Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Not sure what I'm infected with.....


  • This topic is locked This topic is locked
2 replies to this topic

#1 MaineEvent

MaineEvent

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 26 December 2009 - 03:04 PM

Lately I haven't been able to open any antivrius applications... like malwarebytes or spybot and even my Norton won't load when I start my computer up.
A couple weeks ago I had the "antivir" virus that tried to get me to purchase the program to get rid of the "threats" and viruses attacking my computer,which I knew was fake. So I downloaded malwarebytes and it got rid of it.
Now about a week ago this started happening....At one time I thought I saw a couple of fake pop-ups in the corner of the screen saying something about "fake Ad" being blocked or or attempted to attack me or something... only saw it once and for about 2 secs.

I really hope someone can help me out with this!
Thank you in advance!!
Ok so here is my DDS log and Root repeal log:



DDS (Ver_09-12-01.01) - NTFSx86 NETWORK
Run by Aspire On Fire at 11:47:44.78 on Sat 12/26/2009
Internet Explorer: 8.0.6001.18865
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.894.392 [GMT -8:00]

SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Users\Aspire On Fire\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9UVKDW6H\dds[1].scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uSEARCH PAGE = hxxp://ca.rd.yahoo.com/customize/ycomp/defaults/sp/*http://ca.yahoo.com
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://en.ca.acer.yahoo.com
mDefault_Page_URL = hxxp://en.ca.acer.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://ca.rd.yahoo.com/customize/ycomp/defaults/su/*http://ca.yahoo.com
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\17.1.0.19\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\17.1.0.19\IPSBHO.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\windows\system32\eDStoolbar.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\17.1.0.19\coIEPlg.dll
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
StartupFolder: c:\users\aspire~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\fortem~1.lnk - c:\program files\lg soft india\fortemanager\bin\Monitor.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - c:\program files\bodog poker\BPGame.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
Trusted Zone: turbotax.com
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: GoToAssist - c:\program files\citrix\gotoassist\516\G2AWinLogon.dll
SEH: ShellHook Class: {88485281-8b4b-4f8d-9ede-82e29a064277} - c:\progra~1\markany\conten~1\MACSMA~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

============= SERVICES / DRIVERS ===============

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1101000.013\SymDS.sys [2009-12-7 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1101000.013\SymEFA.sys [2009-12-7 171056]
S1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.0.0.136\definitions\bashdefs\20091205.001\BHDrvx86.sys [2009-12-4 529456]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1101000.013\cchpx86.sys [2009-12-7 501888]
S1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.0.0.136\definitions\ipsdefs\20091217.002\IDSvix86.sys [2009-12-18 343088]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1101000.013\Ironx86.sys [2009-12-7 114736]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1101000.013\symtdiv.sys [2009-12-7 339504]
S2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\17.1.0.19\ccSvcHst.exe [2009-12-7 126392]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-12-19 1153368]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-11-3 24652]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-12-6 102448]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-5-28 21504]
S3 LGDDCDevice;LGDDCDevice;c:\program files\lg soft india\fortemanager\bin\I2CDriver.sys [2009-4-17 14336]
S3 LGII2CDevice;LGII2CDevice;c:\program files\lg soft india\fortemanager\bin\PII2CDriver.sys [2009-4-17 18432]
S3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120;c:\windows\system32\drivers\libusb0.sys [2008-2-24 29184]

