Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Stop Error 0x0000007E Fltmgr.sys


  • This topic is locked This topic is locked
3 replies to this topic

#1 AstralDarko

AstralDarko

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:57 AM

Posted 14 October 2009 - 07:23 PM

I was directed here from the Am I Infected Forum. Here is my original post, along with the logs as they directed me. Topic referenced is here: http://www.bleepingcomputer.com/forums/t/264019/stop-error-0x0000007e-help/ ~ OB

Currently my computer is stuck in a restart loop. I believe the cause to have something to do with a random .exe file I may have stupidly downloaded and opened about 2 days ago, since my pc immediately proceed to plunge it's self into a BSOD restart loop upon opening it. I took me all of yesterday to find a way to freeze the blue screen long enough to get the stop error code from it. Originally I was unable to even get to safe mode. However, I eventually compiled the Ultimate Windows Boot Disk (their title, not mine), but was had to resort to useing the windows disk for my gf/s dell laptop, which ran xp profesional. However, my gateway GT5082 desktop was running xp media center edition. Hopefully this hasn't caused to many problems, as the disk is the only way I was able to scan the registry, which subsiquently allows me to now get into safe mode.

Now, on the the BSOD. The current error reads: 0x0000007E (0xC0000005, 0xB87012B2, 0xF78C648C, 0xF78c618C)
Fltmgr.sys - Address B87012B2 base at B86E900 Datestamp 480251DA




ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/10/13 18:50
Program Version: Version 1.3.5.0
Windows Version: Windows XP Media Center Edition SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xB827B000 Size: 90112 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF79D7000 Size: 8192 File Visible: No Signed: -
Status: -

Name: PCI_PNP7166
Image Path: \Driver\PCI_PNP7166
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\System32\drivers\rootrepeal.sys
Address: 0xB8233000 Size: 49152 File Visible: No Signed: -
Status: -

Name: sppu.sys
Image Path: sppu.sys
Address: 0xF74D5000 Size: 1052672 File Visible: No Signed: -
Status: -

Name: sptd
Image Path: \Driver\sptd
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

SSDT
-------------------
#: 041 Function Name: NtCreateKey
Status: Hooked by "sppu.sys" at address 0xf74d60e0

#: 071 Function Name: NtEnumerateKey
Status: Hooked by "sppu.sys" at address 0xf74f4ca4

#: 073 Function Name: NtEnumerateValueKey
Status: Hooked by "sppu.sys" at address 0xf74f5032

#: 119 Function Name: NtOpenKey
Status: Hooked by "sppu.sys" at address 0xf74d60c0

#: 160 Function Name: NtQueryKey
Status: Hooked by "sppu.sys" at address 0xf74f510a

#: 177 Function Name: NtQueryValueKey
Status: Hooked by "sppu.sys" at address 0xf74f4f8a

#: 247 Function Name: NtSetValueKey
Status: Hooked by "sppu.sys" at address 0xf74f519c

Stealth Objects
-------------------
Object: Hidden Code [Driver: Ntfs, IRP_MJ_CREATE]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLOSE]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_READ]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_WRITE]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_EA]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_EA]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SHUTDOWN]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLEANUP]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_SECURITY]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_QUOTA]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_PNP]
Process: System Address: 0x8a9551f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_CREATE]
Process: System Address: 0x8a7271f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_CLOSE]
Process: System Address: 0x8a7271f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_READ]
Process: System Address: 0x8a7271f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_WRITE]
Process: System Address: 0x8a7271f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x8a7271f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x8a7271f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_QUERY_EA]
Process: System Address: 0x8a7271f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_SET_EA]
Process: System Address: 0x8a7271f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x8a7271f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x8a7271f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x8a7271f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x8a7271f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x8a7271f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a7271f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_SHUTDOWN]
Process: System Address: 0x8a7271f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x8a7271f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_CLEANUP]
Process: System Address: 0x8a7271f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_PNP]
Process: System Address: 0x8a7271f8 Size: 121

Object: Hidden Code [Driver: perc2, IRP_MJ_CREATE]
Process: System Address: 0x8a95b1f8 Size: 121

Object: Hidden Code [Driver: perc2, IRP_MJ_CLOSE]
Process: System Address: 0x8a95b1f8 Size: 121

Object: Hidden Code [Driver: perc2, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a95b1f8 Size: 121

Object: Hidden Code [Driver: perc2, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a95b1f8 Size: 121

Object: Hidden Code [Driver: perc2, IRP_MJ_POWER]
Process: System Address: 0x8a95b1f8 Size: 121

Object: Hidden Code [Driver: perc2, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a95b1f8 Size: 121

Object: Hidden Code [Driver: perc2, IRP_MJ_PNP]
Process: System Address: 0x8a95b1f8 Size: 121

Object: Hidden Code [Driver: Ql10wnt, IRP_MJ_CREATE]
Process: System Address: 0x8a9d51f8 Size: 121

Object: Hidden Code [Driver: Ql10wnt, IRP_MJ_CLOSE]
Process: System Address: 0x8a9d51f8 Size: 121

Object: Hidden Code [Driver: Ql10wnt, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9d51f8 Size: 121

