Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

MALware or worse?

Started by Texx01 , May 28 2011 09:20 PM

  • This topic is locked This topic is locked

#31
Texx01
Posted 08 June 2011 - 08:04 PM

Texx01

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
2011/06/08 22:05:18.0015 3276 TDSS rootkit removing tool 2.5.4.0 Jun 7 2011 17:31:48
2011/06/08 22:05:18.0453 3276 ================================================================================
2011/06/08 22:05:18.0453 3276 SystemInfo:
2011/06/08 22:05:18.0453 3276
2011/06/08 22:05:18.0453 3276 OS Version: 5.1.2600 ServicePack: 3.0
2011/06/08 22:05:18.0453 3276 Product type: Workstation
2011/06/08 22:05:18.0453 3276 ComputerName: HOME2
2011/06/08 22:05:18.0453 3276 UserName: User
2011/06/08 22:05:18.0453 3276 Windows directory: C:\WINDOWS
2011/06/08 22:05:18.0453 3276 System windows directory: C:\WINDOWS
2011/06/08 22:05:18.0453 3276 Processor architecture: Intel x86
2011/06/08 22:05:18.0453 3276 Number of processors: 2
2011/06/08 22:05:18.0453 3276 Page size: 0x1000
2011/06/08 22:05:18.0453 3276 Boot type: Normal boot
2011/06/08 22:05:18.0453 3276 ================================================================================
2011/06/08 22:05:18.0937 3276 Initialize success
  • 0