=============== Created Last 30 ================

2009-12-26 19:34:53 0 d-----w- c:\program files\Trend Micro
2009-12-23 03:41:38 0 d-----r- c:\program files\Skype
2009-12-22 08:06:33 0 d-----w- c:\users\aspire~1\appdata\roaming\Red Kawa
2009-12-22 08:02:17 0 d-----w- c:\program files\AviSynth 2.5
2009-12-21 18:49:07 2170 ----a-w- c:\users\aspire on fire\.recently-used.xbel
2009-12-19 19:06:39 171559881 ----a-w- c:\windows\MEMORY.DMP
2009-12-19 19:05:26 0 d-----w- c:\program files\Spybot - Search & Destroy
2009-12-19 19:01:29 0 d-----w- c:\program files\CCleaner
2009-12-19 05:36:19 0 d-----w- c:\programdata\Spybot - Search & Destroy
2009-12-19 04:21:01 0 d-----w- c:\users\aspire~1\appdata\roaming\Tific
2009-12-19 03:49:08 0 d-----w- c:\program files\Ulitimatebetter
2009-12-19 03:45:03 671 ----a-w- c:\windows\system32\krl32mainweq.dll
2009-12-19 03:19:15 200 ----a-w- c:\windows\system32\srcr.dat
2009-12-18 19:18:43 0 d-----w- c:\users\aspire on fire\.thumbnails
2009-12-18 19:16:51 0 d-----w- c:\users\aspire on fire\.gimp-2.6
2009-12-18 19:16:44 0 d-----w- c:\users\aspire on fire\.gegl-0.0
2009-12-18 19:14:19 0 d-----w- c:\program files\GIMP-2.0
2009-12-09 10:53:15 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-09 10:53:12 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-09 10:53:12 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-12-08 23:05:43 377344 ----a-w- c:\windows\system32\winhttp.dll
2009-12-07 07:32:03 0 d-----w- c:\users\aspire~1\appdata\roaming\Malwarebytes
2009-12-07 07:31:59 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-07 07:31:58 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-07 07:31:58 0 d-----w- c:\programdata\Malwarebytes
2009-12-07 07:31:57 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-06 21:39:03 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-12-06 21:39:03 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-12-06 21:39:03 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-12-06 21:36:34 0 d-----w- c:\windows\system32\drivers\NIS
2009-12-06 21:36:21 0 d-----w- c:\program files\Norton Internet Security
2009-12-06 18:59:23 0 d-----w- c:\program files\common files\PC Tools
2009-12-06 18:58:57 0 d---a-w- c:\programdata\TEMP
2009-12-06 18:26:39 0 d-----w- c:\program files\common files\Uninstall

==================== Find3M ====================

2009-12-06 21:33:50 86016 ----a-w- c:\windows\inf\infstor.dat
2009-12-06 21:33:50 51200 ----a-w- c:\windows\inf\infpub.dat
2009-12-06 21:33:50 143360 ----a-w- c:\windows\inf\infstrng.dat
2009-11-21 06:40:20 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34:39 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34:39 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59:58 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-18 17:28:19 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-18 17:19:33 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-11-18 17:17:42 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-03 04:42:06 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-29 09:17:42 2048 ----a-w- c:\windows\system32\tzres.dll
2009-10-08 21:08:01 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-10-08 21:08:01 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-10-08 21:07:59 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-07 11:36:36 243712 ----a-w- c:\windows\system32\rastls.dll
2009-10-01 01:02:17 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02:05 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02:04 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02:00 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01:59 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01:59 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01:56 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01:56 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01:56 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01:56 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 01:01:54 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-10-01 01:01:50 226816 ----a-w- c:\windows\system32\WpdMtp.dll
2009-10-01 01:01:49 61952 ----a-w- c:\windows\system32\WpdMtpUS.dll
2009-10-01 01:01:49 33280 ----a-w- c:\windows\system32\WpdConns.dll
2008-05-29 04:53:08 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 11:49:29.75 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 6/10/2007 9:51:44 PM
System Uptime: 12/26/2009 11:31:31 AM (0 hours ago)

Motherboard: Acer | | MRS600M
Processor: Intel® Pentium® D CPU 2.80GHz | Socket 775 | 2800/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 113 GiB total, 45.483 GiB free.
D: is FIXED (NTFS) - 113 GiB total, 96.351 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1245: 12/10/2009 12:00:08 AM - Scheduled Checkpoint
RP1246: 12/11/2009 1:08:19 AM - Scheduled Checkpoint
RP1247: 12/11/2009 4:19:00 PM - Scheduled Checkpoint
RP1248: 12/12/2009 11:28:18 AM - Scheduled Checkpoint
RP1249: 12/13/2009 6:58:17 AM - Scheduled Checkpoint
RP1250: 12/14/2009 10:42:47 AM - Scheduled Checkpoint
RP1251: 12/15/2009 10:11:56 AM - Scheduled Checkpoint
RP1252: 12/16/2009 10:03:51 AM - Scheduled Checkpoint
RP1253: 12/17/2009 2:56:39 PM - Scheduled Checkpoint
RP1254: 12/18/2009 1:47:01 PM - Scheduled Checkpoint

