1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

I am hijacked

Discussion in 'Virus & Other Malware Removal' started by drjake, Dec 22, 2010.

Thread Status:
Not open for further replies.
Advertisement
  1. drjake

    drjake Thread Starter

    Joined:
    Dec 22, 2010
    Messages:
    15
    When I try to do as you say I am being blocked. I try and paste everything you have told me. When I attempt to submit, All I get is that I am not connected, although I know that I am. What should I do?
     
  2. RedCar92

    RedCar92 Malware Trainee

    Joined:
    Jan 9, 2011
    Messages:
    387
    Hello drjake and welcome to TSG.



    I'm RedCar and my name is Bill, I'll be glad to help you with your computer problems.

    Please observe these rules while we work:

    • Read the entire procedure
    • It is important to perform ALL actions in sequence.
    • If you don't know, stop and ask! Don't keep going on.
    • Please reply to this thread. Do not start a new topic.
    • Stick with me till you're given the all clear. Malware removal can be stressful but we will remove it.
    • Remember, absence of symptoms does not mean the infection is all gone.
    • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.

    Please be advised, as I am still in training, all my replies to you will be checked for accuracy by one of our experts to ensure that I am giving you the best possible advise, this will be a team effort.
    This may cause a delay, but I will do my best to keep it as short as possible.

    Please bear with me, I will post back to you as soon as I can.

    DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

    Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

    Vista and Windows 7 users:
    1. These tools MUST be run from the executable. (.exe) every time you run them
    2. With Admin Rights (Right click, choose "Run as Administrator")

    Stay with this topic until I give you the all clean post.

    You might want to print these instructions out.

    I suggest you do this:

    XP Users

    Double-click My Computer.
    Click the Tools menu, and then click Folder Options.
    Click the View tab.
    Uncheck "Hide file extensions for known file types."
    Under the "Hidden files" folder, select "Show hidden files and folders."
    Uncheck "Hide protected operating system files."
    Click Apply, and then click OK.


    Vista Users

    To enable the viewing of hidden and protected system files in Windows Vista please follow these steps:

    Close all programs so that you are at your desktop.
    Click on the Start button. This is the small round button with the Windows flag in the lower left corner.

    Click on the Control Panel menu option.
    When the control panel opens you can either be in Classic View or Control Panel Home view:

    If you are in the Classic View do the following:
    Double-click on the Folder Options icon.
    Click on the View tab.


    If you are in the Control Panel Home view do the following:

    Click on the Appearance and Personalization link.
    Click on Show Hidden Files or Folders.
    Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
    Remove the checkmark from the checkbox labeled Hide extensions for known file types.
    Remove the checkmark from the checkbox labeled Hide protected operating system files.

    IMPORTANT NOTE : Please do not delete anything unless instructed to.
    Hello and welcome to WTT.
    :Welcome:
    I'm RedCar92 and my name is Bill, I'll be glad to help you with your computer problems.


    • Please observe these rules while we work:

    • Read the entire procedure
    • It is important to perform ALL actions in sequence.
    • If you don't know, stop and ask! Don't keep going on.
    • Please reply to this thread. Do not start a new topic.
    • Stick with me till you're given the all clear. Malware removal can be stressful but we will clean it.
    • Remember, absence of symptoms does not mean the infection is all gone.
    • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.


    Please be advised, as I am still in training, all my replies to you will be checked for accuracy by one of our experts to ensure that I am giving you the best possible advise, this will be a team effort.
    This may cause a delay, but I will do my best to keep it as short as possible.

    Please bear with me, I will post back to you as soon as I can.

    IMPORTANT NOTE : Please do not delete anything unless instructed to.
    DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

    Doing so could make your pc inoperative and could require a full reinstall of your OS, losing all your programs and data.

    Vista and Windows 7 users:

    These tools MUST be run from the executable. (.exe) every time you run them
    with Admin Rights (Right click, choose "Run as Administrator")


    Stay with this topic until I give you the all clean post.


    You might want to print these instructions out.

    I suggest you do this:

    XP Users

    Double-click My Computer.
    Click the Tools menu, and then click Folder Options.
    Click the View tab.
    Uncheck "Hide file extensions for known file types."
    Under the "Hidden files" folder, select "Show hidden files and folders."
    Uncheck "Hide protected operating system files."
    Click Apply, and then click OK.


    Vista Users

    To enable the viewing of hidden and protected system files in Windows Vista please follow these steps:

    Close all programs so that you are at your desktop.
    Click on the Start button. This is the small round button with the Windows flag in the lower left corner.

    Click on the Control Panel menu option.
    When the control panel opens you can either be in Classic View or Control Panel Home view:

    If you are in the Classic View do the following:
    Double-click on the Folder Options icon.
    Click on the View tab.


    If you are in the Control Panel Home view do the following:

    Click on the Appearance and Personalization link.
    Click on Show Hidden Files or Folders.
    Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
    Remove the checkmark from the checkbox labeled Hide extensions for known file types.
    Remove the checkmark from the checkbox labeled Hide protected operating system files.

    Regards,
    Bill
     
  3. drjake

    drjake Thread Starter

    Joined:
    Dec 22, 2010
    Messages:
    15
    Thanks for replying. I read your instructions and performed the task you asked. Please instruct me on what is next.
     
  4. RedCar92

    RedCar92 Malware Trainee

    Joined:
    Jan 9, 2011
    Messages:
    387
    Hello drjake,
    You may be trying to post too much information in one reply.
    Try doing copy/paste of your smallest log into the reply then click submit.
    Then do next log. It make take a few posts if you ran all the tools in the intro. You may have to split a log in half and make two posts for it.
    If this doesn't work, let me know, we will find a solution.