Advertisements

#32
Texx01
Posted 08 June 2011 - 08:09 PM

Texx01

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
2011/06/08 22:00:11.0234 2576 TDSS rootkit removing tool 2.5.4.0 Jun 7 2011 17:31:48
2011/06/08 22:00:11.0718 2576 ================================================================================
2011/06/08 22:00:11.0718 2576 SystemInfo:
2011/06/08 22:00:11.0718 2576
2011/06/08 22:00:11.0718 2576 OS Version: 5.1.2600 ServicePack: 3.0
2011/06/08 22:00:11.0718 2576 Product type: Workstation
2011/06/08 22:00:11.0718 2576 ComputerName: HOME2
2011/06/08 22:00:11.0734 2576 UserName: User
2011/06/08 22:00:11.0734 2576 Windows directory: C:\WINDOWS
2011/06/08 22:00:11.0734 2576 System windows directory: C:\WINDOWS
2011/06/08 22:00:11.0734 2576 Processor architecture: Intel x86
2011/06/08 22:00:11.0734 2576 Number of processors: 2
2011/06/08 22:00:11.0734 2576 Page size: 0x1000
2011/06/08 22:00:11.0734 2576 Boot type: Normal boot
2011/06/08 22:00:11.0734 2576 ================================================================================
2011/06/08 22:00:13.0062 2576 Initialize success
2011/06/08 22:00:17.0484 4036 ================================================================================
2011/06/08 22:00:17.0484 4036 Scan started
2011/06/08 22:00:17.0484 4036 Mode: Manual;
2011/06/08 22:00:17.0484 4036 ================================================================================
2011/06/08 22:00:19.0062 4036 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/06/08 22:00:19.0125 4036 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/06/08 22:00:19.0203 4036 aeaudio (cde1f62fe63631b932ace2249fb11da0) C:\WINDOWS\system32\drivers\aeaudio.sys
2011/06/08 22:00:19.0375 4036 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/06/08 22:00:19.0437 4036 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
2011/06/08 22:00:19.0687 4036 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/06/08 22:00:19.0718 4036 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/06/08 22:00:19.0781 4036 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/06/08 22:00:19.0828 4036 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/06/08 22:00:19.0890 4036 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/06/08 22:00:20.0078 4036 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/06/08 22:00:20.0171 4036 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/06/08 22:00:20.0265 4036 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/06/08 22:00:20.0328 4036 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/06/08 22:00:20.0375 4036 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/06/08 22:00:20.0578 4036 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/06/08 22:00:20.0640 4036 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/06/08 22:00:20.0687 4036 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/06/08 22:00:20.0718 4036 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/06/08 22:00:20.0750 4036 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/06/08 22:00:20.0828 4036 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/06/08 22:00:20.0875 4036 E100B (5c940a174dfb2c42b9f6ba6edc2baa0b) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/06/08 22:00:20.0953 4036 es1371 (a55dd7d8ced5d2624a9ee2dda7be0319) C:\WINDOWS\system32\drivers\es1371mp.sys
2011/06/08 22:00:21.0015 4036 FA312 (aa855fb8a866281aacb393c1feab91ae) C:\WINDOWS\system32\DRIVERS\FA312nd5.sys
2011/06/08 22:00:21.0062 4036 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/06/08 22:00:21.0093 4036 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/06/08 22:00:21.0156 4036 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/06/08 22:00:21.0187 4036 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/06/08 22:00:21.0234 4036 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/06/08 22:00:21.0281 4036 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/06/08 22:00:21.0312 4036 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/06/08 22:00:21.0328 4036 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2011/06/08 22:00:21.0343 4036 giveio (77ebf3e9386daa51551af429052d88d0) C:\WINDOWS\system32\giveio.sys
2011/06/08 22:00:21.0421 4036 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/06/08 22:00:21.0484 4036 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/06/08 22:00:21.0546 4036 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/06/08 22:00:21.0640 4036 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/06/08 22:00:21.0734 4036 ialm (9a883c3c4d91292c0d09de7c728e781c) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2011/06/08 22:00:21.0812 4036 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/06/08 22:00:21.0890 4036 InCDfs (b87fc7c71632240dac8f4d20e9ce8377) C:\WINDOWS\system32\drivers\InCDfs.sys
2011/06/08 22:00:21.0906 4036 InCDPass (2e878405128ec98886eb9c2216ac7bd6) C:\WINDOWS\system32\DRIVERS\InCDPass.sys
2011/06/08 22:00:21.0937 4036 InCDrec (ddf078917a42f105385d7eb6debb3433) C:\WINDOWS\system32\drivers\InCDrec.sys
2011/06/08 22:00:21.0953 4036 incdrm (7f352360e947ad2cd4ba60de27b1a299) C:\WINDOWS\system32\drivers\incdrm.sys
2011/06/08 22:00:22.0000 4036 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/06/08 22:00:22.0046 4036 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/06/08 22:00:22.0093 4036 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/06/08 22:00:22.0140 4036 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/06/08 22:00:22.0187 4036 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/06/08 22:00:22.0234 4036 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/06/08 22:00:22.0281 4036 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/06/08 22:00:22.0312 4036 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/06/08 22:00:22.0343 4036 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/06/08 22:00:22.0375 4036 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/06/08 22:00:22.0406 4036 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/06/08 22:00:22.0453 4036 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/06/08 22:00:22.0640 4036 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/06/08 22:00:22.0796 4036 MidiSyn (63c34814492aa65fc517b002de77b191) C:\WINDOWS\system32\drivers\MidiSyn.sys
2011/06/08 22:00:22.0828 4036 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/06/08 22:00:22.0890 4036 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/06/08 22:00:22.0921 4036 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/06/08 22:00:22.0968 4036 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/06/08 22:00:23.0000 4036 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/06/08 22:00:23.0046 4036 MpFilter (7e34bfa1a7b60bba1da03d677f16cd63) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
2011/06/08 22:00:23.0234 4036 MpKsl126aca19 (5f53edfead46fa7adb78eee9ecce8fdf) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4055CB2B-D9BF-4D1C-9B56-095A980CFC39}\MpKsl126aca19.sys
2011/06/08 22:00:23.0359 4036 MpKsl567bb853 (5f53edfead46fa7adb78eee9ecce8fdf) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4055CB2B-D9BF-4D1C-9B56-095A980CFC39}\MpKsl567bb853.sys
2011/06/08 22:00:23.0468 4036 MpKsl876e4b74 (5f53edfead46fa7adb78eee9ecce8fdf) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4055CB2B-D9BF-4D1C-9B56-095A980CFC39}\MpKsl876e4b74.sys
2011/06/08 22:00:23.0609 4036 MpKslbef7d13d (5f53edfead46fa7adb78eee9ecce8fdf) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{4055CB2B-D9BF-4D1C-9B56-095A980CFC39}\MpKslbef7d13d.sys
2011/06/08 22:00:23.0796 4036 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/06/08 22:00:23.0859 4036 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/06/08 22:00:23.0921 4036 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/06/08 22:00:23.0984 4036 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/06/08 22:00:24.0015 4036 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/06/08 22:00:24.0046 4036 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/06/08 22:00:24.0093 4036 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/06/08 22:00:24.0140 4036 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/06/08 22:00:24.0187 4036 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/06/08 22:00:24.0218 4036 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/06/08 22:00:24.0296 4036 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/06/08 22:00:24.0328 4036 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/06/08 22:00:24.0375 4036 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/06/08 22:00:24.0406 4036 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/06/08 22:00:24.0437 4036 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/06/08 22:00:24.0484 4036 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/06/08 22:00:24.0546 4036 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/06/08 22:00:24.0578 4036 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/06/08 22:00:24.0640 4036 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/06/08 22:00:24.0687 4036 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/06/08 22:00:24.0750 4036 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/06/08 22:00:24.0781 4036 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/06/08 22:00:24.0812 4036 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/06/08 22:00:24.0875 4036 ovt519 (4cdadec3dc1300ee1d313ea5494e6472) C:\WINDOWS\system32\Drivers\ov519vid.sys
2011/06/08 22:00:24.0937 4036 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/06/08 22:00:24.0984 4036 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/06/08 22:00:25.0015 4036 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/06/08 22:00:25.0046 4036 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/06/08 22:00:25.0078 4036 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\drivers\PCIIde.sys
2011/06/08 22:00:25.0125 4036 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/06/08 22:00:25.0328 4036 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/06/08 22:00:25.0359 4036 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/06/08 22:00:25.0406 4036 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/06/08 22:00:25.0562 4036 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/06/08 22:00:25.0609 4036 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/06/08 22:00:25.0640 4036 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/06/08 22:00:25.0671 4036 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/06/08 22:00:25.0703 4036 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/06/08 22:00:25.0750 4036 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/06/08 22:00:25.0812 4036 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/06/08 22:00:25.0875 4036 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/06/08 22:00:25.0937 4036 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/06/08 22:00:26.0031 4036 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/06/08 22:00:26.0093 4036 senfilt (9a4c4a4b191200f12085d188be70e4e3) C:\WINDOWS\system32\drivers\senfilt.sys
2011/06/08 22:00:26.0187 4036 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/06/08 22:00:26.0234 4036 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/06/08 22:00:26.0281 4036 sf (8da9c7feedba52cfd91ee2e2113df6a9) C:\WINDOWS\system32\drivers\sf.sys
2011/06/08 22:00:26.0312 4036 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/06/08 22:00:26.0390 4036 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/06/08 22:00:26.0453 4036 smwdm (ce52bffebfaf1e59553e2885cab80b52) C:\WINDOWS\system32\drivers\smwdm.sys
2011/06/08 22:00:26.0515 4036 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
2011/06/08 22:00:26.0578 4036 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/06/08 22:00:26.0640 4036 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/06/08 22:00:26.0703 4036 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/06/08 22:00:26.0781 4036 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/06/08 22:00:26.0828 4036 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/06/08 22:00:26.0859 4036 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/06/08 22:00:26.0984 4036 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/06/08 22:00:27.0062 4036 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/06/08 22:00:27.0109 4036 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/06/08 22:00:27.0156 4036 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/06/08 22:00:27.0203 4036 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/06/08 22:00:27.0296 4036 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/06/08 22:00:27.0375 4036 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/06/08 22:00:27.0421 4036 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/06/08 22:00:27.0453 4036 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/06/08 22:00:27.0500 4036 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/06/08 22:00:27.0531 4036 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/06/08 22:00:27.0562 4036 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/06/08 22:00:27.0609 4036 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/06/08 22:00:27.0640 4036 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/06/08 22:00:27.0671 4036 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/06/08 22:00:27.0718 4036 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/06/08 22:00:27.0796 4036 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/06/08 22:00:27.0859 4036 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/06/08 22:00:27.0937 4036 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/06/08 22:00:28.0046 4036 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/06/08 22:00:28.0093 4036 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/06/08 22:00:28.0156 4036 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/06/08 22:00:28.0187 4036 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/06/08 22:00:28.0265 4036 MBR (0x1B8) (2839639fa37b8353e792a2a30a12ced3) \Device\Harddisk0\DR0
2011/06/08 22:00:28.0265 4036 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/06/08 22:00:28.0281 4036 ================================================================================
2011/06/08 22:00:28.0281 4036 Scan finished
2011/06/08 22:00:28.0281 4036 ================================================================================
2011/06/08 22:00:28.0296 3016 Detected object count: 1
2011/06/08 22:00:28.0296 3016 Actual detected object count: 1
2011/06/08 22:00:38.0218 3016 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/06/08 22:00:38.0218 3016 \Device\Harddisk0\DR0 - ok
2011/06/08 22:00:38.0218 3016 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure
2011/06/08 22:00:46.0125 3576 Deinitialize success
  • 0

