Jump to content

rockstarrocks

Honorary Members
  • Posts

    43
  • Joined

Everything posted by rockstarrocks

  1. After like 20 attempts this is the best I could do. I sucked at flappy birds.
  2. Yes, I tried it on my old HP 630 laptop. Maybe it was too slow to show the clue 🤣 Now running on a faster laptop, it does show the hyperlink.
  3. I tried clicking on 0:05, 0:55, 5:00 while scan was running 🤣 Congrats 🥳🥳
  4. On a 400/400 Mbps connection with ethernet.
  5. In the first image MB Browser Guard detects the MB antivirus but says "not linked". Do I have to change something in settings, or it happens automatically. In the second image checkmark is greyed out (it should be green, as even just above it says "Complete (2/2)") but I have no apps starting with windows as seen in Settings app MB version: 5.0.7.55, update package: 1.0.70377, component version:1.0.937, MB browser guard version: 2.6.3
  6. If we're releasing a new beta version of the software in the future, that doesn't mean we should stop testing the stable version we have now. We should continue using v4.5 for testing purposes until v5 is out of beta and ready to be tested outside of the company. Edit: Idk why I said "we" lol
  7. I am just curious what's the reason behind MB missing from tests done this year by av-comparatives (Real-world protection, performance, malware protection test, etc).
  8. I agree, looks pretty good so far with no stability issues (Win11 22H2). My only feedback would be to improve UI scaling in general when resizing MB5 window especially in home page (what u seen when u open click on MB5 icon in tray) and detection history page. Also "RealTime Protection" button should be either merged with "Security advisor" or at least made clickable.
  9. No, that wasn't the bug, it was me. Sorry for that. You were just trying to help, no need to apologize.
  10. This thread is from 2015 I don't even have that laptop anymore 😅, dunno why this thread is not locked.
  11. What was wrong with younger me, why I am saying it in sarcastic tone, maybe I didn't know that it meant sarcasm back then lol.
  12. Earlier, when using Windows Disc Image Burner to burn the iso, i get this error. error code: 0x80004005. Also when i go to device manager/IDE ATA/ATAPI controllers/AMD SATA controller, and right click properties there i can't find any option to toggle DMA on/off. Guys please help THanks iN aDvanCe:)
  13. i used Verbatim DVD-R 16x DVDs to burn Win10 x64 iso file for backup is this dvd writer even capable of burning dvds? i am not sure Dell Vostro 3445, AMD A6-6310, 4GB RAM, win 10 64 bit here is the error-log made by nero( earlier i used windows image burning utility) Windows 8 6.2 AMD64 Wow64Process Nero Version: 16.0.24.0 Internal Version: 16,0,24,0 Recorder : <TSSTcorp DVD+-RW SU-208FB> FW version: D200 - HA 1 TA 0 - 16.0.24.0 Device bus : <> HA 1 Host system bus : <S-ATA> Drive buffer : 512kB Bus Type : via Inquiry data CD/DVD-ROM : <TSSTcorp DVD+-RW SU-208FB> FW version: D200 - HA 1 TA 0 - 16.0.24.0 Device bus : <> HA 1 Host system bus : <S-ATA> === Scsi-Device-Map === : ST500LT012-1DG140001 amdsata Port 0 ID 0 DMA: Off : TSSTcorpDVD+-RW SU-208FBD200 amdsata Port 0 ID 0 DMA: Off === CDRom-Device-Map === TSSTcorp DVD+-RW SU-208FB G: CdRom0 ======================= AutoRun : 1 Excluded drive IDs: WriteBufferSize: 83886080 (0) Byte BUFE : 0 Physical memory : 2047MB (2097151kB) Free physical memory: 1729MB (1770732kB) Memory in use : 50 % Uncached PFiles: 0x0 Global Bus Type: default (0) Check supported media : Disabled (0) 15.9.2015 Burn DVD Image 14:11:30 #1 Text 0 File SCSIPTICommands.cpp, Line 617 LockMCN - completed sucessfully for IOCTL_STORAGE_MCN_CONTROL 14:11:31 #2 PHASE 214 File dlgbrnst.cpp, Line 2095 Generation of disc structures started 14:11:31 #3 PHASE 215 File dlgbrnst.cpp, Line 2095 Generation of disc structures completed 14:11:31 #4 Text 0 File Burncd.cpp, Line 4086 Turn on Disc-At-Once, using DVD media 14:11:31 #5 Text 0 File Cdrdrv.cpp, Line 10845 ---- Disc Structure: Physical Format Information of Control Data Zone in the Lead-in (10h) ---- Media Type: 0, Layer: 0, Address: 0 (0 h), AGID: 0; Length: 2050 Book Type: DVD-R (2), Part Version: 2.0x (5), Extended Part Version: 2.1 (33) Disc Size: 120 mm, Maximum Transfer Rate: <not specified> (F h) Number of Layers: 1, Track Path: Parallel Track Path (PTP), Layer Type: recordable Linear Density: 0,267 um/bit, Track Density: 0,74 um/track Starting Physical Sector Number of Data Area: 30000 h (DVD-ROM, DVD-R/-RW, DVD+R/+RW) Outer Limit of Data Recordable Area: 26127F h Data in Burst Cutting Area (BCA) does not exist Revision number of maximum recording speed: 6.0 Revision number of minimum recording speed: - Revision number table of recording speed: 1.0 2.0 3.0 4.0 5.0 - - Class: 0, Extended part version: 33 Start PSN of the Extra Border Zone: 2FE10 h Start PSN of Physical format information blocks in Extra Border Zone: 2FFA0 h Media Specific [16..783]: 00 60 00 10 20 30 40 50 - 00 00 00 21 00 00 00 00 .`...0@P...!.... 00 02 FE 10 00 02 FF A0 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 1D 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 01 40 C1 FD 9E D8 52 00 - 02 85 0D 0E 88 9A 80 00 .@....R......... 03 4D 43 43 20 30 33 00 - 04 52 47 32 30 20 20 00 .MCC.03..RG20... 05 88 80 00 00 00 02 00 - 06 09 0B 14 87 78 90 00 .............x.. 07 88 80 00 00 00 00 00 - 08 08 13 0D 11 0C 08 00 ................ 09 95 07 0E 0B 78 88 00 - 0A A0 00 20 00 20 10 00 .....x.......... 0B 06 1A 17 86 67 85 00 - 0C 99 AB 3A 83 20 32 00 .....g.....:..2. 0D 00 00 D0 00 00 00 00 - 0E 0A 24 35 2F 29 1A 00 ..........$5/).. 0F 50 1B 29 17 97 B5 00 - 10 88 80 00 00 00 00 00 .P.)............ 11 00 00 00 00 00 00 00 - 12 09 2E 37 2F 29 19 00 ...........7/).. 13 50 1B 29 17 97 B5 00 - 14 88 80 00 00 00 00 00 .P.)............ 15 00 00 00 00 00 00 00 - 16 09 3F 44 3D 24 29 00 ..........?D=$). 17 60 1F 2F 1D 97 B5 00 - 18 88 84 00 04 00 04 00 .`./............ 19 00 00 00 00 00 00 00 - 1A 08 57 46 42 27 24 00 ..........WFB'$. 1B 70 1F 2B 0F AA B5 00 - 1C 88 84 00 04 00 04 00 .p.+............ 