    Thanks
    Bill
     
  5. drjake

    drjake Thread Starter

    Joined:
    Dec 22, 2010
    Messages:
    15
    GMER 1.0.15.15530 - http://www.gmer.net
    Rootkit quick scan 2011-01-22 09:32:06
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdePort0 TOSHIBA_MK4026GAX rev.PA100U
    Running: 30yxligq[1].exe; Driver: C:\DOCUME~1\Barbara\LOCALS~1\Temp\fxtdipow.sys

    ---- Disk sectors - GMER 1.0.15 ----
    Disk \Device\Harddisk0\DR0 sector 10: rootkit-like behavior;
    Disk \Device\Harddisk0\DR0 sector 62: rootkit-like behavior;
    Disk \Device\Harddisk0\DR0 sector 63: rootkit-like behavior;
    ---- Devices - GMER 1.0.15 ----
    Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort0 87F5139B
    Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort1 87F5139B
    Device \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP1T0L0-e 87F5139B
    Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
    AttachedDevice TfFsMon.sys (ThreatFire Filesystem Monitor/PC Tools)
    AttachedDevice \Driver\Tcpip \Device\Ip pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)
    AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\Tcpip \Device\Tcp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)
    AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\Tcpip \Device\Udp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)
    AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\Tcpip \Device\RawIp pctgntdi.sys (PC Tools Generic TDI Driver/PC Tools)
    AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
    AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
    AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
    Device \Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskTOSHIBA_MK4026GAX_______________________PA100U__#5&1463809d&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
    ---- EOF - GMER 1.0.15 ----
     
  6. drjake

    drjake Thread Starter

    Joined:
    Dec 22, 2010
    Messages:
    15
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    DDS (Ver_10-12-12.02)
    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume1
    Install Date: 4/22/2010 11:04:33 PM
    System Uptime: 1/22/2011 8:42:28 AM (1 hours ago)
    Motherboard: TOSHIBA | | Satellite L25
    Processor: Intel(R) Celeron(R) M processor 1.60GHz | U23 | 1595/100mhz
    ==== Disk Partitions =========================
    C: is FIXED (NTFS) - 37 GiB total, 24.862 GiB free.
    D: is CDROM (CDFS)
    ==== Disabled Device Manager Items =============
    ==== System Restore Points ===================
    RP147: 11/16/2010 10:24:27 AM - Removed ABBYY Screenshot Reader
    RP148: 11/16/2010 10:26:49 AM - Removed Microsoft Works
    RP149: 11/16/2010 10:29:09 AM - Removed Microsoft Works Suite Add-in for Microsoft Word
    RP150: 11/16/2010 10:32:28 AM - Removed OpenOffice.org 3.2
    RP151: 11/16/2010 10:39:06 AM - Removed Point 7.2.
    RP152: 11/20/2010 1:19:28 PM - System Checkpoint
    RP153: 11/21/2010 5:05:37 PM - System Checkpoint
    RP154: 11/21/2010 5:39:14 PM - Software Distribution Service 3.0
    RP155: 11/25/2010 9:01:43 AM - System Checkpoint
    RP156: 11/26/2010 5:22:36 AM - Avg Update
    RP157: 11/26/2010 5:24:45 AM - Avg Update
    RP158: 11/27/2010 11:59:33 AM - System Checkpoint
    RP159: 11/28/2010 1:43:10 PM - System Checkpoint
    RP160: 11/28/2010 8:14:59 PM - Software Distribution Service 3.0
    RP161: 11/30/2010 4:58:31 AM - System Checkpoint
    RP162: 12/4/2010 9:10:59 AM - System Checkpoint
    RP163: 12/5/2010 2:37:56 PM - System Checkpoint
    RP164: 12/7/2010 6:07:28 PM - System Checkpoint
    RP165: 12/8/2010 7:36:10 PM - System Checkpoint
    RP166: 12/10/2010 7:01:10 AM - Restore Operation
    RP167: 12/11/2010 3:00:58 PM - System Checkpoint
    RP168: 12/11/2010 7:14:19 PM - Removed AVG Free 9.0
    RP169: 12/11/2010 7:27:31 PM - Removed AVG Free 9.0
    RP170: 12/11/2010 7:28:41 PM - Removed AVG Free 9.0
    RP171: 12/11/2010 7:30:36 PM - Removed AVG Free 9.0
    RP172: 12/11/2010 7:41:09 PM - Removed AVG Free 9.0
    RP173: 12/11/2010 7:47:32 PM - Removed AVG Free 9.0
    RP174: 12/12/2010 10:43:34 PM - System Checkpoint
    RP175: 12/14/2010 6:42:40 AM - System Checkpoint
    RP176: 12/16/2010 1:10:45 PM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.
    RP177: 12/17/2010 9:22:34 AM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.
    RP178: 12/18/2010 10:49:16 AM - System Checkpoint
    RP179: 12/19/2010 10:59:43 AM - System Checkpoint
    RP180: 12/20/2010 11:09:54 AM - System Checkpoint
    RP181: 12/21/2010 12:14:18 PM - Installed HiJackThis
    RP182: 12/22/2010 7:35:26 PM - System Checkpoint
    RP183: 12/24/2010 1:15:39 PM - System Checkpoint
    RP184: 12/26/2010 2:47:26 AM - System Checkpoint
    RP185: 12/27/2010 7:08:26 AM - System Checkpoint
    RP186: 12/28/2010 11:29:20 AM - System Checkpoint
    RP187: 12/29/2010 1:14:50 PM - System Checkpoint
    RP188: 12/31/2010 6:00:22 AM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.
    RP189: 12/31/2010 1:36:37 PM - 1
    RP190: 1/1/2011 6:22:16 AM - Restore Operation
    RP191: 1/3/2011 9:10:46 AM - System Checkpoint
    RP192: 1/6/2011 4:57:34 PM - System Checkpoint
    RP193: 1/8/2011 7:20:00 AM - System Checkpoint
    RP194: 1/11/2011 11:49:38 AM - System Checkpoint
    RP195: 1/14/2011 7:20:05 PM - System Checkpoint
    RP196: 1/15/2011 7:06:14 AM - Installed VIPRE Antivirus.
    RP197: 1/15/2011 7:26:02 PM - one
    RP198: 1/19/2011 8:08:19 PM - two
    RP199: 1/20/2011 4:56:51 PM - Removed HiJackThis
    RP200: 1/21/2011 5:30:18 AM - Installed Windows Internet Explorer 8.
    RP201: 1/21/2011 8:08:50 AM - Made by Registry Mechanic O
    RP202: 1/22/2011 9:13:03 AM - Installed HiJackThis
    ==== Installed Programs ======================
    AC97 Data Fax SoftModem with SmartCP
    Adobe Flash Player 10 ActiveX
    Adobe Reader 9.3.4
    American Flag Screen Saver
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Atheros Wireless LAN MiniPCI card Driver
    ATI - Software Uninstall Utility
    ATI Display Driver
    Bicycle Card Games
    Browser Defender 3.0
    Conexant AC-Link Audio
    Google Update Helper
    HighMAT Extension to Microsoft Windows XP CD Writing Wizard
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB942288-v3)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    InfraRecorder
    K-Lite Mega Codec Pack 4.1.7
    Media Library Management Wizard
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Antimalware
    Microsoft Application Error Reporting
    Microsoft Base Smart Card Cryptographic Service Provider Package
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MyDefrag v4.3.1
    Personal License Update Wizard for Windows Media Player
    Plus! MP3 Audio Converter LE
    QuickTime
    REALTEK Gigabit and Fast Ethernet NIC Driver
    Registry Mechanic 10.0
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Shockwave
    Spyware Doctor with AntiVirus 8.0
    Synaptics Pointing Device Driver
    TRANSFLO Now 2.0
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Windows (KB971513)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    VC 9.0 Runtime
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    WD Diagnostics
    WebFldrs XP
    Windows Genuine Advantage Notifications (KB905474)
    Windows Internet Explorer 8
    Windows Media Bonus Pack for Windows XP
    Windows Media Format Runtime
    Windows Media Player 10
    Windows Media Player Playlist Import to Excel Wizard
    Windows Media Player Skin Importer
    Windows Media Player Tray Control
    Windows XP Service Pack 3
    WinZip
    ==== Event Viewer Messages From Past Week ========
    1/22/2011 6:37:40 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.97.22.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6502.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
    1/21/2011 4:57:54 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.95.4000.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6402.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
    1/20/2011 6:46:55 PM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 001839421E3D. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
    1/20/2011 6:13:46 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
    1/20/2011 5:48:35 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE
    1/20/2011 4:56:56 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
    1/19/2011 8:24:15 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.95.4000.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6402.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
    1/19/2011 6:03:40 AM, error: Service Control Manager [7001] - The AVG Free E-mail Scanner service depends on the AVG Free WatchDog service which failed to start because of the following error: The system cannot find the path specified.
    1/19/2011 6:03:40 AM, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The system cannot find the file specified.
    1/19/2011 6:03:40 AM, error: Service Control Manager [7000] - The AVG Free WatchDog service failed to start due to the following error: The system cannot find the path specified.
    1/18/2011 5:36:23 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.95.4000.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6402.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
    1/17/2011 3:50:01 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.95.4000.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6402.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
    1/16/2011 2:03:07 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.95.4000.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6402.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
    1/15/2011 11:31:05 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.95.3508.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6402.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
    1/15/2011 10:15:26 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.95.3508.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Lin...8.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: HOME\Barbara Current Engine Version: Previous Engine Version: 1.1.6402.0 Error code: 0x800b0003 Error description: The form specified for the subject is not one supported or known by the specified trust provider.
    1/15/2011 10:15:26 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.95.3508.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Lin...8.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: HOME\Barbara Current Engine Version: Previous Engine Version: 1.1.6402.0 Error code: 0x800b0003 Error description: The form specified for the subject is not one supported or known by the specified trust provider.
    1/15/2011 10:15:26 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.95.3508.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Lin...8.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: HOME\Barbara Current Engine Version: Previous Engine Version: 1.1.6402.0 Error code: 0x800b0003 Error description: The form specified for the subject is not one supported or known by the specified trust provider.
    1/15/2011 10:15:26 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.95.3508.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft.com/fwlink/?Lin...8.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: HOME\Barbara Current Engine Version: Previous Engine Version: 1.1.6402.0 Error code: 0x800b0003 Error description: The form specified for the subject is not one supported or known by the specified trust provider.
    1/15/2011 10:15:01 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.95.3508.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6402.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
    ==== End Of File ===========================
     