Object: Hidden Code [Driver: Ql10wnt, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a9d51f8 Size: 121

Object: Hidden Code [Driver: Ql10wnt, IRP_MJ_POWER]
Process: System Address: 0x8a9d51f8 Size: 121

Object: Hidden Code [Driver: Ql10wnt, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a9d51f8 Size: 121

Object: Hidden Code [Driver: Ql10wnt, IRP_MJ_PNP]
Process: System Address: 0x8a9d51f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE]
Process: System Address: 0x8a7b11f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLOSE]
Process: System Address: 0x8a7b11f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_READ]
Process: System Address: 0x8a7b11f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_WRITE]
Process: System Address: 0x8a7b11f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x8a7b11f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a7b11f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a7b11f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SHUTDOWN]
Process: System Address: 0x8a7b11f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_POWER]
Process: System Address: 0x8a7b11f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a7b11f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_PNP]
Process: System Address: 0x8a7b11f8 Size: 121

Object: Hidden Code [Driver: cbidf, IRP_MJ_CREATE]
Process: System Address: 0x8a9581f8 Size: 121

Object: Hidden Code [Driver: cbidf, IRP_MJ_CLOSE]
Process: System Address: 0x8a9581f8 Size: 121

Object: Hidden Code [Driver: cbidf, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9581f8 Size: 121

Object: Hidden Code [Driver: cbidf, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a9581f8 Size: 121

Object: Hidden Code [Driver: cbidf, IRP_MJ_POWER]
Process: System Address: 0x8a9581f8 Size: 121

Object: Hidden Code [Driver: cbidf, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a9581f8 Size: 121

Object: Hidden Code [Driver: cbidf, IRP_MJ_PNP]
Process: System Address: 0x8a9581f8 Size: 121

Object: Hidden Code [Driver: ini910u, IRP_MJ_CREATE]
Process: System Address: 0x8a9d21f8 Size: 121

Object: Hidden Code [Driver: ini910u, IRP_MJ_CLOSE]
Process: System Address: 0x8a9d21f8 Size: 121

Object: Hidden Code [Driver: ini910u, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9d21f8 Size: 121

Object: Hidden Code [Driver: ini910u, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a9d21f8 Size: 121

Object: Hidden Code [Driver: ini910u, IRP_MJ_POWER]
Process: System Address: 0x8a9d21f8 Size: 121

Object: Hidden Code [Driver: ini910u, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a9d21f8 Size: 121

Object: Hidden Code [Driver: ini910u, IRP_MJ_PNP]
Process: System Address: 0x8a9d21f8 Size: 121

Object: Hidden Code [Driver: ql1280, IRP_MJ_CREATE]
Process: System Address: 0x8a95d1f8 Size: 121

Object: Hidden Code [Driver: ql1280, IRP_MJ_CLOSE]
Process: System Address: 0x8a95d1f8 Size: 121

Object: Hidden Code [Driver: ql1280, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a95d1f8 Size: 121

Object: Hidden Code [Driver: ql1280, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a95d1f8 Size: 121

Object: Hidden Code [Driver: ql1280, IRP_MJ_POWER]
Process: System Address: 0x8a95d1f8 Size: 121

Object: Hidden Code [Driver: ql1280, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a95d1f8 Size: 121

Object: Hidden Code [Driver: ql1280, IRP_MJ_PNP]
Process: System Address: 0x8a95d1f8 Size: 121

Object: Hidden Code [Driver: asc, IRP_MJ_CREATE]
Process: System Address: 0x8a9d41f8 Size: 121

Object: Hidden Code [Driver: asc, IRP_MJ_CLOSE]
Process: System Address: 0x8a9d41f8 Size: 121

Object: Hidden Code [Driver: asc, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9d41f8 Size: 121

Object: Hidden Code [Driver: asc, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a9d41f8 Size: 121

Object: Hidden Code [Driver: asc, IRP_MJ_POWER]
Process: System Address: 0x8a9d41f8 Size: 121

Object: Hidden Code [Driver: asc, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a9d41f8 Size: 121

Object: Hidden Code [Driver: asc, IRP_MJ_PNP]
Process: System Address: 0x8a9d41f8 Size: 121

Object: Hidden Code [Driver: asc3350p, IRP_MJ_CREATE]
Process: System Address: 0x8a9ce1f8 Size: 121

Object: Hidden Code [Driver: asc3350p, IRP_MJ_CLOSE]
Process: System Address: 0x8a9ce1f8 Size: 121

Object: Hidden Code [Driver: asc3350p, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9ce1f8 Size: 121

Object: Hidden Code [Driver: asc3350p, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a9ce1f8 Size: 121

Object: Hidden Code [Driver: asc3350p, IRP_MJ_POWER]
Process: System Address: 0x8a9ce1f8 Size: 121

Object: Hidden Code [Driver: asc3350p, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a9ce1f8 Size: 121

Object: Hidden Code [Driver: asc3350p, IRP_MJ_PNP]
Process: System Address: 0x8a9ce1f8 Size: 121

Object: Hidden Code [Driver: cd20xrnt, IRP_MJ_CREATE]
Process: System Address: 0x8a9cd1f8 Size: 121

