Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus or Rootkit, WhiteSmoke Translator etc.


  • This topic is locked This topic is locked
3 replies to this topic

#1 dsnuckel

dsnuckel

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:09 PM

Posted 13 January 2011 - 02:59 PM

Have been having problems with this computer. WhiteSmoke Translator was found and I tried running rootkit scanners but non have fixed. MSE found and removed some viruses. Now I am not able to access the microsoft update site. Also, if I do a search in Google and then click on one of the results, it just reloads the main google.com page.
EDIT: I believe it is a google redirect virus as random pages will load when clicking on google result links.

Here is a OTL OTL.text and EXTRAS.text logs... I will download RKUnhooker now and provide that log next. Thanks a lot.

OTL logfile created on: 1/13/2011 1:41:04 PM - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 424.00 Mb Available Physical Memory | 41.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 231.86 Gb Total Space | 63.66 Gb Free Space | 27.45% Space Free | Partition Type: NTFS
Drive G: | 3.73 Gb Total Space | 3.55 Gb Free Space | 95.08% Space Free | Partition Type: NTFS

Computer Name: JEC-HOME2 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/23 15:49:51 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2010/12/05 16:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 16:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/12/01 04:14:46 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2010/11/23 13:34:16 | 000,724,048 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2010/11/23 13:34:14 | 006,128,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/10/22 04:57:54 | 002,745,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2010/10/22 04:56:58 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/09/26 10:28:18 | 000,258,146 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe
PRC - [2004/08/26 18:44:48 | 000,282,624 | ---- | M] (Digital Networks North America, Inc.) -- C:\WINDOWS\SYSTEM32\RioMSC.exe
PRC - [2003/02/10 04:52:30 | 000,114,688 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe


========== Modules (SafeList) ==========

MOD - [2010/12/23 15:49:51 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2011/01/10 21:43:26 | 003,129,432 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_dbc0250.dll -- (Akamai)
SRV - [2010/11/23 13:34:14 | 006,128,208 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2006/04/03 17:12:14 | 000,014,032 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005/09/26 10:28:18 | 000,258,146 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe -- (cpextender)
SRV - [2004/08/26 18:44:48 | 000,282,624 | ---- | M] (Digital Networks North America, Inc.) [Auto | Running] -- C:\WINDOWS\SYSTEM32\RioMSC.exe -- (RioMSC)
SRV - [2003/03/03 13:33:40 | 000,143,360 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)
SRV - [2003/02/10 04:52:30 | 000,114,688 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe -- (ASFAgent)
SRV - [2000/05/24 15:20:36 | 000,015,360 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\WINDOWS\SYSTEM32\ATMsrvc.exe -- (ATMsrvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\zxkhnujp.sys -- (zxkhnujp)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\zvycjeud.sys -- (zvycjeud)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\zrycikzw.sys -- (zrycikzw)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\zpzjtxct.sys -- (zpzjtxct)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\zpwudbzd.sys -- (zpwudbzd)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\zpoyyrtr.sys -- (zpoyyrtr)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\zommuhog.sys -- (zommuhog)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\zguedblq.sys -- (zguedblq)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\yvklpnyt.sys -- (yvklpnyt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ytsotbpo.sys -- (ytsotbpo)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\yrnxuvik.sys -- (yrnxuvik)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\yosuewte.sys -- (yosuewte)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ynesteqo.sys -- (ynesteqo)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ympjvist.sys -- (ympjvist)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\yisibyvb.sys -- (yisibyvb)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\yhfcrzwe.sys -- (yhfcrzwe)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ygaphjqf.sys -- (ygaphjqf)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\yfqqrdwz.sys -- (yfqqrdwz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\yegfpjte.sys -- (yegfpjte)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\yebscdqa.sys -- (yebscdqa)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ybaloztu.sys -- (ybaloztu)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\xzqfnpjj.sys -- (xzqfnpjj)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\xyamfxso.sys -- (xyamfxso)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\xxuvadls.sys -- (xxuvadls)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\xwynbepu.sys -- (xwynbepu)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\xvntwxho.sys -- (xvntwxho)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\xpwznkda.sys -- (xpwznkda)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\xorphgim.sys -- (xorphgim)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\xodgjfgz.sys -- (xodgjfgz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\xnlbseac.sys -- (xnlbseac)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\xmxzxvka.sys -- (xmxzxvka)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\xkijfkhg.sys -- (xkijfkhg)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\xjndqeze.sys -- (xjndqeze)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\xhnapokb.sys -- (xhnapokb)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\xgwepxju.sys -- (xgwepxju)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\xewuuobj.sys -- (xewuuobj)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\xejqvbxs.sys -- (xejqvbxs)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\xdzjyndx.sys -- (xdzjyndx)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\xdwciyzp.sys -- (xdwciyzp)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\xdmnhdev.sys -- (xdmnhdev)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\xdleyual.sys -- (xdleyual)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wzghxbgl.sys -- (wzghxbgl)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wytzdriz.sys -- (wytzdriz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wvcivnho.sys -- (wvcivnho)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wusximjd.sys -- (wusximjd)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wsisjszl.sys -- (wsisjszl)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wpkfxxeb.sys -- (wpkfxxeb)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wpcfhnlw.sys -- (wpcfhnlw)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wooenftp.sys -- (wooenftp)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wocggscy.sys -- (wocggscy)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wnonrygv.sys -- (wnonrygv)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wmppdasm.sys -- (wmppdasm)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wlrjukir.sys -- (wlrjukir)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wkxtarqy.sys -- (wkxtarqy)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wkcnmbqw.sys -- (wkcnmbqw)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wjvxqdey.sys -- (wjvxqdey)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wikxblqh.sys -- (wikxblqh)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\whmaukks.sys -- (whmaukks)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wfwyxtsh.sys -- (wfwyxtsh)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wdksoavk.sys -- (wdksoavk)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wcdvfqyi.sys -- (wcdvfqyi)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wbvtbgis.sys -- (wbvtbgis)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wbuyfudq.sys -- (wbuyfudq)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\wawgzgaa.sys -- (wawgzgaa)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\vzmksszl.sys -- (vzmksszl)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\vzkxltpk.sys -- (vzkxltpk)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\vwrzunhw.sys -- (vwrzunhw)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\vwdsynsl.sys -- (vwdsynsl)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\vuzosjfl.sys -- (vuzosjfl)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\vtxwqhuu.sys -- (vtxwqhuu)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\vrvsztoj.sys -- (vrvsztoj)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\vqcpxmjq.sys -- (vqcpxmjq)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\vozeaqdk.sys -- (vozeaqdk)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\vnskyino.sys -- (vnskyino)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\vmexxjyr.sys -- (vmexxjyr)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\vlszizxe.sys -- (vlszizxe)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\vitihihu.sys -- (vitihihu)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\viimkrig.sys -- (viimkrig)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\vgedlrlo.sys -- (vgedlrlo)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\velwifpv.sys -- (velwifpv)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\vdpgjwxb.sys -- (vdpgjwxb)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\vdapkhrx.sys -- (vdapkhrx)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\vcpjvnox.sys -- (vcpjvnox)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\vbmqjkjm.sys -- (vbmqjkjm)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\vbgsbhud.sys -- (vbgsbhud)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\uzjumgdr.sys -- (uzjumgdr)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\uzfmiqfm.sys -- (uzfmiqfm)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\uytoelqe.sys -- (uytoelqe)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\uucgimgr.sys -- (uucgimgr)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\usxwnfti.sys -- (usxwnfti)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\usjadhxj.sys -- (usjadhxj)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\uqwolavy.sys -- (uqwolavy)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\uqpmkals.sys -- (uqpmkals)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\uoyzalff.sys -- (uoyzalff)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\uooqlrmm.sys -- (uooqlrmm)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\undipwis.sys -- (undipwis)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\unctkbrl.sys -- (unctkbrl)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ulmhiqwj.sys -- (ulmhiqwj)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\uiaeqqep.sys -- (uiaeqqep)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\uiacmqnn.sys -- (uiacmqnn)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\uhgkrzwe.sys -- (uhgkrzwe)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ucgtvsbw.sys -- (ucgtvsbw)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ucbabxhu.sys -- (ucbabxhu)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ubtqdatj.sys -- (ubtqdatj)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\tzzwpjsr.sys -- (tzzwpjsr)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\tzqbupev.sys -- (tzqbupev)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\tzmjplso.sys -- (tzmjplso)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\twjapywx.sys -- (twjapywx)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\tuxudaur.sys -- (tuxudaur)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\tuccrlsq.sys -- (tuccrlsq)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\tscxosjg.sys -- (tscxosjg)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\tqvpuigq.sys -- (tqvpuigq)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\toqqravv.sys -- (toqqravv)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\tnnniszw.sys -- (tnnniszw)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\tlldffyn.sys -- (tlldffyn)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\tgiocuck.sys -- (tgiocuck)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\tdbetqmb.sys -- (tdbetqmb)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\tcqwyime.sys -- (tcqwyime)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\szpgpbuo.sys -- (szpgpbuo)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\syfcnqdf.sys -- (syfcnqdf)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sxxnokid.sys -- (sxxnokid)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\swrtqbno.sys -- (swrtqbno)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\svoojcqp.sys -- (svoojcqp)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\svhefkgv.sys -- (svhefkgv)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ssumcrpu.sys -- (ssumcrpu)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ssjlbpfn.sys -- (ssjlbpfn)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\srbrbrib.sys -- (srbrbrib)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sqhvqjyq.sys -- (sqhvqjyq)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\spcfvubj.sys -- (spcfvubj)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sonaufbb.sys -- (sonaufbb)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\snojjlmr.sys -- (snojjlmr)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\snjqxiyf.sys -- (snjqxiyf)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\smuxdkft.sys -- (smuxdkft)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\slbtmjhg.sys -- (slbtmjhg)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sjwxwngk.sys -- (sjwxwngk)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sjqjnpdd.sys -- (sjqjnpdd)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sjdrcivs.sys -- (sjdrcivs)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\siwwmznf.sys -- (siwwmznf)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\siwmyyfv.sys -- (siwmyyfv)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sinrbngm.sys -- (sinrbngm)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sflsgeha.sys -- (sflsgeha)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sfdcceoe.sys -- (sfdcceoe)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sfcxtcrd.sys -- (sfcxtcrd)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sedhptcc.sys -- (sedhptcc)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sdxylgkg.sys -- (sdxylgkg)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sdwhhwkz.sys -- (sdwhhwkz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sdlfxzog.sys -- (sdlfxzog)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\schnfgnt.sys -- (schnfgnt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\scfusfea.sys -- (scfusfea)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\saxfgcpb.sys -- (saxfgcpb)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\samgmqot.sys -- (samgmqot)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\rzurkips.sys -- (rzurkips)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\rwjymafn.sys -- (rwjymafn)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\rukvkemu.sys -- (rukvkemu)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\rtljfyis.sys -- (rtljfyis)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\rpbnltjz.sys -- (rpbnltjz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\rpapeqal.sys -- (rpapeqal)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\rootrepeal.sys -- (rootrepeal)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ronqthtn.sys -- (ronqthtn)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\rmpkopnk.sys -- (rmpkopnk)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\rlvuaexo.sys -- (rlvuaexo)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\rkltxzxz.sys -- (rkltxzxz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\rkioaplt.sys -- (rkioaplt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\rjidombg.sys -- (rjidombg)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\rizwwwmb.sys -- (rizwwwmb)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\rendkofy.sys -- (rendkofy)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\rcoyachz.sys -- (rcoyachz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\qyxhdygl.sys -- (qyxhdygl)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\qxoftghh.sys -- (qxoftghh)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\qwnaposr.sys -- (qwnaposr)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\qsyyyhir.sys -- (qsyyyhir)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\qrxdzovw.sys -- (qrxdzovw)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\qrvxdhzq.sys -- (qrvxdhzq)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\qqfawfql.sys -- (qqfawfql)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\qowykdii.sys -- (qowykdii)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\qoqmhldv.sys -- (qoqmhldv)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\qolzevbq.sys -- (qolzevbq)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\qnqndewm.sys -- (qnqndewm)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\qmgxfbvj.sys -- (qmgxfbvj)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\qmgjqplk.sys -- (qmgjqplk)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\qkfjiyef.sys -- (qkfjiyef)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\qkdixdlv.sys -- (qkdixdlv)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\qiktqtpz.sys -- (qiktqtpz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\qhyasomg.sys -- (qhyasomg)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\qeoqnylg.sys -- (qeoqnylg)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\qcxasgvn.sys -- (qcxasgvn)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\qbaaxelc.sys -- (qbaaxelc)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\qayxckry.sys -- (qayxckry)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\pzqmtrrt.sys -- (pzqmtrrt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\przivjoa.sys -- (przivjoa)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\pptwcfvu.sys -- (pptwcfvu)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\poowpquq.sys -- (poowpquq)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\plhmtppv.sys -- (plhmtppv)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\pkxqjcqe.sys -- (pkxqjcqe)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\pkqaxwxi.sys -- (pkqaxwxi)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\pjifttsu.sys -- (pjifttsu)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\pitahapz.sys -- (pitahapz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\phxmmouz.sys -- (phxmmouz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\phmbaobr.sys -- (phmbaobr)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\pfrwnmss.sys -- (pfrwnmss)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\peshxtgn.sys -- (peshxtgn)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\pdzatxvy.sys -- (pdzatxvy)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\pdyovnmf.sys -- (pdyovnmf)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\pdyfodnc.sys -- (pdyfodnc)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\padimpiz.sys -- (padimpiz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ozuwrtlh.sys -- (ozuwrtlh)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ozrbqqom.sys -- (ozrbqqom)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\owonamfz.sys -- (owonamfz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ouwckhsp.sys -- (ouwckhsp)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\oubtpzew.sys -- (oubtpzew)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\otuduzvw.sys -- (otuduzvw)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\otbldebj.sys -- (otbldebj)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\orsxlgaa.sys -- (orsxlgaa)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\opounptj.sys -- (opounptj)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ooppnuem.sys -- (ooppnuem)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\oomqywnu.sys -- (oomqywnu)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\onbfsady.sys -- (onbfsady)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\omhfnfku.sys -- (omhfnfku)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\olkvfaof.sys -- (olkvfaof)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\okqpqwqt.sys -- (okqpqwqt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\oggigaoa.sys -- (oggigaoa)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ofbjjdlk.sys -- (ofbjjdlk)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\odokwnbj.sys -- (odokwnbj)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\odkpijfs.sys -- (odkpijfs)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\obuktjfu.sys -- (obuktjfu)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\oavvrzmt.sys -- (oavvrzmt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\nzucwxil.sys -- (nzucwxil)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\nyzuebgg.sys -- (nyzuebgg)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\nyziaisi.sys -- (nyziaisi)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\nwykymgt.sys -- (nwykymgt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\nwwymwdr.sys -- (nwwymwdr)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\nvetrqqo.sys -- (nvetrqqo)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\nuvcximh.sys -- (nuvcximh)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\nthftzlk.sys -- (nthftzlk)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ntdwjtdd.sys -- (ntdwjtdd)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\nsirbeud.sys -- (nsirbeud)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\nqozajmt.sys -- (nqozajmt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\noseykfg.sys -- (noseykfg)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\nonprdqh.sys -- (nonprdqh)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\nldhnube.sys -- (nldhnube)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\njjnnqdd.sys -- (njjnnqdd)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\nhzdfbcz.sys -- (nhzdfbcz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ngceqajo.sys -- (ngceqajo)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ncltycat.sys -- (ncltycat)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\nbngpqeh.sys -- (nbngpqeh)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\nawksihh.sys -- (nawksihh)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\myxexzja.sys -- (myxexzja)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\mxnguvot.sys -- (mxnguvot)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\mxcyihqt.sys -- (mxcyihqt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\mwaomqzy.sys -- (mwaomqzy)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\mvcfbvni.sys -- (mvcfbvni)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\muehsipb.sys -- (muehsipb)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\msksaakq.sys -- (msksaakq)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\mrckkjce.sys -- (mrckkjce)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\mpfhzmqo.sys -- (mpfhzmqo)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\mpbhvnma.sys -- (mpbhvnma)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\moiayrge.sys -- (moiayrge)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\mofjajom.sys -- (mofjajom)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\mkqevstd.sys -- (mkqevstd)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\mhstgyul.sys -- (mhstgyul)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\mgaatzxh.sys -- (mgaatzxh)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\mfplnwus.sys -- (mfplnwus)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\mekpamte.sys -- (mekpamte)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\medtpdmx.sys -- (medtpdmx)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\majmkvce.sys -- (majmkvce)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\lzhyinhr.sys -- (lzhyinhr)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\lxcsqpcy.sys -- (lxcsqpcy)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\lxaqtfov.sys -- (lxaqtfov)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\lwwukdtw.sys -- (lwwukdtw)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ltterafu.sys -- (ltterafu)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\lsadjkix.sys -- (lsadjkix)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\lmmjpdmq.sys -- (lmmjpdmq)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\lmgmfrzz.sys -- (lmgmfrzz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\lgxvnssz.sys -- (lgxvnssz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\lfthklfi.sys -- (lfthklfi)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ldncveaf.sys -- (ldncveaf)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ldjlqwxi.sys -- (ldjlqwxi)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ldiqqvvh.sys -- (ldiqqvvh)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\lcvucixb.sys -- (lcvucixb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\kziqaiyo.sys -- (kziqaiyo)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\kxdxfjjk.sys -- (kxdxfjjk)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\kvhuubov.sys -- (kvhuubov)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\kurxjqvn.sys -- (kurxjqvn)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\kundwetp.sys -- (kundwetp)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\kukljlbk.sys -- (kukljlbk)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ktjpnnkt.sys -- (ktjpnnkt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\kpkqnjab.sys -- (kpkqnjab)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\kkzkzyqv.sys -- (kkzkzyqv)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\kjcotjdn.sys -- (kjcotjdn)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\kefggjex.sys -- (kefggjex)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\kdcyrwgs.sys -- (kdcyrwgs)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\kanztfnz.sys -- (kanztfnz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\jzgzvcmq.sys -- (jzgzvcmq)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\jyiymcdg.sys -- (jyiymcdg)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\jxnmjpuz.sys -- (jxnmjpuz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\jwgnlbhz.sys -- (jwgnlbhz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\jwfcbzcu.sys -- (jwfcbzcu)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\jvqqvwjh.sys -- (jvqqvwjh)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\jpbadyrt.sys -- (jpbadyrt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\jodupzve.sys -- (jodupzve)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\jlafyour.sys -- (jlafyour)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\jkxwazoy.sys -- (jkxwazoy)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\jjtmnyad.sys -- (jjtmnyad)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\jhsmtchc.sys -- (jhsmtchc)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\jhoputzi.sys -- (jhoputzi)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\jhiwwgup.sys -- (jhiwwgup)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\jgvvvonx.sys -- (jgvvvonx)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\jgizikit.sys -- (jgizikit)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\jgesczlp.sys -- (jgesczlp)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\jfhiseic.sys -- (jfhiseic)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\jezgtrdp.sys -- (jezgtrdp)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\jceqflgt.sys -- (jceqflgt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\iwpzijqp.sys -- (iwpzijqp)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\iuvhilaq.sys -- (iuvhilaq)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\iuiyqgfo.sys -- (iuiyqgfo)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\iphlsipb.sys -- (iphlsipb)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\imqbwbvt.sys -- (imqbwbvt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\iktopfnf.sys -- (iktopfnf)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ijhuajad.sys -- (ijhuajad)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ihngljmt.sys -- (ihngljmt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ignvfdds.sys -- (ignvfdds)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ibjskkpj.sys -- (ibjskkpj)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ibfynkhj.sys -- (ibfynkhj)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\wATV03nt.sys -- (iAimTV2)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\hzhiamas.sys -- (hzhiamas)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\hzcgcpcf.sys -- (hzcgcpcf)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\hyxtpwjy.sys -- (hyxtpwjy)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\hpkwkpfc.sys -- (hpkwkpfc)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\hmizsnex.sys -- (hmizsnex)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\hlxyolqq.sys -- (hlxyolqq)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\hkroywki.sys -- (hkroywki)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\hjjeyumf.sys -- (hjjeyumf)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\hidqgnct.sys -- (hidqgnct)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\hgljbimy.sys -- (hgljbimy)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\hevdujia.sys -- (hevdujia)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\gyxmolrn.sys -- (gyxmolrn)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\gxxfutwj.sys -- (gxxfutwj)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\gwtqlpsl.sys -- (gwtqlpsl)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\gugcjrlk.sys -- (gugcjrlk)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\gtrbrfyu.sys -- (gtrbrfyu)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\gopzzwhg.sys -- (gopzzwhg)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\gokippnb.sys -- (gokippnb)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\gofbdisa.sys -- (gofbdisa)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\gnloqgfv.sys -- (gnloqgfv)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\gmtlafxy.sys -- (gmtlafxy)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\glxlkcyz.sys -- (glxlkcyz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\glorexkm.sys -- (glorexkm)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\gkvqvhqt.sys -- (gkvqvhqt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\gjxwcdgy.sys -- (gjxwcdgy)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\giaxnztb.sys -- (giaxnztb)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ghzujzhu.sys -- (ghzujzhu)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\gglwsqho.sys -- (gglwsqho)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\gfqjnoec.sys -- (gfqjnoec)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\gdwwgnjf.sys -- (gdwwgnjf)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\gdqhvhwb.sys -- (gdqhvhwb)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\fzkomenz.sys -- (fzkomenz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\fytzjakr.sys -- (fytzjakr)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ftoocdav.sys -- (ftoocdav)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\fsaztdjz.sys -- (fsaztdjz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\fqtlwgts.sys -- (fqtlwgts)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\fniutdbb.sys -- (fniutdbb)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\fncuorvd.sys -- (fncuorvd)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\fncccijs.sys -- (fncccijs)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\flpeorcq.sys -- (flpeorcq)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\fghvhpvb.sys -- (fghvhpvb)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ffuysuaw.sys -- (ffuysuaw)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ffnciiye.sys -- (ffnciiye)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\fepckdwl.sys -- (fepckdwl)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\fedtzsrd.sys -- (fedtzsrd)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\febxurld.sys -- (febxurld)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\febjswxv.sys -- (febjswxv)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\fdxbxqwt.sys -- (fdxbxqwt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\fcfnrsqi.sys -- (fcfnrsqi)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\faeqcaar.sys -- (faeqcaar)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\eykhsheu.sys -- (eykhsheu)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ewewlwil.sys -- (ewewlwil)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\evgnqmaz.sys -- (evgnqmaz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\eujpwgyh.sys -- (eujpwgyh)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\eqvpfkba.sys -- (eqvpfkba)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\epnfbiob.sys -- (epnfbiob)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\eotamsvc.sys -- (eotamsvc)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\eoorqdgc.sys -- (eoorqdgc)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\eoaysofs.sys -- (eoaysofs)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\emyvenxn.sys -- (emyvenxn)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\emqcslzs.sys -- (emqcslzs)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\emfugcqp.sys -- (emfugcqp)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\eltjglbp.sys -- (eltjglbp)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\elhooplb.sys -- (elhooplb)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ekzhmmwt.sys -- (ekzhmmwt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ekqncarh.sys -- (ekqncarh)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ejvdmohc.sys -- (ejvdmohc)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ejoooekh.sys -- (ejoooekh)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ehwrgtja.sys -- (ehwrgtja)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\eggnjbpy.sys -- (eggnjbpy)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\eegrcerw.sys -- (eegrcerw)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\edmvdusr.sys -- (edmvdusr)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ebvcepkj.sys -- (ebvcepkj)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ebuciunp.sys -- (ebuciunp)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dzwbintc.sys -- (dzwbintc)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dzqgdlse.sys -- (dzqgdlse)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dzmxeoxo.sys -- (dzmxeoxo)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dzkllzbn.sys -- (dzkllzbn)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dwkaegsp.sys -- (dwkaegsp)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dumlscik.sys -- (dumlscik)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dsvnbxyp.sys -- (dsvnbxyp)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dshotttz.sys -- (dshotttz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dquejivm.sys -- (dquejivm)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dpkfctqy.sys -- (dpkfctqy)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dnuzdkps.sys -- (dnuzdkps)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dnpowgyu.sys -- (dnpowgyu)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dmkokfvz.sys -- (dmkokfvz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dlbtddlf.sys -- (dlbtddlf)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dkmjzqdu.sys -- (dkmjzqdu)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dimrqsaa.sys -- (dimrqsaa)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dhebpvnn.sys -- (dhebpvnn)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dhacwkxp.sys -- (dhacwkxp)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dgylshfs.sys -- (dgylshfs)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dgpmlbes.sys -- (dgpmlbes)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dgodqtvn.sys -- (dgodqtvn)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\devyhxzo.sys -- (devyhxzo)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\deehipzz.sys -- (deehipzz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\dbaidixd.sys -- (dbaidixd)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\damsqrtw.sys -- (damsqrtw)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\d347bus.sys -- (d347bus)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\czoyflls.sys -- (czoyflls)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cwgmpctb.sys -- (cwgmpctb)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cujkuszr.sys -- (cujkuszr)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cttrassx.sys -- (cttrassx)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\crcxmdfi.sys -- (crcxmdfi)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cqwmtpgo.sys -- (cqwmtpgo)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cqtkmsuy.sys -- (cqtkmsuy)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cqsdwaal.sys -- (cqsdwaal)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\colegszo.sys -- (colegszo)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cnhyutmm.sys -- (cnhyutmm)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cnepxdfn.sys -- (cnepxdfn)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cksfcrjz.sys -- (cksfcrjz)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cjuzzpjf.sys -- (cjuzzpjf)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ciqquqdl.sys -- (ciqquqdl)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\chdhxwqc.sys -- (chdhxwqc)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cgxkozko.sys -- (cgxkozko)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cbqiveix.sys -- (cbqiveix)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cbqaqqtg.sys -- (cbqaqqtg)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\bxvffaha.sys -- (bxvffaha)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\bxuuuabt.sys -- (bxuuuabt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\bxhwaidf.sys -- (bxhwaidf)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\buvdbvoq.sys -- (buvdbvoq)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\btggjmuv.sys -- (btggjmuv)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\bsrnepdq.sys -- (bsrnepdq)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\bsdxqeml.sys -- (bsdxqeml)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\bptdvpfd.sys -- (bptdvpfd)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\bpqeyuds.sys -- (bpqeyuds)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\bocgtfzn.sys -- (bocgtfzn)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\blewgdmi.sys -- (blewgdmi)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\bkpkrmbm.sys -- (bkpkrmbm)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\bhdxzvei.sys -- (bhdxzvei)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\bgthmtwf.sys -- (bgthmtwf)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\bdmfackj.sys -- (bdmfackj)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\bddhmzdw.sys -- (bddhmzdw)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\azjwgxwe.sys -- (azjwgxwe)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aypratnx.sys -- (aypratnx)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\ayebnkou.sys -- (ayebnkou)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\avbmgvmd.sys -- (avbmgvmd)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\auuvvdeb.sys -- (auuvvdeb)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aukwikqa.sys -- (aukwikqa)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\atsezetl.sys -- (atsezetl)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\arznmwua.sys -- (arznmwua)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\arjtrjsy.sys -- (arjtrjsy)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\apvqhiro.sys -- (apvqhiro)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aovplawo.sys -- (aovplawo)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aoqsaewg.sys -- (aoqsaewg)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aofddrzx.sys -- (aofddrzx)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\anwocqni.sys -- (anwocqni)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\angmpqwl.sys -- (angmpqwl)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\alwakdls.sys -- (alwakdls)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\adgkcqpe.sys -- (adgkcqpe)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\adfqubyk.sys -- (adfqubyk)
DRV - [2010/12/23 10:32:49 | 000,135,032 | ---- | M] (Doctor Web, Ltd.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\dwprot.sys -- (DwProt)
DRV - [2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/12 13:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/13 15:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 20:42:38 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/08/19 20:42:36 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 20:42:34 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2008/04/13 12:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\61883.sys -- (61883)
DRV - [2008/04/13 12:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\avc.sys -- (Avc)
DRV - [2008/04/13 12:46:09 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\msdv.sys -- (MSDV)
DRV - [2008/04/13 12:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 12:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 12:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2005/09/26 10:28:18 | 000,108,400 | ---- | M] (Check Point Software Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\vna.sys -- (VNA)
DRV - [2005/05/05 17:53:12 | 000,028,352 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2005/02/22 20:36:03 | 000,986,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2005/02/01 16:46:00 | 000,056,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atineuxx.sys -- (ATITUNEP)
DRV - [2005/02/01 16:45:12 | 000,074,240 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atinesxx.sys -- (ATIXSAudio)
DRV - [2005/02/01 16:42:58 | 000,165,888 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atinevxx.sys -- (atinevxx)
DRV - [2005/02/01 16:41:58 | 000,014,848 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atinpdxx.sys -- (PCDCODEC)
DRV - [2005/02/01 16:41:40 | 000,015,360 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atinmdxx.sys -- (MVDCODEC)
DRV - [2005/02/01 16:37:46 | 000,055,296 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atinraxx.sys -- (ativraxx)
DRV - [2004/10/09 19:56:57 | 000,016,128 | ---- | M] (Digital Networks North America, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\RIOUNIV.SYS -- (RIOUNIV)
DRV - [2004/08/22 16:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\d347prt.sys -- (d347prt)
DRV - [2004/08/03 23:29:49 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/03 23:29:47 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/03 23:29:45 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/03 23:29:43 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/03 23:29:42 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/03 23:29:41 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/03 23:29:37 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/03 23:29:37 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/03 23:29:37 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/03 23:29:36 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 22:29:54 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\nv4_mini.sys -- (nv)
DRV - [2004/03/29 16:28:24 | 000,014,531 | ---- | M] (iRiver, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ifp700.sys -- (IFP700)
DRV - [2003/10/26 13:24:43 | 000,206,464 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\udfreadr_xp.sys -- (UdfReadr_xp)
DRV - [2003/10/26 13:24:43 | 000,143,834 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2003/10/26 13:24:43 | 000,030,630 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2003/10/26 13:24:43 | 000,025,898 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2003/04/28 09:15:38 | 000,140,544 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\fasttx2k.sys -- (fasttx2k)
DRV - [2002/12/18 04:31:06 | 000,036,064 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Asfalrt.sys -- (AsfAlrt)
DRV - [2002/12/17 12:32:58 | 000,061,424 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2002/12/17 12:32:46 | 000,023,436 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2002/12/17 12:27:32 | 000,241,152 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\cdudf_xp.sys -- (cdudf_xp)
DRV - [2002/11/08 13:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/09/24 08:13:32 | 000,100,719 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\atinrvxx.sys -- (atinrvxx)
DRV - [2001/10/16 13:21:56 | 000,013,780 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pfc.sys -- (pfc)
DRV - [2001/08/17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 13:53:32 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\qv2kux.sys -- (QV2KUX)
DRV - [2001/08/17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 12:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)
DRV - [1997/12/22 20:02:46 | 000,023,936 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr8/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://smbusiness.dellnet.com/
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://smbusiness.dellnet.com/
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=Z007&form=ZGAPHP
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://smbusiness.dellnet.com/
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://smbusiness.dellnet.com/
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=Z007&form=ZGAPHP
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1905061693-2016141331-1578967019-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://smbusiness.dellnet.com/
IE - HKU\S-1-5-21-1905061693-2016141331-1578967019-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1905061693-2016141331-1578967019-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-1905061693-2016141331-1578967019-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8074

