible: - Signed: -
Status: -

Name: win32k.sys
Image Path: C:\WINDOWS\System32\win32k.sys
Address: 0xBF800000 Size: 1847296 File Visible: - Signed: -
Status: -

Name: win32k.sys:1
Image Path: C:\WINDOWS\win32k.sys:1
Address: 0xF77B7000 Size: 20480 File Visible: No Signed: -
Status: -

Name: win32k.sys:2
Image Path: C:\WINDOWS\win32k.sys:2
Address: 0xA955E000 Size: 61440 File Visible: No Signed: -
Status: -

Name: WMILIB.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\WMILIB.SYS
Address: 0xF7989000 Size: 8192 File Visible: - Signed: -
Status: -

Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x804D7000 Size: 2260992 File Visible: - Signed: -
Status: -

Edited by Clint G, 17 September 2009 - 04:17 PM.


BC AdBot (Login to Remove)

 


#2 Clint G

Clint G
  • Topic Starter

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Utah
  • Local time:05:45 PM

Posted 24 September 2009 - 03:40 PM

Moderator,
Please close this topic. I've decided to re-format and re-load.

#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,807 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:07:45 PM

Posted 24 September 2009 - 08:39 PM

Thank you for letting us know. Sometimes reformatting and reinstalling is the quickest and best solution. We have a huge backlog of topics here, and it can take over two weeks to get a response.

This topic shall now be closed and the duplicate you posted on Sept. 21 shall be deleted.

Orange Blossom :(
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users