1D 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 14:11:31 #6 Text 0 File DlgWaitCD.cpp, Line 335 [G: DVD+-RW SU-208FB] Last possible write address on media: 2298495 Last address to be written: 1634559 14:11:31 #7 Text 0 File DlgWaitCD.cpp, Line 347 [G: DVD+-RW SU-208FB] Write in overburning mode: NO (enabled: CD) 14:11:31 #8 Text 0 File DlgWaitCD.cpp, Line 3127 Recorder: TSSTcorp DVD+-RW SU-208FB, Media type: DVD-R Disc Manufacturer ID: <MCC 03> <RG20 > Disc Application Code: 64, Disc Physical Code: 193 14:11:31 #9 Text 0 File DlgWaitCD.cpp, Line 537 [G: DVD+-RW SU-208FB] >>> Protocol of DlgWaitCD activities: <<< ========================================= 14:11:31 #10 Text 0 File ThreadedTransferInterface.cpp, Line 879 Setup items (after recorder preparation) 0: TRM_DATA_MODE1 (2 - CD-ROM Mode 1, ISO 9660) 2 indices, index0 (150) not provided original disc pos #0 + 1634560 (1634560) = #1634560/363:14.10 not relocatable, disc pos for caching/writing not required/not required -> TRM_DATA_MODE1, 2048, config 0, wanted index0 0 blocks, length 1634560 blocks [G: TSSTcorp DVD+-RW SU-208FB] -------------------------------------------------------------- 14:11:31 #11 Text 0 File ThreadedTransferInterface.cpp, Line 1095 Prepare [G: TSSTcorp DVD+-RW SU-208FB] for write in CUE-sheet-DAO DAO infos: ========== MCN: "" TOCType: 0x00; Session Closed, disc fixated Tracks 1 to 1: Idx 0 Idx 1 Next Trk 1: TRM_DATA_MODE1, 2048/0x00, FilePos 0 0 3347578880, ISRC "" DAO layout: =========== ___Start_|____Track_|_Idx_|_CtrlAdr_|_____Size_|______NWA_|_RecDep__________ 0 | lead-in | 0 | 0x41 | 0 | 0 | 0x00 0 | 1 | 0 | 0x41 | 0 | 0 | 0x00 0 | 1 | 1 | 0x41 | 1634560 | 1634560 | 0x00 1634560 | lead-out | 1 | 0x41 | 0 | 0 | 0x00 MediaType: DVD-R 14:11:31 #12 Text 0 File SCSIPTICommands.cpp, Line 404 SPTILockVolume - completed successfully for FSCTL_LOCK_VOLUME 14:11:31 #13 Text 0 File Burncd.cpp, Line 4984 Caching options: cache CDRom or Network-Yes, small files-No (<64KB) 14:11:31 #14 PHASE 24 File dlgbrnst.cpp, Line 2095 Caching of files started 14:11:31 #15 Text 0 File Burncd.cpp, Line 5106 Cache writing successful. 14:11:31 #16 PHASE 25 File dlgbrnst.cpp, Line 2095 Caching of files completed 14:11:31 #17 PHASE 28 File dlgbrnst.cpp, Line 2095 Maximum transfer rate test started 14:11:31 #18 Text 0 File Cdrdrv.cpp, Line 10845 ---- Disc Structure: Physical Format Information of Control Data Zone in the Lead-in (10h) ---- Media Type: 0, Layer: 0, Address: 0 (0 h), AGID: 0; Length: 2050 Book Type: DVD-R (2), Part Version: 2.0x (5), Extended Part Version: 2.1 (33) Disc Size: 120 mm, Maximum Transfer Rate: <not specified> (F h) Number of Layers: 1, Track Path: Parallel Track Path (PTP), Layer Type: recordable Linear Density: 0,267 um/bit, Track Density: 0,74 um/track Starting Physical Sector Number of Data Area: 30000 h (DVD-ROM, DVD-R/-RW, DVD+R/+RW) Outer Limit of Data Recordable Area: 26127F h Data in Burst Cutting Area (BCA) does not exist Revision number of maximum recording speed: 6.0 Revision number of minimum recording speed: - Revision number table of recording speed: 1.0 2.0 3.0 4.0 5.0 - - Class: 0, Extended part version: 33 Start PSN of the Extra Border Zone: 2FE10 h Start PSN of Physical format information blocks in Extra Border Zone: 2FFA0 h Media Specific [16..783]: 00 60 00 10 20 30 40 50 - 00 00 00 21 00 00 00 00 .`...0@P...!.... 00 02 FE 10 00 02 FF A0 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 1D 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 01 40 C1 FD 9E D8 52 00 - 02 85 0D 0E 88 9A 80 00 .@....R......... 03 4D 43 43 20 30 33 00 - 04 52 47 32 30 20 20 00 .MCC.03..RG20... 05 88 80 00 00 00 02 00 - 06 09 0B 14 87 78 90 00 .............x.. 07 88 80 00 00 00 00 00 - 08 08 13 0D 11 0C 08 00 ................ 09 95 07 0E 0B 78 88 00 - 0A A0 00 20 00 20 10 00 .....x.......... 0B 06 1A 17 86 67 85 00 - 0C 99 AB 3A 83 20 32 00 .....g.....:..2. 0D 00 00 D0 00 00 00 00 - 0E 0A 24 35 2F 29 1A 00 ..........$5/).. 0F 50 1B 29 17 97 B5 00 - 10 88 80 00 00 00 00 00 .P.)............ 11 00 00 00 00 00 00 00 - 12 09 2E 37 2F 29 19 00 ...........7/).. 13 50 1B 29 17 97 B5 00 - 14 88 80 00 00 00 00 00 .P.)............ 15 00 00 00 00 00 00 00 - 16 09 3F 44 3D 24 29 00 ..........?D=$). 17 60 1F 2F 1D 97 B5 00 - 18 88 84 00 04 00 04 00 .`./............ 19 00 00 00 00 00 00 00 - 1A 08 57 46 42 27 24 00 ..........WFB'$. 1B 70 1F 2B 0F AA B5 00 - 1C 88 84 00 04 00 04 00 .p.+............ 1D 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 14:11:31 #19 Text 0 File ThreadedTransferInterface.cpp, Line 2926 Verifying disc position of item 0 (not relocatable, no disc pos, no patch infos, orig at #0): write at #0 14:11:31 #20 Text 0 File ThreadedTransfer.cpp, Line 275 Pipe memory size 590400 14:13:24 #21 Text 0 File WriterStatus.cpp, Line 245 <G: TSSTcorp DVD+-RW SU-208FB> start writing Lead-Out at LBA 1634560 (18F100h), length 0 blocks 14:13:24 #22 PHASE 29 File dlgbrnst.cpp, Line 2044 Maximum transfer rate test completed: 21x (29,102 KB/s) 14:13:24 #23 PHASE 36 File dlgbrnst.cpp, Line 2095 Burn process started at 8x (11,080 KB/s) 14:13:27 #24 Text 0 File Cdrdrv.cpp, Line 10845 ---- Disc Structure: Physical Format Information of Control Data Zone in the Lead-in (10h) ---- Media Type: 0, Layer: 0, Address: 0 (0 h), AGID: 0; Length: 2050 Book Type: DVD-R (2), Part Version: 2.0x (5), Extended Part Version: 2.1 (33) Disc Size: 120 mm, Maximum Transfer Rate: <not specified> (F h) Number of Layers: 1, Track Path: Parallel Track Path (PTP), Layer Type: recordable Linear Density: 0,267 um/bit, Track Density: 0,74 um/track Starting Physical Sector Number of Data Area: 30000 h (DVD-ROM, DVD-R/-RW, DVD+R/+RW) Outer Limit of Data Recordable Area: 26127F h Data in Burst Cutting Area (BCA) does not exist Revision number of maximum recording speed: 6.0 Revision number of minimum recording speed: - Revision number table of recording speed: 1.0 2.0 3.0 4.0 5.0 - - Class: 0, Extended part version: 33 Start PSN of the Extra Border Zone: 2FE10 h Start PSN of Physical format information blocks in Extra Border Zone: 2FFA0 h Media Specific [16..783]: 00 60 00 10 20 30 40 50 - 00 00 00 21 00 00 00 00 .`...0@P...!.... 00 02 FE 10 00 02 FF A0 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 1D 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 01 40 C1 FD 9E D8 52 00 - 02 85 0D 0E 88 9A 80 00 .@....R......... 03 4D 43 43 20 30 33 00 - 04 52 47 32 30 20 20 00 .MCC.03..RG20... 05 88 80 00 00 00 02 00 - 06 09 0B 14 87 78 90 00 .............x.. 07 88 80 00 00 00 00 00 - 08 08 13 0D 11 0C 08 00 ................ 09 95 07 0E 0B 78 88 00 - 0A A0 00 20 00 20 10 00 .....x.......... 0B 06 1A 17 86 67 85 00 - 0C 99 AB 3A 83 20 32 00 .....g.....:..2. 0D 00 00 D0 00 00 00 00 - 0E 0A 24 35 2F 29 1A 00 ..........$5/).. 0F 50 1B 29 17 97 B5 00 - 10 88 80 00 00 00 00 00 .P.)............ 11 00 00 00 00 00 00 00 - 12 09 2E 37 2F 29 19 00 ...........7/).. 13 50 1B 29 17 97 B5 00 - 14 88 80 00 00 00 00 00 .P.)............ 15 00 00 00 00 00 00 00 - 16 09 3F 44 3D 24 29 00 ..........?D=$). 17 60 1F 2F 1D 97 B5 00 - 18 88 84 00 04 00 04 00 .`./............ 19 00 00 00 00 00 00 00 - 1A 08 57 46 42 27 24 00 ..........WFB'$. 1B 70 1F 2B 0F AA B5 00 - 1C 88 84 00 04 00 04 00 .p.+............ 