#33
patndoris
Posted 08 June 2011 - 08:13 PM

patndoris

    Trusted Helper

  • Malware Removal
  • 228 posts
If you have not already done so, please reboot your computer to complete the cure on this one.

Can you please tell me how your system is behaving now?
  • 0

#34
Texx01
Posted 08 June 2011 - 08:52 PM

Texx01

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
All looks good, there is no strange lagging nor is there a svchost running my CPU into the stratosphere.
  • 0

#35
patndoris
Posted 09 June 2011 - 04:51 AM

patndoris

    Trusted Helper

  • Malware Removal
  • 228 posts
Great to hear things are running better. I'd like to get one more scan just to be sure there is nothing still lingering


Download and Run DDS by sUBs

Please download DDS and save it to your desktop.
  • Disable any script blocking protection
  • Double click dds.scr to run the tool.
  • When done, DDS.txt will open.
  • Save both reports to your desktop.
---------------------------------------------------

Please Please copy / paste the scan reults.

DDS.txt

Please attach the second file; Attach.txt.



Also, please surf and reboot a few times today if you can and let me know if everything is still doing ok. I want to make sure this doesn't resurface and that we've removed it completely before we do our tool clean up.
  • 0

#36
Texx01
Posted 10 June 2011 - 12:30 AM

Texx01

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
C:\Documents and Settings\User\desktop\Tools\Data Sheets
.
DDS (Ver_2011-06-03.01) - NTFSx86
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_25
Run by User at 17:51:35 on 2011-06-09
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.495.274 [GMT -5:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\wscntfy.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
mURLSearchHooks: H - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [InCD] c:\program files\ahead\incd\InCD.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: Web-Based Email Tools - hxxp://email.secureserver.net/Download.CAB
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {32505657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1279164465406
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{7416004E-D550-46B5-8B9D-3F99033DD0FB} : DhcpNameServer = 192.168.1.1
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\la83ce80.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPcol400.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPcol500.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 165264]
R1 MpKsl550bb751;MpKsl550bb751;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{bbeb08d4-4f6a-4f5c-964b-55c70bbb2502}\MpKsl550bb751.sys [2011-6-9 28752]
S1 MpKsl01375d09;MpKsl01375d09;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{52cc2763-6795-4f4b-aca1-91072c608453}\mpksl01375d09.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{52cc2763-6795-4f4b-aca1-91072c608453}\MpKsl01375d09.sys [?]
S1 MpKsl22a35883;MpKsl22a35883;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{cc0a26a0-9877-49b5-8f95-7003387b4f45}\mpksl22a35883.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{cc0a26a0-9877-49b5-8f95-7003387b4f45}\MpKsl22a35883.sys [?]
S1 MpKsl2f59733b;MpKsl2f59733b;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{83b27cd3-1a11-4692-8285-0188132f9de9}\mpksl2f59733b.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{83b27cd3-1a11-4692-8285-0188132f9de9}\MpKsl2f59733b.sys [?]
S1 MpKsl3b450fae;MpKsl3b450fae;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{973261e3-7cc4-493b-82d8-ecd852254fd3}\mpksl3b450fae.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{973261e3-7cc4-493b-82d8-ecd852254fd3}\MpKsl3b450fae.sys [?]
S1 MpKsl40166da2;MpKsl40166da2;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{270eb84c-17e5-4ff4-845b-a18635983272}\mpksl40166da2.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{270eb84c-17e5-4ff4-845b-a18635983272}\MpKsl40166da2.sys [?]
S1 MpKsl4f3e2792;MpKsl4f3e2792;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{94f6aad1-9406-4646-87ae-692777af0118}\mpksl4f3e2792.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{94f6aad1-9406-4646-87ae-692777af0118}\MpKsl4f3e2792.sys [?]
S1 MpKsl64572d2b;MpKsl64572d2b;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{668f37a9-da64-4b48-822f-f84fdee633dd}\mpksl64572d2b.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{668f37a9-da64-4b48-822f-f84fdee633dd}\MpKsl64572d2b.sys [?]
S1 MpKsl89c599d9;MpKsl89c599d9;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{56140c6b-7b29-432b-ae04-a3b4a909cf30}\mpksl89c599d9.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{56140c6b-7b29-432b-ae04-a3b4a909cf30}\MpKsl89c599d9.sys [?]
S1 MpKsl99b4965b;MpKsl99b4965b;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{94f6aad1-9406-4646-87ae-692777af0118}\mpksl99b4965b.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{94f6aad1-9406-4646-87ae-692777af0118}\MpKsl99b4965b.sys [?]
S1 MpKsl9fb2e619;MpKsl9fb2e619;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1613b88a-a9aa-4a8d-b56d-dff7f41bedc4}\mpksl9fb2e619.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{1613b88a-a9aa-4a8d-b56d-dff7f41bedc4}\MpKsl9fb2e619.sys [?]
S1 MpKslcc76cc7a;MpKslcc76cc7a;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{96b71b2f-7271-431c-961c-3c03aa597726}\mpkslcc76cc7a.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{96b71b2f-7271-431c-961c-3c03aa597726}\MpKslcc76cc7a.sys [?]
S1 MpKsldf6aea94;MpKsldf6aea94;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0f876f22-6232-433e-84db-59359b06e3a5}\mpksldf6aea94.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0f876f22-6232-433e-84db-59359b06e3a5}\MpKsldf6aea94.sys [?]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\eaglexnt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 krdpdre;krdpdre;\??\c:\docume~1\user\locals~1\temp\krdpdre.sys --> c:\docume~1\user\locals~1\temp\krdpdre.sys [?]
.
=============== Created Last 30 ================
.
2011-06-09 12:02:49 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{bbeb08d4-4f6a-4f5c-964b-55c70bbb2502}\MpKsl550bb751.sys
2011-06-09 12:02:37 6962000 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{bbeb08d4-4f6a-4f5c-964b-55c70bbb2502}\mpengine.dll
2011-06-08 12:42:35 98816 ----a-w- c:\windows\sed.exe
2011-06-08 12:42:35 518144 ----a-w- c:\windows\SWREG.exe
2011-06-08 12:42:35 256512 ----a-w- c:\windows\PEV.exe
2011-06-08 12:42:35 208896 ----a-w- c:\windows\MBR.exe
2011-06-08 02:11:53 -------- d--h--w- c:\windows\system32\GroupPolicy
2011-06-04 20:00:30 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-06-04 19:18:36 -------- d-----w- c:\windows\system32\appmgmt
2011-06-04 15:41:11 -------- d-----w- c:\program files\ESET
2011-06-04 01:33:29 -------- d-sha-r- C:\cmdcons
2011-06-01 11:36:44 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-12 05:27:49 -------- d-sh--w- c:\windows\ftpcache
.
==================== Find3M ====================
.
2011-06-04 20:00:12 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-29 14:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 14:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-25 00:14:10 222080 ------w- c:\windows\system32\MpSigStub.exe
2004-10-01 20:00:16 40960 ----a-w- c:\program files\Uninstall_CDS.exe
.
============= FINISH: 17:52:47.98 ===============
  • 0

