Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Anti-virus won't Install and Task Manager won't open


  • Please log in to reply
11 replies to this topic

#1 NANCY Arias

NANCY Arias

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:29 AM

Posted 05 March 2012 - 12:24 AM

Hello. I bought a used computer today for my children to use($20.00) and it just doesn't seem right.(Was told it worked great.) Task manager doesn't open, tried the 3 different ways I knew how and nothing. I can't get any antivirus to download and can't get ad-aware to open. Searches are screwy as well. There is a number of programs installed on the pc that I have no idea what they are. One was Frost Wire and I tried uninstalling that but it seems like it was just a partial uninstall, pieces still left on pc. I tried running Hijack this but got an error message saying denied write access to the Hosts file. I ran this notepad C:\WINDOWS\System32\drivers\etc\hosts but have no idea what to do with it :)
Any suggestions to get Virus protection, task manager to open and searches fixed? AND whatever else is lurking I have yet to discover. Any help would be appreciated. I didn't spend much on this thing but would love to get it running right for the kids to use for school (we home school). THANK YOU!!!!

Edited by hamluis, 05 March 2012 - 07:18 AM.
Moved from XP to Am I Infected.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:29 AM

Posted 05 March 2012 - 08:51 AM

copy these tools from a clean PC to infected one

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 NANCY Arias

NANCY Arias
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:29 AM

Posted 05 March 2012 - 05:38 PM

Since posting this I was able to download and run Super Anti-Spyware which removed over 1500 problems. Task manager now opens, was able to install and run AVG free; which reported nothing wrong. It still seems a bit off and am afraid other things are lurking. I didn't see this post until this afternoon. Going to go ahead and do what you listed above and will be posting back soon. Thank you.

#4 NANCY Arias

NANCY Arias
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:29 AM

Posted 05 March 2012 - 07:05 PM

OK here are the logs:

