Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer doing eratic changes


  • This topic is locked This topic is locked
24 replies to this topic

#1 paul43

paul43

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:23 AM

Posted 17 November 2010 - 12:34 AM

Lately my computer has been doing very erratic changes I don't ask it to do. IE: I will be forwarding an e-mail and when I clean up the e-mail and get rid of all the previous senders and then hit the Backspace key to move the body of the e-mail up sometimes it minimizes the e-mail and shows me the whole Outlook Express list of folders.

Other times I'll have several tabs open with different websites and when I hit one I want to go back to it takes me to some crazy place I had no intention of going to.

The other day I was adding to a long list of quotes I have and when I went to SAVE all of a sudden it showed me all 21 pages instead of just one long list.

I read your pre-posting instructions and hopefully I did everything the way you folks asked. The only thing is your picture of the post show a BROWSE & UPLOAD which isn't on the post page I get.

I disabled my CD Emulation Software & made the DDS.txt file & GMER log.

Any help you could give me would be greatly appreciated.

Thank You


DDS (Ver_10-11-10.01) - NTFSx86
Run by Paul at 21:25:29.85 on Tue 11/16/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.461 [GMT -5:00]


AV: ESET Smart Security 4.2 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\Explorer.EXE
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Logitech\Easy Synchronization\servicestub.exe
C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\dmadmin.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Paul\Desktop\BLEEPING COMPUTER STUFF\dds.scr


============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com/webhp?hl=en
uStart Page = hxxp://www.google.com/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - c:\program files\wot\WOT.dll
TB: {577EBCA9-8ED3-45FC-A514-55B3817D4BCF} - No File
EB: {d5045198-55c2-46ed-87f4-17e31be72a33} - I.R.I.S. Desktop Search
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
mRun: [EleFunAnimatedWallpaper]
mRun: [mxomssmenu] "c:\program files\maxtor\onetouch status\maxmenumgr.exe"
mRun: [DiscWizardMonitor.exe] c:\program files\seagate\discwizard\DiscWizardMonitor.exe
mRun: [AcronisTimounterMonitor] c:\program files\seagate\discwizard\TimounterMonitor.exe
mRun: [Seagate Scheduler2 Service] "c:\program files\common files\seagate\schedule2\schedhlp.exe"
mRun: [Easy Synchronization] c:\program files\logitech\easy synchronization\LogitechEasySync.exe
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [mumservice] c:\program files\motorola\software update\mumservice.exe
mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [TaskTray]
mRunOnce: [Easy Synchronization] c:\program files\logitech\easy synchronization\LogitechEasySync.exe --ports
mPolicies-explorer: <NO NAME> =
IE: &ieSpell Options - c:\program files\iespell\iespell.dll/SPELLOPTION.HTM
IE: Check &Spelling - c:\program files\iespell\iespell.dll/SPELLCHECK.HTM
IE: Lookup on Merriam Webster - file://c:\program files\iespell\Merriam Webster.HTM
IE: Lookup on Wikipedia - file://c:\program files\iespell\wikipedia.HTM
IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTM
IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTM
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: ameriplanusa.com\www
Trusted Zone: freedomhealth.com
Trusted Zone: vipagentsupport.com
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxp://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
DPF: {43E3F87D-DE7F-4087-BD4F-0DC854981158} - hxxp://download.microsoft.com/download/7/3/8/7384c441-3721-41ee-ae15-b678888f00dd/clearadj.CAB
DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} - hxxp://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01_6.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1179873198781
DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} - hxxp://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://avivausa.webex.com/client/T25L/webex/ieatgpc.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: ShellExecuteHook class: {fe24cd78-7c63-465d-8787-4edf7fc79895} - c:\program files\logitech\easy synchronization\shellexecutehook.dll
SEH: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
LSA: Authentication Packages = msv1_0 relog_ap
IFEO: AutorunsDisabled - ntsd -d


