1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

windows xp taking forever to start up

Discussion in 'Virus & Other Malware Removal' started by anujchopra, Oct 25, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. anujchopra

    anujchopra Thread Starter

    Joined:
    Mar 11, 2011
    Messages:
    155
    my windows is taking too long to start up. the main problem comes when the welcome screen shows up. this is the part which takes the longest.
    i suspect possible virus as any kind of removable disk has folders converted into shortcuts.
    i have minimal processes in my startup.
    any kind of help is appreciated,
    regards


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 5:04:00 PM, on 10/25/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
    C:\Documents and Settings\DAWSON\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\DAWSON\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\DAWSON\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\uTorrent\uTorrent.exe
    D:\Anuj\Software\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
    O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
    O4 - Global Startup: Bluetooth.lnk = ?
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: UDisk Monitor - Unknown owner - C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe

    --
    End of file - 7065 bytes
     
  2. anujchopra

    anujchopra Thread Starter

    Joined:
    Mar 11, 2011
    Messages:
    155
    .
    DDS (Ver_2011-08-26.01) - FAT32x86
    Internet Explorer: 6.0.2900.5512
    Run by DAWSON at 17:19:46 on 2011-10-25
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2039.1493 [GMT 5.5:30]
    .
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    C:\WINDOWS\system32\svchost -k rpcss
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
    C:\Documents and Settings\DAWSON\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\DAWSON\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\DAWSON\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\DAWSON\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\DAWSON\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\DAWSON\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\DAWSON\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll
    BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
    BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
    BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
    BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
    TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dll
    TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
    EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [<NO NAME>]
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
    mRun: [SoundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray
    mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
    mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
    dRunOnce: [RunNarrator] Narrator.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
    IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convert to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{9A6A0AE9-B9D4-49A7-A017-764C4084598D} : DhcpNameServer = 192.168.1.1
    Notify: igfxcui - igfxdev.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-9 366152]
    R2 UDisk Monitor;UDisk Monitor;c:\program files\mblaze ui\bin\MonServiceUDisk.exe [2011-7-16 512000]
    R2 XHASP;XHASP;c:\windows\system32\drivers\XHASP.sys [2011-10-19 259584]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-10-9 22216]
    S3 FtFilter;FtFilter;\??\c:\windows\system32\sffilter.sys --> c:\windows\system32\SfFilter.sys [?]
    S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2011-10-5 100736]
    S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
    S3 ztemtusbser;ZTEMT Legacy Serial Communication;c:\windows\system32\drivers\CT_ZTEMT_U_USBSER.sys [2011-7-16 104704]
    .
    =============== Created Last 30 ================
    .
    2011-10-25 08:39:01 174592 ----a-w- c:\windows\system32\framedyn.dll
    2011-10-25 08:38:33 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
    2011-10-25 08:17:17 9256 ----a-w- c:\windows\system32\drivers\sscdwhnt.sys
    2011-10-25 08:17:17 9256 ----a-w- c:\windows\system32\drivers\sscdwh.sys
    2011-10-25 08:17:17 9256 ----a-w- c:\windows\system32\drivers\sscdcmnt.sys
    2011-10-25 08:17:17 9256 ----a-w- c:\windows\system32\drivers\sscdcm.sys
    2011-10-25 08:17:17 80552 ----a-w- c:\windows\system32\drivers\sscdbus.sys
    2011-10-25 08:17:17 11944 ----a-w- c:\windows\system32\drivers\sscdmdfl.sys
    2011-10-25 08:17:17 106792 ----a-w- c:\windows\system32\drivers\sscdmdm.sys
    2011-10-25 08:17:12 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
    2011-10-25 07:59:21 -------- d-----w- c:\documents and settings\dawson\application data\Samsung
    2011-10-25 07:58:56 -------- d-----w- c:\program files\MSXML 4.0
    2011-10-25 07:58:41 -------- d-----w- c:\program files\Samsung
    2011-10-19 16:35:55 4856 ----a-w- c:\windows\system32\drivers\D2672BE1.bin
    2011-10-19 16:33:29 259584 ----a-w- c:\windows\system32\drivers\XHASP.sys
    2011-10-19 16:32:50 685056 ----a-w- c:\windows\system32\drivers\hardlock.sys
    2011-10-19 16:32:39 6656 ----a-w- c:\windows\system32\haspvdd.dll
    2011-10-19 16:32:39 47616 ----a-w- c:\windows\system32\drivers\Haspnt.sys
    2011-10-19 16:32:39 383 ----a-w- c:\windows\system32\haspdos.sys
    2011-10-19 16:32:33 3063808 ----a-w- c:\windows\system32\hinstd.dll
    2011-10-19 16:32:33 24576 ----a-w- c:\windows\system32\hdduinst.exe
    2011-10-19 16:32:33 2164411 ----a-w- c:\windows\system32\haspds_windows.dll
    2011-10-19 16:32:33 164864 ----a-w- c:\windows\system32\UNWISE.EXE
    2011-10-19 16:32:19 -------- d-----w- c:\program files\CyberDNC Pro 11.2
    2011-10-19 03:22:42 -------- d-----w- c:\documents and settings\dawson\.qualnetUserDir
    2011-10-19 03:19:22 -------- d-----w- C:\snt
    2011-10-15 17:15:14 86016 ----a-w- c:\windows\system32\ZSPOOL.DLL
    2011-10-15 17:15:14 24576 ----a-w- c:\windows\system32\ZTAG32.DLL
    2011-10-15 17:15:13 86016 ----a-w- c:\windows\system32\ZLhp1020.DLL
    2011-10-15 17:15:13 397312 ----a-w- c:\windows\system32\ZSHP1020.EXE
    2011-10-15 17:15:13 28672 ----a-w- c:\windows\system32\ZLM.DLL
    2011-10-15 17:15:11 106496 ----a-w- c:\windows\system32\VSHP1020.DLL
    2011-10-15 17:15:08 49152 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\IMFPRINT.DLL
    2011-10-15 17:15:08 28672 ----a-w- c:\windows\system32\IMF32.DLL
    2011-10-15 16:53:10 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
    2011-10-15 16:53:10 25856 ----a-w- c:\windows\system32\dllcache\usbprint.sys
    2011-10-09 15:56:38 -------- d-----w- c:\documents and settings\dawson\application data\Malwarebytes
    2011-10-09 15:56:31 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
    2011-10-09 15:56:28 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-10-09 15:56:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-10-05 02:51:45 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
    2011-10-05 02:51:45 113280 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
    2011-10-05 02:51:45 102528 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
    2011-10-05 02:51:45 100736 ----a-w- c:\windows\system32\drivers\ewusbdev.sys
    2011-10-05 02:51:37 -------- d-----w- c:\program files\Tata Photon+
    2011-10-03 12:57:00 -------- d-----w- C:\Scenario
    2011-10-01 06:31:14 -------- d-----w- c:\documents and settings\dawson\application data\Microsoft Games
    2011-10-01 06:30:58 -------- d-----w- c:\program files\GameSpy Arcade
    2011-10-01 06:28:57 -------- d-----w- c:\program files\Microsoft Games
    2011-09-27 11:53:56 -------- d-----w- c:\documents and settings\dawson\application data\bang
    .
    ==================== Find3M ====================
    .
    2011-10-02 23:36:04 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2011-10-02 21:07:52 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2011-08-08 16:38:40 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
    .
    ============= FINISH: 17:20:15.98 ===============
     