#37
Texx01
Posted 10 June 2011 - 12:32 AM

Texx01

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
C:\Documents and Settings\User\desktop\Tools\Data Sheets
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-03.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 7/27/2008 4:50:21 PM
System Uptime: 6/8/2011 10:03:52 PM (19 hours ago)
.
Motherboard: Intel Corporation | | D865GBF
Processor: Intel® Pentium® 4 CPU 2.80GHz | J2E1 | 2793/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 101.29 GiB free.
E: is CDROM (CDFS)
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel® PRO/100 VE Network Connection
Device ID: PCI\VEN_8086&DEV_1050&SUBSYS_302F8086&REV_01\4&2E98101C&0&40F0
Manufacturer: Intel
Name: Intel® PRO/100 VE Network Connection
PNP Device ID: PCI\VEN_8086&DEV_1050&SUBSYS_302F8086&REV_01\4&2E98101C&0&40F0
Service: E100B
.
==== System Restore Points ===================
.
RP1: 6/5/2011 1:33:29 PM - System Checkpoint
RP2: 6/5/2011 1:45:35 PM - OTL Restore Point
RP3: 6/7/2011 6:00:12 AM - OTL Restore Point
RP4: 6/8/2011 11:03:50 PM - Software Distribution Service 3.0
RP5: 6/9/2011 5:07:39 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Add or Remove Adobe Creative Suite 3 Master Collection
Adobe Acrobat 5.0
Adobe Acrobat 8 Professional
Adobe Acrobat 8.2.6 - CPSID_83708
Adobe Acrobat 8.2.6 Professional
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe After Effects CS3
Adobe After Effects CS3 Presets
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Contribute CS3
Adobe Creative Suite 3 Master Collection
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe Encore CS3
Adobe Encore CS3 Codecs
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Fireworks CS3
Adobe Flash CS3
Adobe Flash Player 10 ActiveX
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS3
Adobe InDesign CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe MotionPicture Color Files
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Premiere Pro CS3
Adobe Premiere Pro CS3 Functional Content
Adobe Premiere Pro CS3 Third Party Content
Adobe Setup
Adobe Shockwave Player 11.5
Adobe SING CS3
Adobe Soundbooth CS3
Adobe Soundbooth CS3 Codecs
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe Version Cue CS3 Server {ko_KR}
Adobe Video Profiles
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
AHV content for Acrobat and Flash
Coupon Printer for Windows
EPSON Scan
EPSON WorkForce 500 Series Printer Uninstall
ESET Online Scanner v3
Free RAR Extract Frog 1.00
FX MOD 1.71
Google Toolbar for Internet Explorer
Google Update Helper
Hearts of Iron 2
Homeworld2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
hp deskjet 5100
HP Product Detection
InCD
Intel® Extreme Graphics 2 Driver
Intel® PRO Network Connections 11.2.0.69
Invasion3042
Java Auto Updater
Java™ 6 Update 25
LeapFrog Connect
LeapFrog My Pals Plugin
LightScribe 1.4.74.1
Malwarebytes' Anti-Malware version 1.51.0.1200
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Mozilla Firefox 4.0.1 (x86 en-US)
MSN
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NavyFIELD NorthAmerica
Nero OEM
OGA Notifier 2.0.0048.0
PDF Settings
Pepakura Viewer 3
Rhapsody
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2466156)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2464583)
Security Update for Microsoft Office Groove 2007 (KB2494047)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Skype Toolbars
Skype™ 4.2
SoundMAX
SPORE™
Star Wars Empire at War
Star Wars Empire at War Forces of Corruption
TomTom HOME 2.6.2.1586
TomTom HOME Visual Studio Merge Modules
Ultimate Mahjongg 10
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Outlook 2007 Junk Email Filter (KB2536413)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
USB-set 1.4
Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin)
V CAST Music with Rhapsody
VGA USB Camera
WebFldrs XP
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 10 SDK
Windows XP Service Pack 3
Xfire (remove only)
.
==== Event Viewer Messages From Past Week ========
.
6/8/2011 5:08:50 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.105.1242.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6903.0 Error code: 0x80072efd Error description: A connection with the server could not be established
6/7/2011 9:15:09 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
6/7/2011 9:08:45 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
6/7/2011 9:08:30 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MpFilter MRxSmb NetBIOS NetBT RasAcd Rdbss sf Tcpip
6/7/2011 9:08:30 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
6/7/2011 9:08:30 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
6/7/2011 9:08:30 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
6/7/2011 9:08:30 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
6/7/2011 9:08:30 PM, error: Service Control Manager [7001] - The ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
6/7/2011 9:08:27 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
6/7/2011 7:17:27 PM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 f770c71d, parameter3 f68223b8, parameter4 00000000.
6/7/2011 5:41:48 AM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 f770c71d, parameter3 b237a2f4, parameter4 00000000.
6/7/2011 2:06:31 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.105.1242.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6903.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
6/7/2011 11:50:36 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
6/6/2011 6:56:07 AM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 f770c71d, parameter3 f7ca62f4, parameter4 00000000.
6/6/2011 6:40:56 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.105.1242.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6903.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
6/6/2011 6:26:40 AM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 f770c71d, parameter3 f02d32f4, parameter4 00000000.
6/6/2011 6:17:33 AM, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 f770c71d, parameter3 ad30b3b8, parameter4 00000000.
6/5/2011 2:55:31 PM, error: Service Control Manager [7034] - The Windows Audio service terminated unexpectedly. It has done this 1 time(s).
6/5/2011 12:50:54 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.105.1242.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6903.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
6/4/2011 3:05:36 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
6/4/2011 3:05:35 PM, error: Service Control Manager [7034] - The TomTomHOMEService service terminated unexpectedly. It has done this 1 time(s).
6/4/2011 3:05:35 PM, error: Service Control Manager [7034] - The SoundMAX Agent Service service terminated unexpectedly. It has done this 1 time(s).
6/4/2011 3:05:35 PM, error: Service Control Manager [7034] - The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s).
6/4/2011 3:05:35 PM, error: Service Control Manager [7034] - The LeapFrog Connect Device Service service terminated unexpectedly. It has done this 1 time(s).
6/4/2011 3:05:35 PM, error: Service Control Manager [7034] - The InCD Helper service terminated unexpectedly. It has done this 1 time(s).
6/4/2011 3:05:35 PM, error: Service Control Manager [7034] - The ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## service terminated unexpectedly. It has done this 1 time(s).
6/4/2011 3:05:35 PM, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
6/4/2011 2:01:39 PM, error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified.
6/3/2011 9:48:40 PM, error: Service Control Manager [7023] - The Intel CPU service terminated with the following error: The specified module could not be found.
6/3/2011 6:59:49 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.105.623.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.6903.0 Error code: 0x80070008 Error description: Not enough storage is available to process this command.
6/3/2011 6:59:49 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.105.623.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.6903.0 Error code: 0x80070008 Error description: Not enough storage is available to process this command.
6/3/2011 6:59:49 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.105.623.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.6903.0 Error code: 0x80070008 Error description: Not enough storage is available to process this command.
6/3/2011 6:59:49 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.105.623.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.6903.0 Error code: 0x80070008 Error description: Not enough storage is available to process this command.
6/3/2011 6:59:21 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.105.623.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6903.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
6/3/2011 5:41:49 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.105.623.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6903.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
6/3/2011 2:54:00 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
6/3/2011 2:16:05 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
6/3/2011 2:15:05 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
6/3/2011 11:14:15 AM, error: System Error [1003] - Error code 1000000a, parameter1 00000004, parameter2 0000001c, parameter3 00000001, parameter4 804edaf7.
6/3/2011 10:14:15 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.105.623.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.6903.0 Error code: 0x80070008 Error description: Not enough storage is available to process this command.
6/3/2011 10:14:15 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.105.623.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.6903.0 Error code: 0x80070008 Error description: Not enough storage is available to process this command.
6/3/2011 10:14:15 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.105.623.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.6903.0 Error code: 0x80070008 Error description: Not enough storage is available to process this command.
6/3/2011 10:14:15 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.105.623.0 Update Source: Microsoft Malware Protection Center Update Stage: Install Source Path: http://go.microsoft....5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 1.1.6903.0 Error code: 0x80070008 Error description: Not enough storage is available to process this command.
6/3/2011 10:13:49 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.105.623.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6903.0 Error code: 0x80072efe Error description: The connection with the server was terminated abnormally
.
==== End Of File ===========================
  • 0

#38
patndoris
Posted 10 June 2011 - 06:02 AM

patndoris

    Trusted Helper

  • Malware Removal
  • 228 posts
I see one file that we still need to remove.



Run OTL.exe
  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

    :Services
:OTL
S3 krdpdre;krdpdre;\??\c:\docume~1\user\locals~1\temp\krdpdre.sys --> c:\docume~1\user\locals~1\temp\krdpdre.sys [?]

:Commands
[purity]
[emptytemp]
[emptyflash]
[createrestorepoint]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then post the resulting OTL log

If you are not directed to do so, please reboot your system. Please let me know if your system is still running well.
  • 0

#39
Texx01
Posted 11 June 2011 - 12:02 AM

Texx01

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
->Temporary Internet Files folder emptied: 80555954 bytes
->Java cache emptied: 826 bytes
->Flash cache emptied: 6981 bytes

User: User
->Temp folder emptied: 196698 bytes
->Temporary Internet Files folder emptied: 121639 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 44041618 bytes
->Flash cache emptied: 470 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 788319 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 128.00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService
->Flash cache emptied: 0 bytes

User: User
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point (0)

OTL by OldTimer - Version 3.2.23.0 log created on 06112011_015427

Files\Folders moved on Reboot...
C:\WINDOWS\temp\TMP0000000366B190827FC527AB moved successfully.

Registry entries deleted on Reboot...
  • 0

#40
patndoris
Posted 11 June 2011 - 03:55 AM

patndoris

    Trusted Helper

  • Malware Removal
  • 228 posts
How is your system running now?
  • 0

Advertisements

#41
patndoris
Posted 14 June 2011 - 03:47 PM

patndoris

    Trusted Helper

  • Malware Removal
  • 228 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP