Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirecting when I click on search links


  • This topic is locked This topic is locked
56 replies to this topic

#1 Norro1983

Norro1983

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 11 August 2011 - 09:16 AM

Hi, I seem to have some sort of virus that is causing my goole search links to redirect away from the actual link. Google searches fine and displays a list of what look like legitimate links to the orrect website but when I click on a search link I get sent to various websites including newpaper websites, random advertising websites etc. I have done a bit of internet research and as a result have done the following; I have scanned with trendmicro housecall, malwarebytes, spybot search and destroy and spy doctor. All did not turn anything up. I have then resorted to restoring to factory settings as I have all personal files etc backed up on an external hard drive and was not concerned about losing anything else but the factory settings restore has also not removed the problem. I have now completed all of the prep stages as requested for the forum and the logs are displayed/attached as required. I don't know if it is significant or not but when I ran the gmer scan the first time the laptop blue screened but ran fine when it started up again and has been running fine since. Many many thanks for any help anyone could give me with this as I am now on day 3 of trying to solve it!

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 7.0.6001.18000
Run by Door at 14:34:46 on 2011-08-11
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.2038.1060 [GMT 1:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Sony\Network Utility\NSUService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\SiteAdvisor\6172\SAService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
C:\Program Files\Sony\Network Utility\LANUtil.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Windows\system32\msiexec.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\wsqmcons.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.club-vaio.com
mDefault_Page_URL = hxxp://www.club-vaio.com
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {089fd14d-132b-48fc-8861-0048ae113215} - c:\program files\siteadvisor\6172\SiteAdv.dll
BHO: McAfee Phishing Filter: {377c180e-6f0e-4d4c-980f-f45bd3d40cf4} - c:\progra~1\mcafee\msk\mcapbho.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\progra~1\google~1\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor: {0bf43445-2f28-4351-9252-17fe6e806aa0} - c:\program files\siteadvisor\6172\SiteAdv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [NSUFloatingUI] "c:\program files\sony\network utility\LANUtil.exe"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [mcagent_exe] c:\program files\mcafee.com\agent\mcagent.exe /runkey
mRun: [SiteAdvisor] c:\program files\siteadvisor\6172\SiteAdv.exe
mRun: [McENUI] c:\progra~1\mcafee\mhn\McENUI.exe /hide
mRun: [MarketingTools] c:\program files\sony\marketing tools\MarketingTools.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{AB6A0D4A-8039-46DA-9466-8565CA3BDF1D} : DhcpNameServer = 192.168.1.254
Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - c:\program files\siteadvisor\6172\SiteAdv.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 mfehidk;McAfee Inc.;c:\windows\system32\drivers\mfehidk.sys [2011-8-11 201288]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2011-8-11 359248]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2011-8-11 144704]
R2 NSUService;NSUService;c:\program files\sony\network utility\NSUService.exe [2011-8-11 229376]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-18 11032]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2011-8-11 695624]
R3 mfeavfk;McAfee Inc.;c:\windows\system32\drivers\mfeavfk.sys [2011-8-11 79304]
R3 mfebopk;McAfee Inc.;c:\windows\system32\drivers\mfebopk.sys [2011-8-11 35240]
R3 mfesmfk;McAfee Inc.;c:\windows\system32\drivers\mfesmfk.sys [2011-8-11 40488]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2007-12-17 9344]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-8-17 812544]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-8-11 135664]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-8-11 135664]
S3 mferkdk;McAfee Inc.;c:\windows\system32\drivers\mferkdk.sys [2011-8-11 33800]
S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\sony\vaio media plus\SOHCImp.exe [2011-8-11 104288]
S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\sony\vaio media plus\SOHDms.exe [2011-8-11 350048]
S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\sony\vaio media plus\SOHDs.exe [2011-8-11 63328]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2011-8-11 333088]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2011-8-11 87328]
.
=============== Created Last 30 ================
.
2011-08-11 20:46:15 -------- d-----w- c:\program files\common files\InterVideo
2011-08-11 20:45:25 -------- d-----w- c:\program files\InterVideo
2011-08-11 20:39:38 -------- d-----w- c:\program files\Skype
2011-08-11 20:39:33 -------- d-----w- c:\programdata\Uninstall
2011-08-11 20:39:18 -------- d-----w- c:\program files\Roxio
2011-08-11 20:38:57 -------- d-----w- c:\program files\common files\Sonic Shared
2011-08-11 20:38:38 129520 ------w- c:\windows\system32\pxafs.dll
2011-08-11 20:35:46 -------- d-----w- c:\program files\SiteAdvisor
2011-08-11 20:35:38 143360 ----a-w- c:\windows\system32\dunzip32.dll
2011-08-11 20:34:53 33800 ----a-w- c:\windows\system32\drivers\mferkdk.sys
2011-08-11 20:34:52 79304 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2011-08-11 20:34:52 40488 ----a-w- c:\windows\system32\drivers\mfesmfk.sys
2011-08-11 20:34:52 35240 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2011-08-11 20:34:52 201288 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2011-08-11 20:34:50 125728 ----a-w- c:\windows\system32\drivers\Mpfp.sys
2011-08-11 20:34:40 -------- d-----w- c:\program files\McAfee.com
2011-08-11 20:34:39 -------- d-----w- c:\program files\common files\McAfee
2011-08-11 20:34:38 -------- d-----w- c:\program files\McAfee
2011-08-11 20:33:16 -------- d-----w- c:\program files\common files\PX Storage Engine
2011-08-11 20:33:03 -------- d-----w- c:\program files\DivX
2011-08-11 20:30:54 -------- d-----w- c:\program files\Picasa2
2011-08-11 20:30:50 -------- d-----w- c:\program files\Google BAE
2011-08-11 20:30:15 -------- d-----w- c:\program files\Microsoft Small Business
2011-08-11 20:28:16 -------- d-----w- c:\program files\Microsoft SQL Server
2011-08-11 20:27:23 -------- d-----w- c:\program files\BFG
2011-08-11 20:27:20 -------- d-----w- C:\Big Fish Games
2011-08-11 20:27:14 -------- d-----w- c:\programdata\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
2011-08-11 20:27:09 -------- d-----w- c:\program files\Activation Assistant for the 2007 Microsoft Office suites
2011-08-11 20:25:17 -------- d-----w- c:\windows\PCHEALTH
2011-08-11 20:22:25 -------- d-----w- c:\windows\Sonysys
2011-08-11 13:29:28 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-11 13:13:22 98304 ----a-w- c:\windows\system32\cabview.dll
2011-08-11 13:13:21 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-08-11 13:04:40 2421760 ----a-w- c:\windows\system32\wucltux.dll
2011-08-11 13:03:34 87552 ----a-w- c:\windows\system32\wudriver.dll
2011-08-11 13:03:16 33792 ----a-w- c:\windows\system32\wuapp.exe
2011-08-11 13:03:16 171608 ----a-w- c:\windows\system32\wuwebv.dll
2011-08-11 13:00:03 -------- d-----w- c:\users\door\appdata\local\Sony_NSCE
2011-08-11 12:59:53 -------- d-----w- c:\users\door\appdata\local\Google
2011-08-11 12:59:38 -------- d-----w- c:\users\door\appdata\roaming\SiteAdvisor
2011-08-11 12:59:15 -------- d-----w- c:\users\door\appdata\local\VirtualStore
.
==================== Find3M ====================
.
.
============= FINISH: 14:35:22.58 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:49 PM

Posted 15 August 2011 - 01:30 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

In order for me to see the status of the infection I will need a new set of logs to start with.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.

Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

Scan With RKUnHooker

  • Please Download Rootkit Unhooker Save it to your desktop.
  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. Click Close.
Copy the entire contents of the report and paste it in a reply here.

Note** you may get this warning it is ok, just ignore

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"


"just click on Cancel, then Accept".

information and logs:

  • In your next post I need the following

  • .logs from DDS
  • log from RKUnHooker
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 Norro1983

Norro1983
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 15 August 2011 - 04:11 AM

Hi Gringo,

Many many thanks for your reply it is very muh appreciated. Right I have followed your instructions. In terms of switching any malware programs of etc I have switched of all components o my McAfee security center and have switched off all windows security center components including firewall, defender etc, I hope this is correct. Below are the logs you asked for