  7. drjake

    drjake Thread Starter

    Joined:
    Dec 22, 2010
    Messages:
    15
    AC97 Data Fax SoftModem with SmartCP
    Adobe Flash Player 10 ActiveX
    Adobe Reader 9.3.4
    Adobe Shockwave Player 11.5
    American Flag Screen Saver
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Atheros Wireless LAN MiniPCI card Driver
    ATI - Software Uninstall Utility
    ATI Display Driver
    Avira AntiVir Personal - Free Antivirus
    Bicycle Card Games
    Conexant AC-Link Audio
    Google Toolbar for Internet Explorer
    Google Toolbar for Internet Explorer
    Google Update Helper
    HighMAT Extension to Microsoft Windows XP CD Writing Wizard
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB942288-v3)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    Hubble Images Screen Saver
    InfraRecorder
    K-Lite Mega Codec Pack 4.1.7
    Living Beaches Screensaver
    Media Library Management Wizard
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 3.5 SP1
    Microsoft Base Smart Card Cryptographic Service Provider Package
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MyDefrag v4.3.1
    Personal License Update Wizard for Windows Media Player
    Plus! MP3 Audio Converter LE
    QuickTime
    REALTEK Gigabit and Fast Ethernet NIC Driver
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 8 (KB2183461)
    Security Update for Windows Internet Explorer 8 (KB2360131)
    Security Update for Windows Internet Explorer 8 (KB969897)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB972260)
    Security Update for Windows Internet Explorer 8 (KB974455)
    Security Update for Windows Internet Explorer 8 (KB976325)
    Security Update for Windows Internet Explorer 8 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Shockwave
    Spybot - Search & Destroy
    STOPzilla
    Synaptics Pointing Device Driver
    TRANSFLO Now 2.0
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Windows (KB971513)
    Update for Windows Internet Explorer 8 (KB968220)
    Update for Windows Internet Explorer 8 (KB975364)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB976749)
    Update for Windows Internet Explorer 8 (KB980182)
    Update for Windows Internet Explorer 8 (KB980302)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    VC 9.0 Runtime
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    WD Diagnostics
    Windows Internet Explorer 8
    Windows Media Bonus Pack for Windows XP
    Windows Media Format Runtime
    Windows Media Player 10
    Windows Media Player Playlist Import to Excel Wizard
    Windows Media Player Skin Importer
    Windows Media Player Tray Control
    Windows XP Service Pack 3
    WinZip
     
  8. drjake

    drjake Thread Starter

    Joined:
    Dec 22, 2010
    Messages:
    15
    I have tried but can not get either the DDS file or the HIghjack this file on here. Every attempt seems to be blocked.
     