1D 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 14:13:27 #25 Text 0 File ThreadedTransferInterface.cpp, Line 2926 Verifying disc position of item 0 (not relocatable, no disc pos, no patch infos, orig at #0): write at #0 14:13:27 #26 Text 0 File Cdrdrv.cpp, Line 10845 ---- Disc Structure: Physical Format Information of Control Data Zone in the Lead-in (10h) ---- Media Type: 0, Layer: 0, Address: 0 (0 h), AGID: 0; Length: 2050 Book Type: DVD-R (2), Part Version: 2.0x (5), Extended Part Version: 2.1 (33) Disc Size: 120 mm, Maximum Transfer Rate: <not specified> (F h) Number of Layers: 1, Track Path: Parallel Track Path (PTP), Layer Type: recordable Linear Density: 0,267 um/bit, Track Density: 0,74 um/track Starting Physical Sector Number of Data Area: 30000 h (DVD-ROM, DVD-R/-RW, DVD+R/+RW) Outer Limit of Data Recordable Area: 26127F h Data in Burst Cutting Area (BCA) does not exist Revision number of maximum recording speed: 6.0 Revision number of minimum recording speed: - Revision number table of recording speed: 1.0 2.0 3.0 4.0 5.0 - - Class: 0, Extended part version: 33 Start PSN of the Extra Border Zone: 2FE10 h Start PSN of Physical format information blocks in Extra Border Zone: 2FFA0 h Media Specific [16..783]: 00 60 00 10 20 30 40 50 - 00 00 00 21 00 00 00 00 .`...0@P...!.... 00 02 FE 10 00 02 FF A0 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 1D 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 01 40 C1 FD 9E D8 52 00 - 02 85 0D 0E 88 9A 80 00 .@....R......... 03 4D 43 43 20 30 33 00 - 04 52 47 32 30 20 20 00 .MCC.03..RG20... 05 88 80 00 00 00 02 00 - 06 09 0B 14 87 78 90 00 .............x.. 07 88 80 00 00 00 00 00 - 08 08 13 0D 11 0C 08 00 ................ 09 95 07 0E 0B 78 88 00 - 0A A0 00 20 00 20 10 00 .....x.......... 0B 06 1A 17 86 67 85 00 - 0C 99 AB 3A 83 20 32 00 .....g.....:..2. 0D 00 00 D0 00 00 00 00 - 0E 0A 24 35 2F 29 1A 00 ..........$5/).. 0F 50 1B 29 17 97 B5 00 - 10 88 80 00 00 00 00 00 .P.)............ 11 00 00 00 00 00 00 00 - 12 09 2E 37 2F 29 19 00 ...........7/).. 13 50 1B 29 17 97 B5 00 - 14 88 80 00 00 00 00 00 .P.)............ 15 00 00 00 00 00 00 00 - 16 09 3F 44 3D 24 29 00 ..........?D=$). 17 60 1F 2F 1D 97 B5 00 - 18 88 84 00 04 00 04 00 .`./............ 19 00 00 00 00 00 00 00 - 1A 08 57 46 42 27 24 00 ..........WFB'$. 1B 70 1F 2B 0F AA B5 00 - 1C 88 84 00 04 00 04 00 .p.+............ 1D 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 14:13:27 #27 Text 0 File DVDR.cpp, Line 3137 Recording mode: Sequential Recording Mode 14:13:27 #28 Text 0 File DVDR.cpp, Line 3295 Start write address at LBA 0 DVD high compatibility mode: Yes 14:13:27 #29 Text 0 File Cdrdrv.cpp, Line 10845 ---- Disc Structure: Physical Format Information (00h) ---- Media Type: 0, Layer: 0, Address: 0 (0 h), AGID: 0; Length: 2050 Book Type: DVD-R (2), Part Version: 2.0x (5), Extended Part Version: 2.1 (33) Disc Size: 120 mm, Maximum Transfer Rate: <not specified> (F h) Number of Layers: 1, Track Path: Parallel Track Path (PTP), Layer Type: recordable Linear Density: 0,267 um/bit, Track Density: 0,74 um/track Starting Physical Sector Number of Data Area: 30000 h (DVD-ROM, DVD-R/-RW, DVD+R/+RW) Outer Limit of Data Recordable Area: 0 h Data in Burst Cutting Area (BCA) does not exist Revision number of maximum recording speed: 6.0 Revision number of minimum recording speed: - Revision number table of recording speed: 1.0 2.0 3.0 4.0 5.0 - - Class: 0, Extended part version: 33 Start PSN of the Extra Border Zone: 0 h Start PSN of Physical format information blocks in Extra Border Zone: 0 h Media Specific [16..783]: 00 60 00 10 20 30 40 50 - 00 00 00 21 00 00 00 00 .`...0@P...!.... 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 1D 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 01 40 C1 FD 9E D8 52 00 - 02 85 0D 0E 88 9A 80 00 .@....R......... 03 4D 43 43 20 30 33 00 - 04 52 47 32 30 20 20 00 .MCC.03..RG20... 05 88 80 00 00 00 02 00 - 06 09 0B 14 87 78 90 00 .............x.. 07 88 80 00 00 00 00 00 - 08 08 13 0D 11 0C 08 00 ................ 09 95 07 0E 0B 78 88 00 - 0A A0 00 20 00 20 10 00 .....x.......... 0B 06 1A 17 86 67 85 00 - 0C 99 AB 3A 83 20 32 00 .....g.....:..2. 0D 00 00 D0 00 00 00 00 - 0E 0A 24 35 2F 29 1A 00 ..........$5/).. 0F 50 1B 29 17 97 B5 00 - 10 88 80 00 00 00 00 00 .P.)............ 11 00 00 00 00 00 00 00 - 12 09 2E 37 2F 29 19 00 ...........7/).. 13 50 1B 29 17 97 B5 00 - 14 88 80 00 00 00 00 00 .P.)............ 15 00 00 00 00 00 00 00 - 16 09 3F 44 3D 24 29 00 ..........?D=$). 17 60 1F 2F 1D 97 B5 00 - 18 88 84 00 04 00 04 00 .`./............ 19 00 00 00 00 00 00 00 - 1A 08 57 46 42 27 24 00 ..........WFB'$. 1B 70 1F 2B 0F AA B5 00 - 1C 88 84 00 04 00 04 00 .p.+............ 1D 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 14:13:27 #30 Text 0 File DVDR.cpp, Line 3437 Reserved Track size: 1634560 (18F100h, 3192MB) -> return code 0 14:13:27 #31 Text 0 File ThreadedTransfer.cpp, Line 275 Pipe memory size 83836800 14:13:43 #32 Text 0 File Cdrdrv.cpp, Line 1274 : Queue again later - 14:13:43.033 14:14:53 #33 SPTI -1194 File SCSIPassThrough.cpp, Line 225 CdRom0: SCSIStatus(x02) WinError(0) NeroError(-1194) CDB Data: 0x2A 00 00 00 00 40 00 00 20 00 00 00 Sense Key: 0x03 (KEY_MEDIUM_ERROR) Sense Code: 0x73 Sense Qual: 0x04 Sense Area: 0x71 00 03 00 00 00 00 0A 00 00 00 00 73 04 Buffer x104ee0c0: Len x10000 0x09 00 02 00 27 00 00 00 76 F0 76 00 40 00 00 00 0x00 10 DF 07 07 1F 07 34 38 00 00 00 01 00 00 00 0x00 00 00 00 00 00 00 00 34 04 00 00 00 00 00 00 14:14:53 #34 TRANSFER -20 File ThreadedTransfer.cpp, Line 1235 Could not perform Write 14:14:53 #35 CDR -1194 File Writer.cpp, Line 345 PMA update failure G: TSSTcorp DVD+-RW SU-208FB 14:14:53 #36 PHASE 181 File dlgbrnst.cpp, Line 2095 Writing lead-out... 14:14:53 #37 Text 0 File DVDR.cpp, Line 3750 EndDAO: Last written address was 63 (3Fh) 14:14:53 #38 Text 0 File DVDPlusDualLayer.cpp, Line 1464 SetDriveCaps: Set LAST LBA of layer 1 to 0 14:14:53 #39 PHASE 38 File dlgbrnst.cpp, Line 2095 Burn process failed at 8x (11,080 KB/s) 14:14:53 #40 Text 0 File SCSIPTICommands.cpp, Line 454 SPTIDismountVolume - completed successfully for FSCTL_DISMOUNT_VOLUME 14:14:53 #41 Text 0 File Cdrdrv.cpp, Line 12297 DriveLocker: UnLockVolume completed 14:14:53 #42 Text 0 File SCSIPTICommands.cpp, Line 617 UnLockMCN - completed sucessfully for IOCTL_STORAGE_MCN_CONTROL
  14. Hi, Sorry to pop in on this topic. @wingclip you can enable/disable protection by opening malwarebytes from either desktop shortcut or start>all programs>malwarebytes then go to protection tab and select/deselect protection.
  15. a very big thanks to you Maurice, for your help. pc running fine that keyboard-mouse problem was just a driver issue.