Object: Hidden Code [Driver: cd20xrnt, IRP_MJ_CLOSE]
Process: System Address: 0x8a9cd1f8 Size: 121

Object: Hidden Code [Driver: cd20xrnt, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9cd1f8 Size: 121

Object: Hidden Code [Driver: cd20xrnt, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a9cd1f8 Size: 121

Object: Hidden Code [Driver: cd20xrnt, IRP_MJ_POWER]
Process: System Address: 0x8a9cd1f8 Size: 121

Object: Hidden Code [Driver: cd20xrnt, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a9cd1f8 Size: 121

Object: Hidden Code [Driver: cd20xrnt, IRP_MJ_PNP]
Process: System Address: 0x8a9cd1f8 Size: 121

Object: Hidden Code [Driver: mraid35x, IRP_MJ_CREATE]
Process: System Address: 0x8a9d31f8 Size: 121

Object: Hidden Code [Driver: mraid35x, IRP_MJ_CLOSE]
Process: System Address: 0x8a9d31f8 Size: 121

Object: Hidden Code [Driver: mraid35x, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9d31f8 Size: 121

Object: Hidden Code [Driver: mraid35x, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a9d31f8 Size: 121

Object: Hidden Code [Driver: mraid35x, IRP_MJ_POWER]
Process: System Address: 0x8a9d31f8 Size: 121

Object: Hidden Code [Driver: mraid35x, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a9d31f8 Size: 121

Object: Hidden Code [Driver: mraid35x, IRP_MJ_PNP]
Process: System Address: 0x8a9d31f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_CREATE]
Process: System Address: 0x8a7b0500 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_CLOSE]
Process: System Address: 0x8a7b0500 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a7b0500 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a7b0500 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_POWER]
Process: System Address: 0x8a7b0500 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a7b0500 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_PNP]
Process: System Address: 0x8a7b0500 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_CREATE]
Process: System Address: 0x8a7c2500 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_CLOSE]
Process: System Address: 0x8a7c2500 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a7c2500 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a7c2500 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_POWER]
Process: System Address: 0x8a7c2500 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a7c2500 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_PNP]
Process: System Address: 0x8a7c2500 Size: 121

Object: Hidden Code [Driver: usbstor, IRP_MJ_CREATE]
Process: System Address: 0x8a7231f8 Size: 121

Object: Hidden Code [Driver: usbstor, IRP_MJ_CLOSE]
Process: System Address: 0x8a7231f8 Size: 121

Object: Hidden Code [Driver: usbstor, IRP_MJ_READ]
Process: System Address: 0x8a7231f8 Size: 121

Object: Hidden Code [Driver: usbstor, IRP_MJ_WRITE]
Process: System Address: 0x8a7231f8 Size: 121

Object: Hidden Code [Driver: usbstor, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a7231f8 Size: 121

Object: Hidden Code [Driver: usbstor, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a7231f8 Size: 121

Object: Hidden Code [Driver: usbstor, IRP_MJ_POWER]
Process: System Address: 0x8a7231f8 Size: 121

Object: Hidden Code [Driver: usbstor, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a7231f8 Size: 121

Object: Hidden Code [Driver: usbstor, IRP_MJ_PNP]
Process: System Address: 0x8a7231f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_CREATE]
Process: System Address: 0x8a9d91f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_CLOSE]
Process: System Address: 0x8a9d91f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_READ]
Process: System Address: 0x8a9d91f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_WRITE]
Process: System Address: 0x8a9d91f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x8a9d91f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9d91f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a9d91f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_SHUTDOWN]
Process: System Address: 0x8a9d91f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_POWER]
Process: System Address: 0x8a9d91f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a9d91f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_PNP]
Process: System Address: 0x8a9d91f8 Size: 121

Object: Hidden Code [Driver: symc8xx, IRP_MJ_CREATE]
Process: System Address: 0x8a9621f8 Size: 121

Object: Hidden Code [Driver: symc8xx, IRP_MJ_CLOSE]
Process: System Address: 0x8a9621f8 Size: 121

Object: Hidden Code [Driver: symc8xx, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9621f8 Size: 121

Object: Hidden Code [Driver: symc8xx, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a9621f8 Size: 121

Object: Hidden Code [Driver: symc8xx, IRP_MJ_POWER]
Process: System Address: 0x8a9621f8 Size: 121

Object: Hidden Code [Driver: symc8xx, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a9621f8 Size: 121

Object: Hidden Code [Driver: symc8xx, IRP_MJ_PNP]
Process: System Address: 0x8a9621f8 Size: 121

Object: Hidden Code [Driver: ultra, IRP_MJ_CREATE]
Process: System Address: 0x8a9cc1f8 Size: 121

Object: Hidden Code [Driver: ultra, IRP_MJ_CLOSE]
Process: System Address: 0x8a9cc1f8 Size: 121

Object: Hidden Code [Driver: ultra, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9cc1f8 Size: 121

Object: Hidden Code [Driver: ultra, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a9cc1f8 Size: 121

Object: Hidden Code [Driver: ultra, IRP_MJ_POWER]
Process: System Address: 0x8a9cc1f8 Size: 121

Object: Hidden Code [Driver: ultra, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a9cc1f8 Size: 121