  9. RedCar92

    RedCar92 Malware Trainee

    Joined:
    Jan 9, 2011
    Messages:
    387
    drjake,
    Can you zip them up and attach?
    Bill
     
  10. drjake

    drjake Thread Starter

    Joined:
    Dec 22, 2010
    Messages:
    15
    I am attempting to attach but I am inexperienced.
     

    Attached Files:

  11. RedCar92

    RedCar92 Malware Trainee

    Joined:
    Jan 9, 2011
    Messages:
    387
    Good job drjake, (y) just what we need. You will get the hang of it very quickly. I will post back as soon as I can.
    Bill
     
  12. RedCar92

    RedCar92 Malware Trainee

    Joined:
    Jan 9, 2011
    Messages:
    387
    Hello drjake,

    SPYBOT TEATIMER

    • Launch Spybot S&D, go to the Mode menu and make sure "Advanced Mode" is selected.
    • On the left hand side, click on Tools, then click on the Resident Icon in the list.
    • Uncheck the "Resident "TeaTimer" (Protection of overall system settings) active." box.
    • Click on the "System Startup" icon in the List
    • Uncheck the "TeaTimer" box and "OK" any prompts.
    • If Teatimer gives you a warning that changes were made, click the "Allow Change" box when prompted.
    • Exit Spybot S&D when done and reboot your computer.
    • (When we are done, you can re-enable Teatimer using the same steps but this time place a check next to "Resident TeaTimer" and check the "TeaTimer" box in System Startup.)


    Next

    Please read carefully and follow these steps.

    • Download TDSSKiller and save it to your Desktop.
    • Extract its contents to your desktop.
    • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.


      [​IMG]
    • If an infected file is detected, the default action will be Cure, click on Continue.


      [​IMG]
    • If a suspicious file is detected, the default action will be Skip, click on Continue.


      [​IMG]
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


      [​IMG]
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.


    Next

    Double click dds.scr to run the tool.
    When done, two DDS.txt's will open.
    Save both reports to your desktop.
    Please include the contents of the following in your reply using Copy / Paste:
    DDS.txt & Attach.txt

    When you reply, be sure to click the blue Reply button, don't use the Orange Reply at the bottom of the thread

    Bill
     
  13. RedCar92

    RedCar92 Malware Trainee

    Joined:
    Jan 9, 2011
    Messages:
    387
    drjake, do you still need help?
    Bill
     
  14. drjake

    drjake Thread Starter

    Joined:
    Dec 22, 2010
    Messages:
    15
    sorry I have been traveling so it took me awile to get back to you.

