Thread: eeekkkk!!!! help me, trojan/virus
View Single Post
Old 11-16-2008, 12:27 PM   #1 (permalink)
bigpun07931
Registered User
 
Join Date: Nov 2008
Posts: 6
OS: windows xp


eeekkkk!!!! help me, trojan/virus
hey there, i've been having a problem in the last week and a half with google, where i search something, and 7/8 out of 10 times the first time i click on a link i see that it is redirecting me, the website changes to copy-book and then a random page comes up. this became annoying so i ran adaware first, but when it came to updating it it says please check your internet connection, and i know i am perfectly connected to the internet no problems. then i check avg, came up with virus/worm in the form of autorun.inf, but this was on my laptop c drive, and my external drive, e. this is quite worrying to me as i connect various things to my laptop like my ipod and i ont want viruses being transferred to them as i use these on other computers and i dont want them to be infected. i also ran search and destroy, and it came up that i have a zlob.dnschager? i think and one or two other zlob files, deleted them but everytime i use search ad destroy they keep showing up. Please help meee!!! heres my gmre.txt and dds and attach if you need them.

GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2008-11-16 19:07:19
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.14 ----

SSDT sppn.sys ZwCreateKey [0xF84140E0]
SSDT sppn.sys ZwEnumerateKey [0xF8432CA2]
SSDT sppn.sys ZwEnumerateValueKey [0xF8433030]
SSDT sppn.sys ZwOpenKey [0xF84140C0]
SSDT sppn.sys ZwQueryKey [0xF8433108]
SSDT sppn.sys ZwQueryValueKey [0xF8432F88]
SSDT sppn.sys ZwSetValueKey [0xF843319A]

INT 0x3B ? 820A9BF8
INT 0x3B ? 820A9BF8
INT 0x3B ? 820A9BF8
INT 0x3B ? 820A9BF8
INT 0x3E ? 823DFBF8
INT 0x3F ? 823DFBF8

---- Kernel code sections - GMER 1.0.14 ----

? sppn.sys The system cannot find the file specified. !
.text USBPORT.SYS!DllUnload F7A618AC 5 Bytes JMP 820A91D8
.text ab9mmszh.SYS F7940386 35 Bytes [ 00, 00, 00, 00, 00, 00, 20, ... ]
.text ab9mmszh.SYS F79403AA 24 Bytes [ 00, 00, 00, 00, 00, 00, 00, ... ]
.text ab9mmszh.SYS F79403C4 3 Bytes [ 00, 70, 02 ]
.text ab9mmszh.SYS F79403C9 1 Byte [ 2E ]
.text ab9mmszh.SYS F79403CB 9 Bytes [ 00, 00, 5A, 02, 00, 00, 00, ... ]
.text ...