============= SERVICES / DRIVERS ===============

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-7-29 115008]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2010-8-12 810144]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2009-9-30 10448]
R2 MotoConnect Service;MotoConnect Service;c:\program files\motorola\motoconnectservice\MotoConnectService.exe [2009-11-7 91456]
R2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files\common files\seagate\schedule2\schedul2.exe [2008-6-24 431384]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2010-4-10 266544]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2009-11-7 42752]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2002-9-3 14336]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2002-9-3 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]


=============== Created Last 30 ================

2010-11-16 18:30:22 388096 ----a-r- c:\docume~1\paul\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2010-11-16 17:29:21 -------- d-----w- c:\windows\system32\wbem\Logs
2010-11-16 15:15:46 6146896 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\windows defender\definition updates\{ea00b800-ecf4-44a6-9ab3-3373fd2463f1}\mpengine.dll
2010-11-12 18:02:32 -------- d-----w- c:\program files\Driver-Soft
2010-11-09 02:23:24 6146896 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\windows defender\definition updates\backup\mpengine.dll
2010-11-09 02:23:05 222080 ------w- c:\windows\system32\MpSigStub.exe


==================== Find3M ====================

2010-09-18 16:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-15 08:50:37 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-15 06:29:49 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-09-10 05:58:08 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58:06 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 12:52:45 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll


============= FINISH: 21:26:02.04 ===============


Attached File  DDS Attach.txt   18.37KB   0 downloads

Attached File  ark.txt   13.98KB   1 downloads

Dell 8250-2.4GHz-1Gig RDRAM,XP PRO,IE8, ESET Smart Security
Asus Laptop—Vista SP3 2G ram

BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:23 AM

Posted 26 November 2010 - 09:12 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 paul43

paul43
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:23 AM

Posted 27 November 2010 - 10:32 AM

Thank you mOle for your reply.

I am awaiting your instructions.

Paul43

Edited by paul43, 27 November 2010 - 10:34 AM.

Dell 8250-2.4GHz-1Gig RDRAM,XP PRO,IE8, ESET Smart Security
Asus Laptop—Vista SP3 2G ram

#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:23 AM

Posted 27 November 2010 - 06:01 PM

Please start by running TDSSkiller, there's rootkit symptoms here

  • Download TDSSKiller and save it to your Desktop.

  • Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.

  • Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.

    "%userprofile%\Desktop\TDSSKiller.exe" -l report.txt

  • Now click Start Scan.
  • If Malicious objects are found, ensure Cure is selected then click Continue > Reboot now.
  • Click Close
  • Finally press Report and copy and paste the contents into your next reply. If you've rebooted then the log will be found at C:\

Posted Image
m0le is a proud member of UNITE

#5 paul43

paul43
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:23 AM

Posted 27 November 2010 - 07:01 PM

Hello mOle,

I ran the TDSSKiller scan and it did not find anything--- enclosed is the REPORT from the scan-- I DID NOT REBOOT