    2011/01/29 08:38:24.0906 TDSS rootkit removing tool 2.4.15.0 Jan 22 2011 19:37:53
    2011/01/29 08:38:24.0906 ================================================================================
    2011/01/29 08:38:24.0906 SystemInfo:
    2011/01/29 08:38:24.0906
    2011/01/29 08:38:24.0906 OS Version: 5.1.2600 ServicePack: 3.0
    2011/01/29 08:38:24.0906 Product type: Workstation
    2011/01/29 08:38:24.0906 ComputerName: HOME
    2011/01/29 08:38:24.0906 UserName: Barbara
    2011/01/29 08:38:24.0906 Windows directory: C:\WINDOWS
    2011/01/29 08:38:24.0906 System windows directory: C:\WINDOWS
    2011/01/29 08:38:24.0906 Processor architecture: Intel x86
    2011/01/29 08:38:24.0906 Number of processors: 1
    2011/01/29 08:38:24.0906 Page size: 0x1000
    2011/01/29 08:38:24.0906 Boot type: Normal boot
    2011/01/29 08:38:24.0906 ================================================================================
    2011/01/29 08:38:31.0812 Initialize success
    2011/01/29 08:38:37.0468 ================================================================================
    2011/01/29 08:38:37.0468 Scan started
    2011/01/29 08:38:37.0468 Mode: Manual;
    2011/01/29 08:38:37.0468 ================================================================================
    2011/01/29 08:38:38.0953 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    2011/01/29 08:38:39.0000 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
    2011/01/29 08:38:39.0093 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    2011/01/29 08:38:39.0156 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
    2011/01/29 08:38:39.0453 AR5211 (69645f795bbc22f05bea8b8734e3ee82) C:\WINDOWS\system32\DRIVERS\ar5211.sys
    2011/01/29 08:38:39.0640 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    2011/01/29 08:38:39.0671 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    2011/01/29 08:38:39.0921 ati2mtag (d5537cc8cc9a86668e3903bd53caa83c) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
    2011/01/29 08:38:40.0687 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    2011/01/29 08:38:40.0765 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    2011/01/29 08:38:40.0828 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\system32\Drivers\avgldx86.sys
    2011/01/29 08:38:40.0875 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\WINDOWS\system32\Drivers\avgmfx86.sys
    2011/01/29 08:38:40.0921 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\WINDOWS\system32\Drivers\avgtdix.sys
    2011/01/29 08:38:41.0000 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    2011/01/29 08:38:41.0093 CAMCAUD (cce1f3c7c8e7383b90372229454999cf) C:\WINDOWS\system32\drivers\camc6aud.sys
    2011/01/29 08:38:41.0281 CAMCHALA (9a3bbde74dab737efa82de7ef4b40bea) C:\WINDOWS\system32\drivers\camc6hal.sys
    2011/01/29 08:38:41.0375 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    2011/01/29 08:38:41.0468 CBPSp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\WINDOWS\system32\Drivers\CBPSp50.sys
    2011/01/29 08:38:41.0562 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    2011/01/29 08:38:41.0609 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    2011/01/29 08:38:41.0656 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    2011/01/29 08:38:41.0750 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
    2011/01/29 08:38:41.0812 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
    2011/01/29 08:38:42.0156 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    2011/01/29 08:38:42.0281 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
    2011/01/29 08:38:42.0343 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
    2011/01/29 08:38:42.0406 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    2011/01/29 08:38:42.0484 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    2011/01/29 08:38:42.0578 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    2011/01/29 08:38:42.0671 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    2011/01/29 08:38:42.0734 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
    2011/01/29 08:38:42.0765 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
    2011/01/29 08:38:42.0812 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
    2011/01/29 08:38:42.0859 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    2011/01/29 08:38:42.0906 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    2011/01/29 08:38:42.0984 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    2011/01/29 08:38:43.0171 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    2011/01/29 08:38:43.0265 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    2011/01/29 08:38:43.0359 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
    2011/01/29 08:38:43.0390 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
    2011/01/29 08:38:43.0437 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
    2011/01/29 08:38:43.0500 HSFHWATI (790acb861176ae06d97bd7fbddcdbbcb) C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys
    2011/01/29 08:38:43.0609 HSF_DPV (9a7c0d83bd340a43e10a453960607025) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
    2011/01/29 08:38:43.0734 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    2011/01/29 08:38:43.0890 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    2011/01/29 08:38:44.0015 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    2011/01/29 08:38:44.0171 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    2011/01/29 08:38:44.0265 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    2011/01/29 08:38:44.0328 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    2011/01/29 08:38:44.0343 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    2011/01/29 08:38:44.0437 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    2011/01/29 08:38:44.0468 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    2011/01/29 08:38:44.0515 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    2011/01/29 08:38:44.0562 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    2011/01/29 08:38:44.0703 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    2011/01/29 08:38:44.0812 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    2011/01/29 08:38:44.0859 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    2011/01/29 08:38:45.0062 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
    2011/01/29 08:38:45.0109 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    2011/01/29 08:38:45.0171 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
    2011/01/29 08:38:45.0234 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    2011/01/29 08:38:45.0312 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    2011/01/29 08:38:45.0359 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    2011/01/29 08:38:45.0421 MpFilter (7e34bfa1a7b60bba1da03d677f16cd63) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
    2011/01/29 08:38:45.0500 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    2011/01/29 08:38:45.0578 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    2011/01/29 08:38:45.0687 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    2011/01/29 08:38:45.0968 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    2011/01/29 08:38:46.0140 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    2011/01/29 08:38:46.0187 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    2011/01/29 08:38:46.0250 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    2011/01/29 08:38:46.0312 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
    2011/01/29 08:38:46.0437 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    2011/01/29 08:38:46.0500 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    2011/01/29 08:38:46.0578 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    2011/01/29 08:38:46.0609 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    2011/01/29 08:38:46.0656 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
    2011/01/29 08:38:46.0687 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
    2011/01/29 08:38:46.0750 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
    2011/01/29 08:38:46.0828 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    2011/01/29 08:38:46.0937 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    2011/01/29 08:38:47.0031 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    2011/01/29 08:38:47.0093 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    2011/01/29 08:38:47.0156 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    2011/01/29 08:38:47.0250 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
    2011/01/29 08:38:47.0296 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    2011/01/29 08:38:47.0343 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
    2011/01/29 08:38:47.0390 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
    2011/01/29 08:38:47.0468 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
    2011/01/29 08:38:47.0531 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
    2011/01/29 08:38:47.0625 PCTCore (6ef125721a9f1f7dbf3229786f7decd0) C:\WINDOWS\system32\drivers\PCTCore.sys
    2011/01/29 08:38:47.0687 pctDS (f820b4c61d1e591325b679d479d4eea4) C:\WINDOWS\system32\drivers\pctDS.sys
    2011/01/29 08:38:47.0765 pctEFA (acc8c15f3d59f17c5d903ff1de3b43d3) C:\WINDOWS\system32\drivers\pctEFA.sys
    2011/01/29 08:38:47.0843 pctgntdi (b76c829f00b9b534405b4ed5f58b8f52) C:\WINDOWS\system32\drivers\pctgntdi.sys
    2011/01/29 08:38:47.0953 pctplsg (c5c488e6232b29f5744b8f7988a20730) C:\WINDOWS\system32\drivers\pctplsg.sys
    2011/01/29 08:38:48.0390 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    2011/01/29 08:38:48.0453 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    2011/01/29 08:38:48.0484 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    2011/01/29 08:38:48.0734 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    2011/01/29 08:38:48.0796 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    2011/01/29 08:38:48.0859 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    2011/01/29 08:38:48.0906 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    2011/01/29 08:38:48.0968 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    2011/01/29 08:38:49.0000 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    2011/01/29 08:38:49.0093 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
    2011/01/29 08:38:49.0234 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
    2011/01/29 08:38:49.0375 RTL8023xp (cf84b1f0e8b14d4120aaf9cf35cbb265) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
    2011/01/29 08:38:49.0453 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
    2011/01/29 08:38:49.0593 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    2011/01/29 08:38:49.0687 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
    2011/01/29 08:38:49.0750 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    2011/01/29 08:38:49.0906 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    2011/01/29 08:38:49.0984 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
    2011/01/29 08:38:50.0093 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
    2011/01/29 08:38:50.0140 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    2011/01/29 08:38:50.0187 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    2011/01/29 08:38:50.0437 SynTP (eb363ddfbe8b6d51003ccab29d93d744) C:\WINDOWS\system32\DRIVERS\SynTP.sys
    2011/01/29 08:38:50.0515 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    2011/01/29 08:38:50.0593 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    2011/01/29 08:38:50.0687 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    2011/01/29 08:38:50.0781 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    2011/01/29 08:38:50.0828 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    2011/01/29 08:38:50.0906 TfFsMon (18d09508877e3f697866b39e9d0e6dcf) C:\WINDOWS\system32\drivers\TfFsMon.sys
    2011/01/29 08:38:50.0968 TfNetMon (c657f352613d8e592efb54cc35f21f5e) C:\WINDOWS\system32\drivers\TfNetMon.sys
    2011/01/29 08:38:51.0046 TFSysMon (71e3073419cfda8d60813c1502acc420) C:\WINDOWS\system32\drivers\TfSysMon.sys
    2011/01/29 08:38:51.0468 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    2011/01/29 08:38:51.0593 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    2011/01/29 08:38:51.0687 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    2011/01/29 08:38:51.0750 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    2011/01/29 08:38:51.0796 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    2011/01/29 08:38:51.0843 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
    2011/01/29 08:38:51.0906 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    2011/01/29 08:38:51.0984 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    2011/01/29 08:38:52.0031 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    2011/01/29 08:38:52.0140 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
    2011/01/29 08:38:52.0250 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    2011/01/29 08:38:52.0343 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    2011/01/29 08:38:52.0484 winachsf (eb5d5dd39da6b25ffd4206892365f67c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
    2011/01/29 08:38:52.0703 WPC300N (ee44fe4c6388eae2ec5749e2c5d781f2) C:\WINDOWS\system32\DRIVERS\WPC300N.SYS
    2011/01/29 08:38:52.0796 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
    2011/01/29 08:38:52.0921 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
    2011/01/29 08:38:52.0921 ================================================================================
    2011/01/29 08:38:52.0921 Scan finished
    2011/01/29 08:38:52.0921 ================================================================================
    2011/01/29 08:38:52.0953 Detected object count: 1
    2011/01/29 08:39:03.0734 \HardDisk0 - will be cured after reboot
    2011/01/29 08:39:03.0734 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure
    2011/01/29 08:39:10.0187 Deinitialize success


