Here is the latest log from TDSS that I was asked to post and here is the latest DDS info.
Thanks.
.
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 8.0.6001.18904
Run by Aaron at 22:23:24 on 2011-06-20
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.2.1033.18.3069.1978 [GMT -6:00]
.
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\rundll32.exe
C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Fingerprint Reader Suite\psqltray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\Windows\system32\CTsvcCDA.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\wuauclt.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.hotmail.com/
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.google.ca/ig/dell?hl=en&clie ... bd=1080515
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [VolPanel] "c:\program files\creative\sbaudigy\volume panel\VolPanlu.exe" /r
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [PSQLLauncher] "c:\program files\fingerprint reader suite\launcher.exe" /startup
mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
mRun: [XboxStat] "c:\program files\microsoft xbox 360 accessories\XboxStat.exe" silentrun
mRun: [WMAAD] c:\program files\sony\walkman launcher\WMAAD.exe
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [IJNetworkScanUtility] c:\program files\canon\canon ij network scan utility\CNMNSUT.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
mPolicies-system: DisableCAD = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 172.16.1.254
TCP: Interfaces\{A01F0C2C-E885-494B-B943-7CD117F39A72} : DhcpNameServer = 172.16.1.254
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Notify: psfus - c:\windows\system32\psqlpwd.dll
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL
LSA: Notification Packages = scecli psqlpwd
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-5 297168]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2008-5-15 73728]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-4-18 7398752]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-4-14 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 28624]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-5-15 30192]
S3 ICScsiSV;Image Converter SCSI Service;c:\program files\sony\image converter 3\ICScsiSV.exe [2008-10-29 75952]
S3 IcVzMonLauncher;IcVzMonLauncher;c:\program files\sony\image converter 3\IcVzMonLauncher.exe [2008-10-29 67760]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2006-11-2 16896]
S3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys [2006-11-2 19968]
S4 iaNvStor;Intel(R) Turbo Memory Controller;c:\windows\system32\drivers\iaNvStor.sys [2008-5-15 209408]
.
=============== Created Last 30 ================
.
2011-06-10 05:38:27 1409 ----a-w- c:\windows\QTFont.for
2011-06-07 04:50:16 -------- d-----w- c:\users\aaron\appdata\roaming\OpenOffice.org
2011-06-07 04:48:04 -------- d-----w- c:\program files\OpenOffice.org 3
2011-06-07 04:46:56 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-04 16:00:05 -------- d-----w- c:\program files\Microsoft ActiveSync
2011-06-04 15:58:02 -------- d-----w- c:\windows\PCHEALTH
2011-06-04 15:17:29 25840 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
2011-06-04 15:17:29 24816 ----a-w- c:\windows\system32\mdimon.dll
2011-06-02 17:36:39 70656 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPPA6.DLL
2011-06-02 17:36:39 27136 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPDA6.DLL