Object: Hidden Code [Driver: ultra, IRP_MJ_PNP]
Process: System Address: 0x8a9cc1f8 Size: 121

Object: Hidden Code [Driver: aic78u2, IRP_MJ_CREATE]
Process: System Address: 0x8a9d11f8 Size: 121

Object: Hidden Code [Driver: aic78u2, IRP_MJ_CLOSE]
Process: System Address: 0x8a9d11f8 Size: 121

Object: Hidden Code [Driver: aic78u2, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9d11f8 Size: 121

Object: Hidden Code [Driver: aic78u2, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a9d11f8 Size: 121

Object: Hidden Code [Driver: aic78u2, IRP_MJ_POWER]
Process: System Address: 0x8a9d11f8 Size: 121

Object: Hidden Code [Driver: aic78u2, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a9d11f8 Size: 121

Object: Hidden Code [Driver: aic78u2, IRP_MJ_PNP]
Process: System Address: 0x8a9d11f8 Size: 121

Object: Hidden Code [Driver: dac960nt, IRP_MJ_CREATE]
Process: System Address: 0x8a9671f8 Size: 121

Object: Hidden Code [Driver: dac960nt, IRP_MJ_CLOSE]
Process: System Address: 0x8a9671f8 Size: 121

Object: Hidden Code [Driver: dac960nt, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9671f8 Size: 121

Object: Hidden Code [Driver: dac960nt, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a9671f8 Size: 121

Object: Hidden Code [Driver: dac960nt, IRP_MJ_POWER]
Process: System Address: 0x8a9671f8 Size: 121

Object: Hidden Code [Driver: dac960nt, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a9671f8 Size: 121

Object: Hidden Code [Driver: dac960nt, IRP_MJ_PNP]
Process: System Address: 0x8a9671f8 Size: 121

Object: Hidden Code [Driver: adpu160m, IRP_MJ_CREATE]
Process: System Address: 0x8a9601f8 Size: 121

Object: Hidden Code [Driver: adpu160m, IRP_MJ_CLOSE]
Process: System Address: 0x8a9601f8 Size: 121

Object: Hidden Code [Driver: adpu160m, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9601f8 Size: 121

Object: Hidden Code [Driver: adpu160m, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a9601f8 Size: 121

Object: Hidden Code [Driver: adpu160m, IRP_MJ_POWER]
Process: System Address: 0x8a9601f8 Size: 121

Object: Hidden Code [Driver: adpu160m, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a9601f8 Size: 121

Object: Hidden Code [Driver: adpu160m, IRP_MJ_PNP]
Process: System Address: 0x8a9601f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CREATE]
Process: System Address: 0x8a96b1f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_READ]
Process: System Address: 0x8a96b1f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_WRITE]
Process: System Address: 0x8a96b1f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x8a96b1f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a96b1f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a96b1f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SHUTDOWN]
Process: System Address: 0x8a96b1f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CLEANUP]
Process: System Address: 0x8a96b1f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_POWER]
Process: System Address: 0x8a96b1f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a96b1f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_PNP]
Process: System Address: 0x8a96b1f8 Size: 121

Object: Hidden Code [Driver: sym_u3, IRP_MJ_CREATE]
Process: System Address: 0x8a9611f8 Size: 121

Object: Hidden Code [Driver: sym_u3, IRP_MJ_CLOSE]
Process: System Address: 0x8a9611f8 Size: 121

Object: Hidden Code [Driver: sym_u3, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9611f8 Size: 121

Object: Hidden Code [Driver: sym_u3, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a9611f8 Size: 121

Object: Hidden Code [Driver: sym_u3, IRP_MJ_POWER]
Process: System Address: 0x8a9611f8 Size: 121

Object: Hidden Code [Driver: sym_u3, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a9611f8 Size: 121

Object: Hidden Code [Driver: sym_u3, IRP_MJ_PNP]
Process: System Address: 0x8a9611f8 Size: 121

Object: Hidden Code [Driver: abp480n5, IRP_MJ_CREATE]
Process: System Address: 0x8a9cf1f8 Size: 121

Object: Hidden Code [Driver: abp480n5, IRP_MJ_CLOSE]
Process: System Address: 0x8a9cf1f8 Size: 121

Object: Hidden Code [Driver: abp480n5, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9cf1f8 Size: 121

Object: Hidden Code [Driver: abp480n5, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a9cf1f8 Size: 121

Object: Hidden Code [Driver: abp480n5, IRP_MJ_POWER]
Process: System Address: 0x8a9cf1f8 Size: 121

Object: Hidden Code [Driver: abp480n5, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a9cf1f8 Size: 121

Object: Hidden Code [Driver: abp480n5, IRP_MJ_PNP]
Process: System Address: 0x8a9cf1f8 Size: 121

Object: Hidden Code [Driver: ql1080, IRP_MJ_CREATE]
Process: System Address: 0x8a95e1f8 Size: 121

Object: Hidden Code [Driver: ql1080, IRP_MJ_CLOSE]
Process: System Address: 0x8a95e1f8 Size: 121

Object: Hidden Code [Driver: ql1080, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a95e1f8 Size: 121