    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    DDS (Ver_10-12-12.02)
    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume1
    Install Date: 4/22/2010 11:04:33 PM
    System Uptime: 1/29/2011 8:39:57 AM (2 hours ago)
    Motherboard: TOSHIBA | | Satellite L25
    Processor: Intel(R) Celeron(R) M processor 1.60GHz | U23 | 1595/100mhz
    ==== Disk Partitions =========================
    C: is FIXED (NTFS) - 37 GiB total, 24.922 GiB free.
    D: is CDROM ()
    ==== Disabled Device Manager Items =============
    ==== System Restore Points ===================
    RP147: 11/16/2010 10:24:27 AM - Removed ABBYY Screenshot Reader
    RP148: 11/16/2010 10:26:49 AM - Removed Microsoft Works
    RP149: 11/16/2010 10:29:09 AM - Removed Microsoft Works Suite Add-in for Microsoft Word
    RP150: 11/16/2010 10:32:28 AM - Removed OpenOffice.org 3.2
    RP151: 11/16/2010 10:39:06 AM - Removed Point 7.2.
    RP152: 11/20/2010 1:19:28 PM - System Checkpoint
    RP153: 11/21/2010 5:05:37 PM - System Checkpoint
    RP154: 11/21/2010 5:39:14 PM - Software Distribution Service 3.0
    RP155: 11/25/2010 9:01:43 AM - System Checkpoint
    RP156: 11/26/2010 5:22:36 AM - Avg Update
    RP157: 11/26/2010 5:24:45 AM - Avg Update
    RP158: 11/27/2010 11:59:33 AM - System Checkpoint
    RP159: 11/28/2010 1:43:10 PM - System Checkpoint
    RP160: 11/28/2010 8:14:59 PM - Software Distribution Service 3.0
    RP161: 11/30/2010 4:58:31 AM - System Checkpoint
    RP162: 12/4/2010 9:10:59 AM - System Checkpoint
    RP163: 12/5/2010 2:37:56 PM - System Checkpoint
    RP164: 12/7/2010 6:07:28 PM - System Checkpoint
    RP165: 12/8/2010 7:36:10 PM - System Checkpoint
    RP166: 12/10/2010 7:01:10 AM - Restore Operation
    RP167: 12/11/2010 3:00:58 PM - System Checkpoint
    RP168: 12/11/2010 7:14:19 PM - Removed AVG Free 9.0
    RP169: 12/11/2010 7:27:31 PM - Removed AVG Free 9.0
    RP170: 12/11/2010 7:28:41 PM - Removed AVG Free 9.0
    RP171: 12/11/2010 7:30:36 PM - Removed AVG Free 9.0
    RP172: 12/11/2010 7:41:09 PM - Removed AVG Free 9.0
    RP173: 12/11/2010 7:47:32 PM - Removed AVG Free 9.0
    RP174: 12/12/2010 10:43:34 PM - System Checkpoint
    RP175: 12/14/2010 6:42:40 AM - System Checkpoint
    RP176: 12/16/2010 1:10:45 PM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.
    RP177: 12/17/2010 9:22:34 AM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.
    RP178: 12/18/2010 10:49:16 AM - System Checkpoint
    RP179: 12/19/2010 10:59:43 AM - System Checkpoint
    RP180: 12/20/2010 11:09:54 AM - System Checkpoint
    RP181: 12/21/2010 12:14:18 PM - Installed HiJackThis
    RP182: 12/22/2010 7:35:26 PM - System Checkpoint
    RP183: 12/24/2010 1:15:39 PM - System Checkpoint
    RP184: 12/26/2010 2:47:26 AM - System Checkpoint
    RP185: 12/27/2010 7:08:26 AM - System Checkpoint
    RP186: 12/28/2010 11:29:20 AM - System Checkpoint
    RP187: 12/29/2010 1:14:50 PM - System Checkpoint
    RP188: 12/31/2010 6:00:22 AM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.
    RP189: 12/31/2010 1:36:37 PM - 1
    RP190: 1/1/2011 6:22:16 AM - Restore Operation
    RP191: 1/3/2011 9:10:46 AM - System Checkpoint
    RP192: 1/6/2011 4:57:34 PM - System Checkpoint
    RP193: 1/8/2011 7:20:00 AM - System Checkpoint
    RP194: 1/11/2011 11:49:38 AM - System Checkpoint
    RP195: 1/14/2011 7:20:05 PM - System Checkpoint
    RP196: 1/15/2011 7:06:14 AM - Installed VIPRE Antivirus.
    RP197: 1/15/2011 7:26:02 PM - one
    RP198: 1/19/2011 8:08:19 PM - two
    RP199: 1/20/2011 4:56:51 PM - Removed HiJackThis
    RP200: 1/21/2011 5:30:18 AM - Installed Windows Internet Explorer 8.
    RP201: 1/21/2011 8:08:50 AM - Made by Registry Mechanic O
    RP202: 1/22/2011 9:13:03 AM - Installed HiJackThis
    RP203: 1/26/2011 9:06:03 PM - System Checkpoint
    RP204: 1/28/2011 7:55:32 AM - System Checkpoint
    RP205: 1/28/2011 8:25:20 AM - Made by Registry Mechanic O
    RP206: 1/29/2011 8:55:53 AM - System Checkpoint
    ==== Installed Programs ======================
    AC97 Data Fax SoftModem with SmartCP
    Adobe Flash Player 10 ActiveX
    Adobe Reader 9.3.4
    American Flag Screen Saver
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Atheros Wireless LAN MiniPCI card Driver
    ATI - Software Uninstall Utility
    ATI Display Driver
    Bicycle Card Games
    Browser Defender 3.0
    Conexant AC-Link Audio
    Google Update Helper
    HighMAT Extension to Microsoft Windows XP CD Writing Wizard
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB942288-v3)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    InfraRecorder
    K-Lite Mega Codec Pack 4.1.7
    Media Library Management Wizard
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Antimalware
    Microsoft Application Error Reporting
    Microsoft Base Smart Card Cryptographic Service Provider Package
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MyDefrag v4.3.1
    Personal License Update Wizard for Windows Media Player
    Plus! MP3 Audio Converter LE
    QuickTime
    REALTEK Gigabit and Fast Ethernet NIC Driver
    Registry Mechanic 10.0
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Shockwave
    Spyware Doctor with AntiVirus 8.0
    Synaptics Pointing Device Driver
    TRANSFLO Now 2.0
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft Windows (KB971513)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    VC 9.0 Runtime
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    WD Diagnostics
    WebFldrs XP
    Windows Genuine Advantage Notifications (KB905474)
    Windows Internet Explorer 8
    Windows Media Bonus Pack for Windows XP
    Windows Media Format Runtime
    Windows Media Player 10
    Windows Media Player Playlist Import to Excel Wizard
    Windows Media Player Skin Importer
    Windows Media Player Tray Control
    Windows XP Service Pack 3
    WinZip
    ==== Event Viewer Messages From Past Week ========
    1/28/2011 6:46:14 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Browser Defender Update Service service.
    1/28/2011 2:30:38 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.97.491.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6502.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
    1/27/2011 8:25:42 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE
    1/27/2011 8:24:36 AM, error: Service Control Manager [7001] - The AVG Free E-mail Scanner service depends on the AVG Free WatchDog service which failed to start because of the following error: The system cannot find the path specified.
    1/27/2011 8:24:36 AM, error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The system cannot find the file specified.
    1/27/2011 8:24:36 AM, error: Service Control Manager [7000] - The AVG Free WatchDog service failed to start due to the following error: The system cannot find the path specified.
    1/27/2011 10:33:50 AM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
    1/27/2011 1:42:01 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.97.22.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6502.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
    1/26/2011 12:23:04 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.97.22.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6502.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
    1/24/2011 12:11:51 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    1/23/2011 7:35:06 PM, error: Service Control Manager [7023] - The Windows Firewall/Internet Connection Sharing (ICS) service terminated with the following error: Access is denied.
    1/23/2011 6:58:21 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.97.22.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6502.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
    ==== End Of File ===========================
     