  3. anujchopra

    anujchopra Thread Starter

    Joined:
    Mar 11, 2011
    Messages:
    155
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 7/15/2011 9:54:38 PM
    System Uptime: 10/25/2011 4:54:20 PM (1 hours ago)
    .
    Motherboard: Hewlett-Packard | | 3618
    Processor: Intel(R) Core(TM)2 Duo CPU T5470 @ 1.60GHz | U10 | 1596/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (FAT32) - 49 GiB total, 9.392 GiB free.
    D: is FIXED (NTFS) - 63 GiB total, 52.577 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID:
    Description:
    Device ID: HDAUDIO\FUNC_02&VEN_11C1&DEV_1040&SUBSYS_103C1378&REV_1002\4&C3F7DAE&0&0101
    Manufacturer:
    Name:
    PNP Device ID: HDAUDIO\FUNC_02&VEN_11C1&DEV_1040&SUBSYS_103C1378&REV_1002\4&C3F7DAE&0&0101
    Service:
    .
    Class GUID:
    Description:
    Device ID: ACPI\HPQ0006\2&DABA3FF&0
    Manufacturer:
    Name:
    PNP Device ID: ACPI\HPQ0006\2&DABA3FF&0
    Service:
    .
    Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
    Description: Nokia Windows Portable Device Driver
    Device ID: ROOT\WPD\0000
    Manufacturer: Nokia
    Name: Nokia 7210 Supernova
    PNP Device ID: ROOT\WPD\0000
    Service: WUDFRd
    .
    Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
    Description: Nokia Windows Portable Device Driver
    Device ID: ROOT\WPD\0001
    Manufacturer: Nokia
    Name: X2-01
    PNP Device ID: ROOT\WPD\0001
    Service: WUDFRd
    .
    Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
    Description: Nokia Windows Portable Device Driver
    Device ID: ROOT\WPD\0002
    Manufacturer: Nokia
    Name: C2-00
    PNP Device ID: ROOT\WPD\0002
    Service: WUDFRd
    .
    Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
    Description: Nokia Phone
    Device ID: ROOT\WPD\0003
    Manufacturer: Nokia
    Name: Nokia Phone
    PNP Device ID: ROOT\WPD\0003
    Service: WUDFRd
    .
    ==== System Restore Points ===================
    .
    RP55: 9/29/2011 11:30:41 PM - System Checkpoint
    RP56: 10/1/2011 11:50:31 AM - System Checkpoint
    RP57: 10/2/2011 2:00:32 PM - System Checkpoint
    RP58: 10/3/2011 7:58:49 PM - System Checkpoint
    RP59: 10/9/2011 1:53:21 AM - System Checkpoint
    RP60: 10/10/2011 2:39:56 AM - System Checkpoint
    RP61: 10/13/2011 7:26:31 PM - System Checkpoint
    RP62: 10/14/2011 7:33:34 PM - System Checkpoint
    RP63: 10/15/2011 10:47:30 PM - Unsigned printer driver HP LaserJet 1020 installed.
    RP64: 10/17/2011 8:28:59 AM - System Checkpoint
    RP65: 10/18/2011 6:20:47 PM - System Checkpoint
    RP66: 10/19/2011 8:51:11 AM - Installed Microsoft Visual C++ 2005 Redistributable
    RP67: 10/20/2011 6:46:47 PM - System Checkpoint
    RP68: 10/22/2011 10:34:57 PM - System Checkpoint
    RP69: 10/23/2011 11:07:46 AM - Installed Java(TM) 6 Update 29
    RP70: 10/24/2011 1:27:09 PM - System Checkpoint
    RP71: 10/25/2011 1:47:08 PM - Installed Samsung PC Studio 3 USB Driver Installer
    RP72: 10/25/2011 2:08:09 PM - Installed Samsung PC Studio 5
    RP73: 10/25/2011 2:09:23 PM - Installed Samsung USB Installer
    .
    ==== Installed Programs ======================
    .
    µTorrent
    Adobe Acrobat 7.0 Professional
    Adobe Flash Player Plugin
    Adobe Shockwave Player 11.6
    Conduit Engine
    CyberDNC Pro 11.2
    GameSpy Arcade
    Google Chrome
    Google Talk Plugin
    HASP4 Device Drivers
    Hotfix for Windows XP (KB942288-v3)
    HP Integrated Module with Bluetooth wireless technology
    Intel(R) Graphics Media Accelerator Driver
    Intel(R) PRO Network Connections Drivers
    Java Auto Updater
    Java(TM) 6 Update 29
    K-Lite Codec Pack 7.2.0 (Basic)
    Malwarebytes' Anti-Malware version 1.51.2.1300
    MBlaze UI
    Microsoft .NET Framework 2.0 Service Pack 1
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    Microsoft Office Excel 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Outlook 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft Software Update for Web Folders (English) 12
    Microsoft User-Mode Driver Framework Feature Pack 1.9
    Microsoft Visual C++ 2005 Redistributable
    MSVC80_x86
    MSVC80_x86_v2
    MSVC90_x86
    MSXML 4.0 SP2 Parser and SDK
    MSXML4 Parser
    Nokia Connectivity Cable Driver
    Nokia Ovi Suite
    Nokia Ovi Suite Software Updater
    Nokia PC Suite
    Ovi Desktop Sync Engine
    OviMPlatform
    PC Connectivity Solution
    QualNet Developer 5.0.2
    Real Alternative 2.0.2
    Rise of Nations
    SAMSUNG CDMA Modem Driver Set
    SAMSUNG Mobile Modem Driver Set
    Samsung Mobile phone USB driver Software
    SAMSUNG Mobile USB Modem 1.0 Software
    SAMSUNG Mobile USB Modem Software
    Samsung PC Studio 3 USB Driver Installer
    Samsung PC Studio 5
    SAMSUNG SYMBIAN USB Download Driver
    Samsung USB Installer
    SamsungConnectivityCableDriver
    SoundMAX
    swMSM
    Tata Photon+
    uTorrentBar Toolbar
    VLC media player 1.1.11
    WebFldrs XP
    Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06)
    Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
    Windows Driver Package - MobileTop (sshpmdm) Modem (12/06/2005 2.4.0)
    Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
    Windows Driver Package - MobileTop (sshpusb) USB (12/06/2005 2.4.0)
    Windows Driver Package - Nokia Modem (06/09/2010 7.01.0.8)
    Windows Driver Package - Nokia Modem (10/07/2010 4.6)
    Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
    Windows Media Format 11 runtime
    Windows Media Player 11
    WinRAR archiver
    .
    ==== Event Viewer Messages From Past Week ========
    .
    10/24/2011 7:49:50 PM, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 00215C9FED0F has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
    10/23/2011 11:07:39 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
    .
    ==== End Of File ===========================
     
  4. anujchopra

    anujchopra Thread Starter

    Joined:
    Mar 11, 2011
    Messages:
    155
    Whenever i tried running the gmer, it automatically got shut down. so couldnot post that log
     
  5. anujchopra

    anujchopra Thread Starter

    Joined:
    Mar 11, 2011
    Messages:
    155
    things seem to have taken a turn for the worse. seems like there is some process that is hogging up my bandwidth.
     