2010/11/27 18:55:20.0968 TDSS rootkit removing tool 2.4.9.0 Nov 26 2010 15:38:31
2010/11/27 18:55:20.0968 ================================================================================
2010/11/27 18:55:20.0968 SystemInfo:
2010/11/27 18:55:20.0968
2010/11/27 18:55:20.0968 OS Version: 5.1.2600 ServicePack: 3.0
2010/11/27 18:55:20.0968 Product type: Workstation
2010/11/27 18:55:20.0968 ComputerName: PAUL43
2010/11/27 18:55:20.0968 UserName: Paul
2010/11/27 18:55:20.0968 Windows directory: C:\WINDOWS
2010/11/27 18:55:20.0968 System windows directory: C:\WINDOWS
2010/11/27 18:55:20.0968 Processor architecture: Intel x86
2010/11/27 18:55:20.0968 Number of processors: 1
2010/11/27 18:55:20.0968 Page size: 0x1000
2010/11/27 18:55:20.0968 Boot type: Normal boot
2010/11/27 18:55:20.0968 ================================================================================
2010/11/27 18:55:21.0265 Initialize success
2010/11/27 18:55:43.0062 ================================================================================
2010/11/27 18:55:43.0062 Scan started
2010/11/27 18:55:43.0062 Mode: Manual;
2010/11/27 18:55:43.0062 ================================================================================
2010/11/27 18:55:43.0875 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/11/27 18:55:43.0953 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/11/27 18:55:44.0062 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/11/27 18:55:44.0156 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2010/11/27 18:55:44.0203 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2010/11/27 18:55:44.0687 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/11/27 18:55:44.0734 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/11/27 18:55:44.0843 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/11/27 18:55:44.0953 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/11/27 18:55:45.0015 BANTExt (5d7be7b19e827125e016325334e58ff1) C:\WINDOWS\System32\Drivers\BANTExt.sys
2010/11/27 18:55:45.0109 basic2 (9372cc48814a17e67c28945eb4acc189) C:\WINDOWS\system32\DRIVERS\basic2.sys
2010/11/27 18:55:45.0218 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/11/27 18:55:45.0296 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/11/27 18:55:45.0406 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/11/27 18:55:45.0453 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/11/27 18:55:45.0531 Cdr4_xp (4209874f131cf454e42087455b16ed10) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
2010/11/27 18:55:45.0593 Cdralw2k (f5cd2ff2a64bad65692ea86d99790c0c) C:\WINDOWS\system32\drivers\Cdralw2k.sys
2010/11/27 18:55:45.0656 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/11/27 18:55:45.0718 cdudf_xp (bce04a21510e721aaba3f893b6770c12) C:\WINDOWS\system32\drivers\cdudf_xp.sys
2010/11/27 18:55:45.0968 ctsfm2k (b459ae4afca570088adddbe55eabbc92) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
2010/11/27 18:55:46.0093 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/11/27 18:55:46.0203 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2010/11/27 18:55:46.0296 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2010/11/27 18:55:46.0328 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/11/27 18:55:46.0390 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/11/27 18:55:46.0453 dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
2010/11/27 18:55:46.0531 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
2010/11/27 18:55:46.0609 Dot4Scan (bd05306428da63369692477ddc0f6f5f) C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
2010/11/27 18:55:46.0656 dot4usb (6ec3af6bb5b30e488a0c559921f012e1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys
2010/11/27 18:55:46.0765 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/11/27 18:55:46.0812 dvd_2K (f5ca443d58a53de968685ee43fbe8f17) C:\WINDOWS\system32\drivers\dvd_2K.sys
2010/11/27 18:55:46.0875 E100B (ac9cf17ee2ae003c98eb4f5336c38058) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2010/11/27 18:55:46.0984 eamon (1ceb779239965000b8f6adee17d4515b) C:\WINDOWS\system32\DRIVERS\eamon.sys
2010/11/27 18:55:47.0109 ehdrv (7d300a43a7bd8769e0f901bf9e1ae367) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
2010/11/27 18:55:47.0203 epfw (15bfe00f030ea20955117bb0677e9668) C:\WINDOWS\system32\DRIVERS\epfw.sys
2010/11/27 18:55:47.0343 Epfwndis (52310e0e603d7da79ecca7d764937a91) C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
2010/11/27 18:55:47.0390 epfwtdi (bdde7dd8fcdb1de7e879bb320b0605c0) C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
2010/11/27 18:55:47.0500 Fallback (9ea76a7f28cd968f8adc709e479f23b2) C:\WINDOWS\system32\DRIVERS\fallback.sys
2010/11/27 18:55:47.0609 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/11/27 18:55:47.0687 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/11/27 18:55:47.0750 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2010/11/27 18:55:47.0812 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/11/27 18:55:47.0875 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/11/27 18:55:47.0953 Fsks (b7b262d0431374f3afd1349e35b368d9) C:\WINDOWS\system32\DRIVERS\fsksnt.sys