2011-06-02 17:35:13 277504 ----a-w- c:\windows\system32\CNMLMA6.DLL
2011-06-02 01:44:13 40960 ----a-w- c:\windows\system32\VBAME.DLL
2011-06-02 01:44:12 15872 ----a-w- c:\windows\system32\SCP32.DLL
2011-06-02 01:34:19 800960 ----a-w- c:\program files\common files\microsoft shared\web server extensions\60\bin\FPWEC.DLL
2011-06-02 01:34:18 1160904 ----a-w- c:\program files\common files\microsoft shared\web server extensions\60\bin\FPSRVUTL.DLL
2011-06-02 01:34:17 87104 ----a-w- c:\program files\common files\microsoft shared\web server extensions\60\bin\FPENCODE.DLL
2011-06-02 01:34:16 80448 ----a-w- c:\program files\common files\microsoft shared\web folders\PKMWS.DLL
2011-06-02 01:34:16 35896 ----a-w- c:\program files\common files\microsoft shared\web folders\MSOSV.DLL
2011-06-02 01:34:16 1292872 ----a-w- c:\program files\common files\microsoft shared\web folders\MSONSEXT.DLL
2011-06-02 01:34:15 8071360 ----a-w- c:\program files\common files\microsoft shared\web components\11\OWC11.DLL
2011-06-02 01:34:15 42568 ----a-w- c:\program files\common files\microsoft shared\web folders\1033\NSEXTINT.DLL
2011-06-02 01:34:15 10816 ----a-w- c:\program files\common files\microsoft shared\web folders\1033\MSOSVINT.DLL
2011-06-02 01:34:05 47816 ----a-w- c:\program files\common files\microsoft shared\web components\11\DFUICOM.EXE
2011-06-02 01:34:05 14400 ----a-w- c:\program files\common files\microsoft shared\web components\11\DFUIPRXY.DLL
2011-06-02 01:34:05 141360 ----a-w- c:\program files\common files\microsoft shared\web components\11\ATP.DLL
2011-06-02 01:34:02 539336 ----a-w- c:\program files\common files\microsoft shared\web components\11\1033\OWCI11.DLL
2011-06-02 01:33:39 2482176 ----a-w- c:\program files\common files\microsoft shared\vba\vba6\VBE6.DLL
2011-06-02 01:33:37 1044480 ----a-w- c:\program files\common files\microsoft shared\vba\vba6\VBACV20.DLL
2011-06-02 01:33:36 471040 ----a-w- c:\program files\common files\microsoft shared\vba\vba6\VBACV10D.DLL
2011-06-02 01:33:35 466944 ----a-w- c:\program files\common files\microsoft shared\vba\vba6\VBACV10.DLL
2011-06-02 01:33:33 159744 ----a-w- c:\program files\common files\microsoft shared\vba\vba6\1033\VBE6INTL.DLL
2011-06-02 01:31:58 88640 ----a-w- c:\program files\common files\microsoft shared\office11\MSOICONS.EXE
2011-06-02 01:30:58 631488 ----a-w- c:\program files\common files\microsoft shared\dw\DW20.EXE
2011-06-02 01:30:58 39952 ----a-w- c:\program files\common files\microsoft shared\dw\DWDCW20.DLL
2011-06-02 01:30:58 34832 ----a-w- c:\program files\common files\microsoft shared\dw\DWTRIG20.EXE
2011-06-02 01:30:58 109120 ----a-w- c:\program files\common files\microsoft shared\dw\1033\DWINTL20.DLL
.
==================== Find3M ====================
.
2011-04-15 03:28:18 134480 ----a-w- c:\windows\system32\drivers\AVGIDSDriver.sys
2011-04-05 06:59:56 297168 ----a-w- c:\windows\system32\drivers\avgtdix.sys
.
============= FINISH: 22:23:43.96 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-12.02)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 15/05/2008 10:18:00 AM
System Uptime: 20/06/2011 10:03:08 PM (0 hours ago)
.
Motherboard: Dell Inc. | | 0XR509
Processor: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz | Microprocessor | 2001/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 220 GiB total, 108.071 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5.485 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
.