  15. drjake

    drjake Thread Starter

    Joined:
    Dec 22, 2010
    Messages:
    15
    DDS (Ver_10-12-12.02) - NTFSx86
    Run by Barbara at 9:58:24.35 on Sat 01/29/2011
    Internet Explorer: 8.0.6001.18702
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1150.352 [GMT -8:00]
    AV: Spyware Doctor with AntiVirus *Enabled/Updated* {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
    AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
    ============== Running Processes ===============
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
    C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
    C:\Program Files\PC Tools Security\pctsAuxs.exe
    C:\Program Files\PC Tools Security\pctsSvc.exe
    C:\WINDOWS\system32\tcpsvcs.exe
    C:\Program Files\PC Tools Security\TFEngine\TFService.exe
    C:\Program Files\PC Tools Security\pctsGui.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\PC Tools Security\BDT\FGuard.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Barbara\Desktop\dds.scr
    ============== Pseudo HJT Report ===============
    uURLSearchHooks: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
    mURLSearchHooks: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
    mWinlogon: Userinit=userinit.exe
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
    BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
    BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
    TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
    TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [ISTray] "c:\program files\pc tools security\pctsGui.exe" /hideGUI
    mRun: [PCTools FGuard] c:\program files\pc tools security\bdt\FGuard.exe
    dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1271972833953
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Notify: AtiExtEvent - Ati2evxx.dll
    Notify: avgrsstarter - avgrsstx.dll
    ============= SERVICES / DRIVERS ===============
    R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2011-1-19 239168]
    R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2011-1-19 338880]
    R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2011-1-19 656320]
    R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2011-1-20 51984]
    R0 TFSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2011-1-20 69392]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-4-23 216400]
    R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-4-23 29584]
    R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-4-23 243024]
    R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165264]
    R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2011-1-19 249616]
    R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\pc tools security\bdt\BDTUpdateService.exe [2011-1-20 247760]
    R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2011-1-20 632792]
    R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\pc tools security\pctsAuxs.exe [2011-1-19 366840]
    R2 sdCoreService;PC Tools Security Service;c:\program files\pc tools security\pctsSvc.exe [2011-1-19 1150936]
    R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [2010-4-22 211200]
    R3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [2011-1-19 70536]
    R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2011-1-20 33552]
    R3 ThreatFire;ThreatFire;c:\program files\pc tools security\tfengine\tfservice.exe service --> c:\program files\pc tools security\tfengine\TFService.exe service [?]
    R3 WPC300N;Linksys Wireless Notebook Adapter WPC300N Driver;c:\windows\system32\drivers\WPC300N.SYS [2010-4-22 822400]
    S1 SBRE;SBRE;\??\c:\windows\system32\drivers\sbredrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
    S2 avg9emc;AVG Free E-mail Scanner;"c:\program files\avg\avg9\avgemc.exe" --> c:\program files\avg\avg9\avgemc.exe [?]
    S2 avg9wd;AVG Free WatchDog;"c:\program files\avg\avg9\avgwdsvc.exe" --> c:\program files\avg\avg9\avgwdsvc.exe [?]
    S2 gupdate;Google Update Service (gupdate);"c:\program files\google\update\googleupdate.exe" /svc --> c:\program files\google\update\GoogleUpdate.exe [?]
    S3 CBPMp50;CBPMp50 NDIS Protocol Driver;c:\windows\system32\drivers\cbpmp50.sys --> c:\windows\system32\drivers\CBPMp50.sys [?]
    S3 CBPSp50;CBPSp50 NDIS Protocol Driver;c:\windows\system32\drivers\CBPSp50.sys [2010-4-22 27072]
    S3 cpuz134;cpuz134;\??\c:\docume~1\barbara\locals~1\temp\cpuz134\cpuz134_x32.sys --> c:\docume~1\barbara\locals~1\temp\cpuz134\cpuz134_x32.sys [?]
    =============== Created Last 30 ================
    2011-01-27 21:42:15 5890896 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\{55e8fcbc-9ea1-4b53-92e3-1cff54accd9c}\mpengine.dll
    2011-01-22 17:13:09 388096 ----a-r- c:\docume~1\barbara\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2011-01-21 13:29:08 -------- dc-h--w- c:\windows\ie8
    2011-01-21 01:52:02 -------- d-----w- c:\docume~1\barbara\applic~1\Registry Mechanic
    2011-01-21 01:44:10 880640 ----a-w- c:\windows\system32\UniBox10.ocx
    2011-01-21 01:44:10 37336 ----a-w- c:\windows\system32\CleanMFT32.exe
    2011-01-21 01:44:10 212992 ----a-w- c:\windows\system32\UniBoxVB12.ocx
    2011-01-21 01:44:10 1101824 ----a-w- c:\windows\system32\UniBox210.ocx
    2011-01-21 01:44:09 658432 ----a-w- c:\windows\system32\MSCOMCT2.OCX
    2011-01-20 23:41:28 69392 --s---w- c:\windows\system32\drivers\TfSysMon.sys
    2011-01-20 23:41:28 51984 --s---w- c:\windows\system32\drivers\TfFsMon.sys
    2011-01-20 23:41:28 33552 --s---w- c:\windows\system32\drivers\TfNetMon.sys
    2011-01-20 23:40:43 767952 ----a-w- c:\windows\BDTSupport.dll
    2011-01-20 23:40:40 149456 ----a-w- c:\windows\SGDetectionTool.dll
    2011-01-20 23:40:33 1996752 ----a-w- c:\windows\PCTBDCore.dll
    2011-01-20 23:40:33 1533904 ----a-w- c:\windows\PCTBDRes.dll
    2011-01-20 05:12:18 656320 ----a-w- c:\windows\system32\drivers\pctEFA.sys
    2011-01-20 05:12:17 338880 ----a-w- c:\windows\system32\drivers\pctDS.sys
    2011-01-20 05:12:11 249616 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
    2011-01-20 05:11:55 239168 ----a-w- c:\windows\system32\drivers\PCTCore.sys
    2011-01-20 05:11:55 160448 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
    2011-01-20 05:11:29 70536 ----a-w- c:\windows\system32\drivers\pctplsg.sys
    2011-01-20 05:10:33 -------- d-----w- c:\program files\PC Tools Security
    2011-01-20 05:10:33 -------- d-----w- c:\docume~1\barbara\applic~1\PC Tools
    2011-01-20 03:57:04 -------- d-----w- c:\program files\common files\Wise Installation Wizard
    2011-01-20 03:40:32 -------- d-----w- c:\docume~1\barbara\applic~1\Uniblue
    2011-01-20 03:40:15 -------- d-----w- c:\program files\Uniblue
    2011-01-20 03:39:15 -------- d-----w- c:\docume~1\barbara\locals~1\applic~1\PackageAware
    2011-01-17 03:38:50 109 ----a-w- c:\docume~1\barbara\applic~1\netstat.bat
    2011-01-15 15:08:21 -------- d-----w- c:\docume~1\alluse~1\applic~1\Sunbelt
    2011-01-12 17:52:52 190032 ----a-w- c:\windows\system32\drivers\tmcomm.sys
    2011-01-08 15:02:23 5890896 ----a-w- c:\docume~1\alluse~1\applic~1\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
    2011-01-01 14:23:07 -------- d-----w- c:\windows\system32\wbem\repository\FS
    2011-01-01 14:23:07 -------- d-----w- c:\windows\system32\wbem\Repository
    2010-12-31 21:59:09 -------- d-----w- c:\program files\Browser Hijack Recover
    ==================== Find3M ====================
    2008-04-14 12:42:42 73728 --sha-w- c:\windows\registeredpackages\{dd90d410-1823-43eb-9a16-a2331bf08799}$backup$\system\wmplayer.exe
    ============= FINISH: 10:02:33.59 ===============
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/970123

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice