Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need help with virus/maleware


  • This topic is locked This topic is locked
2 replies to this topic

#1 love2do

love2do

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:26 AM

Posted 28 November 2009 - 10:37 AM

Hi.

A few days ago my computer was infected with Antivirus Pro Sytem.
After running MalewareBytes, StopZilla, Norton Internet Security, SpyBot and CCleaner - is still infected with computer viruses.

It seems there is a virus that sends out many emails.

When I run StopZilla find it a virus called Haxdoor.Jusupotv - this can not any of the programs to remove.

It also looks as if it is running applications that do not I start or able to stop:

spoolsv.exe
Services.exe
isass.exe

and possibly even more.

The machine is for studio use and therefore not used as much on the web.

Can you hjeloe me to get rid of these problems?


Regards


Arild Hoeston
Norway


_____________________________________________


DS (Ver_09-11-24.02) - NTFSx86
Run by Arild at 16:01:13,53 on 28.11.2009
Internet Explorer: 8.0.6001.18702

============== Running Processes ===============


============== Pseudo HJT Report ===============

uStart Page = hxxp://www.cubase.net/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mURLSearchHooks: SrchHook Class: {d3f669eb-57ce-4f45-8fbd-e245cbb46366} - c:\programfiler\stopzilla!\toolbar\SZIESearchHook.dll
BHO: Koblingshjelpeprogram for Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\programfiler\fellesfiler\adobe\acrobat\activex\AcroIEHelper.dll
BHO: ZILLAbar Browser Helper Object: {1827766b-9f49-4854-8034-f6ee26fcb1ec} - c:\programfiler\stopzilla!\toolbar\SZSG.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\programfiler\norton internet security\engine\17.1.0.19\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\programfiler\norton internet security\engine\17.1.0.19\IPSBHO.DLL
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\programfiler\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: STOPzilla Browser Helper Object: {e3215f20-3212-11d6-9f8b-00d0b743919d} - c:\programfiler\stopzilla!\SZIEBHO.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programfiler\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\programfiler\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: STOPzilla: {98828ded-a591-462f-83ba-d2f62a68b8b8} - c:\programfiler\stopzilla!\toolbar\SZSG.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\programfiler\norton internet security\engine\17.1.0.19\coIEPlg.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\programfiler\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [scheduler_monitor] c:\programfiler\reaconverter 5.0 pro\init_scheduler.exe
mRun: [<NO NAME>]
mRun: [WD Button Manager] WDBtnMgr.exe
mRun: [dlcjmon.exe] "c:\programfiler\dell photo aio printer 964\dlcjmon.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\programfiler\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [DLCJCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\DLCJtime.dll,_RunDLLEntry@16
mRun: [Malwarebytes' Anti-Malware] "c:\programfiler\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [QuickTime Task] "c:\programfiler\quicktime\qttask.exe" -atboottime
mRun: [Office Keyboard] c:\windows\MMKeybd.exe
mRun: [Alcmtr] ALCMTR.EXE
mRun: [Adobe Reader Speed Launcher] "c:\programfiler\adobe\reader 8.0\reader\Reader_sl.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [DWQueuedReporting] "c:\progra~1\felles~1\micros~1\dw\dwtrig20.exe" -t
IE: Append to existing PDF - c:\programfiler\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\programfiler\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\programfiler\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\programfiler\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\programfiler\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\programfiler\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\programfiler\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\programfiler\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&ksporter til Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programfiler\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/3/9/8/398422c0-8d3e-40e1-a617-af65a72a0465/LegitCheckControl.cab
DPF: {44990301-3c9d-426d-81df-aab636fa4345} - hxxps://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1229273932531
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1254244226437
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
DPF: {DC6FEBC5-0A2D-458A-A01B-5DB15EEC4305} - hxxp://webc.rissakrf.no/controls/IlosoftImageUpload.dll
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