---- Kernel IAT/EAT - GMER 1.0.14 ----

IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 823722D8
IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F8445C4C] sppn.sys
IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F8445CA0] sppn.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F8415040] sppn.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F841513C] sppn.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F84150BE] sppn.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F84157FC] sppn.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F84156D2] sppn.sys
IAT \SystemRoot\System32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 820A92D8
IAT \SystemRoot\System32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F8425048] sppn.sys
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!RtlInitUnicodeString] F44D8B48
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!swprintf] C1815753
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!KeSetEvent] 00002590
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoCreateSymbolicLink] 467C8D51
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoGetConfigurationInformation] 76F6E84A
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoDeleteSymbolicLink] D88BFFFF
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!MmFreeMappingAddress] 8504C483
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoFreeErrorLogEntry] 5F0A75DB
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoDisconnectInterrupt] 5B08438D
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!MmUnmapIoSpace] 5DE58B5E
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!ObReferenceObjectByPointer] 259068C3
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IofCompleteRequest] 006A0000
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!RtlCompareUnicodeString] 88F0E853
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IofCallDriver] 558DFFFF
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!MmAllocateMappingAddress] 90838DF8
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoAllocateErrorLogEntry] 52000025
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoConnectInterrupt] 03895750
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoDetachDevice] FFF363E8
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!KeWaitForSingleObject] 0C458AFF
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!KeInitializeEvent] 8B104D8B
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!KeCancelTimer] 43881855
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!RtlAnsiStringToUnicodeString] 1C458B08
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!RtlInitAnsiString] 0F544389
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoBuildDeviceIoControlRequest] 89FF45B6
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoQueueWorkItem] 4D8B0C4B
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!MmMapIoSpace] 50538920
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoInvalidateDeviceRelations] 8924558B
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoReportDetectedDevice] 5389584B
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoReportResourceForDetection] 0A43885C
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!RtlxAnsiStringToUnicodeSize] 0646B60F
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!NlsMbCodePageTag] A818C483
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!PoRequestPowerIrp] 8D7F743F
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!KeInsertByKeyDeviceQueue] 001A8C8B
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!PoRegisterDeviceForIdleDetection] E0835100
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!sprintf] 7E8D503F
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!MmMapLockedPagesSpecifyCache] B9E85728
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!ObfDereferenceObject] 0F0000D1
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoGetAttachedDeviceReference] 8D0646B6
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoInvalidateDeviceState] 001B8093
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!ZwClose] E0835200
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!ObReferenceObjectByHandle] E857503F
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!ZwCreateDirectoryObject] 0000EBB4
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoBuildSynchronousFsdRequest] 026B938D
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!PoStartNextPowerIrp] C6830000
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoCreateDevice] 0008B908
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!RtlCopyUnicodeString] FA8B0000
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoAllocateDriverObjectExtension] 758BA5F3
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!RtlQueryRegistryValues] 064E8A08
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!ZwOpenKey] 883FE180
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!RtlFreeUnicodeString] 0002688B
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoStartTimer] 06468A00
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!KeInitializeTimer] 8306E8C0
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoInitializeTimer] 023C18C4
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!KeInitializeDpc] 02698388
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!KeInitializeSpinLock] 19750000
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoInitializeIrp] 028C838D
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!ZwCreateKey] 52500000
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!RtlAppendUnicodeStringToString] 00C143E8
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!RtlIntegerToUnicodeString] 08C48300
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!ZwSetValueKey] 0575C085
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!KeInsertQueueDpc] EB08708D
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!KefAcquireSpinLockAtDpcLevel] 074E8A54
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoStartPacket] 026A8B88
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!KefReleaseSpinLockFromDpcLevel] 83660000
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoBuildAsynchronousFsdRequest] 7601487E
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoFreeMdl] 4AC68305
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!MmUnlockPages] F63302EB
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoWriteErrorLogEntry] 5614558B
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!KeRemoveByKeyDeviceQueue] 75E85352
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!MmMapLockedPagesWithReservedMapping] 8BFFFFF4
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!MmUnmapReservedMapping] 0CC483F0
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!KeSynchronizeExecution] 2075F685
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoStartNextPacket] 050C7D80
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!KeBugCheckEx] 0092850F
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!KeRemoveDeviceQueue] 458B0000
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!KeSetTimer] E85350F8
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!_allmul] FFFFF848
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!MmProbeAndLockPages] 8408C483
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!_except_handler3] BE7875C0
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!PoSetPowerState] 00000008
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoOpenDeviceRegistryKey] F346E853
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!RtlWriteRegistryValue] C483FFFF
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!RtlDeleteRegistryValue] 00F46804
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!_aulldiv] 838D0000
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!strstr] 00001A8C
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!_strupr] E850006A
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!KeQuerySystemTime] FFFF87CA
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoWMIRegistrationControl] 0000F468
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!KeTickCount] 808B8D00
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoAttachDeviceToDeviceStack] 6A00001B
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoDeleteDevice] B7E85100
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!ExAllocatePoolWithTag] 33FFFF87
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoAllocateWorkItem] 6B8389C0
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoAllocateIrp] 89000002
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoAllocateMdl] 00026F83
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!MmBuildMdlForNonPagedPool] 73838900
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!MmLockPagableDataSection] 89000002
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoGetDriverObjectExtension] 00027783
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!MmUnlockPagableImageSection] 7B838900
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!ExFreePoolWithTag] 89000002
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoFreeIrp] 00027F83
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!IoFreeWorkItem] 83838900
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!InitSafeBootMode] 53000002
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!RtlCompareMemory] 02878389
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!PoCallDriver] 7FE80000
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!memmove] 83FFFF68
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[ntoskrnl.exe!MmHighestUserAddress] 8B5F1CC4
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[HAL.dll!KfAcquireSpinLock] C0840CEC
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[HAL.dll!READ_PORT_UCHAR] 053C0D74
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[HAL.dll!KeGetCurrentIrql] 57B80974
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[HAL.dll!KfRaiseIrql] 8B000000
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[HAL.dll!KfLowerIrql] 56C35DE5
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[HAL.dll!HalGetInterruptVector] 8D08758B
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[HAL.dll!HalTranslateBusAddress] 8D51FC4D
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[HAL.dll!KeStallExecutionProcessor] 8D52FD55
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[HAL.dll!KfReleaseSpinLock] 8D51FE4D
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 8D52FF55
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[HAL.dll!READ_PORT_USHORT] 8D51F84D
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 5052F455
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[HAL.dll!WRITE_PORT_UCHAR] EACAE856
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[WMILIB.SYS!WmiSystemControl] 0FC08520
IAT \SystemRoot\System32\Drivers\ab9mmszh.SYS[WMILIB.SYS!WmiCompleteRequest] 0001B185