  6. anujchopra

    anujchopra Thread Starter

    Joined:
    Mar 11, 2011
    Messages:
    155
  7. anujchopra

    anujchopra Thread Starter

    Joined:
    Mar 11, 2011
    Messages:
    155
  8. Larusso

    Larusso Malware Specialist

    Joined:
    Aug 9, 2011
    Messages:
    808
    Hi and welcome to TSG.

    I am reviewing your logs and will respond with a reply as soon as I can.

    Please note that all my replies are reviewed by a qualified Analyst before I post. This ensures that you will continue to receive quality expert assistance.

    Thank you for your patience.
     
  9. Larusso

    Larusso Malware Specialist

    Joined:
    Aug 9, 2011
    Messages:
    808
    Hy
    my name is Daniel and I will be assisting you with your Malware related problems.

    Before we move on, please read the following points carefully.
    • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
    • Perform everything in the correct order. Sometimes one step requires the previous one.
    • If you have any problems while you are following my instructions, Stop there and tell me the exact nature of your problem.
    • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
    • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
    • If I don't hear from you within 3 days from this initial or any subsequent post, I will have to unsubscribe from this thread and move on to assist someone else.
    • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
    • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.



    Click > Start > Control Panel > Add / Remove Programs and uninstall the following programs (if present):
    Conduit Engine
    uTorrentBar Toolbar


    Conduit toolbars are reputed to have a certain trackware functionality


    I see no evidence of an AntiVirus program on your system. This must be resolved. Connecting to the Internet without antivirus protection is a "Welcome" doormat for malware.

    Here are a few very good free Antivirus products which are available: Select one of these, or another of your choice. Do not install more than one antivirus program because they will conflict with each other. It is imperative that you update your antivirus software at least once a week (even more if you wish). If you do not update your antivirus software then it will not be able to catch new malware that may have come out.

    Install, update definitions, and run a full system scan with the Anti-Virus of your choice.



    Please launch DDS
    • When done, DDS will open two (2) logs:
      1. DDS.txt
      2. Attach.txt
    • Save both reports to your desktop.
    Please post both in your next reply



    Please Download Rootkit Unhooker and save it to your desktop.
    • Now double-click on RKUnhookerLE.exe to run it.
    • Click the Report tab, then click Scan.
    • Please check (Tick)
      • Drivers
      • Stealth
      • Files
      Uncheck the rest.
    • Click OK.
    • Wait till the scanner has finished and then click File, Save Report.
    • Save the report somewhere where you can find it. Click Close.
    Copy the entire contents of the report and paste it in a reply here.

    Note** you may get the following warning, just click OK and continue.

    "Rootkit Unhooker has detected a parasite inside itself!
    It is recommended to remove parasite, okay?"




    Please post in your next reply
    dds.txt
    attach.txt
    Scan log of your new AVP
    RKU Logfile
     
  10. anujchopra

    anujchopra Thread Starter

    Joined:
    Mar 11, 2011
    Messages:
    155
    the logs i had posted earlier are now outdated. I had installed avast a few days back.
    i'll post the logs soon.
    thanks for assisting me.
     
  11. anujchopra

    anujchopra Thread Starter

    Joined:
    Mar 11, 2011
    Messages:
    155
    Error starting helper service....(Rku log). i'm pasting the portion of the log that had come in the window (Report tab).