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/09 13:36:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2011/01/13 09:53:08 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2011/01/13 12:07:45 | 000,000,153 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 64.4.21.125 http://update.microsoft.com
O1 - Hosts: 64.4.21.125 http://windowsupdate.microsoft.com
O1 - Hosts: http://update.microsoft.com
O1 - Hosts: http://windowsupdate.microsoft.com/
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (WhiteSmoke Toolbar) - {52794457-af6c-4c50-9def-f2e24f4c8889} - C:\Program Files\whitesmoketoolbar\whitesmoketoolbarX.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (AOLSearchHook Class) - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL Search\AOLSearch.dll (America Online, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - c:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (WhiteSmoke Toolbar) - {52794457-af6c-4c50-9def-f2e24f4c8889} - C:\Program Files\whitesmoketoolbar\whitesmoketoolbarX.dll ()
O3 - HKLM\..\Toolbar: (&ESPN) - {AE6F2894-AF10-4C9C-B16E-1DFC6FF8C0C6} - C:\Program Files\ESPN\Toolbar\DIGToolBar.dll (Walt Disney Internet Group)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1905061693-2016141331-1578967019-500\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1905061693-2016141331-1578967019-500\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\davidl\Start Menu\Programs\Startup\Registration-Studio 8.lnk = C:\Program Files\Pinnacle\Studio 8\Register\RegTool.exe (Pinnacle Systems, Inc.)
O4 - Startup: C:\Documents and Settings\joec\Start Menu\Programs\Startup\MotionBased Agent.lnk = C:\Program Files\MotionBased\Agent\MBAgent.exe (MotionBased Technologies)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1905061693-2016141331-1578967019-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1905061693-2016141331-1578967019-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1905061693-2016141331-1578967019-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1905061693-2016141331-1578967019-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL (ATI Technologies Inc.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKU\S-1-5-21-1905061693-2016141331-1578967019-500\..Trusted Domains: microsoft.com ([support] http in Trusted sites)
O15 - HKU\S-1-5-21-1905061693-2016141331-1578967019-500\..Trusted Domains: microsoft.com ([update] https in Trusted sites)
O15 - HKU\S-1-5-21-1905061693-2016141331-1578967019-500\..Trusted Domains: microsoft.com ([windowsupdate] http in Trusted sites)
O16 - DPF: {00134F72-5284-44F7-95A8-52A619F70751} https://deepblue/officescan/console/ClientInstall/WinNTChk.cab (Reg Error: Key error.)
O16 - DPF: {08D75BB0-D2B5-11D1-88FC-0080C859833B} https://deepblue/officescan/console/ClientInstall/setupini.cab (Reg Error: Key error.)
O16 - DPF: {08D75BC1-D2B5-11D1-88FC-0080C859833B} https://deepblue/officescan/console/ClientInstall/setup.cab (Reg Error: Key error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} http://protect.microsoft.com/security/protect/wsa/shared/CAB/x86/msSecAdv.cab?1109648937796 (MSSecurityAdvisor Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} https://deepblue/officescan/console/html/AtxEnc.cab (Encrypt Class)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {5EFE8CB1-D095-11D1-88FC-0080C859833B} https://deepblue/officescan/console/ClientInstall/RemoveCtrl.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093949952578 (WUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} http://172.16.3.10/activex/AMC.cab (AxisMediaControl Class)
O16 - DPF: {75A6AEA3-F26E-4608-AE9B-8DA78C87576E} https://kingsisle.hs.llnwd.net/e1/static/themes/wizard101A/activex/Wizard101GameLauncher.CAB (Wizard101GameLauncher)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37960.6160185185 (Reg Error: Key error.)
O16 - DPF: {C7DEDA04-2FFF-4B81-AE66-0A0E0EF4AD2F} http://www.ritzpix.com/net/Uploader/LPUploader57.cab (Image Uploader Control)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.1.20 172.16.1.19
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = FINKL.com
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 13:36:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/13 13:40:23 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2011/01/13 13:14:28 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2011/01/13 13:04:18 | 001,344,600 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Administrator\Desktop\TDSSKiller.exe
[2011/01/13 13:03:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Downloads
[2011/01/13 09:51:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011/01/13 09:15:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\1. Malware Process Killers
[2011/01/10 20:59:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\whitesmoketoolbar
[2011/01/10 20:56:41 | 000,000,000 | ---D | C] -- C:\Program Files\whitesmoketoolbar
[2011/01/10 20:31:30 | 000,000,000 | ---D | C] -- C:\Program Files\Whitesmoke Translator
[2010/12/23 16:57:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2010/12/23 16:38:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\GlarySoft
[2010/12/23 16:35:20 | 000,000,000 | ---D | C] -- C:\Program Files\Glary Utilities
[2010/12/23 16:30:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\PCHealth
[2010/12/23 12:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\AdobeUM
[2010/12/23 12:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
[2010/12/23 12:11:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\My eBooks
[2010/12/23 11:51:16 | 000,472,064 | ---- | C] ( ) -- C:\Documents and Settings\Administrator\Desktop\RootRepeal.exe
[2010/12/23 11:28:09 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/12/23 11:11:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/12/23 10:56:48 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/12/23 10:32:49 | 000,135,032 | ---- | C] (Doctor Web, Ltd.) -- C:\WINDOWS\System32\drivers\dwprot.sys
[2010/12/23 10:03:39 | 000,000,000 | ---D | C] -- C:\f3c9cfe46c45a38642fd2463
[2010/12/23 09:25:50 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2010/12/23 09:15:46 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/12/23 09:15:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/12/23 09:11:00 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Administrator\Desktop\spybotsd162.exe
[2010/12/22 20:24:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Temp
[2010/12/22 17:03:15 | 000,000,000 | ---D | C] -- C:\$AVG
[2010/12/22 16:42:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\AVG10
[2010/12/22 16:41:16 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/12/22 16:39:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/12/22 16:38:39 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/12/22 15:57:30 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2010/12/22 10:03:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\whitesmoketoolbar
[2010/12/22 08:15:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2010/12/22 08:15:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/22 08:15:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/12/22 08:15:18 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/22 08:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/12/21 12:30:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\%APPDATA%
[2010/12/21 11:03:11 | 000,000,000 | ---D | C] -- C:\_OTL
[2005/08/25 16:23:07 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2005/03/21 20:58:23 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys

========== Files - Modified Within 30 Days ==========

[2011/01/13 13:31:05 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/01/13 13:27:52 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/01/13 13:25:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/01/13 13:25:52 | 1072,750,592 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/13 13:06:23 | 004,154,145 | R--- | M] () -- C:\Documents and Settings\Administrator\Desktop\C-F.exe
[2011/01/13 12:24:18 | 000,000,256 | RHS- | M] () -- C:\BOOT.INI
[2011/01/13 12:07:45 | 000,000,153 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts
[2011/01/13 11:56:40 | 000,065,664 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\GPO-WSUS.msc
[2011/01/13 11:51:09 | 000,401,084 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2011/01/13 11:51:09 | 000,061,258 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2011/01/13 11:24:04 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/13 10:23:46 | 104,126,713 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/01/13 09:56:48 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/01/13 09:49:05 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/01/13 09:24:43 | 000,000,656 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\RegBackup.reg
[2011/01/12 20:24:10 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/12 09:52:16 | 001,344,600 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Administrator\Desktop\TDSSKiller.exe
[2011/01/10 22:12:46 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/01/10 20:32:44 | 000,001,356 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Buy Whitesmoke Translator.lnk
[2011/01/10 20:31:30 | 000,001,453 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Launch WhiteSmoke Translator.lnk
[2011/01/10 19:42:54 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ZoomBrowser EX.lnk
[2011/01/10 19:27:34 | 000,001,853 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010/12/23 17:10:50 | 000,001,720 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Security Essentials.lnk
[2010/12/23 16:59:07 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2010/12/23 16:56:48 | 000,000,328 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2010/12/23 16:35:42 | 000,000,715 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Glary Utilities.lnk
[2010/12/23 15:49:51 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/12/23 11:56:02 | 000,000,015 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\settings.dat
[2010/12/23 10:32:49 | 000,135,032 | ---- | M] (Doctor Web, Ltd.) -- C:\WINDOWS\System32\drivers\dwprot.sys
[2010/12/23 09:15:54 | 000,000,973 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Spybot - Search & Destroy.lnk
[2010/12/23 09:14:18 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Administrator\Desktop\spybotsd162.exe
[2010/12/22 15:44:55 | 000,001,609 | ---- | M] () -- C:\WINDOWS\hegames.ini
[2010/12/22 15:35:36 | 000,000,064 | ---- | M] () -- C:\WINDOWS\MsgAgt.INI
[2010/12/22 09:50:26 | 000,000,281 | ---- | M] () -- C:\Boot.bak
[2010/12/22 08:15:23 | 000,000,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/21 12:30:04 | 000,001,072 | ---- | M] () -- C:\WINDOWS\System32\Improve Your PC.lnk

========== Files Created - No Company Name ==========

[2011/01/13 13:25:52 | 1072,750,592 | -HS- | C] () -- C:\hiberfil.sys
[2011/01/13 13:05:56 | 004,154,145 | R--- | C] () -- C:\Documents and Settings\Administrator\Desktop\C-F.exe
[2011/01/13 11:37:27 | 000,065,664 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\GPO-WSUS.msc
[2011/01/13 10:23:46 | 104,126,713 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/01/13 09:56:48 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/01/13 09:24:43 | 000,000,656 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\RegBackup.reg
[2011/01/10 20:32:44 | 000,001,356 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Buy Whitesmoke Translator.lnk
[2011/01/10 20:31:30 | 000,001,453 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Launch WhiteSmoke Translator.lnk
[2010/12/23 17:10:50 | 000,001,720 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Security Essentials.lnk
[2010/12/23 17:03:46 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/12/23 16:53:59 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2010/12/23 16:35:43 | 000,000,328 | ---- | C] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2010/12/23 16:35:42 | 000,000,715 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Glary Utilities.lnk
[2010/12/23 12:20:19 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/12/23 11:51:22 | 000,000,015 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\settings.dat
[2010/12/23 09:15:54 | 000,000,973 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Spybot - Search & Destroy.lnk
[2010/12/22 08:15:23 | 000,000,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/21 12:30:04 | 000,001,072 | ---- | C] () -- C:\WINDOWS\System32\Improve Your PC.lnk
[2010/12/21 10:31:24 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/12/21 10:31:24 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/10/01 08:38:01 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\s0PoXgA.dat
[2009/10/18 17:47:14 | 000,002,896 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/07/09 13:55:03 | 000,000,274 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/07/09 11:38:32 | 000,000,520 | ---- | C] () -- C:\WINDOWS\netdet.ini
[2008/02/17 11:53:42 | 000,001,365 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/12/13 18:30:04 | 000,001,609 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2007/10/25 13:13:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\prestopm.INI
[2007/10/25 13:13:27 | 000,000,177 | -H-- | C] () -- C:\WINDOWS\NsNetScan.ini
[2007/02/25 09:23:33 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/11/04 12:51:52 | 000,000,024 | ---- | C] () -- C:\WINDOWS\Pccntmon.INI
[2005/11/04 12:50:16 | 000,006,560 | ---- | C] () -- C:\WINDOWS\cfgall.ini
[2005/04/29 17:17:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2005/03/09 20:50:37 | 001,642,496 | ---- | C] () -- C:\WINDOWS\System32\mplva6.dll
[2005/03/09 20:50:37 | 001,576,960 | ---- | C] () -- C:\WINDOWS\System32\mplvw7.dll
[2005/03/09 20:50:37 | 001,548,288 | ---- | C] () -- C:\WINDOWS\System32\mplvm6.dll
[2005/03/09 20:50:37 | 001,118,208 | ---- | C] () -- C:\WINDOWS\System32\mplvpx.dll
[2005/03/09 20:50:37 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\mplaw7.dll
[2005/03/09 20:50:37 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\mplaa6.dll
[2005/03/09 20:50:37 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\mplapx.dll
[2005/03/09 20:50:37 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\mplam6.dll
[2005/03/09 20:50:37 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2005/03/07 07:03:38 | 000,001,418 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2004/05/31 20:12:13 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DirectCDUserNameD.txt
[2004/05/30 15:05:07 | 000,025,713 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2004/05/13 18:39:30 | 001,208,320 | ---- | C] () -- C:\WINDOWS\System32\cygxml2-2.dll
[2004/05/06 19:21:03 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\sysmwwod.dll
[2004/04/15 10:22:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/02/04 23:04:08 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2004/01/28 11:42:06 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\atiyuv12.dll
[2004/01/28 11:42:06 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2004/01/28 11:42:06 | 000,013,601 | ---- | C] () -- C:\WINDOWS\System32\vctest.ini
[2004/01/11 12:50:37 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2004/01/11 12:44:15 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS3i.DLL
[2004/01/11 12:41:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2004/01/11 12:27:45 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2004/01/11 12:27:45 | 000,000,085 | ---- | C] () -- C:\WINDOWS\PM20.INI
[2004/01/11 12:27:39 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2004/01/11 12:27:17 | 000,000,074 | ---- | C] () -- C:\WINDOWS\PMINI.ini
[2004/01/11 12:26:59 | 000,000,525 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2003/12/17 15:48:12 | 000,000,052 | ---- | C] () -- C:\WINDOWS\webica.ini
[2003/12/08 12:18:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2003/12/05 17:05:56 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/12/04 11:03:42 | 000,062,464 | ---- | C] () -- C:\WINDOWS\System32\cygz.dll
[2003/10/26 13:26:24 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/10/26 13:18:14 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/10/26 13:15:57 | 000,000,064 | ---- | C] () -- C:\WINDOWS\MsgAgt.INI
[2003/08/11 04:59:20 | 000,980,992 | ---- | C] () -- C:\WINDOWS\System32\cygiconv-2.dll
[2003/07/11 14:34:44 | 000,000,791 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/12/18 04:31:54 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\aolninst.dll
[2002/12/18 04:31:36 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\netamsg.dll
[2002/09/03 13:35:18 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/08/20 18:37:50 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[1980/01/01 00:00:00 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\e1000msg.dll

< End of report >

--------------------------------------------------------------------------------------------------------------------------------------------------
OTL Extras logfile created on: 1/13/2011 1:41:04 PM - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,023.00 Mb Total Physical Memory | 424.00 Mb Available Physical Memory | 41.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 231.86 Gb Total Space | 63.66 Gb Free Space | 27.45% Space Free | Partition Type: NTFS
Drive G: | 3.73 Gb Total Space | 3.55 Gb Free Space | 95.08% Space Free | Partition Type: NTFS