==== Installed Programs ======================

Acer Assist
Acer eDataSecurity Management
Acer Empowering Technology
Acer ePerformance Management
Acer Picture Slide DVD
Acer Plug and Record
Acer Registration
Acer ScreenSaver
Acer Zone MagicDirector
Acer Zone Main Page
Acer Zone MakeDisk
Acer Zone SoftDMA
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.2
AIM 6
AnswerWorks 4.0 Runtime - English
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoStudio 5.5
ATI Catalyst Control Center Ex
ATI Catalyst Install Manager
µTorrent
AutoUpdate
AviSynth 2.5
Bonjour
Canon MP Navigator 3.0
Canon MP460
Canon Utilities Easy-PhotoPrint
CCleaner
ContentSAFER for Wizmax
ConvertXtoDVD 3.2.1.55b
DivX Codec
DivX Converter
EmoDio
forteManager
Full Tilt Poker
getPlus® for Adobe
GIMP 2.6.4
Google Talk (remove only)
GoToAssist 8.0.0.516
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
iTunes
Java 2 Runtime Environment, SE v1.4.2_15
LightScribe 1.4.124.1
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Logitech Harmony Remote Software 7
Logitech QuickCam
Malwarebytes' Anti-Malware
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft IntelliPoint 6.1
Microsoft IntelliType Pro 6.2
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML4SP2
Network Magic
Norton Internet Security
NTI Backup NOW! 4.7
NTI CD & DVD-Maker
PSP Video 9 5.03
Pure Networks Platform
QuickTime
Realtek High Definition Audio Driver
Remote Control USB Driver
ScanSoft OmniPage SE 4.0
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB973704)
Security Update for Microsoft Office Excel 2007 (KB973593)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB969693)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Skype™ 4.1
Soap 3.0 Toolkit
Spybot - Search & Destroy
StudioTax 2008
UB
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 (KB974561)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb976884)
VideoLAN VLC media player 0.8.6f
Viewpoint Media Player
Virtools 3D Life Player
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
WinRAR archiver
Yahoo! Messenger

==== Event Viewer Messages From Past Week ========

12/26/2009 11:33:32 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx86 ccHP eeCtrl ElbyCDIO IDSVix86 spldr SRTSPX SymIRON SYMTDIv Wanarpv6
12/26/2009 11:33:32 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
12/26/2009 11:32:42 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/26/2009 11:32:38 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
12/26/2009 11:32:33 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/26/2009 11:32:24 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
12/23/2009 10:45:34 AM, Error: Service Control Manager [7038] - The SstpSvc service was unable to log on as NT Authority\LocalService with the currently configured password due to the following error: A specified logon session does not exist. It may already have been terminated. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
12/23/2009 10:45:34 AM, Error: Service Control Manager [7023] - The Secure Socket Tunneling Protocol Service service terminated with the following error: The RPC server is unavailable.
12/23/2009 10:45:34 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Viewpoint Manager Service service to connect.
12/23/2009 10:45:34 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Norton Internet Security service to connect.
12/23/2009 10:45:34 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Automatic LiveUpdate Scheduler service to connect.
12/23/2009 10:45:34 AM, Error: Service Control Manager [7001] - The Remote Access Connection Manager service depends on the Secure Socket Tunneling Protocol Service service which failed to start because of the following error: The service did not start due to a logon failure.
12/23/2009 10:45:34 AM, Error: Service Control Manager [7001] - The Remote Access Connection Manager service depends on the Secure Socket Tunneling Protocol Service service which failed to start because of the following error: The RPC server is unavailable.
12/23/2009 10:45:34 AM, Error: Service Control Manager [7000] - The Viewpoint Manager Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/23/2009 10:45:34 AM, Error: Service Control Manager [7000] - The Secure Socket Tunneling Protocol Service service failed to start due to the following error: The service did not start due to a logon failure.
12/23/2009 10:45:34 AM, Error: Service Control Manager [7000] - The Norton Internet Security service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/23/2009 10:45:34 AM, Error: Service Control Manager [7000] - The Automatic LiveUpdate Scheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

==== End Of File ===========================

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/12/26 11:50
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================

Drivers
-------------------
Name: 1394BUS.SYS
Image Path: C:\Windows\system32\DRIVERS\1394BUS.SYS
Address: 0x8C0E3000 Size: 57344 File Visible: - Signed: -
Status: -

Name: acpi.sys
Image Path: C:\Windows\system32\drivers\acpi.sys
Address: 0x82895000 Size: 286720 File Visible: - Signed: -
Status: -

Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x81E49000 Size: 3903488 File Visible: - Signed: -
Status: -

Name: afd.sys
Image Path: C:\Windows\system32\drivers\afd.sys
Address: 0x8C981000 Size: 294912 File Visible: - Signed: -
Status: -

Name: AnyDVD.sys
Image Path: C:\Windows\System32\Drivers\AnyDVD.sys
Address: 0x8C00F000 Size: 90496 File Visible: - Signed: -
Status: -

Name: atapi.sys
Image Path: C:\Windows\system32\drivers\atapi.sys
Address: 0x829A4000 Size: 32768 File Visible: - Signed: -
Status: -