2010/11/27 18:55:48.0015 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/11/27 18:55:48.0078 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/11/27 18:55:48.0125 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2010/11/27 18:55:48.0156 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/11/27 18:55:48.0218 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/11/27 18:55:48.0359 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2010/11/27 18:55:48.0421 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2010/11/27 18:55:48.0500 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2010/11/27 18:55:48.0578 HSFHWBS2 (970178e8e003eb1481293830069624b9) C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys
2010/11/27 18:55:48.0703 HSF_DP (ebb354438a4c5a3327fb97306260714a) C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys
2010/11/27 18:55:48.0843 hsf_msft (74e379857d4c0dfb56de2d19b8f4c434) C:\WINDOWS\system32\DRIVERS\HSF_MSFT.sys
2010/11/27 18:55:48.0968 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/11/27 18:55:49.0093 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/11/27 18:55:49.0156 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/11/27 18:55:49.0265 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2010/11/27 18:55:49.0359 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/11/27 18:55:49.0406 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/11/27 18:55:49.0468 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/11/27 18:55:49.0546 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/11/27 18:55:49.0625 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/11/27 18:55:49.0687 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/11/27 18:55:49.0765 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/11/27 18:55:49.0812 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/11/27 18:55:49.0921 K56 (a4e3277398c8aba999483d4c658c9696) C:\WINDOWS\system32\DRIVERS\k56nt.sys
2010/11/27 18:55:50.0015 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/11/27 18:55:50.0046 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2010/11/27 18:55:50.0125 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/11/27 18:55:50.0203 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/11/27 18:55:50.0312 LBeepKE (ca63fe81705ad660e482bef210bf2c73) C:\WINDOWS\system32\Drivers\LBeepKE.sys
2010/11/27 18:55:50.0406 LHidFilt (b68309f25c5787385da842eb5b496958) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
2010/11/27 18:55:50.0468 LMouFilt (63d3b1d3cd267fcc186a0146b80d453b) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
2010/11/27 18:55:50.0593 mdmxsdk (195741aee20369980796b557358cd774) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2010/11/27 18:55:50.0671 mmc_2K (2739df798b44809407879e9134233de4) C:\WINDOWS\system32\drivers\mmc_2K.sys
2010/11/27 18:55:50.0750 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/11/27 18:55:50.0828 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2010/11/27 18:55:50.0921 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
2010/11/27 18:55:50.0984 MotDev (e190ed75bcc7928143f8f2af4c34d91d) C:\WINDOWS\system32\DRIVERS\motodrv.sys
2010/11/27 18:55:51.0062 motmodem (54fee02961c70fd9d4d7e2f87afa23fa) C:\WINDOWS\system32\DRIVERS\motmodem.sys
2010/11/27 18:55:51.0140 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/11/27 18:55:51.0187 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/11/27 18:55:51.0234 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/11/27 18:55:51.0328 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/11/27 18:55:51.0437 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/11/27 18:55:51.0546 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/11/27 18:55:51.0609 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/11/27 18:55:51.0656 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/11/27 18:55:51.0703 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/11/27 18:55:51.0781 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/11/27 18:55:51.0843 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/11/27 18:55:51.0921 MXOPSWD (216ac775320f64de28cfeb7c179c4ff9) C:\WINDOWS\system32\DRIVERS\mxopswd.sys
2010/11/27 18:55:52.0000 NAL (03ca886ba148b6b9996be1368ddc3fc0) C:\WINDOWS\system32\Drivers\iqvw32.sys
2010/11/27 18:55:52.0078 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/11/27 18:55:52.0125 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/11/27 18:55:52.0187 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/11/27 18:55:52.0250 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/11/27 18:55:52.0312 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/11/27 18:55:52.0375 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/11/27 18:55:52.0421 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/11/27 18:55:52.0500 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/11/27 18:55:52.0578 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/11/27 18:55:52.0703 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/11/27 18:55:52.0859 nv (71dbdc08df86b80511e72953fa1ad6b0) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2010/11/27 18:55:53.0000 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/11/27 18:55:53.0046 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/11/27 18:55:53.0125 OMCI (cec7e2c6c1fa00c7ab2f5434f848ae51) C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS
2010/11/27 18:55:53.0218 ossrv (c720c25b2d0c93dc425155f5b6a707f3) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
2010/11/27 18:55:53.0328 P16X (f051107ff80f132882e71e3a5d302ec1) C:\WINDOWS\system32\drivers\P16X.sys