3 USB Modem
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.2
Advanced Audio FX Engine
Advanced Video FX Engine
Apple Mobile Device Support
Apple Software Update
AutoUpdate
AVG 2011
AVG PC Tuneup 2011
BitPim 1.0.6
Bonjour
Browser Address Error Redirector
Canon Easy-WebPrint EX
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP Navigator EX 3.0
Canon MP640 series MP Drivers
Canon MX350 series MP Drivers
Canon Utilities Solution Menu
CD-LabelPrint
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Citrix Presentation Server Client - Web Only
CloneDVD2
Compatibility Pack for the 2007 Office system
Cool Edit Pro 2.1
Creative MediaSource 5
Dell DataSafe Online
Dell Driver Download Manager
Dell Getting Started Guide
Dell Touchpad
Dell Webcam Center
Dell Webcam Manager
Dell Wireless WLAN Card
DivX Codec
DivX Converter
DivX Player
DivX Version Checker
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.2.5
Dynasty Warriors 6
Fingerprint Reader Suite 5.6
Gears of War
Google Desktop
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Image Converter 3
Intel(R) Matrix Storage Manager
iTunes
Java Auto Updater
Java(TM) 6 Update 26
Java(TM) SE Runtime Environment 6
Kane and Lynch: Dead Men
Laptop Integrated Webcam Driver (1.04.01.1011)
LG USB Modem driver
Live! Cam Avatar Creator
Live! Cam Avatar v1.0
Logitech Harmony Remote Software 7
MediaDirect
Microsoft .NET Framework 3.5 SP1
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Xbox 360 Accessories 1.1
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML4SP2
Music, Photos & Videos Launcher
NVIDIA Drivers
OpenAL
OpenMG Limited Patch 4.7-07-14-05-01
OpenMG Secure Module 4.7.00
OpenOffice.org 3.3
OutlookAddinSetup
PDF Manual NW-A800 Series
Product Documentation Launcher
QuickSet
QuickTime
Remote Control USB Driver
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
SigmaTel Audio
Soap 3.0 Toolkit
SonicStage 4.3
Sony Video Shared Library
Sound Blaster Audigy ADVANCED MB
Sound Normalizer 2.47
Super Mp3 Recorder Professional v6.2
UFile 2010
UFile Updater 2010
Unreal Tournament 2004
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
User's Guides
VC80CRTRedist - 8.0.50727.762
Video Downloader
VideoReDo TVSuite Version 3.1.4.551
WALKMAN Launcher
WinRAR archiver
Write-N-Cite
.
==== Event Viewer Messages From Past Week ========
.
20/06/2011 9:45:23 PM, Error: EventLog [6008] - The previous system shutdown at 9:43:15 PM on 20/06/2011 was unexpected.
17/06/2011 1:49:41 AM, Error: Service Control Manager [7022] - The Remote Access Connection Manager service hung on starting.
17/06/2011 1:49:41 AM, Error: Service Control Manager [7001] - The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: After starting, the service hung in a start-pending state.
17/06/2011 1:24:42 AM, Error: EventLog [6008] - The previous system shutdown at 1:22:17 AM on 17/06/2011 was unexpected.
15/06/2011 12:14:50 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Remote Access Connection Manager service, but this action failed with the following error: An instance of the service is already running.
14/06/2011 11:26:25 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{A01F0C2C-E885-494B-B943-7CD117F39A72} because another computer on the network has the same name. The server could not start.
14/06/2011 11:26:25 PM, Error: netbt [4321] - The name "CEREBRO :20" could not be registered on the interface with IP address 172.16.1.64. The computer with the IP address 172.16.1.65 did not allow the name to be claimed by this computer.
14/06/2011 11:26:25 PM, Error: netbt [4321] - The name "CEREBRO :0" could not be registered on the interface with IP address 172.16.1.64. The computer with the IP address 172.16.1.65 did not allow the name to be claimed by this computer.
13/06/2011 11:38:25 PM, Error: Service Control Manager [7031] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
13/06/2011 11:34:18 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
13/06/2011 11:12:24 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
13/06/2011 11:12:03 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
13/06/2011 11:11:49 PM, Error: Service Control Manager [7000] - The BCM42RLY service failed to start due to the following error: The system cannot find the file specified.
13/06/2011 11:11:47 PM, Error: Microsoft-Windows-SharedAccess_NAT [34001] - The ICS_IPV6 failed to configure IPv6 stack.
13/06/2011 11:11:47 PM, Error: Microsoft-Windows-SharedAccess_NAT [30013] - The DHCP allocator has disabled itself on IP address 172.16.1.64, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.
.