============= SERVICES / DRIVERS ===============


=============== Created Last 30 ================

2009-11-28 14:58:36 69120 -c--a-w- c:\windows\system32\dllcache\notepad.exe
2009-11-28 14:58:36 69120 ----a-w- c:\windows\system32\notepad.exe
2009-11-28 14:56:20 69120 ----a-w- C:\notepad.exe
2009-11-28 14:51:17 32780 ----a-w- C:\NOTEPAD.EX_
2009-11-28 13:42:42 360 ----a-w- c:\windows\system32\drivers\kgpfr2.cfg
2009-11-28 13:42:06 2168 ----a-w- c:\windows\system32\drivers\kgpcpy.cfg
2009-11-28 13:22:39 0 d-----w- c:\programfiler\Trend Micro
2009-11-28 11:22:09 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-11-28 11:22:09 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-11-28 11:22:09 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2009-11-28 11:22:09 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-11-28 11:22:09 0 d-----w- c:\programfiler\Symantec
2009-11-28 11:21:41 0 d-----w- c:\windows\system32\drivers\NIS
2009-11-28 11:21:39 0 d-----w- c:\programfiler\Norton Internet Security
2009-11-27 20:45:44 0 d-----w- c:\programfiler\fellesfiler\Symantec Shared
2009-11-27 20:39:52 0 d-----w- c:\programfiler\NortonInstaller
2009-11-27 17:39:38 0 d-----w- C:\Test norton
2009-11-25 08:29:48 0 ----a-w- c:\windows\system32\drivers\d9010dd2.sys
2009-11-25 08:29:46 208384 ----a-w- C:\rnkvgt.exe
2009-11-25 08:29:44 189919 ----a-w- C:\heksh.exe
2009-11-24 20:12:33 182656 -c----w- c:\windows\system32\dllcache\ndis.sys
2009-11-24 20:04:56 9440 ----a-w- c:\windows\system32\drivers\DSP24_MKr.sys
2009-11-24 20:04:30 0 d-----w- c:\programfiler\dcmant
2009-11-24 20:04:20 0 d-sh--w- c:\docume~1\arild\progra~1\System
2009-11-17 15:48:06 0 d-----w- c:\docume~1\alluse~1\progra~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-11-14 17:26:17 0 d-----w- c:\docume~1\alluse~1\progra~1\Note
2009-11-08 10:16:46 0 d-----w- c:\programfiler\Microsoft CAPICOM 2.1.0.2
2009-11-08 07:55:28 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-11-08 07:55:26 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-11-08 07:44:14 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-11-08 07:44:14 17248 ----a-w- c:\windows\system32\mucltui.dll.mui
2009-11-08 06:29:22 0 d-----w- c:\temp\{I}
2009-11-07 12:22:21 0 d-----w- c:\temp\Midifiler

==================== Find3M ====================

2009-11-28 14:41:27 88506 ----a-w- c:\windows\system32\perfc014.dat
2009-11-28 14:41:27 464824 ----a-w- c:\windows\system32\perfh014.dat
2009-11-24 20:12:33 182656 ----a-w- c:\windows\system32\drivers\ndis.sys
2009-11-23 15:12:46 549104 ----a-w- C:\WindowsXP-KB906866-x86-NOR.exe
2009-10-27 09:08:16 545424 ----a-r- c:\windows\system32\SZComp5.dll
2009-10-27 09:08:14 402064 ----a-r- c:\windows\system32\SZBase5.dll
2009-10-27 08:59:38 17408 ----a-r- c:\windows\system32\SZIO5.dll
2009-10-26 08:35:29 0 ----a-w- c:\windows\system32\drivers\12ea0f91660314e19199a3bcbdc16aa6.szcpf
2009-10-25 09:41:49 69652 ----a-w- C:\SQ8L_backup.dat
2009-10-20 12:40:34 126976 ----a-r- c:\windows\system32\IS3HTUI5.dll
2009-10-20 12:40:24 393216 ----a-r- c:\windows\system32\IS3DBA5.dll
2009-10-20 12:38:16 385024 ----a-r- c:\windows\system32\IS3UI5.dll
2009-10-20 12:37:58 61440 ----a-r- c:\windows\system32\IS3Hks5.dll
2009-10-20 12:37:40 23040 ----a-r- c:\windows\system32\IS3XDat5.dll
2009-10-20 12:35:40 225280 ----a-r- c:\windows\system32\IS3Win325.dll
2009-10-20 12:35:18 94208 ----a-r- c:\windows\system32\IS3Inet5.dll
2009-10-20 12:35:04 90112 ----a-r- c:\windows\system32\IS3Svc5.dll
2009-10-20 12:31:52 729088 ----a-r- c:\windows\system32\IS3Base5.dll
2009-10-08 13:57:16 612352 ----a-w- c:\windows\system32\SET3B9E.tmp
2009-10-08 13:57:16 20992 ----a-w- c:\windows\system32\SET3B9D.tmp
2009-10-08 13:57:00 220160 ----a-w- c:\windows\system32\SET3B9C.tmp
2009-09-17 15:20:38 1261568 ----a-w- c:\windows\system32\SYNSOACC.dll
2009-09-11 14:20:28 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:05:29 58880 ----a-w- c:\windows\system32\msasn1.dll
2008-02-24 17:06:14 9841 ----a-w- c:\programfiler\unins000.dat
2008-02-24 17:06:04 678682 ----a-w- c:\programfiler\unins000.exe
2007-02-06 17:11:21 65 ----a-w- c:\programfiler\fellesfiler\appop.log
2008-05-07 16:38:28 32768 --sha-w- c:\windows\system32\config\systemprofile\lokale innstillinger\logg\history.ie5\mshist012008050720080508\index.dat

============= FINISH: 16:03:02,21 ===============


I dont have the "browse" function here so i cant attach the file.