---- Devices - GMER 1.0.14 ----

Device \FileSystem\Ntfs \Ntfs 823DE1F8
Device \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \Driver\usbuhci \Device\USBPDO-0 820A81F8
Device \Driver\PCI_PNP7312 \Device\00000045 sppn.sys
Device \Driver\usbuhci \Device\USBPDO-1 820A81F8
Device \Driver\sptd \Device\3920109040 sppn.sys
Device \Driver\usbuhci \Device\USBPDO-2 820A81F8
Device \Driver\usbehci \Device\USBPDO-3 820861F8
Device \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \Driver\Ftdisk \Device\HarddiskVolume1 823701F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 823701F8
Device \Driver\Cdrom \Device\CdRom0 820741F8
Device \Driver\Cdrom \Device\CdRom1 820741F8
Device \Driver\USBSTOR \Device\00000080 8210C1F8
Device \Driver\USBSTOR \Device\00000081 8210C1F8
Device \Driver\NetBT \Device\NetBt_Wins_Export FF9C41F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{18D4B2FD-D8A7-44F6-8803-B50E0AB0D0B8} FF9C41F8
Device \Driver\NetBT \Device\NetbiosSmb FF9C41F8
Device \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \Driver\usbuhci \Device\USBFDO-0 820A81F8
Device \Driver\usbuhci \Device\USBFDO-1 820A81F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver FF8A41F8
Device \Driver\usbuhci \Device\USBFDO-2 820A81F8
Device \Driver\Tcpip \Device\IPMULTICAST avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
Device \FileSystem\MRxSmb \Device\LanmanRedirector FF8A41F8
Device \Driver\usbehci \Device\USBFDO-3 820861F8
Device \Driver\Ftdisk \Device\FtControl 823701F8
Device \Driver\ab9mmszh \Device\Scsi\ab9mmszh1 8205E1F8
Device \Driver\ab9mmszh \Device\Scsi\ab9mmszh1Port2Path0Target0Lun0 8205E1F8
Device \FileSystem\Cdfs \Cdfs 821581F8
---- Processes - GMER 1.0.14 ----

Library C:\Program (*** hidden *** ) @ C:\WINDOWS\Explorer.EXE [1680] 0x00D30000

---- Registry - GMER 1.0.14 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x44 0x87 0x43 0x65 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x5A 0x1D 0x09 0x29 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x46 0xF2 0x21 0x71 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x44 0x87 0x43 0x65 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x5A 0x1D 0x09 0x29 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x46 0xF2 0x21 0x71 ...

---- EOF - GMER 1.0.14 ----



DDS (Version 1.0) - NTFSx86
Run by ashok at 19:07:33.52 on Sun 11/16/2008
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.219 [GMT 0:00]

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\NETGEAR\WG511v2\WG511v2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Documents and Settings\ashok\Desktop\dds.scr

============== Psuedo HJT Report ===============

uInternet Settings,ProxyOverride = *.local
mWinlogon: System=kdkqi.exe
BHO: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg8\avgssie.dll
BHO: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {A057A204-BACC-4D26-9990-79A187E2698E} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
BHO: {AA102584-3B97-47e7-B9BC-75D54C110A7D} - c:\program files\rapidsolution\tunebite\plugins\ie\TB_WebRipIePlugin.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun
uRun: [c:\documents and settings\ashok\local settings\temporary internet files\content.ie5\jxf3ezx5\tunebite[1].exe] c:\documents and settings\ashok\local settings\temporary internet files\content.ie5\jxf3ezx5\tunebite[1].exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [c:\windows\system32\kdpua.exe] c:\windows\system32\kdpua.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [NavRegReminder] "c:\windows\temp\navbrowser.exe" /r /i "c:\windows\temp\NavLoad.ini"
mRun: [c:\windows\system32\kdkqi.exe] c:\windows\system32\kdkqi.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRunOnce: [Spybot - Search & Destroy] "c:\program files\spybot - search & destroy\SpybotSD.exe" /autocheck
StartupFolder: c:\docume~1\ashok\startm~1\programs\startup\limewi~1.lnk - c:\program files\limewire\LimeWire.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg511v2\WG511v2.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: {18D4B2FD-D8A7-44F6-8803-B50E0AB0D0B8} = 85.255.112.237;85.255.112.123
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: AtiExtEvent - Ati2evxx.dll
AppInit_DLLs: avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe
R2 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys
S3 Ndisprot;ArcNet NDIS Protocol Driver;\??\c:\windows\system32\drivers\Ndisprot.sys

=============== Created Last 30 ================

2008-11-16 18:53 250 a------- c:\windows\gmer.ini
2008-11-16 18:20 410,976 a------- c:\windows\system32\deploytk.dll
2008-11-16 18:20 73,728 a------- c:\windows\system32\javacpl.cpl
2008-11-16 17:19 103 ---shr-- C:\autorun.inf
2008-11-16 16:13 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2008-11-16 16:13 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2008-11-15 19:49 27,904 a------- c:\windows\system32\drivers\ndisprot.sys
2008-11-08 00:04 348,160 a------- c:\windows\system32\msvcr71.dll
2008-11-07 23:59 <DIR> --d----- c:\docume~1\ashok\applic~1\MPEG Streamclip
2008-11-07 21:33 <DIR> --d----- c:\docume~1\ashok\applic~1\WinFF
2008-11-07 16:35 107,368 a------- c:\windows\system32\GEARAspi.dll
2008-11-07 16:35 15,464 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2008-11-07 16:35 <DIR> --d----- c:\program files\iPod
2008-11-07 16:34 <DIR> --d----- c:\program files\iTunes
2008-11-07 16:34 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-07 16:15 <DIR> --d----- c:\windows\system32\appmgmt
2008-11-03 02:46 5,632 a------- c:\windows\system32\ptpusb.dll
2008-11-03 02:46 15,104 ac------ c:\windows\system32\dllcache\usbscan.sys
2008-11-03 02:46 15,104 a------- c:\windows\system32\drivers\usbscan.sys
2008-11-03 02:46 159,232 a------- c:\windows\system32\ptpusd.dll
2008-10-27 21:50 <DIR> --dshr-- C:\resycled
2008-10-24 19:49 <DIR> --d----- c:\program files\Bonjour
2008-10-24 19:47 32,000 a------- c:\windows\system32\drivers\usbaapl.sys
2008-10-24 13:00 337,408 -c------ c:\windows\system32\dllcache\netapi32.dll
2008-10-21 17:53 <DIR> --d----- c:\docume~1\alluse~1\applic~1\RapidSolution
2008-10-21 17:52 2,723,264 a------- c:\documents and settings\all users\vcredist_x86.exe
2008-10-17 21:19 <DIR> --d----- c:\program files\common files\Windows Live

==================== Find3M ====================

2008-11-16 19:03 <DIR> --d----- c:\docume~1\ashok\applic~1\DNA
2008-11-16 18:50 <DIR> --d----- c:\docume~1\alluse~1\applic~1\WinZip
2008-11-16 18:03 <DIR> --d----- c:\program files\DNA
2008-11-16 14:45 <DIR> --d----- c:\docume~1\ashok\applic~1\LimeWire
2008-11-14 00:47 <DIR> --d----- c:\docume~1\ashok\applic~1\BitTorrent
2008-09-28 18:37 <DIR> --d----- c:\program files\EPSON
2008-09-28 18:35 <DIR> --d----- c:\program files\NewSoft
2008-09-28 18:29 <DIR> --d----- c:\docume~1\ashok\applic~1\ABBYY
2008-09-28 18:28 <DIR> --d----- c:\program files\ABBYY
2008-09-28 18:25 <DIR> --d----- c:\program files\Smart Panel
2008-09-28 18:25 <DIR> --d----- c:\program files\common files\Python
2008-09-28 17:06 <DIR> --d----- c:\docume~1\ashok\applic~1\AVGTOOLBAR
2008-09-27 22:35 10,520 a------- c:\windows\system32\avgrsstx.dll
2008-09-27 22:34 <DIR> --d----- c:\program files\AVG
2008-09-27 22:34 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2008-09-27 22:07 <DIR> --d----- c:\program files\DAEMON Tools Lite
2008-09-27 22:04 <DIR> --d----- c:\docume~1\ashok\applic~1\DAEMON Tools
2008-09-24 21:21 <DIR> --d----- c:\program files\common files\xing shared
2008-09-24 21:21 <DIR> --d----- c:\program files\common files\Real
2008-09-24 21:21 <DIR> --d----- c:\program files\Real
2008-09-23 22:45 <DIR> --d----- c:\program files\LimeWire
2008-09-15 12:12 1,846,400 a------- c:\windows\system32\win32k.sys
2008-09-14 17:13 <DIR> --d----- c:\docume~1\ashok\applic~1\vlc
2008-09-13 13:35 87,263 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2008-09-12 22:40 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Lavasoft
2008-09-12 21:00 21,640 a------- c:\windows\system32\emptyregdb.dat
2008-08-29 09:18 87,336 a------- c:\windows\system32\dns-sd.exe
2008-08-29 08:53 61,440 a------- c:\windows\system32\dnssd.dll
2008-08-26 07:24 826,368 a------- c:\windows\system32\wininet.dll

============= FINISH: 19:07:49.95 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Version 1.0)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 9/12/2008 10:10:13 PM
System Uptime: 11/16/2008 5:29:39 PM (2 hours ago)

Motherboard: Dell Computer Corporation | | 0P3490
Processor: Intel(R) Pentium(R) M processor 1700MHz | Microprocessor | 1694/133mhz
BIOS: Phoenix ROM BIOS PLUS Version 1.10 A14 | DELL - 27d5061e | A14 | 6/30/2005 1:00:00 AM

==== Disk Partitions =========================

C: is FIXED (NTFS) - 56 GiB total, 42.145 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 466 GiB total, 13.379 GiB free.
F: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Ethernet Controller
Device ID: PCI\VEN_14E4&DEV_4401&SUBSYS_81271028&REV_01\4&39A85202&0&00F0
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_14E4&DEV_4401&SUBSYS_81271028&REV_01\4&39A85202&0&00F0
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Network Controller
Device ID: PCI\VEN_8086&DEV_4220&SUBSYS_27228086&REV_05\4&39A85202&0&18F0
Manufacturer:
Name: Network Controller
PNP Device ID: PCI\VEN_8086&DEV_4220&SUBSYS_27228086&REV_05\4&39A85202&0&18F0
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Modem
Device ID: PCI\VEN_8086&DEV_24C6&SUBSYS_542214F1&REV_01\3&61AAA01&0&FE
Manufacturer:
Name: PCI Modem
PNP Device ID: PCI\VEN_8086&DEV_24C6&SUBSYS_542214F1&REV_01\3&61AAA01&0&FE
Service:

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 1 (SP1)
ABBYY FineReader 5.0 Sprint
ABBYY FineReader 6.0
Acrobat.com
Ad-Aware
Adobe AIR
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 9
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoImpression
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
AutoUpdate
AVG Free 8.0
BitTorrent
Bonjour
Dell ResourceCD
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DNA
EPSON Copy Utility
EPSON Photo Print
EPSON Scan
EPSON Smart Panel
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
iTunes
Java(TM) 6 Update 10
LimeWire PRO 4.16.2
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
NETGEAR WG511v2 wireless PC card
On2 VP7 Personal Edition
P1670 Reference Guide
Presto! BizCard 4.1 Eng
QuickTime
RealPlayer
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB955936)
Security Update for Microsoft Office Excel 2007 (KB955470)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office Word 2007 (KB950113)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB958644)
SigmaTel AC97 Audio Drivers
Spybot - Search & Destroy
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb957258)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
VideoLAN VLC media player 0.8.6i
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3

==== Event Viewer Messages ===================

11/9/2008 4:15:08 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000000E' while processing the file 'autorun.inf' on the volume 'HarddiskVolume4'. It has stopped monitoring the volume.
11/9/2008 4:36:01 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000000E' while processing the file 'autorun.inf' on the volume 'HarddiskVolume8'. It has stopped monitoring the volume.
11/9/2008 5:08:34 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000000E' while processing the file 'autorun.inf' on the volume 'HarddiskVolume13'. It has stopped monitoring the volume.
11/9/2008 6:31:47 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000000E' while processing the file 'autorun.inf' on the volume 'HarddiskVolume25'. It has stopped monitoring the volume.
11/9/2008 6:37:08 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Netman service.
11/9/2008 6:37:13 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000000E' while processing the file 'autorun.inf' on the volume 'HarddiskVolume26'. It has stopped monitoring the volume.
11/9/2008 6:59:17 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000000E' while processing the file 'autorun.inf' on the volume 'HarddiskVolume29'. It has stopped monitoring the volume.
11/9/2008 7:12:25 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000000E' while processing the file 'autorun.inf' on the volume 'HarddiskVolume31'. It has stopped monitoring the volume.
11/9/2008 7:44:09 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the WZCSVC service.
11/9/2008 8:50:42 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000000E' while processing the file 'autorun.inf' on the volume 'HarddiskVolume42'. It has stopped monitoring the volume.
11/9/2008 9:19:11 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000000E' while processing the file 'autorun.inf' on the volume 'HarddiskVolume45'. It has stopped monitoring the volume.
11/9/2008 9:32:15 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000000E' while processing the file 'autorun.inf' on the volume 'HarddiskVolume47'. It has stopped monitoring the volume.
11/9/2008 9:57:31 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000000E' while processing the file 'autorun.inf' on the volume 'HarddiskVolume50'. It has stopped monitoring the volume.
11/9/2008 10:11:57 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000000E' while processing the file 'autorun.inf' on the volume 'HarddiskVolume52'. It has stopped monitoring the volume.
11/9/2008 10:25:13 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000000E' while processing the file 'autorun.inf' on the volume 'HarddiskVolume54'. It has stopped monitoring the volume.
11/9/2008 11:40:59 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000000E' while processing the file 'autorun.inf' on the volume 'HarddiskVolume62'. It has stopped monitoring the volume.
11/9/2008 1201 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000000E' while processing the file 'autorun.inf' on the volume 'HarddiskVolume65'. It has stopped monitoring the volume.
11/9/2008 12:27:18 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000000E' while processing the file 'autorun.inf' on the volume 'HarddiskVolume68'. It has stopped monitoring the volume.
11/15/2008 9:47:10 PM, error: Dhcp [1002] - The IP address lease 192.168.0.6 for the Network Card with network address 00184DEFBBD5 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
11/16/2008 12:39:58 AM, error: Dhcp [1002] - The IP address lease 192.168.0.231 for the Network Card with network address 00184DEFBBD5 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
11/16/2008 2:28:09 PM, error: Service Control Manager [7031] - The Eset Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
11/16/2008 2:28:36 PM, error: Service Control Manager [7031] - The Eset Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
11/16/2008 2:28:41 PM, error: Service Control Manager [7031] - The Eset Service service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
11/16/2008 2:28:54 PM, error: Service Control Manager [7031] - The Eset Service service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
11/16/2008 2:29:02 PM, error: Service Control Manager [7031] - The Eset Service service terminated unexpectedly. It has done this 5 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
11/16/2008 2:29:10 PM, error: System Error [1003] - Error code 000000c2, parameter1 00000007, parameter2 00000cd4, parameter3 f000ed94, parameter4 00000020.
11/16/2008 2:30:55 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/16/2008 2:45:56 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
11/16/2008 2:46:19 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).

==== End Of File ===========================

thank you for your time and help
bigpun07931 is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here