Name: ataport.SYS
Image Path: C:\Windows\system32\drivers\ataport.SYS
Address: 0x829AC000 Size: 122880 File Visible: - Signed: -
Status: -

Name: AtiPcie.sys
Image Path: C:\Windows\system32\DRIVERS\AtiPcie.sys
Address: 0x865D9000 Size: 32768 File Visible: - Signed: -
Status: -

Name: Beep.SYS
Image Path: C:\Windows\System32\Drivers\Beep.SYS
Address: 0x8C8E4000 Size: 28672 File Visible: - Signed: -
Status: -

Name: BOOTVID.dll
Image Path: C:\Windows\system32\BOOTVID.dll
Address: 0x80689000 Size: 32768 File Visible: - Signed: -
Status: -

Name: bowser.sys
Image Path: C:\Windows\system32\DRIVERS\bowser.sys
Address: 0x84F3D000 Size: 102400 File Visible: - Signed: -
Status: -

Name: cdfs.sys
Image Path: C:\Windows\system32\DRIVERS\cdfs.sys
Address: 0x84FDB000 Size: 90112 File Visible: - Signed: -
Status: -

Name: cdrom.sys
Image Path: C:\Windows\system32\DRIVERS\cdrom.sys
Address: 0x8C026000 Size: 98304 File Visible: - Signed: -
Status: -

Name: CI.dll
Image Path: C:\Windows\system32\CI.dll
Address: 0x806D2000 Size: 917504 File Visible: - Signed: -
Status: -

Name: CLASSPNP.SYS
Image Path: C:\Windows\system32\drivers\CLASSPNP.SYS
Address: 0x865B8000 Size: 135168 File Visible: - Signed: -
Status: -

Name: CLFS.SYS
Image Path: C:\Windows\system32\CLFS.SYS
Address: 0x80691000 Size: 266240 File Visible: - Signed: -
Status: -

Name: crashdmp.sys
Image Path: C:\Windows\System32\Drivers\crashdmp.sys
Address: 0x84F13000 Size: 53248 File Visible: - Signed: -
Status: -

Name: crcdisk.sys
Image Path: C:\Windows\system32\drivers\crcdisk.sys
Address: 0x865E1000 Size: 36864 File Visible: - Signed: -
Status: -

Name: dfsc.sys
Image Path: C:\Windows\System32\Drivers\dfsc.sys
Address: 0x84EA5000 Size: 94208 File Visible: - Signed: -
Status: -

Name: disk.sys
Image Path: C:\Windows\system32\drivers\disk.sys
Address: 0x865A7000 Size: 69632 File Visible: - Signed: -
Status: -

Name: dump_atapi.sys
Image Path: C:\Windows\System32\Drivers\dump_atapi.sys
Address: 0x84F2B000 Size: 32768 File Visible: No Signed: -
Status: -

Name: dump_dumpata.sys
Image Path: C:\Windows\System32\Drivers\dump_dumpata.sys
Address: 0x84F20000 Size: 45056 File Visible: No Signed: -
Status: -

Name: Dxapi.sys
Image Path: C:\Windows\System32\drivers\Dxapi.sys
Address: 0x84F33000 Size: 40960 File Visible: - Signed: -
Status: -

Name: dxg.sys
Image Path: C:\Windows\System32\drivers\dxg.sys
Address: 0x944F0000 Size: 94208 File Visible: - Signed: -
Status: -

Name: ecache.sys
Image Path: C:\Windows\System32\drivers\ecache.sys
Address: 0x86580000 Size: 159744 File Visible: - Signed: -
Status: -

Name: fdc.sys
Image Path: C:\Windows\system32\DRIVERS\fdc.sys
Address: 0x8C0F1000 Size: 45056 File Visible: - Signed: -
Status: -

Name: fileinfo.sys
Image Path: C:\Windows\system32\drivers\fileinfo.sys
Address: 0x807B2000 Size: 65536 File Visible: - Signed: -
Status: -

Name: fltmgr.sys
Image Path: C:\Windows\system32\drivers\fltmgr.sys
Address: 0x829CA000 Size: 204800 File Visible: - Signed: -
Status: -

Name: framebuf.dll
Image Path: C:\Windows\System32\framebuf.dll
Address: 0x945A0000 Size: 32768 File Visible: - Signed: -
Status: -

Name: Fs_Rec.SYS
Image Path: C:\Windows\System32\Drivers\Fs_Rec.SYS
Address: 0x8C8D4000 Size: 36864 File Visible: - Signed: -
Status: -

Name: fwpkclnt.sys
Image Path: C:\Windows\System32\drivers\fwpkclnt.sys
Address: 0x86375000 Size: 110592 File Visible: - Signed: -
Status: -

Name: GEARAspiWDM.sys
Image Path: C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
Address: 0x8C040000 Size: 21120 File Visible: - Signed: -
Status: -

Name: H8SRTwqucfqxpmb.sys
Image Path: C:\Windows\system32\drivers\H8SRTwqucfqxpmb.sys
Address: 0x8C92C000 Size: 118784 File Visible: - Signed: -
Status: Hidden from the Windows API!