DS (Ver_09-11-24.02)


==== Disk Partitions =========================


==== Disabled Device Manager Items =============

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================


Abexo Free Registry Cleaner
Access Virus|PowerCore
Ad-Aware
Addictive Drums
Adobe Acrobat 8 Professional - English, Français, Deutsch
Adobe Acrobat 8.1.2 Professional
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 10 ActiveX
Adobe GoLive CS2
Adobe GoLive CS2 English
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader 8.1.2 - Norsk
Adobe Shockwave Player 11.5
Adobe Stock Photos 1.0
Adobe SVG Viewer 3.0
Ai Booster
Antares Autotune VST RTAS TDM v5.08
Antares Harmony Engine VST RTAS v1.0
Antares Kantos v1.0
Antares Microphone Modeler 1.31 DirectX
Apple Application Support
Apple Mobile Device Support
ARP2600 V
Arturia Moog Modular V v1.1
Arturia.Minimoog.V.v1.5-DAC
ASAPI
Assimilator
Assimilator DEMO
ASUS DH Remote
ASUS WiFi-AP Solo
ASUS_Ai_Proactive_Screensaver (E)
ASUSUpdate
Atmosphere
AudioEase Altiverb VST RTAS v6.10
AudioEase Speakersphone VST RTAS v1.01
BBE Sonic Maximizer Plugin
Best Service Chris Hein Bass
Best Service Chris Hein Horns
Big Fish Audio Raging Guitars
Broomstick Bass 1.0.0
CCleaner
CDXtract 4.5
Citrix Presentation Server Client
Compatibility Pack for 2007 Office
CS-80V
D-Coder
Dimension Pro
Dynamic EQ DEMO
East West Colossus
East West EWQLSO Gold Edition
East West Ra
East West Stormdrum Kompakt
East West Symphonic Choirs
East West Vapor
Edirol HQ Orchestral VSTi v1.03
EffectChainer 1.02
ElastikStandalone
ElastikVst
eLicenser Control
EndItAll 2.0
Enigma
EZdrummer
EZplayer pro
EZXClaustrophobic
EZXCocktail
EZXDfh
EZXPercussion
EZXTwisted
EZXVintage
Filtroid
Firebird SQL Server - MAGIX Edition
FW LiveUpdate
Garritan Jazz Big Band
Garritan Personal Orchestra
GForce - impOSCar
Heavyocity Evolve
Heinzelnisse
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
HP Display LiteSaver
Hurtigreparasjon for Windows Internet Explorer 7 (KB947864)
Hurtigreparasjon for Windows XP (KB952287)
Hypersonic 1.1.2 GM
InterVideo Launcher
iS3 STOPzilla Toolbar
Java 2 Runtime Environment, SE v1.4.2_14
Java™ 6 Update 14
Java™ 6 Update 3
JRAID
Jupiter-8V 1.0
KORG Legacy Collection - DIGITAL EDITION
LiquidInstrument Standalone 1.1
LiquidInstrumentVst 1.0
LiquidInstrumentVst 1.5
M-Audio Series II MIDI
Macromedia Extension Manager
Macromedia Flash 8
Macromedia Flash 8 Video Encoder
Macromedia Flash Player 8 Plugin
Malwarebytes' Anti-Malware
Marvell Miniport Driver
Master X5 48k
MC-808 Editor
MD3 Package DEMO
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Norwegian Language Pack
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - NOR
Microsoft .NET Framework 3.0 Norwegian (Bokmal) Language Pack
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - NOR
Microsoft .NET Framework 3.5 Language Pack SP1 - nor
Microsoft .NET Framework 3.5 SP1
Microsoft Base Smart Card Cryptographic Service Provider-pakke
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft XML Parser
MOTU PCI Audio
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
Native Instruments Bandstand
Native Instruments Komplete 4
Native Instruments Komplete 4 Patch
Native Instruments Kontakt 3
Native Instruments Kontakt Factory Selection
Native Instruments Kontakt Player 2
Native Instruments Service Center
Nero Suite
Neuratron PhotoScore Ultimate Demo
Norton Internet Security
NVIDIA Drivers
Oberheim OB-Tune
Office Keyboard
OGA Notifier 2.0.0048.0
Oppdatering for Microsoft Windows (KB971513)
Oppdatering for Windows Internet Explorer 8 (KB969497)
Oppdatering for Windows Internet Explorer 8 (KB975364)
Oppdatering for Windows Internet Explorer 8 (KB976749)
Oppdatering for Windows XP (KB951072-v2)
PC Booster
PC Probe II
PowerCore
PowerISO
PSP EasyVerb 1.5.4
QuickTime
Rapture 1.0
ReaConverter 5.0 Pro
RealStrat 1.0
Realtek High Definition Audio Driver
Reason 3.0
Reason 4.0
ReCycle 2.0
reFX Nexus 1.0.9
reFX Nexus 1.3.0
Rob Papen Albino 3
Rob Papen Predator V1.1.0
Security Update for CAPICOM (KB931906)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB928090)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB929969)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB931768)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB933566)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB937143)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB938127)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB939653)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB942615)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB944533)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB950759)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB953838)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB958215)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB960714)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB961260)
Sikkerhetsoppdatering for Windows Internet Explorer 7 (KB963027)
Sikkerhetsoppdatering for Windows Internet Explorer 8 (KB971961)
Sikkerhetsoppdatering for Windows Internet Explorer 8 (KB974455)
Sikkerhetsoppdatering for Windows XP (KB923789)
Sikkerhetsoppdatering for Windows XP (KB946648)
Sikkerhetsoppdatering for Windows XP (KB950974)
Sikkerhetsoppdatering for Windows XP (KB951066)
Sikkerhetsoppdatering for Windows XP (KB952954)
Sikkerhetsoppdatering for Windows XP (KB953839)
SiSoftware Sandra Lite XII.SP2c
Sonnox Oxford Inflator PowerCore VST v1.5.1
Sony ACID Pro 6.0
Sony Media Manager 2.1
Språkpakke for Microsoft .NET Framework 3.5 SP1 - NOR
Språkpakke for norsk (bokmål) for Microsoft .NET Framework 3.0
Spybot - Search & Destroy
SSL LMC-1 v1.0
SSL X-ISM v1.1
SSL X-ORCISM v1.1
Steinberg Cubase 4
Steinberg Cubase 5
Steinberg Drum Loop Expansion 01
Steinberg Groove Agent ONE Content
Steinberg HALion 3
Steinberg HALion Symphonic Orchestra 16-bit Edition
Steinberg HALionOne
Steinberg HALionOne Additional Content Set 01
Steinberg HALionOne Expression Set
Steinberg HALionOne GM Drum Set
Steinberg HALionOne GM Set
Steinberg HALionOne Pro Set
Steinberg HALionOne Studio Drum Set
Steinberg HALionOne Studio Set
Steinberg LoopMash Content
Steinberg Nuendo 3
Steinberg REVerence Content 01
Steinberg Sequel Trial Content
Steinberg SKI Remote
Steinberg V-STack V1.2.0.22
Steinberg Virtual Guitarist 2
STOPzilla
StylusRMX
Superior Drummer
Superior Drummer Installer
Superior ReWire Wrapper
TASCAM Mixer Companion
Text-To-Speech-Runtime
Timeworks Millenium Pack
Timeworks ReverbX
Toontrack solo
Trilogy
Tweak UI
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VB:FFX-4 Rack
Virtual Cable Tester
Virus Powercore
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VOCALOID Editor V1.0.0.1
VOCALOID Expression DB (Lola)
VOCALOID Expression DB (Standard)
VOCALOID SKIN (Zero-G LOLA)
VOCALOID Voice DB (Lola)
VOCALOID VSTi V1.0.0.1
VoiceModeler
VSS3
Waldorf PPG Wave 2.V v1.2
Waldorf.Attack.v1.2-OxYGeN
Waldorf.PPG.Wave2.V-OxYGeN
Warp VST
WaveLab 6
Waves API Collection
Waves Mercury Bundle
Waves SSL Collection v1.2
WD Diagnostics
WDCSAM Driver
WebFldrs XP
Windows-driverpakke - TC Electronic A/S PowerCore Driver (09/19/2008 3.2.0.38)
Windows Defender
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (12/05/2006 1.0.0007.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Installer Clean Up
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows Presentation Foundation Language Pack (NOR)
Windows XP Service Pack 3
WinRAR archiver
WordBuilder
XML Paper Specification Shared Components Language Pack 1.0
XML Paper Specification Shared Components Pack 1.0
Zero-G Nostalgia
Zero-G Operating Table
Zero-G Sounds of Polynesia
Zero-G Sounds of the 70s
Zero-G Vocal Forge
Zero-G Wired - The Elements of Trance