Computer Name: JEC-HOME2 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1055:TCP" = 1055:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{04E7A3BB-DB38-481C-A809-35FA60C78EDF}" = AVG 2011
"{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg
"{102CBC47-7FDE-4E6C-8A3A-67B79833FAC8}" = BPDSoftware_Ini
"{11B2F891-91C8-47ce-945A-A91003EA27FB}" = BPDSoftware
"{17424F35-8B77-4ADF-BC63-BF9B81418539}" = Apple Application Support
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1ADB7BF5-F8EB-4F76-98FD-65A7FFBEAECE}" = Whitesmoke Translator
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 13
"{2A329FB6-389D-4396-A974-29656D6864AE}" = MarketResearch
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{389D45C9-AA08-4034-A256-2A38C311999D}" = Iomega Discovery Tool Pro
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{432A850B-3558-4BFF-B1F9-30626835B523}" = BPD_DSWizards
"{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{57F60D52-630B-43C5-BD20-176F5CD4EED6}" = bpd_scan
"{624E7452-BA43-4f55-B9D5-FC75EEA0808B}" = Officejet Pro 8500 A909 Series
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{87A9A9A9-FAB7-4224-9328-0FA2058C0FD5}" = Network
"{8CC42289-E228-4A35-B8A9-015242283BB2}" = SPORE™ Creature Creator
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90FF23FE-0E1B-40DF-A22E-B4C0372E5936}" = Iomega Product Registration
"{91CA0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{92596597-71B3-4608-8628-AD48F2664EB9}" = Retrospect 7.5
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CCCFD9C-248F-47FE-9496-1680E3E5C163}" = Scan
"{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B495547C-01F8-4836-A2E6-749B5F3EA691}" = 8500A909_Help
"{BEE7766E-C99F-4735-A42B-77924324F253}" = Backyard Soccer 2004
"{C29C1940-CB85-4F3B-906C-33FEE0E67103}" = DocMgr
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD8C5C7F-7C58-4F85-8977-A6C08C087912}" = MPM
"{D5DEF057-D3BC-499f-99EE-884ED429B6D1}" = 8500A909g
"{DA8BF070-1358-4a30-A68F-21E0E9421AEF}" = ProductContext
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E8843212-F0FC-4C3B-BFF3-D51829CB4F19}" = iTunes
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4C68898-EBA5-46A9-82B3-2D30426086BF}" = AVG 2011
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"AVG" = AVG 2011
"Glary Utilities_is1" = Glary Utilities 2.30.0.1066
"Google Chrome" = Google Chrome
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 12.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 12.0
"HPOCR" = OCR Software by I.R.I.S. 12.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{BEE7766E-C99F-4735-A42B-77924324F253}" = Backyard Soccer 2004
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft Security Client" = Microsoft Security Essentials
"Scratch" = Scratch
"Windows XP Service Pack" = Windows XP Service Pack 3

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/13/2011 1:38:09 PM | Computer Name = JEC-HOME2 | Source = Userenv | ID = 1053
Description = Windows cannot determine the user or computer name. (Access is denied.
). Group Policy processing aborted.

Error - 1/13/2011 1:41:08 PM | Computer Name = JEC-HOME2 | Source = Userenv | ID = 1053
Description = Windows cannot determine the user or computer name. (Access is denied.
). Group Policy processing aborted.

Error - 1/13/2011 1:56:44 PM | Computer Name = JEC-HOME2 | Source = Userenv | ID = 1053
Description = Windows cannot determine the user or computer name. (Access is denied.
). Group Policy processing aborted.

Error - 1/13/2011 1:57:08 PM | Computer Name = JEC-HOME2 | Source = Userenv | ID = 1053
Description = Windows cannot determine the user or computer name. (Access is denied.
). Group Policy processing aborted.

Error - 1/13/2011 2:13:53 PM | Computer Name = JEC-HOME2 | Source = Userenv | ID = 1053
Description = Windows cannot determine the user or computer name. (Access is denied.
). Group Policy processing aborted.

Error - 1/13/2011 2:19:14 PM | Computer Name = JEC-HOME2 | Source = Userenv | ID = 1053
Description = Windows cannot determine the user or computer name. (Access is denied.
). Group Policy processing aborted.

Error - 1/13/2011 3:26:41 PM | Computer Name = JEC-HOME2 | Source = Userenv | ID = 1053
Description = Windows cannot determine the user or computer name. (Access is denied.
). Group Policy processing aborted.

Error - 1/13/2011 3:26:45 PM | Computer Name = JEC-HOME2 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007052b). Unable to update the password. The value provided
as the current password is incorrect. Enrollment will not be performed.

Error - 1/13/2011 3:32:16 PM | Computer Name = JEC-HOME2 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The connection with the server was terminated abnormally

Error - 1/13/2011 3:32:16 PM | Computer Name = JEC-HOME2 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

[ System Events ]
Error - 1/13/2011 3:12:37 PM | Computer Name = JEC-HOME2 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MDM with arguments
"" in order to run the server: {943B6A75-BB5E-41A7-A6D3-A1A5E892B33B}

Error - 1/13/2011 3:12:48 PM | Computer Name = JEC-HOME2 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MDM with arguments
"" in order to run the server: {943B6A75-BB5E-41A7-A6D3-A1A5E892B33B}

Error - 1/13/2011 3:14:23 PM | Computer Name = JEC-HOME2 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MDM with arguments
"" in order to run the server: {943B6A75-BB5E-41A7-A6D3-A1A5E892B33B}

Error - 1/13/2011 3:15:02 PM | Computer Name = JEC-HOME2 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MDM with arguments
"" in order to run the server: {943B6A75-BB5E-41A7-A6D3-A1A5E892B33B}

Error - 1/13/2011 3:15:39 PM | Computer Name = JEC-HOME2 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service MDM with arguments
"" in order to run the server: {943B6A75-BB5E-41A7-A6D3-A1A5E892B33B}

Error - 1/13/2011 3:22:28 PM | Computer Name = JEC-HOME2 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 1/13/2011 3:24:40 PM | Computer Name = JEC-HOME2 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 1/13/2011 3:26:17 PM | Computer Name = JEC-HOME2 | Source = NETLOGON | ID = 5721
Description = The session setup to the Windows NT or Windows 2000 Domain Controller
\\JUNO.FINKL.com for the domain FINKL failed because the Domain Controller does
not have an account for the computer JEC-HOME2.

Error - 1/13/2011 3:27:10 PM | Computer Name = JEC-HOME2 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
d347bus

Error - 1/13/2011 3:41:33 PM | Computer Name = JEC-HOME2 | Source = NETLOGON | ID = 5721
Description = The session setup to the Windows NT or Windows 2000 Domain Controller
\\TITAN.FINKL.com for the domain FINKL failed because the Domain Controller does
not have an account for the computer JEC-HOME2.


< End of report >

Edited by dsnuckel, 13 January 2011 - 04:07 PM.


BC AdBot (Login to Remove)

 


#2 dsnuckel

dsnuckel
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:09 PM

Posted 13 January 2011 - 03:20 PM

Here is the RKUnhooker log. I did all of the scans. The only one that didn't work was the "Files" scan. I got this message box for that: Please wait while Rku makes scan....Getting list of files and directories (C:\) It sat like that for a while so I just canceled it and it moved on to the next scan.


RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #1
==============================================
>SSDT State
==============================================
ntoskrnl.exe-->NtAllocateVirtualMemory, Type: Address change 0x80568FCA-->F73AB088 [dwprot.sys]
ntoskrnl.exe-->NtCreateThread, Type: Address change 0x80587A3C-->F73AC1E0 [dwprot.sys]
ntoskrnl.exe-->NtFreeVirtualMemory, Type: Address change 0x805698F5-->F73AB306 [dwprot.sys]
ntoskrnl.exe-->NtOpenProcess, Type: Address change 0x805719AC-->EE2866C0 [C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys]
ntoskrnl.exe-->NtOpenSection, Type: Address change 0x805711B4-->F73AAED2 [dwprot.sys]
ntoskrnl.exe-->NtQueueApcThread, Type: Address change 0x8058A487-->F73AC2E2 [dwprot.sys]
ntoskrnl.exe-->NtSetContextThread, Type: Address change 0x8062E057-->F73AC32E [dwprot.sys]
ntoskrnl.exe-->NtSystemDebugControl, Type: Address change 0x8064A01B-->F73AAE00 [dwprot.sys]
ntoskrnl.exe-->NtTerminateProcess, Type: Address change 0x805824CC-->EE286770 [C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys]
ntoskrnl.exe-->NtTerminateThread, Type: Address change 0x8057BA6F-->EE286810 [C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys]
ntoskrnl.exe-->NtWriteVirtualMemory, Type: Address change 0x8057E60A-->EE2868B0 [C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys]
==============================================
>Shadow
==============================================
win32k.sys-->NtUserGetAsyncKeyState, Type: Address change 0xBF8A3E9C-->EE285C30 [C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys]
win32k.sys-->NtUserGetKeyboardState, Type: Address change 0xBF8AD34B-->EE285B70 [C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys]
win32k.sys-->NtUserGetKeyState, Type: Address change 0xBF823E97-->EE285BC0 [C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys]
win32k.sys-->NtUserMessageCall, Type: Address change 0xBF80EEAE-->F73AC02C [dwprot.sys]
win32k.sys-->NtUserPostMessage, Type: Address change 0xBF808327-->F73ABFA0 [dwprot.sys]
win32k.sys-->NtUserPostThreadMessage, Type: Address change 0xBF85FD24-->F73AA950 [dwprot.sys]
win32k.sys-->NtUserQueryWindow, Type: Address change 0xBF80A142-->F73AA878 [dwprot.sys]
win32k.sys-->NtUserSetWindowsHookEx, Type: Address change 0xBF8AD40B-->EE285AE0 [C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys]
win32k.sys-->NtUserSwitchDesktop, Type: Address change 0xBF87D9BF-->F73AA814 [dwprot.sys]
==============================================
>Processes
==============================================
0x86FC6490 [4] System
0x866D9788 [188] C:\WINDOWS\SYSTEM32\spoolsv.exe (Microsoft Corporation, Spooler SubSystem App)
0x86722388 [288] C:\WINDOWS\SYSTEM32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x86B23DA0 [384] C:\WINDOWS\SYSTEM32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x86348DA0 [404] C:\WINDOWS\SYSTEM32\ctfmon.exe (Microsoft Corporation, CTF Loader)
0x862ABDA0 [472] C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe (Microsoft Corporation, Microsoft Malware Protection Command Line Utility)
0x86CAB440 [496] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc., MobileDeviceService)
0x86788DA0 [684] C:\Program Files\Intel\ASF Agent\ASFAgent.exe (Intel Corporation, ASF Agent COM Service)
0x86B27020 [812] C:\WINDOWS\SYSTEM32\smss.exe (Microsoft Corporation, Windows NT Session Manager)
0x86E2CDA0 [868] C:\PROGRA~1\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o., AVG Cache Server)
0x86E22928 [924] C:\PROGRA~1\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o., AVG Resident Shield Service)
0x86716230 [1044] C:\WINDOWS\SYSTEM32\csrss.exe (Microsoft Corporation, Client Server Runtime Process)
0x86E21990 [1072] C:\WINDOWS\SYSTEM32\winlogon.exe (Microsoft Corporation, Windows NT Logon Application)
0x86661DA0 [1100] C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe (Check Point Software Technologies, -)
0x866E8020 [1124] C:\WINDOWS\SYSTEM32\services.exe (Microsoft Corporation, Services and Controller app)
0x866C36B0 [1136] C:\WINDOWS\SYSTEM32\lsass.exe (Microsoft Corporation, LSA Shell (Export Version))
0x8649D728 [1308] C:\WINDOWS\explorer.exe (Microsoft Corporation, Windows Explorer)
0x86B83568 [1328] C:\WINDOWS\SYSTEM32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x8669FB98 [1396] C:\WINDOWS\SYSTEM32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x8666CDA0 [1536] C:\WINDOWS\SYSTEM32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x86B24DA0 [1544] C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation, Antimalware Service Executable)
0x86BFADA0 [1580] C:\WINDOWS\SYSTEM32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x8674FB98 [1676] C:\WINDOWS\SYSTEM32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x8674CDA0 [1776] C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc., Java™ Quick Starter Service)
0x8672FDA0 [1804] C:\WINDOWS\SYSTEM32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x86683B70 [1864] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation, Machine Debug Manager)
0x866CC440 [1956] C:\WINDOWS\SYSTEM32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x8677BDA0 [2116] C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe (Microsoft Corporation, SQL Server Windows NT)
0x86433B98 [2172] C:\WINDOWS\SYSTEM32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x8646E580 [2236] C:\WINDOWS\SYSTEM32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x86413580 [2308] C:\WINDOWS\SYSTEM32\RioMSC.exe (Digital Networks North America, Inc., Rio Mass Storage Class Device Manager)
0x8641BDA0 [2480] C:\WINDOWS\SYSTEM32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x863CBB98 [2696] C:\WINDOWS\SYSTEM32\wuauclt.exe (Microsoft Corporation, Windows Update)
0x86768DA0 [2924] C:\Program Files\AVG\AVG10\avgnsx.exe (AVG Technologies CZ, s.r.o., AVG Online Shield Service)
0x8634F4B0 [3124] C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o., AVG IDS application)
0x86285968 [3352] C:\Documents and Settings\Administrator\Desktop\RKUnhookerLE.EXE (UG North, RKULE, SR2 Normandy)
0x86E93950 [3616] C:\WINDOWS\SYSTEM32\WBEM\wmiprvse.exe (Microsoft Corporation, WMI)
0x86B87DA0 [3668] C:\WINDOWS\SYSTEM32\alg.exe (Microsoft Corporation, Application Layer Gateway Service)
0x86CD9DA0 [308] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o., AVG Tray Monitor)
0x86677378 [1008] C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o., AVG Watchdog Service)
0x863CD918 [2652] C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o., AVG IDS application)
==============================================
>Drivers
==============================================
0xBF012000 C:\WINDOWS\System32\nv4_disp.dll 4276224 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Display driver, Version 56.73 )
0x804D7000 C:\WINDOWS\system32\ntoskrnl.exe 2189952 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2189952 bytes
0x804D7000 RAW 2189952 bytes
0x804D7000 WMIxWDM 2189952 bytes
0xF62EF000 C:\WINDOWS\System32\DRIVERS\nv4_mini.sys 1900544 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73 )
0xBF800000 Win32k 1855488 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1855488 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xF72C6000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xF61BD000 C:\WINDOWS\system32\drivers\smwdm.sys 548864 bytes (Analog Devices, Inc., SoundMAX Integrated Digital Audio )
0xEDE93000 C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xF60C8000 C:\WINDOWS\System32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xEBA28000 C:\WINDOWS\System32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xEB17A000 C:\WINDOWS\System32\DRIVERS\srv.sys 356352 bytes (Microsoft Corporation, Server driver)
0xEB9E0000 C:\WINDOWS\system32\DRIVERS\avgtdix.sys 294912 bytes (AVG Technologies CZ, s.r.o., AVG Network connection watcher)
0xEC424000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xEB6B1000 C:\WINDOWS\system32\DRIVERS\avgldx86.sys 245760 bytes (AVG Technologies CZ, s.r.o., AVG AVI Loader Driver)
0xEBAEB000 C:\WINDOWS\System32\Drivers\cdudf_xp.SYS 241664 bytes (Roxio, CD-UDF NT Filesystem Driver)
0xEBAA6000 C:\WINDOWS\System32\Drivers\UdfReadr_xp.SYS 208896 bytes (Roxio, CD-UDF NT Filesystem Reader Driver)
0xF6126000 C:\WINDOWS\System32\DRIVERS\rdpdr.sys 196608 bytes (Microsoft Corporation, Microsoft RDP Device redirector)
0xF7492000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xEB389000 C:\WINDOWS\System32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xF736A000 C:\WINDOWS\system32\drivers\NDIS.SYS 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xEC305000 C:\WINDOWS\system32\drivers\kmixer.sys 176128 bytes (Microsoft Corporation, Kernel Mode Audio Mixer)
0xED6E0000 C:\WINDOWS\System32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xEB856000 C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys 163840 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Driver.)
0xED7C3000 C:\WINDOWS\System32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xEBC2B000 C:\WINDOWS\system32\DRIVERS\MpFilter.sys 159744 bytes (Microsoft Corporation, Microsoft antimalware file system filter driver)
0xF743C000 dmio.sys 155648 bytes (Microsoft Corp., Veritas Software, NT Disk Manager I/O Driver)
0xEB9BA000 C:\WINDOWS\System32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xEB832000 C:\WINDOWS\System32\Drivers\Fastfat.SYS 147456 bytes (Microsoft Corporation, Fast FAT File System Driver)
0xF6199000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xF62B7000 C:\WINDOWS\System32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xEB68E000 C:\WINDOWS\System32\Drivers\dump_fasttx2k.sys 143360 bytes
0xF7401000 fasttx2k.sys 143360 bytes (Promise Technology, Inc., Promise FastTrak Series Driver for WindowsXP)
0xF6262000 C:\WINDOWS\System32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xED7A1000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x806EE000 ACPI_HAL 131840 bytes
0x806EE000 C:\WINDOWS\system32\hal.dll 131840 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xF7397000 dwprot.sys 131072 bytes (Doctor Web, Ltd., Dr.Web Protection for Windows)
0xF73C9000 fltmgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xF7462000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xF6243000 C:\WINDOWS\System32\Drivers\pwd_2k.SYS 126976 bytes (Roxio, Win2000 Framework for Packet Write Driver)
0xF6299000 C:\WINDOWS\System32\DRIVERS\e1000325.sys 122880 bytes (Intel Corporation, Intel® PRO/1000 Adapter NDIS 5.1 deserialized driver)
0xF6156000 C:\WINDOWS\system32\DRIVERS\vna.sys 110592 bytes (Check Point Software Technologies, -)
0xF72AC000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xF7424000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xF73E9000 C:\WINDOWS\system32\drivers\SCSIPORT.SYS 98304 bytes (Microsoft Corporation, SCSI Port Driver)
0xF7353000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xF6182000 C:\WINDOWS\System32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xEC353000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xF6285000 C:\WINDOWS\System32\DRIVERS\parport.sys 81920 bytes (Microsoft Corporation, Parallel Port Driver)