Name: hal.dll
Image Path: C:\Windows\system32\hal.dll
Address: 0x81E16000 Size: 208896 File Visible: - Signed: -
Status: -

Name: HDAudBus.sys
Image Path: C:\Windows\system32\DRIVERS\HDAudBus.sys
Address: 0x8C046000 Size: 577536 File Visible: - Signed: -
Status: -

Name: HIDCLASS.SYS
Image Path: C:\Windows\system32\DRIVERS\HIDCLASS.SYS
Address: 0x84EDE000 Size: 65536 File Visible: - Signed: -
Status: -

Name: HIDPARSE.SYS
Image Path: C:\Windows\system32\DRIVERS\HIDPARSE.SYS
Address: 0x84EEE000 Size: 28672 File Visible: - Signed: -
Status: -

Name: hidusb.sys
Image Path: C:\Windows\system32\DRIVERS\hidusb.sys
Address: 0x84ED5000 Size: 36864 File Visible: - Signed: -
Status: -

Name: i8042prt.sys
Image Path: C:\Windows\system32\DRIVERS\i8042prt.sys
Address: 0x8C0FC000 Size: 77824 File Visible: - Signed: -
Status: -

Name: kbdclass.sys
Image Path: C:\Windows\system32\DRIVERS\kbdclass.sys
Address: 0x8C840000 Size: 45056 File Visible: - Signed: -
Status: -

Name: kbdhid.sys
Image Path: C:\Windows\system32\DRIVERS\kbdhid.sys
Address: 0x84EF5000 Size: 36864 File Visible: - Signed: -
Status: -

Name: kdcom.dll
Image Path: C:\Windows\system32\kdcom.dll
Address: 0x80601000 Size: 28672 File Visible: - Signed: -
Status: -

Name: ks.sys
Image Path: C:\Windows\system32\DRIVERS\ks.sys
Address: 0x8C84D000 Size: 172032 File Visible: - Signed: -
Status: -

Name: ksecdd.sys
Image Path: C:\Windows\System32\Drivers\ksecdd.sys
Address: 0x82A93000 Size: 462848 File Visible: - Signed: -
Status: -

Name: mcupdate_GenuineIntel.dll
Image Path: C:\Windows\system32\mcupdate_GenuineIntel.dll
Address: 0x80608000 Size: 458752 File Visible: - Signed: -
Status: -

Name: mouclass.sys
Image Path: C:\Windows\system32\DRIVERS\mouclass.sys
Address: 0x8C11A000 Size: 45056 File Visible: - Signed: -
Status: -

Name: mountmgr.sys
Image Path: C:\Windows\System32\drivers\mountmgr.sys
Address: 0x82990000 Size: 65536 File Visible: - Signed: -
Status: -

Name: mpsdrv.sys
Image Path: C:\Windows\System32\drivers\mpsdrv.sys
Address: 0x84F56000 Size: 86016 File Visible: - Signed: -
Status: -

Name: mrxsmb.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb.sys
Address: 0x84F6B000 Size: 126976 File Visible: - Signed: -
Status: -

Name: mrxsmb10.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb10.sys
Address: 0x84F8A000 Size: 233472 File Visible: - Signed: -
Status: -

Name: mrxsmb20.sys
Image Path: C:\Windows\system32\DRIVERS\mrxsmb20.sys
Address: 0x84FC3000 Size: 98304 File Visible: - Signed: -
Status: -

Name: Msfs.SYS
Image Path: C:\Windows\System32\Drivers\Msfs.SYS
Address: 0x8C949000 Size: 45056 File Visible: - Signed: -
Status: -

Name: msisadrv.sys
Image Path: C:\Windows\system32\drivers\msisadrv.sys
Address: 0x828E4000 Size: 32768 File Visible: - Signed: -
Status: -

Name: msiscsi.sys
Image Path: C:\Windows\system32\DRIVERS\msiscsi.sys
Address: 0x8C125000 Size: 192512 File Visible: - Signed: -
Status: -

Name: msrpc.sys
Image Path: C:\Windows\system32\drivers\msrpc.sys
Address: 0x8630F000 Size: 176128 File Visible: - Signed: -
Status: -

Name: mssmbios.sys
Image Path: C:\Windows\system32\DRIVERS\mssmbios.sys
Address: 0x8C877000 Size: 40960 File Visible: - Signed: -
Status: -

Name: mup.sys
Image Path: C:\Windows\System32\Drivers\mup.sys
Address: 0x86571000 Size: 61440 File Visible: - Signed: -
Status: -

Name: ndis.sys
Image Path: C:\Windows\system32\drivers\ndis.sys
Address: 0x86204000 Size: 1093632 File Visible: - Signed: -
Status: -

Name: ndistapi.sys
Image Path: C:\Windows\system32\DRIVERS\ndistapi.sys
Address: 0x8C1B7000 Size: 45056 File Visible: - Signed: -
Status: -

Name: ndiswan.sys
Image Path: C:\Windows\system32\DRIVERS\ndiswan.sys
Address: 0x8C1C2000 Size: 143360 File Visible: - Signed: -
Status: -

Name: NDProxy.SYS
Image Path: C:\Windows\System32\Drivers\NDProxy.SYS
Address: 0x8C8C3000 Size: 69632 File Visible: - Signed: -
Status: -

Name: netbios.sys
Image Path: C:\Windows\system32\DRIVERS\netbios.sys
Address: 0x84E51000 Size: 57344 File Visible: - Signed: -
Status: -

Name: netbt.sys
Image Path: C:\Windows\System32\DRIVERS\netbt.sys
Address: 0x84E09000 Size: 204800 File Visible: - Signed: -
Status: -

Name: NETIO.SYS
Image Path: C:\Windows\system32\drivers\NETIO.SYS
Address: 0x8633A000 Size: 241664 File Visible: - Signed: -
Status: -

Name: Npfs.SYS
Image Path: C:\Windows\System32\Drivers\Npfs.SYS
Address: 0x8C954000 Size: 57344 File Visible: - Signed: -
Status: -

Name: nsiproxy.sys
Image Path: C:\Windows\system32\drivers\nsiproxy.sys
Address: 0x84E9B000 Size: 40960 File Visible: - Signed: -
Status: -

Name: Ntfs.sys
Image Path: C:\Windows\System32\Drivers\Ntfs.sys
Address: 0x86405000 Size: 1114112 File Visible: - Signed: -
Status: -

Name: NTIDrvr.sys
Image Path: C:\Windows\system32\DRIVERS\NTIDrvr.sys
Address: 0x8C03E000 Size: 6144 File Visible: - Signed: -
Status: -

Name: ntkrnlpa.exe
Image Path: C:\Windows\system32\ntkrnlpa.exe
Address: 0x81E49000 Size: 3903488 File Visible: - Signed: -
Status: -

Name: Null.SYS
Image Path: C:\Windows\System32\Drivers\Null.SYS
Address: 0x8C8DD000 Size: 28672 File Visible: - Signed: -
Status: -

Name: ohci1394.sys
Image Path: C:\Windows\system32\DRIVERS\ohci1394.sys
Address: 0x8C0D3000 Size: 62208 File Visible: - Signed: -
Status: -

Name: pacer.sys
Image Path: C:\Windows\system32\DRIVERS\pacer.sys
Address: 0x84E3B000 Size: 90112 File Visible: - Signed: -
Status: -

Name: partmgr.sys
Image Path: C:\Windows\System32\drivers\partmgr.sys
Address: 0x82913000 Size: 61440 File Visible: - Signed: -
Status: -

Name: pci.sys
Image Path: C:\Windows\system32\drivers\pci.sys
Address: 0x828EC000 Size: 159744 File Visible: - Signed: -
Status: -

Name: pciide.sys
Image Path: C:\Windows\system32\drivers\pciide.sys
Address: 0x8297B000 Size: 28672 File Visible: - Signed: -
Status: -

Name: PCIIDEX.SYS
Image Path: C:\Windows\system32\drivers\PCIIDEX.SYS
Address: 0x82982000 Size: 57344 File Visible: - Signed: -
Status: -

Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x81E49000 Size: 3903488 File Visible: - Signed: -
Status: -

Name: point32k.sys
Image Path: C:\Windows\system32\DRIVERS\point32k.sys
Address: 0x8C10F000 Size: 45056 File Visible: - Signed: -
Status: -

Name: psdfilter.sys
Image Path: C:\Windows\system32\DRIVERS\psdfilter.sys
Address: 0x82A5E000 Size: 36864 File Visible: - Signed: -
Status: -

Name: PSDNServ.sys
Image Path: C:\Windows\system32\drivers\PSDNServ.sys
Address: 0x86568000 Size: 36864 File Visible: - Signed: -
Status: -

Name: psdvdisk.sys
Image Path: C:\Windows\system32\drivers\psdvdisk.sys
Address: 0x86556000 Size: 73728 File Visible: - Signed: -
Status: -

Name: PSHED.dll
Image Path: C:\Windows\system32\PSHED.dll
Address: 0x80678000 Size: 69632 File Visible: - Signed: -
Status: -

Name: rasacd.sys
Image Path: C:\Windows\System32\DRIVERS\rasacd.sys
Address: 0x8C962000 Size: 36864 File Visible: - Signed: -
Status: -

Name: rasl2tp.sys
Image Path: C:\Windows\system32\DRIVERS\rasl2tp.sys
Address: 0x8C1A0000 Size: 94208 File Visible: - Signed: -
Status: -

Name: raspppoe.sys
Image Path: C:\Windows\system32\DRIVERS\raspppoe.sys
Address: 0x8C1E5000 Size: 61440 File Visible: - Signed: -
Status: -

Name: raspptp.sys
Image Path: C:\Windows\system32\DRIVERS\raspptp.sys
Address: 0x8C807000 Size: 81920 File Visible: - Signed: -
Status: -

Name: rassstp.sys
Image Path: C:\Windows\system32\DRIVERS\rassstp.sys
Address: 0x8C81B000 Size: 86016 File Visible: - Signed: -
Status: -

Name: RAW
Image Path: \FileSystem\RAW
Address: 0x81E49000 Size: 3903488 File Visible: - Signed: -
Status: -

Name: rdbss.sys
Image Path: C:\Windows\system32\DRIVERS\rdbss.sys
Address: 0x84E5F000 Size: 245760 File Visible: - Signed: -
Status: -

Name: rdpencdd.sys
Image Path: C:\Windows\system32\drivers\rdpencdd.sys
Address: 0x8C924000 Size: 32768 File Visible: - Signed: -
Status: -

Name: rootrepeal[1].sys
Image Path: C:\Windows\system32\drivers\rootrepeal[1].sys
Address: 0x84FF1000 Size: 49152 File Visible: No Signed: -
Status: -

Name: smb.sys
Image Path: C:\Windows\system32\DRIVERS\smb.sys
Address: 0x8C9DA000 Size: 81920 File Visible: - Signed: -
Status: -

Name: storport.sys
Image Path: C:\Windows\system32\DRIVERS\storport.sys
Address: 0x8C154000 Size: 266240 File Visible: - Signed: -
Status: -

Name: swenum.sys
Image Path: C:\Windows\system32\DRIVERS\swenum.sys
Address: 0x8C84B000 Size: 4992 File Visible: - Signed: -
Status: -

Name: SYMDS.SYS
Image Path: C:\Windows\system32\drivers\NIS\1101000.013\SYMDS.SYS
Address: 0x82A08000 Size: 352256 File Visible: - Signed: -
Status: -

Name: SYMEFA.SYS
Image Path: C:\Windows\system32\drivers\NIS\1101000.013\SYMEFA.SYS
Address: 0x82A67000 Size: 180224 File Visible: - Signed: -
Status: -

Name: tcpip.sys
Image Path: C:\Windows\System32\drivers\tcpip.sys
Address: 0x82B04000 Size: 958464 File Visible: - Signed: -
Status: -

Name: TDI.SYS
Image Path: C:\Windows\system32\DRIVERS\TDI.SYS
Address: 0x8C195000 Size: 45056 File Visible: - Signed: -
Status: -

Name: tdx.sys
Image Path: C:\Windows\system32\DRIVERS\tdx.sys
Address: 0x8C96B000 Size: 90112 File Visible: - Signed: -
Status: -

Name: termdd.sys
Image Path: C:\Windows\system32\DRIVERS\termdd.sys
Address: 0x8C830000 Size: 65536 File Visible: - Signed: -
Status: -

Name: TSDDD.dll
Image Path: C:\Windows\System32\TSDDD.dll
Address: 0x94520000 Size: 36864 File Visible: - Signed: -
Status: -

Name: tunmp.sys
Image Path: C:\Windows\system32\DRIVERS\tunmp.sys
Address: 0x863A6000 Size: 36864 File Visible: - Signed: -
Status: -

Name: tunnel.sys
Image Path: C:\Windows\system32\DRIVERS\tunnel.sys
Address: 0x8639B000 Size: 45056 File Visible: - Signed: -
Status: -

Name: UBHelper.sys
Image Path: C:\Windows\System32\Drivers\UBHelper.sys
Address: 0x829A0000 Size: 13952 File Visible: - Signed: -
Status: -

Name: umbus.sys
Image Path: C:\Windows\system32\DRIVERS\umbus.sys
Address: 0x8C881000 Size: 53248 File Visible: - Signed: -
Status: -

Name: usbccgp.sys
Image Path: C:\Windows\system32\DRIVERS\usbccgp.sys
Address: 0x84EBC000 Size: 94208 File Visible: - Signed: -
Status: -

Name: USBD.SYS
Image Path: C:\Windows\system32\DRIVERS\USBD.SYS
Address: 0x84ED3000 Size: 8192 File Visible: - Signed: -
Status: -

Name: usbehci.sys
Image Path: C:\Windows\system32\DRIVERS\usbehci.sys
Address: 0x8C000000 Size: 61440 File Visible: - Signed: -
Status: -

Name: usbhub.sys
Image Path: C:\Windows\system32\DRIVERS\usbhub.sys
Address: 0x8C88E000 Size: 217088 File Visible: - Signed: -
Status: -

Name: usbohci.sys
Image Path: C:\Windows\system32\DRIVERS\usbohci.sys
Address: 0x82BEE000 Size: 40960 File Visible: - Signed: -
Status: -

Name: USBPORT.SYS
Image Path: C:\Windows\system32\DRIVERS\USBPORT.SYS
Address: 0x807C2000 Size: 253952 File Visible: - Signed: -
Status: -

Name: USBSTOR.SYS
Image Path: C:\Windows\system32\DRIVERS\USBSTOR.SYS
Address: 0x84EFE000 Size: 86016 File Visible: - Signed: -
Status: -

Name: vga.sys
Image Path: C:\Windows\System32\drivers\vga.sys
Address: 0x8C8EB000 Size: 49152 File Visible: - Signed: -
Status: -

Name: VIDEOPRT.SYS
Image Path: C:\Windows\System32\drivers\VIDEOPRT.SYS
Address: 0x8C8F7000 Size: 135168 File Visible: - Signed: -
Status: -

Name: volmgr.sys
Image Path: C:\Windows\system32\drivers\volmgr.sys
Address: 0x82922000 Size: 61440 File Visible: - Signed: -
Status: -

Name: volmgrx.sys
Image Path: C:\Windows\System32\drivers\volmgrx.sys
Address: 0x82931000 Size: 303104 File Visible: - Signed: -
Status: -

Name: volsnap.sys
Image Path: C:\Windows\system32\drivers\volsnap.sys
Address: 0x86515000 Size: 233472 File Visible: - Signed: -
Status: -

Name: watchdog.sys
Image Path: C:\Windows\System32\drivers\watchdog.sys
Address: 0x8C918000 Size: 49152 File Visible: - Signed: -
Status: -

Name: Wdf01000.sys
Image Path: C:\Windows\system32\drivers\Wdf01000.sys
Address: 0x8280C000 Size: 507904 File Visible: - Signed: -
Status: -

Name: WDFLDR.SYS
Image Path: C:\Windows\system32\drivers\WDFLDR.SYS
Address: 0x82888000 Size: 53248 File Visible: - Signed: -
Status: -

Name: Win32k
Image Path: \Driver\Win32k
Address: 0x942E0000 Size: 2105344 File Visible: - Signed: -
Status: -

Name: win32k.sys
Image Path: C:\Windows\System32\win32k.sys
Address: 0x942E0000 Size: 2105344 File Visible: - Signed: -
Status: -

Name: WMILIB.SYS
Image Path: C:\Windows\system32\drivers\WMILIB.SYS
Address: 0x828DB000 Size: 36864 File Visible: - Signed: -
Status: -

Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x81E49000 Size: 3903488 File Visible: - Signed: -
Status: -

Name: yk60x86.sys
Image Path: C:\Windows\system32\DRIVERS\yk60x86.sys
Address: 0x863AF000 Size: 311296 File Visible: - Signed: -
Status: -

BC AdBot (Login to Remove)

 


#2 MaineEvent

MaineEvent
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 05 January 2010 - 08:44 PM

dont bother replying.... I went against the advice of this site and posted my problem on MAJORGEEKS and they were able to help me 2 days after


:(

#3 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,816 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:15 PM

Posted 06 January 2010 - 04:01 PM

This topic is now closed.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users