    RkU Version: 3.8.389.593, Type LE (SR2)
    ==============================================
    OS Name: Windows XP
    Version 5.1.2600 (Service Pack 3)
    Number of processors #2
    ==============================================
    >Drivers
    ==============================================
    0xB984D000 C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 5959680 bytes (Intel Corporation, Intel Graphics Miniport Driver)
    0xB9436000 C:\WINDOWS\system32\DRIVERS\NETw5x32.sys 3629056 bytes (Intel Corporation, Intel® Wireless WiFi Link Driver)
    0xBF26A000 C:\WINDOWS\System32\igxpdx32.DLL 3235840 bytes (Intel Corporation, DirectDraw(R) Driver for Intel(R) Graphics Technology)
    0xBF04F000 C:\WINDOWS\System32\igxpdv32.DLL 2207744 bytes (Intel Corporation, Component GHAL Driver)
    0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2150400 bytes (Microsoft Corporation, NT Kernel & System)
    0x804D7000 PnpManager 2150400 bytes
    0x804D7000 RAW 2150400 bytes
    0x804D7000 WMIxWDM 2150400 bytes
    0xBF800000 Win32k 1847296 bytes
    0xBF800000 C:\WINDOWS\System32\win32k.sys 1847296 bytes (Microsoft Corporation, Multi-User Win32 Driver)
    0xB931B000 C:\WINDOWS\system32\DRIVERS\btkrnl.sys 851968 bytes (Broadcom Corporation., Bluetooth Bus Enumerator)
    0xA8117000 C:\WINDOWS\system32\drivers\hardlock.sys 688128 bytes (Aladdin Knowledge Systems Ltd., Hardlock Device Driver for Windows NT)
    0xA8CBB000 C:\WINDOWS\System32\Drivers\Ntfs.SYS 577536 bytes (Microsoft Corporation, NT File System Driver)
    0xB91E5000 C:\WINDOWS\system32\drivers\btaudio.sys 524288 bytes (Broadcom Corporation., Bluetooth Audio Device)
    0xA8D97000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
    0xB9265000 C:\WINDOWS\system32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
    0xA8EC4000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
    0xA809D000 C:\WINDOWS\system32\DRIVERS\srv.sys 335872 bytes (Microsoft Corporation, Server driver)
    0xA8F90000 C:\WINDOWS\system32\drivers\ADIHdAud.sys 299008 bytes (Analog Devices, Inc., High Definition Audio Function Driver)
    0xB97F8000 C:\WINDOWS\system32\DRIVERS\e1e5132.sys 266240 bytes (Intel Corporation, Intel(R) PRO/1000 Adapter NDIS 5.2 deserialized driver)
    0xA7F54000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
    0xA800D000 c:\windows\system32\drivers\XHASP.sys 262144 bytes
    0xB92C3000 C:\WINDOWS\system32\DRIVERS\rdpdr.sys 196608 bytes (Microsoft Corporation, Microsoft RDP Device redirector)
    0xB9F79000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
    0xA81BF000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
    0xB9E71000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
    0xBF024000 C:\WINDOWS\System32\igxpgd32.dll 176128 bytes (Intel Corporation, Intel Graphics 2D Driver)
    0xA78C1000 C:\WINDOWS\system32\drivers\kmixer.sys 176128 bytes (Microsoft Corporation, Kernel Mode Audio Mixer)
    0xA8E07000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
    0xB97AC000 C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 163840 bytes (Windows (R) Server 2003 DDK provider, High Definition Audio Bus Driver v1.0a)
    0xA8E76000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
    0xA8D70000 C:\WINDOWS\System32\Drivers\aswSP.SYS 159744 bytes (ALWIL Software, avast! self protection module)
    0xB9F23000 dmio.sys 155648 bytes (Microsoft Corp., Veritas Software, NT Disk Manager I/O Driver)
    0xA8E9E000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
    0xB9EB5000 Fastfat.sys 147456 bytes (Microsoft Corporation, Fast FAT File System Driver)
    0xB91C1000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
    0xB97D4000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
    0xB9413000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
    0xA8E54000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
    0xA8E32000 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 139264 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASKUTIL.SYS)
    0x806E4000 ACPI_HAL 134400 bytes
    0x806E4000 C:\WINDOWS\system32\hal.dll 134400 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
    0xB9EEB000 fltMgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
    0xB9F49000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
    0xA8C9D000 C:\WINDOWS\system32\DRIVERS\btwdndis.sys 122880 bytes (Broadcom Corporation., Bluetooth LAN Access Server Driver)
    0xB9E57000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
    0xA8F78000 C:\WINDOWS\system32\drivers\AEAudio.sys 98304 bytes (Andrea Electronics Corporation, Audio Noise Filtering Driver (32-bit))
    0xB9F0B000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
    0xA8C85000 C:\WINDOWS\System32\Drivers\dump_atapi.sys 98304 bytes
    0xA88E7000 C:\WINDOWS\System32\Drivers\aswMon2.SYS 94208 bytes (ALWIL Software, avast! File System Filter Driver for Windows XP)
    0xB9E9E000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
    0xB9304000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
    0xA8B2E000 C:\WINDOWS\system32\DRIVERS\WudfPf.sys 94208 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
    0xA83D2000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
    0xB9839000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
    0xA8F1D000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
    0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
    0xBF012000 C:\WINDOWS\System32\igxprd32.dll 73728 bytes (Intel Corporation, Intel Graphics 2D Rotation Driver)
    0xB9ED9000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
    0xB9F68000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
    0xB92F3000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
    0xBA298000 C:\WINDOWS\System32\Drivers\btwusb.sys 65536 bytes (Broadcom Corporation., Driver for Bluetooth USB Devices)
    0xBA2A8000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
    0xBA148000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
    0xBA1B8000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
    0xBA158000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
    0xA8ACE000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
    0xBA1E8000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