0xF62DB000 C:\WINDOWS\System32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xEBA81000 C:\WINDOWS\System32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xF73B7000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xF7481000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xF6171000 C:\WINDOWS\System32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xEBD5D000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xF76A1000 C:\WINDOWS\System32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xF7591000 C:\WINDOWS\System32\DRIVERS\nic1394.sys 65536 bytes (Microsoft Corporation, IEEE1394 Ndis Miniport and Call Manager)
0xF7541000 ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0xF7671000 C:\WINDOWS\System32\DRIVERS\serial.sys 65536 bytes (Microsoft Corporation, Serial Device Driver)
0xEBCEF000 C:\WINDOWS\System32\DRIVERS\arp1394.sys 61440 bytes (Microsoft Corporation, IP/1394 Arp Client)
0xF7691000 C:\WINDOWS\System32\Drivers\Cdr4_xp.SYS 61440 bytes (Roxio, CDR4_XP CDR Helper)
0xF6EA4000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xF76B1000 C:\WINDOWS\System32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xEBDCD000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xF76C1000 C:\WINDOWS\System32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xF7551000 C:\WINDOWS\System32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0xF7521000 C:\WINDOWS\System32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xF6E94000 C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF7501000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xEDBFA000 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys 49152 bytes (AVG Technologies CZ, s.r.o., AVG Resident Shield Minifilter Driver)
0xF6E74000 C:\WINDOWS\System32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xF7571000 agp440.sys 45056 bytes (Microsoft Corporation, 440 NT AGP Filter)
0xEE2A4000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xF7681000 C:\WINDOWS\System32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xF74F1000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xF6E84000 C:\WINDOWS\System32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xF7531000 sbp2port.sys 45056 bytes (Microsoft Corporation, SBP-2 Protocol Driver)
0xEB0AA000 C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys 40960 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Filter Driver.)
0xEE284000 C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys 40960 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Loader Driver.)
0xF74E1000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xF6E44000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xF6E54000 C:\WINDOWS\System32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xF7561000 AVGIDSEH.Sys 36864 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Helper Driver.)
0xF7511000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xF654F000 C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS 36864 bytes (Microsoft Corporation, Hid Class Library)
0xF7661000 C:\WINDOWS\System32\DRIVERS\intelppm.sys 36864 bytes (Microsoft Corporation, Processor Device Driver)
0xF6E64000 C:\WINDOWS\System32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xEE234000 C:\WINDOWS\System32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xEBD3F000 C:\WINDOWS\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0xEBCFF000 C:\WINDOWS\System32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xEDCBC000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF7869000 C:\WINDOWS\System32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xF144F000 C:\WINDOWS\System32\drivers\AsfAlrt.sys 28672 bytes (Intel Corporation, Asfalrt Driver)
0xF7871000 C:\WINDOWS\System32\DRIVERS\fdc.sys 28672 bytes (Microsoft Corporation, Floppy Disk Controller Driver)
0xEDCD4000 C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xF7879000 C:\WINDOWS\System32\Drivers\MxlW2k.SYS 28672 bytes (MusicMatch, Inc., MusicMatch Access Layer KMD)
0xF7761000 C:\WINDOWS\System32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xF7881000 C:\WINDOWS\System32\Drivers\Cdralw2k.SYS 24576 bytes (Roxio, CDRAL for Windows 2000 Kernel Driver)
0xF7889000 C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0xF78A1000 C:\WINDOWS\System32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xF78B9000 C:\WINDOWS\System32\Drivers\mmc_2K.SYS 24576 bytes (Roxio, CD-R/RW AddOn MMC Driver (W2K))
0xF78A9000 C:\WINDOWS\System32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xF7861000 C:\WINDOWS\System32\DRIVERS\usbuhci.sys 24576 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0xEDCCC000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xF7781000 avgrkx86.sys 20480 bytes (AVG Technologies CZ, s.r.o., AVG Anti-Rootkit Driver)
0xF77A1000 C:\WINDOWS\System32\DRIVERS\flpydisk.sys 20480 bytes (Microsoft Corporation, Floppy Driver)
0xEDCC4000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xF78B1000 C:\WINDOWS\System32\DRIVERS\omci.sys 20480 bytes (Dell Computer Corporation, OMCI Device Driver)
0xF7769000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xF7891000 C:\WINDOWS\System32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF7779000 PxHelp20.sys 20480 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xF7899000 C:\WINDOWS\System32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel® mini-port/call-manager driver)
0xF7771000 C:\WINDOWS\system32\drivers\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xF7849000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xEB34D000 C:\WINDOWS\System32\Drivers\Aspi32.SYS 16384 bytes (Adaptec, ASPI for WIN32 Kernel Driver)
0xED3BE000 C:\WINDOWS\System32\Drivers\dump_diskdump.sys 16384 bytes
0xF78F9000 ifp700.sys 16384 bytes (iRiver, Inc., iRiver Internet Audio Player USB Driver)
0xEB002000 C:\WINDOWS\system32\DRIVERS\kbdhid.sys 16384 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xF798D000 C:\WINDOWS\System32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xEB4EA000 C:\WINDOWS\System32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xF6C98000 C:\WINDOWS\System32\DRIVERS\serenum.sys 16384 bytes (Microsoft Corporation, Serial Port Enumerator)
0xF78F5000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xED8FE000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xF79BD000 C:\WINDOWS\system32\DRIVERS\hidusb.sys 12288 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xF79DD000 C:\WINDOWS\System32\Drivers\i2omgmt.SYS 12288 bytes (Microsoft Corporation, I2O Utility Filter)
0xEB8C2000 C:\WINDOWS\System32\DRIVERS\mouhid.sys 12288 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xF6C88000 C:\WINDOWS\System32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xF6C94000 C:\WINDOWS\system32\drivers\pfc.sys 12288 bytes (Padus, Inc., Padus® ASPI Shell)
0xF086C000 C:\WINDOWS\System32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xF7A25000 C:\WINDOWS\system32\drivers\aeaudio.sys 8192 bytes (Andrea Electronics Corporation, Andrea Audio Stub Driver)
0xF7A1B000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xF79E5000 d347prt.sys 8192 bytes ( , SCSI miniport)
0xF79E3000 dmload.sys 8192 bytes (Microsoft Corp., Veritas Software., NT Disk Manager Startup Driver)
0xF7A19000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF7A1D000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF7A75000 C:\WINDOWS\System32\Drivers\ParVdm.SYS 8192 bytes (Microsoft Corporation, VDM Parallel Driver)
0xF7A21000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xF7A29000 C:\WINDOWS\System32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xF79E7000 C:\WINDOWS\system32\drivers\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF79E1000 C:\WINDOWS\System32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x8662B000 C:\WINDOWS\system32\KDCOM.DLL 7040 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xF7AB1000 C:\WINDOWS\System32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xF7B56000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xF7BBE000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF7AA9000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
!!!!!!!!!!!Hidden driver: 0x86EF2298 ?_empty_? 3432 bytes
==============================================
>Stealth
==============================================
0xF7401000 WARNING: suspicious driver modification [fasttx2k.sys::0x86EF2298]
==============================================
>Files
==============================================
==============================================
>Hooks
==============================================
Key object-->ParseProcedure, Type: Kernel Object [dwprot.sys]
LpcPort object-->OpenProcedure, Type: Kernel Object [dwprot.sys]
ntoskrnl.exe+0x00004AA2, Type: Inline - RelativeJump 0x804DBAA2-->804DBAA9 [ntoskrnl.exe]
ntoskrnl.exe+0x0000BA0C, Type: Inline - PushRet 0x804E2A0C-->D15EF73A [unknown_code_page]
ntoskrnl.exe+0x0000BABC, Type: Inline - RelativeJump 0x804E2ABC-->804E2B29 [ntoskrnl.exe]
Process object-->DeleteProcedure, Type: Kernel Object [dwprot.sys]
[1308]explorer.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77DD1218-->00000000 [shimeng.dll]
[1308]explorer.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77F110B4-->00000000 [shimeng.dll]
[1308]explorer.exe-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x01001268-->00000000 [shimeng.dll]
[1308]explorer.exe-->mswsock.dll+0x00004057, Type: Inline - RelativeJump 0x71A54057-->00000000 [unknown_code_page]
[1308]explorer.exe-->mswsock.dll+0x0000433A, Type: Inline - RelativeJump 0x71A5433A-->00000000 [unknown_code_page]
[1308]explorer.exe-->mswsock.dll+0x00005847, Type: Inline - RelativeJump 0x71A55847-->00000000 [unknown_code_page]
[1308]explorer.exe-->ntdll.dll-->KiUserExceptionDispatcher, Type: Inline - RelativeJump 0x7C90E47C-->00000000 [unknown_code_page]
[1308]explorer.exe-->ntdll.dll-->NtProtectVirtualMemory, Type: Inline - RelativeJump 0x7C90D6EE-->00000000 [unknown_code_page]
[1308]explorer.exe-->ntdll.dll-->NtWriteVirtualMemory, Type: Inline - RelativeJump 0x7C90DFAE-->00000000 [unknown_code_page]
[1308]explorer.exe-->shell32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x7C9C15A4-->00000000 [shimeng.dll]
[1308]explorer.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x7E41133C-->00000000 [shimeng.dll]
[1580]svchost.exe-->mswsock.dll+0x00004057, Type: Inline - RelativeJump 0x71A54057-->00000000 [unknown_code_page]
[1580]svchost.exe-->mswsock.dll+0x0000433A, Type: Inline - RelativeJump 0x71A5433A-->00000000 [unknown_code_page]
[1580]svchost.exe-->mswsock.dll+0x00005847, Type: Inline - RelativeJump 0x71A55847-->00000000 [unknown_code_page]
[1580]svchost.exe-->ntdll.dll-->KiUserExceptionDispatcher, Type: Inline - RelativeJump 0x7C90E47C-->00000000 [unknown_code_page]
[1580]svchost.exe-->ntdll.dll-->NtProtectVirtualMemory, Type: Inline - RelativeJump 0x7C90D6EE-->00000000 [unknown_code_page]
[1580]svchost.exe-->ntdll.dll-->NtWriteVirtualMemory, Type: Inline - RelativeJump 0x7C90DFAE-->00000000 [unknown_code_page]
[1580]svchost.exe-->user32.dll-->GetCursorPos, Type: Inline - RelativeJump 0x7E42974E-->00000000 [unknown_code_page]

#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:03:09 PM

Posted 13 January 2011 - 05:40 PM

Hello there,

Could you please post me a DDS log from here as is asked for: http://www.bleepingcomputer.com/forums/topic34773.html please? :) I don't use anything by OT, and the other one doesn't tell me anything I need to know.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#4 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:03:09 PM

Posted 19 January 2011 - 08:24 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users