==== End Of File ===========================


Root Repeal


ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/11/28 16:16
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: 1394BUS.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\1394BUS.SYS
Address: 0xF62B7000 Size: 57344 File Visible: - Signed: -
Status: -

Name: aa941rgb.SYS
Image Path: C:\WINDOWS\System32\Drivers\aa941rgb.SYS
Address: 0xF4AF3000 Size: 303104 File Visible: No Signed: -
Status: -

Name: ACPI.sys
Image Path: ACPI.sys
Address: 0xF6123000 Size: 187776 File Visible: - Signed: -
Status: -

Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0xE0B88000 Size: 2260992 File Visible: - Signed: -
Status: -

Name: AegisP.sys
Image Path: C:\WINDOWS\system32\DRIVERS\AegisP.sys
Address: 0xF666F000 Size: 19008 File Visible: - Signed: -
Status: -

Name: afd.sys
Image Path: C:\WINDOWS\System32\drivers\afd.sys
Address: 0xF1207000 Size: 138496 File Visible: - Signed: -
Status: -

Name: arp1394.sys
Image Path: C:\WINDOWS\system32\DRIVERS\arp1394.sys
Address: 0xF58E2000 Size: 60800 File Visible: - Signed: -
Status: -

Name: ASACPI.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ASACPI.sys
Address: 0xF67E1000 Size: 5152 File Visible: - Signed: -
Status: -

Name: ASAPIW2K.sys
Image Path: C:\WINDOWS\System32\Drivers\ASAPIW2K.sys
Address: 0xF6567000 Size: 32768 File Visible: - Signed: -
Status: -

Name: AsIO.sys
Image Path: C:\WINDOWS\system32\drivers\AsIO.sys
Address: 0xF67FD000 Size: 5184 File Visible: - Signed: -
Status: -

Name: atapi.sys
Image Path: atapi.sys
Address: 0xF60B5000 Size: 98304 File Visible: - Signed: -
Status: -

Name: atapi.sys
Image Path: atapi.sys
Address: 0x00000000 Size: 0 File Visible: - Signed: -
Status: -

Name: ATMFD.DLL
Image Path: C:\WINDOWS\System32\ATMFD.DLL
Address: 0xDE39D000 Size: 286720 File Visible: - Signed: -
Status: -