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 7.0.6001.18000
Run by Door at 9:57:06 on 2011-08-15
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.2038.839 [GMT 1:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
C:\Program Files\Sony\Network Utility\LANUtil.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Sony\Network Utility\NSUService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\SiteAdvisor\6172\SAService.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Windows\system32\mcbuilder.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.club-vaio.com
mDefault_Page_URL = hxxp://www.club-vaio.com
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {089fd14d-132b-48fc-8861-0048ae113215} - c:\program files\siteadvisor\6172\SiteAdv.dll
BHO: McAfee Phishing Filter: {377c180e-6f0e-4d4c-980f-f45bd3d40cf4} - c:\progra~1\mcafee\msk\mcapbho.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_04\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\progra~1\google~1\BAE.dll
TB: McAfee SiteAdvisor: {0bf43445-2f28-4351-9252-17fe6e806aa0} - c:\program files\siteadvisor\6172\SiteAdv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [NSUFloatingUI] "c:\program files\sony\network utility\LANUtil.exe"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_04\bin\jusched.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [mcagent_exe] c:\program files\mcafee.com\agent\mcagent.exe /runkey
mRun: [SiteAdvisor] c:\program files\siteadvisor\6172\SiteAdv.exe
mRun: [McENUI] c:\progra~1\mcafee\mhn\McENUI.exe /hide
mRun: [MarketingTools] c:\program files\sony\marketing tools\MarketingTools.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_04\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{AB6A0D4A-8039-46DA-9466-8565CA3BDF1D} : DhcpNameServer = 192.168.1.254
Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - c:\program files\siteadvisor\6172\SiteAdv.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 mfehidk;McAfee Inc.;c:\windows\system32\drivers\mfehidk.sys [2011-8-11 201288]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2011-8-11 359248]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2011-8-11 144704]
R2 NSUService;NSUService;c:\program files\sony\network utility\NSUService.exe [2011-8-11 229376]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-18 11032]
R3 mfeavfk;McAfee Inc.;c:\windows\system32\drivers\mfeavfk.sys [2011-8-11 79304]
R3 mfebopk;McAfee Inc.;c:\windows\system32\drivers\mfebopk.sys [2011-8-11 35240]
R3 mferkdk;McAfee Inc.;c:\windows\system32\drivers\mferkdk.sys [2011-8-11 33800]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2007-12-17 9344]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-8-17 812544]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-8-11 135664]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2011-8-11 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-8-11 135664]
S3 mfesmfk;McAfee Inc.;c:\windows\system32\drivers\mfesmfk.sys [2011-8-11 40488]
S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\sony\vaio media plus\SOHCImp.exe [2011-8-11 104288]
S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\sony\vaio media plus\SOHDms.exe [2011-8-11 350048]
S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\sony\vaio media plus\SOHDs.exe [2011-8-11 63328]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2011-8-11 333088]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2011-8-11 87328]
S4 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2011-8-11 695624]
.
=============== Created Last 30 ================
.
2011-08-15 08:44:25 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-08-14 18:33:37 231936 ----a-w- c:\windows\system32\msshsq.dll
2011-08-13 11:15:18 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-08-13 11:15:17 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-08-12 22:22:31 501760 ----a-w- c:\windows\system32\usp10.dll
2011-08-12 22:22:04 66048 ----a-w- c:\program files\windows mail\wabmig.exe
2011-08-12 22:22:03 515584 ----a-w- c:\program files\windows mail\wab.exe
2011-08-12 22:22:03 33280 ----a-w- c:\program files\windows mail\wabfind.dll
2011-08-12 22:20:28 72704 ----a-w- c:\windows\system32\fontsub.dll
2011-08-12 22:20:27 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-08-12 22:20:27 292864 ----a-w- c:\windows\system32\atmfd.dll
2011-08-12 22:20:27 10240 ----a-w- c:\windows\system32\dciman32.dll
2011-08-12 22:20:00 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2011-08-12 22:19:17 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll
2011-08-12 22:19:17 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll
2011-08-12 22:19:17 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll
2011-08-12 22:19:16 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll
2011-08-12 22:19:14 409600 ----a-w- c:\windows\system32\odbc32.dll
2011-08-12 22:19:14 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll
2011-08-12 22:18:51 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2011-08-12 22:14:24 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2011-08-12 22:14:24 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2011-08-12 22:14:24 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2011-08-12 22:14:24 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2011-08-12 22:14:24 104960 ----a-w- c:\windows\system32\netiohlp.dll
2011-08-12 22:14:23 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2011-08-12 22:14:23 19968 ----a-w- c:\windows\system32\ARP.EXE
2011-08-12 22:14:23 10240 ----a-w- c:\windows\system32\finger.exe
2011-08-12 22:14:12 17920 ----a-w- c:\windows\system32\netevent.dll
2011-08-12 22:11:47 513024 ----a-w- c:\windows\system32\wlansvc.dll
2011-08-12 22:11:47 302592 ----a-w- c:\windows\system32\wlansec.dll
2011-08-12 22:11:47 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2011-08-12 22:11:45 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2011-08-12 22:11:18 1399296 ----a-w- c:\windows\system32\msxml6.dll
2011-08-12 22:10:56 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-08-12 22:10:29 3600272 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-12 22:10:29 3548048 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-12 22:10:28 1205080 ----a-w- c:\windows\system32\ntdll.dll
2011-08-12 22:09:59 213504 ----a-w- c:\windows\system32\msv1_0.dll
2011-08-12 22:09:34 1161728 ----a-w- c:\windows\system32\mfc42u.dll
2011-08-12 22:09:34 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-08-12 22:09:14 1616384 ----a-w- c:\program files\windows mail\msoe.dll
2011-08-12 22:08:59 81920 ----a-w- c:\windows\system32\iccvid.dll
2011-08-12 22:08:37 15360 ----a-w- c:\windows\system32\pacerprf.dll
2011-08-12 22:08:36 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2011-08-12 22:08:09 2868224 ----a-w- c:\windows\system32\mf.dll
2011-08-12 22:07:46 304640 ----a-w- c:\windows\system32\drivers\srv.sys
2011-08-12 22:07:21 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-08-12 22:07:20 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-08-12 22:07:19 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-08-12 22:06:51 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-08-12 22:06:51 25088 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-08-12 22:06:28 376832 ----a-w- c:\windows\system32\winhttp.dll
2011-08-12 22:06:08 67072 ----a-w- c:\windows\system32\asycfilt.dll
2011-08-12 22:05:43 71680 ----a-w- c:\windows\system32\atl.dll
2011-08-12 22:05:16 339968 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
2011-08-12 22:05:16 1315840 ----a-w- c:\windows\system32\ole32.dll
2011-08-12 22:04:54 296960 ----a-w- c:\windows\system32\gdi32.dll
2011-08-12 22:04:36 126464 ----a-w- c:\windows\system32\spoolsv.exe
2011-08-12 22:04:18 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2011-08-12 22:04:18 38912 ----a-w- c:\windows\system32\xolehlp.dll
2011-08-12 22:03:55 160256 ----a-w- c:\windows\system32\wkssvc.dll
2011-08-12 22:03:37 157184 ----a-w- c:\windows\system32\t2embed.dll
2011-08-12 22:03:13 2042368 ----a-w- c:\windows\system32\win32k.sys
2011-08-12 22:02:58 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-08-12 22:02:36 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-12 22:00:34 269312 ----a-w- c:\windows\system32\es.dll
2011-08-12 22:00:19 1169408 ----a-w- c:\windows\system32\sdclt.exe
2011-08-12 22:00:05 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2011-08-12 21:59:39 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe
2011-08-12 21:59:38 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll
2011-08-12 21:59:07 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-08-12 21:59:06 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-08-12 21:58:49 766464 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2011-08-12 21:58:27 714240 ----a-w- c:\windows\system32\timedate.cpl
2011-08-12 21:57:50 1695744 ----a-w- c:\windows\system32\gameux.dll
2011-08-12 21:57:27 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2011-08-12 21:57:06 430080 ----a-w- c:\windows\system32\vbscript.dll
2011-08-12 21:55:00 636928 ----a-w- c:\windows\system32\localspl.dll
2011-08-12 21:54:38 563200 ----a-w- c:\windows\system32\oleaut32.dll
2011-08-12 21:54:15 954752 ----a-w- c:\windows\system32\mfc40.dll
2011-08-12 21:54:14 954288 ----a-w- c:\windows\system32\mfc40u.dll
2011-08-12 21:53:47 36352 ----a-w- c:\windows\system32\rtutils.dll
2011-08-12 21:50:13 40960 ----a-w- c:\windows\system32\srclient.dll
2011-08-12 21:50:13 378368 ----a-w- c:\windows\system32\srcore.dll
2011-08-12 21:50:13 318464 ----a-w- c:\windows\system32\rstrui.exe
2011-08-12 21:50:13 14848 ----a-w- c:\windows\system32\srdelayed.exe
2011-08-12 21:50:05 6656 ----a-w- c:\windows\system32\kbd106n.dll
2011-08-12 21:50:05 615992 ----a-w- c:\windows\system32\ci.dll
2011-08-12 21:50:04 927288 ----a-w- c:\windows\system32\winresume.exe
2011-08-12 21:50:03 988216 ----a-w- c:\windows\system32\winload.exe
2011-08-12 21:50:03 19000 ----a-w- c:\windows\system32\kd1394.dll
2011-08-12 21:49:57 46592 ----a-w- c:\windows\system32\setbcdlocale.dll
2011-08-12 21:49:06 866816 ----a-w- c:\windows\system32\wmpmde.dll
2011-08-12 21:47:42 62464 ----a-w- c:\windows\system32\l3codeca.acm
2011-08-12 21:47:10 1314816 ----a-w- c:\windows\system32\quartz.dll
2011-08-12 21:46:17 603648 ----a-w- c:\windows\system32\schedsvc.dll
2011-08-12 21:46:17 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-08-12 21:46:17 171520 ----a-w- c:\windows\system32\taskeng.exe
2011-08-12 21:46:16 357376 ----a-w- c:\windows\system32\taskschd.dll
2011-08-12 21:46:16 270336 ----a-w- c:\windows\system32\taskcomp.dll
2011-08-12 21:46:00 738816 ----a-w- c:\windows\system32\inetcomm.dll
2011-08-12 21:45:37 24064 ----a-w- c:\windows\system32\amxread.dll
2011-08-12 21:45:37 13824 ----a-w- c:\windows\system32\apilogen.dll
2011-08-12 21:45:17 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll
2011-08-12 21:45:17 347136 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2011-08-12 21:45:16 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2011-08-12 21:45:00 81920 ----a-w- c:\windows\system32\consent.exe
2011-08-12 21:44:39 1257472 ----a-w- c:\windows\system32\msxml3.dll
2011-08-12 21:44:26 125952 ----a-w- c:\windows\system32\wersvc.dll
2011-08-12 21:44:25 147456 ----a-w- c:\windows\system32\Faultrep.dll
2011-08-12 21:44:09 443392 ----a-w- c:\windows\system32\win32spl.dll
2011-08-12 21:43:48 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-08-12 21:43:48 565248 ----a-w- c:\windows\system32\emdmgmt.dll
2011-08-12 21:43:48 36864 ----a-w- c:\windows\system32\cdd.dll
2011-08-12 21:43:48 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2011-08-12 21:43:47 45056 ----a-w- c:\windows\system32\dataclen.dll
2011-08-12 21:43:32 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2011-08-12 21:40:44 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-12 21:40:04 43520 ----a-w- c:\windows\system32\msdxm.tlb
2011-08-12 21:40:04 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2011-08-12 21:40:03 18432 ----a-w- c:\windows\system32\amcompat.tlb
2011-08-12 21:39:27 511488 ----a-w- c:\windows\system32\RMActivate.exe
2011-08-12 21:39:27 472064 ----a-w- c:\windows\system32\secproc.dll
2011-08-12 21:39:25 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2011-08-12 21:39:25 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2011-08-12 21:39:24 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2011-08-12 21:39:24 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2011-08-12 21:39:22 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2011-08-12 21:39:22 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2011-08-12 21:39:21 329216 ----a-w- c:\windows\system32\msdrm.dll
2011-08-12 21:39:00 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2011-08-12 21:38:59 94720 ----a-w- c:\windows\system32\logagent.exe
2011-08-12 21:38:40 135168 ----a-w- c:\windows\system32\wshom.ocx
2011-08-12 21:38:39 90112 ----a-w- c:\windows\system32\wshext.dll
2011-08-12 21:38:39 180224 ----a-w- c:\windows\system32\scrobj.dll
2011-08-12 21:38:39 172032 ----a-w- c:\windows\system32\scrrun.dll
2011-08-12 21:38:39 155648 ----a-w- c:\windows\system32\wscript.exe
2011-08-12 21:38:39 135168 ----a-w- c:\windows\system32\cscript.exe
2011-08-12 21:37:58 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-08-12 21:37:57 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-08-12 21:37:36 61440 ----a-w- c:\windows\system32\msasn1.dll
2011-08-12 21:37:23 1645568 ----a-w- c:\windows\system32\connect.dll
2011-08-12 21:37:02 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2011-08-12 21:36:43 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-08-12 21:36:42 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-08-12 21:36:17 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-08-12 21:35:56 281600 ----a-w- c:\windows\system32\raschap.dll
2011-08-12 21:35:56 244224 ----a-w- c:\windows\system32\rastls.dll
2011-08-12 21:35:36 351232 ----a-w- c:\windows\system32\WSDApi.dll
2011-08-12 21:35:14 531968 ----a-w- c:\windows\system32\comctl32.dll
2011-08-12 21:34:34 91136 ----a-w- c:\windows\system32\avifil32.dll
2011-08-12 21:34:34 82944 ----a-w- c:\windows\system32\mciavi32.dll
2011-08-12 21:34:34 31744 ----a-w- c:\windows\system32\msvidc32.dll
2011-08-12 21:34:34 13312 ----a-w- c:\windows\system32\msrle32.dll
2011-08-12 21:34:34 123904 ----a-w- c:\windows\system32\msvfw32.dll
2011-08-12 21:34:33 65024 ----a-w- c:\windows\system32\avicap32.dll
2011-08-12 21:34:31 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2011-08-12 21:34:31 22528 ----a-w- c:\windows\system32\msyuv.dll
2011-08-12 21:34:31 11776 ----a-w- c:\windows\system32\tsbyuv.dll
2011-08-12 21:34:15 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2011-08-12 21:33:59 276992 ----a-w- c:\windows\system32\schannel.dll
2011-08-12 21:30:07 310784 ----a-w- c:\windows\system32\unregmp2.exe
2011-08-12 21:30:07 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe
2011-08-12 21:28:49 2730536 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2011-08-12 21:28:45 6881616 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{42cce5a7-fcab-4554-a271-a42bced05c8f}\mpengine.dll
2011-08-12 21:28:43 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-08-12 21:13:18 -------- d-----w- c:\programdata\Sports Interactive
2011-08-12 21:08:59 443752 ----a-w- c:\windows\system32\d3dx10_34.dll
2011-08-12 21:08:59 1124720 ----a-w- c:\windows\system32\D3DCompiler_34.dll
2011-08-12 21:08:57 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2011-08-12 21:08:56 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2011-08-12 21:08:54 261480 ----a-w- c:\windows\system32\xactengine2_7.dll
2011-08-12 21:08:53 443752 ----a-w- c:\windows\system32\d3dx10_33.dll
2011-08-12 21:08:52 1123696 ----a-w- c:\windows\system32\D3DCompiler_33.dll
2011-08-12 21:08:51 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2011-08-12 21:08:43 15128 ----a-w- c:\windows\system32\x3daudio1_1.dll
2011-08-12 20:54:27 80896 ----a-w- c:\windows\system32\MSNP.ax
2011-08-12 20:54:27 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-08-12 20:54:20 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-08-12 20:54:17 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-08-12 20:50:40 454656 ----a-w- c:\program files\common files\system\msadc\msadce.dll
2011-08-12 20:49:54 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-08-12 20:44:18 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-08-12 20:43:54 411136 ----a-w- c:\windows\system32\drivers\http.sys
2011-08-12 20:43:53 31232 ----a-w- c:\windows\system32\httpapi.dll
2011-08-12 20:42:33 -------- d-----w- c:\program files\MSXML 4.0
2011-08-12 20:17:12 7680 ----a-w- c:\windows\system32\spwmp.dll
2011-08-12 20:17:12 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2011-08-12 20:17:11 107520 ----a-w- c:\program files\windows media player\wmpshare.exe
2011-08-12 20:17:10 107520 ----a-w- c:\program files\windows media player\wmpconfig.exe
2011-08-12 20:17:09 4096 ----a-w- c:\windows\system32\msdxm.ocx
2011-08-12 20:17:09 4096 ----a-w- c:\windows\system32\dxmasf.dll
2011-08-12 20:17:08 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2011-08-12 19:48:46 -------- d-----w- c:\users\door\appdata\roaming\Sports Interactive
2011-08-12 19:48:46 -------- d-----w- c:\users\door\appdata\local\Sports Interactive
2011-08-12 19:10:15 -------- d--h--w- c:\program files\Zero G Registry
2011-08-12 19:10:15 -------- d-----w- c:\program files\Sports Interactive
2011-08-12 19:09:17 -------- d--h--w- c:\users\door\InstallAnywhere
2011-08-12 15:42:59 2927104 ----a-w- c:\windows\explorer.exe
2011-08-12 12:53:12 499712 ----a-w- c:\windows\system32\kerberos.dll
2011-08-12 12:53:11 175104 ----a-w- c:\windows\system32\wdigest.dll
2011-08-12 12:53:09 1256448 ----a-w- c:\windows\system32\lsasrv.dll
2011-08-12 12:53:08 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2011-08-12 12:53:06 72704 ----a-w- c:\windows\system32\secur32.dll
2011-08-12 12:53:05 9728 ----a-w- c:\windows\system32\lsass.exe
2011-08-11 20:46:15 -------- d-----w- c:\program files\common files\InterVideo
2011-08-11 20:45:25 -------- d-----w- c:\program files\InterVideo
2011-08-11 20:39:38 -------- d-----w- c:\program files\Skype
2011-08-11 20:39:33 -------- d-----w- c:\programdata\Uninstall
2011-08-11 20:39:18 -------- d-----w- c:\program files\Roxio
2011-08-11 20:38:57 -------- d-----w- c:\program files\common files\Sonic Shared
2011-08-11 20:38:38 129520 ------w- c:\windows\system32\pxafs.dll
2011-08-11 20:35:46 -------- d-----w- c:\program files\SiteAdvisor
2011-08-11 20:35:38 143360 ----a-w- c:\windows\system32\dunzip32.dll
2011-08-11 20:34:53 33800 ----a-w- c:\windows\system32\drivers\mferkdk.sys
2011-08-11 20:34:52 79304 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2011-08-11 20:34:52 40488 ----a-w- c:\windows\system32\drivers\mfesmfk.sys
2011-08-11 20:34:52 35240 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2011-08-11 20:34:52 201288 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2011-08-11 20:34:50 125728 ----a-w- c:\windows\system32\drivers\Mpfp.sys
2011-08-11 20:34:40 -------- d-----w- c:\program files\McAfee.com
2011-08-11 20:34:39 -------- d-----w- c:\program files\common files\McAfee
2011-08-11 20:34:38 -------- d-----w- c:\program files\McAfee
2011-08-11 20:33:16 -------- d-----w- c:\program files\common files\PX Storage Engine
2011-08-11 20:33:03 -------- d-----w- c:\program files\DivX
2011-08-11 20:30:54 -------- d-----w- c:\program files\Picasa2
2011-08-11 20:30:50 -------- d-----w- c:\program files\Google BAE
2011-08-11 20:30:15 -------- d-----w- c:\program files\Microsoft Small Business
2011-08-11 20:28:16 -------- d-----w- c:\program files\Microsoft SQL Server
2011-08-11 20:27:23 -------- d-----w- c:\program files\BFG
2011-08-11 20:27:20 -------- d-----w- C:\Big Fish Games
2011-08-11 20:27:14 -------- d-----w- c:\programdata\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
2011-08-11 20:27:09 -------- d-----w- c:\program files\Activation Assistant for the 2007 Microsoft Office suites
2011-08-11 20:25:17 -------- d-----w- c:\windows\PCHEALTH
2011-08-11 20:22:25 -------- d-----w- c:\windows\Sonysys
2011-08-11 13:13:22 98304 ----a-w- c:\windows\system32\cabview.dll
2011-08-11 13:13:21 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-08-11 13:04:40 2421760 ----a-w- c:\windows\system32\wucltux.dll
2011-08-11 13:03:34 87552 ----a-w- c:\windows\system32\wudriver.dll
2011-08-11 13:03:16 33792 ----a-w- c:\windows\system32\wuapp.exe
2011-08-11 13:03:16 171608 ----a-w- c:\windows\system32\wuwebv.dll
2011-08-11 13:00:03 -------- d-----w- c:\users\door\appdata\local\Sony_NSCE
2011-08-11 12:59:53 -------- d-----w- c:\users\door\appdata\local\Google
2011-08-11 12:59:38 -------- d-----w- c:\users\door\appdata\roaming\SiteAdvisor
2011-08-11 12:59:15 -------- d-----w- c:\users\door\appdata\local\VirtualStore
.
==================== Find3M ====================
.
.
============= FINISH: 9:59:31.62 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 11/08/2011 21:18:19
System Uptime: 15/08/2011 09:35:29 (0 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel® Pentium® Dual CPU T2390 @ 1.86GHz | N/A | 1867/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 226 GiB total, 186.806 GiB free.
D: is Removable
E: is Removable
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
.
2007 Microsoft Office system
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player ActiveX
Adobe Reader 8.1.2
Alps Pointing-device for VAIO
Atlantis - Sky Patrol (remove only)
AutoUpdate
Big Fish Games Center
Big Fish Games Sudoku (remove only)
Browser Address Error Redirector
Business Contact Manager for Outlook 2007
Click to Disc
Click to Disc Editor
DivX Codec
DivX Converter
DivX Player
Football Manager 2011
Google Desktop
Google Earth
Google Talk (remove only)
Google Toolbar for Internet Explorer
Google Update Helper
HDAUDIO SoftV92 Data Fax Modem with SmartCP
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Intel® Graphics Media Accelerator Driver
Java™ 6 Update 4
Mahjong Towers Eternity (remove only)
McAfee SecurityCenter
Microsoft .NET Framework 3.5 SP1
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Word MUI (English) 2007
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My Club VAIO
Mystery Case Files - Prime Suspects (remove only)
NVIDIA Drivers
OpenMG Secure Module 5.0.00
Picasa 2
Realtek High Definition Audio Driver
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy Media Creator 10 LJ
Roxio Easy Media Creator Home
Setting Utility Series
Skype™ 3.6
Sony Video Shared Library
Update for Office 2007 (KB934528)
Update for Office System 2007 Setup (KB929722)
VAIO Content Folder Setting
VAIO Content Metadata Intelligent Analyzing Manager
VAIO Content Metadata Manager Setting
VAIO Content Metadata XML Interface Library
VAIO Control Center
VAIO Data Restore Tool
VAIO DVD Menu Data Basic
VAIO Entertainment Platform
VAIO Event Service
VAIO Guide 
VAIO Launcher
Vaio Marketing Tools
VAIO Media plus
VAIO Movie Story
VAIO Movie Story Template Data
VAIO MusicBox
VAIO MusicBox Sample Music
VAIO Original Function Setting
VAIO Power Management
VAIO Smart Network
VAIO Update 3
VAIO Wallpaper Contents
Virtual Villagers (remove only)
WinDVD for VAIO
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
12/08/2011 22:20:27, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB981322).
12/08/2011 22:20:20, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB981322 (Security Update) into Resolving(Resolving) state
12/08/2011 22:20:20, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB981322 (Security Update) into Absent(Absent) state
12/08/2011 22:20:11, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2423089).
12/08/2011 22:20:02, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2423089 (Security Update) into Resolving(Resolving) state
12/08/2011 22:20:02, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2423089 (Security Update) into Absent(Absent) state
12/08/2011 22:19:49, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB972270).
12/08/2011 22:19:44, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB972270 (Security Update) into Resolving(Resolving) state
12/08/2011 22:19:44, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB972270 (Security Update) into Absent(Absent) state
12/08/2011 22:19:31, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2207566).
12/08/2011 22:19:25, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2207566 (Security Update) into Resolving(Resolving) state
12/08/2011 22:19:25, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2207566 (Security Update) into Absent(Absent) state
12/08/2011 22:18:52, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2507618).
12/08/2011 22:18:45, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2507618 (Security Update) into Resolving(Resolving) state
12/08/2011 22:18:45, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2507618 (Security Update) into Absent(Absent) state
12/08/2011 22:18:38, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB953733).
12/08/2011 22:18:30, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB953733 (Security Update) into Resolving(Resolving) state
12/08/2011 22:18:30, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB953733 (Security Update) into Absent(Absent) state
12/08/2011 22:17:57, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2419640).
12/08/2011 22:17:51, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2419640 (Security Update) into Resolving(Resolving) state
12/08/2011 22:17:51, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2419640 (Security Update) into Absent(Absent) state
12/08/2011 22:17:20, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows Vista (KB959108).
12/08/2011 22:17:13, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB959108 (Update) into Resolving(Resolving) state
12/08/2011 22:17:13, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB959108 (Update) into Absent(Absent) state
12/08/2011 22:17:04, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB967723).
12/08/2011 22:16:57, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB967723 (Security Update) into Resolving(Resolving) state
12/08/2011 22:16:57, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB967723 (Security Update) into Absent(Absent) state
12/08/2011 22:16:34, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Cumulative Security Update for Internet Explorer 7 for Windows Vista (KB2530548).
12/08/2011 22:16:27, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2530548 (Security Update) into Resolving(Resolving) state
12/08/2011 22:16:27, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2530548 (Security Update) into Absent(Absent) state
12/08/2011 22:16:12, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2511455).
12/08/2011 22:16:06, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2511455 (Security Update) into Resolving(Resolving) state
12/08/2011 22:16:06, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2511455 (Security Update) into Absent(Absent) state
12/08/2011 22:15:56, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB970710).
12/08/2011 22:15:47, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB970710 (Security Update) into Resolving(Resolving) state
12/08/2011 22:15:47, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB970710 (Security Update) into Absent(Absent) state
12/08/2011 22:15:35, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows Vista (KB973687).
12/08/2011 22:15:27, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB973687 (Update) into Resolving(Resolving) state
12/08/2011 22:15:27, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB973687 (Update) into Absent(Absent) state
12/08/2011 22:15:17, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2535512).
12/08/2011 22:15:11, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2535512 (Security Update) into Resolving(Resolving) state
12/08/2011 22:15:11, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2535512 (Security Update) into Absent(Absent) state
12/08/2011 22:14:57, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2393802).
12/08/2011 22:14:49, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2393802 (Security Update) into Resolving(Resolving) state
12/08/2011 22:14:49, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2393802 (Security Update) into Absent(Absent) state
12/08/2011 22:14:39, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB975467).
12/08/2011 22:14:33, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB975467 (Security Update) into Resolving(Resolving) state
12/08/2011 22:14:33, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB975467 (Security Update) into Absent(Absent) state
12/08/2011 22:14:25, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2506212).
12/08/2011 22:14:19, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2506212 (Security Update) into Resolving(Resolving) state
12/08/2011 22:14:19, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2506212 (Security Update) into Absent(Absent) state
12/08/2011 22:14:09, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB978542).
12/08/2011 22:14:01, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB978542 (Security Update) into Resolving(Resolving) state
12/08/2011 22:14:01, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB978542 (Security Update) into Absent(Absent) state
12/08/2011 22:13:51, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB982665).
12/08/2011 22:13:38, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB982665 (Security Update) into Resolving(Resolving) state
12/08/2011 22:13:38, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB982665 (Security Update) into Absent(Absent) state
12/08/2011 22:13:19, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows Vista (KB952709).
12/08/2011 22:13:10, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB952709 (Update) into Resolving(Resolving) state
12/08/2011 22:13:10, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB952709 (Update) into Absent(Absent) state
12/08/2011 22:12:53, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Media Format Runtime 11 for Windows Vista (KB968816).
12/08/2011 22:12:45, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB968816 (Security Update) into Resolving(Resolving) state
12/08/2011 22:12:45, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB968816 (Security Update) into Absent(Absent) state
12/08/2011 22:12:06, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2508429).
12/08/2011 22:11:58, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2508429 (Security Update) into Resolving(Resolving) state
12/08/2011 22:11:58, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2508429 (Security Update) into Absent(Absent) state
12/08/2011 22:11:34, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2536276).
12/08/2011 22:11:25, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2536276 (Security Update) into Resolving(Resolving) state
12/08/2011 22:11:25, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2536276 (Security Update) into Absent(Absent) state
12/08/2011 22:11:09, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2509553).
12/08/2011 22:11:01, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2509553 (Security Update) into Resolving(Resolving) state
12/08/2011 22:11:01, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2509553 (Security Update) into Absent(Absent) state
12/08/2011 22:10:54, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB960803).
12/08/2011 22:10:46, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB960803 (Security Update) into Resolving(Resolving) state
12/08/2011 22:10:46, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB960803 (Security Update) into Absent(Absent) state
12/08/2011 22:10:29, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB979482).
12/08/2011 22:10:23, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB979482 (Security Update) into Resolving(Resolving) state
12/08/2011 22:10:23, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB979482 (Security Update) into Absent(Absent) state
12/08/2011 22:10:16, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB973507).
12/08/2011 22:10:09, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB973507 (Security Update) into Resolving(Resolving) state
12/08/2011 22:10:09, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB973507 (Security Update) into Absent(Absent) state
12/08/2011 22:10:01, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB979687).
12/08/2011 22:09:55, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB979687 (Security Update) into Resolving(Resolving) state
12/08/2011 22:09:55, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB979687 (Security Update) into Absent(Absent) state
12/08/2011 22:09:06, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB956802).
12/08/2011 22:08:59, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB956802 (Security Update) into Resolving(Resolving) state
12/08/2011 22:08:59, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB956802 (Security Update) into Absent(Absent) state
12/08/2011 22:08:47, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2347290).
12/08/2011 22:08:38, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2347290 (Security Update) into Resolving(Resolving) state
12/08/2011 22:08:38, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2347290 (Security Update) into Absent(Absent) state
12/08/2011 22:08:25, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB952004).
12/08/2011 22:08:17, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB952004 (Security Update) into Resolving(Resolving) state
12/08/2011 22:08:17, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB952004 (Security Update) into Absent(Absent) state
12/08/2011 22:08:09, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB971657).
12/08/2011 22:08:00, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB971657 (Security Update) into Resolving(Resolving) state
12/08/2011 22:08:00, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB971657 (Security Update) into Absent(Absent) state
12/08/2011 22:07:43, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB982132).
12/08/2011 22:07:36, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB982132 (Security Update) into Resolving(Resolving) state
12/08/2011 22:07:36, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB982132 (Security Update) into Absent(Absent) state
12/08/2011 22:07:23, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2555917).
12/08/2011 22:07:14, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2555917 (Security Update) into Resolving(Resolving) state
12/08/2011 22:07:14, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2555917 (Security Update) into Absent(Absent) state
12/08/2011 22:06:59, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows Mail Junk E-mail Filter [July 2011] (KB905866).
12/08/2011 22:06:46, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB905866 (Update) into Resolving(Resolving) state
12/08/2011 22:06:46, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB905866 (Update) into Absent(Absent) state
12/08/2011 22:06:25, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2503665).
12/08/2011 22:06:16, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2503665 (Security Update) into Resolving(Resolving) state
12/08/2011 22:06:16, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2503665 (Security Update) into Absent(Absent) state
12/08/2011 22:06:03, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows Vista (KB971029).
12/08/2011 22:05:56, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB971029 (Update) into Resolving(Resolving) state
12/08/2011 22:05:56, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB971029 (Update) into Absent(Absent) state
12/08/2011 22:05:19, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB950974).
12/08/2011 22:05:11, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB950974 (Security Update) into Resolving(Resolving) state
12/08/2011 22:05:11, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB950974 (Security Update) into Absent(Absent) state
12/08/2011 22:04:34, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2478935).
12/08/2011 22:04:29, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2478935 (Security Update) into Resolving(Resolving) state
12/08/2011 22:04:29, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2478935 (Security Update) into Absent(Absent) state
12/08/2011 22:04:19, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB954154).
12/08/2011 22:04:14, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB954154 (Security Update) into Resolving(Resolving) state
12/08/2011 22:04:14, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB954154 (Security Update) into Absent(Absent) state
12/08/2011 22:04:01, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB981997).
12/08/2011 22:03:56, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB981997 (Security Update) into Resolving(Resolving) state
12/08/2011 22:03:56, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB981997 (Security Update) into Absent(Absent) state
12/08/2011 22:03:26, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2536275).
12/08/2011 22:03:21, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2536275 (Security Update) into Resolving(Resolving) state
12/08/2011 22:03:21, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2536275 (Security Update) into Absent(Absent) state
12/08/2011 22:01:58, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Internet Explorer 7 for Windows Vista (KB2544521).
12/08/2011 22:01:52, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2544521 (Security Update) into Resolving(Resolving) state
12/08/2011 22:01:52, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2544521 (Security Update) into Absent(Absent) state
12/08/2011 22:01:15, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows Vista (KB976470).
12/08/2011 22:01:09, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB976470 (Update) into Resolving(Resolving) state
12/08/2011 22:01:09, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB976470 (Update) into Absent(Absent) state
12/08/2011 22:00:47, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows Vista (KB2388210).
12/08/2011 22:00:41, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2388210 (Update) into Resolving(Resolving) state
12/08/2011 22:00:41, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2388210 (Update) into Absent(Absent) state
12/08/2011 22:00:21, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB975558).
12/08/2011 22:00:16, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB975558 (Security Update) into Resolving(Resolving) state
12/08/2011 22:00:16, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB975558 (Security Update) into Absent(Absent) state
12/08/2011 22:00:06, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2510581).
12/08/2011 22:00:01, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2510581 (Security Update) into Resolving(Resolving) state
12/08/2011 22:00:01, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2510581 (Security Update) into Absent(Absent) state
12/08/2011 21:59:46, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB958644).
12/08/2011 21:59:41, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB958644 (Security Update) into Resolving(Resolving) state
12/08/2011 21:59:41, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB958644 (Security Update) into Absent(Absent) state
12/08/2011 21:56:22, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB958623).
12/08/2011 21:56:17, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB958623 (Security Update) into Resolving(Resolving) state
12/08/2011 21:56:17, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB958623 (Security Update) into Absent(Absent) state
12/08/2011 21:56:02, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB961501).
12/08/2011 21:55:57, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB961501 (Security Update) into Resolving(Resolving) state
12/08/2011 21:55:57, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB961501 (Security Update) into Absent(Absent) state
12/08/2011 21:55:44, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2476490).
12/08/2011 21:55:39, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2476490 (Security Update) into Resolving(Resolving) state
12/08/2011 21:55:39, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2476490 (Security Update) into Absent(Absent) state
12/08/2011 21:55:30, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2387149).
12/08/2011 21:55:25, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2387149 (Security Update) into Resolving(Resolving) state
12/08/2011 21:55:25, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2387149 (Security Update) into Absent(Absent) state
12/08/2011 21:55:17, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB982799).
12/08/2011 21:55:12, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB982799 (Security Update) into Resolving(Resolving) state
12/08/2011 21:55:12, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB982799 (Security Update) into Absent(Absent) state
12/08/2011 21:54:00, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista Service Pack 1 (KB979688).
12/08/2011 21:53:55, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB979688 (Security Update) into Resolving(Resolving) state
12/08/2011 21:53:55, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB979688 (Security Update) into Absent(Absent) state
12/08/2011 21:53:13, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows Vista (KB938371).
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_9 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_8 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_7 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_6 (Update) into Permanent(Permanent) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_5 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_40 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_4 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_39 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_38 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_37 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_36 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_35 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_34 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_33 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_32 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_31 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_30 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_3 (Update) into Permanent(Permanent) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_29 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_28 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_27 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_26 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_25 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_24 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_23 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_22 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_21 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_20 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_2 (Update) into Permanent(Permanent) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_19 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_18 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_17 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_16 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_15 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_14 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_13 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_12 (Update) into Permanent(Permanent) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_11 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_10 (Update) into Staged(Staged) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371_1 (Update) into Permanent(Permanent) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371 (Update) into Resolving(Resolving) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371 (Update) into Permanent(Permanent) state
12/08/2011 21:53:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB938371 (Update) into Absent(Absent) state
12/08/2011 21:51:44, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2281679).
12/08/2011 21:51:39, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2281679 (Security Update) into Resolving(Resolving) state
12/08/2011 21:51:39, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2281679 (Security Update) into Absent(Absent) state
12/08/2011 21:51:35, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB956572).
12/08/2011 21:51:30, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB956572 (Security Update) into Resolving(Resolving) state
12/08/2011 21:51:30, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB956572 (Security Update) into Absent(Absent) state
12/08/2011 21:51:24, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2479943).
12/08/2011 21:51:19, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2479943 (Security Update) into Resolving(Resolving) state
12/08/2011 21:51:19, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2479943 (Security Update) into Absent(Absent) state
12/08/2011 21:51:14, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB977816).
12/08/2011 21:51:09, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB977816 (Security Update) into Resolving(Resolving) state
12/08/2011 21:51:09, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB977816 (Security Update) into Absent(Absent) state
12/08/2011 21:51:04, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2412687).
12/08/2011 21:50:59, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2412687 (Security Update) into Resolving(Resolving) state
12/08/2011 21:50:59, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2412687 (Security Update) into Absent(Absent) state
12/08/2011 21:50:40, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB975562).
12/08/2011 21:50:35, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB975562 (Security Update) into Resolving(Resolving) state
12/08/2011 21:50:35, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB975562 (Security Update) into Absent(Absent) state
12/08/2011 21:50:31, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2483185).
12/08/2011 21:50:26, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2483185 (Security Update) into Resolving(Resolving) state
12/08/2011 21:50:26, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2483185 (Security Update) into Absent(Absent) state
12/08/2011 21:50:21, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2305420).
12/08/2011 21:50:16, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2305420 (Security Update) into Resolving(Resolving) state
12/08/2011 21:50:16, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2305420 (Security Update) into Absent(Absent) state
12/08/2011 21:49:54, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2544893).
12/08/2011 21:49:49, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2544893 (Security Update) into Resolving(Resolving) state
12/08/2011 21:49:49, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2544893 (Security Update) into Absent(Absent) state
12/08/2011 21:49:40, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB959426).
12/08/2011 21:49:34, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB959426 (Security Update) into Resolving(Resolving) state
12/08/2011 21:49:34, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB959426 (Security Update) into Absent(Absent) state
12/08/2011 21:49:23, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows Vista (KB957321).
12/08/2011 21:49:18, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB957321 (Update) into Resolving(Resolving) state
12/08/2011 21:49:18, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB957321 (Update) into Absent(Absent) state
12/08/2011 21:49:08, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2442962).
12/08/2011 21:49:03, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2442962 (Security Update) into Resolving(Resolving) state
12/08/2011 21:49:03, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2442962 (Security Update) into Absent(Absent) state
12/08/2011 21:48:51, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2079403).
12/08/2011 21:48:46, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2079403 (Security Update) into Resolving(Resolving) state
12/08/2011 21:48:46, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2079403 (Security Update) into Absent(Absent) state
12/08/2011 21:48:41, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows Vista (KB957200).
12/08/2011 21:48:35, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB957200 (Update) into Resolving(Resolving) state
12/08/2011 21:48:35, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB957200 (Update) into Absent(Absent) state
12/08/2011 21:48:30, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB953155).
12/08/2011 21:48:25, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB953155 (Security Update) into Resolving(Resolving) state
12/08/2011 21:48:25, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB953155 (Security Update) into Absent(Absent) state
12/08/2011 21:48:22, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows Vista (KB955302).
12/08/2011 21:48:17, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB955302 (Update) into Resolving(Resolving) state
12/08/2011 21:48:17, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB955302 (Update) into Absent(Absent) state
12/08/2011 21:47:54, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB950762).
12/08/2011 21:47:49, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB950762 (Security Update) into Resolving(Resolving) state
12/08/2011 21:47:49, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB950762 (Security Update) into Absent(Absent) state
12/08/2011 21:47:40, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows Vista (KB2443685).
12/08/2011 21:47:35, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2443685 (Update) into Resolving(Resolving) state
12/08/2011 21:47:35, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2443685 (Update) into Absent(Absent) state
12/08/2011 21:47:21, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB973540).
12/08/2011 21:47:16, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB973540 (Security Update) into Resolving(Resolving) state
12/08/2011 21:47:16, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB973540 (Security Update) into Absent(Absent) state
12/08/2011 21:47:12, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Rights Management Services Client for Windows Vista (KB979099).
12/08/2011 21:47:07, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB979099 (Update) into Resolving(Resolving) state
12/08/2011 21:47:07, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB979099 (Update) into Absent(Absent) state
12/08/2011 21:47:00, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB952069).
12/08/2011 21:46:55, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB952069 (Security Update) into Resolving(Resolving) state
12/08/2011 21:46:55, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB952069 (Security Update) into Absent(Absent) state
12/08/2011 21:46:48, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows Vista (KB951978).
12/08/2011 21:46:43, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB951978 (Update) into Resolving(Resolving) state
12/08/2011 21:46:43, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB951978 (Update) into Absent(Absent) state
12/08/2011 21:46:39, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows Vista (KB2533623).
12/08/2011 21:46:34, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2533623 (Update) into Resolving(Resolving) state
12/08/2011 21:46:34, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2533623 (Update) into Absent(Absent) state
12/08/2011 21:46:30, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2507938).
12/08/2011 21:46:25, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2507938 (Security Update) into Resolving(Resolving) state
12/08/2011 21:46:25, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2507938 (Security Update) into Absent(Absent) state
12/08/2011 21:46:18, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB974571).
12/08/2011 21:46:13, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB974571 (Security Update) into Resolving(Resolving) state
12/08/2011 21:46:13, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB974571 (Security Update) into Absent(Absent) state
12/08/2011 21:46:09, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows Vista (KB959130).
12/08/2011 21:46:04, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB959130 (Update) into Resolving(Resolving) state
12/08/2011 21:46:04, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB959130 (Update) into Absent(Absent) state
12/08/2011 21:45:59, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB970238).
12/08/2011 21:45:54, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB970238 (Security Update) into Resolving(Resolving) state
12/08/2011 21:45:54, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB970238 (Security Update) into Absent(Absent) state
12/08/2011 21:45:48, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2481109).
12/08/2011 21:45:43, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2481109 (Security Update) into Resolving(Resolving) state
12/08/2011 21:45:43, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2481109 (Security Update) into Absent(Absent) state
12/08/2011 21:43:36, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB978886).
12/08/2011 21:43:31, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB978886 (Security Update) into Resolving(Resolving) state
12/08/2011 21:43:31, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB978886 (Security Update) into Absent(Absent) state
12/08/2011 21:43:14, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB974318).
12/08/2011 21:43:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB974318 (Security Update) into Resolving(Resolving) state
12/08/2011 21:43:08, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB974318 (Security Update) into Absent(Absent) state
12/08/2011 21:43:01, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB973565).
12/08/2011 21:42:56, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB973565 (Security Update) into Resolving(Resolving) state
12/08/2011 21:42:56, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB973565 (Security Update) into Absent(Absent) state
12/08/2011 21:42:05, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB2296011).
12/08/2011 21:42:00, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2296011 (Security Update) into Resolving(Resolving) state
12/08/2011 21:42:00, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2296011 (Security Update) into Absent(Absent) state
12/08/2011 21:41:56, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB954459).
12/08/2011 21:41:51, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB954459 (Security Update) into Resolving(Resolving) state
12/08/2011 21:41:51, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB954459 (Security Update) into Absent(Absent) state
12/08/2011 21:41:39, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB975560).
12/08/2011 21:41:34, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB975560 (Security Update) into Resolving(Resolving) state
12/08/2011 21:41:34, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB975560 (Security Update) into Absent(Absent) state
12/08/2011 21:41:23, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Media Format Runtime 11 for Windows Vista (KB954155).
12/08/2011 21:41:18, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB954155 (Security Update) into Resolving(Resolving) state
12/08/2011 21:41:18, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB954155 (Security Update) into Absent(Absent) state
12/08/2011 21:41:14, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows Vista (KB2541763).
12/08/2011 21:41:09, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2541763 (Update) into Resolving(Resolving) state
12/08/2011 21:41:09, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB2541763 (Update) into Absent(Absent) state
12/08/2011 21:41:03, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows Vista (KB972145).
12/08/2011 21:40:58, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB972145 (Update) into Resolving(Resolving) state
12/08/2011 21:40:58, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB972145 (Update) into Absent(Absent) state
12/08/2011 21:40:19, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows Vista (KB973768).
12/08/2011 21:40:14, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB973768 (Update) into Resolving(Resolving) state
12/08/2011 21:40:14, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB973768 (Update) into Absent(Absent) state
12/08/2011 14:12:34, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
11/08/2011 21:50:14, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
11/08/2011 14:45:50, Error: Service Control Manager [7022] - The NSUService service hung on starting.
11/08/2011 14:43:54, Error: EventLog [6008] - The previous system shutdown at 14:42:00 on 11/08/2011 was unexpected.
11/08/2011 14:19:15, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {4991D34B-80A1-4291-83B6-3328366B9097} to the user Door-PC\Door SID (S-1-5-21-3568159112-1356664340-629666710-1003) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-tw-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-hk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-cn-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-uk-ua-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-tr-tr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-th-th-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sv-se-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sr-latn-cs-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sl-si-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sk-sk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ru-ru-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ro-ro-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pt-pt-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pt-br-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ps-ps-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pl-pl-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-nl-nl-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-Neutral from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-nb-no-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-lv-lv-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-lt-lt-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ko-kr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ja-jp-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-it-it-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-hu-hu-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-hr-hr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-he-il-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-fr-fr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-fi-fi-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-et-ee-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-es-es-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-en-us-LP from package WUClient-SelfUpdate-Aux-Package-en-us-MiniLP(Feature Pack) into Staged(Staged) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-en-us-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-el-gr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-de-de-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-da-dk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-cs-cz-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-bg-bg-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ar-sa-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update AuxResourcesLP from package WindowsUpdateClient-SelfUpdate-Aux-Package(Language Pack) into Staged(Staged) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update AuxComp from package WindowsUpdateClient-SelfUpdate-Aux-Package(Update) into Staged(Staged) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US(Language Pack) into Staged(Staged) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package(Update) into Staged(Staged) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WUClient-SelfUpdate-Aux-Package-en-us-MiniLP (Feature Pack) into Install Requested(Install Requested) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-Package (Update) into Install Requested(Install Requested) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-Package (Language Pack) into Install Requested(Install Requested) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US (Language Pack) into Install Requested(Install Requested) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package (Update) into Install Requested(Install Requested) state
11/08/2011 14:06:02, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KBWUClient-SelfUpdate-Aux (Feature Pack) into Install Requested(Install Requested) state
.
==== End Of File ===========================