TDDSSKILLER

16:43:26.0765 1408 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39
16:43:27.0125 1408 ============================================================
16:43:27.0125 1408 Current date / time: 2012/03/05 16:43:27.0125
16:43:27.0125 1408 SystemInfo:
16:43:27.0125 1408
16:43:27.0125 1408 OS Version: 5.1.2600 ServicePack: 3.0
16:43:27.0125 1408 Product type: Workstation
16:43:27.0125 1408 ComputerName: VALUED-26270799
16:43:27.0125 1408 UserName: soonernise 55
16:43:27.0125 1408 Windows directory: C:\WINDOWS
16:43:27.0125 1408 System windows directory: C:\WINDOWS
16:43:27.0125 1408 Processor architecture: Intel x86
16:43:27.0125 1408 Number of processors: 1
16:43:27.0125 1408 Page size: 0x1000
16:43:27.0125 1408 Boot type: Normal boot
16:43:27.0125 1408 ============================================================
16:43:29.0031 1408 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:43:29.0031 1408 Drive \Device\Harddisk1\DR4 - Size: 0xEEE00000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:43:29.0031 1408 \Device\Harddisk0\DR0:
16:43:29.0031 1408 MBR used
16:43:29.0031 1408 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
16:43:29.0031 1408 \Device\Harddisk1\DR4:
16:43:29.0046 1408 MBR used
16:43:29.0046 1408 \Device\Harddisk1\DR4\Partition0: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0x775080
16:43:29.0062 1408 Initialize success
16:43:29.0062 1408 ============================================================
16:43:50.0343 2584 ============================================================
16:43:50.0343 2584 Scan started
16:43:50.0343 2584 Mode: Manual; TDLFS;
16:43:50.0343 2584 ============================================================
16:43:50.0578 2584 Abiosdsk - ok
16:43:50.0609 2584 abp480n5 - ok
16:43:50.0687 2584 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:43:50.0703 2584 ACPI - ok
16:43:50.0812 2584 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
16:43:50.0812 2584 ACPIEC - ok
16:43:50.0890 2584 adpu160m - ok
16:43:50.0968 2584 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
16:43:50.0984 2584 aec - ok
16:43:51.0109 2584 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
16:43:51.0125 2584 AFD - ok
16:43:51.0203 2584 Aha154x - ok
16:43:51.0234 2584 aic78u2 - ok
16:43:51.0265 2584 aic78xx - ok
16:43:51.0328 2584 AliIde - ok
16:43:51.0343 2584 amsint - ok
16:43:51.0406 2584 asc - ok
16:43:51.0437 2584 asc3350p - ok
16:43:51.0468 2584 asc3550 - ok
16:43:51.0531 2584 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:43:51.0531 2584 AsyncMac - ok
16:43:51.0656 2584 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
16:43:51.0656 2584 atapi - ok
16:43:51.0734 2584 Atdisk - ok
16:43:51.0796 2584 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:43:51.0796 2584 Atmarpc - ok
16:43:51.0921 2584 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
16:43:51.0921 2584 audstub - ok
16:43:52.0062 2584 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
16:43:52.0062 2584 AVGIDSDriver - ok
16:43:52.0203 2584 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
16:43:52.0203 2584 AVGIDSEH - ok
16:43:52.0234 2584 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
16:43:52.0234 2584 AVGIDSFilter - ok
16:43:52.0281 2584 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
16:43:52.0281 2584 AVGIDSShim - ok
16:43:52.0343 2584 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
16:43:52.0343 2584 Avgldx86 - ok
16:43:52.0484 2584 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
16:43:52.0484 2584 Avgmfx86 - ok
16:43:52.0609 2584 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
16:43:52.0609 2584 Avgrkx86 - ok
16:43:52.0687 2584 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
16:43:52.0703 2584 Avgtdix - ok
16:43:52.0843 2584 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
16:43:52.0859 2584 Beep - ok
16:43:52.0937 2584 BIOS (be5d50529799b9bab6be879ec768b6cf) C:\WINDOWS\system32\drivers\BIOS.sys
16:43:52.0937 2584 BIOS - ok
16:43:53.0031 2584 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
16:43:53.0031 2584 cbidf2k - ok
16:43:53.0062 2584 cd20xrnt - ok
16:43:53.0109 2584 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
16:43:53.0125 2584 Cdaudio - ok
16:43:53.0187 2584 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
16:43:53.0187 2584 Cdfs - ok
16:43:53.0296 2584 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:43:53.0312 2584 Cdrom - ok
16:43:53.0390 2584 Changer - ok
16:43:53.0437 2584 CmdIde - ok
16:43:53.0515 2584 Cpqarray - ok
16:43:53.0562 2584 dac2w2k - ok
16:43:53.0593 2584 dac960nt - ok
16:43:53.0687 2584 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
16:43:53.0687 2584 Disk - ok
16:43:53.0843 2584 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
16:43:53.0875 2584 dmboot - ok
16:43:54.0000 2584 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
16:43:54.0000 2584 dmio - ok
16:43:54.0109 2584 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
16:43:54.0109 2584 dmload - ok
16:43:54.0187 2584 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
16:43:54.0187 2584 DMusic - ok
16:43:54.0296 2584 dpti2o - ok
16:43:54.0375 2584 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
16:43:54.0375 2584 drmkaud - ok
16:43:54.0546 2584 exFat (3ef58f2eae3aecab45d682152db2f67d) C:\WINDOWS\system32\drivers\exFat.sys
16:43:54.0546 2584 exFat - ok
16:43:54.0671 2584 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
16:43:54.0671 2584 Fastfat - ok
16:43:54.0796 2584 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
16:43:54.0796 2584 Fdc - ok
16:43:54.0906 2584 FET5X86V (5faa391f5b4cd2c38be7ca270e13b444) C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
16:43:54.0906 2584 FET5X86V - ok
16:43:55.0015 2584 FETNDIS (e9648254056bce81a85380c0c3647dc4) C:\WINDOWS\system32\DRIVERS\fetnd5.sys
16:43:55.0015 2584 FETNDIS - ok
16:43:55.0140 2584 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
16:43:55.0140 2584 Fips - ok
16:43:55.0250 2584 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:43:55.0250 2584 Flpydisk - ok
16:43:55.0359 2584 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
16:43:55.0375 2584 FltMgr - ok
16:43:55.0484 2584 Fs_Rec (c865b83411d7347627a4beec22543fb1) C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:43:55.0484 2584 Fs_Rec - ok
16:43:55.0531 2584 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:43:55.0546 2584 Ftdisk - ok
16:43:55.0609 2584 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:43:55.0609 2584 Gpc - ok
16:43:55.0718 2584 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:43:55.0718 2584 HDAudBus - ok
16:43:55.0859 2584 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:43:55.0859 2584 HidUsb - ok
16:43:55.0953 2584 hpn - ok
16:43:56.0031 2584 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
16:43:56.0046 2584 HTTP - ok
16:43:56.0140 2584 i2omgmt - ok
16:43:56.0171 2584 i2omp - ok
16:43:56.0234 2584 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:43:56.0234 2584 i8042prt - ok
16:43:56.0343 2584 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
16:43:56.0343 2584 Imapi - ok
16:43:56.0484 2584 ini910u - ok
16:43:56.0531 2584 IntcAzAudAddService - ok
16:43:56.0562 2584 IntelIde - ok
16:43:56.0640 2584 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:43:56.0640 2584 intelppm - ok
16:43:56.0750 2584 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
16:43:56.0750 2584 Ip6Fw - ok
16:43:56.0875 2584 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:43:56.0875 2584 IpFilterDriver - ok
16:43:57.0000 2584 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:43:57.0000 2584 IpInIp - ok
16:43:57.0140 2584 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:43:57.0140 2584 IpNat - ok
16:43:57.0250 2584 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:43:57.0265 2584 IPSec - ok
16:43:57.0359 2584 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
16:43:57.0359 2584 IRENUM - ok
16:43:57.0531 2584 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:43:57.0531 2584 isapnp - ok
16:43:57.0640 2584 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:43:57.0640 2584 Kbdclass - ok
16:43:57.0796 2584 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:43:57.0796 2584 kbdhid - ok
16:43:57.0921 2584 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
16:43:57.0921 2584 kmixer - ok
16:43:58.0062 2584 KSecDD (c6ebf1d6ad71df30db49b8d3287e1368) C:\WINDOWS\system32\drivers\KSecDD.sys
16:43:58.0062 2584 KSecDD - ok
16:43:58.0218 2584 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
16:43:58.0218 2584 Lavasoft Kernexplorer - ok
16:43:58.0343 2584 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
16:43:58.0343 2584 Lbd - ok
16:43:58.0453 2584 lbrtfdc - ok
16:43:58.0578 2584 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
16:43:58.0593 2584 mnmdd - ok
16:43:58.0703 2584 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
16:43:58.0703 2584 Modem - ok
16:43:58.0875 2584 monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\monfilt.sys
16:43:58.0921 2584 monfilt - ok
16:43:59.0062 2584 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:43:59.0062 2584 Mouclass - ok
16:43:59.0156 2584 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:43:59.0156 2584 mouhid - ok
16:43:59.0218 2584 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
16:43:59.0218 2584 MountMgr - ok
16:43:59.0250 2584 mraid35x - ok
16:43:59.0296 2584 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:43:59.0296 2584 MRxDAV - ok
16:43:59.0390 2584 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:43:59.0437 2584 MRxSmb - ok
16:43:59.0562 2584 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
16:43:59.0562 2584 Msfs - ok
16:43:59.0671 2584 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:43:59.0671 2584 MSKSSRV - ok
16:43:59.0796 2584 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:43:59.0796 2584 MSPCLOCK - ok
16:43:59.0906 2584 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
16:43:59.0906 2584 MSPQM - ok
16:44:00.0015 2584 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:44:00.0031 2584 mssmbios - ok
16:44:00.0125 2584 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
16:44:00.0125 2584 Mup - ok
16:44:00.0250 2584 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
16:44:00.0250 2584 NDIS - ok
16:44:00.0375 2584 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:44:00.0375 2584 NdisTapi - ok
16:44:00.0500 2584 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:44:00.0500 2584 Ndisuio - ok
16:44:00.0609 2584 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:44:00.0609 2584 NdisWan - ok
16:44:00.0750 2584 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
16:44:00.0750 2584 NDProxy - ok
16:44:00.0875 2584 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
16:44:00.0875 2584 NetBIOS - ok
16:44:01.0000 2584 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
16:44:01.0000 2584 NetBT - ok
16:44:01.0171 2584 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
16:44:01.0171 2584 Npfs - ok
16:44:01.0328 2584 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
16:44:01.0359 2584 Ntfs - ok
16:44:01.0531 2584 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
16:44:01.0531 2584 Null - ok
16:44:01.0640 2584 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:44:01.0640 2584 NwlnkFlt - ok
16:44:01.0671 2584 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:44:01.0671 2584 NwlnkFwd - ok
16:44:01.0765 2584 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
16:44:01.0765 2584 Parport - ok
16:44:01.0812 2584 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
16:44:01.0812 2584 PartMgr - ok
16:44:01.0875 2584 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
16:44:01.0875 2584 ParVdm - ok
16:44:01.0921 2584 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
16:44:01.0937 2584 PCI - ok
16:44:01.0984 2584 PCIDump - ok
16:44:02.0031 2584 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
16:44:02.0031 2584 PCIIde - ok
16:44:02.0078 2584 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
16:44:02.0078 2584 Pcmcia - ok
16:44:02.0187 2584 PDCOMP - ok
16:44:02.0218 2584 PDFRAME - ok
16:44:02.0250 2584 PDRELI - ok
16:44:02.0265 2584 PDRFRAME - ok
16:44:02.0296 2584 perc2 - ok
16:44:02.0328 2584 perc2hib - ok
16:44:02.0468 2584 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:44:02.0468 2584 PptpMiniport - ok
16:44:02.0593 2584 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
16:44:02.0593 2584 PSched - ok
16:44:02.0703 2584 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:44:02.0703 2584 Ptilink - ok
16:44:02.0765 2584 Ptserlp (ace8fe0e920cb8fba057c024ead33f84) C:\WINDOWS\system32\DRIVERS\ptserlp.sys
16:44:02.0765 2584 Ptserlp - ok
16:44:02.0859 2584 ql1080 - ok
16:44:02.0890 2584 Ql10wnt - ok
16:44:02.0921 2584 ql12160 - ok
16:44:02.0968 2584 ql1240 - ok
16:44:03.0000 2584 ql1280 - ok
16:44:03.0062 2584 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:44:03.0062 2584 RasAcd - ok
16:44:03.0187 2584 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:44:03.0187 2584 Rasl2tp - ok
16:44:03.0328 2584 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:44:03.0328 2584 RasPppoe - ok
16:44:03.0437 2584 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
16:44:03.0437 2584 Raspti - ok
16:44:03.0515 2584 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:44:03.0515 2584 Rdbss - ok
16:44:03.0640 2584 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:44:03.0640 2584 RDPCDD - ok
16:44:03.0734 2584 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
16:44:03.0750 2584 RDPWD - ok
16:44:03.0875 2584 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
16:44:03.0875 2584 redbook - ok
16:44:04.0015 2584 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
16:44:04.0015 2584 ROOTMODEM - ok
16:44:04.0218 2584 S3GIGP (861e6b8b54cf678400be310007557ae9) C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys
16:44:04.0250 2584 S3GIGP - ok
16:44:04.0359 2584 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
16:44:04.0359 2584 SASDIFSV - ok
16:44:04.0390 2584 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
16:44:04.0390 2584 SASKUTIL - ok
16:44:04.0531 2584 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:44:04.0531 2584 Secdrv - ok
16:44:04.0687 2584 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
16:44:04.0687 2584 serenum - ok
16:44:04.0796 2584 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
16:44:04.0796 2584 Serial - ok
16:44:04.0906 2584 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
16:44:04.0906 2584 Sfloppy - ok
16:44:05.0000 2584 Simbad - ok
16:44:05.0046 2584 Sparrow - ok
16:44:05.0109 2584 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
16:44:05.0109 2584 splitter - ok
16:44:05.0250 2584 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
16:44:05.0250 2584 sr - ok
16:44:05.0406 2584 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
16:44:05.0453 2584 Srv - ok
16:44:05.0609 2584 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
16:44:05.0609 2584 swenum - ok
16:44:05.0734 2584 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
16:44:05.0734 2584 swmidi - ok
16:44:05.0828 2584 symc810 - ok
16:44:05.0859 2584 symc8xx - ok
16:44:05.0906 2584 sym_hi - ok
16:44:05.0937 2584 sym_u3 - ok
16:44:06.0000 2584 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
16:44:06.0000 2584 sysaudio - ok
16:44:06.0171 2584 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:44:06.0187 2584 Tcpip - ok
16:44:06.0312 2584 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
16:44:06.0312 2584 TDPIPE - ok
16:44:06.0437 2584 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
16:44:06.0437 2584 TDTCP - ok
16:44:06.0562 2584 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
16:44:06.0578 2584 TermDD - ok
16:44:06.0687 2584 TosIde - ok
16:44:06.0765 2584 uagp35 (d85938f272d1bcf3db3a31fc0a048928) C:\WINDOWS\system32\DRIVERS\uagp35.sys
16:44:06.0781 2584 uagp35 - ok
16:44:06.0890 2584 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
16:44:06.0890 2584 Udfs - ok
16:44:06.0984 2584 ultra - ok
16:44:07.0078 2584 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
16:44:07.0109 2584 Update - ok
16:44:07.0250 2584 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
16:44:07.0265 2584 usbaudio - ok
16:44:07.0328 2584 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:44:07.0328 2584 usbccgp - ok
16:44:07.0437 2584 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:44:07.0437 2584 usbehci - ok
16:44:07.0562 2584 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:44:07.0562 2584 usbhub - ok
16:44:07.0671 2584 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:44:07.0671 2584 USBSTOR - ok
16:44:07.0796 2584 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:44:07.0796 2584 usbuhci - ok
16:44:07.0906 2584 VClone (94d73b62e458fb56c9ce60aa96d914f9) C:\WINDOWS\system32\DRIVERS\VClone.sys
16:44:07.0906 2584 VClone - ok
16:44:07.0984 2584 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
16:44:07.0984 2584 VgaSave - ok
16:44:08.0109 2584 VIAHdAudAddService (1c43d4c8818dcbd8814e7c260744bcc4) C:\WINDOWS\system32\drivers\viahduaa.sys
16:44:08.0140 2584 VIAHdAudAddService - ok
16:44:08.0281 2584 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
16:44:08.0281 2584 ViaIde - ok
16:44:08.0343 2584 videX32 (cbad598bb71ccc9f725ea042d7be4e35) C:\WINDOWS\system32\DRIVERS\videX32.sys
16:44:08.0343 2584 videX32 - ok
16:44:08.0406 2584 Vmodem (b289d19df6103352d3c4b13c0ed79331) C:\WINDOWS\system32\DRIVERS\vmodem.sys
16:44:08.0421 2584 Vmodem - ok
16:44:08.0531 2584 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
16:44:08.0531 2584 VolSnap - ok
16:44:08.0625 2584 Vpctcom (4a4448332075c5a909df123c21616b2a) C:\WINDOWS\system32\DRIVERS\vpctcom.sys
16:44:08.0640 2584 Vpctcom - ok
16:44:08.0796 2584 Vvoice (120e61aac05f00c867a32de493dab9b4) C:\WINDOWS\system32\DRIVERS\vvoice.sys
16:44:08.0796 2584 Vvoice - ok
16:44:08.0937 2584 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:44:08.0937 2584 Wanarp - ok
16:44:09.0015 2584 wanatw - ok
16:44:09.0046 2584 WDICA - ok
16:44:09.0125 2584 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
16:44:09.0125 2584 wdmaud - ok
16:44:09.0359 2584 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
16:44:09.0359 2584 WpdUsb - ok
16:44:09.0531 2584 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:44:09.0531 2584 WudfPf - ok
16:44:09.0640 2584 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:44:09.0640 2584 WudfRd - ok
16:44:09.0781 2584 xfilt (8b9d689780063bb988c3e9e791925dcf) C:\WINDOWS\system32\DRIVERS\xfilt.sys
16:44:09.0781 2584 xfilt - ok
16:44:09.0906 2584 zntport (f2f291f29b4ece0394f9a28f8e829afa) C:\WINDOWS\System32\drivers\zntport.sys
16:44:09.0906 2584 zntport - ok
16:44:09.0984 2584 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
16:44:10.0156 2584 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:44:10.0156 2584 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:44:10.0171 2584 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR4
16:44:13.0796 2584 \Device\Harddisk1\DR4 - ok
16:44:13.0812 2584 Boot (0x1200) (dbd13e32cb2b17a071c3251cb45a71f8) \Device\Harddisk0\DR0\Partition0
16:44:13.0812 2584 \Device\Harddisk0\DR0\Partition0 - ok
16:44:13.0843 2584 Boot (0x1200) (6d00fac74030fd69f11bf6d3b1605a81) \Device\Harddisk1\DR4\Partition0
16:44:13.0843 2584 \Device\Harddisk1\DR4\Partition0 - ok
16:44:13.0859 2584 ============================================================
16:44:13.0859 2584 Scan finished
16:44:13.0859 2584 ============================================================
16:44:13.0890 3868 Detected object count: 1
16:44:13.0890 3868 Actual detected object count: 1





gmer.log:

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-03-05 17:20:31
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-12 WDC_WD800BB-53DKA0 rev.77.07W77
Running: fnn74k56.exe; Driver: C:\DOCUME~1\SOONER~1\LOCALS~1\Temp\kfndaaog.sys


---- System - GMER 1.0.15 ----

SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xF764787E]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xAD980F3C]
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xF7647BFE]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xAD980FE4]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xAD981080]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xAD98111C]

---- Kernel code sections - GMER 1.0.15 ----

init C:\WINDOWS\system32\drivers\monfilt.sys entry point in "init" section [0xB98C6280]

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )

---- EOF - GMER 1.0.15 ----



aswMBR:

aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-05 17:21:15
-----------------------------
17:21:15.468 OS Version: Windows 5.1.2600 Service Pack 3
17:21:15.468 Number of processors: 1 586 0x209
17:21:15.468 ComputerName: VALUED-26270799 UserName: soonernise 55
17:21:16.078 Initialize success
17:24:02.625 AVAST engine defs: 12030501
17:24:07.890 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-12
17:24:07.890 Disk 0 Vendor: WDC_WD800BB-53DKA0 77.07W77 Size: 76319MB BusType: 3
17:24:07.906 Disk 0 MBR read successfully
17:24:07.906 Disk 0 MBR scan
17:24:07.921 Disk 0 Windows XP default MBR code
17:24:07.937 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 63
17:24:07.953 Disk 0 scanning sectors +156280320
17:24:08.140 Disk 0 scanning C:\WINDOWS\system32\drivers
17:24:33.968 Service scanning
17:24:56.953 Modules scanning
17:25:51.078 Disk 0 trace - called modules:
17:25:51.109 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys videX32.sys PCIIDEX.SYS
17:25:51.109 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x897f9ab8]
17:25:51.625 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\0000006c[0x89799030]
17:25:51.625 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-12[0x897bb940]
17:25:51.968 AVAST engine scan C:\WINDOWS
17:26:27.203 AVAST engine scan C:\WINDOWS\system32
17:34:11.359 AVAST engine scan C:\WINDOWS\system32\drivers
17:35:44.906 AVAST engine scan C:\Documents and Settings\soonernise 55
17:41:11.968 AVAST engine scan C:\Documents and Settings\All Users
17:43:17.765 Scan finished successfully
17:59:04.281 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\soonernise 55\Desktop\MBR.dat"
17:59:04.281 The log file has been saved successfully to "C:\Documents and Settings\soonernise 55\Desktop\aswMBR.txt"


Thank you!!

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:29 AM

Posted 06 March 2012 - 01:52 AM

TDSSkiller log is incomplete,run it once again and copy,paste the complte content

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#6 NANCY Arias

NANCY Arias
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:29 AM

Posted 06 March 2012 - 08:37 AM

Here is the tddsskiller log:


07:30:28.0453 1644 TDSS rootkit removing tool 2.7.19.0 Mar 5 2012 11:23:39
07:30:28.0796 1644 ============================================================
07:30:28.0796 1644 Current date / time: 2012/03/06 07:30:28.0796
07:30:28.0796 1644 SystemInfo:
07:30:28.0796 1644
07:30:28.0812 1644 OS Version: 5.1.2600 ServicePack: 3.0
07:30:28.0812 1644 Product type: Workstation
07:30:28.0812 1644 ComputerName: VALUED-26270799
07:30:28.0812 1644 UserName: soonernise 55
07:30:28.0812 1644 Windows directory: C:\WINDOWS
07:30:28.0812 1644 System windows directory: C:\WINDOWS
07:30:28.0812 1644 Processor architecture: Intel x86
07:30:28.0812 1644 Number of processors: 1
07:30:28.0812 1644 Page size: 0x1000
07:30:28.0812 1644 Boot type: Normal boot
07:30:28.0812 1644 ============================================================
07:30:31.0687 1644 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
07:30:31.0687 1644 \Device\Harddisk0\DR0:
07:30:31.0687 1644 MBR used
07:30:31.0687 1644 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
07:30:31.0718 1644 Initialize success
07:30:31.0718 1644 ============================================================
07:30:59.0437 3344 ============================================================
07:30:59.0437 3344 Scan started
07:30:59.0437 3344 Mode: Manual; TDLFS;
07:30:59.0437 3344 ============================================================
07:30:59.0656 3344 Abiosdsk - ok
07:30:59.0687 3344 abp480n5 - ok
07:30:59.0765 3344 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
07:30:59.0765 3344 ACPI - ok
07:30:59.0890 3344 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
07:30:59.0890 3344 ACPIEC - ok
07:31:00.0000 3344 adpu160m - ok
07:31:00.0078 3344 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
07:31:00.0093 3344 aec - ok
07:31:00.0265 3344 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
07:31:00.0281 3344 AFD - ok
07:31:00.0375 3344 Aha154x - ok
07:31:00.0406 3344 aic78u2 - ok
07:31:00.0453 3344 aic78xx - ok
07:31:00.0500 3344 AliIde - ok
07:31:00.0531 3344 amsint - ok
07:31:00.0562 3344 asc - ok
07:31:00.0593 3344 asc3350p - ok
07:31:00.0625 3344 asc3550 - ok
07:31:00.0671 3344 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
07:31:00.0671 3344 AsyncMac - ok
07:31:00.0812 3344 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
07:31:00.0812 3344 atapi - ok
07:31:00.0890 3344 Atdisk - ok
07:31:00.0953 3344 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
07:31:00.0953 3344 Atmarpc - ok
07:31:01.0125 3344 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
07:31:01.0156 3344 audstub - ok
07:31:01.0312 3344 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
07:31:01.0312 3344 AVGIDSDriver - ok
07:31:01.0437 3344 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
07:31:01.0453 3344 AVGIDSEH - ok
07:31:01.0562 3344 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
07:31:01.0578 3344 AVGIDSFilter - ok
07:31:01.0625 3344 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
07:31:01.0625 3344 AVGIDSShim - ok
07:31:01.0656 3344 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
07:31:01.0671 3344 Avgldx86 - ok
07:31:01.0796 3344 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
07:31:01.0812 3344 Avgmfx86 - ok
07:31:01.0921 3344 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
07:31:01.0921 3344 Avgrkx86 - ok
07:31:02.0031 3344 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
07:31:02.0109 3344 Avgtdix - ok
07:31:02.0250 3344 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
07:31:02.0250 3344 Beep - ok
07:31:02.0312 3344 BIOS (be5d50529799b9bab6be879ec768b6cf) C:\WINDOWS\system32\drivers\BIOS.sys
07:31:02.0437 3344 BIOS - ok
07:31:02.0562 3344 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
07:31:02.0593 3344 cbidf2k - ok
07:31:02.0671 3344 cd20xrnt - ok
07:31:02.0734 3344 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
07:31:02.0765 3344 Cdaudio - ok
07:31:02.0890 3344 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
07:31:02.0890 3344 Cdfs - ok
07:31:03.0000 3344 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
07:31:03.0031 3344 Cdrom - ok
07:31:03.0125 3344 Changer - ok
07:31:03.0187 3344 CmdIde - ok
07:31:03.0265 3344 Cpqarray - ok
07:31:03.0312 3344 dac2w2k - ok
07:31:03.0343 3344 dac960nt - ok
07:31:03.0406 3344 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
07:31:03.0406 3344 Disk - ok
07:31:03.0546 3344 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
07:31:03.0578 3344 dmboot - ok
07:31:03.0703 3344 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
07:31:03.0703 3344 dmio - ok
07:31:03.0796 3344 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
07:31:03.0812 3344 dmload - ok
07:31:03.0875 3344 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
07:31:03.0890 3344 DMusic - ok
07:31:04.0000 3344 dpti2o - ok
07:31:04.0078 3344 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
07:31:04.0078 3344 drmkaud - ok
07:31:04.0234 3344 exFat (3ef58f2eae3aecab45d682152db2f67d) C:\WINDOWS\system32\drivers\exFat.sys
07:31:04.0234 3344 exFat - ok
07:31:04.0375 3344 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
07:31:04.0375 3344 Fastfat - ok
07:31:04.0515 3344 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
07:31:04.0531 3344 Fdc - ok
07:31:04.0656 3344 FET5X86V (5faa391f5b4cd2c38be7ca270e13b444) C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
07:31:04.0687 3344 FET5X86V - ok
07:31:04.0812 3344 FETNDIS (e9648254056bce81a85380c0c3647dc4) C:\WINDOWS\system32\DRIVERS\fetnd5.sys
07:31:04.0812 3344 FETNDIS - ok
07:31:04.0937 3344 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
07:31:04.0937 3344 Fips - ok
07:31:05.0062 3344 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
07:31:05.0078 3344 Flpydisk - ok
07:31:05.0203 3344 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
07:31:05.0234 3344 FltMgr - ok
07:31:05.0343 3344 Fs_Rec (c865b83411d7347627a4beec22543fb1) C:\WINDOWS\system32\drivers\Fs_Rec.sys
07:31:05.0359 3344 Fs_Rec - ok
07:31:05.0406 3344 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
07:31:05.0406 3344 Ftdisk - ok
07:31:05.0484 3344 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
07:31:05.0500 3344 Gpc - ok
07:31:05.0593 3344 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
07:31:05.0593 3344 HDAudBus - ok
07:31:05.0718 3344 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
07:31:05.0734 3344 HidUsb - ok
07:31:05.0812 3344 hpn - ok
07:31:05.0906 3344 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
07:31:05.0906 3344 HTTP - ok
07:31:06.0000 3344 i2omgmt - ok
07:31:06.0031 3344 i2omp - ok
07:31:06.0125 3344 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
07:31:06.0125 3344 i8042prt - ok
07:31:06.0218 3344 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
07:31:06.0234 3344 Imapi - ok
07:31:06.0343 3344 ini910u - ok
07:31:06.0406 3344 IntcAzAudAddService - ok
07:31:06.0437 3344 IntelIde - ok
07:31:06.0500 3344 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
07:31:06.0500 3344 intelppm - ok
07:31:06.0609 3344 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
07:31:06.0625 3344 Ip6Fw - ok
07:31:06.0734 3344 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
07:31:06.0750 3344 IpFilterDriver - ok
07:31:06.0875 3344 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
07:31:06.0875 3344 IpInIp - ok
07:31:07.0000 3344 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
07:31:07.0015 3344 IpNat - ok
07:31:07.0156 3344 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
07:31:07.0156 3344 IPSec - ok
07:31:07.0265 3344 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
07:31:07.0281 3344 IRENUM - ok
07:31:07.0406 3344 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
07:31:07.0437 3344 isapnp - ok
07:31:07.0578 3344 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
07:31:07.0593 3344 Kbdclass - ok
07:31:07.0703 3344 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
07:31:07.0703 3344 kbdhid - ok
07:31:07.0812 3344 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
07:31:07.0828 3344 kmixer - ok
07:31:07.0953 3344 KSecDD (c6ebf1d6ad71df30db49b8d3287e1368) C:\WINDOWS\system32\drivers\KSecDD.sys
07:31:07.0953 3344 KSecDD - ok
07:31:08.0125 3344 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
07:31:08.0125 3344 Lavasoft Kernexplorer - ok
07:31:08.0250 3344 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
07:31:08.0281 3344 Lbd - ok
07:31:08.0375 3344 lbrtfdc - ok
07:31:08.0500 3344 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
07:31:08.0515 3344 mnmdd - ok
07:31:08.0625 3344 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
07:31:08.0625 3344 Modem - ok
07:31:08.0796 3344 monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\monfilt.sys
07:31:08.0875 3344 monfilt - ok
07:31:09.0015 3344 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
07:31:09.0015 3344 Mouclass - ok
07:31:09.0156 3344 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
07:31:09.0187 3344 mouhid - ok
07:31:09.0328 3344 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
07:31:09.0328 3344 MountMgr - ok
07:31:09.0484 3344 mraid35x - ok
07:31:09.0593 3344 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
07:31:09.0625 3344 MRxDAV - ok
07:31:09.0843 3344 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
07:31:09.0890 3344 MRxSmb - ok
07:31:10.0062 3344 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
07:31:10.0062 3344 Msfs - ok
07:31:10.0203 3344 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
07:31:10.0203 3344 MSKSSRV - ok
07:31:10.0343 3344 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
07:31:10.0343 3344 MSPCLOCK - ok
07:31:10.0437 3344 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
07:31:10.0437 3344 MSPQM - ok
07:31:10.0500 3344 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
07:31:10.0500 3344 mssmbios - ok
07:31:10.0609 3344 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
07:31:10.0609 3344 Mup - ok
07:31:10.0734 3344 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
07:31:10.0750 3344 NDIS - ok
07:31:10.0843 3344 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
07:31:10.0859 3344 NdisTapi - ok
07:31:10.0968 3344 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
07:31:10.0968 3344 Ndisuio - ok
07:31:11.0093 3344 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
07:31:11.0093 3344 NdisWan - ok
07:31:11.0218 3344 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
07:31:11.0218 3344 NDProxy - ok
07:31:11.0359 3344 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
07:31:11.0359 3344 NetBIOS - ok
07:31:11.0468 3344 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
07:31:11.0484 3344 NetBT - ok
07:31:11.0656 3344 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
07:31:11.0656 3344 Npfs - ok
07:31:11.0750 3344 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
07:31:11.0765 3344 Ntfs - ok
07:31:11.0890 3344 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
07:31:11.0890 3344 Null - ok
07:31:11.0953 3344 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
07:31:11.0953 3344 NwlnkFlt - ok
07:31:12.0000 3344 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
07:31:12.0000 3344 NwlnkFwd - ok
07:31:12.0093 3344 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
07:31:12.0093 3344 Parport - ok
07:31:12.0203 3344 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
07:31:12.0203 3344 PartMgr - ok
07:31:12.0312 3344 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
07:31:12.0312 3344 ParVdm - ok
07:31:12.0390 3344 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
07:31:12.0390 3344 PCI - ok
07:31:12.0468 3344 PCIDump - ok
07:31:12.0531 3344 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
07:31:12.0531 3344 PCIIde - ok
07:31:12.0640 3344 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
07:31:12.0640 3344 Pcmcia - ok
07:31:12.0781 3344 PDCOMP - ok
07:31:12.0812 3344 PDFRAME - ok
07:31:12.0843 3344 PDRELI - ok
07:31:12.0875 3344 PDRFRAME - ok
07:31:12.0906 3344 perc2 - ok
07:31:12.0953 3344 perc2hib - ok
07:31:13.0093 3344 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
07:31:13.0093 3344 PptpMiniport - ok
07:31:13.0218 3344 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
07:31:13.0218 3344 PSched - ok
07:31:13.0359 3344 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
07:31:13.0359 3344 Ptilink - ok
07:31:13.0453 3344 Ptserlp (ace8fe0e920cb8fba057c024ead33f84) C:\WINDOWS\system32\DRIVERS\ptserlp.sys
07:31:13.0453 3344 Ptserlp - ok
07:31:13.0546 3344 ql1080 - ok
07:31:13.0562 3344 Ql10wnt - ok
07:31:13.0609 3344 ql12160 - ok
07:31:13.0640 3344 ql1240 - ok
07:31:13.0671 3344 ql1280 - ok
07:31:13.0734 3344 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
07:31:13.0750 3344 RasAcd - ok
07:31:13.0875 3344 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
07:31:13.0890 3344 Rasl2tp - ok
07:31:14.0015 3344 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
07:31:14.0015 3344 RasPppoe - ok
07:31:14.0156 3344 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
07:31:14.0156 3344 Raspti - ok
07:31:14.0234 3344 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
07:31:14.0250 3344 Rdbss - ok
07:31:14.0359 3344 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
07:31:14.0390 3344 RDPCDD - ok
07:31:14.0531 3344 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
07:31:14.0531 3344 RDPWD - ok
07:31:14.0671 3344 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
07:31:14.0671 3344 redbook - ok
07:31:14.0796 3344 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
07:31:14.0796 3344 ROOTMODEM - ok
07:31:15.0015 3344 S3GIGP (861e6b8b54cf678400be310007557ae9) C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys
07:31:15.0250 3344 S3GIGP - ok
07:31:15.0437 3344 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
07:31:15.0453 3344 SASDIFSV - ok
07:31:15.0625 3344 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
07:31:15.0640 3344 SASKUTIL - ok
07:31:15.0875 3344 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
07:31:15.0890 3344 Secdrv - ok
07:31:16.0046 3344 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
07:31:16.0062 3344 serenum - ok
07:31:16.0328 3344 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
07:31:16.0343 3344 Serial - ok
07:31:16.0640 3344 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
07:31:16.0656 3344 Sfloppy - ok
07:31:16.0875 3344 Simbad - ok
07:31:17.0093 3344 Sparrow - ok
07:31:17.0281 3344 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
07:31:17.0296 3344 splitter - ok
07:31:17.0500 3344 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
07:31:17.0500 3344 sr - ok
07:31:17.0734 3344 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
07:31:17.0796 3344 Srv - ok
07:31:18.0078 3344 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
07:31:18.0093 3344 swenum - ok
07:31:18.0375 3344 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
07:31:18.0406 3344 swmidi - ok
07:31:18.0625 3344 symc810 - ok
07:31:18.0812 3344 symc8xx - ok
07:31:19.0000 3344 sym_hi - ok
07:31:19.0187 3344 sym_u3 - ok
07:31:19.0453 3344 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
07:31:19.0468 3344 sysaudio - ok
07:31:19.0796 3344 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
07:31:19.0812 3344 Tcpip - ok
07:31:20.0031 3344 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
07:31:20.0046 3344 TDPIPE - ok
07:31:20.0265 3344 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
07:31:20.0265 3344 TDTCP - ok
07:31:20.0421 3344 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
07:31:20.0500 3344 TermDD - ok
07:31:20.0640 3344 TosIde - ok
07:31:20.0796 3344 uagp35 (d85938f272d1bcf3db3a31fc0a048928) C:\WINDOWS\system32\DRIVERS\uagp35.sys
07:31:20.0828 3344 uagp35 - ok
07:31:20.0953 3344 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
07:31:21.0046 3344 Udfs - ok
07:31:21.0218 3344 ultra - ok
07:31:21.0531 3344 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
07:31:21.0625 3344 Update - ok
07:31:21.0812 3344 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
07:31:21.0906 3344 usbaudio - ok
07:31:22.0031 3344 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
07:31:22.0093 3344 usbccgp - ok
07:31:22.0234 3344 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
07:31:22.0312 3344 usbehci - ok
07:31:22.0453 3344 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
07:31:22.0562 3344 usbhub - ok
07:31:22.0703 3344 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
07:31:22.0703 3344 USBSTOR - ok
07:31:22.0859 3344 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
07:31:22.0859 3344 usbuhci - ok
07:31:23.0000 3344 VClone (94d73b62e458fb56c9ce60aa96d914f9) C:\WINDOWS\system32\DRIVERS\VClone.sys
07:31:23.0109 3344 VClone - ok
07:31:23.0296 3344 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
07:31:23.0296 3344 VgaSave - ok
07:31:23.0531 3344 VIAHdAudAddService (1c43d4c8818dcbd8814e7c260744bcc4) C:\WINDOWS\system32\drivers\viahduaa.sys
07:31:23.0593 3344 VIAHdAudAddService - ok
07:31:23.0734 3344 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
07:31:23.0734 3344 ViaIde - ok
07:31:23.0859 3344 videX32 (cbad598bb71ccc9f725ea042d7be4e35) C:\WINDOWS\system32\DRIVERS\videX32.sys
07:31:23.0890 3344 videX32 - ok
07:31:24.0078 3344 Vmodem (b289d19df6103352d3c4b13c0ed79331) C:\WINDOWS\system32\DRIVERS\vmodem.sys
07:31:24.0109 3344 Vmodem - ok
07:31:24.0328 3344 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
07:31:24.0328 3344 VolSnap - ok
07:31:24.0484 3344 Vpctcom (4a4448332075c5a909df123c21616b2a) C:\WINDOWS\system32\DRIVERS\vpctcom.sys
07:31:24.0531 3344 Vpctcom - ok
07:31:24.0687 3344 Vvoice (120e61aac05f00c867a32de493dab9b4) C:\WINDOWS\system32\DRIVERS\vvoice.sys
07:31:24.0687 3344 Vvoice - ok
07:31:24.0828 3344 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
07:31:24.0828 3344 Wanarp - ok
07:31:24.0906 3344 wanatw - ok
07:31:24.0953 3344 WDICA - ok
07:31:25.0015 3344 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
07:31:25.0031 3344 wdmaud - ok
07:31:25.0281 3344 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
07:31:25.0281 3344 WpdUsb - ok
07:31:25.0468 3344 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
07:31:25.0500 3344 WudfPf - ok
07:31:25.0609 3344 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
07:31:25.0625 3344 WudfRd - ok
07:31:25.0750 3344 xfilt (8b9d689780063bb988c3e9e791925dcf) C:\WINDOWS\system32\DRIVERS\xfilt.sys
07:31:25.0781 3344 xfilt - ok
07:31:25.0921 3344 zntport (f2f291f29b4ece0394f9a28f8e829afa) C:\WINDOWS\System32\drivers\zntport.sys
07:31:25.0921 3344 zntport - ok
07:31:26.0000 3344 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
07:31:26.0203 3344 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
07:31:26.0203 3344 \Device\Harddisk0\DR0 - detected TDSS File System (1)
07:31:26.0234 3344 Boot (0x1200) (dbd13e32cb2b17a071c3251cb45a71f8) \Device\Harddisk0\DR0\Partition0
07:31:26.0250 3344 \Device\Harddisk0\DR0\Partition0 - ok
07:31:26.0250 3344 ============================================================
07:31:26.0250 3344 Scan finished
07:31:26.0250 3344 ============================================================
07:31:26.0296 3304 Detected object count: 1
07:31:26.0296 3304 Actual detected object count: 1
07:31:33.0984 3304 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
07:31:33.0984 3304 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
07:31:46.0968 1504 Deinitialize success

#7 NANCY Arias

NANCY Arias
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:29 AM

Posted 06 March 2012 - 08:39 AM

I will post the others as they complete. THANK YOU!!

#8 NANCY Arias

NANCY Arias
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:29 AM

Posted 06 March 2012 - 09:29 AM

Clean log from MBAM (1st scan detected 29 objects):

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.06.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
soonernise 55 :: VALUED-26270799 [administrator]

3/6/2012 8:19:31 AM
mbam-log-2012-03-06 (08-19-31).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 202923
Time elapsed: 7 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#9 NANCY Arias

NANCY Arias
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:29 AM

Posted 06 March 2012 - 10:44 AM

Eset Online Scanner said: NO THREATS FOUND (no list)

I ran minitoolbox but it stopped responding after several attempts so I booted into safemode and ran it that way with no problems. Here is the log:
MiniToolBox by Farbar Version: 18-01-2012
Ran by soonernise 55 (administrator) on 06-03-2012 at 09:34:35
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Nerwork
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

204.152.194.204 www.google.com
204.152.194.204 google.com
204.152.194.204 google.com.au
204.152.194.204 www.google.com.au
204.152.194.204 google.be
204.152.194.204 www.google.be
204.152.194.204 google.com.br
204.152.194.204 www.google.com.br
204.152.194.204 google.ca
204.152.194.204 www.google.ca
204.152.194.204 google.ch
204.152.194.204 www.google.ch
204.152.194.204 google.de
204.152.194.204 www.google.de
204.152.194.204 google.dk
204.152.194.204 www.google.dk
204.152.194.204 google.fr
204.152.194.204 www.google.fr
204.152.194.204 google.ie
204.152.194.204 www.google.ie
204.152.194.204 google.it
204.152.194.204 www.google.it
204.152.194.204 google.co.jp
204.152.194.204 www.google.co.jp
204.152.194.204 google.nl
204.152.194.204 www.google.nl
204.152.194.204 google.no
204.152.194.204 www.google.no
204.152.194.204 google.co.nz
204.152.194.204 www.google.co.nz
204.152.194.204 google.pl
204.152.194.204 www.google.pl
204.152.194.204 google.se
204.152.194.204 www.google.se
204.152.194.204 google.co.uk
204.152.194.204 www.google.co.uk
204.152.194.204 google.co.za
204.152.194.204 www.google.co.za
204.152.194.204 www.google-analytics.com
204.152.194.204 www.bing.com
204.152.194.204 search.yahoo.com
204.152.194.204 www.search.yahoo.com
204.152.194.204 uk.search.yahoo.com
204.152.194.204 ca.search.yahoo.com
204.152.194.204 de.search.yahoo.com
204.152.194.204 fr.search.yahoo.com
204.152.194.204 au.search.yahoo.com

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 13117 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

VIA Rhine II Fast Ethernet Adapter = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : valued-26270799

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : VIA Rhine II Fast Ethernet Adapter

Physical Address. . . . . . . . . : 00-30-67-18-CD-C6

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.66

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.254

DHCP Server . . . . . . . . . . . : 192.168.1.254

DNS Servers . . . . . . . . . . . : 69.44.192.7

137.118.1.32

Lease Obtained. . . . . . . . . . : Tuesday, March 06, 2012 9:33:07 AM

Lease Expires . . . . . . . . . . : Wednesday, March 07, 2012 9:33:07 AM

Server: ip192-7.chouteautel.com
Address: 69.44.192.7

Name: google.com
Addresses: 74.125.226.4, 74.125.226.5, 74.125.226.6, 74.125.226.7
74.125.226.8, 74.125.226.9, 74.125.226.14, 74.125.226.0, 74.125.226.1
74.125.226.2, 74.125.226.3



Pinging google.com [204.152.194.204] with 32 bytes of data:



Request timed out.

Request timed out.



Ping statistics for 204.152.194.204:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Server: ip192-7.chouteautel.com
Address: 69.44.192.7

Name: yahoo.com
Addresses: 98.139.183.24, 209.191.122.70, 98.139.127.62



Pinging yahoo.com [98.139.127.62] with 32 bytes of data:



Reply from 98.139.127.62: bytes=32 time=542ms TTL=53

Reply from 98.139.127.62: bytes=32 time=514ms TTL=53



Ping statistics for 98.139.127.62:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 514ms, Maximum = 542ms, Average = 528ms

Server: ip192-7.chouteautel.com
Address: 69.44.192.7

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 30 67 18 cd c6 ...... VIA Compatable Fast Ethernet Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.66 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.66 192.168.1.66 20
192.168.1.66 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.66 192.168.1.66 20
224.0.0.0 240.0.0.0 192.168.1.66 192.168.1.66 20
255.255.255.255 255.255.255.255 192.168.1.66 192.168.1.66 1
Default Gateway: 192.168.1.254
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/06/2012 09:30:06 AM) (Source: Application Hang) (User: )
Description: Hanging application MiniToolBox.exe, version 3.3.6.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/06/2012 09:21:21 AM) (Source: Application Hang) (User: )
Description: Hanging application MiniToolBox.exe, version 3.3.6.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/06/2012 09:11:21 AM) (Source: Application Hang) (User: )
Description: Hanging application MiniToolBox.exe, version 3.3.6.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/06/2012 09:03:54 AM) (Source: Application Hang) (User: )
Description: Hanging application MiniToolBox.exe, version 3.3.6.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/06/2012 08:29:50 AM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (03/06/2012 08:29:50 AM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (03/04/2012 10:16:24 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (03/04/2012 10:08:04 PM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Failed to uninstall service

Error: (03/04/2012 04:45:58 PM) (Source: Google Update) (User: SYSTEM)SYSTEM
Description: Network Request Error.
Error: 0x80040801. Http status code: 0.
Url=https://tools.google.com/service/update2
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.

Error: (03/25/2011 01:34:30 PM) (Source: Google Update) (User: SYSTEM)SYSTEM
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://tools.google.com/service/update2
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.


System errors:
=============
Error: (03/06/2012 09:34:27 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (03/06/2012 09:33:38 AM) (Source: DCOM) (User: SYSTEM)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (03/06/2012 09:33:24 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Avgldx86
Avgmfx86
BIOS
Fips
i8042prt
intelppm
SASDIFSV
SASKUTIL

Error: (03/06/2012 09:31:41 AM) (Source: Service Control Manager) (User: )
Description: The NTPort Library Driver service failed to start due to the following error:
%%2001

Error: (03/06/2012 09:23:05 AM) (Source: Service Control Manager) (User: )
Description: The NTPort Library Driver service failed to start due to the following error:
%%2001

Error: (03/06/2012 09:05:46 AM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

Error: (03/06/2012 09:05:44 AM) (Source: Service Control Manager) (User: )
Description: The PCPitstop Scheduling service terminated unexpectedly. It has done this 1 time(s).

Error: (03/06/2012 08:18:32 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
PCIIde
ViaIde

Error: (03/06/2012 08:18:32 AM) (Source: Service Control Manager) (User: )
Description: The NTPort Library Driver service failed to start due to the following error:
%%2001

Error: (03/06/2012 08:18:31 AM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume1


Microsoft Office Sessions:
=========================
Error: (03/06/2012 09:30:06 AM) (Source: Application Hang)(User: )
Description: MiniToolBox.exe3.3.6.1hungapp0.0.0.000000000

Error: (03/06/2012 09:21:21 AM) (Source: Application Hang)(User: )
Description: MiniToolBox.exe3.3.6.1hungapp0.0.0.000000000

Error: (03/06/2012 09:11:21 AM) (Source: Application Hang)(User: )
Description: MiniToolBox.exe3.3.6.1hungapp0.0.0.000000000

Error: (03/06/2012 09:03:54 AM) (Source: Application Hang)(User: )
Description: MiniToolBox.exe3.3.6.1hungapp0.0.0.000000000

Error: (03/06/2012 08:29:50 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (03/06/2012 08:29:50 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (03/04/2012 10:16:24 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.

Error: (03/04/2012 10:08:04 PM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Failed to uninstall service

Error: (03/04/2012 04:45:58 PM) (Source: Google Update)(User: SYSTEM)SYSTEM
Description: Network Request Error.
Error: 0x80040801. Http status code: 0.
Url=https://tools.google.com/service/update2
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.

Error: (03/25/2011 01:34:30 PM) (Source: Google Update)(User: SYSTEM)SYSTEM
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://tools.google.com/service/update2
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.


=========================== Installed Programs ============================

Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Ad-Aware (Version: 9.0.7)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 10 ActiveX (Version: 10.2.152.32)
Adobe Flash Player 11 Plugin (Version: 11.1.102.62)
Adobe Reader 9.5.0 (Version: 9.5.0)
Advertising Center (Version: 0.0.0.1)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2114)
AVG 2012 (Version: 2012.0.1913)
BIOS Update
ESET Online Scanner v3
Google Chrome (Version: 17.0.963.65)
Google Update Helper (Version: 1.3.21.99)
HiJackThis (Version: 1.0.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 6 Update 7 (Version: 1.6.0.70)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6425.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 10.0.2 (x86 en-US) (Version: 10.0.2)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
Nero 9 Essentials
Nero ControlCenter (Version: 9.0.0.1)
Nero Installer (Version: 4.4.9.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.12.100)
Nero StartSmart OEM (Version: 9.4.10.100)
neroxml (Version: 1.0.0)
OpenOffice.org 3.0 (Version: 3.0.9379)
PC Pitstop Optimize3 3.0 (Version: 3.0.0.42)
Platform (Version: 1.27)
Revo Uninstaller 1.93 (Version: 1.93)
Roblox for soonernise 55
Smart Guardian (Version: 2.0)
SUPERAntiSpyware (Version: 5.0.1144)
VIA Display Driver 6.14.10.0099
VIA Platform Device Manager (Version: 1.27)
VIA Rhine-Family Fast-Ethernet Adapter
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VLC media player 1.0.5 (Version: 1.0.5)
WebFldrs XP (Version: 9.50.7523)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11

========================= Memory info: ===================================

Percentage of memory in use: 27%
Total physical RAM: 1406.42 MB
Available physical RAM: 1015.71 MB
Total Pagefile: 2699.77 MB
Available Pagefile: 2529.06 MB
Total Virtual: 2047.88 MB
Available Virtual: 1973.13 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:74.52 GB) (Free:64.46 GB) NTFS

========================= Users: ========================================

User accounts for \\VALUED-26270799

Administrator Guest HelpAssistant
soonernise 55 SUPPORT_388945a0


**** End of log ****

I don't know who soonernise 55 is, previous owner I am assuming.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:29 AM

Posted 08 March 2012 - 05:48 AM

Download

http://support.microsoft.com/kb/972034

Run the fixit


Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://support.microsoft.com/kb/310405

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#11 NANCY Arias

NANCY Arias
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:29 AM

Posted 08 March 2012 - 08:12 AM

Did the above steps! Thank you soooo much!!

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:29 AM

Posted 08 March 2012 - 08:25 AM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users