2010/11/27 18:55:53.0468 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/11/27 18:55:53.0546 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/11/27 18:55:53.0625 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/11/27 18:55:53.0671 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/11/27 18:55:53.0843 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/11/27 18:55:54.0218 PfModNT (2f5532f9b0f903b26847da674b4f55b2) C:\WINDOWS\System32\PfModNT.sys
2010/11/27 18:55:54.0375 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/11/27 18:55:54.0406 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2010/11/27 18:55:54.0468 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/11/27 18:55:54.0531 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/11/27 18:55:54.0609 pwd_2k (2e162e3856c9c6a3b53e0ece28386fe3) C:\WINDOWS\system32\drivers\pwd_2k.sys
2010/11/27 18:55:54.0890 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/11/27 18:55:54.0953 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/11/27 18:55:55.0000 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/11/27 18:55:55.0046 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/11/27 18:55:55.0109 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/11/27 18:55:55.0171 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/11/27 18:55:55.0218 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/11/27 18:55:55.0281 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/11/27 18:55:55.0343 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/11/27 18:55:55.0437 Rksample (4c35e57300a2dc5932a8e29efa527c32) C:\WINDOWS\system32\DRIVERS\rksample.sys
2010/11/27 18:55:55.0703 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/11/27 18:55:55.0765 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/11/27 18:55:55.0828 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/11/27 18:55:55.0921 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/11/27 18:55:56.0078 snapman (c3bf55189aa92b8f919108ef9e4accae) C:\WINDOWS\system32\DRIVERS\snapman.sys
2010/11/27 18:55:56.0140 SoftFax (413cfa795cad19a010889df0ec060408) C:\WINDOWS\system32\DRIVERS\faxnt.sys
2010/11/27 18:55:56.0234 SpeakerPhone (c11082c80723771c1979eacf7fdde1c3) C:\WINDOWS\system32\DRIVERS\spkpnt.sys
2010/11/27 18:55:56.0296 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/11/27 18:55:56.0406 sptd (befb28c491a7f2f0e40f9c4dd964b323) C:\WINDOWS\System32\Drivers\sptd.sys
2010/11/27 18:55:56.0500 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/11/27 18:55:56.0625 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/11/27 18:55:56.0703 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/11/27 18:55:56.0750 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/11/27 18:55:56.0968 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/11/27 18:55:57.0078 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/11/27 18:55:57.0203 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/11/27 18:55:57.0296 tdrpman (3b7b6779eb231f731bba8f9fe67aadfc) C:\WINDOWS\system32\DRIVERS\tdrpman.sys
2010/11/27 18:55:57.0390 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/11/27 18:55:57.0453 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/11/27 18:55:57.0515 tifsfilter (b0b3122bff3910e0ba97014045467778) C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
2010/11/27 18:55:57.0578 timounter (13bfe330880ac0ce8672d00aa5aff738) C:\WINDOWS\system32\DRIVERS\timntr.sys
2010/11/27 18:55:57.0703 Tones (e0f10a379239b4fab319c55a9cd6bc96) C:\WINDOWS\system32\DRIVERS\tonesnt.sys
2010/11/27 18:55:57.0875 UdfReadr_xp (e398bde2e6c978f357faedff784ffd70) C:\WINDOWS\system32\drivers\UdfReadr_xp.sys
2010/11/27 18:55:57.0937 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/11/27 18:55:58.0093 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/11/27 18:55:58.0187 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/11/27 18:55:58.0250 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/11/27 18:55:58.0296 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/11/27 18:55:58.0359 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/11/27 18:55:58.0406 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2010/11/27 18:55:58.0453 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/11/27 18:55:58.0546 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/11/27 18:55:58.0625 V124 (177b65899d418f8c8f037b20567a99d6) C:\WINDOWS\system32\DRIVERS\v124nt.sys
2010/11/27 18:55:58.0671 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/11/27 18:55:58.0765 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/11/27 18:55:58.0828 vsbus (3995d1e95f3c621467da4bce868cdc90) C:\WINDOWS\system32\DRIVERS\vsb.sys
2010/11/27 18:55:58.0906 vserial (3feb02f2eebaa3f099e279c258ef786e) C:\WINDOWS\system32\DRIVERS\vserial.sys
2010/11/27 18:55:59.0000 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/11/27 18:55:59.0109 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
2010/11/27 18:55:59.0281 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/11/27 18:55:59.0375 winachsf (a941aa38e3951058e584c4bbddd56ed9) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2010/11/27 18:55:59.0578 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2010/11/27 18:55:59.0671 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/11/27 18:55:59.0734 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/11/27 18:55:59.0953 ================================================================================
2010/11/27 18:55:59.0953 Scan finished
2010/11/27 18:55:59.0953 ================================================================================