  16. And got any idea about that keyboard-mouse problem, what was that? Was that normal after a combofix scan? thanks
  17. Here is the report of bitdefender quickscan--no infections found. QuickScan 32-bit v0.9.9.118 --------------------------- Scan date: Wed Dec 05 00:22:22 2012 Machine ID: C418BAA No infection found. ------------------- Processes --------- ATI External Event Utility for Windows 804 C:\WINDOWS\system32\ati2evxx.exe ATI External Event Utility for Windows 1036 C:\WINDOWS\system32\ati2evxx.exe Malwarebytes Anti-Malware 1872 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe Malwarebytes Anti-Malware 1724 C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe Malwarebytes Anti-Malware 1840 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe Microsoft® Windows® Operating System 1892 C:\Program Files\Windows Media Player\wmpnscfg.exe Microsoft® Windows® Operating System 1512 C:\WINDOWS\system32\spoolsv.exe Microsoft® Windows® Operating System 2148 C:\WINDOWS\system32\taskmgr.exe Microsoft® Windows® Operating System 2600 C:\WINDOWS\system32\wscntfy.exe Microsoft® Windows® Operating System 3468 C:\WINDOWS\system32\wuauclt.exe Microsoft® Windows® Operating System 3648 C:\WINDOWS\system32\WudfHost.exe Nero AG incdsrv 996 C:\Program Files\Ahead\InCD\InCDsrv.exe OpenDNSUpdater.exe 1832 C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe PSIService 1864 C:\WINDOWS\system32\PSIService.exe (verified) Microsoft® Windows® Operating System 1408 C:\WINDOWS\explorer.exe (verified) Microsoft® Windows® Operating System 3612 C:\WINDOWS\system32\alg.exe (verified) Microsoft® Windows® Operating System 568 C:\WINDOWS\system32\csrss.exe (verified) Microsoft® Windows® Operating System 1860 C:\WINDOWS\system32\ctfmon.exe (verified) Microsoft® Windows® Operating System 652 C:\WINDOWS\system32\lsass.exe (verified) Microsoft® Windows® Operating System 640 C:\WINDOWS\system32\services.exe (verified) Microsoft® Windows® Operating System 512 C:\WINDOWS\system32\smss.exe (verified) Microsoft® Windows® Operating System 848 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 932 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 972 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1180 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1352 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1452 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1608 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 1900 C:\WINDOWS\system32\svchost.exe (verified) Microsoft® Windows® Operating System 596 C:\WINDOWS\system32\winlogon.exe (verified) Windows® Internet Explorer 468 C:\Program Files\Internet Explorer\iexplore.exe (verified) Windows® Internet Explorer 3156 C:\Program Files\Internet Explorer\iexplore.exe Network activity ---------------- Process svchost.exe (1608) connected on port 80 (HTTP) --> 77.67.21.240 Process svchost.exe (932) listens on ports: 135 (RPC) Autoruns and critical files --------------------------- Adobe® Flash® Player Update Service C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe ATI External Event Utility for Windows C:\WINDOWS\system32\Ati2evxx.dll Microsoft® Windows® Operating System C:\Program Files\Windows Media Player\wmpnscfg.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\cscdll.dll Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll Microsoft® Windows® Operating System C:\WINDOWS\System32\logon.scr Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll Microsoft® Windows® Operating System c:\windows\system32\userinit.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll OpenDNSUpdater.exe C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe (verified) Microsoft Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\LogonUI.EXE (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll (verified) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll Browser plugins --------------- 2007 Microsoft Office system C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL Bitdefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll FlashGot.exe C:\Documents and Settings\brij\Application Data\Mozilla\Firefox\Profiles\60e6ffje.default-1351422784515\FlashGot.exe Foxit Reader Plugin for Mozilla C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll Free Download Manager C:\Program Files\Free Download Manager\iefdm2.dll Internet Download Manager Module C:\Program Files\Internet Download Manager\IDMIECC.dll Java Deployment Toolkit 7.0.70.11 C:\WINDOWS\system32\npDeployJava1.dll Java Platform SE 7 U9 c:\program files\java\jre7\bin\jp2ssv.dll Java Platform SE 7 U9 C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll Java Platform SE 7 U9 C:\Program Files\Java\jre7\bin\ssv.dll Messenger C:\Program Files\Messenger\msmsgs.exe Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll NPSWF32_11_5_502_110.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll Shockwave for Director C:\WINDOWS\system32\Adobe\Director\np32dsw.dll Silverlight Plug-In c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll TweakMASTER PRO c:\program files\tweakmaster\tweakbho.dll VLC Web Plugin C:\Program Files\VideoLAN\VLC\npvlc.dll Windows Presentation Foundation c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll Windows® Internet Explorer C:\WINDOWS\system32\IEFRAME.dll (verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe Scan ---- MD5: 7ed2dcc0dc8d3086bbf0827ae7dbf8b9 C:\Documents and Settings\brij\Application Data\Mozilla\Firefox\Profiles\60e6ffje.default-1351422784515\FlashGot.exe MD5: 6b2eff917ed193d3f8a828dda2aaaa17 C:\Program Files\Ahead\InCD\incdshx.dll MD5: e9372a17c22fc4e5c9fd8798a97775fc C:\Program Files\Ahead\InCD\InCDsrv.exe MD5: 3a9f70479a886dcc8e5151326156472d C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll MD5: 8222b430226e2ea622c58a4b5ad6f441 C:\Program Files\Common Files\Ahead\Lib\DriveLocker.dll MD5: 9f06182191c4d861eadaa5b9726f53d8 C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll MD5: 7f317d4826fda6682b63942d248af96e C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll MD5: f76d04f7413b07daa029f6520b64b4e8 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe MD5: e42bd47c42b9a23b11f6b34a694d59d3 C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll MD5: e19c05763100e5eeebb0e729ba943851 C:\Program Files\Free Download Manager\fdmumsp.dll MD5: 53e8714108bc14fdbf352dbc3428a171 C:\Program Files\Free Download Manager\flvsniff.dll MD5: dde13c0599d64e35d8789abb3c12e148 C:\Program Files\Free Download Manager\iefdm2.dll MD5: ea1a320b897268bd6accfeddb31b9cab C:\Program Files\Internet Download Manager\idmftype.dll MD5: 616e9a9cfbc4ee7d506f0eb4d927044b C:\Program Files\Internet Download Manager\IDMIECC.dll MD5: e63e87a7403e7dba0d3fcffe8c96ceba C:\Program Files\Internet Download Manager\IDMNetMon.DLL MD5: 1d3910b356bbdebf096cad12e4f04103 C:\Program Files\Internet Download Manager\IDMShellExt.dll MD5: 028fd0e10b2248c75f07e2fec2562e2e C:\Program Files\Internet Explorer\ieproxy.dll MD5: bc95b80d8699f3ecccc467bff97fd9a4 C:\Program Files\internet explorer\xpshims.dll MD5: b6cff14d68cfff48982dc49cd5aac870 C:\Program Files\IObit\IObit Unlocker\IObitUnlockerExtension.dll MD5: eb47e405a9222ca595e5e763b4156529 c:\program files\java\jre7\bin\jp2ssv.dll MD5: b591e761161d1ef547d76ef236eaa6a5 C:\Program Files\Java\jre7\bin\jqs.exe MD5: 67ec459e42d3081dd8fd34356f7cafc1 C:\Program Files\Java\jre7\bin\msvcr100.dll MD5: c04fcb7eebeb5097b30468828f20fb9e C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll MD5: a7a6954e500715117b64b414ab81cb44 C:\Program Files\Java\jre7\bin\ssv.dll MD5: c0f7c25eefb1c5fd554aaa801201a83c C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll MD5: 8eb9df4d405524d5ef69ae9ecb0edd16 C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll MD5: 8d7afebf4fadc87fe8b3bd507b3cf611 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll MD5: 12e33dd823d74680de6f33bfa359efb3 C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe MD5: a8ad2773202a3913d1e1564bd5703183 C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll MD5: 85b16a92b117a5a800032ecd904b86db C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe MD5: 20e2469db709fc675e655ceaa11be312 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe MD5: 3e930c641079443d4de036167a69caa2 C:\Program Files\Messenger\msmsgs.exe MD5: 9013599b12923a45c029c34e8d2211ac c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll MD5: 9a6101f29e2e9d41b99cbcc8f106e8fe C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL MD5: 8c7336950f1e69cdfd811cbbd9cf00a2 C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe MD5: 66cd0bec783dcea93c4bedb0cc288425 C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe MD5: e90ce237e99c5d26cb3872318a7799d0 C:\Program Files\PC Connectivity Solution\ServiceLayer.exe MD5: 21d8f9defdc65eed9b631fb373f8d8c1 C:\Program Files\Photo!