==== End Of File ===========================
2011/06/20 22:01:31.0637 4076 TDSS rootkit removing tool 2.5.4.0 Jun 7 2011 17:31:48
2011/06/20 22:01:35.0123 4076 ================================================================================
2011/06/20 22:01:35.0123 4076 SystemInfo:
2011/06/20 22:01:35.0125 4076
2011/06/20 22:01:35.0125 4076 OS Version: 6.0.6000 ServicePack: 0.0
2011/06/20 22:01:35.0125 4076 Product type: Workstation
2011/06/20 22:01:35.0125 4076 ComputerName: CEREBRO
2011/06/20 22:01:35.0126 4076 UserName: Aaron
2011/06/20 22:01:35.0126 4076 Windows directory: C:\Windows
2011/06/20 22:01:35.0126 4076 System windows directory: C:\Windows
2011/06/20 22:01:35.0126 4076 Processor architecture: Intel x86
2011/06/20 22:01:35.0126 4076 Number of processors: 2
2011/06/20 22:01:35.0126 4076 Page size: 0x1000
2011/06/20 22:01:35.0126 4076 Boot type: Normal boot
2011/06/20 22:01:35.0126 4076 ================================================================================
2011/06/20 22:01:35.0838 4076 Initialize success
2011/06/20 22:01:40.0482 4692 ================================================================================
2011/06/20 22:01:40.0482 4692 Scan started
2011/06/20 22:01:40.0482 4692 Mode: Manual;
2011/06/20 22:01:40.0482 4692 ================================================================================
2011/06/20 22:01:41.0145 4692 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
2011/06/20 22:01:41.0227 4692 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/06/20 22:01:41.0338 4692 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/06/20 22:01:41.0411 4692 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/06/20 22:01:41.0489 4692 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/06/20 22:01:41.0627 4692 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
2011/06/20 22:01:41.0741 4692 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys
2011/06/20 22:01:41.0817 4692 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/06/20 22:01:41.0893 4692 aliide (e32a92e1574a467f7c762922f6162d76) C:\Windows\system32\drivers\aliide.sys
2011/06/20 22:01:41.0970 4692 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys
2011/06/20 22:01:42.0023 4692 amdide (b52b576cb0099a62f87214f371031561) C:\Windows\system32\drivers\amdide.sys
2011/06/20 22:01:42.0126 4692 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/06/20 22:01:42.0183 4692 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/06/20 22:01:42.0319 4692 ApfiltrService (a80230bd04f0b8bf05185b369bb1cbb8) C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/06/20 22:01:42.0429 4692 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/06/20 22:01:42.0517 4692 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/06/20 22:01:42.0607 4692 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/06/20 22:01:42.0666 4692 atapi (e03e8c99d15d0381e02743c36afc7c6f) C:\Windows\system32\drivers\atapi.sys
2011/06/20 22:01:42.0825 4692 AVGIDSDriver (97824e8c95d9717777abd46a7b632310) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
2011/06/20 22:01:42.0910 4692 AVGIDSEH (c59c9bc3f0612bd207ccdc5d8cb9ce39) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
2011/06/20 22:01:42.0960 4692 AVGIDSFilter (c5559de2ec66cede15a1664f6d183d8e) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
2011/06/20 22:01:43.0021 4692 AVGIDSShim (ae5e9667fa40206796d1bd5bd0427a8a) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
2011/06/20 22:01:43.0147 4692 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\Windows\system32\DRIVERS\avgldx86.sys
2011/06/20 22:01:43.0230 4692 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\Windows\system32\DRIVERS\avgmfx86.sys
2011/06/20 22:01:43.0314 4692 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\Windows\system32\DRIVERS\avgrkx86.sys
2011/06/20 22:01:43.0382 4692 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\Windows\system32\DRIVERS\avgtdix.sys
2011/06/20 22:01:43.0580 4692 BCM43XX (abd543e555bc0453bf52664936df4dcd) C:\Windows\system32\DRIVERS\bcmwl6.sys
2011/06/20 22:01:43.0700 4692 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
2011/06/20 22:01:43.0872 4692 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
2011/06/20 22:01:43.0936 4692 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/06/20 22:01:43.0985 4692 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/06/20 22:01:44.0059 4692 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/06/20 22:01:44.0114 4692 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/06/20 22:01:44.0165 4692 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/06/20 22:01:44.0216 4692 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/06/20 22:01:44.0280 4692 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/06/20 22:01:44.0341 4692 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
2011/06/20 22:01:44.0390 4692 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
2011/06/20 22:01:44.0469 4692 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/06/20 22:01:44.0558 4692 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
2011/06/20 22:01:44.0630 4692 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/06/20 22:01:44.0691 4692 cmdide (c177dd90b5dc1dcaa96ccece752e6f0f) C:\Windows\system32\drivers\cmdide.sys
2011/06/20 22:01:44.0752 4692 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/06/20 22:01:44.0803 4692 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/06/20 22:01:44.0926 4692 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/06/20 22:01:45.0024 4692 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
2011/06/20 22:01:45.0136 4692 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
2011/06/20 22:01:45.0235 4692 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
2011/06/20 22:01:45.0317 4692 DXGKrnl (b95202efd0464d226e7542c1e319c028) C:\Windows\System32\drivers\dxgkrnl.sys
2011/06/20 22:01:45.0417 4692 e1express (7505290504c8e2d172fa378cc0497bcc) C:\Windows\system32\DRIVERS\e1e6032.sys
2011/06/20 22:01:45.0501 4692 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/06/20 22:01:45.0599 4692 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
2011/06/20 22:01:45.0718 4692 ElbyCDIO (37c3a9fef349d13685ec9c2acaaeafce) C:\Windows\system32\Drivers\ElbyCDIO.sys
2011/06/20 22:01:45.0766 4692 ElbyDelay (8d35affbeed58fd66e9fad223de33718) C:\Windows\system32\Drivers\ElbyDelay.sys
2011/06/20 22:01:45.0880 4692 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/06/20 22:01:46.0024 4692 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
2011/06/20 22:01:46.0112 4692 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/06/20 22:01:46.0182 4692 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
2011/06/20 22:01:46.0243 4692 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
2011/06/20 22:01:46.0335 4692 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/06/20 22:01:46.0378 4692 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
2011/06/20 22:01:46.0462 4692 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
2011/06/20 22:01:46.0520 4692 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/06/20 22:01:46.0600 4692 GEARAspiWDM (5dc17164f66380cbfefd895c18467773) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2011/06/20 22:01:46.0740 4692 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/06/20 22:01:46.0816 4692 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/06/20 22:01:46.0874 4692 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/06/20 22:01:46.0921 4692 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/06/20 22:01:46.0994 4692 HidUsb (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
2011/06/20 22:01:47.0071 4692 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/06/20 22:01:47.0163 4692 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
2011/06/20 22:01:47.0264 4692 hwdatacard (63b3eff36272787619c1e773ed581693) C:\Windows\system32\DRIVERS\ewusbmdm.sys
2011/06/20 22:01:47.0352 4692 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/06/20 22:01:47.0422 4692 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/06/20 22:01:47.0526 4692 iaNvStor (92b37e0a61cd710a0c66dc3567a8bf3c) C:\Windows\system32\drivers\ianvstor.sys
2011/06/20 22:01:47.0606 4692 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys
2011/06/20 22:01:47.0667 4692 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/06/20 22:01:47.0790 4692 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/06/20 22:01:47.0902 4692 intelide (59b00efb24ead979becf413703bb1fac) C:\Windows\system32\DRIVERS\intelide.sys
2011/06/20 22:01:47.0964 4692 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2011/06/20 22:01:48.0079 4692 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/06/20 22:01:48.0197 4692 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/06/20 22:01:48.0258 4692 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
2011/06/20 22:01:48.0316 4692 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
2011/06/20 22:01:48.0371 4692 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys
2011/06/20 22:01:48.0433 4692 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/06/20 22:01:48.0488 4692 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/06/20 22:01:48.0559 4692 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/06/20 22:01:48.0614 4692 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/06/20 22:01:48.0677 4692 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/06/20 22:01:48.0790 4692 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
2011/06/20 22:01:48.0939 4692 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
2011/06/20 22:01:49.0034 4692 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/06/20 22:01:49.0091 4692 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/06/20 22:01:49.0147 4692 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/06/20 22:01:49.0225 4692 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
2011/06/20 22:01:49.0293 4692 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/06/20 22:01:49.0385 4692 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
2011/06/20 22:01:49.0447 4692 monitor (ec839ba91e45cce6eadafc418fff8206) C:\Windows\system32\DRIVERS\monitor.sys
2011/06/20 22:01:49.0494 4692 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
2011/06/20 22:01:49.0543 4692 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
2011/06/20 22:01:49.0599 4692 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
2011/06/20 22:01:49.0671 4692 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/06/20 22:01:49.0742 4692 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
2011/06/20 22:01:49.0831 4692 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/06/20 22:01:49.0900 4692 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
2011/06/20 22:01:49.0978 4692 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/06/20 22:01:50.0061 4692 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/06/20 22:01:50.0112 4692 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/06/20 22:01:50.0169 4692 msahci (2681302b63b318cbea6c82902ac5428c) C:\Windows\system32\drivers\msahci.sys
2011/06/20 22:01:50.0242 4692 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/06/20 22:01:50.0318 4692 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
2011/06/20 22:01:50.0376 4692 msisadrv (207df26dbb2537c20276da0e15892274) C:\Windows\system32\drivers\msisadrv.sys
2011/06/20 22:01:50.0466 4692 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
2011/06/20 22:01:50.0516 4692 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/06/20 22:01:50.0575 4692 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
2011/06/20 22:01:50.0633 4692 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
2011/06/20 22:01:50.0720 4692 mssmbios (7dbaa028f625aa46b95dda4fbe4b602b) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/06/20 22:01:50.0779 4692 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
2011/06/20 22:01:50.0843 4692 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
2011/06/20 22:01:50.0959 4692 NativeWifiP (1d162e52fb691eb555a476b04b4bff3f) C:\Windows\system32\DRIVERS\nwifi.sys
2011/06/20 22:01:51.0022 4692 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
2011/06/20 22:01:51.0112 4692 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/06/20 22:01:51.0155 4692 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/06/20 22:01:51.0210 4692 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/06/20 22:01:51.0270 4692 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
2011/06/20 22:01:51.0328 4692 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
2011/06/20 22:01:51.0383 4692 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
2011/06/20 22:01:51.0524 4692 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/06/20 22:01:51.0604 4692 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
2011/06/20 22:01:51.0660 4692 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
2011/06/20 22:01:51.0782 4692 Ntfs (2620822a21b76375f5fd6e0986407cd1) C:\Windows\system32\drivers\Ntfs.sys
2011/06/20 22:01:51.0918 4692 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/06/20 22:01:51.0956 4692 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
2011/06/20 22:01:52.0362 4692 nvlddmkm (26e48523accb361bd81cd64b14424b18) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/06/20 22:01:52.0894 4692 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/06/20 22:01:52.0973 4692 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/06/20 22:01:53.0058 4692 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys
2011/06/20 22:01:53.0228 4692 OEM02Dev (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
2011/06/20 22:01:53.0278 4692 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
2011/06/20 22:01:53.0345 4692 ohci1394 (953c1ba621f4da9dc7d268ae839a51fb) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/06/20 22:01:53.0508 4692 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/06/20 22:01:53.0565 4692 partmgr (84be786f33fdbd8765e05df3b7f5b9e6) C:\Windows\system32\drivers\partmgr.sys
2011/06/20 22:01:53.0627 4692 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/06/20 22:01:53.0715 4692 pci (bdd96f9cf34d58958aff1be6ef4c8020) C:\Windows\system32\drivers\pci.sys
2011/06/20 22:01:53.0779 4692 pciide (b2fc76090ef1003463ccb07cabb35cff) C:\Windows\system32\drivers\pciide.sys
2011/06/20 22:01:53.0856 4692 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/06/20 22:01:53.0949 4692 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
2011/06/20 22:01:54.0046 4692 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/06/20 22:01:54.0338 4692 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
2011/06/20 22:01:54.0393 4692 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/06/20 22:01:54.0507 4692 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
2011/06/20 22:01:54.0912 4692 PxHelp20 (03e0fe281823ba64b3782f5b38950e73) C:\Windows\system32\Drivers\PxHelp20.sys
2011/06/20 22:01:55.0326 4692 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/06/20 22:01:55.0602 4692 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/06/20 22:01:55.0962 4692 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
2011/06/20 22:01:56.0300 4692 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/06/20 22:01:56.0641 4692 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
2011/06/20 22:01:57.0035 4692 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/06/20 22:01:57.0527 4692 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/06/20 22:01:57.0738 4692 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
2011/06/20 22:01:57.0854 4692 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/06/20 22:01:57.0985 4692 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys
2011/06/20 22:01:58.0036 4692 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
2011/06/20 22:01:58.0123 4692 RDPWD (e2afac98fc6ca2ad2d09f2de1bc71ad9) C:\Windows\system32\drivers\RDPWD.sys
2011/06/20 22:01:58.0234 4692 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
2011/06/20 22:01:58.0287 4692 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
2011/06/20 22:01:58.0390 4692 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
2011/06/20 22:01:58.0467 4692 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
2011/06/20 22:01:58.0542 4692 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/06/20 22:01:58.0686 4692 sdbus (7b3973cc28b8aa3e9e2e5d53e720e2c9) C:\Windows\system32\DRIVERS\sdbus.sys
2011/06/20 22:01:58.0762 4692 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/06/20 22:01:58.0861 4692 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/06/20 22:01:58.0927 4692 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/06/20 22:01:58.0982 4692 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
2011/06/20 22:01:59.0122 4692 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/06/20 22:01:59.0181 4692 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
2011/06/20 22:01:59.0260 4692 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/06/20 22:01:59.0323 4692 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/06/20 22:01:59.0538 4692 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys
2011/06/20 22:01:59.0606 4692 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/06/20 22:01:59.0687 4692 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/06/20 22:01:59.0884 4692 Smb (46baf398809a0f3b2d3300a1760e4b91) C:\Windows\system32\DRIVERS\smb.sys
2011/06/20 22:02:00.0018 4692 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
2011/06/20 22:02:00.0177 4692 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
2011/06/20 22:02:00.0275 4692 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
2011/06/20 22:02:00.0413 4692 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
2011/06/20 22:02:00.0587 4692 STHDA (951801dfb54d86f611f0af47825476f9) C:\Windows\system32\drivers\sthda.sys
2011/06/20 22:02:00.0740 4692 swenum (3b80b4383c9bce13279c8482734b32b2) C:\Windows\system32\DRIVERS\swenum.sys
2011/06/20 22:02:00.0800 4692 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/06/20 22:02:00.0873 4692 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/06/20 22:02:00.0942 4692 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/06/20 22:02:01.0105 4692 Tcpip (2c1f7005aa3b62721bfdb307bd5f5010) C:\Windows\system32\drivers\tcpip.sys
2011/06/20 22:02:01.0233 4692 Tcpip6 (2c1f7005aa3b62721bfdb307bd5f5010) C:\Windows\system32\DRIVERS\tcpip.sys
2011/06/20 22:02:01.0309 4692 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
2011/06/20 22:02:01.0397 4692 TcUsb (5ca437a08509fb7ecf843480fc1232e2) C:\Windows\system32\Drivers\tcusb.sys
2011/06/20 22:02:01.0446 4692 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
2011/06/20 22:02:01.0505 4692 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
2011/06/20 22:02:01.0555 4692 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