Thank you
Dell 8250-2.4GHz-1Gig RDRAM,XP PRO,IE8, ESET Smart Security
Asus Laptop—Vista SP3 2G ram

#6 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:23 AM

Posted 27 November 2010 - 09:26 PM

So far, so good.

Please run the following tools to see if anything pops up

Please download Posted Image Malwarebytes Anti-Malware and save it to your desktop.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application or, if you are using Vista, right-click and select Run As Administrator on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
    If MBAM won't update then download and update MBAM on a clean computer then save the rules.ref folder to a memory stick. This file is found here: 'C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware' then transfer it across to the infected computer.
  • On the Scanner tab:
    • Make sure the "Perform Full Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes, they may alert you after scanning with MBAM. Please permit the program to allow the changes.


And

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

Posted Image
m0le is a proud member of UNITE

#7 paul43

paul43
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:23 AM

Posted 28 November 2010 - 07:13 PM

mOle,
Sorry for taking so long to get back to you but the Super AntiSpyware scan took 7:00:06 hours probably due to the factor that I have a Maxtor 1 Touch Back-up connected and I left that checked when I started the scan.

I use Malawarebytes & update it a couple a times a week--I haven't run a scan till this problem started and all it showed was tracking cookies.
I also was using Super AntiSpyware (the PAID VERSION)until recently when my subscription ran out & right now I can't afford to renew it so I figured if I couldn't UPDATE it there was no reason to have it so I removed it from my computer.
I also use SpywareBlaster--Windows Defender & Win Patrol (paid Version)

I also forgot to mention in my original post that sometimes when I reboot and go to open a window my TOOLBARS & TASKBAR will be BLACK and the only way I can get back to normal if to shut the computer down and start it back up.
Just like now when I went to sent your this reply I clicked on the e-mail I saved in Outlook Express telling me I had a new reply and the when the page in Bleeping Computers opened the TOOLBARS but NOT the Taskbar were BLACK and I had to shut the computer down start again and everything was OK. But just as I stated to type it took me back to the e-mail I had saved and I had to come back to where I am at now.

And this is one of the quirks that have been happening lately--whenever I start to type something sometimes it will shift me back to the page I was on.

Here are the Log you asked for and again I really appreciated you spending the time to help me out.

Super Antispyware LOG:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/28/2010 at 06:12 PM

Application Version : 4.46.1000

Core Rules Database Version : 5921
Trace Rules Database Version: 3733

Scan type : Complete Scan
Total Scan Time : 07:00:06

Memory items scanned : 510
Memory threats detected : 0
Registry items scanned : 6953
Registry threats detected : 0
File items scanned : 126859
File threats detected : 64

Adware.Tracking Cookie
C:\Documents and Settings\Paul\Cookies\paul@ads.undertone[1].txt
C:\Documents and Settings\Paul\Cookies\paul@ads.peoplespharmacy[1].txt
C:\Documents and Settings\Paul\Cookies\paul@invitemedia[1].txt
C:\Documents and Settings\Paul\Cookies\paul@adserver.adtechus[1].txt
C:\Documents and Settings\Paul\Cookies\paul@ads.bleepingcomputer[1].txt
C:\Documents and Settings\Paul\Cookies\paul@xiti[1].txt
C:\Documents and Settings\Paul\Cookies\paul@tacoda[1].txt
C:\Documents and Settings\Paul\Cookies\paul@media6degrees[1].txt
C:\Documents and Settings\Paul\Cookies\paul@at.atwola[2].txt
C:\Documents and Settings\Paul\Cookies\paul@adecn[1].txt
C:\Documents and Settings\Paul\Cookies\paul@user.lucidmedia[1].txt
C:\Documents and Settings\Paul\Cookies\paul@interclick[1].txt
C:\Documents and Settings\Paul\Cookies\paul@revsci[2].txt
C:\Documents and Settings\Paul\Cookies\paul@ads.advance[2].txt
C:\Documents and Settings\Paul\Cookies\paul@collective-media[1].txt
C:\Documents and Settings\Paul\Cookies\paul@ads.cleveland[2].txt
C:\Documents and Settings\Paul\Cookies\paul@insightexpressai[1].txt
C:\Documents and Settings\Paul\Cookies\paul@a1.interclick[1].txt
C:\Documents and Settings\Paul\Cookies\paul@revsci[1].txt
convoad.technoratimedia.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\2FYF4B37 ]
convoad.technoratimedia.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\3B5EF2WL ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\3KZNGFCR ]
adsatt.espn.go.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\4VEHWV22 ]
msnbcmedia.msn.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\54UQW9GY ]
webmedia.bankofamerica.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\774SWYWT ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\99GRUQ9D ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\9HXSFAUD ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\AV8EJB7V ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\BQMKV2P2 ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\BYW98HS2 ]
msnbcmedia.msn.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\CP525UAG ]
convoad.technoratimedia.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\DAEFETSL ]
www.versuscountrybagamonsterbuck.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\DFT2XXJY ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\E7VPVY34 ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\EGMYHSC7 ]
media.mtvnservices.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\FPCFQ96W ]
msnbcmedia.msn.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\G4GJRGJ6 ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\G4GJRGJ6 ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\GJGMZHVY ]
adsatt.espn.go.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\H7JHV6N2 ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\H7JHV6N2 ]
adsatt.espn.go.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\JAALAUYY ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\JAALAUYY ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\KQC477LF ]
objects.tremormedia.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\LHFC5H6L ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\MSUKQA2Z ]
msnbcmedia.msn.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\NVPCEUKB ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\NVPCEUKB ]
msnbcmedia.msn.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\PFWYGZY8 ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\QTTDG826 ]
adsatt.espn.go.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\S3T5E4VQ ]
kona.kontera.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\SSTEJARK ]
adsatt.espn.go.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\TA4SGZ6V ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\U8VE8RYR ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\WSK6JE4N ]
msnbcmedia.msn.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\XCPAN26F ]
cdn.insights.gravity.com [ E:\Maxtor backup\PAUL43\History\Level2\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\Y5YWRWZE ]
convoad.technoratimedia.com [ E:\Maxtor backup\PAUL43\History\Level3\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\DAEFETSL ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level3\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\H7JHV6N2 ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level3\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\KQC477LF ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level3\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\NVPCEUKB ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level3\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\U8VE8RYR ]
convoad.technoratimedia.com [ E:\Maxtor backup\PAUL43\History\Level4\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\DAEFETSL ]
secure-us.imrworldwide.com [ E:\Maxtor backup\PAUL43\History\Level4\C\Documents and Settings\Paul\Application Data\Macromedia\Flash Player\#SharedObjects\U8VE8RYR ]