\Photo! Editor\IvBar\ivbshlext.dll MD5: 5020af7dc7d74e4236137f565c1ce7c3 C:\Program Files\Photo!\Photo! Editor\IvBar\locs.dll MD5: 771c906aa119777d3fe7377f9a6a19dc C:\Program Files\TeraCopy\TeraCopyExt.dll MD5: db3b7fb9ad1cff2f2d6b84491f116427 c:\program files\tweakmaster\tweakbho.dll MD5: c7794a997cec29173a4401f3ae16c51f C:\Program Files\VideoLAN\VLC\npvlc.dll MD5: 74971f52d2737ff7e0b7306845aa6045 C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll MD5: b4426bea42bc1a0cf13044be2626a822 C:\Program Files\Windows Media Player\wmpnscfg.exe MD5: c26842dc2066d1a66043a73e6505b627 C:\Program Files\Windows Media Player\wmpnssci.dll MD5: b2764e34dd2d5dab113c2af3f7315fa9 C:\Program Files\WinRAR\rarext.dll MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL MD5: 77e6673a112c98f99ef44776f4de2e4d C:\WINDOWS\AppPatch\AcLayers.DLL MD5: 56940b50ab0e5923822f47b0e4463885 C:\WINDOWS\Downloaded Program Files\qsax.dll MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll MD5: 82a98d0eb83505529ad81e4c1fadc37d C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll MD5: 2c3b769c59044ef5d82290f98a6e4c26 C:\WINDOWS\system32\AcSignIcon.dll MD5: 3d3caf586124c4e8102764c8b3063bb6 C:\WINDOWS\system32\Adobe\Director\np32dsw.dll MD5: 1b55aada26fb54ed88c7e9bd113afc06 C:\WINDOWS\system32\Ati2edxx.dll MD5: 7fb5c6ad0c3e7818dc87f199e225ed25 C:\WINDOWS\system32\Ati2evxx.dll MD5: 666e4e583a7cf1233c6425da16ecdc89 C:\WINDOWS\system32\ati2evxx.exe MD5: ebd18d3b25d9f11769c63723b0db53db C:\WINDOWS\system32\atipdlxx.dll MD5: 9b2e14f4d66a59306584566a705f8cdd C:\WINDOWS\system32\bitsprx2.dll MD5: 08763c1ae79d88d122207d0471e834db C:\WINDOWS\system32\bitsprx3.dll MD5: cfd4e51402da9838b5a04ae680af54a0 c:\windows\system32\browser.dll MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\comctl32.dll MD5: ed0c0df222209e43ad9afbf3fe87dde0 C:\WINDOWS\system32\comsvcs.dll MD5: 8fcf03e4d7be9b5587ccf11719959006 C:\WINDOWS\system32\corpol.dll MD5: 6bee5d4eff0a0341bcc4a462d81ccfc1 C:\WINDOWS\system32\CRYPT32.dll MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\system32\cscdll.dll MD5: dd40363abad230a84c5e2178b11efa88 C:\WINDOWS\system32\CSRSRV.dll MD5: 56adb11f7d4d0816c0be1e701c1b5e52 C:\WINDOWS\system32\D3DIM700.DLL MD5: e2092f0a1d7abc243f9c2362483d150d C:\WINDOWS\System32\dimsntfy.dll MD5: 389496118b3b03c2328024af320132ac C:\WINDOWS\system32\DNSAPI.dll MD5: 5f7e24fa9eab896051ffb87f840730d2 C:\WINDOWS\System32\dnsrslvr.dll MD5: 0059ff74927a27395c5e190f9aa392df C:\WINDOWS\system32\drivers\acedrv10.sys MD5: 6625a32ad17a3fa6c7f405aeac945aa7 C:\WINDOWS\system32\drivers\acehlp10.sys MD5: 1e44bc1e83d8fd2305f8d452db109cf9 C:\WINDOWS\System32\drivers\afd.sys MD5: 033448d435e65c4bd72e70521fd05c76 C:\WINDOWS\system32\DRIVERS\AmdPPM.sys MD5: b21fcbc58cb13bac70f74b5ac5da7409 C:\WINDOWS\system32\DRIVERS\Apfiltr.sys MD5: 663f2fb92608073824ee3106886120f3 C:\WINDOWS\system32\drivers\AsIO.sys MD5: 0c2ca1c294938139829b1983a0c38b31 C:\WINDOWS\system32\DRIVERS\ati2mtag.sys MD5: 4ffe74e33bd9170950116f0ca46eac89 C:\WINDOWS\system32\DRIVERS\AtiPcie.sys MD5: f6c40e0a565ee3ce5aeeb325e10054f2 C:\WINDOWS\system32\drivers\ccdcmb.sys MD5: 2a394e9e1fa3565e4b2fea470ffe4d6b C:\WINDOWS\system32\drivers\ccdcmbo.sys MD5: 2bbd32672723d37357b22fec046d1c05 C:\WINDOWS\system32\DRIVERS\idmtdi.sys MD5: 2e878405128ec98886eb9c2216ac7bd6 C:\WINDOWS\System32\DRIVERS\InCDPass.sys MD5: 7bd8ff29fecc1f4ef5b26ce3ffa80ae8 C:\WINDOWS\system32\DRIVERS\iviVD.sys MD5: f43673d97b9df66999c3dfa6e538ef5b C:\WINDOWS\system32\DRIVERS\l151x86.sys MD5: 3c342af6b920d37fd9155877af2b4b4e C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys MD5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys MD5: 0109c4f3850dfbab279542515386ae22 C:\WINDOWS\system32\DRIVERS\ndistapi.sys MD5: 432bda7c4093a7b2c33fcd07896a1400 C:\WINDOWS\system32\DRIVERS\ousb2hub.sys MD5: d69bf275aea9a82742150d9d808f6441 C:\WINDOWS\System32\Drivers\ousbehci.sys MD5: f451dcacbaa67f3307305ebd4a39ea07 C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys MD5: 444f122e68db44c0589227781f3c8b3f C:\WINDOWS\system32\drivers\pfc.sys MD5: 063dd51cbdc37b8668e09148e0a118bc C:\WINDOWS\system32\drivers\RtkHDAud.sys MD5: a9573045baa16eab9b1085205b82f1ed C:\WINDOWS\system32\DRIVERS\serscan.sys MD5: 14bb60a4f1c5291217a05d5728c403e6 C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\system32\DRIVERS\srv.sys MD5: 4afb3b0919649f95c1964aa1fad27d73 C:\WINDOWS\system32\DRIVERS\tcpip.sys MD5: 5f90a1611029b7abc2db01adb534d047 C:\WINDOWS\system32\DRIVERS\tkbtnpn.sys MD5: b091edf5d4af61a23c5dbd4f21697108 C:\WINDOWS\system32\drivers\umdf\wpdmtpdr.dll MD5: 47f5f9d837d80ffd5882a14db9da0a67 C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys MD5: e44f0d17be0908b58dcc99ccb99c6c32 C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys MD5: c60dc16d4e406810fad54b98dc92d5ec C:\WINDOWS\system32\DRIVERS\wpdusb.sys MD5: f5b754cdea20bbb3a31e16a776ede6d6 c:\windows\system32\ESENT.dll MD5: 3183bfa7bdf50662f9094bc720eb7af9 C:\WINDOWS\system32\hpzll5ha.dll MD5: d573deb87cb2df4e5116d2a4e284eab4 C:\WINDOWS\system32\IEFRAME.dll MD5: ff5dc0e7b0fb876523751bc39b0ffc9f C:\WINDOWS\system32\iepeers.dll MD5: 0579cc3b95edd1ce664a35e016f3dd58 C:\WINDOWS\system32\iertutil.dll MD5: ffc01a72d1c25ccb39f61b202ce60819 C:\WINDOWS\system32\IMAGEHLP.dll MD5: 1e6c47b63cd2f812de0f4a9f610fabb4 C:\WINDOWS\system32\jscript.dll MD5: a525c96c51d55111fdf3bea9ffffc7ae C:\WINDOWS\system32\kerberos.dll MD5: 20fa028cb6506591a99c51432a3c0174 C:\WINDOWS\system32\LangWrbk.dll MD5: 5677dfe438ec1f009273fc84feed6b10 C:\WINDOWS\system32\localspl.dll MD5: 9fad7dff67555ff1e06bc4a3893024a7 C:\WINDOWS\System32\logon.scr MD5: bd31dc6dbe9333c4fbd4bdf0899f2160 C:\WINDOWS\system32\LSASRV.dll MD5: 0cb0aa071c7b86a64f361dcfdf357329 C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe MD5: a3e477acda2c5a427e56fb075adeb536 C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll MD5: 95647f820cbc025676d7b407e2bcfbe6 C:\WINDOWS\system32\mdimon.dll MD5: df3c3ca94cbc9de07ac3eb49440a8d45 C:\WINDOWS\system32\mshtml.dll MD5: da9539268f505a1ba4dc894d20af0a7c C:\WINDOWS\system32\msiexec.exe MD5: 943337d786a56729263071623bbb9de5 C:\WINDOWS\system32\mswsock.dll MD5: acfee2392503dd5e457363a0510b8bcb C:\WINDOWS\system32\msxml3.dll MD5: bbdfdbead1b7a1cfd44bfffd177fb627 C:\WINDOWS\system32\mucltui.dll MD5: cac752bf84db4666ed3ce0948e6ea937 C:\WINDOWS\system32\NETAPI32.dll MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 c:\windows\system32\netshell.dll MD5: ab87c54ca19675880b0cae65b8af140c C:\WINDOWS\system32\npDeployJava1.dll MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll MD5: 40b0f98bad16ad5def894e88c3ef8014 C:\WINDOWS\system32\ODBC32.dll MD5: 6bad1bed9872e62049e487fb91ae2f3a C:\WINDOWS\system32\ole32.dll MD5: 20200ee3cfe10e9f0c028d8653be11c6 C:\WINDOWS\system32\Oleacc.dll MD5: 1b2be5777f69a71778f52ffee1c798d6 C:\WINDOWS\system32\OLEAUT32.dll MD5: 4c0511b7771b28cfcaf9ebbba7c6362d C:\WINDOWS\system32\PortableDeviceClassExtension.dll MD5: 3a0f7d74187101b0dff01d5b460fdaf3 C:\WINDOWS\system32\PSIKey.dll MD5: 64e413ba0c529aa40c3924bbcc4153db C:\WINDOWS\system32\PSIService.exe MD5: f1dac7969c1337af790bd1d981aa780c C:\WINDOWS\system32\qmgrprxy.dll MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll MD5: 0f64207b49390c8063c36ae7cbf9c2db C:\WINDOWS\system32\schannel.dll MD5: 26cb10fa893f940ab09713ff46dcdade C:\WINDOWS\system32\SHDOCVW.dll MD5: 6843d54bc4a40cc8c5741af750233d10 C:\WINDOWS\system32\SHELL32.dll MD5: 29b6a85a733abe65b371023f790b2599 C:\WINDOWS\system32\shmedia.dll MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\system32\SHSVCS.dll MD5: d0e39177c896d2f8191a9c96636276df C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp5ha.dll MD5: 4424ae65f7af8181ac99fe46bc2700c9 C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 c:\windows\system32\srvsvc.dll MD5: 3caeae7608f1bd7ba873a3b02895b106 C:\WINDOWS\system32\sti.dll MD5: a60fc9ca376dba1235c63e960996f013 C:\WINDOWS\system32\syncui.dll MD5: 2cd1c3506a85b38e2d17e61aded175c4 C:\WINDOWS\system32\taskmgr.exe MD5: 9371862d37e8f0af21e4dea95e867c39 C:\WINDOWS\system32\urlmon.dll MD5: c2d7189cdd37453234a9bbcb58e50883 C:\WINDOWS\system32\usbui.dll MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe MD5: 9e03dc5ab51cfd0190541ce2038d819d C:\WINDOWS\system32\USP10.dll MD5: 9d39d9e07c180127252e176ec2b41487 C:\WINDOWS\system32\UTILDLL.dll MD5: 0dfa4d5e8205614eda53394e637812e4 C:\WINDOWS\system32\VDMDBG.dll MD5: 684559a03cbc1d05ba120a18b0d8ba5d C:\WINDOWS\system32\WINHTTP.dll MD5: ff1c14bca1a797ce45dd359fa2c9eda8 C:\WINDOWS\system32\WININET.dll MD5: 4a953f13942867ba8fb41f141ec1b80c C:\WINDOWS\system32\WINMM.dll MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll MD5: 8c7dca4b158bf16894120786a7a5f366 C:\WINDOWS\system32\winsrv.dll MD5: d458b738b4c2ce33174cfb2ce12412db C:\WINDOWS\system32\WINTRUST.dll MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\system32\WlNotify.dll MD5: 1871cf2851629c69f9b5fbfcf22cfce3 C:\WINDOWS\system32\wpdconns.dll MD5: 26880fc054a4f13e5ec4230b8a33298c C:\WINDOWS\system32\wpdmtp.dll MD5: 6f00e6d8fe8ecbff4937fb9abaf22204 C:\WINDOWS\system32\wpdmtpus.dll MD5: f92e1076c42fcd6db3d72d8cfe9816d5 C:\WINDOWS\system32\wscntfy.exe MD5: 2e0b0a051ffaa86e358465bb0880d453 C:\WINDOWS\system32\wuauclt.exe MD5: c31dd4cec06d2908ae5f212a0b13805b C:\WINDOWS\system32\wuaucpl.cpl MD5: fc3ec24fce372c89423e015a2ac1a31e C:\WINDOWS\system32\wuaueng.dll MD5: c88c65df1ed4dfd34cfbd11cdfe519a3 C:\WINDOWS\system32\wucltui.dll MD5: c6e7ab7e798167095987ebccb76df61b C:\WINDOWS\system32\WudfHost.exe MD5: 390261f19400ba8f7c318cd3dc0ee242 C:\WINDOWS\System32\WUDFx.dll MD5: bdc0c99e472176c8c2c853a68adc5073 C:\WINDOWS\system32\wups2.dll MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\system32\xpsp2res.dll MD5: d5e459bed3db9cf7fc6cc1455f177d2d C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.DLL MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCP80.dll MD5: c9564cf4976e7e96b4052737aa2492b4 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll MD5: cdbe9690cf2b8409facad94fac9479c9 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\MSVCR90.dll MD5: ca6ade4f7761bb15b3325356dc3b82bb C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll MD5: fbfca1a574d47ee575448b719cbbf2e4 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\MFC90ENU.DLL MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MD5: 80776884e7a05d6da5040926f82b0273 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll No file uploaded. Scan finished - communication took 16 sec Total traffic - 0.01 MB sent, 0.74 KB recvd Scanned 574 files and modules - 62 seconds ==============================================================================
  18. Hey, just got a weird problem here! After combofix scan i did a reboot and posted previous reply, after that my mouse and keyboard started behaving strangely. firstly my mouse opened files many times after i double clicked on them. after it my keyboard stopped working and when i double clicked on my computer it showed an dialog box asking "confirm file delete: are you sure you want to delete the My Computer icon from desktop..." and i clicked on "no" but it showed it numerous times, lastly i did a system reboot. now that problem is not present. was it something serious? help!!
  19. Now systems seems to be working fine with all softwares/programs also working fine. there is a quarantine folder of combofix should i delete it? is anything else needs to be done?? also i want to ask a question. i want to ask that some of my programs became corrupted over some time here is the list--- 1-microsoft office 2007 just a few day ago(did a reinstall-failed, then used Microsoft fix it- now working) 2-hp digital imaging software few months ago(did a reinstall- not working now) 3-windows search did not worked(search field was missing, now working) was this the effect of this malware that has been removed or something else?. and thanks for your help
  20. I just did that scan with combofix after deleting those files(the file you attached did not work, because the path you had written were before dr web cureit had moved them to its quarantine folder, so i deleted them by malwarebytes file assassin tool, i hope its ok..) and combofix took around 15 min, and removed rootkit.zeroaccess here is the log file ComboFix 12-12-02.01 - brij 12/04/2012 20:52:35.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1919.1536 [GMT 5.5:30] Running from: c:\documents and settings\brij\Desktop\Combo-Fix.exe . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\1333203979.bdinstall.bin c:\documents and settings\All Users\Application Data\1333211280.bdinstall.bin c:\documents and settings\All Users\Application Data\1333211480.bdinstall.bin c:\documents and settings\All Users\Application Data\1333211803.bdinstall.bin c:\documents and settings\All Users\Application Data\1353604289.bdinstall.bin c:\windows\$NtUninstallKB2891$ c:\windows\$NtUninstallKB2891$\1086297008 c:\windows\$NtUninstallKB2891$\3841265729\@ c:\windows\$NtUninstallKB2891$\3841265729\L\znvaiaim c:\windows\$NtUninstallKB2891$\3841265729\loader.tlb c:\windows\$NtUninstallKB2891$\3841265729\U\@00000001 c:\windows\$NtUninstallKB2891$\3841265729\U\@000000c0 c:\windows\$NtUninstallKB2891$\3841265729\U\@000000cb c:\windows\$NtUninstallKB2891$\3841265729\U\@000000cf c:\windows\$NtUninstallKB2891$\3841265729\U\@80000000 c:\windows\$NtUninstallKB2891$\3841265729\U\@800000c0 c:\windows\$NtUninstallKB2891$\3841265729\U\@800000cb c:\windows\$NtUninstallKB2891$\3841265729\U\@800000cf c:\windows\system32\ c:\windows\system32\AutoRun.inf c:\windows\system32\drivers\etc\hosts.txt c:\windows\system32\drivers\etc\tmphosts c:\windows\system32\spool\prtprocs\w32x86\hpzpp5ha(2).dll c:\windows\system32\spool\prtprocs\w32x86\hpzpp5ha(3).dll c:\windows\system32\spool\prtprocs\w32x86\hpzpp5ha(4).dll c:\windows\system32\spool\prtprocs\w32x86\hpzpp5ha(5).dll c:\windows\system32\spool\prtprocs\w32x86\hpzpp5ha(6).dll c:\windows\system32\URTTemp c:\windows\system32\URTTemp\regtlib.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_NPF . . ((((((((((((((((((((((((( Files Created from 2012-11-04 to 2012-12-04 ))))))))))))))))))))))))))))))) . . 2012-12-03 04:09 . 2012-12-03 08:08 -------- d-----w- c:\documents and settings\brij\DoctorWeb 2012-12-02 18:08 . 2012-12-02 18:08 -------- d-----w- c:\windows\SHELLNEW 2012-12-02 18:07 . 2012-12-02 18:07 -------- d-----r- C:\MSOCache 2012-12-02 17:26 . 2012-12-02 18:02 -------- d-----w- c:\documents and settings\brij\Application Data\Kingsoft 2012-12-02 17:26 . 2012-12-02 18:02 -------- d-----w- c:\program files\Kingsoft 2012-12-02 16:57 . 2012-12-02 16:57 -------- d-----w- c:\documents and settings\brij\Local Settings\Application Data\WMTools Downloaded Files 2012-12-02 16:57 . 2012-12-02 16:57 -------- d-----w- c:\documents and settings\brij\Local Settings\Application Data\Paint.NET 2012-12-02 16:43 . 2012-12-02 16:43 -------- d-----w- c:\documents and settings\brij\Local Settings\Application Data\Microsoft Help 2012-12-02 16:13 . 2012-12-02 16:13 159608 ----a-w- c:\windows\system32\mfevtps.exe.6d27.deleteme 2012-12-02 16:13 . 2012-12-03 14:48 -------- d-----w- c:\program files\stinger 2012-12-02 14:06 . 2012-12-02 14:07 -------- d-----w- c:\program files\ERUNT 2012-12-01 06:15 . 2012-12-01 06:15 -------- d-----w- c:\windows\system32\wbem\Repository 2012-11-30 15:04 . 2012-11-30 15:04 -------- d-----w- c:\documents and settings\brij\Application Data\CrystalIdea Software 2012-11-29 14:22 . 2012-11-29 14:22 -------- d-----w- c:\documents and settings\brij\Application Data\Ahead 2012-11-29 08:09 . 2012-11-29 08:10 -------- d-----w- c:\program files\jv16 PowerTools 2012 2012-11-29 06:03 . 2012-11-29 06:03 -------- d-----w- c:\documents and settings\brij\Local Settings\Application Data\Avg2013 2012-11-29 06:02 . 2012-11-29 06:02 -------- d-----w- c:\program files\AVG 2012-11-29 06:02 . 2012-11-29 06:02 -------- d-----w- c:\documents and settings\brij\Application Data\AVG2013 2012-11-29 06:02 . 2012-11-29 06:02 -------- d-----w- c:\program files\DellTPad 2012-11-27 18:36 . 2012-11-27 18:36 -------- d-----w- c:\documents and settings\brij\Local Settings\Application Data\VS Revo Group 2012-11-27 18:36 . 2009-12-30 05:50 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys 2012-11-27 18:36 . 2012-11-27 18:36 -------- d-----w- c:\program files\VS Revo Group 2012-11-27 17:33 . 2012-11-27 17:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Innovative Solutions 2012-11-27 17:32 . 2012-11-27 17:32 -------- d-----w- c:\documents and settings\brij\Local Settings\Application Data\Innovative Solutions 2012-11-27 17:32 . 2012-11-27 17:32 -------- d-----w- c:\program files\Common Files\Innovative Solutions 2012-11-27 17:32 . 2012-11-27 17:32 -------- d-----w- c:\program files\Innovative Solutions 2012-11-25 10:04 . 2012-11-25 10:04 -------- d-----w- c:\documents and settings\brij\Application Data\ATI 2012-11-25 09:18 . 2012-12-01 07:06 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software 2012-11-25 09:18 . 2012-11-25 09:18 -------- d-----w- c:\program files\AVAST Software 2012-11-24 16:21 . 2012-11-24 16:21 -------- d-----w- c:\documents and settings\brij\Application Data\Malwarebytes 2012-11-24 10:41 . 2012-11-24 10:41 22 --sha-w- c:\windows\90C7D912BE2316.sys 2012-11-24 10:41 . 2012-11-24 10:41 22 --sha-w- c:\documents and settings\brij\Application Data\Windows1569_SettingsRepository.bin 2012-11-24 05:35 . 2012-11-24 06:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Nokia(2) 2012-11-24 05:14 . 2012-11-24 05:14 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite 2012-11-23 16:44 . 2012-11-23 16:44 -------- d-----w- c:\documents and settings\brij\Local Settings\Application Data\HP 2012-11-23 16:39 . 2012-11-23 16:39 -------- d-----w- c:\documents and settings\brij\Application Data\HP 2012-11-23 16:37 . 2012-11-24 06:13 -------- d-----w- c:\documents and settings\All Users\Application Data\HP 2012-11-23 16:30 . 2012-11-24 06:13 -------- d-----w- c:\program files\HP 2012-11-23 14:52 . 2012-12-01 06:16 -------- d-----w- c:\documents and settings\Administrator.BRIJ-9972552523 2012-11-23 14:45 . 2012-11-28 17:43 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData 2012-11-23 14:45 . 2012-11-23 14:45 -------- d-----w- c:\documents and settings\brij\Local Settings\Application Data\MFAData 2012-11-22 17:32 . 2012-12-01 09:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-11-22 17:32 . 2012-09-29 14:24 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-11-16 18:12 . 2012-11-24 07:04 -------- d-----w- c:\documents and settings\All Users\Application Data\HitmanPro 2012-11-12 17:50 . 2012-12-03 14:53 -------- d-----w- c:\documents and settings\brij\Application Data\IDM 2012-11-12 17:50 . 2012-11-25 13:46 -------- d-----w- c:\program files\Internet Download Manager 2012-11-11 14:02 . 2012-12-03 15:47 -------- d-----w- c:\program files\The KMPlayer 2012-11-09 18:08 . 2009-09-27 04:09 369152 ----a-w- c:\windows\system32\avisynth.dll 2012-11-09 18:08 . 2005-07-14 07:01 32256 ----a-w- c:\windows\system32\AVSredirect.dll 2012-11-09 18:08 . 2004-02-22 04:41 719872 ----a-w- c:\windows\system32\devil.dll 2012-11-09 18:08 . 2004-01-24 18:30 70656 ----a-w- c:\windows\system32\yv12vfw.dll 2012-11-09 18:08 . 2004-01-24 18:30 70656 ----a-w- c:\windows\system32\i420vfw.dll 2012-11-09 18:08 . 2012-11-09 18:08 -------- d-----w- c:\program files\AviSynth 2.5 2012-11-09 17:56 . 2004-07-01 19:30 327749 ----a-w- c:\windows\system32\drvc.dll 2012-11-06 12:53 . 2012-11-06 12:53 -------- d-----w- c:\program files\JavaEmulator.com . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-02 16:21 . 2012-01-18 15:17 14664 -c--a-w- c:\windows\stinger.sys 2012-11-17 09:42 . 2012-04-04 12:41 697272 -c--a-w- c:\windows\system32\FlashPlayerApp.exe 2012-11-17 09:42 . 2011-05-26 14:12 73656 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-10-22 08:37 . 2004-08-03 17:47 1866368 ----a-w- c:\windows\system32\win32k.sys 2012-10-02 18:04 . 2004-08-03 19:26 58368 ----a-w- c:\windows\system32\synceng.dll 2012-09-27 18:07 . 2012-09-27 15:08 111200 ----a-w- c:\windows\system32\drivers\idmtdi.sys 2012-09-24 17:46 . 2012-10-25 06:42 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2012-09-09 15:29 . 2012-06-06 16:33 821736 -c--a-w- c:\windows\system32\npDeployJava1.dll 2012-09-09 15:29 . 2012-06-06 16:33 746984 -c--a-w- c:\windows\system32\deployJava1.dll 2004-10-01 09:30 . 2010-11-27 11:43 40960 ----a-w- c:\program files\Uninstall_CDS.exe 2012-12-01 07:24 . 2012-12-01 07:24 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2008-04-14 00:12 60416 -csha-w- c:\windows\ServicePackFiles\i386\msimn.exe 2008-04-14 00:12 1695232 -csha-w- c:\windows\ServicePackFiles\i386\msmsgs.exe . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys [7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys [-] 2008-06-20 . 4AFB3B0919649F95C1964AA1FAD27D73 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys [7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys [7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tcpip.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2012-02-08 00:49 22376 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OpenDNS Updater"="c:\program files\OpenDNS Updater\OpenDNSUpdater.exe" [2010-06-16 839680] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2009-01-30 204288] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2006-10-26 434528] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^brij^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] path=c:\documents and settings\brij\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerBar HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD] 2005-07-08 14:55 1397760 ------w- c:\program files\Ahead\InCD\InCD.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ] 2005-06-02 10:33 1957888 ------w- c:\program files\Ahead\Nero BackItUp\NBJ.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] 2006-11-10 07:05 90112 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TweakMASTER] 2012-09-25 17:04 327064 ----a-w- c:\progra~1\TWEAKM~1\TMTray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG.exe] 2009-01-30 12:16 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "NAUpdate"=2 (0x2) "AVP"=2 (0x2) . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Program Files\\Common Files\\Microsoft Shared\\DW\\DW20.EXE"= "c:\\WINDOWS\\system32\\WgaTray.exe"= "c:\\WINDOWS\\system32\\dpnsvr.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\Free Download Manager\\fdm.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "135:TCP"= 135:TCP:DCOM(135) "12363:TCP"= 12363:TCP:BitComet 12363 TCP "12363:UDP"= 12363:UDP:BitComet 12363 UDP . R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [7/23/2012 7:02 PM 14776] R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [4/27/2012 11:16 AM 24408] R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [9/27/2012 8:38 PM 111200] R2 acedrv10;acedrv10;c:\windows\system32\drivers\ACEDRV10.sys [10/28/2007 9:05 PM 583128] R2 acehlp10;acehlp10;c:\windows\system32\drivers\acehlp10.sys [10/26/2007 7:23 PM 250560] R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [11/22/2012 11:02 PM 399432] R2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [9/9/2012 2:13 PM 140976] R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [6/1/2012 10:08 AM 37376] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [11/22/2012 11:02 PM 22856] R3 pwipf6;Privacyware Filter Driver;c:\windows\system32\drivers\pwipf6.sys [7/7/2012 9:02 PM 135272] S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys --> c:\windows\system32\DRIVERS\avgidshx.sys [?] S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys --> c:\windows\system32\DRIVERS\avglogx.sys [?] S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys --> c:\windows\system32\DRIVERS\avgidsdriverx.sys [?] S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys --> c:\windows\system32\DRIVERS\avgidsshimx.sys [?] S1 cdmyasby;cdmyasby; [x] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [11/22/2012 11:02 PM 676936] S2 ousbehci;OrangeWare USB Enhanced Host Controller Service;c:\windows\system32\drivers\ousbehci.sys [10/2/2011 7:01 PM 45312] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [8/7/2012 2:34 PM 1691480] S3 MFE_RR;MFE_RR; [x] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [9/24/2012 7:04 PM 137600] S3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;c:\windows\system32\drivers\ousb2hub.sys [10/2/2011 7:01 PM 55936] S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [11/28/2012 12:06 AM 27064] S4 IObitUnlocker;IObitUnlocker;c:\program files\IObit\IObit Unlocker\IObitUnlocker.sys [11/10/2012 1:25 PM 27552] . Contents of the 'Scheduled Tasks' folder . 