Name: audstub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\audstub.sys
Address: 0xF6899000 Size: 3072 File Visible: - Signed: -
Status: -

Name: Beep.SYS
Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS
Address: 0xF67F7000 Size: 4224 File Visible: - Signed: -
Status: -

Name: BHDrvx86.sys
Image Path: C:\Documents and Settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20091104.001\BHDrvx86.sys
Address: 0xF0FC6000 Size: 540672 File Visible: - Signed: -
Status: -

Name: BOOTVID.dll
Image Path: C:\WINDOWS\system32\BOOTVID.dll
Address: 0xF6697000 Size: 12288 File Visible: - Signed: -
Status: -

Name: ccHPx86.sys
Image Path: C:\WINDOWS\system32\drivers\NIS\1101000.013\ccHPx86.sys
Address: 0xF104A000 Size: 520192 File Visible: - Signed: -
Status: -

Name: Cdfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Address: 0xF63E7000 Size: 63744 File Visible: - Signed: -
Status: -

Name: cdrom.sys
Image Path: C:\WINDOWS\system32\DRIVERS\cdrom.sys
Address: 0xF6327000 Size: 62976 File Visible: - Signed: -
Status: -

Name: CLASSPNP.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Address: 0xF6317000 Size: 53248 File Visible: - Signed: -
Status: -

Name: disk.sys
Image Path: disk.sys
Address: 0xF6307000 Size: 36352 File Visible: - Signed: -
Status: -

Name: dmio.sys
Image Path: dmio.sys
Address: 0xF60CD000 Size: 153344 File Visible: - Signed: -
Status: -

Name: dmload.sys
Image Path: dmload.sys
Address: 0xF678B000 Size: 5888 File Visible: - Signed: -
Status: -

Name: drmk.sys
Image Path: C:\WINDOWS\system32\drivers\drmk.sys
Address: 0xF5248000 Size: 61440 File Visible: - Signed: -
Status: -

Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xF0F86000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF6815000 Size: 8192 File Visible: No Signed: -
Status: -

Name: Dxapi.sys
Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys
Address: 0xF5A03000 Size: 12288 File Visible: - Signed: -
Status: -

Name: dxg.sys
Image Path: C:\WINDOWS\System32\drivers\dxg.sys
Address: 0xDDDC4000 Size: 73728 File Visible: - Signed: -
Status: -

Name: dxgthk.sys
Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys
Address: 0xF68F2000 Size: 4096 File Visible: - Signed: -
Status: -

Name: eeCtrl.sys
Image Path: C:\Programfiler\Fellesfiler\Symantec Shared\EENGINE\eeCtrl.sys
Address: 0xF10E6000 Size: 385024 File Visible: - Signed: -
Status: -

Name: EraserUtilRebootDrv.sys
Image Path: C:\Programfiler\Fellesfiler\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
Address: 0xF10C9000 Size: 118784 File Visible: - Signed: -
Status: -

Name: fdc.sys
Image Path: C:\WINDOWS\system32\DRIVERS\fdc.sys
Address: 0xF6687000 Size: 27392 File Visible: - Signed: -
Status: -

Name: Fips.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fips.SYS
Address: 0xF63B7000 Size: 44544 File Visible: - Signed: -
Status: -

Name: flpydisk.sys
Image Path: C:\WINDOWS\system32\DRIVERS\flpydisk.sys
Address: 0xF65E7000 Size: 20480 File Visible: - Signed: -
Status: -

Name: fltmgr.sys
Image Path: fltmgr.sys
Address: 0xF6095000 Size: 129792 File Visible: - Signed: -
Status: -

Name: Fs_Rec.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Address: 0xF67F5000 Size: 7936 File Visible: - Signed: -
Status: -

Name: ftdisk.sys
Image Path: ftdisk.sys
Address: 0xF60F3000 Size: 125056 File Visible: - Signed: -
Status: -

Name: hal.dll
Image Path: C:\WINDOWS\system32\hal.dll
Address: 0xE0B67000 Size: 134400 File Visible: - Signed: -
Status: -

Name: HDAudBus.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
Address: 0xF4C12000 Size: 163840 File Visible: - Signed: -
Status: -

Name: HIDPARSE.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS
Address: 0xF660F000 Size: 28672 File Visible: - Signed: -
Status: -

Name: i8042prt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Address: 0xF64E7000 Size: 51840 File Visible: - Signed: -
Status: -

Name: IDSxpx86.sys
Image Path: C:\Documents and Settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20091111.001\IDSxpx86.sys
Address: 0xF1251000 Size: 344064 File Visible: - Signed: -
Status: -

Name: imapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\imapi.sys
Address: 0xF6297000 Size: 42112 File Visible: - Signed: -
Status: -

Name: intelppm.sys
Image Path: C:\WINDOWS\system32\DRIVERS\intelppm.sys
Address: 0xF64A7000 Size: 40192 File Visible: - Signed: -
Status: -

Name: ipnat.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipnat.sys
Address: 0xF12FC000 Size: 152832 File Visible: - Signed: -
Status: -

Name: ipsec.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipsec.sys
Address: 0xF13A3000 Size: 75264 File Visible: - Signed: -
Status: -

Name: Ironx86.SYS
Image Path: C:\WINDOWS\System32\Drivers\NIS\1101000.013\Ironx86.SYS
Address: 0xF161C000 Size: 126976 File Visible: - Signed: -
Status: -

Name: isapnp.sys
Image Path: isapnp.sys
Address: 0xF62C7000 Size: 37376 File Visible: - Signed: -
Status: -

Name: iviaspi.sys
Image Path: C:\WINDOWS\system32\drivers\iviaspi.sys
Address: 0xF655F000 Size: 20992 File Visible: - Signed: -
Status: -

Name: JGOGO.sys
Image Path: JGOGO.sys
Address: 0xF678D000 Size: 6912 File Visible: - Signed: -
Status: -

Name: jraid.sys
Image Path: jraid.sys
Address: 0xF62F7000 Size: 41216 File Visible: - Signed: -
Status: -

Name: kbdclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Address: 0xF668F000 Size: 24448 File Visible: - Signed: -
Status: -

Name: KDCOM.DLL
Image Path: C:\WINDOWS\system32\KDCOM.DLL
Address: 0xF6787000 Size: 8192 File Visible: - Signed: -
Status: -

Name: ks.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ks.sys
Address: 0xF4A78000 Size: 143360 File Visible: - Signed: -
Status: -

Name: KSecDD.sys
Image Path: KSecDD.sys
Address: 0xF5FFC000 Size: 92928 File Visible: - Signed: -
Status: -

Name: MAWGSIF.sys
Image Path: C:\WINDOWS\system32\drivers\MAWGSIF.sys
Address: 0xF5952000 Size: 36864 File Visible: - Signed: -
Status: -

Name: MAWWAVE.sys
Image Path: C:\WINDOWS\system32\drivers\MAWWAVE.sys
Address: 0xF5962000 Size: 49152 File Visible: - Signed: -
Status: -

Name: mbam.sys
Image Path: C:\WINDOWS\system32\drivers\mbam.sys
Address: 0xF1346000 Size: 12416 File Visible: - Signed: -
Status: -

Name: mnmdd.SYS
Image Path: C:\WINDOWS\System32\Drivers\mnmdd.SYS
Address: 0xF67F9000 Size: 4224 File Visible: - Signed: -
Status: -

Name: MotuAW.sys
Image Path: C:\WINDOWS\system32\drivers\MotuAW.sys
Address: 0xF4B3D000 Size: 344064 File Visible: - Signed: -
Status: -

Name: mouclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mouclass.sys
Address: 0xF652F000 Size: 22912 File Visible: - Signed: -
Status: -

Name: MountMgr.sys
Image Path: MountMgr.sys
Address: 0xF62D7000 Size: 42368 File Visible: - Signed: -
Status: -

Name: mrxsmb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Address: 0xF1144000 Size: 455296 File Visible: - Signed: -
Status: -

Name: Msfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS
Address: 0xF661F000 Size: 19072 File Visible: - Signed: -
Status: -

Name: msgpc.sys
Image Path: C:\WINDOWS\system32\DRIVERS\msgpc.sys
Address: 0xF5288000 Size: 35072 File Visible: - Signed: -
Status: -

Name: mssmbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Address: 0xF6767000 Size: 15488 File Visible: - Signed: -
Status: -

Name: Mup.sys
Image Path: Mup.sys
Address: 0xF5F21000 Size: 105344 File Visible: - Signed: -
Status: -

Name: NAVENG.SYS
Image Path: C:\Documents and Settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20091127.038\NAVENG.SYS
Address: 0xF14A1000 Size: 78208 File Visible: - Signed: -
Status: -

Name: NAVEX15.SYS
Image Path: C:\Documents and Settings\All Users\Programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20091127.038\NAVEX15.SYS
Address: 0xF14DA000 Size: 1316864 File Visible: - Signed: -
Status: -

Name: NDIS.sys
Image Path: NDIS.sys
Address: 0xFC76C000 Size: 182656 File Visible: - Signed: -
Status: -

Name: ndistapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Address: 0xF674B000 Size: 10112 File Visible: - Signed: -
Status: -

Name: ndiswan.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Address: 0xF4ADC000 Size: 91520 File Visible: - Signed: -
Status: -

Name: NDProxy.SYS
Image Path: C:\WINDOWS\System32\Drivers\NDProxy.SYS
Address: 0xF5258000 Size: 40576 File Visible: - Signed: -
Status: -

Name: netbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbios.sys
Address: 0xF63A7000 Size: 34688 File Visible: - Signed: -
Status: -

Name: netbt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbt.sys
Address: 0xF1229000 Size: 162816 File Visible: - Signed: -
Status: -

Name: nic1394.sys
Image Path: C:\WINDOWS\system32\DRIVERS\nic1394.sys
Address: 0xF64D7000 Size: 61824 File Visible: - Signed: -
Status: -

Name: Npfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS
Address: 0xF6627000 Size: 30848 File Visible: - Signed: -
Status: -

Name: Ntfs.sys
Image Path: Ntfs.sys
Address: 0xF5F6F000 Size: 574976 File Visible: - Signed: -
Status: -