Object: Hidden Code [Driver: ql1080, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a95e1f8 Size: 121

Object: Hidden Code [Driver: ql1080, IRP_MJ_POWER]
Process: System Address: 0x8a95e1f8 Size: 121

Object: Hidden Code [Driver: ql1080, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a95e1f8 Size: 121

Object: Hidden Code [Driver: ql1080, IRP_MJ_PNP]
Process: System Address: 0x8a95e1f8 Size: 121

Object: Hidden Code [Driver: hpn, IRP_MJ_CREATE]
Process: System Address: 0x8a9591f8 Size: 121

Object: Hidden Code [Driver: hpn, IRP_MJ_CLOSE]
Process: System Address: 0x8a9591f8 Size: 121

Object: Hidden Code [Driver: hpn, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9591f8 Size: 121

Object: Hidden Code [Driver: hpn, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a9591f8 Size: 121

Object: Hidden Code [Driver: hpn, IRP_MJ_POWER]
Process: System Address: 0x8a9591f8 Size: 121

Object: Hidden Code [Driver: hpn, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a9591f8 Size: 121

Object: Hidden Code [Driver: hpn, IRP_MJ_PNP]
Process: System Address: 0x8a9591f8 Size: 121

Object: Hidden Code [Driver: symc810, IRP_MJ_CREATE]
Process: System Address: 0x8a9681f8 Size: 121

Object: Hidden Code [Driver: symc810, IRP_MJ_CLOSE]
Process: System Address: 0x8a9681f8 Size: 121

Object: Hidden Code [Driver: symc810, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9681f8 Size: 121

Object: Hidden Code [Driver: symc810, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a9681f8 Size: 121

Object: Hidden Code [Driver: symc810, IRP_MJ_POWER]
Process: System Address: 0x8a9681f8 Size: 121

Object: Hidden Code [Driver: symc810, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a9681f8 Size: 121

Object: Hidden Code [Driver: symc810, IRP_MJ_PNP]
Process: System Address: 0x8a9681f8 Size: 121

Object: Hidden Code [Driver: ql12160, IRP_MJ_CREATE]
Process: System Address: 0x8a95c1f8 Size: 121

Object: Hidden Code [Driver: ql12160, IRP_MJ_CLOSE]
Process: System Address: 0x8a95c1f8 Size: 121

Object: Hidden Code [Driver: ql12160, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a95c1f8 Size: 121

Object: Hidden Code [Driver: ql12160, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a95c1f8 Size: 121

Object: Hidden Code [Driver: ql12160, IRP_MJ_POWER]
Process: System Address: 0x8a95c1f8 Size: 121

Object: Hidden Code [Driver: ql12160, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a95c1f8 Size: 121

Object: Hidden Code [Driver: ql12160, IRP_MJ_PNP]
Process: System Address: 0x8a95c1f8 Size: 121

Object: Hidden Code [Driver: aic78xx, IRP_MJ_CREATE]
Process: System Address: 0x8a9d61f8 Size: 121

Object: Hidden Code [Driver: aic78xx, IRP_MJ_CLOSE]
Process: System Address: 0x8a9d61f8 Size: 121

Object: Hidden Code [Driver: aic78xx, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9d61f8 Size: 121

Object: Hidden Code [Driver: aic78xx, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a9d61f8 Size: 121

Object: Hidden Code [Driver: aic78xx, IRP_MJ_POWER]
Process: System Address: 0x8a9d61f8 Size: 121

Object: Hidden Code [Driver: aic78xx, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a9d61f8 Size: 121

Object: Hidden Code [Driver: aic78xx, IRP_MJ_PNP]
Process: System Address: 0x8a9d61f8 Size: 121

Object: Hidden Code [Driver: dac2w2k, IRP_MJ_CREATE]
Process: System Address: 0x8a9571f8 Size: 121

Object: Hidden Code [Driver: dac2w2k, IRP_MJ_CLOSE]
Process: System Address: 0x8a9571f8 Size: 121

Object: Hidden Code [Driver: dac2w2k, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9571f8 Size: 121

Object: Hidden Code [Driver: dac2w2k, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a9571f8 Size: 121

Object: Hidden Code [Driver: dac2w2k, IRP_MJ_POWER]
Process: System Address: 0x8a9571f8 Size: 121

Object: Hidden Code [Driver: dac2w2k, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a9571f8 Size: 121

Object: Hidden Code [Driver: dac2w2k, IRP_MJ_PNP]
Process: System Address: 0x8a9571f8 Size: 121

Object: Hidden Code [Driver: amsint, IRP_MJ_CREATE]
Process: System Address: 0x8a9661f8 Size: 121

Object: Hidden Code [Driver: amsint, IRP_MJ_CLOSE]
Process: System Address: 0x8a9661f8 Size: 121

Object: Hidden Code [Driver: amsint, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9661f8 Size: 121

Object: Hidden Code [Driver: amsint, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a9661f8 Size: 121

Object: Hidden Code [Driver: amsint, IRP_MJ_POWER]
Process: System Address: 0x8a9661f8 Size: 121

Object: Hidden Code [Driver: amsint, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a9661f8 Size: 121