2012-12-04 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 09:42] . . ------- Supplementary Scan ------- . IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\Microsoft Office\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\brij\Application Data\Mozilla\Firefox\Profiles\60e6ffje.default-1351422784515\ FF - ExtSQL: 2012-10-15 10:14; {987311C6-B504-4aa2-90BF-60CC49808D42}; c:\documents and settings\brij\Application Data\Mozilla\Firefox\Profiles\60e6ffje.default-1351422784515\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}.xpi FF - ExtSQL: 2012-10-15 10:15; {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}; c:\documents and settings\brij\Application Data\Mozilla\Firefox\Profiles\60e6ffje.default-1351422784515\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi FF - ExtSQL: 2012-10-15 10:20; {DDC359D1-844A-42a7-9AA1-88A850A938A8}; c:\documents and settings\brij\Application Data\Mozilla\Firefox\Profiles\60e6ffje.default-1351422784515\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi FF - ExtSQL: 2012-10-28 16:50; {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}; c:\documents and settings\brij\Application Data\Mozilla\Firefox\Profiles\60e6ffje.default-1351422784515\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi FF - ExtSQL: 2012-10-28 16:50; {3d7eb24f-2740-49df-8937-200b1cc08f8a}; c:\documents and settings\brij\Application Data\Mozilla\Firefox\Profiles\60e6ffje.default-1351422784515\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi FF - ExtSQL: 2012-10-28 16:50; {AE93811A-5C9A-4d34-8462-F7B864FC4696}; c:\documents and settings\brij\Application Data\Mozilla\Firefox\Profiles\60e6ffje.default-1351422784515\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi FF - ExtSQL: 2012-10-28 16:51; {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}; c:\documents and settings\brij\Application Data\Mozilla\Firefox\Profiles\60e6ffje.default-1351422784515\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi FF - ExtSQL: 2012-10-28 16:53; linkalert.conlan@addons.mozilla.com; c:\documents and settings\brij\Application Data\Mozilla\Firefox\Profiles\60e6ffje.default-1351422784515\extensions\linkalert.conlan@addons.mozilla.com.xpi FF - ExtSQL: 2012-10-28 16:53; trafficlight@bitdefender.com; c:\documents and settings\brij\Application Data\Mozilla\Firefox\Profiles\60e6ffje.default-1351422784515\extensions\trafficlight@bitdefender.com.xpi FF - ExtSQL: 2012-10-28 16:53; wikilook@testpilot; c:\documents and settings\brij\Application Data\Mozilla\Firefox\Profiles\60e6ffje.default-1351422784515\extensions\wikilook@testpilot.xpi FF - ExtSQL: 2012-10-28 16:53; youtube2mp3@mondayx.de; c:\documents and settings\brij\Application Data\Mozilla\Firefox\Profiles\60e6ffje.default-1351422784515\extensions\youtube2mp3@mondayx.de.xpi FF - ExtSQL: 2012-10-28 16:54; info@youtube-mp3.org; c:\documents and settings\brij\Application Data\Mozilla\Firefox\Profiles\60e6ffje.default-1351422784515\extensions\info@youtube-mp3.org.xpi FF - ExtSQL: 2012-10-28 16:54; lazarus@interclue.com; c:\documents and settings\brij\Application Data\Mozilla\Firefox\Profiles\60e6ffje.default-1351422784515\extensions\lazarus@interclue.com.xpi FF - ExtSQL: 2012-10-28 16:55; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\documents and settings\brij\Application Data\Mozilla\Firefox\Profiles\60e6ffje.default-1351422784515\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF - ExtSQL: 2012-10-28 16:56; {DAD0F81A-CF67-4eed-98D6-26F6E47274CA}; c:\documents and settings\brij\Application Data\Mozilla\Firefox\Profiles\60e6ffje.default-1351422784515\extensions\{DAD0F81A-CF67-4eed-98D6-26F6E47274CA}.xpi FF - ExtSQL: 2012-11-08 18:53; ERAIL.IN.FFPLUGIN@jetpack; c:\documents and settings\brij\Application Data\Mozilla\Firefox\Profiles\60e6ffje.default-1351422784515\extensions\ERAIL.IN.FFPLUGIN@jetpack.xpi FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: network.http.max-connections - 48 FF - user.js: network.http.max-connections-per-server - 16 FF - user.js: network.http.max-persistent-connections-per-proxy - 16 FF - user.js: network.http.max-persistent-connections-per-server - 8 FF - user.js: browser.turbo.enabled - true FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.chrome.favicons - false FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.cache.memory.capacity - 65536 FF - user.js: content.notify.ontimer - true FF - user.js: content.interrupt.parsing - true FF - user.js: content.max.tokenizing.time - 2250000 FF - user.js: content.switch.threshold - 750000 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 . . ------- File Associations ------- . .scr=AutoCADScriptFile . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) Notify-avgrsstarter - (no file) SafeBoot-06193544.sys SafeBoot-WudfPf SafeBoot-WudfRd MSConfigStartUp-NokiaSuite - (no file) AddRemove-KEmulator 0.9.8 - c:\program files\JavaEmulator.com\KEmulator\Uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-12-04 21:04 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\SetID\Internal] @Denied: (A 2) (LocalSystem) "DATA2"="<settings InstallTS=\"1353604378\" accountStatus=\"0\" authStat_ts=\"0\" expireTime=\"1356196378\" isSubsc=\"0\" keyType=\"195\" lastAuth=\"0\" moduleId1=\"1111\" moduleId2=\"0\" obSize=\"0\" oldDevice=\"E52HEDV\" partnerId=\"0\" prodId=\"1\" productStatus=\"16\" relType=\"0\" timeDiff=\"0\" version=\"\" />\0a" "DEVICE2"="usrNt7q7qQA=" . [HKEY_USERS\S-1-5-21-606747145-179605362-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5D810DC0-FC64-991B-84C7-6D26B4F3CD5B}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) "jaagcflbfemcadcbcijm"=hex:62,61,6e,6a,00,00 "jaagcflbfemcadcbcifm"=hex:62,61,6d,6a,00,00 "iaadohmgpohlkogfjo"=hex:6b,61,70,6a,70,6b,6b,6a,61,66,64,70,62,6a,70,6c,6d,67, 68,67,6f,68,00,00 . [HKEY_USERS\S-1-5-21-606747145-179605362-839522115-1003\Software\SecuROM\License information*] "datasecu"=hex:25,2f,2a,24,6c,08,c7,3f,e6,e6,ab,8d,e1,b5,7b,44,f1,c9,93,48,cd, 56,cd,2c,99,b9,c1,eb,c9,72,05,13,46,bd,9a,06,52,90,e6,fe,04,63,aa,cd,15,47,\ "rkeysecu"=hex:ac,d7,b1,40,b0,b9,7d,c2,b3,55,fe,86,d9,cc,1e,d8 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):a2,2e,d9,0b,43,63,98,de,24,af,d5,11,68,bc,41,74,08,2b,29,3b,76, 3f,39,85,ec,0e,64,a2,49,fd,40,05,dd,5a,6b,2d,a5,ef,04,c5,00,00,00,00,00,00,\ . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{dcd23018-9b54-4887-99e9-e3047ed08172}] @Denied: (Full) (Everyone) "Model"=dword:00000108 "Therad"=dword:00000019 "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,88,79,0d,22,8e,33,17,75,e6,82,db,74,d6,1f,ea,8f,64,51,35,36,23,e5,\ . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(600) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'explorer.exe'(1628) c:\windows\system32\WININET.dll c:\program files\Internet Download Manager\IDMShellExt.dll c:\program files\Internet Download Manager\IDMNetMon.DLL c:\windows\system32\msi.dll c:\windows\system32\ieframe.dll c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Ahead\InCD\InCDsrv.exe c:\windows\system32\Ati2evxx.exe c:\windows\system32\PSIService.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Completion time: 2012-12-04 21:08:29 - machine was rebooted ComboFix-quarantined-files.txt 2012-12-04 15:38 . Pre-Run: 22,917,730,304 bytes free Post-Run: 22,890,508,288 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer . - - End Of File - - F3C18C07CA3C719FA1B4637D8E36DBF2
  21. i again tried to run Dr. web cureit and after 3 &amp; 1/2 hrs it again showed same error (http://www.mediafire.com/view/?13ho7i3cd6ti6ci#). now please tell me what should i do?? thanks for your help.
  22. while running Dr. web cureit it found a keylogger and a trojan(INCURABLE, MOVED) but during scanning it showed an error-- this has happened two times should i try to run it again? 68375-xp.exe has encountered a problem and needs to close. We are sorry for the inconvenience.
  23. hey, just a few minutes ago i tried to remove kis 2012 by kavremover tool (after a kaspersky forum moderator asked me to post the kavremover log) it showed kis 2012 to remove and i clicked on remove button and it took some time(which in all previous cases just after clicking remove it(kavremover) shows "removal done you need to reboot') and displayed 'removal done you need to reboot". i rebooted and when i run that tool again it showed "remove all known products" which i selected and did a reboot. now my question is -- Should i try to install kis 2013 now or continue with the current malware removal process and install kis later?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.