2011/06/20 22:02:01.0624 4692 TermDD (849ed71967d45f15c3e0abfc633fdf2a) C:\Windows\system32\DRIVERS\termdd.sys
2011/06/20 22:02:01.0771 4692 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/06/20 22:02:01.0857 4692 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
2011/06/20 22:02:01.0957 4692 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
2011/06/20 22:02:02.0039 4692 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/06/20 22:02:02.0118 4692 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
2011/06/20 22:02:02.0224 4692 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys
2011/06/20 22:02:02.0298 4692 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/06/20 22:02:02.0377 4692 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/06/20 22:02:02.0476 4692 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/06/20 22:02:02.0554 4692 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
2011/06/20 22:02:02.0672 4692 usbbus (0678c457f49f20666ab16edda4d1391d) C:\Windows\system32\DRIVERS\lgusbbus.sys
2011/06/20 22:02:02.0763 4692 usbccgp (b0ba9caffe9b0555ec0317f30cb79cd2) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/06/20 22:02:02.0823 4692 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/06/20 22:02:02.0892 4692 UsbDiag (bc8b39fc8782a954af119bfbe8a77414) C:\Windows\system32\DRIVERS\lgusbdiag.sys
2011/06/20 22:02:03.0008 4692 usbehci (c9fcd05b0a80ea08c2768e5a279b14de) C:\Windows\system32\DRIVERS\usbehci.sys
2011/06/20 22:02:03.0065 4692 usbhub (5e44f7d957f7560da06bfe6b84b58a35) C:\Windows\system32\DRIVERS\usbhub.sys
2011/06/20 22:02:03.0177 4692 USBModem (290914c187c25b42e1c64d7cfad8b2fc) C:\Windows\system32\DRIVERS\lgusbmodem.sys
2011/06/20 22:02:03.0256 4692 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/06/20 22:02:03.0327 4692 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2011/06/20 22:02:03.0412 4692 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/06/20 22:02:03.0467 4692 usbuhci (d864735b0bfcb65440960a0b7cc1a38d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/06/20 22:02:03.0551 4692 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/06/20 22:02:03.0620 4692 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
2011/06/20 22:02:03.0675 4692 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys
2011/06/20 22:02:03.0738 4692 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/06/20 22:02:03.0792 4692 viaide (689547ce911998d1e0da7a5992e025fc) C:\Windows\system32\drivers\viaide.sys
2011/06/20 22:02:03.0840 4692 volmgr (fd16fac15f9f165ac19a618e7b391f5c) C:\Windows\system32\drivers\volmgr.sys
2011/06/20 22:02:03.0930 4692 volmgrx (420c48e593b9520c2dee45d671f923e1) C:\Windows\system32\drivers\volmgrx.sys
2011/06/20 22:02:04.0004 4692 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
2011/06/20 22:02:04.0070 4692 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/06/20 22:02:04.0175 4692 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/06/20 22:02:04.0254 4692 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/20 22:02:04.0305 4692 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/20 22:02:04.0401 4692 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/06/20 22:02:04.0504 4692 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
2011/06/20 22:02:04.0826 4692 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/06/20 22:02:04.0943 4692 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
2011/06/20 22:02:05.0082 4692 WSDPrintDevice (f01f25b4227ad8d717c21f25f62b43c8) C:\Windows\system32\DRIVERS\WSDPrint.sys
2011/06/20 22:02:05.0168 4692 WSDScan (ff6e0448dc0d2b588e9300fc474558fd) C:\Windows\system32\DRIVERS\WSDScan.sys
2011/06/20 22:02:05.0283 4692 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/06/20 22:02:05.0385 4692 xusb21 (ee9144207ee0211eb5656ba6808ac4a0) C:\Windows\system32\DRIVERS\xusb21.sys
2011/06/20 22:02:05.0476 4692 yukonwlh (a4822191c7cea271903c2a4fb6d9809d) C:\Windows\system32\DRIVERS\yk60x86.sys
2011/06/20 22:02:05.0568 4692 MBR (0x1B8) (04d4350ae5fb6fc2ad3e7c26b1323c68) \Device\Harddisk0\DR0
2011/06/20 22:02:05.0593 4692 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/06/20 22:02:05.0608 4692 ================================================================================
2011/06/20 22:02:05.0608 4692 Scan finished
2011/06/20 22:02:05.0608 4692 ================================================================================
2011/06/20 22:02:05.0643 1872 Detected object count: 1
2011/06/20 22:02:05.0644 1872 Actual detected object count: 1
2011/06/20 22:02:24.0210 1872 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/06/20 22:02:24.0210 1872 \Device\Harddisk0\DR0 - ok
2011/06/20 22:02:24.0214 1872 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure
2011/06/20 22:02:28.0878 5852 Deinitialize success