Object: Hidden Code [Driver: amsint, IRP_MJ_PNP]
Process: System Address: 0x8a9661f8 Size: 121

Object: Hidden Code [Driver: ql1240, IRP_MJ_CREATE]
Process: System Address: 0x8a9631f8 Size: 121

Object: Hidden Code [Driver: ql1240, IRP_MJ_CLOSE]
Process: System Address: 0x8a9631f8 Size: 121

Object: Hidden Code [Driver: ql1240, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x8a9631f8 Size: 121

Object: Hidden Code [Driver: ql1240, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x8a9631f8 Size: 121

Object: Hidden Code [Driver: ql1240, IRP_MJ_POWER]
Process: System Address: 0x8a9631f8 Size: 121

Object: Hidden Code [Driver: ql1240, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x8a9631f8 Size: 121

Object: Hidden Code [Driver: ql1240, IRP_MJ_PNP]
Process: System Address: 0x8a9631f8 Size: 121

Object: Hidden Code [Driver: Sparrow, IRP_MJ_CREATE]
Process: System Address: 0x8a9d71f8 Size: 121

Object: Hidden Code [Driver: Sparrow, IRP_MJ_CLOSE]
Process: SystHidden Services
-------------------
Service Name: msqpdxserv.sys
Image Path: C:\WINDOWS\system32\drivers\msqpdxkwiqylnu.sys

==EOF==


Running from: F:\new stuff to try\Win32kDiag.exe

Log file at : C:\Documents and Settings\Owner.DRECOMP\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...





Finished!

Volume in drive C has no label.
Volume Serial Number is 30D7-2EC3

Directory of C:\WINDOWS\system32

09/03/2002 03:54 PM 174,592 scecli.dll

Directory of C:\WINDOWS\system32

09/03/2002 03:49 PM 399,360 netlogon.dll

Directory of C:\WINDOWS\system32

09/03/2002 03:37 PM 49,152 eventlog.dll
3 File(s) 623,104 bytes

Total Files Listed:
3 File(s) 623,104 bytes
0 Dir(s) 126,517,473,280 bytes free


DDS (Ver_09-10-13.01) - NTFSx86 MINIMAL
Run by Owner at 20:14:13.39 on Wed 10/14/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15

============== Pseudo HJT Report ===============

uSearch Bar = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5082
uStart Page = hxxp://www.gvsu.edu/
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=DTP&M=GT5082
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {47551F98-CC7F-4701-A650-D7231EEA60BD} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: {C334B06E-87F9-4987-9CC3-9160D77F8FA2} - No File
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {ECEB0BF0-413B-44E1-92BE-408FDA043F8E} - No File
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\WCESCOMM.EXE"
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
mRun: [readericon] c:\program files\digital media reader\readericon45G.exe
mRun: [Reminder] %WINDIR%\Creator\Remind_XP.exe
mRun: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [TWCU] "c:\program files\tp-link\twcu\TWCU.exe" -nogui
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [QuickTime Task] "c:\program files\quicktime alternative\QTTask.exe" -atboottime
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\WinPatrol.exe -expressboot
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [SmartDefrag] "c:\program files\iobit\iobit smartdefrag\IObit SmartDefrag.exe" /StartUp
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
dRun: [Power2GoExpress] NA
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~3\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~3\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: zango.com\www
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw_promo.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {1EF9F042-C2EB-4293-8213-474CAEEF531D} - hxxp://www.trendsecure.com/service_components/control/activex/TmHcmsX.CAB
DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader.cab
DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - hxxp://download.shockwave.com/pub/otoy/OTOYAX.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
TCP: {1A217A56-A587-4015-A740-EA1EB98BFC76} = 24.247.15.53,24.247.24.53
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} - c:\program files\microsoft activesync\aatp.dll
WinCE Filter: image/bmp - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\progra~1\micros~3\CENetFlt.dll
WinCE Filter: image/gif - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\progra~1\micros~3\CENetFlt.dll
WinCE Filter: image/jpeg - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\progra~1\micros~3\CENetFlt.dll
WinCE Filter: image/xbm - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\progra~1\micros~3\CENetFlt.dll
WinCE Filter: text/asp - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - c:\progra~1\micros~3\CENetFlt.dll
WinCE Filter: text/html - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - c:\progra~1\micros~3\CENetFlt.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: nnnNhihH - nnnNhihH.dll
AppInit_DLLs: avgrsstx.dll c:\windows\system32\guard32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
SEH: {47551F98-CC7F-4701-A650-D7231EEA60BD} - No File
LSA: Authentication Packages = msv1_0 nwprovau c:\windows\system32\urQGAQhE

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\owner~1.dre\applic~1\mozilla\firefox\profiles\c4yrvldn.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.gvsu.edu/
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\owner.drecomp\application data\mozilla\firefox\profiles\c4yrvldn.default\extensions\{463f6ca5-ee3c-4be1-b7e6-7fee11953374}\platform\winnt\components\FoxyTunes.dll
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPinfotl.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----

============= SERVICES / DRIVERS ===============


=============== Created Last 30 ================

2009-10-12 19:32 --d----- c:\documents and settings\owner.drecomp\DoctorWeb
2009-10-11 12:43 --d----- c:\docume~1\owner~1.dre\applic~1\DriverCure
2009-10-11 12:43 --d----- c:\docume~1\alluse~1\applic~1\ParetoLogic
2009-10-11 12:43 --d----- c:\docume~1\alluse~1\applic~1\DriverCure
2009-10-11 12:26 --d----- c:\program files\LSI SoftModem
2009-10-11 12:26 4,984 a------- c:\windows\system32\drivers\nvphy.bin
2009-10-11 12:18 68,096 -------- c:\windows\system32\agrsmdel.exe
2009-10-10 20:21 --d----- c:\program files\RadarSyncPcupz
2009-10-04 15:32 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_motmodem_01005.Wdf
2009-10-04 15:32 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-10-02 13:43 195,440 -------- c:\windows\system32\MpSigStub.exe
2009-09-26 18:09 --d----- c:\docume~1\owner~1.dre\applic~1\DAEMON Tools Pro
2009-09-24 23:19 --d----- c:\program files\PeerGuardian2
2009-09-21 16:41 --d----- c:\program files\uTorrent
2009-09-21 16:41 --d----- c:\docume~1\owner~1.dre\applic~1\uTorrent
2009-09-17 12:17 --d----- c:\docume~1\alluse~1\applic~1\Azureus
2009-09-16 21:08 --d----- c:\program files\VideoLAN
2009-09-16 19:11 --d----- C:\Fonts Downloads
2009-09-15 17:51 --d----- c:\program files\common files\Macrovision Shared

==================== Find3M ====================

2009-09-19 15:50 179,792 a------- c:\windows\system32\guard32.dll
2009-09-19 15:50 25,160 a------- c:\windows\system32\drivers\cmdhlp.sys
2009-09-19 15:50 132,296 a------- c:\windows\system32\drivers\cmdguard.sys
2009-09-10 14:54 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 14:53 19,160 a------- c:\windows\system32\drivers\mbam.sys
2009-08-22 19:25 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-08-22 19:25 335,240 a------- c:\windows\system32\drivers\avgldx86.sys
2009-08-17 03:04 2,173,472 a------- c:\windows\system32\nvcplui.exe
2009-08-17 03:04 81,920 a------- c:\windows\system32\nvwddi.dll
2009-08-17 03:03 3,170,304 a------- c:\windows\system32\nvwss.dll
2009-08-17 03:03 4,026,368 a------- c:\windows\system32\nvvitvs.dll
2009-08-17 03:03 1,286,144 a------- c:\windows\system32\nvmobls.dll
2009-08-17 03:03 188,416 a------- c:\windows\system32\nvmccss.dll
2009-08-17 03:03 3,547,136 a------- c:\windows\system32\nvgames.dll
2009-08-17 03:03 4,923,392 a------- c:\windows\system32\nvdisps.dll
2009-08-17 03:03 13,877,248 a------- c:\windows\system32\nvcpl.dll
2009-08-17 03:03 168,004 a------- c:\windows\system32\nvsvc32.exe
2009-08-17 03:03 143,360 a------- c:\windows\system32\nvcolor.exe
2009-08-17 03:03 86,016 a------- c:\windows\system32\nvmctray.dll
2009-08-17 03:02 229,376 a------- c:\windows\system32\nvmccs.dll
2009-08-17 00:57 10,457,088 a------- c:\windows\system32\nvoglnt.dll
2009-08-17 00:57 7,729,568 a------- c:\windows\system32\drivers\nv4_mini.sys
2009-08-17 00:57 5,845,760 a------- c:\windows\system32\nv4_disp.dll
2009-08-17 00:57 2,189,856 a------- c:\windows\system32\nvcuvid.dll
2009-08-17 00:57 2,002,944 a------- c:\windows\system32\nvcuda.dll
2009-08-17 00:57 1,706,528 a------- c:\windows\system32\nvcuvenc.dll
2009-08-17 00:57 1,597,690 a------- c:\windows\system32\nvdata.bin
2009-08-17 00:57 868,352 a------- c:\windows\system32\nvapi.dll
2009-08-17 00:57 485,920 a------- c:\windows\system32\nvudisp.exe
2009-08-17 00:57 155,648 a------- c:\windows\system32\nvcodins.dll
2009-08-17 00:57 155,648 a------- c:\windows\system32\nvcod.dll
2009-08-16 16:01 411,368 a------- c:\windows\system32\deploytk.dll
2009-08-16 14:48 721,904 a------- c:\windows\system32\drivers\sptd.sys
2009-08-16 14:09 14,373 a------- c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat
2009-08-16 14:02 5,433,520 a------- c:\windows\system32\SpoonUninstall.exe
2009-08-11 12:35 485,920 a------- c:\windows\system32\NVUNINST.EXE
2008-11-04 12:18 30 ac------ c:\documents and settings\owner.drecomp\jagex_runescape_preferences.dat
2008-02-14 12:52 326 ac------ c:\docume~1\owner~1.dre\applic~1\wklnhst.dat
2008-01-08 16:54 81,920 ac------ c:\docume~1\owner~1.dre\applic~1\ezpinst.exe
2008-01-08 16:54 47,360 ac------ c:\docume~1\owner~1.dre\applic~1\pcouffin.sys
2009-06-21 12:07 16,384 a--sh--- c:\windows\system32\config\systemprofile\ietldcache\index.dat

============= FINISH: 20:15:19.17 ===============


==== Installed Programs ======================

AAC Decoder
Ad-Aware
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Photoshop 7.0.1
Adobe Reader 8.1.6
Adobe Shockwave Player 11.5
Adobe® Photoshop® Album Starter Edition 3.2
Agere Systems PCI-SV92PP Soft Modem
AML Free Registry Cleaner 4.16
Apple Mobile Device Support
Athlon 64 Processor Driver
AutoUpdate
Avex DVD & Video Converter Pack (remove only)
AVG Free 8.5
Azureus
Bonjour
Bonjour Core for Windows
CCleaner (remove only)
CDBurnerXP
COMODO Internet Security
Compatibility Pack for the 2007 Office system
Critical Update for Windows Media Player 11 (KB959772)
DAEMON Tools Toolbar
dBpowerAMP
dBpoweramp [ID Tag Update] Codec
dBpoweramp [Tag From Filename] Codec
dBpoweramp Aiff Codec
dBpoweramp FLAC Codec
dBpowerAMP Length Split
dBpoweramp m4a Codec
dBpoweramp mp3 (Fraunhofer IIS) Codec
dBpowerAMP mp3PRO Input Codec
dBpowerAMP Mp4 Codec
dBpoweramp Music Converter
dBpoweramp Real Audio (Helix) Encoder
dBpowerAMP Real Audio Codec
dBpoweramp Windows Media Audio 10 Codec
dBpowerAMP WMA V9 Codec
DeepBurner v1.8.0.224
DeepRipper v 1.1
Digital Media Reader
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
dMC mp3PRO (CLI) Encoder
DVD Decrypter (Remove Only)
DVD Solution
Easy Avi/Divx/Xvid to DVD Burner 2.5.1
FoxyTunes for Firefox
G-Force
Gateway Drivers and Applications Recovery
GetDataBack for FAT
gtw_logo
H.264 Decoder
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 10 (KB910393)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
iConcertCal
ImTOO AVI to DVD Converter
InterActual Player
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 2
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Java™ 6 Update 15
Java™ 6 Update 2
Java™ 6 Update 3
Java™ 6 Update 5
Java™ 6 Update 6
Java™ 6 Update 7
Java™ SE Runtime Environment 6 Update 1
K-Lite Codec Pack 3.8.5 Full
LimeWire 5.1.4
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft ActiveSync 3.5
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Digital Image Library 9 - Blocker
Microsoft Digital Image Starter Edition 2006
Microsoft Digital Image Starter Edition 2006 Editor
Microsoft Digital Image Starter Edition 2006 Library
Microsoft Game Studios Common Redistributables Pack 1
Microsoft Money 2006
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Standard Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Works
Microsoft XML Parser
MKV Splitter
Mozilla Firefox (3.0.13)
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Multimedia Samples
Napster Burn Engine
NVIDIA Drivers
PFPortChecker 1.0.30
Power2Go 5.0
PowerDVD
PowerISO
QuickTime
QuickTime Alternative 1.81
RCA Opal 4GB 8GB (Model M4004, MC4004, M4008, MC4008, M4018 and MC4018) Firmware Update Utility
RealPlayer Basic
Realtek AC'97 Audio
Recovery Software Suite Gateway
Recuva (remove only)
Samsung PC Studio
Samsung R500 Hue USB - Handset Manager V9.5
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Sentinel Protection Installer 7.2.2
Sibelius Scorch
Smart Defrag 1.20
SmartDraw 2009
Sonic Encoders
Spybot - Search & Destroy
SpywareBlaster 4.2
STOIK Video Converter 2
System Requirements Lab
TP-LINK Client Installation Program
Trillian
UDF Reader 5.0
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
USB-IrDA Adapter
VC80CRTRedist - 8.0.50727.762
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
Windows Backup Utility
Windows Defender
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Media Center Edition 2005 KB925766
Windows XP Service Pack 3
WinPatrol 2009
winpcap-nmap 4.02
WinRAR archiver

==== End Of File ===========================



These were run in safe mode, as it's the only mode I can reach "safely". I had plans to simply attempt a restore using the recovery partition on my drive. However, I am unable to copy/paste/move files from any location to any other. That means that I can't move anything from my desktop to my external to salvage it. Not being able to back up has me kind of worried.
Heres hopeing we cna fix this.
thanks for looking

Edited by Orange Blossom, 23 October 2009 - 09:10 PM.


BC AdBot (Login to Remove)

 


#2 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:01:57 PM

Posted 27 October 2009 - 03:16 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#3 AstralDarko

AstralDarko
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:57 AM

Posted 27 October 2009 - 08:33 PM

Sorry guys, I did a clean install of windows. Seems to have worked so far, although if I have any problems in the future, I know where to go.

#4 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:01:57 PM

Posted 28 October 2009 - 01:11 PM

Hi,

Thanks for letting us know.


Since this issue appears to be resolved ... this Topic has been closed.

If your the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users