Malawarebytes Log--

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5204

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/28/2010 8:49:04 AM
mbam-log-2010-11-28 (08-49-04).txt

Scan type: Full scan (C:\|E:\|)
Objects scanned: 269902
Time elapsed: 59 minute(s), 59 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Onemore question? What is KLDetector 13 zip I have it downloaded on my Desktop but don't think I ever used it-- got it from a recommendation on the Kim Komona e-mail newsletter. Thanks.




Dell 8250-2.4GHz-1Gig RDRAM,XP PRO,IE8, ESET Smart Security
Asus Laptop—Vista SP3 2G ram

#8 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:23 AM

Posted 28 November 2010 - 08:32 PM

KLDetector is a program that detects a malware called keyloggers.

Lots of quirks but no sign of infection here, paul43.

Please run a scanner called OTL and let's see if there's any issues that we can sort out with that log.

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Posted Image
m0le is a proud member of UNITE

#9 paul43

paul43
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:23 AM

Posted 28 November 2010 - 10:11 PM

mOle I cannot get the OTL reports thru to you---they PASTE in the box OK but evertime I try to send them I either get a YOU MUST HAVE A POST in pink of I get --- LOADING in Green--- I shut down the computer --ran the OTL tried fast reply & regular reply --- I waited about 15 minutes for the LOADING to load---nothing ----
What am I doing wrong?

Edited by paul43, 28 November 2010 - 10:14 PM.

Dell 8250-2.4GHz-1Gig RDRAM,XP PRO,IE8, ESET Smart Security
Asus Laptop—Vista SP3 2G ram

#10 paul43

paul43
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:23 AM

Posted 28 November 2010 - 10:12 PM

mOle -- see now the last post I just sent you about my problems went right through

Any Ideas?


Dell 8250-2.4GHz-1Gig RDRAM,XP PRO,IE8, ESET Smart Security
Asus Laptop—Vista SP3 2G ram

#11 paul43

paul43
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:23 AM

Posted 29 November 2010 - 03:45 PM

mOle, I left those OTL report on all night with the LOADING notice in GREEN at the top but nothing happened.

I tried sending them again today and they PASTED into the reply just find but when I hit ADD REPLY all I got was --

YOU MUST HAVE A POST in Pink at the top of the page.

Do you know what the problem is?

Paul 43
Dell 8250-2.4GHz-1Gig RDRAM,XP PRO,IE8, ESET Smart Security
Asus Laptop—Vista SP3 2G ram

#12 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:23 AM

Posted 29 November 2010 - 04:34 PM

Are you able to attach the log?
Posted Image
m0le is a proud member of UNITE

#13 paul43

paul43
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:23 AM

Posted 29 November 2010 - 05:36 PM

I didn't try to attach the log I just PASTED them in--- I don't know how to attach the log
do I just click on CLICK TO ATTACH FILES?


Dell 8250-2.4GHz-1Gig RDRAM,XP PRO,IE8, ESET Smart Security
Asus Laptop—Vista SP3 2G ram

#14 paul43

paul43
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:23 AM

Posted 29 November 2010 - 05:38 PM

I still get the message-- YOU MUST ADD A POST

Attached Files


Dell 8250-2.4GHz-1Gig RDRAM,XP PRO,IE8, ESET Smart Security
Asus Laptop—Vista SP3 2G ram

#15 paul43

paul43
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:23 AM

Posted 29 November 2010 - 05:42 PM

mOle I don't know what happen that time but I remembered how to ATTACH the files--- the when I hit add reply I got that You must add a Post and then I typed that note to you and hit reply and they look like they apparently went thru.
Dell 8250-2.4GHz-1Gig RDRAM,XP PRO,IE8, ESET Smart Security
Asus Laptop—Vista SP3 2G ram




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users