RkU Version: 3.8.389.593, Type LE (SR2)
==============================================
OS Name: Windows Vista
Version 6.0.6001 (Service Pack 1)
Number of processors #2
==============================================
>Drivers
==============================================
0x8B803000 C:\Windows\system32\DRIVERS\igdkmd32.sys 6307840 bytes (Intel Corporation, Intel Graphics Kernel Mode Driver)
0x81C1B000 C:\Windows\system32\ntkrnlpa.exe 3903488 bytes (Microsoft Corporation, NT Kernel & System)
0x81C1B000 PnpManager 3903488 bytes
0x81C1B000 RAW 3903488 bytes
0x81C1B000 WMIxWDM 3903488 bytes
0x92EC0000 Win32k 2113536 bytes
0x92EC0000 C:\Windows\System32\win32k.sys 2113536 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0x8C009000 C:\Windows\system32\drivers\RTKVHDA.sys 2027520 bytes (Realtek Semiconductor Corp., Realtek® High Definition Audio Function Driver)
0x87A0D000 C:\Windows\System32\Drivers\Ntfs.sys 1110016 bytes (Microsoft Corporation, NT File System Driver)
0x87803000 C:\Windows\system32\drivers\ndis.sys 1093632 bytes (Microsoft Corporation, NDIS 6.0 wrapper driver)
0x8C20B000 C:\Windows\system32\DRIVERS\HSX_DPV.sys 1060864 bytes (Conexant Systems, Inc., HSF_DP driver)
0x8C60B000 C:\Windows\System32\drivers\tcpip.sys 954368 bytes (Microsoft Corporation, TCP/IP Driver)
0x804C8000 C:\Windows\system32\CI.dll 917504 bytes (Microsoft Corporation, Code Integrity Module)
0xA8E0A000 C:\Windows\system32\drivers\peauth.sys 909312 bytes (Microsoft Corporation, Protected Environment Authentication and Authorization Export Driver)
0x8B407000 C:\Windows\system32\drivers\ti21sony.sys 835584 bytes (Texas Instruments, ti21sony.sys)
0x8B2ED000 C:\Windows\system32\DRIVERS\athr.sys 782336 bytes (Atheros Communications, Inc., Atheros Extensible Wireless LAN device driver)
0x8C892000 C:\Windows\System32\Drivers\dump_iaStor.sys 778240 bytes
0x82202000 C:\Windows\system32\DRIVERS\iaStor.sys 778240 bytes (Intel Corporation, Intel Matrix Storage Manager driver - ia32)
0x8C30E000 C:\Windows\system32\DRIVERS\HSX_CNXT.sys 737280 bytes (Conexant Systems, Inc., HSF_CNXT driver)
0x8B200000 C:\Windows\system32\drivers\spsys.sys 716800 bytes (Microsoft Corporation, security processor)
0x8BE07000 C:\Windows\System32\drivers\dxgkrnl.sys 651264 bytes (Microsoft Corporation, DirectX Graphics Kernel)
0x80607000 C:\Windows\system32\drivers\Wdf01000.sys 507904 bytes (Microsoft Corporation, WDF Dynamic)
0x82332000 C:\Windows\System32\Drivers\ksecdd.sys 462848 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xA5E0F000 C:\Windows\system32\drivers\HTTP.sys 446464 bytes (Microsoft Corporation, HTTP Protocol Stack)
0x8040E000 C:\Windows\system32\mcupdate_GenuineIntel.dll 393216 bytes (Microsoft Corporation, Intel Microcode Update Library)
0xA5F7F000 C:\Windows\System32\DRIVERS\srv.sys 323584 bytes (Microsoft Corporation, Server driver)
0x80739000 C:\Windows\System32\drivers\volmgrx.sys 303104 bytes (Microsoft Corporation, Volume Manager Extension Driver)
0x8C772000 C:\Windows\system32\drivers\afd.sys 294912 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x80690000 C:\Windows\system32\drivers\acpi.sys 286720 bytes (Microsoft Corporation, ACPI Driver for NT)
0x80487000 C:\Windows\system32\CLFS.SYS 266240 bytes (Microsoft Corporation, Common Log File System Driver)
0x8B571000 C:\Windows\system32\DRIVERS\storport.sys 266240 bytes (Microsoft Corporation, Microsoft Storage Port Driver)
0x8BF1D000 C:\Windows\system32\DRIVERS\yk60x86.sys 258048 bytes (Marvell, NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller)
0x8BEBE000 C:\Windows\system32\DRIVERS\USBPORT.SYS 253952 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0x879A0000 C:\Windows\system32\DRIVERS\HSXHWAZL.sys 249856 bytes (Conexant Systems, Inc., HSF_HWAZL WDM driver)
0x805A8000 C:\Windows\system32\DRIVERS\rdbss.sys 245760 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0x8C84A000 C:\Windows\system32\DRIVERS\udfs.sys 241664 bytes (Microsoft Corporation, UDF File System Driver)
0x87939000 C:\Windows\system32\drivers\NETIO.SYS 237568 bytes (Microsoft Corporation, Network I/O Subsystem)
0xA5F06000 C:\Windows\system32\DRIVERS\mrxsmb10.sys 233472 bytes (Microsoft Corporation, Longhorn SMB Downlevel SubRdr)
0x87B1C000 C:\Windows\system32\drivers\volsnap.sys 233472 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0x8B3B9000 C:\Windows\system32\DRIVERS\usbhub.sys 212992 bytes (Microsoft Corporation, Default Hub Driver for USB)
0x81FD4000 ACPI_HAL 208896 bytes
0x81FD4000 C:\Windows\system32\hal.dll 208896 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0x822E6000 C:\Windows\system32\drivers\fltmgr.sys 204800 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0x8C7BA000 C:\Windows\System32\DRIVERS\netbt.sys 204800 bytes (Microsoft Corporation, MBT Transport driver)
0x8C802000 C:\Windows\system32\drivers\mfehidk.sys 196608 bytes (McAfee, Inc., Host Intrusion Detection Link Driver)
0x8B543000 C:\Windows\system32\DRIVERS\msiscsi.sys 188416 bytes (Microsoft Corporation, Microsoft iSCSI Initiator Driver)
0x80798000 C:\Windows\system32\DRIVERS\pcmcia.sys 184320 bytes (Microsoft Corporation, PCMCIA Bus Driver)
0x87973000 C:\Windows\system32\drivers\portcls.sys 184320 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0x8B4F4000 C:\Windows\system32\DRIVERS\Apfiltr.sys 180224 bytes (Alps Electric Co., Ltd., Alps Touch Pad Driver)
0x8790E000 C:\Windows\system32\drivers\msrpc.sys 176128 bytes (Microsoft Corporation, Kernel Remote Procedure Call Provider)
0x8BFC6000 C:\Windows\system32\DRIVERS\ks.sys 172032 bytes (Microsoft Corporation, Kernel CSA Library)
0x8C994000 C:\Windows\system32\DRIVERS\nwifi.sys 172032 bytes (Microsoft Corporation, NativeWiFi Miniport Driver)
0xA5F57000 C:\Windows\System32\DRIVERS\srv2.sys 163840 bytes (Microsoft Corporation, Smb 2.0 Server driver)
0x87B6C000 C:\Windows\System32\drivers\ecache.sys 159744 bytes (Microsoft Corporation, Special Memory Device Cache)
0x8C70F000 C:\Windows\System32\Drivers\Mpfp.sys 159744 bytes (McAfee, Inc., McAfee Personal Firewall Plus Driver)
0x806E7000 C:\Windows\system32\drivers\pci.sys 159744 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0x87BDB000 C:\Windows\system32\drivers\drmk.sys 151552 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0x8BF7A000 C:\Windows\system32\DRIVERS\ndiswan.sys 143360 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0x87BA4000 C:\Windows\system32\drivers\CLASSPNP.SYS 135168 bytes (Microsoft Corporation, SCSI Class System Dll)
0x879DD000 C:\Windows\System32\drivers\VIDEOPRT.SYS 135168 bytes (Microsoft Corporation, Video Port Driver)
0xA5EC7000 C:\Windows\system32\drivers\mrxdav.sys 131072 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xA5EE7000 C:\Windows\system32\DRIVERS\mrxsmb.sys 126976 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0x822C8000 C:\Windows\system32\drivers\ataport.SYS 122880 bytes (Microsoft Corporation, ATAPI Driver Extension)
0xA5E7C000 C:\Windows\System32\DRIVERS\srvnet.sys 118784 bytes (Microsoft Corporation, Server Network driver)
0x8C6F4000 C:\Windows\System32\drivers\fwpkclnt.sys 110592 bytes (Microsoft Corporation, FWP/IPsec Kernel-Mode API)
0x8C969000 C:\Windows\system32\drivers\luafv.sys 110592 bytes (Microsoft Corporation, LUA File Virtualization Filter Driver)
0xA5E99000 C:\Windows\system32\DRIVERS\bowser.sys 102400 bytes (Microsoft Corporation, NT Lan Manager Datagram Receiver Driver)
0x8B52B000 C:\Windows\system32\DRIVERS\cdrom.sys 98304 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xA5F3F000 C:\Windows\system32\DRIVERS\mrxsmb20.sys 98304 bytes (Microsoft Corporation, Longhorn SMB 2.0 Redirector)
0x8C833000 C:\Windows\System32\Drivers\dfsc.sys 94208 bytes (Microsoft Corporation, DFS Namespace Client Driver)
0x8B5BD000 C:\Windows\system32\DRIVERS\rasl2tp.sys 94208 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xA8F51000 C:\Windows\system32\DRIVERS\cdfs.sys 90112 bytes (Microsoft Corporation, CD-ROM File System Driver)
0x823B1000 C:\Windows\system32\DRIVERS\pacer.sys 90112 bytes (Microsoft Corporation, QoS Packet Scheduler)
0x8C736000 C:\Windows\system32\DRIVERS\tdx.sys 90112 bytes (Microsoft Corporation, TDI Translation Driver)
0xA5EB2000 C:\Windows\System32\drivers\mpsdrv.sys 86016 bytes (Microsoft Corporation, Microsoft Protection Service Driver)
0x8BFB1000 C:\Windows\system32\DRIVERS\rassstp.sys 86016 bytes (Microsoft Corporation, RAS SSTP Miniport Call Manager)
0xA8F19000 C:\Windows\system32\DRIVERS\WUDFRd.sys 86016 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Reflector)
0x8BF9D000 C:\Windows\system32\DRIVERS\raspptp.sys 81920 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0x8C75E000 C:\Windows\system32\DRIVERS\smb.sys 81920 bytes (Microsoft Corporation, SMB Transport driver)
0x8B4D6000 C:\Windows\system32\DRIVERS\i8042prt.sys 77824 bytes (Microsoft Corporation, i8042 Port Driver)
0x8C9C8000 C:\Windows\system32\DRIVERS\rspndr.sys 77824 bytes (Microsoft Corporation, Link-Layer Topology Responder Driver for NDIS 6)
0x823C7000 C:\Windows\system32\DRIVERS\wanarp.sys 77824 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0x8BF0B000 C:\Windows\system32\DRIVERS\HDAudBus.sys 73728 bytes (Microsoft Corporation, High Definition Audio Bus Driver)
0x8C74C000 C:\Windows\system32\DRIVERS\ipfltdrv.sys 73728 bytes (Microsoft Corporation, IP FILTER DRIVER)
0xA8EFB000 C:\Windows\system32\drivers\mfeavfk.sys 73728 bytes (McAfee, Inc., Anti-Virus File System Filter Driver)
0xA8F2E000 C:\Windows\system32\DRIVERS\WUDFPf.sys 73728 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0x87B93000 C:\Windows\system32\drivers\disk.sys 69632 bytes (Microsoft Corporation, PnP Disk Driver)
0x8B3ED000 C:\Windows\System32\Drivers\NDProxy.SYS 69632 bytes (Microsoft Corporation, NDIS Proxy)
0x8046E000 C:\Windows\system32\PSHED.dll 69632 bytes (Microsoft Corporation, Platform Specific Hardware Error Driver)
0x82318000 C:\Windows\system32\drivers\fileinfo.sys 65536 bytes (Microsoft Corporation, FileInfo Filter Driver)
0x8C984000 C:\Windows\system32\DRIVERS\lltdio.sys 65536 bytes (Microsoft Corporation, Link-Layer Topology Mapper I/O Driver)
0x807C5000 C:\Windows\System32\drivers\mountmgr.sys 65536 bytes (Microsoft Corporation, Mount Point Manager)
0x8BF5C000 C:\Windows\system32\DRIVERS\ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0x8B5EE000 C:\Windows\system32\DRIVERS\termdd.sys 65536 bytes (Microsoft Corporation, Terminal Server Driver)
0x8B2DA000 C:\Windows\system32\DRIVERS\intelppm.sys 61440 bytes (Microsoft Corporation, Processor Device Driver)
0x8C95A000 C:\Windows\system32\DRIVERS\monitor.sys 61440 bytes (Microsoft Corporation, Monitor Driver)
0x87B5D000 C:\Windows\System32\Drivers\mup.sys 61440 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0x8070E000 C:\Windows\System32\drivers\partmgr.sys 61440 bytes (Microsoft Corporation, Partition Management Driver)
0x8B5DF000 C:\Windows\system32\DRIVERS\raspppoe.sys 61440 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0x8BEFC000 C:\Windows\system32\DRIVERS\usbehci.sys 61440 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0x8072A000 C:\Windows\system32\drivers\volmgr.sys 61440 bytes (Microsoft Corporation, Volume Manager Driver)
0x8BF6C000 C:\Windows\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0x93100000 C:\Windows\System32\cdd.dll 57344 bytes (Microsoft Corporation, Canonical Display Driver)
0x8C7EC000 C:\Windows\system32\DRIVERS\netbios.sys 57344 bytes (Microsoft Corporation, NetBIOS interface driver)
0x823A3000 C:\Windows\System32\Drivers\Npfs.SYS 57344 bytes (Microsoft Corporation, NPFS Driver)
0x8078A000 C:\Windows\system32\drivers\PCIIDEX.SYS 57344 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0x8C885000 C:\Windows\System32\Drivers\crashdmp.sys 53248 bytes (Microsoft Corporation, Crash Dump Driver)
0x8C3C2000 C:\Windows\system32\drivers\modem.sys 53248 bytes (Microsoft Corporation, Modem Device Driver)
0x8B3AC000 C:\Windows\system32\DRIVERS\umbus.sys 53248 bytes (Microsoft Corporation, User-Mode Bus Enumerator)
0x8BEA6000 C:\Windows\System32\drivers\watchdog.sys 53248 bytes (Microsoft Corporation, Watchdog Driver)
0x80683000 C:\Windows\system32\drivers\WDFLDR.SYS 53248 bytes (Microsoft Corporation, WDFLDR)
0xA8F0D000 C:\Windows\System32\drivers\tcpipreg.sys 49152 bytes (Microsoft Corporation, TCP/IP Registry Compatibility Driver)
0x8C3E6000 C:\Windows\System32\drivers\vga.sys 49152 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0x8B4E9000 C:\Windows\system32\DRIVERS\kbdclass.sys 45056 bytes (Microsoft Corporation, Keyboard Class Driver)
0x8B520000 C:\Windows\system32\DRIVERS\mouclass.sys 45056 bytes (Microsoft Corporation, Mouse Class Driver)
0x87A00000 C:\Windows\System32\Drivers\Msfs.SYS 45056 bytes (Microsoft Corporation, Mailslot driver)
0x8B5D4000 C:\Windows\system32\DRIVERS\ndistapi.sys 45056 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0x8B5B2000 C:\Windows\system32\DRIVERS\TDI.SYS 45056 bytes (Microsoft Corporation, TDI Wrapper)
0x8B2C6000 C:\Windows\system32\DRIVERS\tunnel.sys 45056 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x8BEB3000 C:\Windows\system32\DRIVERS\usbuhci.sys 45056 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0x80720000 C:\Windows\system32\DRIVERS\BATTC.SYS 40960 bytes (Microsoft Corporation, Battery Class Driver)
0x8C950000 C:\Windows\System32\drivers\Dxapi.sys 40960 bytes (Microsoft Corporation, DirectX API Driver)
0x8BFF0000 C:\Windows\system32\DRIVERS\mssmbios.sys 40960 bytes (Microsoft Corporation, System Management BIOS Driver)
0x8C9BE000 C:\Windows\system32\DRIVERS\ndisuio.sys 40960 bytes (Microsoft Corporation, NDIS User mode I/O driver)
0x8C600000 C:\Windows\system32\drivers\nsiproxy.sys 40960 bytes (Microsoft Corporation, NSI Proxy)
0x82328000 C:\Windows\System32\Drivers\PxHelp20.sys 40960 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xA8EEA000 C:\Windows\System32\Drivers\secdrv.SYS 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0xA8F75000 C:\Windows\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
0x87BC5000 C:\Windows\system32\drivers\crcdisk.sys 36864 bytes (Microsoft Corporation, Disk Block Verification Filter Driver)
0x8C3CF000 C:\Windows\System32\Drivers\Fs_Rec.SYS 36864 bytes (Microsoft Corporation, File System Recognizer Driver)
0x8C000000 C:\Windows\System32\DRIVERS\rasacd.sys 36864 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0x930E0000 C:\Windows\System32\TSDDD.dll 36864 bytes (Microsoft Corporation, Framebuffer Display Driver)
0x8B2D1000 C:\Windows\system32\DRIVERS\tunmp.sys 36864 bytes (Microsoft Corporation, Microsoft Tunnel Interface Driver)
0x806D6000 C:\Windows\system32\drivers\WMILIB.SYS 36864 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0x822C0000 C:\Windows\system32\drivers\atapi.sys 32768 bytes (Microsoft Corporation, ATAPI IDE Miniport Driver)
0x8047F000 C:\Windows\system32\BOOTVID.dll 32768 bytes (Microsoft Corporation, VGA Boot Driver)
0x80406000 C:\Windows\system32\kdcom.dll 32768 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0x806DF000 C:\Windows\system32\drivers\msisadrv.sys 32768 bytes (Microsoft Corporation, ISA Driver)
0x8C3F2000 C:\Windows\System32\DRIVERS\RDPCDD.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x8C200000 C:\Windows\system32\drivers\rdpencdd.sys 32768 bytes (Microsoft Corporation, RDP Miniport)
0x87B55000 C:\Windows\System32\Drivers\spldr.sys 32768 bytes (Microsoft Corporation, loader for security processor)
0xA8F40000 C:\Windows\system32\DRIVERS\xaudio.sys 32768 bytes (Conexant Systems, Inc., Modem Audio Device Driver)
0x8C3DF000 C:\Windows\System32\Drivers\Beep.SYS 28672 bytes (Microsoft Corporation, BEEP Driver)
0x80783000 C:\Windows\system32\drivers\intelide.sys 28672 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0xA8F6E000 C:\Users\Door\AppData\Local\Temp\mbr.sys 28672 bytes
0xA8EF4000 C:\Windows\system32\drivers\mfebopk.sys 28672 bytes (McAfee, Inc., Buffer Overflow Protection Driver)
0xA8F67000 C:\Windows\system32\drivers\mferkdk.sys 28672 bytes (McAfee, Inc., VSCore Code Analysis Driver)
0x8C3D8000 C:\Windows\System32\Drivers\Null.SYS 28672 bytes (Microsoft Corporation, NULL Driver)
0x8B2E9000 C:\Windows\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0xA5FE6000 C:\Windows\system32\DRIVERS\mdmxsdk.sys 16384 bytes (Conexant, Diagnostic Interface x86 Driver)
0x8071D000 C:\Windows\system32\DRIVERS\compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0x8B4D3000 C:\Windows\system32\DRIVERS\SFEP.sys 12288 bytes (Sony Corporation, Sony Firmware Extension Parser driver)
0xA8EE8000 C:\Windows\system32\drivers\regi.sys 8192 bytes (InterVideo, regi driver)
0x8B5FE000 C:\Windows\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0x8C832000 C:\Windows\system32\DRIVERS\DMICall.sys 4096 bytes (Sony Corporation, Windows 2000 DMI Call Kernel Driver)
==============================================
>Stealth
==============================================


Once again thanks in advance for any further help!

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:49 PM

Posted 15 August 2011 - 07:17 AM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 Norro1983

Norro1983
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 15 August 2011 - 09:05 AM

Hi, I have downloaded and run the ComboFix, log is below. I had to do the restart when I received the message 'Illegal operation attempted on a registery key that has been marked for deletion' but I have had no other problems when completing your instructions. The laptop is behaving the same as it was when I posted the problem originally, there haven't been any other faults or issues that have developed and no changes to the original issue. Thanks again!

ComboFix 11-08-15.07 - Door 15/08/2011 14:45:35.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.2038.1195 [GMT 1:00]
Running from: c:\users\Door\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-07-15 to 2011-08-15 )))))))))))))))))))))))))))))))
.
.
2011-08-15 13:53 . 2011-08-15 13:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-15 08:56 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-08-15 08:56 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-08-15 08:56 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll
2011-08-15 08:56 . 2008-06-20 01:14 37384 ----a-w- c:\windows\system32\infocardcpl.cpl
2011-08-15 08:56 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll
2011-08-15 08:56 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe
2011-08-15 08:56 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2011-08-15 08:56 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.exe
2011-08-15 08:51 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll
2011-08-15 08:51 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll
2011-08-15 08:51 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll
2011-08-15 08:51 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll
2011-08-15 08:51 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll
2011-08-15 08:44 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-08-14 18:51 . 2010-09-06 16:24 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-08-14 18:51 . 2010-09-06 16:23 17920 ----a-w- c:\windows\system32\netevent.dll
2011-08-14 18:46 . 2008-06-26 01:45 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2011-08-14 18:46 . 2008-06-26 01:45 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2011-08-14 18:46 . 2008-06-26 03:29 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2011-08-14 18:45 . 2009-08-24 12:16 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-08-14 18:33 . 2010-09-20 09:25 231936 ----a-w- c:\windows\system32\msshsq.dll
2011-08-13 11:15 . 2011-03-03 14:56 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-08-13 11:15 . 2011-03-03 13:01 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-08-12 22:22 . 2010-04-16 16:10 501760 ----a-w- c:\windows\system32\usp10.dll
2011-08-12 22:22 . 2010-10-12 13:52 66048 ----a-w- c:\program files\Windows Mail\wabmig.exe
2011-08-12 22:22 . 2010-10-12 15:48 33280 ----a-w- c:\program files\Windows Mail\wabfind.dll
2011-08-12 22:22 . 2010-10-12 13:52 515584 ----a-w- c:\program files\Windows Mail\wab.exe
2011-08-12 22:20 . 2010-06-16 15:12 72704 ----a-w- c:\windows\system32\fontsub.dll
2011-08-12 22:20 . 2011-02-16 15:29 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-08-12 22:20 . 2011-02-16 13:24 292864 ----a-w- c:\windows\system32\atmfd.dll
2011-08-12 22:20 . 2009-06-15 15:20 10240 ----a-w- c:\windows\system32\dciman32.dll
2011-08-12 22:20 . 2008-06-19 03:31 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2011-08-12 22:19 . 2010-12-28 14:56 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll
2011-08-12 22:19 . 2010-12-28 14:56 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-08-12 22:19 . 2010-12-28 14:56 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-08-12 22:19 . 2010-12-28 14:56 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-08-12 22:19 . 2010-12-28 14:57 409600 ----a-w- c:\windows\system32\odbc32.dll
2011-08-12 22:19 . 2010-12-28 14:56 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-08-12 22:18 . 2008-10-22 03:57 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2011-08-12 22:14 . 2009-08-14 16:29 104960 ----a-w- c:\windows\system32\netiohlp.dll
2011-08-12 22:14 . 2009-08-14 14:16 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2011-08-12 22:14 . 2009-08-14 14:16 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2011-08-12 22:14 . 2009-08-14 14:16 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2011-08-12 22:14 . 2009-08-14 14:16 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2011-08-12 22:14 . 2009-08-14 14:16 19968 ----a-w- c:\windows\system32\ARP.EXE
2011-08-12 22:14 . 2009-08-14 14:16 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2011-08-12 22:14 . 2009-08-14 14:16 10240 ----a-w- c:\windows\system32\finger.exe
2011-08-12 22:11 . 2009-07-11 19:32 513024 ----a-w- c:\windows\system32\wlansvc.dll
2011-08-12 22:11 . 2009-07-11 19:32 302592 ----a-w- c:\windows\system32\wlansec.dll
2011-08-12 22:11 . 2009-07-11 19:32 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2011-08-12 22:11 . 2009-07-11 19:29 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2011-08-12 22:11 . 2009-08-10 11:01 1399296 ----a-w- c:\windows\system32\msxml6.dll
2011-08-12 22:10 . 2011-04-14 14:24 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-08-12 22:10 . 2010-10-15 14:08 3600272 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-12 22:10 . 2010-10-15 14:08 3548048 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-12 22:10 . 2010-10-15 13:48 1205080 ----a-w- c:\windows\system32\ntdll.dll
2011-08-12 22:09 . 2009-09-10 17:30 213504 ----a-w- c:\windows\system32\msv1_0.dll
2011-08-12 22:09 . 2011-03-10 16:12 1161728 ----a-w- c:\windows\system32\mfc42u.dll
2011-08-12 22:09 . 2011-03-10 16:12 1136640 ----a-w- c:\windows\system32\mfc42.dll
2011-08-12 22:09 . 2010-01-29 16:22 1616384 ----a-w- c:\program files\Windows Mail\msoe.dll
2011-08-12 22:08 . 2010-05-27 19:16 81920 ----a-w- c:\windows\system32\iccvid.dll
2011-08-12 22:08 . 2008-04-05 03:34 15360 ----a-w- c:\windows\system32\pacerprf.dll
2011-08-12 22:08 . 2008-04-05 01:21 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2011-08-12 22:08 . 2009-06-10 12:11 2868224 ----a-w- c:\windows\system32\mf.dll
2011-08-12 22:07 . 2011-02-18 13:31 304640 ----a-w- c:\windows\system32\drivers\srv.sys
2011-08-12 22:07 . 2011-04-29 12:49 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-08-12 22:07 . 2011-04-29 12:49 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-08-12 22:07 . 2011-07-06 14:56 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-08-12 22:06 . 2011-03-02 14:49 86528 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-08-12 22:06 . 2009-05-04 10:11 25088 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-08-12 22:06 . 2010-04-05 16:07 67072 ----a-w- c:\windows\system32\asycfilt.dll
2011-08-12 22:05 . 2009-07-17 14:35 71680 ----a-w- c:\windows\system32\atl.dll
2011-08-12 22:05 . 2010-06-28 16:15 1315840 ----a-w- c:\windows\system32\ole32.dll
2011-08-12 22:05 . 2010-06-28 14:31 339968 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2011-08-12 22:04 . 2008-10-21 05:25 296960 ----a-w- c:\windows\system32\gdi32.dll
2011-08-12 22:04 . 2010-08-17 13:32 126464 ----a-w- c:\windows\system32\spoolsv.exe
2011-08-12 22:04 . 2008-06-06 03:27 38912 ----a-w- c:\windows\system32\xolehlp.dll
2011-08-12 22:04 . 2008-06-06 03:27 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2011-08-12 22:03 . 2009-06-10 12:12 160256 ----a-w- c:\windows\system32\wkssvc.dll
2011-08-12 22:03 . 2010-08-26 16:07 157184 ----a-w- c:\windows\system32\t2embed.dll
2011-08-12 22:03 . 2011-06-02 12:59 2042368 ----a-w- c:\windows\system32\win32k.sys
2011-08-12 22:02 . 2011-05-02 12:00 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-08-12 22:02 . 2011-04-21 13:16 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-12 22:00 . 2008-04-18 05:48 269312 ----a-w- c:\windows\system32\es.dll
2011-08-12 22:00 . 2010-12-14 15:49 1169408 ----a-w- c:\windows\system32\sdclt.exe
2011-08-12 22:00 . 2008-06-26 03:29 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2011-08-12 21:59 . 2010-06-17 15:49 150016 ----a-w- c:\program files\Movie Maker\MOVIEMK.exe
2011-08-12 21:59 . 2010-06-17 17:15 10926592 ----a-w- c:\program files\Movie Maker\MOVIEMK.dll
2011-08-12 21:59 . 2011-04-29 12:49 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-08-12 21:59 . 2011-04-29 12:49 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-08-12 21:58 . 2011-05-02 16:00 766464 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll
2011-08-12 21:58 . 2009-10-23 17:42 714240 ----a-w- c:\windows\system32\timedate.cpl
2011-08-12 21:57 . 2008-03-08 04:21 1695744 ----a-w- c:\windows\system32\gameux.dll
2011-08-12 21:57 . 2010-04-05 16:08 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2011-08-12 21:57 . 2011-02-16 15:35 430080 ----a-w- c:\windows\system32\vbscript.dll
2011-08-12 21:55 . 2009-04-23 12:42 636928 ----a-w- c:\windows\system32\localspl.dll
2011-08-12 21:54 . 2010-12-20 15:39 563200 ----a-w- c:\windows\system32\oleaut32.dll
2011-08-12 21:54 . 2010-08-31 15:41 954752 ----a-w- c:\windows\system32\mfc40.dll
2011-08-12 21:54 . 2010-08-31 15:41 954288 ----a-w- c:\windows\system32\mfc40u.dll
2011-08-12 21:53 . 2010-06-18 16:43 36352 ----a-w- c:\windows\system32\rtutils.dll
2011-08-12 21:50 . 2008-02-29 06:53 378368 ----a-w- c:\windows\system32\srcore.dll
2011-08-12 21:50 . 2008-02-29 06:53 40960 ----a-w- c:\windows\system32\srclient.dll
2011-08-12 21:50 . 2008-02-29 04:12 318464 ----a-w- c:\windows\system32\rstrui.exe
2011-08-12 21:50 . 2008-02-29 04:12 14848 ----a-w- c:\windows\system32\srdelayed.exe
2011-08-12 21:50 . 2008-02-29 06:35 6656 ----a-w- c:\windows\system32\kbd106n.dll
2011-08-12 21:50 . 2008-02-22 05:05 615992 ----a-w- c:\windows\system32\ci.dll
2011-08-12 21:50 . 2008-02-29 07:11 927288 ----a-w- c:\windows\system32\winresume.exe
2011-08-12 21:50 . 2008-02-29 07:14 19000 ----a-w- c:\windows\system32\kd1394.dll
2011-08-12 21:50 . 2008-02-29 07:11 988216 ----a-w- c:\windows\system32\winload.exe
2011-08-12 21:49 . 2008-02-29 06:53 46592 ----a-w- c:\windows\system32\setbcdlocale.dll
2011-08-12 21:49 . 2010-08-20 15:21 866816 ----a-w- c:\windows\system32\wmpmde.dll
2011-08-12 21:47 . 2010-01-21 15:59 62464 ----a-w- c:\windows\system32\l3codeca.acm
2011-08-12 21:47 . 2010-04-16 16:10 1314816 ----a-w- c:\windows\system32\quartz.dll
2011-08-12 21:46 . 2010-11-06 11:10 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-08-12 21:46 . 2010-11-06 11:09 603648 ----a-w- c:\windows\system32\schedsvc.dll
2011-08-12 21:46 . 2010-11-05 00:53 171520 ----a-w- c:\windows\system32\taskeng.exe
2011-08-12 21:46 . 2010-11-06 11:10 357376 ----a-w- c:\windows\system32\taskschd.dll
2011-08-12 21:46 . 2010-11-06 11:10 270336 ----a-w- c:\windows\system32\taskcomp.dll
2011-08-12 21:46 . 2011-05-02 15:58 738816 ----a-w- c:\windows\system32\inetcomm.dll
2011-08-12 21:45 . 2009-03-17 03:38 13824 ----a-w- c:\windows\system32\apilogen.dll
2011-08-12 21:45 . 2009-03-17 03:38 24064 ----a-w- c:\windows\system32\amxread.dll
2011-08-12 21:45 . 2008-08-28 03:40 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll
2011-08-12 21:45 . 2008-08-28 03:40 347136 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2011-08-12 21:45 . 2008-08-28 03:40 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-03-10 262144]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-08-11 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2008-02-12 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-02-12 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-02-12 81920]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-05 154136]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-05 137752]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-23 4718592]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2008-02-23 122880]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-11-21 311296]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 144784]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-08-12 30192]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-08-04 582992]
"SiteAdvisor"="c:\program files\SiteAdvisor\6172\SiteAdv.exe" [2007-08-24 36640]
"McENUI"="c:\progra~1\McAfee\MHN\McENUI.exe" [2007-07-23 1160480]
"MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2011-08-11 36864]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-08-15 03:05 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-08-11 135664]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2011-08-12 30192]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-08-11 135664]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2008-03-05 104288]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2008-03-05 350048]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2008-03-05 63328]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-03-03 333088]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2008-03-03 87328]
S2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2008-03-10 229376]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-12-17 9344]
S3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-06-06 812544]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-11 13:07]
.
2011-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-11 13:07]
.
2011-08-11 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2011-08-11 22:10]
.
2011-08-11 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2011-08-11 22:10]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.254
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-15 14:53
Windows 6.0.6001 Service Pack 1 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b4
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(5864)
c:\program files\SiteAdvisor\6172\saHook.dll
.
Completion time: 2011-08-15 14:55:19
ComboFix-quarantined-files.txt 2011-08-15 13:55
.
Pre-Run: 198,889,756,672 bytes free
Post-Run: 198,787,938,304 bytes free
.
- - End Of File - - 8627BDE5131C83C6AF89C21F84AA985D

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:49 PM

Posted 15 August 2011 - 11:11 AM

I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 Norro1983

Norro1983
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 15 August 2011 - 12:10 PM

Hi, I ran the TDSSKiller I don't think it found anything as it didn't bring up anything about an infected or suspicious file. I have copied the log for you though as requested:

2011/08/15 18:06:17.0062 4232 TDSS rootkit removing tool 2.5.15.0 Aug 11 2011 16:32:13
2011/08/15 18:06:18.0341 4232 ================================================================================
2011/08/15 18:06:18.0341 4232 SystemInfo:
2011/08/15 18:06:18.0341 4232
2011/08/15 18:06:18.0341 4232 OS Version: 6.0.6001 ServicePack: 1.0
2011/08/15 18:06:18.0341 4232 Product type: Workstation
2011/08/15 18:06:18.0341 4232 ComputerName: DOOR-PC
2011/08/15 18:06:18.0341 4232 UserName: Door
2011/08/15 18:06:18.0341 4232 Windows directory: C:\Windows
2011/08/15 18:06:18.0341 4232 System windows directory: C:\Windows
2011/08/15 18:06:18.0341 4232 Processor architecture: Intel x86
2011/08/15 18:06:18.0341 4232 Number of processors: 2
2011/08/15 18:06:18.0341 4232 Page size: 0x1000
2011/08/15 18:06:18.0341 4232 Boot type: Normal boot
2011/08/15 18:06:18.0341 4232 ================================================================================
2011/08/15 18:06:19.0043 4232 Initialize success
2011/08/15 18:06:24.0909 4304 ================================================================================
2011/08/15 18:06:24.0909 4304 Scan started
2011/08/15 18:06:24.0909 4304 Mode: Manual;
2011/08/15 18:06:24.0909 4304 ================================================================================
2011/08/15 18:06:25.0392 4304 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/08/15 18:06:25.0642 4304 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/08/15 18:06:25.0829 4304 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/08/15 18:06:25.0892 4304 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/08/15 18:06:25.0970 4304 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/08/15 18:06:26.0188 4304 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
2011/08/15 18:06:26.0360 4304 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/08/15 18:06:26.0469 4304 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/08/15 18:06:26.0500 4304 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/08/15 18:06:26.0547 4304 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/08/15 18:06:26.0578 4304 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/08/15 18:06:26.0640 4304 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/08/15 18:06:26.0672 4304 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/08/15 18:06:26.0765 4304 ApfiltrService (9325e49d555d8f12ce1735227dbb3d80) C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/08/15 18:06:26.0968 4304 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/08/15 18:06:27.0046 4304 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/08/15 18:06:27.0077 4304 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/08/15 18:06:27.0108 4304 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/08/15 18:06:27.0171 4304 athr (ab0e8983beb0b036485e0e97e23b69ad) C:\Windows\system32\DRIVERS\athr.sys
2011/08/15 18:06:27.0296 4304 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/08/15 18:06:27.0358 4304 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/08/15 18:06:27.0436 4304 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
2011/08/15 18:06:27.0467 4304 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/08/15 18:06:27.0498 4304 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/08/15 18:06:27.0576 4304 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/08/15 18:06:27.0639 4304 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/08/15 18:06:27.0670 4304 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/08/15 18:06:27.0701 4304 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/08/15 18:06:27.0732 4304 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/08/15 18:06:28.0013 4304 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/08/15 18:06:28.0044 4304 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/08/15 18:06:28.0091 4304 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/08/15 18:06:28.0200 4304 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/08/15 18:06:28.0388 4304 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/08/15 18:06:28.0419 4304 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/08/15 18:06:28.0466 4304 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/08/15 18:06:28.0512 4304 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/08/15 18:06:28.0559 4304 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/08/15 18:06:28.0684 4304 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
2011/08/15 18:06:28.0824 4304 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/08/15 18:06:28.0871 4304 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
2011/08/15 18:06:28.0980 4304 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/08/15 18:06:29.0058 4304 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2011/08/15 18:06:29.0136 4304 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/08/15 18:06:29.0199 4304 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/08/15 18:06:29.0277 4304 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/08/15 18:06:29.0370 4304 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/08/15 18:06:29.0448 4304 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/08/15 18:06:29.0511 4304 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/08/15 18:06:29.0558 4304 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/08/15 18:06:29.0604 4304 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/08/15 18:06:29.0651 4304 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/08/15 18:06:29.0698 4304 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/08/15 18:06:29.0807 4304 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/08/15 18:06:29.0854 4304 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/08/15 18:06:29.0901 4304 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/08/15 18:06:30.0057 4304 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/08/15 18:06:30.0072 4304 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/08/15 18:06:30.0135 4304 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/08/15 18:06:30.0244 4304 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/08/15 18:06:30.0322 4304 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\drivers\hidusb.sys
2011/08/15 18:06:30.0384 4304 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/08/15 18:06:30.0462 4304 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/08/15 18:06:30.0540 4304 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/08/15 18:06:30.0587 4304 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2011/08/15 18:06:30.0665 4304 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
2011/08/15 18:06:30.0728 4304 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/08/15 18:06:30.0774 4304 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/08/15 18:06:30.0821 4304 iaStor (fd7f9d74c2b35dbda400804a3f5ed5d8) C:\Windows\system32\DRIVERS\iaStor.sys
2011/08/15 18:06:30.0899 4304 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/08/15 18:06:31.0040 4304 igfx (62448322731ac1beda52e2b3327046ee) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/08/15 18:06:31.0102 4304 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/08/15 18:06:31.0211 4304 IntcAzAudAddService (a82c70cbaec7b10e4c9c1341d729640f) C:\Windows\system32\drivers\RTKVHDA.sys
2011/08/15 18:06:31.0258 4304 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/08/15 18:06:31.0274 4304 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/08/15 18:06:31.0320 4304 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/08/15 18:06:31.0383 4304 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/08/15 18:06:31.0414 4304 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/08/15 18:06:31.0461 4304 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/08/15 18:06:31.0492 4304 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/08/15 18:06:31.0539 4304 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/08/15 18:06:31.0570 4304 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/08/15 18:06:31.0601 4304 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/08/15 18:06:31.0632 4304 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/08/15 18:06:31.0664 4304 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
2011/08/15 18:06:31.0742 4304 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
2011/08/15 18:06:31.0804 4304 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/08/15 18:06:31.0866 4304 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/08/15 18:06:31.0913 4304 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/08/15 18:06:31.0944 4304 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/08/15 18:06:31.0991 4304 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/08/15 18:06:32.0085 4304 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/08/15 18:06:32.0116 4304 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/08/15 18:06:32.0147 4304 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/08/15 18:06:32.0210 4304 mfeavfk (21dd45cae791d0cde10631b80f16f653) C:\Windows\system32\drivers\mfeavfk.sys
2011/08/15 18:06:32.0225 4304 mfebopk (decde1c615c256fa2893b5962b0b91e5) C:\Windows\system32\drivers\mfebopk.sys
2011/08/15 18:06:32.0272 4304 mfehidk (f85cd2b918202b7ee49757c361c7eac2) C:\Windows\system32\drivers\mfehidk.sys
2011/08/15 18:06:32.0288 4304 mferkdk (5f33a57f904b64d1c6a548eca47a8656) C:\Windows\system32\drivers\mferkdk.sys
2011/08/15 18:06:32.0319 4304 mfesmfk (299a86b780c9627aaa24e74292363ed2) C:\Windows\system32\drivers\mfesmfk.sys
2011/08/15 18:06:32.0350 4304 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/08/15 18:06:32.0397 4304 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/08/15 18:06:32.0412 4304 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/08/15 18:06:32.0444 4304 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\drivers\mouhid.sys
2011/08/15 18:06:32.0475 4304 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/08/15 18:06:32.0506 4304 MPFP (96cf5286bc370b558735a7b891232d92) C:\Windows\system32\Drivers\Mpfp.sys
2011/08/15 18:06:32.0568 4304 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/08/15 18:06:32.0600 4304 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/08/15 18:06:32.0631 4304 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/08/15 18:06:32.0662 4304 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/08/15 18:06:32.0724 4304 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/08/15 18:06:32.0787 4304 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/08/15 18:06:32.0834 4304 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/08/15 18:06:32.0896 4304 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/08/15 18:06:32.0943 4304 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/08/15 18:06:32.0990 4304 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/08/15 18:06:33.0021 4304 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/08/15 18:06:33.0083 4304 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/08/15 18:06:33.0099 4304 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/08/15 18:06:33.0130 4304 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/08/15 18:06:33.0161 4304 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/08/15 18:06:33.0192 4304 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/08/15 18:06:33.0239 4304 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/08/15 18:06:33.0270 4304 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/08/15 18:06:33.0333 4304 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2011/08/15 18:06:33.0380 4304 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/08/15 18:06:33.0411 4304 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/08/15 18:06:33.0442 4304 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/08/15 18:06:33.0473 4304 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/08/15 18:06:33.0504 4304 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/08/15 18:06:33.0536 4304 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/08/15 18:06:33.0567 4304 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/08/15 18:06:33.0614 4304 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/08/15 18:06:33.0645 4304 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/08/15 18:06:33.0692 4304 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/08/15 18:06:33.0754 4304 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/08/15 18:06:33.0816 4304 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/08/15 18:06:33.0848 4304 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/08/15 18:06:34.0066 4304 nvlddmkm (442eac1b12acf1bad6f1224167e034c8) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/08/15 18:06:34.0144 4304 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/08/15 18:06:34.0175 4304 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/08/15 18:06:34.0206 4304 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/08/15 18:06:34.0284 4304 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/08/15 18:06:34.0331 4304 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/08/15 18:06:34.0362 4304 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/08/15 18:06:34.0394 4304 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/08/15 18:06:34.0440 4304 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/08/15 18:06:34.0472 4304 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/08/15 18:06:34.0487 4304 pcmcia (b7c5a8769541900f6dfa6fe0c5e4d513) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/08/15 18:06:34.0581 4304 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/08/15 18:06:34.0690 4304 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/08/15 18:06:34.0721 4304 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/08/15 18:06:34.0799 4304 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/08/15 18:06:34.0846 4304 PxHelp20 (d970470f8f39470bdae94d313a1ccdce) C:\Windows\system32\Drivers\PxHelp20.sys
2011/08/15 18:06:34.0924 4304 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/08/15 18:06:34.0971 4304 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/08/15 18:06:35.0002 4304 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/08/15 18:06:35.0018 4304 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/08/15 18:06:35.0064 4304 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/08/15 18:06:35.0080 4304 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/08/15 18:06:35.0111 4304 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/08/15 18:06:35.0142 4304 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/08/15 18:06:35.0174 4304 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/08/15 18:06:35.0220 4304 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/08/15 18:06:35.0236 4304 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/08/15 18:06:35.0267 4304 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/08/15 18:06:35.0330 4304 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
2011/08/15 18:06:35.0376 4304 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/08/15 18:06:35.0423 4304 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/08/15 18:06:35.0470 4304 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/08/15 18:06:35.0517 4304 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/08/15 18:06:35.0532 4304 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/08/15 18:06:35.0579 4304 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/08/15 18:06:35.0657 4304 SFEP (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys
2011/08/15 18:06:35.0673 4304 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/08/15 18:06:35.0704 4304 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/08/15 18:06:35.0735 4304 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/08/15 18:06:35.0751 4304 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/08/15 18:06:35.0798 4304 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/08/15 18:06:35.0829 4304 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/08/15 18:06:35.0860 4304 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/08/15 18:06:35.0907 4304 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/08/15 18:06:35.0969 4304 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/08/15 18:06:36.0063 4304 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
2011/08/15 18:06:36.0110 4304 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
2011/08/15 18:06:36.0141 4304 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
2011/08/15 18:06:36.0203 4304 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/08/15 18:06:36.0250 4304 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/08/15 18:06:36.0281 4304 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/08/15 18:06:36.0297 4304 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/08/15 18:06:36.0406 4304 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
2011/08/15 18:06:36.0468 4304 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
2011/08/15 18:06:36.0500 4304 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/08/15 18:06:36.0531 4304 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/08/15 18:06:36.0546 4304 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/08/15 18:06:36.0593 4304 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/08/15 18:06:36.0624 4304 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/08/15 18:06:36.0718 4304 ti21sony (909cd987b54a8179c9aee874d754721a) C:\Windows\system32\drivers\ti21sony.sys
2011/08/15 18:06:36.0765 4304 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/08/15 18:06:36.0812 4304 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/08/15 18:06:36.0843 4304 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
2011/08/15 18:06:36.0874 4304 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/08/15 18:06:36.0921 4304 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/08/15 18:06:36.0999 4304 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/08/15 18:06:37.0030 4304 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/08/15 18:06:37.0061 4304 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/08/15 18:06:37.0092 4304 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/08/15 18:06:37.0124 4304 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/08/15 18:06:37.0170 4304 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys
2011/08/15 18:06:37.0202 4304 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/08/15 18:06:37.0248 4304 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
2011/08/15 18:06:37.0264 4304 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
2011/08/15 18:06:37.0295 4304 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/08/15 18:06:37.0326 4304 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2011/08/15 18:06:37.0358 4304 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/08/15 18:06:37.0389 4304 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/08/15 18:06:37.0467 4304 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/08/15 18:06:37.0498 4304 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/08/15 18:06:37.0529 4304 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/08/15 18:06:37.0560 4304 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/08/15 18:06:37.0592 4304 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/08/15 18:06:37.0623 4304 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/08/15 18:06:37.0654 4304 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/08/15 18:06:37.0685 4304 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2011/08/15 18:06:37.0748 4304 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/08/15 18:06:37.0810 4304 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/08/15 18:06:37.0857 4304 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/15 18:06:37.0872 4304 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/15 18:06:37.0919 4304 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/08/15 18:06:37.0966 4304 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/08/15 18:06:38.0060 4304 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys
2011/08/15 18:06:38.0106 4304 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/08/15 18:06:38.0200 4304 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
2011/08/15 18:06:38.0247 4304 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/08/15 18:06:38.0294 4304 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/08/15 18:06:38.0325 4304 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys
2011/08/15 18:06:38.0403 4304 yukonwlh (2d07e65ed0023bb10b13a912b27dfb1a) C:\Windows\system32\DRIVERS\yk60x86.sys
2011/08/15 18:06:38.0434 4304 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
2011/08/15 18:06:38.0465 4304 Boot (0x1200) (3d5ad2f807d73aa5d6ff8936d473977e) \Device\Harddisk0\DR0\Partition0
2011/08/15 18:06:38.0465 4304 ================================================================================
2011/08/15 18:06:38.0465 4304 Scan finished
2011/08/15 18:06:38.0465 4304 ================================================================================
2011/08/15 18:06:38.0481 4528 Detected object count: 0
2011/08/15 18:06:38.0481 4528 Actual detected object count: 0

Again, thanks for your help!

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:49 PM

Posted 15 August 2011 - 12:58 PM

we are going to check the router

Create and Run Batch File
Open Notepad and copy/paste the entire contents of the codebox below, into Notepad:
@echo off
>Log1.txt (
ipconfig /all
nslookup google.com
nslookup yahoo.com
ping -n 2 google.com
ping -n 2 yahoo.com
route print
)
start Log1.txt
del %0
Save this as router.bat Choose to Save type as - All Files and where to save - Desktop - then close the Notepad file.

It should look like this: Posted Image <--XP
Double-click on router.bat to run it. it will open notepad when done please post back the results
gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 Norro1983

Norro1983
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 15 August 2011 - 01:44 PM

These are results of running the notepad file:


Windows IP Configuration

Host Name . . . . . . . . . . . . : Door-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : LAN-Express AS IEEE 802.11g PCI-E Adapter
Physical Address. . . . . . . . . : 00-1D-D9-E2-2D-1D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7073:65d4:17f2:1c40%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.78(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 15 August 2011 14:58:16
Lease Expires . . . . . . . . . . : 16 August 2011 14:58:17
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-1A-80-F1-F3-2C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{771E7D05-F861-40E3-B1F3-1817A728F593}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.home
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: BThomehub.home
Address: 192.168.1.254

Name: google.com
Addresses: 209.85.227.99
209.85.227.103
209.85.227.106
209.85.227.105
209.85.227.147
209.85.227.104

Server: BThomehub.home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 67.195.160.76
69.147.125.65
72.30.2.43
98.137.149.56
209.191.122.70



Pinging google.com [209.85.227.147] with 32 bytes of data:

Reply from 209.85.227.147: bytes=32 time=41ms TTL=49

Reply from 209.85.227.147: bytes=32 time=41ms TTL=49



Ping statistics for 209.85.227.147:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 41ms, Maximum = 41ms, Average = 41ms



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=175ms TTL=46

Reply from 209.191.122.70: bytes=32 time=167ms TTL=46



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 167ms, Maximum = 175ms, Average = 171ms

===========================================================================
Interface List
11 ...00 1d d9 e2 2d 1d ...... LAN-Express AS IEEE 802.11g PCI-E Adapter
10 ...00 1a 80 f1 f3 2c ...... Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller
1 ........................... Software Loopback Interface 1
12 ...00 00 00 00 00 00 00 e0 isatap.{771E7D05-F861-40E3-B1F3-1817A728F593}
13 ...00 00 00 00 00 00 00 e0 isatap.home
14 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.78 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.78 281
192.168.1.78 255.255.255.255 On-link 192.168.1.78 281
192.168.1.255 255.255.255.255 On-link 192.168.1.78 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.78 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.78 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::7073:65d4:17f2:1c40/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:49 PM

Posted 15 August 2011 - 03:01 PM

After you have run these steps - you need to let me know how the computer is doing

Resetting Router


  • This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router.
  • Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds).
  • If you don’t know the router's default password, you can look it up. Here
  • You also need to reconfigure any security settings you had in place prior to the reset.
  • You may also need to consult with your Internet service provider to find out which DNS servers your network should be using or you can use OpenDNS
Note: After resetting your router, it is important to set a non-default password, and if possible, username, on the router. This will assist in eliminating the possibility of the router being hijacked again.

flush the DNS:

Now lets flush the DNS on the computer:

  • click on Start
  • select run
  • enter cmd and hit enter
  • a black window will open.
  • please enter the following text into that window and hit enter:


    ipconfig /flushdns

Now lets check the router again

Create and Run Batch File
Open Notepad and copy/paste the entire contents of the codebox below, into Notepad:
@echo off
>Log1.txt (
ipconfig /all
nslookup google.com
nslookup yahoo.com
ping -n 2 google.com
ping -n 2 yahoo.com
route print
)
start Log1.txt
del %0
Save this as router.bat Choose to Save type as - All Files and where to save - Desktop - then close the Notepad file.

It should look like this: Posted Image <--XP
Double-click on router.bat to run it. it will open notepad when done please post back the results

gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 Norro1983

Norro1983
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 15 August 2011 - 03:59 PM

Hello,

Ok I carried out the router reset. The internet connection esablished itself as soon as I had reset the router. I then carried out the DNS flush bit however when I typed the text into the black window It came back with the following message/text: The requested operation requires elevation
When the black window opened the cursor was positioned straight after the following text: C:\Users\Door>
I then typed the text you asked so it looked like this: C:\Users\Door>ipconfig/flushdns and hit enter and was then presented with the text 'The requested operation requires elevation'. I wasn't sure if this was right hence the reason I am telling you. I then checked the google search initial problem and it still exists as it was in the original post with no new issues or concerns. I still went ahead and did the 'create and run batch file' and the log is as below:


Windows IP Configuration

Host Name . . . . . . . . . . . . : Door-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : LAN-Express AS IEEE 802.11g PCI-E Adapter
Physical Address. . . . . . . . . : 00-1D-D9-E2-2D-1D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7073:65d4:17f2:1c40%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.78(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 15 August 2011 14:58:16
Lease Expires . . . . . . . . . . : 16 August 2011 21:44:37
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-1A-80-F1-F3-2C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{771E7D05-F861-40E3-B1F3-1817A728F593}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : isatap.home
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: BThomehub.home
Address: 192.168.1.254

Name: google.com
Addresses: 209.85.146.103
209.85.146.99
209.85.146.105
209.85.146.106
209.85.146.147
209.85.146.104

Server: BThomehub.home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.137.149.56
209.191.122.70
67.195.160.76
69.147.125.65
72.30.2.43



Pinging google.com [209.85.146.105] with 32 bytes of data:

Reply from 209.85.146.105: bytes=32 time=41ms TTL=49

Reply from 209.85.146.105: bytes=32 time=40ms TTL=49



Ping statistics for 209.85.146.105:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 40ms, Maximum = 41ms, Average = 40ms



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=160ms TTL=45

Reply from 209.191.122.70: bytes=32 time=154ms TTL=45



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 154ms, Maximum = 160ms, Average = 157ms

===========================================================================
Interface List
11 ...00 1d d9 e2 2d 1d ...... LAN-Express AS IEEE 802.11g PCI-E Adapter
10 ...00 1a 80 f1 f3 2c ...... Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller
1 ........................... Software Loopback Interface 1
12 ...00 00 00 00 00 00 00 e0 isatap.{771E7D05-F861-40E3-B1F3-1817A728F593}
13 ...00 00 00 00 00 00 00 e0 isatap.home
14 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.78 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.78 281
192.168.1.78 255.255.255.255 On-link 192.168.1.78 281
192.168.1.255 255.255.255.255 On-link 192.168.1.78 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.78 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.78 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::7073:65d4:17f2:1c40/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None


Thanks again!

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:49 PM

Posted 15 August 2011 - 04:31 PM

Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTListIt.txt in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 Norro1983

Norro1983
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 15 August 2011 - 04:41 PM

Hi,

Ok log of scan is as follows:

OTL logfile created on: 15/08/2011 22:35:19 - Run 1
OTL by OldTimer - Version 3.2.26.4 Folder = C:\Users\Door\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.99 Gb Total Physical Memory | 0.97 Gb Available Physical Memory | 48.63% Memory free
4.21 Gb Paging File | 3.10 Gb Available in Paging File | 73.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 225.87 Gb Total Space | 183.02 Gb Free Space | 81.03% Space Free | Partition Type: NTFS

Computer Name: DOOR-PC | User Name: Door | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Door\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Sony\Marketing Tools\MarketingTools.exe (Sony NSCE)
PRC - C:\Program Files\SiteAdvisor\6172\SAService.exe ()
PRC - C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
PRC - C:\Program Files\Sony\Network Utility\NSUService.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Apoint\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Apoint\ApMsgFwd.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files\Sony\Reminder\Reminder.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files\SiteAdvisor\6172\SiteAdv.exe ()
PRC - C:\Program Files\McAfee\MSK\msksrver.exe (McAfee, Inc.)
PRC - c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
PRC - c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
PRC - C:\Program Files\McAfee\MPF\MpfSrv.exe (McAfee, Inc.)
PRC - c:\Program Files\McAfee\MSC\mcuimgr.exe (McAfee, Inc.)
PRC - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)


========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6d75eb3ca10a514754f5e87cc2134f07\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\19d027c3381110e60c003f2c8bd307ee\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\38b9d09539b67b08ee996db6c71f8a9b\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\982c005f97eacba888acdda322c49362\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ba71341e41687591124f9a5680cb0981\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\57ac9ba5419d6bf4b79f2979b0755428\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\c068708e16abf0be77a21b9f29817d83\mscorlib.ni.dll ()
MOD - C:\Program Files\Google\Google Desktop Search\gzlib.dll ()
MOD - C:\Program Files\SiteAdvisor\6172\saHook.dll ()
MOD - C:\Windows\System32\igfxTMM.dll ()
MOD - c:\Program Files\McAfee\MSK\mcapbho.dll ()
MOD - C:\Program Files\SiteAdvisor\6172\SiteAdv.exe ()
MOD - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll ()


========== Win32 Services (SafeList) ==========

SRV - (SiteAdvisor Service) -- C:\Program Files\SiteAdvisor\6172\SAService.exe ()
SRV - (NSUService) -- C:\Program Files\Sony\Network Utility\NSUService.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation)
SRV - (VzFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (MSK80Service) -- C:\Program Files\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
SRV - (McProxy) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
SRV - (VAIO Event Service) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (mcmscsvc) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (McSysmon) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
SRV - (McShield) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
SRV - (McNASvc) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
SRV - (MpfService) -- C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SRV - (IviRegMgr) -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)


========== Driver Services (SafeList) ==========

DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (MPFP) -- C:\Windows\System32\drivers\Mpfp.sys (McAfee, Inc.)
DRV - (ti21sony) -- C:\Windows\System32\drivers\ti21sony.sys (Texas Instruments)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3568159112-1356664340-629666710-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-3568159112-1356664340-629666710-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3568159112-1356664340-629666710-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3568159112-1356664340-629666710-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)



O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll ()
O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\Program Files\McAfee\MSK\mcapbho.dll ()
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google BAE\BAE.dll (Your Company Name)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll ()
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe (Sony NSCE)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [McENUI] C:\Program Files\McAfee\MHN\McENUI.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-3568159112-1356664340-629666710-1003..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3568159112-1356664340-629666710-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3568159112-1356664340-629666710-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3568159112-1356664340-629666710-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll (Sun Microsystems, Inc.)
O15 - HKU\S-1-5-21-3568159112-1356664340-629666710-1003\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-3568159112-1356664340-629666710-1003\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\siteadvisor {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\VAIO 08 img6 Wallpaper 1280x800.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\VAIO 08 img6 Wallpaper 1280x800.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/15 22:34:04 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Door\Desktop\OTL.exe
[2011/08/15 18:05:57 | 001,404,720 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Door\Desktop\tdsskiller.exe
[2011/08/15 14:54:21 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/08/15 14:43:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/08/15 14:43:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/08/15 14:43:15 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/08/15 14:43:09 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/08/15 14:43:05 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/08/15 14:42:33 | 004,172,996 | R--- | C] (Swearware) -- C:\Users\Door\Desktop\ComboFix.exe
[2011/08/15 09:56:44 | 000,607,017 | R--- | C] (Swearware) -- C:\Users\Door\Desktop\dds.scr
[2011/08/15 09:56:10 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2011/08/15 09:56:10 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2011/08/15 09:56:10 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2011/08/15 09:56:10 | 000,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011/08/15 09:56:10 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2011/08/15 09:56:10 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2011/08/15 09:56:08 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2011/08/15 09:56:07 | 000,326,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011/08/15 09:51:50 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011/08/15 09:51:26 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2011/08/15 09:51:03 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2011/08/15 09:49:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/08/15 09:44:25 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011/08/15 09:43:44 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011/08/15 09:43:44 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011/08/15 09:43:44 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011/08/15 09:43:38 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011/08/15 09:43:38 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011/08/15 09:43:30 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011/08/15 09:43:30 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011/08/15 09:43:30 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011/08/15 09:43:30 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011/08/15 09:43:28 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011/08/15 09:43:06 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011/08/15 09:43:06 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011/08/15 09:43:06 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011/08/15 09:43:05 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011/08/15 09:43:05 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/08/14 19:51:33 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2011/08/14 19:46:38 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2011/08/14 19:46:35 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2011/08/14 19:46:21 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2011/08/14 19:33:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2011/08/13 12:15:18 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011/08/13 12:15:17 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011/08/13 09:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Desktop
[2011/08/12 23:20:28 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2011/08/12 23:20:27 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/08/12 23:20:27 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/08/12 23:20:27 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2011/08/12 23:18:51 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2011/08/12 23:14:24 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2011/08/12 23:14:24 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2011/08/12 23:14:24 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2011/08/12 23:14:24 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2011/08/12 23:14:23 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2011/08/12 23:14:23 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2011/08/12 23:14:23 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2011/08/12 23:12:51 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/08/12 23:12:50 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/08/12 23:12:49 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/08/12 23:12:49 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2011/08/12 23:12:48 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/08/12 23:12:48 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/08/12 23:12:47 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/08/12 23:12:47 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/08/12 23:12:47 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/08/12 23:12:46 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/08/12 23:12:45 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/08/12 23:12:45 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/08/12 23:11:47 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2011/08/12 23:11:47 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2011/08/12 23:11:45 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2011/08/12 23:10:29 | 003,600,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/08/12 23:10:29 | 003,548,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/08/12 23:09:34 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/08/12 23:09:34 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/08/12 23:08:59 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011/08/12 23:08:37 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[2011/08/12 23:08:11 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2011/08/12 23:08:09 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/08/12 23:06:51 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/08/12 23:06:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2011/08/12 23:04:18 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2011/08/12 23:04:18 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2011/08/12 23:03:37 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011/08/12 23:03:13 | 002,042,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/08/12 23:00:19 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011/08/12 23:00:05 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2011/08/12 22:58:27 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2011/08/12 22:57:50 | 001,695,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2011/08/12 22:57:27 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2011/08/12 22:54:15 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011/08/12 22:54:14 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011/08/12 22:50:13 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2011/08/12 22:50:13 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2011/08/12 22:50:13 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2011/08/12 22:50:05 | 000,615,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2011/08/12 22:50:05 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2011/08/12 22:50:04 | 000,927,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2011/08/12 22:50:03 | 000,988,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2011/08/12 22:50:03 | 000,019,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2011/08/12 22:49:57 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2011/08/12 22:49:06 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011/08/12 22:48:24 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011/08/12 22:48:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011/08/12 22:48:19 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2011/08/12 22:48:19 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2011/08/12 22:48:19 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2011/08/12 22:48:19 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2011/08/12 22:48:19 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2011/08/12 22:48:01 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/08/12 22:48:00 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/08/12 22:48:00 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/08/12 22:48:00 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011/08/12 22:47:42 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2011/08/12 22:47:10 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2011/08/12 22:46:17 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011/08/12 22:46:16 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011/08/12 22:46:16 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011/08/12 22:45:37 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2011/08/12 22:45:37 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2011/08/12 22:45:17 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2011/08/12 22:45:16 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2011/08/12 22:45:00 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011/08/12 22:44:25 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2011/08/12 22:43:48 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/08/12 22:43:47 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2011/08/12 22:43:32 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2011/08/12 22:40:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/08/12 22:40:04 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2011/08/12 22:40:03 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2011/08/12 22:39:27 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011/08/12 22:39:27 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2011/08/12 22:39:25 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011/08/12 22:39:25 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2011/08/12 22:39:24 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011/08/12 22:39:24 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2011/08/12 22:39:22 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011/08/12 22:39:22 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2011/08/12 22:39:21 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2011/08/12 22:39:00 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2011/08/12 22:38:59 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2011/08/12 22:38:39 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2011/08/12 22:38:39 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2011/08/12 22:37:58 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/08/12 22:37:57 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011/08/12 22:37:23 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2011/08/12 22:35:36 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2011/08/12 22:34:34 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2011/08/12 22:34:33 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2011/08/12 22:34:15 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2011/08/12 22:30:07 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2011/08/12 22:28:43 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011/08/12 22:13:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Sports Interactive
[2011/08/12 22:09:52 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2011/08/12 22:09:52 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2011/08/12 22:09:51 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2011/08/12 22:09:50 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2011/08/12 22:09:49 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2011/08/12 22:09:48 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2011/08/12 22:09:47 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2011/08/12 22:09:46 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2011/08/12 22:09:46 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2011/08/12 22:09:44 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2011/08/12 22:09:43 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2011/08/12 22:09:43 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2011/08/12 22:09:41 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2011/08/12 22:09:40 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2011/08/12 22:09:39 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2011/08/12 22:09:39 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2011/08/12 22:09:38 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2011/08/12 22:09:36 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2011/08/12 22:09:36 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2011/08/12 22:09:35 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2011/08/12 22:09:33 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2011/08/12 22:09:33 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2011/08/12 22:09:32 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2011/08/12 22:09:31 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2011/08/12 22:09:29 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2011/08/12 22:09:29 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2011/08/12 22:09:28 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2011/08/12 22:09:26 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2011/08/12 22:09:25 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2011/08/12 22:09:24 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2011/08/12 22:09:22 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2011/08/12 22:09:22 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2011/08/12 22:09:21 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2011/08/12 22:09:20 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2011/08/12 22:09:17 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2011/08/12 22:09:17 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2011/08/12 22:09:16 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2011/08/12 22:09:14 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2011/08/12 22:09:03 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2011/08/12 22:09:03 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2011/08/12 22:09:02 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2011/08/12 22:09:00 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2011/08/12 22:09:00 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2011/08/12 22:08:59 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2011/08/12 22:08:59 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2011/08/12 22:08:57 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2011/08/12 22:08:56 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2011/08/12 22:08:54 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2011/08/12 22:08:53 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2011/08/12 22:08:52 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2011/08/12 22:08:51 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2011/08/12 22:08:43 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2011/08/12 21:56:51 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2011/08/12 21:56:47 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2011/08/12 21:56:36 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2011/08/12 21:56:36 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2011/08/12 21:56:36 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2011/08/12 21:56:36 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2011/08/12 21:56:35 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2011/08/12 21:56:35 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2011/08/12 21:56:35 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2011/08/12 21:56:34 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2011/08/12 21:56:34 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2011/08/12 21:56:34 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2011/08/12 21:56:34 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2011/08/12 21:56:34 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2011/08/12 21:56:34 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2011/08/12 21:56:34 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2011/08/12 21:56:34 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2011/08/12 21:56:33 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2011/08/12 21:56:33 | 001,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011/08/12 21:56:33 | 001,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011/08/12 21:56:33 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011/08/12 21:56:33 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2011/08/12 21:56:33 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011/08/12 21:54:27 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011/08/12 21:54:27 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011/08/12 21:54:20 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/08/12 21:54:17 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/08/12 21:49:54 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2011/08/12 21:44:18 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2011/08/12 21:42:33 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/08/12 21:17:12 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2011/08/12 21:17:09 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2011/08/12 21:17:09 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2011/08/12 21:17:08 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011/08/12 20:48:53 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive
[2011/08/12 20:48:53 | 000,000,000 | ---D | C] -- C:\Users\Door\Documents\Sports Interactive
[2011/08/12 20:48:46 | 000,000,000 | ---D | C] -- C:\Users\Door\AppData\Roaming\Sports Interactive
[2011/08/12 20:48:46 | 000,000,000 | ---D | C] -- C:\Users\Door\AppData\Local\Sports Interactive
[2011/08/12 20:10:15 | 000,000,000 | -H-D | C] -- C:\Program Files\Zero G Registry
[2011/08/12 20:10:15 | 000,000,000 | ---D | C] -- C:\Program Files\Sports Interactive
[2011/08/12 20:09:17 | 000,000,000 | -H-D | C] -- C:\Users\Door\InstallAnywhere
[2011/08/11 21:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Recovery Center
[2011/08/11 21:46:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InterVideo WinDVD
[2011/08/11 21:46:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InterVideo
[2011/08/11 21:45:25 | 000,000,000 | ---D | C] -- C:\Program Files\InterVideo
[2011/08/11 21:44:52 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2011/08/11 21:44:52 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2011/08/11 21:44:51 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2011/08/11 21:44:51 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2011/08/11 21:44:51 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2011/08/11 21:44:51 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2011/08/11 21:44:51 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2011/08/11 21:44:51 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2011/08/11 21:44:50 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2011/08/11 21:44:50 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2011/08/11 21:44:50 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2011/08/11 21:44:48 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2011/08/11 21:44:48 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2011/08/11 21:44:48 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2011/08/11 21:44:47 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2011/08/11 21:44:47 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2011/08/11 21:44:47 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2011/08/11 21:44:47 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2011/08/11 21:44:47 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2011/08/11 21:44:47 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2011/08/11 21:44:32 | 000,000,000 | ---D | C] -- C:\Documentation
[2011/08/11 21:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update 3
[2011/08/11 21:39:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/08/11 21:39:38 | 000,000,000 | ---D | C] -- C:\Program Files\Skype
[2011/08/11 21:39:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011/08/11 21:39:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011/08/11 21:39:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2011/08/11 21:39:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2011/08/11 21:39:18 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2011/08/11 21:38:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Easy Media Creator 10 LJ
[2011/08/11 21:38:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2011/08/11 21:38:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2011/08/11 21:38:38 | 001,690,096 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxsfs.dll
[2011/08/11 21:38:38 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxafs.dll
[2011/08/11 21:36:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2011/08/11 21:35:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/08/11 21:35:46 | 000,000,000 | ---D | C] -- C:\ProgramData\SiteAdvisor
[2011/08/11 21:35:46 | 000,000,000 | ---D | C] -- C:\Program Files\SiteAdvisor
[2011/08/11 21:35:38 | 000,143,360 | ---- | C] (Inner Media, Inc.) -- C:\Windows\System32\dunzip32.dll
[2011/08/11 21:34:53 | 000,033,800 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdk.sys
[2011/08/11 21:34:52 | 000,201,288 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys
[2011/08/11 21:34:52 | 000,079,304 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys
[2011/08/11 21:34:52 | 000,040,488 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfesmfk.sys
[2011/08/11 21:34:52 | 000,035,240 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys
[2011/08/11 21:34:50 | 000,125,728 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\Mpfp.sys
[2011/08/11 21:34:40 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2011/08/11 21:34:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2011/08/11 21:34:38 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2011/08/11 21:34:36 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011/08/11 21:34:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2011/08/11 21:34:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Talk
[2011/08/11 21:34:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/08/11 21:33:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2011/08/11 21:33:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2011/08/11 21:33:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
[2011/08/11 21:33:03 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2011/08/11 21:31:18 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Video & Photo Suite
[2011/08/11 21:30:57 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxhpinst.exe
[2011/08/11 21:30:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa2
[2011/08/11 21:30:54 | 000,000,000 | ---D | C] -- C:\Program Files\Picasa2
[2011/08/11 21:30:50 | 000,000,000 | ---D | C] -- C:\Program Files\Google BAE
[2011/08/11 21:30:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Small Business
[2011/08/11 21:30:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
[2011/08/11 21:28:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2011/08/11 21:27:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Big Fish Games Center
[2011/08/11 21:27:23 | 000,000,000 | ---D | C] -- C:\Program Files\BFG
[2011/08/11 21:27:20 | 000,000,000 | ---D | C] -- C:\Big Fish Games
[2011/08/11 21:27:14 | 000,000,000 | ---D | C] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2011/08/11 21:27:09 | 000,000,000 | ---D | C] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[2011/08/11 21:26:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/08/11 21:26:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2011/08/11 21:25:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2011/08/11 21:25:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011/08/11 21:25:17 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/08/11 21:25:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011/08/11 21:23:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/08/11 21:23:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/08/11 21:23:40 | 000,000,000 | R--D | C] -- C:\MSOCache
[2011/08/11 21:22:25 | 000,000,000 | ---D | C] -- C:\Windows\Sonysys
[2011/08/11 21:22:24 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/08/11 21:16:07 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/08/11 14:29:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/08/11 14:04:40 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2011/08/11 14:04:40 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2011/08/11 14:03:56 | 000,000,000 | ---D | C] -- C:\Users\Door\AppData\Roaming\Macromedia
[2011/08/11 14:03:34 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2011/08/11 14:03:34 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2011/08/11 14:03:34 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2011/08/11 14:03:16 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2011/08/11 14:03:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2011/08/11 14:02:59 | 000,000,000 | ---D | C] -- C:\Users\Door\AppData\Roaming\Adobe
[2011/08/11 14:00:33 | 000,000,000 | ---D | C] -- C:\Users\Door\AppData\Roaming\Google
[2011/08/11 14:00:03 | 000,000,000 | ---D | C] -- C:\Users\Door\AppData\Local\Sony_NSCE
[2011/08/11 13:59:59 | 000,000,000 | ---D | C] -- C:\Users\Door\Documents\My Google Gadgets
[2011/08/11 13:59:53 | 000,000,000 | ---D | C] -- C:\Users\Door\AppData\Local\Google
[2011/08/11 13:59:38 | 000,000,000 | ---D | C] -- C:\Users\Door\AppData\Roaming\SiteAdvisor
[2011/08/11 13:59:15 | 000,000,000 | ---D | C] -- C:\Users\Door\AppData\Local\VirtualStore
[2011/08/11 13:58:35 | 000,000,000 | -HSD | C] -- C:\Users\Door\AppData\Local\Temporary Internet Files
[2011/08/11 13:58:35 | 000,000,000 | -HSD | C] -- C:\Users\Door\Templates
[2011/08/11 13:58:35 | 000,000,000 | -HSD | C] -- C:\Users\Door\Start Menu
[2011/08/11 13:58:35 | 000,000,000 | -HSD | C] -- C:\Users\Door\SendTo
[2011/08/11 13:58:35 | 000,000,000 | -HSD | C] -- C:\Users\Door\Recent
[2011/08/11 13:58:35 | 000,000,000 | -HSD | C] -- C:\Users\Door\PrintHood
[2011/08/11 13:58:35 | 000,000,000 | -HSD | C] -- C:\Users\Door\NetHood
[2011/08/11 13:58:35 | 000,000,000 | -HSD | C] -- C:\Users\Door\Documents\My Videos
[2011/08/11 13:58:35 | 000,000,000 | -HSD | C] -- C:\Users\Door\Documents\My Pictures
[2011/08/11 13:58:35 | 000,000,000 | -HSD | C] -- C:\Users\Door\Documents\My Music
[2011/08/11 13:58:35 | 000,000,000 | -HSD | C] -- C:\Users\Door\My Documents
[2011/08/11 13:58:35 | 000,000,000 | -HSD | C] -- C:\Users\Door\Local Settings
[2011/08/11 13:58:35 | 000,000,000 | -HSD | C] -- C:\Users\Door\AppData\Local\History
[2011/08/11 13:58:35 | 000,000,000 | -HSD | C] -- C:\Users\Door\Cookies
[2011/08/11 13:58:35 | 000,000,000 | -HSD | C] -- C:\Users\Door\Application Data
[2011/08/11 13:58:35 | 000,000,000 | -HSD | C] -- C:\Users\Door\AppData\Local\Application Data
[2011/08/11 13:58:28 | 000,000,000 | --SD | C] -- C:\Users\Door\AppData\Roaming\Microsoft
[2011/08/11 13:58:28 | 000,000,000 | R--D | C] -- C:\Users\Door\Videos
[2011/08/11 13:58:28 | 000,000,000 | R--D | C] -- C:\Users\Door\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/08/11 13:58:28 | 000,000,000 | R--D | C] -- C:\Users\Door\Searches
[2011/08/11 13:58:28 | 000,000,000 | R--D | C] -- C:\Users\Door\Saved Games
[2011/08/11 13:58:28 | 000,000,000 | R--D | C] -- C:\Users\Door\Pictures
[2011/08/11 13:58:28 | 000,000,000 | R--D | C] -- C:\Users\Door\Music
[2011/08/11 13:58:28 | 000,000,000 | R--D | C] -- C:\Users\Door\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/08/11 13:58:28 | 000,000,000 | R--D | C] -- C:\Users\Door\Links
[2011/08/11 13:58:28 | 000,000,000 | R--D | C] -- C:\Users\Door\Favorites
[2011/08/11 13:58:28 | 000,000,000 | R--D | C] -- C:\Users\Door\Downloads
[2011/08/11 13:58:28 | 000,000,000 | R--D | C] -- C:\Users\Door\Documents
[2011/08/11 13:58:28 | 000,000,000 | R--D | C] -- C:\Users\Door\Desktop
[2011/08/11 13:58:28 | 000,000,000 | R--D | C] -- C:\Users\Door\Contacts
[2011/08/11 13:58:28 | 000,000,000 | R--D | C] -- C:\Users\Door\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/08/11 13:58:28 | 000,000,000 | R--D | C] -- C:\Users\Door\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/08/11 13:58:28 | 000,000,000 | -H-D | C] -- C:\Users\Door\AppData
[2011/08/11 13:58:28 | 000,000,000 | ---D | C] -- C:\Users\Door\AppData\Local\Temp
[2011/08/11 13:58:28 | 000,000,000 | ---D | C] -- C:\Users\Door\AppData\Roaming\Sony Corporation
[2011/08/11 13:58:28 | 000,000,000 | ---D | C] -- C:\Users\Door\AppData\Local\Microsoft
[2011/08/11 13:58:28 | 000,000,000 | ---D | C] -- C:\Users\Door\AppData\Roaming\Media Center Programs
[2011/08/11 13:58:28 | 000,000,000 | ---D | C] -- C:\Users\Door\AppData\Roaming\Identities
[2011/08/11 13:58:28 | 000,000,000 | ---D | C] -- C:\Users\Door\AppData\Local\Adobe

========== Files - Modified Within 30 Days ==========

[2011/08/15 22:34:08 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Door\Desktop\OTL.exe
[2011/08/15 22:17:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/15 21:44:45 | 000,018,183 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2011/08/15 21:24:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/15 18:06:01 | 001,404,720 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Door\Desktop\tdsskiller.exe
[2011/08/15 14:58:16 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/15 14:58:16 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/15 14:58:12 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/15 14:57:46 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/15 14:42:38 | 004,172,996 | R--- | M] (Swearware) -- C:\Users\Door\Desktop\ComboFix.exe
[2011/08/15 10:06:16 | 000,035,490 | ---- | M] () -- C:\Users\Door\Desktop\Report RKUnHooker
[2011/08/15 10:02:56 | 000,139,264 | ---- | M] () -- C:\Users\Door\Desktop\RKUnhookerLE.EXE
[2011/08/15 09:56:55 | 000,607,017 | R--- | M] (Swearware) -- C:\Users\Door\Desktop\dds.scr
[2011/08/15 09:45:07 | 000,000,000 | ---- | M] () -- C:\Users\Door\defogger_reenable
[2011/08/15 09:36:40 | 000,401,936 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/08/13 12:12:26 | 000,647,086 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/08/13 12:12:26 | 000,123,374 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/08/13 09:46:18 | 000,001,589 | ---- | M] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2011/08/12 22:14:19 | 000,001,080 | ---- | M] () -- C:\Users\Door\Desktop\fm - Shortcut.lnk
[2011/08/12 21:39:24 | 000,050,477 | ---- | M] () -- C:\Users\Door\Desktop\Defogger.exe
[2011/08/11 21:52:53 | 000,047,092 | ---- | M] () -- C:\Windows\System32\license.rtf
[2011/08/11 21:49:20 | 000,000,040 | -H-- | M] () -- C:\Windows\System32\ivireg.ivr
[2011/08/11 21:48:58 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2011/08/11 21:48:58 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\McQcTask.job
[2011/08/11 21:44:29 | 000,000,000 | ---- | M] () -- C:\Windows\VAIOUpdt.INI
[2011/08/11 21:42:17 | 000,000,935 | ---- | M] () -- C:\Users\Public\Desktop\VAIO Guide.lnk
[2011/08/11 21:36:15 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2011/08/11 21:33:32 | 000,001,083 | ---- | M] () -- C:\Users\Public\Desktop\Google Desktop.lnk
[2011/08/11 21:33:18 | 000,000,935 | ---- | M] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2011/08/11 21:33:14 | 000,000,960 | ---- | M] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2011/08/11 21:30:43 | 000,000,422 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2011/08/11 21:27:13 | 000,002,152 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Office - 60 Day Trial.lnk
[2011/08/11 14:40:02 | 000,294,216 | ---- | M] () -- C:\Users\Door\Desktop\gmer.zip
[2011/08/11 14:00:30 | 000,000,943 | ---- | M] () -- C:\Users\Door\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/08/11 13:58:49 | 000,000,000 | RH-- | M] () -- C:\Windows\System32\drivers\Sony_VGN-NR32LS.mrk

========== Files Created - No Company Name ==========

[2011/08/15 14:43:15 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/08/15 14:43:15 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/08/15 14:43:15 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/08/15 14:43:15 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/08/15 14:43:15 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/08/15 10:06:16 | 000,035,490 | ---- | C] () -- C:\Users\Door\Desktop\Report RKUnHooker
[2011/08/15 10:02:51 | 000,139,264 | ---- | C] () -- C:\Users\Door\Desktop\RKUnhookerLE.EXE
[2011/08/15 09:45:07 | 000,000,000 | ---- | C] () -- C:\Users\Door\defogger_reenable
[2011/08/15 09:43:16 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/08/15 09:43:15 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/08/15 09:43:15 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/08/13 09:46:18 | 000,001,589 | ---- | C] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2011/08/12 23:11:47 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2011/08/12 22:14:19 | 000,001,080 | ---- | C] () -- C:\Users\Door\Desktop\fm - Shortcut.lnk
[2011/08/12 21:56:51 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/08/12 21:56:51 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/08/12 21:56:34 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2011/08/12 21:39:19 | 000,050,477 | ---- | C] () -- C:\Users\Door\Desktop\Defogger.exe
[2011/08/11 21:49:16 | 000,000,040 | -H-- | C] () -- C:\Windows\System32\ivireg.ivr
[2011/08/11 21:44:29 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2011/08/11 21:43:47 | 000,000,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO MusicBox.lnk
[2011/08/11 21:42:39 | 000,001,809 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Media plus.lnk
[2011/08/11 21:42:17 | 000,000,947 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Guide.lnk
[2011/08/11 21:42:17 | 000,000,935 | ---- | C] () -- C:\Users\Public\Desktop\VAIO Guide.lnk
[2011/08/11 21:41:37 | 000,001,002 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Data Restore Tool.lnk
[2011/08/11 21:36:32 | 000,000,825 | ---- | C] () -- C:\Users\Public\Desktop\My Club VAIO.lnk
[2011/08/11 21:36:32 | 000,000,825 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Club VAIO.lnk
[2011/08/11 21:36:25 | 000,018,183 | ---- | C] () -- C:\Windows\System32\Config.MPF
[2011/08/11 21:36:15 | 000,000,811 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2011/08/11 21:34:45 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\McDefragTask.job
[2011/08/11 21:34:44 | 000,000,348 | ---- | C] () -- C:\Windows\tasks\McQcTask.job
[2011/08/11 21:33:32 | 000,001,083 | ---- | C] () -- C:\Users\Public\Desktop\Google Desktop.lnk
[2011/08/11 21:33:18 | 000,000,935 | ---- | C] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2011/08/11 21:33:14 | 000,000,960 | ---- | C] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2011/08/11 21:32:54 | 000,000,914 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Click to Disc Editor.lnk
[2011/08/11 21:31:41 | 000,001,551 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Movie Story.lnk
[2011/08/11 21:31:18 | 000,001,890 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Click to Disc.lnk
[2011/08/11 21:31:18 | 000,001,850 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Content Exporter.lnk
[2011/08/11 21:30:43 | 000,000,422 | ---- | C] () -- C:\Windows\System32\mapisvc.inf
[2011/08/11 21:27:13 | 000,002,152 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Office - 60 Day Trial.lnk
[2011/08/11 21:16:09 | 2137,448,448 | -HS- | C] () -- C:\hiberfil.sys
[2011/08/11 14:40:01 | 000,294,216 | ---- | C] () -- C:\Users\Door\Desktop\gmer.zip
[2011/08/11 14:07:42 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/11 14:07:41 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/11 14:00:30 | 000,000,943 | ---- | C] () -- C:\Users\Door\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/08/11 13:58:49 | 000,000,000 | RH-- | C] () -- C:\Windows\System32\drivers\Sony_VGN-NR32LS.mrk
[2011/08/11 13:58:34 | 000,001,356 | ---- | C] () -- C:\Users\Door\AppData\Local\d3d9caps.dat
[2011/08/11 13:58:28 | 000,028,095 | ---- | C] () -- C:\Users\Door\AppData\Roaming\nvModes.dat
[2011/08/11 13:58:28 | 000,028,095 | ---- | C] () -- C:\Users\Door\AppData\Roaming\nvModes.001
[2011/08/11 13:58:28 | 000,000,949 | ---- | C] () -- C:\Users\Door\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/08/11 13:58:28 | 000,000,944 | ---- | C] () -- C:\Users\Door\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/08/11 13:58:28 | 000,000,915 | ---- | C] () -- C:\Users\Door\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/08/11 13:58:28 | 000,000,258 | ---- | C] () -- C:\Users\Door\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/08/11 13:58:28 | 000,000,240 | ---- | C] () -- C:\Users\Door\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2008/02/05 01:09:01 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1295.dll
[2008/02/05 01:09:00 | 000,910,464 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2008/02/05 01:08:45 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007/09/12 00:57:44 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007/09/12 00:54:26 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 000,401,936 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,647,086 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,123,374 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

< End of report >

Thank you

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:49 PM

Posted 15 August 2011 - 05:06 PM

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 Norro1983

Norro1983
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 15 August 2011 - 05:11 PM

Hi, Scan log as follows:

aswMBR version 0.9.8.978 Copyright© 2011 AVAST Software
Run date: 2011-08-15 23:07:51
-----------------------------
23:07:51.611 OS Version: Windows 6.0.6001 Service Pack 1
23:07:51.611 Number of processors: 2 586 0xF0D
23:07:51.611 ComputerName: DOOR-PC UserName: Door
23:08:11.236 Initialize success
23:08:26.577 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
23:08:26.577 Disk 0 Vendor: MD02500- 11.0 Size: 238475MB BusType: 3
23:08:26.577 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000060
23:08:26.577 Disk 1 Vendor: ( Size: 238475MB BusType: 0
23:08:26.592 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000061
23:08:26.592 Disk 2 Vendor: ( Size: 238475MB BusType: 0
23:08:26.639 Disk 0 MBR read successfully
23:08:26.639 Disk 0 MBR scan
23:08:26.639 Disk 0 Windows VISTA default MBR code
23:08:26.655 Disk 0 scanning sectors +488394752
23:08:26.733 Disk 0 scanning C:\Windows\system32\drivers
23:08:31.772 Service scanning
23:08:32.957 Modules scanning
23:08:38.698 Disk 0 trace - called modules:
23:08:38.714 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys
23:08:38.729 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8526a410]
23:08:38.729 3 CLASSPNP.SYS[87ba1745] -> nt!IofCallDriver -> [0x848046a0]
23:08:38.745 5 acpi.sys[806916a0] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x84806030]
23:08:38.745 Scan finished successfully
23:08:47.652 Disk 0 MBR has been saved successfully to "C:\Users\Door\Desktop\MBR.dat"
23:08:47.668 The log file has been saved successfully to "C:\Users\Door\Desktop\aswMBR.txt"


Thanks




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users