    0xBA0E8000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
    0xBA128000 C:\WINDOWS\system32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver)
    0xBA168000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
    0xBA0C8000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
    0xA85A7000 C:\WINDOWS\system32\drivers\Haspnt.sys 49152 bytes (Aladdin Knowledge Systems, HASP Kernel Device Driver for Windows NT)
    0xBA188000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
    0xBA278000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
    0xBA138000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
    0xBA0B8000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
    0xBA178000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
    0xBA238000 C:\WINDOWS\System32\Drivers\aswTdi.SYS 40960 bytes (ALWIL Software, avast! TDI Filter Driver)
    0xBA0A8000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
    0xBA1C8000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
    0xBA1A8000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
    0xA7DC4000 C:\WINDOWS\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
    0xBA0D8000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
    0xBA118000 C:\WINDOWS\system32\DRIVERS\intelppm.sys 36864 bytes (Microsoft Corporation, Processor Device Driver)
    0xBA198000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
    0xBA258000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
    0xBA248000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
    0xBA380000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Modem Device Driver)
    0xBA3D0000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
    0xBA368000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
    0xBA3A0000 C:\WINDOWS\system32\DRIVERS\btport.sys 28672 bytes (Broadcom Corporation., Bluetooth BTPORT Driver for Windows 2000)
    0xBA3F8000 C:\WINDOWS\system32\DRIVERS\btwmodem.sys 28672 bytes (Broadcom Corporation., Bluetooth BTPORT Driver for Windows 2000)
    0xBA328000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
    0xBA3F0000 C:\WINDOWS\System32\Drivers\Aavmker4.SYS 24576 bytes (ALWIL Software, avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP)
    0xBA370000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
    0xBA378000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
    0xBA3E0000 C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 24576 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASDIFSV.SYS)
    0xBA3D8000 C:\WINDOWS\System32\Drivers\StarOpen.SYS 24576 bytes
    0xBA360000 C:\WINDOWS\system32\DRIVERS\usbuhci.sys 24576 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
    0xBA3C0000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
    0xBA488000 C:\WINDOWS\System32\Drivers\aswRdr.SYS 20480 bytes (ALWIL Software, avast! TDI RDR Driver)
    0xBA3C8000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
    0xBA330000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
    0xBA390000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
    0xBA398000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel(R) mini-port/call-manager driver)
    0xBA388000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
    0xBA400000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
    0xBA4C0000 C:\WINDOWS\system32\DRIVERS\BATTC.SYS 16384 bytes (Microsoft Corporation, Battery Class Driver)
    0xBA554000 C:\WINDOWS\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
    0xA8C6D000 C:\WINDOWS\system32\drivers\mbam.sys 16384 bytes (Malwarebytes Corporation, Malwarebytes' Anti-Malware)
    0xBA574000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
    0xA8B0E000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
    0xBA4C4000 ACPIEC.sys 12288 bytes (Microsoft Corporation, ACPI Embedded Controller Driver)
    0xA8C69000 C:\WINDOWS\System32\Drivers\aswFsBlk.SYS 12288 bytes (ALWIL Software, avast! File System Access Blocking Driver)
    0xBA4B8000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
    0xBA4BC000 compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
    0xB91B9000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
    0xBA55C000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
    0xB9E23000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
    0xBA558000 C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 12288 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
    0xB9E13000 C:\WINDOWS\System32\drivers\ws2ifsl.sys 12288 bytes (Microsoft Corporation, Winsock2 IFS Layer)
    0xBA5C0000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
    0xBA5AC000 dmload.sys 8192 bytes (Microsoft Corp., Veritas Software., NT Disk Manager Startup Driver)
    0xBA5C6000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes
    0xBA5BE000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
    0xBA5A8000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
    0xBA5C2000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
    0xBA5C4000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
    0xBA5B4000 C:\WINDOWS\System32\Drivers\RootMdm.sys 8192 bytes (Microsoft Corporation, Legacy Non-Pnp Modem Device Driver)
    0xBA5B6000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
    0xBA5B8000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
    0xBA5AA000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
    0xBA74E000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
    0xBA7F7000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
    0xBA794000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
    0xBA671000 C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS 4096 bytes (Microsoft Corporation, ACPI Operation Registration Driver)
    0xBA670000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
    ==============================================
    >Stealth
    ==============================================
    ==============================================
    >Files
    ==============================================


    Nothing detected :(
     
  12. anujchopra

    anujchopra Thread Starter

    Joined:
    Mar 11, 2011
    Messages:
    155
    Error starting helper service....(Rku log). i'm pasting the portion of the log that had come in the window (Report tab).

    RkU Version: 3.8.389.593, Type LE (SR2)
    ==============================================
    OS Name: Windows XP
    Version 5.1.2600 (Service Pack 3)
    Number of processors #2
    ==============================================
    >Drivers
    ==============================================
    0xB984D000 C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 5959680 bytes (Intel Corporation, Intel Graphics Miniport Driver)
    0xB9436000 C:\WINDOWS\system32\DRIVERS\NETw5x32.sys 3629056 bytes (Intel Corporation, Intel® Wireless WiFi Link Driver)
    0xBF26A000 C:\WINDOWS\System32\igxpdx32.DLL 3235840 bytes (Intel Corporation, DirectDraw(R) Driver for Intel(R) Graphics Technology)
    0xBF04F000 C:\WINDOWS\System32\igxpdv32.DLL 2207744 bytes (Intel Corporation, Component GHAL Driver)
    0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2150400 bytes (Microsoft Corporation, NT Kernel & System)
    0x804D7000 PnpManager 2150400 bytes
    0x804D7000 RAW 2150400 bytes
    0x804D7000 WMIxWDM 2150400 bytes
    0xBF800000 Win32k 1847296 bytes
    0xBF800000 C:\WINDOWS\System32\win32k.sys 1847296 bytes (Microsoft Corporation, Multi-User Win32 Driver)
    0xB931B000 C:\WINDOWS\system32\DRIVERS\btkrnl.sys 851968 bytes (Broadcom Corporation., Bluetooth Bus Enumerator)
    0xA8117000 C:\WINDOWS\system32\drivers\hardlock.sys 688128 bytes (Aladdin Knowledge Systems Ltd., Hardlock Device Driver for Windows NT)
    0xA8CBB000 C:\WINDOWS\System32\Drivers\Ntfs.SYS 577536 bytes (Microsoft Corporation, NT File System Driver)
    0xB91E5000 C:\WINDOWS\system32\drivers\btaudio.sys 524288 bytes (Broadcom Corporation., Bluetooth Audio Device)
    0xA8D97000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
    0xB9265000 C:\WINDOWS\system32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
    0xA8EC4000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
    0xA809D000 C:\WINDOWS\system32\DRIVERS\srv.sys 335872 bytes (Microsoft Corporation, Server driver)
    0xA8F90000 C:\WINDOWS\system32\drivers\ADIHdAud.sys 299008 bytes (Analog Devices, Inc., High Definition Audio Function Driver)
    0xB97F8000 C:\WINDOWS\system32\DRIVERS\e1e5132.sys 266240 bytes (Intel Corporation, Intel(R) PRO/1000 Adapter NDIS 5.2 deserialized driver)
    0xA7F54000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
    0xA800D000 c:\windows\system32\drivers\XHASP.sys 262144 bytes
    0xB92C3000 C:\WINDOWS\system32\DRIVERS\rdpdr.sys 196608 bytes (Microsoft Corporation, Microsoft RDP Device redirector)
    0xB9F79000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
    0xA81BF000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
    0xB9E71000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
    0xBF024000 C:\WINDOWS\System32\igxpgd32.dll 176128 bytes (Intel Corporation, Intel Graphics 2D Driver)
    0xA78C1000 C:\WINDOWS\system32\drivers\kmixer.sys 176128 bytes (Microsoft Corporation, Kernel Mode Audio Mixer)
    0xA8E07000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
    0xB97AC000 C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 163840 bytes (Windows (R) Server 2003 DDK provider, High Definition Audio Bus Driver v1.0a)
    0xA8E76000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
    0xA8D70000 C:\WINDOWS\System32\Drivers\aswSP.SYS 159744 bytes (ALWIL Software, avast! self protection module)
    0xB9F23000 dmio.sys 155648 bytes (Microsoft Corp., Veritas Software, NT Disk Manager I/O Driver)
    0xA8E9E000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
    0xB9EB5000 Fastfat.sys 147456 bytes (Microsoft Corporation, Fast FAT File System Driver)
    0xB91C1000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
    0xB97D4000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
    0xB9413000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
    0xA8E54000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
    0xA8E32000 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 139264 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASKUTIL.SYS)
    0x806E4000 ACPI_HAL 134400 bytes
    0x806E4000 C:\WINDOWS\system32\hal.dll 134400 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
    0xB9EEB000 fltMgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
    0xB9F49000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
    0xA8C9D000 C:\WINDOWS\system32\DRIVERS\btwdndis.sys 122880 bytes (Broadcom Corporation., Bluetooth LAN Access Server Driver)
    0xB9E57000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
    0xA8F78000 C:\WINDOWS\system32\drivers\AEAudio.sys 98304 bytes (Andrea Electronics Corporation, Audio Noise Filtering Driver (32-bit))
    0xB9F0B000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
    0xA8C85000 C:\WINDOWS\System32\Drivers\dump_atapi.sys 98304 bytes
    0xA88E7000 C:\WINDOWS\System32\Drivers\aswMon2.SYS 94208 bytes (ALWIL Software, avast! File System Filter Driver for Windows XP)
    0xB9E9E000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
    0xB9304000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
    0xA8B2E000 C:\WINDOWS\system32\DRIVERS\WudfPf.sys 94208 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
    0xA83D2000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
    0xB9839000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
    0xA8F1D000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
    0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
    0xBF012000 C:\WINDOWS\System32\igxprd32.dll 73728 bytes (Intel Corporation, Intel Graphics 2D Rotation Driver)
    0xB9ED9000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
    0xB9F68000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
    0xB92F3000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
    0xBA298000 C:\WINDOWS\System32\Drivers\btwusb.sys 65536 bytes (Broadcom Corporation., Driver for Bluetooth USB Devices)
    0xBA2A8000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
    0xBA148000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
    0xBA1B8000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
    0xBA158000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
    0xA8ACE000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
    0xBA1E8000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
    0xBA0E8000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
    0xBA128000 C:\WINDOWS\system32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver)
    0xBA168000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
    0xBA0C8000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
    0xA85A7000 C:\WINDOWS\system32\drivers\Haspnt.sys 49152 bytes (Aladdin Knowledge Systems, HASP Kernel Device Driver for Windows NT)
    0xBA188000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
    0xBA278000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
    0xBA138000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
    0xBA0B8000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
    0xBA178000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
    0xBA238000 C:\WINDOWS\System32\Drivers\aswTdi.SYS 40960 bytes (ALWIL Software, avast! TDI Filter Driver)
    0xBA0A8000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
    0xBA1C8000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
    0xBA1A8000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
    0xA7DC4000 C:\WINDOWS\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
    0xBA0D8000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
    0xBA118000 C:\WINDOWS\system32\DRIVERS\intelppm.sys 36864 bytes (Microsoft Corporation, Processor Device Driver)
    0xBA198000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
    0xBA258000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
    0xBA248000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
    0xBA380000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Modem Device Driver)
    0xBA3D0000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
    0xBA368000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
    0xBA3A0000 C:\WINDOWS\system32\DRIVERS\btport.sys 28672 bytes (Broadcom Corporation., Bluetooth BTPORT Driver for Windows 2000)
    0xBA3F8000 C:\WINDOWS\system32\DRIVERS\btwmodem.sys 28672 bytes (Broadcom Corporation., Bluetooth BTPORT Driver for Windows 2000)
    0xBA328000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
    0xBA3F0000 C:\WINDOWS\System32\Drivers\Aavmker4.SYS 24576 bytes (ALWIL Software, avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP)
    0xBA370000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
    0xBA378000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
    0xBA3E0000 C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 24576 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASDIFSV.SYS)
    0xBA3D8000 C:\WINDOWS\System32\Drivers\StarOpen.SYS 24576 bytes
    0xBA360000 C:\WINDOWS\system32\DRIVERS\usbuhci.sys 24576 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
    0xBA3C0000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
    0xBA488000 C:\WINDOWS\System32\Drivers\aswRdr.SYS 20480 bytes (ALWIL Software, avast! TDI RDR Driver)
    0xBA3C8000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
    0xBA330000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
    0xBA390000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
    0xBA398000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel(R) mini-port/call-manager driver)
    0xBA388000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
    0xBA400000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
    0xBA4C0000 C:\WINDOWS\system32\DRIVERS\BATTC.SYS 16384 bytes (Microsoft Corporation, Battery Class Driver)
    0xBA554000 C:\WINDOWS\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
    0xA8C6D000 C:\WINDOWS\system32\drivers\mbam.sys 16384 bytes (Malwarebytes Corporation, Malwarebytes' Anti-Malware)
    0xBA574000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
    0xA8B0E000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
    0xBA4C4000 ACPIEC.sys 12288 bytes (Microsoft Corporation, ACPI Embedded Controller Driver)
    0xA8C69000 C:\WINDOWS\System32\Drivers\aswFsBlk.SYS 12288 bytes (ALWIL Software, avast! File System Access Blocking Driver)
    0xBA4B8000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
    0xBA4BC000 compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
    0xB91B9000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
    0xBA55C000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
    0xB9E23000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
    0xBA558000 C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 12288 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
    0xB9E13000 C:\WINDOWS\System32\drivers\ws2ifsl.sys 12288 bytes (Microsoft Corporation, Winsock2 IFS Layer)
    0xBA5C0000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
    0xBA5AC000 dmload.sys 8192 bytes (Microsoft Corp., Veritas Software., NT Disk Manager Startup Driver)
    0xBA5C6000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes
    0xBA5BE000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
    0xBA5A8000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
    0xBA5C2000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
    0xBA5C4000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
    0xBA5B4000 C:\WINDOWS\System32\Drivers\RootMdm.sys 8192 bytes (Microsoft Corporation, Legacy Non-Pnp Modem Device Driver)
    0xBA5B6000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
    0xBA5B8000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
    0xBA5AA000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
    0xBA74E000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
    0xBA7F7000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
    0xBA794000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
    0xBA671000 C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS 4096 bytes (Microsoft Corporation, ACPI Operation Registration Driver)
    0xBA670000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
    ==============================================
    >Stealth
    ==============================================
    ==============================================
    >Files
    ==============================================


    Nothing detected :(
     
  13. anujchopra

    anujchopra Thread Starter

    Joined:
    Mar 11, 2011
    Messages:
    155
    .
    DDS (Ver_2011-08-26.01) - FAT32x86
    Internet Explorer: 6.0.2900.5512
    Run by DAWSON at 22:23:54 on 2011-11-01
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2039.1510 [GMT 5.5:30]
    .
    AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    SVCHOST.EXE
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    SVCHOST.EXE
    SVCHOST.EXE
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Download Manager\IDMan.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Internet Download Manager\IEMonitor.exe
    C:\Documents and Settings\DAWSON\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    C:\WINDOWS\system32\drwtsn32.exe
    C:\WINDOWS\system32\drwtsn32.exe
    C:\Documents and Settings\DAWSON\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\DAWSON\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\DAWSON\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\DAWSON\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    .
    ============== Pseudo HJT Report ===============
    .
    BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
    BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
    BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
    EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
    uRun: [Aliiii] c:\documents and settings\dawson\application data\Aliiii.exe
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
    mRun: [<NO NAME>]
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
    mRun: [SoundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray
    mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
    mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
    dRunOnce: [RunNarrator] Narrator.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
    mPolicies-system: Shell = explorer.exe,c:\documents and settings\dawson\application data\Aliiii.exe
    IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Convert to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
    IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm
    IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
    LSP: c:\windows\system32\idmmbc.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{9A6A0AE9-B9D4-49A7-A017-764C4084598D} : DhcpNameServer = 192.168.1.1
    Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
    Notify: igfxcui - igfxdev.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-10-25 165456]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-13 67664]
    R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-10-25 17744]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-10-25 40384]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-9 366152]
    R2 UDisk Monitor;UDisk Monitor;c:\program files\mblaze ui\bin\MonServiceUDisk.exe [2011-7-16 512000]
    R2 XHASP;XHASP;c:\windows\system32\drivers\XHASP.sys [2011-10-19 259584]
    R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2011-10-25 40384]
    R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2011-10-25 40384]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-10-9 22216]
    S3 80BE45A7;80BE45A7;c:\windows\system32\80be45a7.exe --> c:\windows\system32\80BE45A7.exe [?]
    S3 D089877D;D089877D;c:\windows\system32\d089877d.exe --> c:\windows\system32\D089877D.exe [?]
    S3 FtFilter;FtFilter;\??\c:\windows\system32\sffilter.sys --> c:\windows\system32\SfFilter.sys [?]
    S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2011-10-5 100736]
    S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
    S3 ztemtusbser;ZTEMT Legacy Serial Communication;c:\windows\system32\drivers\CT_ZTEMT_U_USBSER.sys [2011-7-16 104704]
    .
    =============== Created Last 30 ================
    .
    2011-11-01 16:33:48 54016 ----a-w- c:\windows\system32\drivers\aesyswk.sys
    2011-11-01 07:54:46 -------- d-----w- c:\documents and settings\dawson\application data\IDM
    2011-11-01 07:54:45 -------- d-----w- c:\documents and settings\dawson\application data\DMCache
    2011-11-01 07:54:34 -------- d-----w- c:\program files\Internet Download Manager
    2011-10-31 15:42:36 -------- d-----w- c:\documents and settings\dawson\application data\SUPERAntiSpyware.com
    2011-10-31 15:41:27 -------- d-----w- c:\program files\SUPERAntiSpyware
    2011-10-31 15:41:27 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
    2011-10-25 12:32:36 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-10-25 12:22:35 38848 ----a-w- c:\windows\avastSS.scr
    2011-10-25 12:22:29 -------- d-----w- c:\documents and settings\all users\application data\Alwil Software
    2011-10-25 08:39:01 174592 ----a-w- c:\windows\system32\framedyn.dll
    2011-10-25 08:38:33 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
    2011-10-25 08:17:17 9256 ----a-w- c:\windows\system32\drivers\sscdwhnt.sys
    2011-10-25 08:17:17 9256 ----a-w- c:\windows\system32\drivers\sscdwh.sys
    2011-10-25 08:17:17 9256 ----a-w- c:\windows\system32\drivers\sscdcmnt.sys
    2011-10-25 08:17:17 9256 ----a-w- c:\windows\system32\drivers\sscdcm.sys
    2011-10-25 08:17:17 80552 ----a-w- c:\windows\system32\drivers\sscdbus.sys
    2011-10-25 08:17:17 11944 ----a-w- c:\windows\system32\drivers\sscdmdfl.sys
    2011-10-25 08:17:17 106792 ----a-w- c:\windows\system32\drivers\sscdmdm.sys
    2011-10-25 08:17:12 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
    2011-10-25 07:59:21 -------- d-----w- c:\documents and settings\dawson\application data\Samsung
    2011-10-25 07:58:56 -------- d-----w- c:\program files\MSXML 4.0
    2011-10-25 07:58:41 -------- d-----w- c:\program files\Samsung
    2011-10-19 16:35:55 4856 ----a-w- c:\windows\system32\drivers\D2672BE1.bin
    2011-10-19 16:33:29 259584 ----a-w- c:\windows\system32\drivers\XHASP.sys
    2011-10-19 16:32:50 685056 ----a-w- c:\windows\system32\drivers\hardlock.sys
    2011-10-19 16:32:39 6656 ----a-w- c:\windows\system32\haspvdd.dll
    2011-10-19 16:32:39 47616 ----a-w- c:\windows\system32\drivers\Haspnt.sys
    2011-10-19 16:32:39 383 ----a-w- c:\windows\system32\haspdos.sys
    2011-10-19 16:32:33 3063808 ----a-w- c:\windows\system32\hinstd.dll
    2011-10-19 16:32:33 24576 ----a-w- c:\windows\system32\hdduinst.exe
    2011-10-19 16:32:33 2164411 ----a-w- c:\windows\system32\haspds_windows.dll
    2011-10-19 16:32:33 164864 ----a-w- c:\windows\system32\UNWISE.EXE
    2011-10-19 16:32:19 -------- d-----w- c:\program files\CyberDNC Pro 11.2
    2011-10-19 03:22:42 -------- d-----w- c:\documents and settings\dawson\.qualnetUserDir
    2011-10-19 03:19:22 -------- d-----w- C:\snt
    2011-10-15 17:15:14 86016 ----a-w- c:\windows\system32\ZSPOOL.DLL
    2011-10-15 17:15:14 24576 ----a-w- c:\windows\system32\ZTAG32.DLL
    2011-10-15 17:15:13 86016 ----a-w- c:\windows\system32\ZLhp1020.DLL
    2011-10-15 17:15:13 397312 ----a-w- c:\windows\system32\ZSHP1020.EXE
    2011-10-15 17:15:13 28672 ----a-w- c:\windows\system32\ZLM.DLL
    2011-10-15 17:15:11 106496 ----a-w- c:\windows\system32\VSHP1020.DLL
    2011-10-15 17:15:08 49152 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\IMFPRINT.DLL
    2011-10-15 17:15:08 28672 ----a-w- c:\windows\system32\IMF32.DLL
    2011-10-15 16:53:10 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
    2011-10-15 16:53:10 25856 ----a-w- c:\windows\system32\dllcache\usbprint.sys
    2011-10-09 15:56:38 -------- d-----w- c:\documents and settings\dawson\application data\Malwarebytes
    2011-10-09 15:56:31 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
    2011-10-09 15:56:28 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-10-09 15:56:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-10-05 02:51:45 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
    2011-10-05 02:51:45 113280 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
    2011-10-05 02:51:45 102528 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
    2011-10-05 02:51:45 100736 ----a-w- c:\windows\system32\drivers\ewusbdev.sys
    2011-10-05 02:51:37 -------- d-----w- c:\program files\Tata Photon+
    2011-10-03 12:57:00 -------- d-----w- C:\Scenario
    .
    ==================== Find3M ====================
    .
    2011-10-25 12:32:10 93184 ----a-w- c:\windows\sysprep.exe
    2011-10-25 12:32:10 544768 ----a-w- c:\windows\setupmgr.exe
    2011-10-25 12:32:10 2965504 ----a-w- c:\windows\system32\protected.exe
    2011-10-25 12:32:10 136192 ----a-w- c:\windows\factory.exe
    2011-10-02 23:36:04 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2011-10-02 21:07:52 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2011-08-08 16:38:40 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
    .
    ============= FINISH: 22:24:25.17 ===============
     