Name: ntoskrnl.exe
Image Path: C:\WINDOWS\system32\ntoskrnl.exe
Address: 0xE0B88000 Size: 2260992 File Visible: - Signed: -
Status: -

Name: Null.SYS
Image Path: C:\WINDOWS\System32\Drivers\Null.SYS
Address: 0xF6853000 Size: 2944 File Visible: - Signed: -
Status: -

Name: nv4_disp.dll
Image Path: C:\WINDOWS\System32\nv4_disp.dll
Address: 0xDDDD6000 Size: 6057984 File Visible: - Signed: -
Status: -

Name: nv4_mini.sys
Image Path: C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
Address: 0xF4C4E000 Size: 6132576 File Visible: - Signed: -
Status: -

Name: ohci1394.sys
Image Path: ohci1394.sys
Address: 0xF62A7000 Size: 61696 File Visible: - Signed: -
Status: -

Name: PartMgr.sys
Image Path: PartMgr.sys
Address: 0xF650F000 Size: 19712 File Visible: - Signed: -
Status: -

Name: pci.sys
Image Path: pci.sys
Address: 0xF6112000 Size: 68224 File Visible: - Signed: -
Status: -

Name: PCI_PNP4682
Image Path: \Driver\PCI_PNP4682
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Name: pciide.sys
Image Path: pciide.sys
Address: 0xF684F000 Size: 3328 File Visible: - Signed: -
Status: -

Name: PCIIDEX.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Address: 0xF6507000 Size: 28672 File Visible: - Signed: -
Status: -

Name: PCore.sys
Image Path: C:\WINDOWS\system32\DRIVERS\PCore.sys
Address: 0xF4B91000 Size: 94208 File Visible: - Signed: -
Status: -

Name: pfc.sys
Image Path: C:\WINDOWS\system32\drivers\pfc.sys
Address: 0xF59FB000 Size: 10368 File Visible: - Signed: -
Status: -

Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0xE0B88000 Size: 2260992 File Visible: - Signed: -
Status: -

Name: portcls.sys
Image Path: C:\WINDOWS\system32\drivers\portcls.sys
Address: 0xF244D000 Size: 147456 File Visible: - Signed: -
Status: -

Name: psched.sys
Image Path: C:\WINDOWS\system32\DRIVERS\psched.sys
Address: 0xF4ACB000 Size: 69120 File Visible: - Signed: -
Status: -

Name: ptilink.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ptilink.sys
Address: 0xF65BF000 Size: 17792 File Visible: - Signed: -
Status: -

Name: rasacd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasacd.sys
Address: 0xF59F7000 Size: 8832 File Visible: - Signed: -
Status: -

Name: rasl2tp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Address: 0xF52B8000 Size: 51328 File Visible: - Signed: -
Status: -

Name: raspppoe.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Address: 0xF52A8000 Size: 41472 File Visible: - Signed: -
Status: -

Name: raspptp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspptp.sys
Address: 0xF5298000 Size: 48384 File Visible: - Signed: -
Status: -

Name: raspti.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspti.sys
Address: 0xF65C7000 Size: 16512 File Visible: - Signed: -
Status: -

Name: RAW
Image Path: \FileSystem\RAW
Address: 0xE0B88000 Size: 2260992 File Visible: - Signed: -
Status: -

Name: rdbss.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdbss.sys
Address: 0xF11DC000 Size: 175744 File Visible: - Signed: -
Status: -

Name: RDPCDD.sys
Image Path: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Address: 0xF67FB000 Size: 4224 File Visible: - Signed: -
Status: -

Name: rdpdr.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdpdr.sys
Address: 0xF4A9B000 Size: 196224 File Visible: - Signed: -
Status: -

Name: redbook.sys
Image Path: C:\WINDOWS\system32\DRIVERS\redbook.sys
Address: 0xF5268000 Size: 57600 File Visible: - Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xECC5B000 Size: 49152 File Visible: No Signed: -
Status: -

Name: RtkHDAud.sys
Image Path: C:\WINDOWS\system32\drivers\RtkHDAud.sys
Address: 0xF2471000 Size: 4415488 File Visible: - Signed: -
Status: -

Name: RTL8187.sys
Image Path: C:\WINDOWS\system32\DRIVERS\RTL8187.sys
Address: 0xF1476000 Size: 176128 File Visible: - Signed: -
Status: -

Name: SCDEmu.SYS
Image Path: C:\WINDOWS\System32\Drivers\SCDEmu.SYS
Address: 0xF6637000 Size: 30560 File Visible: - Signed: -
Status: -

Name: SCSIPORT.SYS
Image Path: C:\WINDOWS\System32\Drivers\SCSIPORT.SYS
Address: 0xF6151000 Size: 98304 File Visible: - Signed: -
Status: -

Name: serenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\serenum.sys
Address: 0xF59FF000 Size: 15744 File Visible: - Signed: -
Status: -

Name: serial.sys
Image Path: C:\WINDOWS\system32\DRIVERS\serial.sys
Address: 0xF64F7000 Size: 64640 File Visible: - Signed: -
Status: -

Name: spez.sys
Image Path: spez.sys
Address: 0xF6169000 Size: 1036288 File Visible: No Signed: -
Status: -

Name: sptd
Image Path: \Driver\sptd
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Name: SRTSP.SYS
Image Path: C:\WINDOWS\System32\Drivers\NIS\1101000.013\SRTSP.SYS
Address: 0xF163B000 Size: 356352 File Visible: - Signed: -
Status: -

Name: SRTSPX.SYS
Image Path: C:\WINDOWS\system32\drivers\NIS\1101000.013\SRTSPX.SYS
Address: 0xF5932000 Size: 36992 File Visible: - Signed: -
Status: -

Name: srv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\srv.sys
Address: 0xF0963000 Size: 333952 File Visible: - Signed: -
Status: -

Name: swenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\swenum.sys
Address: 0xF67E7000 Size: 4352 File Visible: - Signed: -
Status: -

Name: SYMDS.SYS
Image Path: SYMDS.SYS
Address: 0xF603F000 Size: 352256 File Visible: No Signed: -
Status: -

Name: SYMEFA.SYS
Image Path: SYMEFA.SYS
Address: 0xF6013000 Size: 180224 File Visible: No Signed: -
Status: -

Name: SYMEVENT.SYS
Image Path: C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
Address: 0xF14B5000 Size: 151552 File Visible: - Signed: -
Status: -

Name: SYMTDI.SYS
Image Path: C:\WINDOWS\System32\Drivers\NIS\1101000.013\SYMTDI.SYS
Address: 0xF12A5000 Size: 354816 File Visible: - Signed: -
Status: -

Name: sysaudio.sys
Image Path: C:\WINDOWS\system32\drivers\sysaudio.sys
Address: 0xEFDFA000 Size: 60800 File Visible: - Signed: -
Status: -

Name: szkg.sys
Image Path: szkg.sys
Address: 0xF6287000 Size: 54656 File Visible: - Signed: -
Status: -

Name: tcpip.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tcpip.sys
Address: 0xF134A000 Size: 361600 File Visible: - Signed: -
Status: -

Name: tcpsr.sys
Image Path: C:\WINDOWS\System32\drivers\tcpsr.sys
Address: 0xF6847000 Size: 6016 File Visible: No Signed: -
Status: -

Name: TDI.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\TDI.SYS
Address: 0xF65B7000 Size: 20480 File Visible: - Signed: -
Status: -

Name: termdd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\termdd.sys
Address: 0xF5278000 Size: 40704 File Visible: - Signed: -
Status: -

Name: update.sys
Image Path: C:\WINDOWS\system32\DRIVERS\update.sys
Address: 0xF4A1A000 Size: 384768 File Visible: - Signed: -
Status: -

Name: USBD.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBD.SYS
Address: 0xF67ED000 Size: 8192 File Visible: - Signed: -
Status: -

Name: usbehci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbehci.sys
Address: 0xF667F000 Size: 30208 File Visible: - Signed: -
Status: -

Name: usbhub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbhub.sys
Address: 0xF6397000 Size: 59520 File Visible: - Signed: -
Status: -

Name: USBPORT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS
Address: 0xF4BA8000 Size: 147456 File Visible: - Signed: -
Status: -

Name: usbuhci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbuhci.sys
Address: 0xF6677000 Size: 20608 File Visible: - Signed: -
Status: -

Name: vga.sys
Image Path: C:\WINDOWS\System32\drivers\vga.sys
Address: 0xF6617000 Size: 20992 File Visible: - Signed: -
Status: -

Name: VIDEOPRT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS
Address: 0xF4C3A000 Size: 81920 File Visible: - Signed: -
Status: -

Name: VolSnap.sys
Image Path: VolSnap.sys
Address: 0xF62E7000 Size: 52480 File Visible: - Signed: -
Status: -

Name: wanarp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\wanarp.sys
Address: 0xF58F2000 Size: 34560 File Visible: - Signed: -
Status: -

Name: watchdog.sys
Image Path: C:\WINDOWS\System32\watchdog.sys
Address: 0xF665F000 Size: 20480 File Visible: - Signed: -
Status: -

Name: wdmaud.sys
Image Path: C:\WINDOWS\system32\drivers\wdmaud.sys
Address: 0xEF187000 Size: 83072 File Visible: - Signed: -
Status: -

Name: Win32k
Image Path: \Driver\Win32k
Address: 0xDDC00000 Size: 1851392 File Visible: - Signed: -
Status: -

Name: win32k.sys
Image Path: C:\WINDOWS\System32\win32k.sys
Address: 0xDDC00000 Size: 1851392 File Visible: - Signed: -
Status: -

Name: WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\WMILIB.SYS
Address: 0xF6789000 Size: 8192 File Visible: - Signed: -
Status: -

Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0xE0B88000 Size: 2260992 File Visible: - Signed: -
Status: -

Name: yk51x86.sys
Image Path: C:\WINDOWS\system32\DRIVERS\yk51x86.sys
Address: 0xF4BCC000 Size: 285952 File Visible: - Signed: -
Status: -

Edited by garmanma, 29 November 2009 - 08:15 PM.


BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:26 AM

Posted 05 December 2009 - 06:02 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :(
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:26 AM

Posted 10 December 2009 - 05:32 PM

Since this issue appears to be resolved ... this topic has been closed. Glad we could help. :(

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users