  14. anujchopra

    anujchopra Thread Starter

    Joined:
    Mar 11, 2011
    Messages:
    155
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 7/15/2011 9:54:38 PM
    System Uptime: 11/1/2011 6:02:41 PM (4 hours ago)
    .
    Motherboard: Hewlett-Packard | | 3618
    Processor: Intel(R) Core(TM)2 Duo CPU T5470 @ 1.60GHz | U10 | 1596/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (FAT32) - 49 GiB total, 7.874 GiB free.
    D: is FIXED (NTFS) - 63 GiB total, 52.204 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID:
    Description:
    Device ID: HDAUDIO\FUNC_02&VEN_11C1&DEV_1040&SUBSYS_103C1378&REV_1002\4&C3F7DAE&0&0101
    Manufacturer:
    Name:
    PNP Device ID: HDAUDIO\FUNC_02&VEN_11C1&DEV_1040&SUBSYS_103C1378&REV_1002\4&C3F7DAE&0&0101
    Service:
    .
    Class GUID:
    Description:
    Device ID: ACPI\HPQ0006\2&DABA3FF&0
    Manufacturer:
    Name:
    PNP Device ID: ACPI\HPQ0006\2&DABA3FF&0
    Service:
    .
    Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
    Description: Nokia Windows Portable Device Driver
    Device ID: ROOT\WPD\0000
    Manufacturer: Nokia
    Name: Nokia 7210 Supernova
    PNP Device ID: ROOT\WPD\0000
    Service: WUDFRd
    .
    Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
    Description: Nokia Windows Portable Device Driver
    Device ID: ROOT\WPD\0001
    Manufacturer: Nokia
    Name: X2-01
    PNP Device ID: ROOT\WPD\0001
    Service: WUDFRd
    .
    Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
    Description: Nokia Windows Portable Device Driver
    Device ID: ROOT\WPD\0002
    Manufacturer: Nokia
    Name: C2-00
    PNP Device ID: ROOT\WPD\0002
    Service: WUDFRd
    .
    Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
    Description: Nokia Phone
    Device ID: ROOT\WPD\0003
    Manufacturer: Nokia
    Name: Nokia Phone
    PNP Device ID: ROOT\WPD\0003
    Service: WUDFRd
    .
    ==== System Restore Points ===================
    .
    RP55: 9/29/2011 11:30:41 PM - System Checkpoint
    RP56: 10/1/2011 11:50:31 AM - System Checkpoint
    RP57: 10/2/2011 2:00:32 PM - System Checkpoint
    RP58: 10/3/2011 7:58:49 PM - System Checkpoint
    RP59: 10/9/2011 1:53:21 AM - System Checkpoint
    RP60: 10/10/2011 2:39:56 AM - System Checkpoint
    RP61: 10/13/2011 7:26:31 PM - System Checkpoint
    RP62: 10/14/2011 7:33:34 PM - System Checkpoint
    RP63: 10/15/2011 10:47:30 PM - Unsigned printer driver HP LaserJet 1020 installed.
    RP64: 10/17/2011 8:28:59 AM - System Checkpoint
    RP65: 10/18/2011 6:20:47 PM - System Checkpoint
    RP66: 10/19/2011 8:51:11 AM - Installed Microsoft Visual C++ 2005 Redistributable
    RP67: 10/20/2011 6:46:47 PM - System Checkpoint
    RP68: 10/22/2011 10:34:57 PM - System Checkpoint
    RP69: 10/23/2011 11:07:46 AM - Installed Java(TM) 6 Update 29
    RP70: 10/24/2011 1:27:09 PM - System Checkpoint
    RP71: 10/25/2011 1:47:08 PM - Installed Samsung PC Studio 3 USB Driver Installer
    RP72: 10/25/2011 2:08:09 PM - Installed Samsung PC Studio 5
    RP73: 10/25/2011 2:09:23 PM - Installed Samsung USB Installer
    RP74: 10/25/2011 5:52:29 PM - avast! Free Antivirus Setup
    RP75: 10/26/2011 8:49:01 PM - System Checkpoint
    RP76: 10/27/2011 10:03:06 PM - System Checkpoint
    RP77: 10/29/2011 3:46:20 PM - System Checkpoint
    RP78: 10/30/2011 3:49:25 PM - System Checkpoint
    RP79: 11/1/2011 9:17:13 AM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    µTorrent
    Adobe Acrobat 7.0 Professional
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player Plugin
    Adobe Shockwave Player 11.6
    CyberDNC Pro 11.2
    GameSpy Arcade
    Google Chrome
    Google Talk Plugin
    HASP4 Device Drivers
    Hotfix for Windows XP (KB942288-v3)
    HP Integrated Module with Bluetooth wireless technology
    Intel(R) Graphics Media Accelerator Driver
    Intel(R) PRO Network Connections Drivers
    Internet Download Manager
    Java Auto Updater
    Java(TM) 6 Update 29
    K-Lite Codec Pack 7.2.0 (Basic)
    Malwarebytes' Anti-Malware version 1.51.2.1300
    MBlaze UI
    Microsoft .NET Framework 2.0 Service Pack 1
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    Microsoft Office Excel 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Outlook 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft Software Update for Web Folders (English) 12
    Microsoft User-Mode Driver Framework Feature Pack 1.9
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    MSVC80_x86
    MSVC80_x86_v2
    MSVC90_x86
    MSXML 4.0 SP2 Parser and SDK
    MSXML4 Parser
    Nokia Connectivity Cable Driver
    Nokia Ovi Suite
    Nokia Ovi Suite Software Updater
    Nokia PC Suite
    Ovi Desktop Sync Engine
    OviMPlatform
    PC Connectivity Solution
    QualNet Developer 5.0.2
    Real Alternative 2.0.2
    Rise of Nations
    SAMSUNG CDMA Modem Driver Set
    SAMSUNG Mobile Modem Driver Set
    Samsung Mobile phone USB driver Software
    SAMSUNG Mobile USB Modem 1.0 Software
    SAMSUNG Mobile USB Modem Software
    Samsung PC Studio 3 USB Driver Installer
    Samsung PC Studio 5
    SAMSUNG SYMBIAN USB Download Driver
    Samsung USB Installer
    SamsungConnectivityCableDriver
    SoundMAX
    SUPERAntiSpyware
    swMSM
    Tata Photon+
    VLC media player 1.1.11
    WebFldrs XP
    Windows Driver Package - FTDI CDM Driver Package (03/13/2008 2.04.06)
    Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
    Windows Driver Package - MobileTop (sshpmdm) Modem (12/06/2005 2.4.0)
    Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
    Windows Driver Package - MobileTop (sshpusb) USB (12/06/2005 2.4.0)
    Windows Driver Package - Nokia Modem (06/09/2010 7.01.0.8)
    Windows Driver Package - Nokia Modem (10/07/2010 4.6)
    Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
    Windows Media Format 11 runtime
    Windows Media Player 11
    WinRAR archiver
    .
    ==== Event Viewer Messages From Past Week ========
    .
    11/1/2011 10:22:04 PM, error: Service Control Manager [7000] - The D089877D service failed to start due to the following error: The system cannot find the file specified.
    11/1/2011 10:19:41 PM, error: Service Control Manager [7000] - The 80BE45A7 service failed to start due to the following error: The system cannot find the file specified.
    10/31/2011 9:50:52 PM, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00215C9FED0F. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
    10/29/2011 6:33:48 PM, error: Dhcp [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 00215C9FED0F has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
    10/29/2011 6:28:49 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
    10/26/2011 10:10:01 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the avast! Antivirus service.
    10/26/2011 10:01:45 AM, error: Dhcp [1002] - The IP address lease 192.168.1.3 for the Network Card with network address 00215C9FED0F has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
    10/25/2011 6:08:25 PM, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
    .
    ==== End Of File ===========================
     
  15. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    28,785
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1023925