Jump to content

kitjai888

Honorary Members
  • Posts

    31
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thank you very very much!!! You are my hero to solve all my problems!! I love your great support and thank you again .Have a nice day!!
  2. C:\backup\Downloads\registrybooster.exe a variant of Win32/RegistryBooster application deleted - quarantined I scan for 1 hour 28 minutes because I need to close my computer. Thank you.
  3. I download MBAM free version 1.50 and update it , do a quick scan , and it found no threats. Malwarebytes' Anti-Malware 1.50 www.malwarebytes.org Database version: 5254 Windows 6.1.7600 Internet Explorer 9.0.7930.16406 6/12/2010 8:37:46 PM mbam-log-2010-12-06 (20-37-46).txt Scan type: Quick scan Objects scanned: 145953 Time elapsed: 9 minute(s), 28 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) But when I do full system scan ,it pop up said Run-time error 6, 'overflow'. Besides that, after completely done steps to install OTM and follow your instructions , my computer restart and my destop appear 2 programs which are desktop.ini and inside them are: [.ShellClassInfo] LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21769 IconResource=%SystemRoot%\system32\imageres.dll,-183 and .ShellClassInfo] LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21799 [LocalizedFileNames] Norton Internet Security.lnk=@C:\PROGRA~1\NORTON~2\Branding\muis.dll,-102 HP Support Assistant.lnk=@C:\Workspaces\HPAssistant\Dev\HPSFSetup\SupportExes\HelpDTICO.dll,-101 Norton AntiVirus.lnk=@C:\PROGRA~1\NORTON~2\Branding\muis.dll,-101 hope you can solve my problems. Thank you.
  4. ComboFix 10-11-23.02 - User 1/2010 Mon 15:51:43.3.2 - x86 Microsoft Windows 7 Home Premium 6.1.7600.0.936.86.1033.18.2045.1143 [GMT 8:00] ????: c:\users\User\Desktop\ComboFix.exe Command switches used :: c:\users\User\Desktop\CFScript.txt . - ?????? - FILE :: "c:\windows\System32\drivers\emyapht.sys" "c:\windows\System32\drivers\mrdmvp.sys" . ((((((((((((((((((((((((( 2010-10-28 ? 2010-11-29 ????? ))))))))))))))))))))))))))))))) . 2010-11-29 07:53 . 2010-11-29 07:53 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-11-25 16:51 . 2010-02-05 01:18 100136 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys 2010-11-25 16:51 . 2010-02-05 01:17 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys 2010-11-25 16:51 . 2010-03-29 02:06 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys 2010-11-25 16:51 . 2009-11-23 05:54 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2010-11-25 16:51 . 2010-04-08 06:29 63360 ----a-w- c:\windows\system32\drivers\pctplsg.sys 2010-11-25 16:50 . 2010-11-29 07:49 -------- d-----w- c:\program files\Spyware Doctor 2010-11-25 16:50 . 2010-11-25 16:51 -------- d-----w- c:\program files\Common Files\PC Tools 2010-11-25 16:50 . 2010-11-25 16:50 -------- d-----w- c:\users\User\AppData\Roaming\PC Tools 2010-11-25 10:50 . 2010-11-01 23:03 1448448 ----a-w- c:\windows\system32\inetcpl.cpl 2010-11-25 10:50 . 2010-11-01 22:59 2381824 ----a-w- c:\windows\system32\mshtml.tlb 2010-11-24 07:57 . 2009-12-07 11:53 103168 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys 2010-11-24 07:57 . 2009-12-07 11:36 201168 ----a-w- c:\windows\system32\drivers\ewusbnet.sys 2010-11-24 07:57 . 2009-10-12 07:22 101120 ----a-w- c:\windows\system32\drivers\ewusbdev.sys 2010-11-24 07:57 . 2007-08-08 20:06 23424 ----a-w- c:\windows\system32\drivers\ewdcsc.sys 2010-11-24 07:43 . 2010-11-24 07:43 -------- d-----w- C:\Device 2010-11-16 10:38 . 2010-11-16 11:06 -------- d-----w- c:\users\User\AppData\Roaming\Systweak 2010-11-16 10:38 . 2010-11-16 11:06 -------- d-----w- c:\programdata\Systweak 2010-11-15 16:41 . 2010-04-29 07:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-11-15 16:41 . 2010-11-15 16:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-11-15 16:41 . 2010-04-29 07:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-11-15 04:20 . 2010-11-15 16:23 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2010-11-15 03:56 . 2010-11-17 18:20 -------- d-----w- c:\program files\IObit 2010-11-10 12:15 . 2010-11-10 12:15 -------- d-----w- c:\users\User\AppData\Local\Opera 2010-11-10 12:15 . 2010-11-10 12:15 -------- d-----w- c:\program files\Opera 2010-11-09 15:42 . 2010-06-11 18:05 253952 ----a-w- c:\program files\Mozilla Firefox\components\CheckTudouVa.dll 2010-11-07 16:45 . 2010-08-16 06:15 804864 ----a-w- c:\windows\system32\FntCache.dll 2010-11-07 16:45 . 2010-08-16 06:14 1076224 ----a-w- c:\windows\system32\DWrite.dll 2010-11-07 16:45 . 2010-08-16 06:14 737280 ----a-w- c:\windows\system32\d2d1.dll 2010-11-07 16:45 . 2010-08-16 06:14 218624 ----a-w- c:\windows\system32\d3d10_1core.dll 2010-11-07 16:45 . 2010-08-16 06:14 1172480 ----a-w- c:\windows\system32\d3d10warp.dll 2010-11-07 16:44 . 2010-05-09 09:15 279552 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2010-11-07 16:44 . 2010-05-09 09:15 135168 ----a-w- c:\windows\system32\XpsRasterService.dll 2010-11-07 16:44 . 2010-06-26 05:14 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll 2010-11-07 16:43 . 2010-11-07 16:43 -------- d-----w- c:\program files\Feedback Tool 2010-11-04 16:50 . 2010-11-18 16:55 -------- d-----w- c:\users\User\AppData\Roaming\PPStream 2010-11-03 16:04 . 2010-11-03 16:05 -------- d-----w- c:\program files\The KMPlayer 2010-11-02 17:23 . 2010-11-02 17:23 -------- d-----w- c:\users\User\AppData\Local\COMODO 2010-11-01 18:26 . 2010-11-01 18:26 1700352 ----a-w- c:\windows\system32\gdiplus.dll . (((((((((((((((((((((((((((((((((((((((( ??????????? )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-25 17:55 . 2010-10-12 07:54 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2010-11-04 17:50 . 2010-09-18 17:07 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-11-03 16:59 . 2010-10-13 08:11 12872 ----a-w- c:\windows\system32\bootdelete.exe 2010-10-19 03:41 . 2010-08-18 08:54 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-10-17 07:15 . 2010-10-17 07:15 3709952 ----a-w- c:\users\User\Camera Mouse 2011.msi 2010-10-13 09:44 . 2010-10-13 09:44 2135096 ----a-w- c:\windows\system32\GooglePinyin2.ime 2010-10-07 23:21 . 2010-10-29 13:47 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C56D802A-5364-47D9-A930-13202F9766FF}\mpengine.dll 2010-09-22 16:47 . 2010-09-22 16:47 49016 ----a-w- c:\windows\system32\sirenacm.dll 2010-09-22 16:32 . 2010-09-22 16:32 301936 ----a-w- c:\windows\WLXPGSS.SCR 2010-09-22 16:21 . 2010-10-28 07:19 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2010-09-21 06:03 . 2010-09-21 06:03 208768 ----a-w- c:\windows\system32\LIVESSP.DLL 2010-09-13 08:27 . 2010-09-13 08:27 25680 ----a-w- c:\windows\system32\drivers\AVGIDSEH.sys 2010-09-10 15:41 . 2010-09-10 15:41 285480 ----a-w- c:\windows\system32\guard32.dll 2010-09-10 15:40 . 2010-09-10 15:40 78504 ----a-w- c:\windows\system32\drivers\inspect.sys 2010-09-10 15:40 . 2010-09-10 15:40 30112 ----a-w- c:\windows\system32\drivers\cmdhlp.sys 2010-09-10 15:40 . 2010-09-10 15:40 236088 ----a-w- c:\windows\system32\drivers\cmdGuard.sys 2010-09-10 15:40 . 2010-09-10 15:40 17256 ----a-w- c:\windows\system32\drivers\cmderd.sys 2010-09-06 19:49 . 2010-09-06 19:49 298448 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-09-06 19:48 . 2010-09-06 19:48 34384 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-09-06 19:48 . 2010-09-06 19:48 249424 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-09-06 19:48 . 2010-09-06 19:48 26064 ----a-w- c:\windows\system32\drivers\avgrkx86.sys 2010-09-01 04:23 . 2010-10-13 09:03 12625408 ----a-w- c:\windows\system32\wmploc.DLL 2010-09-01 02:34 . 2010-10-13 08:51 2327552 ----a-w- c:\windows\system32\win32k.sys 2010-06-11 18:05 . 2010-11-09 15:42 253952 ----a-w- c:\program files\mozilla firefox\components\CheckTudouVa.dll . ((((((((((((((((((((((((((((((((((((( ????? )))))))))))))))))))))))))))))))))))))))))))))))))) . . *??* ??????????????? REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{43BEAFD9-E005-483D-A367-146BA6C8A32E}] 2010-04-19 22:08 312896 ----a-w- c:\program files\Tudou\??Tudou\tudouDetector.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-09-28 2424560] "FlashGet 3"="c:\program files\FlashGet Network\FlashGet 3\Flashget3.exe" [2010-05-11 2385456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-06-24 320056] "WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744] "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-09-10 2500552] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-22 458844] "ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2010-05-11 1287120] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system] "WallpaperStyle"= 2 [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200804] Ime File REG_SZ GOOGLEPINYIN2.IME [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" R0 joogy;joogy;c:\windows\System32\drivers\mrdmvp.sys [x] R0 ovkqjd;ovkqjd;c:\windows\System32\drivers\emyapht.sys [x] R2 0244581285087991mcinstcleanup;McAfee Application Installer Cleanup (0244581285087991);c:\users\User\AppData\Local\Temp\024458~1.EXE [x] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [x] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [x] R2 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-20 1343400] R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [x] R3 BCASPROT;Advanced System Protector;c:\program files\Systweak\Advanced System Protector\sasprot32.sys [x] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472] R3 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-20 136176] R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-06-24 167424] R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 25680] S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2010-09-06 26064] S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-03-29 218592] S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2010-09-06 249424] S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2010-09-06 298448] S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2010-09-10 236088] S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2010-09-10 30112] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\aestsrv.exe [2009-03-02 81920] S2 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [2010-05-20 88176] S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 123472] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 30288] S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2010-08-19 21072] S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-05-20 59904] S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-12-07 201168] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-06-26 66080] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-05-23 167936] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2009-06-17 19:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe .
  5. hope you can fix this problem. Thank you in my sincere gratitude.
  6. ComboFix 10-11-23.02 - User 1/2010 Wed 15:32:55.2.2 - x86 Microsoft Windows 7 Home Premium 6.1.7600.0.936.86.1033.18.2045.1053 [GMT 8:00] ????: c:\downloads\software\ComboFix.exe . ((((((((((((((((((((((((((((((((((((((( ?????? ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\360Rec c:\360rec\20100930\144E562.vir c:\users\User\AppData\Roaming\360SE c:\users\User\AppData\Roaming\360SE\360se.ini c:\users\User\AppData\Roaming\360SE\bin\.~temp c:\users\User\AppData\Roaming\360SE\bin\360se.exe c:\users\User\AppData\Roaming\360SE\bin\360SEUP.dll c:\users\User\AppData\Roaming\360SE\bin\cloudurls.dat c:\users\User\AppData\Roaming\360SE\bin\extensions\ExtAddons\ExtAddons.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\ExtAdfilter\ExtAdfilter.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\ExtAdfilter\ExtAdfilter.xml c:\users\User\AppData\Roaming\360SE\bin\extensions\ExtBank\BankHelper.exe c:\users\User\AppData\Roaming\360SE\bin\extensions\ExtBank\ExtBank.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\ExtDoctor\ExtDoctor.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\ExtDownload\ExtDownload.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\ExtIeMode\ExtIeMode.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\ExtLoginMagic\ExtLoginMagic.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\ExtPages\ExtPages.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\ExtProxy\ExtProxy.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\ExtSafeAddress\ExtSafeAddress.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\ExtSuggest\ExtSuggest.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\ExtUrlQuery\ExtUrlQuery.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\ExtYouxi\ExtYouxi.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\Favorites\Favorites.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\LoginEnrol\LoginEnrol.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\onlinefav\onlinefav.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\pluginbar\pluginbar.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\SafeCentral\SafeCentral.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\SafeCentral\urllibauth.dat c:\users\User\AppData\Roaming\360SE\bin\extensions\SafeCentral\urlproc.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\SafeCentral\urlproc.exe c:\users\User\AppData\Roaming\360SE\bin\extensions\SafeCentral\urlprocnet.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\SnapPlugin\screener.exe c:\users\User\AppData\Roaming\360SE\bin\extensions\SnapPlugin\SnapPlugin.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\TranslatorPlugin\TranslatorPlugin.dll c:\users\User\AppData\Roaming\360SE\bin\extensions\UICenter\UICenter.dll c:\users\User\AppData\Roaming\360SE\bin\seext.dll c:\users\User\AppData\Roaming\360SE\bin\sefix.exe c:\users\User\AppData\Roaming\360SE\bin\seup.exe c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\address.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\backward.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\bg_sidebar_mini.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\bg_sidebar_tool.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\bg_sidepanel.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\bg_sidetoolbar.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\chevron.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\crash.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\dropdown.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\edit.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\favorites.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\findbaritem.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\forward.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\gesture.bmp c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\go.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\go1.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\history.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\home.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\ico\fav_add.ico c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\ico\fav_bar.ico c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\ico\fav_directory.ico c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\ico\fav_net_login.ico c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\ico\fav_net_nologin.ico c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\ico\fav_root.ico c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\ico\fav_sidebar.ico c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\ico\fav_url.ico c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\ico\search.ico c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\img_lock.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\img_progress.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\mask.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\menu_hilight.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\menuicon.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\menumask.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\navihistory.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\new.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\NoTraceBtn_Down.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\NoTraceBtn_Up.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\pagebar.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\preview.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\private.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\rebar.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\rebar_grip.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\refresh.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\refresh_combine.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\restore.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\scrollbg.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\scrollgauge.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\search.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\searcharrow.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\searchbox.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\sep.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\sidebar2.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\sidebarbg.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\sidebarpanel.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\sidebartoolbg.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\sideclose.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\sidemask.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\sidemenu.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\sidemini.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\sideols.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\sizestatus.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\skin.ini c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\srcollbar.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\statusbar.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\statusitem.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\stop.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\stop_combine.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\tab_close.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\tab_close2.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\tab_color.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\tab_drag.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\tab_new.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\tab_progress.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\tabbar.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\tabbutton.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\tabbutton3.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\tabitem.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\thumb.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\title_close.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\title_cus.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\title_max.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\title_max2.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\title_min.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\titlebar.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\titlebarmax.png c:\users\User\AppData\Roaming\360SE\bin\Skin\IE6\tool.png c:\users\User\AppData\Roaming\360SE\bin\sqlite3.dll c:\users\User\AppData\Roaming\360SE\bin\UnInst360SE.exe c:\users\User\AppData\Roaming\360SE\bin\updateMsg.ini c:\users\User\AppData\Roaming\360SE\bin\v3update\v3download\~8A09.tmp c:\users\User\AppData\Roaming\360SE\bin\v3update\V3Old\UICenter.dll c:\users\User\AppData\Roaming\360SE\data\360sefav.db c:\users\User\AppData\Roaming\360SE\data\360semag.db c:\users\User\AppData\Roaming\360SE\data\DailyBackup\360sefav_2010_09_06.favdb c:\users\User\AppData\Roaming\360SE\data\DailyBackup\360sefav_2010_10_13.favdb c:\users\User\AppData\Roaming\360SE\data\history.dat c:\users\User\AppData\Roaming\360SE\data\ico\118.wz118.cc.ico c:\users\User\AppData\Roaming\360SE\data\ico\antiviruspc2010.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\avc.360.cn.ico c:\users\User\AppData\Roaming\360SE\data\ico\bbs.360.cn.ico c:\users\User\AppData\Roaming\360SE\data\ico\cn.bing.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\cz.360.cn.ico c:\users\User\AppData\Roaming\360SE\data\ico\ddt.wan.360.cn.ico c:\users\User\AppData\Roaming\360SE\data\ico\dgcs.wan.360.cn.ico c:\users\User\AppData\Roaming\360SE\data\ico\dh.wan.360.cn.ico c:\users\User\AppData\Roaming\360SE\data\ico\download.cnet.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\farm.wan.360.cn.ico c:\users\User\AppData\Roaming\360SE\data\ico\forums.malwarebytes.org.ico c:\users\User\AppData\Roaming\360SE\data\ico\free.avg.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\hao.360.cn.ico c:\users\User\AppData\Roaming\360SE\data\ico\hero.wan.360.cn.ico c:\users\User\AppData\Roaming\360SE\data\ico\login.facebook.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\mcsd.wan.360.cn.ico c:\users\User\AppData\Roaming\360SE\data\ico\me.360.cn.ico c:\users\User\AppData\Roaming\360SE\data\ico\plsm.wan.360.cn.ico c:\users\User\AppData\Roaming\360SE\data\ico\poker.wan.360.cn.ico c:\users\User\AppData\Roaming\360SE\data\ico\se.360.cn.ico c:\users\User\AppData\Roaming\360SE\data\ico\search8.taobao.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\so.tudou.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\wan.360.cn.ico c:\users\User\AppData\Roaming\360SE\data\ico\www.360.cn.ico c:\users\User\AppData\Roaming\360SE\data\ico\www.avast.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\www.baidu.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\www.bing.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\www.facebook.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\www.google.com.hk.ico c:\users\User\AppData\Roaming\360SE\data\ico\www.google.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\www.google.com.my.ico c:\users\User\AppData\Roaming\360SE\data\ico\www.malwarebot.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\www.malwarebytes.org.ico c:\users\User\AppData\Roaming\360SE\data\ico\www.mylaunchpad.com.my.ico c:\users\User\AppData\Roaming\360SE\data\ico\www.qihoo.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\www.sogou.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\www.spywareterminator.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\www.threatexpert.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\www.threatfire.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\www.trojantesting.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\www.tudou.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\www.youdao.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\www.youtube.com.ico c:\users\User\AppData\Roaming\360SE\data\ico\wxfy.wan.360.cn.ico c:\users\User\AppData\Roaming\360SE\data\ico\yahoo.cn.ico c:\users\User\AppData\Roaming\360SE\data\ico\zqjl.wan.360.cn.ico c:\users\User\AppData\Roaming\360SE\data\IECompat.dat c:\users\User\AppData\Roaming\360SE\data\SemagDailyBackup\360semag_2010_11_24.db c:\users\User\AppData\Roaming\360SE\data\user.dat c:\users\User\AppData\Roaming\360SE\dmfilter.dat c:\users\User\AppData\Roaming\360SE\extensions\ExtAddons\ExtAddons.ini c:\users\User\AppData\Roaming\360SE\extensions\ExtAddons\ExtStats.ini c:\users\User\AppData\Roaming\360SE\extensions\ExtAddons\ExtStats.ini.cfg c:\users\User\AppData\Roaming\360SE\extensions\ExtAddons\ganzhi.ini c:\users\User\AppData\Roaming\360SE\extensions\ExtAddons\recommend.ini c:\users\User\AppData\Roaming\360SE\extensions\ExtAdfilter\extadfilter.ini c:\users\User\AppData\Roaming\360SE\extensions\ExtBank\bank2.ini c:\users\User\AppData\Roaming\360SE\extensions\ExtBank\ExtBank.ini c:\users\User\AppData\Roaming\360SE\extensions\ExtBank\stat.ini c:\users\User\AppData\Roaming\360SE\extensions\ExtChongzhi\stat.ini c:\users\User\AppData\Roaming\360SE\extensions\ExtDoctor\360Doctor.exe c:\users\User\AppData\Roaming\360SE\extensions\ExtDoctor\bhoshield.ini c:\users\User\AppData\Roaming\360SE\extensions\ExtDoctor\doctor.dll c:\users\User\AppData\Roaming\360SE\extensions\ExtDoctor\doctor.ini c:\users\User\AppData\Roaming\360SE\extensions\ExtDoctor\ExtBank.zip c:\users\User\AppData\Roaming\360SE\extensions\ExtDoctor\ExtDoctor.ini c:\users\User\AppData\Roaming\360SE\extensions\ExtDoctor\flash.ini c:\users\User\AppData\Roaming\360SE\extensions\ExtDownload\ExtDownload.ini c:\users\User\AppData\Roaming\360SE\extensions\ExtDownload\extdownload1.ini c:\users\User\AppData\Roaming\360SE\extensions\ExtLoginMagic\360semagic.db c:\users\User\AppData\Roaming\360SE\extensions\ExtLoginMagic\ExtLoginMagic.ini c:\users\User\AppData\Roaming\360SE\extensions\ExtProxy\proxy.ini c:\users\User\AppData\Roaming\360SE\extensions\ExtYouxi\BinConfig2.dat c:\users\User\AppData\Roaming\360SE\extensions\ExtYouxi\icons\astd.ico c:\users\User\AppData\Roaming\360SE\extensions\ExtYouxi\icons\ddt.ico c:\users\User\AppData\Roaming\360SE\extensions\ExtYouxi\icons\frxz.ico c:\users\User\AppData\Roaming\360SE\extensions\ExtYouxi\icons\pl.ico c:\users\User\AppData\Roaming\360SE\extensions\ExtYouxi\icons\sydh.ico c:\users\User\AppData\Roaming\360SE\extensions\ExtYouxi\icons\wan.ico c:\users\User\AppData\Roaming\360SE\extensions\ExtYouxi\icons\wlyx.ico c:\users\User\AppData\Roaming\360SE\extensions\ExtYouxi\icons\wxfy.ico c:\users\User\AppData\Roaming\360SE\extensions\ExtYouxi\icons\zqjl.ico c:\users\User\AppData\Roaming\360SE\extensions\ExtYouxi\stat.ini c:\users\User\AppData\Roaming\360SE\extensions\ExtYouxi\ver.ini c:\users\User\AppData\Roaming\360SE\extensions\Favorites\Favorites.ini c:\users\User\AppData\Roaming\360SE\extensions\Favorites\Favorites2.ini c:\users\User\AppData\Roaming\360SE\extensions\Favorites\Log\360log_2010_11_04.log c:\users\User\AppData\Roaming\360SE\extensions\Favorites\Log\360log_2010_11_05.log c:\users\User\AppData\Roaming\360SE\extensions\Favorites\Log\360log_2010_11_10.log c:\users\User\AppData\Roaming\360SE\extensions\Favorites\Log\360log_2010_11_14.log c:\users\User\AppData\Roaming\360SE\extensions\Favorites\Log\360log_2010_11_19.log c:\users\User\AppData\Roaming\360SE\extensions\Favorites\Log\360log_2010_11_24.log c:\users\User\AppData\Roaming\360SE\extensions\Pluginbar\data.dll c:\users\User\AppData\Roaming\360SE\extensions\Pluginbar\icon\shouji.ico c:\users\User\AppData\Roaming\360SE\extensions\Pluginbar\icon\youxi.ico c:\users\User\AppData\Roaming\360SE\extensions\Pluginbar\Pluginbar.ini c:\users\User\AppData\Roaming\360SE\extensions\Pluginbar\stat.ini c:\users\User\AppData\Roaming\360SE\extensions\Pluginbar\ver.ini c:\users\User\AppData\Roaming\360SE\extensions\SafeCentral\esimple.ini c:\users\User\AppData\Roaming\360SE\extensions\SafeCentral\SafeCentral.ini c:\users\User\AppData\Roaming\360SE\extensions\SafeCentral\safehfc.ini c:\users\User\AppData\Roaming\360SE\extensions\SafeCentral\SafeProtect.dat c:\users\User\AppData\Roaming\360SE\extensions\SafeCentral\safeprotect_up.dat c:\users\User\AppData\Roaming\360SE\extensions\SafeCentral\sc.ini c:\users\User\AppData\Roaming\360SE\extensions\SafeCentral\urllib.dat c:\users\User\AppData\Roaming\360SE\extensions\SafeCentral\urllibauth.dat c:\users\User\AppData\Roaming\360SE\extensions\TranslatorPlugin\stat.ini c:\users\User\AppData\Roaming\360SE\extensions\TranslatorPlugin\translate.ini c:\users\User\AppData\Roaming\360SE\module.log c:\users\User\AppData\Roaming\360SE\seup.ini c:\users\User\AppData\Roaming\360SE\stat.ini c:\users\User\AppData\Roaming\360SE\Update\extaddons.zip c:\users\User\AppData\Roaming\360SE\Update\safecentral.zip c:\users\User\AppData\Roaming\360SE\v3update\updatecfg.ini c:\users\User\AppData\Roaming\EurekaLog c:\windows\system32\drivers\360SelfProtection.sys . ((((((((((((((((((((((((((((((((((((((( ??/?? ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_ZhuDongFangYu -------\Legacy_360SelfProtection -------\Service_360SelfProtection ((((((((((((((((((((((((( 2010-10-24 ? 2010-11-24 ????? ))))))))))))))))))))))))))))))) . 2010-11-19 16:01 . 2010-11-19 16:01 -------- d-----w- c:\programdata\360safe 2010-11-19 16:00 . 2010-04-28 08:50 25856 ----a-w- c:\windows\system32\drivers\360netmon.sys 2010-11-19 16:00 . 2010-08-17 03:28 102784 ----a-w- c:\windows\system32\drivers\qutmdrv.sys 2010-11-19 16:00 . 2010-07-02 08:27 56960 ----a-w- c:\windows\system32\drivers\hookport.sys 2010-11-19 16:00 . 2010-08-11 02:38 71168 ----a-w- c:\windows\system32\drivers\BAPIDRV.SYS 2010-11-19 16:00 . 2010-07-09 03:50 28032 ----a-w- c:\windows\system32\drivers\qutmipc.sys 2010-11-18 16:56 . 2010-11-23 17:02 -------- d-----w- c:\users\User\AppData\Roaming\360safe 2010-11-16 10:38 . 2010-11-16 11:06 -------- d-----w- c:\users\User\AppData\Roaming\Systweak 2010-11-16 10:38 . 2010-11-16 11:06 -------- d-----w- c:\programdata\Systweak 2010-11-15 16:41 . 2010-04-29 07:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-11-15 16:41 . 2010-11-15 16:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-11-15 16:41 . 2010-04-29 07:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-11-15 04:20 . 2010-11-15 16:23 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2010-11-15 03:56 . 2010-11-17 18:20 -------- d-----w- c:\program files\IObit 2010-11-10 12:15 . 2010-11-10 12:15 -------- d-----w- c:\users\User\AppData\Local\Opera 2010-11-10 12:15 . 2010-11-10 12:15 -------- d-----w- c:\program files\Opera 2010-11-09 15:42 . 2010-06-11 18:05 253952 ----a-w- c:\program files\Mozilla Firefox\components\CheckTudouVa.dll 2010-11-07 16:45 . 2010-08-16 06:15 804864 ----a-w- c:\windows\system32\FntCache.dll 2010-11-07 16:45 . 2010-08-16 06:14 1076224 ----a-w- c:\windows\system32\DWrite.dll 2010-11-07 16:45 . 2010-08-16 06:14 737280 ----a-w- c:\windows\system32\d2d1.dll 2010-11-07 16:45 . 2010-08-16 06:14 218624 ----a-w- c:\windows\system32\d3d10_1core.dll 2010-11-07 16:45 . 2010-08-16 06:14 1172480 ----a-w- c:\windows\system32\d3d10warp.dll 2010-11-07 16:44 . 2010-05-09 09:15 279552 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2010-11-07 16:44 . 2010-05-09 09:15 135168 ----a-w- c:\windows\system32\XpsRasterService.dll 2010-11-07 16:44 . 2010-06-26 05:14 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll 2010-11-07 16:43 . 2010-11-07 16:43 -------- d-----w- c:\program files\Feedback Tool 2010-11-04 16:50 . 2010-11-18 16:55 -------- d-----w- c:\users\User\AppData\Roaming\PPStream 2010-11-03 16:04 . 2010-11-03 16:05 -------- d-----w- c:\program files\The KMPlayer 2010-11-02 17:23 . 2010-11-02 17:23 -------- d-----w- c:\users\User\AppData\Local\COMODO 2010-11-02 17:16 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-11-02 17:16 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-11-02 17:16 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-11-02 17:16 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-11-02 17:16 . 2010-09-07 14:47 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2010-11-02 17:07 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr 2010-11-02 17:07 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe 2010-11-01 18:26 . 2010-11-01 18:26 1700352 ----a-w- c:\windows\system32\gdiplus.dll 2010-10-29 16:44 . 2010-11-04 17:24 -------- d-----w- c:\users\User\AppData\Roaming\Media Player Classic 2010-10-29 13:47 . 2010-10-07 23:21 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C56D802A-5364-47D9-A930-13202F9766FF}\mpengine.dll 2010-10-29 05:31 . 2010-10-29 05:31 -------- d-----w- c:\users\User\AppData\Local\ElevatedDiagnostics 2010-10-29 04:18 . 2010-10-29 04:20 -------- d-----w- C:\576a3cf90ea0115081082c4ccdc821ea 2010-10-29 03:10 . 2010-11-17 16:15 -------- d-----w- c:\windows\Internet Logs 2010-10-28 07:59 . 2010-11-17 18:05 -------- d-----w- c:\users\User\AppData\Local\Windows Live Writer 2010-10-28 07:59 . 2010-10-28 07:59 -------- d-----w- c:\users\User\AppData\Roaming\Windows Live Writer 2010-10-28 07:20 . 2010-10-28 07:20 -------- d-----w- c:\windows\en 2010-10-28 07:19 . 2010-09-22 16:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2010-10-28 07:13 . 2010-10-28 07:13 -------- d-----w- c:\program files\MSN Toolbar 2010-10-28 07:12 . 2010-10-28 07:13 -------- d-----w- c:\program files\Bing Bar Installer 2010-10-28 07:12 . 2009-09-04 09:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2010-10-28 07:12 . 2009-09-04 09:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2010-10-28 07:12 . 2009-09-04 09:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2010-10-28 07:12 . 2010-10-28 07:12 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\73ce8c8d1cb766f08\MeshBetaRemover.exe 2010-10-28 07:12 . 2010-10-28 07:12 469256 ----a-w- c:\program files\Common Files\Windows Live\.cache\71e1cfb41cb766f07\InstallManager_WLE_WLE.exe 2010-10-28 07:12 . 2010-10-28 07:12 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\6d6417101cb766f06\DSETUP.dll 2010-10-28 07:12 . 2010-10-28 07:12 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\6d6417101cb766f06\DXSETUP.exe 2010-10-28 07:12 . 2010-10-28 07:12 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\6d6417101cb766f06\dsetup32.dll 2010-10-28 07:12 . 2010-10-28 07:12 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\6b6b73561cb766f05\DSETUP.dll 2010-10-28 07:12 . 2010-10-28 07:12 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\6b6b73561cb766f05\DXSETUP.exe 2010-10-28 07:12 . 2010-10-28 07:12 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\6b6b73561cb766f05\dsetup32.dll 2010-10-28 07:11 . 2010-11-14 14:46 -------- d-----w- c:\users\User\AppData\Local\Windows Live 2010-10-27 18:36 . 2010-05-23 10:11 196608 ----a-w- c:\windows\system32\mfreadwrite.dll 2010-10-27 18:36 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\system32\mf.dll 2010-10-27 18:36 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL 2010-10-27 16:23 . 2010-10-27 16:23 -------- d-----w- C:\VritualRoot 2010-10-27 16:22 . 2010-11-02 17:13 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat 2010-10-27 16:18 . 2010-11-01 18:26 -------- d-----w- c:\program files\COMODO 2010-10-27 15:26 . 2010-08-04 06:18 641536 ----a-w- c:\windows\system32\CPFilters.dll 2010-10-27 15:26 . 2010-08-04 06:17 417792 ----a-w- c:\windows\system32\msdri.dll 2010-10-27 15:26 . 2010-08-04 06:15 204288 ----a-w- c:\windows\system32\MSNP.ax 2010-10-27 15:26 . 2010-08-04 06:15 199680 ----a-w- c:\windows\system32\mpg2splt.ax 2010-10-27 15:21 . 2010-07-13 05:22 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys . (((((((((((((((((((((((((((((((((((((((( ??????????? )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-24 01:53 . 2010-10-12 07:54 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys 2010-11-04 17:50 . 2010-09-18 17:07 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-11-03 16:59 . 2010-10-13 08:11 12872 ----a-w- c:\windows\system32\bootdelete.exe 2010-10-19 03:41 . 2010-08-18 08:54 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-10-17 07:15 . 2010-10-17 07:15 3709952 ----a-w- c:\users\User\Camera Mouse 2011.msi 2010-10-13 09:44 . 2010-10-13 09:44 2135096 ----a-w- c:\windows\system32\GooglePinyin2.ime 2010-09-22 16:47 . 2010-09-22 16:47 49016 ----a-w- c:\windows\system32\sirenacm.dll 2010-09-22 16:32 . 2010-09-22 16:32 301936 ----a-w- c:\windows\WLXPGSS.SCR 2010-09-21 06:03 . 2010-09-21 06:03 208768 ----a-w- c:\windows\system32\LIVESSP.DLL 2010-09-13 08:27 . 2010-09-13 08:27 25680 ----a-w- c:\windows\system32\drivers\AVGIDSEH.sys 2010-09-10 15:41 . 2010-09-10 15:41 285480 ----a-w- c:\windows\system32\guard32.dll 2010-09-10 15:40 . 2010-09-10 15:40 78504 ----a-w- c:\windows\system32\drivers\inspect.sys 2010-09-10 15:40 . 2010-09-10 15:40 30112 ----a-w- c:\windows\system32\drivers\cmdhlp.sys 2010-09-10 15:40 . 2010-09-10 15:40 236088 ----a-w- c:\windows\system32\drivers\cmdGuard.sys 2010-09-10 15:40 . 2010-09-10 15:40 17256 ----a-w- c:\windows\system32\drivers\cmderd.sys 2010-09-06 19:49 . 2010-09-06 19:49 298448 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-09-06 19:48 . 2010-09-06 19:48 34384 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-09-06 19:48 . 2010-09-06 19:48 249424 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-09-06 19:48 . 2010-09-06 19:48 26064 ----a-w- c:\windows\system32\drivers\avgrkx86.sys 2010-09-01 04:23 . 2010-10-13 09:03 12625408 ----a-w- c:\windows\system32\wmploc.DLL 2010-09-01 02:34 . 2010-10-13 08:51 2327552 ----a-w- c:\windows\system32\win32k.sys 2010-08-31 04:32 . 2010-10-13 09:36 954752 ----a-w- c:\windows\system32\mfc40.dll 2010-08-31 04:32 . 2010-10-13 09:36 954288 ----a-w- c:\windows\system32\mfc40u.dll 2010-08-27 05:46 . 2010-10-13 08:57 168448 ----a-w- c:\windows\system32\srvsvc.dll 2010-08-27 03:31 . 2010-10-13 08:57 310784 ----a-w- c:\windows\system32\drivers\srv.sys 2010-08-27 03:30 . 2010-10-13 08:57 308736 ----a-w- c:\windows\system32\drivers\srv2.sys 2010-08-27 03:30 . 2010-10-13 08:57 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys 2010-06-11 18:05 . 2010-11-09 15:42 253952 ----a-w- c:\program files\mozilla firefox\components\CheckTudouVa.dll . ((((((((((((((((((((((((((((((((((((( ????? )))))))))))))))))))))))))))))))))))))))))))))))))) . . *??* ??????????????? REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{43BEAFD9-E005-483D-A367-146BA6C8A32E}] 2010-04-19 22:08 312896 ----a-w- c:\program files\Tudou\??Tudou\tudouDetector.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmartRAM"="c:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" [2010-07-21 198864] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-09-28 2424560] "FlashGet 3"="c:\program files\FlashGet Network\FlashGet 3\Flashget3.exe" [2010-05-11 2385456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-06-24 320056] "WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744] "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-09-10 2500552] "avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952] "360Safetray"="c:\program files\360\360safe\safemon\360Tray.exe" [2010-08-30 1205816] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-22 458844] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system] "WallpaperStyle"= 2 [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200804] Ime File REG_SZ GOOGLEPINYIN2.IME [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" R0 joogy;joogy;c:\windows\System32\drivers\mrdmvp.sys [x] R0 ovkqjd;ovkqjd;c:\windows\System32\drivers\emyapht.sys [x] R2 0244581285087991mcinstcleanup;McAfee Application Installer Cleanup (0244581285087991);c:\users\User\AppData\Local\Temp\024458~1.EXE [x] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [x] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [x] R2 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-20 1343400] R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [x] R3 BCASPROT;Advanced System Protector;c:\program files\Systweak\Advanced System Protector\sasprot32.sys [x] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472] R3 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-20 136176] R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-06-24 167424] R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 25680] S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2010-09-06 26064] S0 HookPort;HookPort;c:\windows\System32\Drivers\Hookport.sys [2010-07-02 56960] S1 360netmon;360netmon;c:\windows\system32\drivers\360netmon.sys [2010-04-28 25856] S1 aswSP;aswSP; [x] S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2010-09-06 249424] S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2010-09-06 298448] S1 BAPIDRV;BAPIDRV;c:\windows\system32\drivers\BAPIDRV.SYS [2010-08-11 71168] S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2010-09-10 236088] S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2010-09-10 30112] S1 EfiMon;EfiSystemMon;c:\windows\system32\Drivers\Efimon.sys [2010-08-13 19712] S1 qutmdserv;Quantum DeepScanner Servers;c:\windows\system32\drivers\qutmdrv.sys [2010-08-17 102784] S1 qutmipc;qutmipc;c:\windows\system32\drivers\qutmipc.sys [2010-07-09 28032] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\aestsrv.exe [2009-03-02 81920] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768] S2 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [2010-05-20 88176] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 123472] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 30288] S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2010-08-19 21072] S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-05-20 59904] S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-12-07 201168] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-06-26 66080] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-05-23 167936] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2009-06-17 19:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe .
  7. when I open gimer.exe, avast free antivirus found that a threat which was Win32.trojan-gen and blocked it. Is it a false positive?
  8. DDS is DDS (Ver_10-11-10.01) - NTFSx86 Run by User at 0:51:06.78 on 24/11/2010 Wed Internet Explorer: 9.0.7930.16406 BrowserJavaVersion: 1.6.0_20 Microsoft Windows 7 Home Premium 6.1.7600.0.936.86.1033.18.2045.1039 [GMT 8:00] ============== Running Processes =============== C:\PROGRA~1\AVG\AVG10\avgchsvx.exe C:\PROGRA~1\AVG\AVG10\avgrsx.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\STacSV.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Hpservice.exe C:\Program Files\360\360safe\deepscan\zhudongfangyu.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Windows\System32\spoolsv.exe C:\Program Files\COMODO\COMODO Internet Security\cfp.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe C:\Windows\system32\taskhost.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\Program Files\360\360safe\safemon\360tray.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Maxis Broadband\Maxis Broadband.exe c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\UI0Detect.exe C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k wcssvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Alwil Software\Avast5\setup\avast.setup C:\program files\skype\Toolbars\Shared\SkypeNames2.exe C:\Program Files\360\360safe\LiveUpdate360.exe C:\Windows\system32\taskmgr.exe C:\Program Files\FlashGet Network\FlashGet 3\flashget3.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Downloads\dds.com C:\Windows\system32\conhost.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com/webhp?client=aff-ime uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_MY&c=94&bd=Presario&pf=cnnb uSearch Bar = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60342 mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_MY&c=94&bd=Presario&pf=cnnb mStart Page = hxxp://www.google.com/webhp?client=aff-ime uInternet Settings,ProxyOverride = local uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: WormRadar.com IESiteBlocker.NavFilter: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - AVG Safe Search BHO: WebDetectorBHO Class: {43beafd9-e005-483d-a367-146ba6c8a32e} - c:\program files\tudou\??tudou\tudouDetector.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: AOL Toolbar BHO: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol\aol toolbar 5.0\aoltb.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - AVG Security Toolbar BHO BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - c:\users\user\appdata\roaming\flashgetbho\FlashGetBHO3.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll TB: @c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll TB: {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - No File TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File uRun: [smartRAM] "c:\program files\iobit\advanced systemcare 3\Sup_SmartRAM.exe" /m uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe uRun: [FlashGet 3] "c:\program files\flashget network\flashget 3\flashget3.exe" -minimize mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start mRun: [WirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [360Safetray] "c:\program files\360\360safe\safemon\360Tray.exe" /start mRun: [sysTrayApp] c:\program files\idt\wdm\sttray.exe uPolicies-system: WallpaperStyle = 2 mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) dPolicies-system: WallpaperStyle = 2 IE: &AOL Toolbar Search - c:\programdata\aol\ietoolbar\resources\en-my\local\search.html IE: Download all by FlashGet3 - c:\users\user\appdata\roaming\flashgetbho\GetAllUrl.htm IE: Download by FlashGet3 - c:\users\user\appdata\roaming\flashgetbho\GetUrl.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: ????3?? - c:\users\user\appdata\roaming\flashgetbho\GetUrl.htm IE: ????3?????? - c:\users\user\appdata\roaming\flashgetbho\GetAllUrl.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL LSP: c:\program files\iobit\advanced systemcare 3\SPICtrl.dll Trusted Zone: 111222.cn\list1 Trusted Zone: pps.tv\kan Trusted Zone: pps.tv\list1 Trusted Zone: pps.tv\tvguide Trusted Zone: pps.tv\vodguide Trusted Zone: ppstream.com\list1 Trusted Zone: ppstream.com\notice Trusted Zone: ppstream.com\xml1 Trusted Zone: ppstream.com\xml2 Trusted Zone: ppstream.com\xml3 Trusted Zone: ppstream.net\list1 Trusted Zone: ppstv.com\list1 Trusted Zone: ppstv.net\list1 Trusted Zone: security_PPStream.exe DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab TCP: {03CE8259-D80D-4C02-A8BE-2E2B52BAFCB1} = 58.71.136.10 58.71.132.10 TCP: {15D338BE-A977-4BA1-80E1-80640AA2C0B4} = 58.71.136.10 58.71.132.10 TCP: {39C22304-3EE9-4B46-8EBF-832A3EF9DD62} = 58.71.136.10 58.71.132.10 TCP: {B657C2FA-1F8A-402A-BD13-057AEA26440A} = 156.154.70.22,156.154.71.22 TCP: {D5701011-0285-449C-93AA-2603F4D125CC} = 58.71.136.10 58.71.132.10 TCP: {D59BCB25-C7F3-45D7-BC99-1D7FE96BBAD0} = 58.71.136.10 58.71.132.10 TCP: {F34B28A3-91FA-4661-9372-136944196E93} = 156.154.70.22,156.154.71.22 Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe" ================= FIREFOX =================== FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\lr1q0kws.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.crawler.com/homepage.aspx?tbid=60342 FF - prefs.js: keyword.URL - hxxp://malaysia.search.yahoo.com/search?fr=mcafee&p= FF - prefs.js: network.proxy.type - 2 FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll FF - component: c:\users\user\appdata\roaming\mozilla\firefox\profiles\lr1q0kws.default\extensions\{db9127a2-3381-41ec-82b3-1b6ed4c6f29a}\components\FlashGetXPI.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\google updater\2.4.1970.7372\npCIDetect14.dll FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\users\user\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- FF - user.js: browser.cache.memory.capacity - 65536 FF - user.js: browser.chrome.favicons - false FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.turbo.enabled - true FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.urlbar.autofill - true FF - user.js: browser.xul.error_pages.enabled - true FF - user.js: content.interrupt.parsing - true FF - user.js: content.max.tokenizing.time - 3000000 FF - user.js: content.maxtextrun - 8191 FF - user.js: content.notify.backoffcount - 5 FF - user.js: content.notify.interval - 750000 FF - user.js: content.notify.ontimer - true FF - user.js: content.switch.threshold - 750000 FF - user.js: network.http.max-connections - 32 FF - user.js: network.http.max-connections-per-server - 8 FF - user.js: network.http.max-persistent-connections-per-proxy - 8 FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: network.http.pipelining - true FF - user.js: network.http.pipelining.firstrequest - true FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.proxy.pipelining - true FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: nglayout.initialpaint.delay - 0 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified ============= SERVICES / DRIVERS =============== R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064] R0 HookPort;HookPort;c:\windows\system32\drivers\hookport.sys [2010-11-20 56960] R1 360netmon;360netmon;c:\windows\system32\drivers\360netmon.sys [2010-11-20 25856] R1 360SelfProtection;360SelfProtection;c:\windows\system32\drivers\360SelfProtection.sys [2010-11-20 110848] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-11-3 165584] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 249424] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 298448] R1 BAPIDRV;BAPIDRV;c:\windows\system32\drivers\BAPIDRV.SYS [2010-11-20 71168] R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2010-9-10 236088] R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2010-9-10 30112] R1 EfiMon;EfiSystemMon;c:\windows\system32\drivers\EfiMon.sys [2010-8-13 19712] R1 qutmdserv;Quantum DeepScanner Servers;c:\windows\system32\drivers\qutmdrv.sys [2010-11-20 102784] R1 qutmipc;qutmipc;c:\windows\system32\drivers\qutmipc.sys [2010-11-20 28032] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-18 12872] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-11 67656] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-11-3 17744] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-11-3 50768] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-29 40384] R2 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-29 40384] R2 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-29 40384] R2 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2009-8-11 228408] R2 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2009-7-9 26168] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2010-9-22 88176] R2 ZhuDongFangYu;????;c:\program files\360\360safe\deepscan\ZhuDongFangYu.exe [2010-4-30 214536] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 123472] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 30288] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 21072] R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2009-5-21 59904] R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2010-8-20 201168] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-6-27 66080] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-8-19 167936] S2 0244581285087991mcinstcleanup;McAfee Application Installer Cleanup (0244581285087991);c:\users\user\appdata\local\temp\024458~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service --> c:\users\user\appdata\local\temp\024458~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service [?] S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\AEstSrv.exe [2010-8-19 81920] S2 AVGIDSAgent;AVGIDSAgent;"c:\program files\avg\avg10\identity protection\agent\bin\avgidsagent.exe" --> c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [?] S2 avgwd;AVG WatchDog;"c:\program files\avg\avg10\avgwdsvc.exe" --> c:\program files\avg\avg10\avgwdsvc.exe [?] S2 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-8-20 1343400] S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\toolbarbroker.exe --> c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [?] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-8-19 29472] S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-28 39272] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352] S3 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-8-20 136176] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2010-8-19 167424] S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-14 207360] S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-14 980992] S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-14 661504] S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040] =============== Created Last 30 ================ 2010-11-19 16:01:26 -------- d-----w- c:\progra~2\360safe 2010-11-19 16:00:39 110848 ----a-w- c:\windows\system32\drivers\360SelfProtection.sys 2010-11-19 16:00:35 25856 ----a-w- c:\windows\system32\drivers\360netmon.sys 2010-11-19 16:00:29 102784 ----a-w- c:\windows\system32\drivers\qutmdrv.sys 2010-11-19 16:00:20 56960 ----a-w- c:\windows\system32\drivers\hookport.sys 2010-11-19 16:00:15 71168 ----a-w- c:\windows\system32\drivers\BAPIDRV.SYS 2010-11-19 16:00:09 28032 ----a-w- c:\windows\system32\drivers\qutmipc.sys 2010-11-18 16:56:52 -------- d-----w- c:\users\user\appdata\roaming\360safe 2010-11-16 10:38:10 -------- d-----w- c:\users\user\appdata\roaming\Systweak 2010-11-16 10:38:10 -------- d-----w- c:\progra~2\Systweak 2010-11-15 16:41:04 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-11-15 16:41:01 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-11-15 16:41:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-11-15 04:20:23 -------- d-----w- c:\progra~2\Spybot - Search & Destroy 2010-11-15 03:56:25 -------- d-----w- c:\program files\IObit 2010-11-10 12:15:33 -------- d-----w- c:\users\user\appdata\local\Opera 2010-11-09 15:42:40 253952 ----a-w- c:\program files\mozilla firefox\components\CheckTudouVa.dll 2010-11-07 16:45:42 804864 ----a-w- c:\windows\system32\FntCache.dll 2010-11-07 16:45:42 737280 ----a-w- c:\windows\system32\d2d1.dll 2010-11-07 16:45:42 218624 ----a-w- c:\windows\system32\d3d10_1core.dll 2010-11-07 16:45:42 1172480 ----a-w- c:\windows\system32\d3d10warp.dll 2010-11-07 16:45:42 1076224 ----a-w- c:\windows\system32\DWrite.dll 2010-11-07 16:44:54 279552 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2010-11-07 16:44:54 135168 ----a-w- c:\windows\system32\XpsRasterService.dll 2010-11-07 16:44:01 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll 2010-11-07 16:43:00 -------- d-----w- c:\program files\Feedback Tool 2010-11-04 16:50:28 -------- d-----w- c:\users\user\appdata\roaming\PPStream 2010-11-03 16:04:31 -------- d-----w- c:\program files\The KMPlayer 2010-11-02 17:23:06 -------- d-----w- c:\users\user\appdata\local\COMODO 2010-11-02 17:16:36 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2010-11-02 17:07:38 38848 ----a-w- c:\windows\avastSS.scr 2010-11-01 18:26:19 1700352 ----a-w- c:\windows\system32\gdiplus.dll 2010-10-29 13:47:57 6146896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{c56d802a-5364-47d9-a930-13202f9766ff}\mpengine.dll 2010-10-29 05:31:58 -------- d-----w- c:\users\user\appdata\local\ElevatedDiagnostics 2010-10-29 04:18:58 -------- d-----w- C:\576a3cf90ea0115081082c4ccdc821ea 2010-10-29 03:10:46 -------- d-----w- c:\windows\Internet Logs 2010-10-28 07:59:44 -------- d-----w- c:\users\user\appdata\roaming\Windows Live Writer 2010-10-28 07:59:44 -------- d-----w- c:\users\user\appdata\local\Windows Live Writer 2010-10-28 07:20:10 -------- d-----w- c:\windows\en 2010-10-28 07:19:23 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2010-10-28 07:13:04 -------- d-----w- c:\program files\MSN Toolbar 2010-10-28 07:12:38 -------- d-----w- c:\program files\Bing Bar Installer 2010-10-28 07:12:24 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2010-10-28 07:12:24 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2010-10-28 07:12:23 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2010-10-28 07:12:17 15712 ----a-w- c:\program files\common files\windows live\.cache\73ce8c8d1cb766f08\MeshBetaRemover.exe 2010-10-28 07:12:16 469256 ----a-w- c:\program files\common files\windows live\.cache\71e1cfb41cb766f07\InstallManager_WLE_WLE.exe 2010-10-28 07:12:07 94040 ----a-w- c:\program files\common files\windows live\.cache\6d6417101cb766f06\DSETUP.dll 2010-10-28 07:12:07 525656 ----a-w- c:\program files\common files\windows live\.cache\6d6417101cb766f06\DXSETUP.exe 2010-10-28 07:12:07 1691480 ----a-w- c:\program files\common files\windows live\.cache\6d6417101cb766f06\dsetup32.dll 2010-10-28 07:12:04 94040 ----a-w- c:\program files\common files\windows live\.cache\6b6b73561cb766f05\DSETUP.dll 2010-10-28 07:12:04 525656 ----a-w- c:\program files\common files\windows live\.cache\6b6b73561cb766f05\DXSETUP.exe 2010-10-28 07:12:04 1691480 ----a-w- c:\program files\common files\windows live\.cache\6b6b73561cb766f05\dsetup32.dll 2010-10-28 07:11:30 -------- d-----w- c:\users\user\appdata\local\Windows Live 2010-10-27 18:36:50 3181568 ----a-w- c:\windows\system32\mf.dll 2010-10-27 18:36:50 196608 ----a-w- c:\windows\system32\mfreadwrite.dll 2010-10-27 18:36:49 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL 2010-10-27 16:23:24 -------- d--h--w- C:\VritualRoot 2010-10-27 16:22:45 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat 2010-10-27 16:18:19 -------- d-----w- c:\program files\COMODO 2010-10-27 15:26:04 641536 ----a-w- c:\windows\system32\CPFilters.dll 2010-10-27 15:26:04 417792 ----a-w- c:\windows\system32\msdri.dll 2010-10-27 15:26:03 204288 ----a-w- c:\windows\system32\MSNP.ax 2010-10-27 15:26:03 199680 ----a-w- c:\windows\system32\mpg2splt.ax 2010-10-27 15:21:09 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys ==================== Find3M ==================== 2010-11-03 16:59:27 12872 ----a-w- c:\windows\system32\bootdelete.exe 2010-10-19 03:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-10-17 07:15:34 3709952 ----a-w- c:\users\user\Camera Mouse 2011.msi 2010-10-13 09:44:36 2135096 ----a-w- c:\windows\system32\GooglePinyin2.ime 2010-09-22 16:47:28 49016 ----a-w- c:\windows\system32\sirenacm.dll 2010-09-22 16:32:56 301936 ----a-w- c:\windows\WLXPGSS.SCR 2010-09-21 06:03:14 208768 ----a-w- c:\windows\system32\LIVESSP.DLL 2010-09-10 15:41:40 285480 ----a-w- c:\windows\system32\guard32.dll 2010-09-01 04:23:49 12625408 ----a-w- c:\windows\system32\wmploc.DLL 2010-09-01 02:34:52 2327552 ----a-w- c:\windows\system32\win32k.sys 2010-08-31 16:46:36 1355264 ----a-w- c:\windows\system32\jscript9.dll 2010-08-31 16:44:32 367104 ----a-w- c:\windows\system32\html.iec 2010-08-31 16:44:30 1448448 ----a-w- c:\windows\system32\inetcpl.cpl 2010-08-31 16:44:24 1122304 ----a-w- c:\windows\system32\wininet.dll 2010-08-31 16:44:06 424960 ----a-w- c:\windows\system32\vbscript.dll 2010-08-31 16:43:22 23552 ----a-w- c:\windows\system32\licmgr10.dll 2010-08-31 16:43:12 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2010-08-31 16:43:12 114176 ----a-w- c:\windows\system32\iesysprep.dll 2010-08-31 16:43:10 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2010-08-31 16:43:10 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2010-08-31 16:42:58 51200 ----a-w- c:\windows\system32\admparse.dll 2010-08-31 16:42:54 75264 ----a-w- c:\windows\system32\iesetup.dll 2010-08-31 16:42:48 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2010-08-31 16:42:42 150016 ----a-w- c:\windows\system32\iexpress.exe 2010-08-31 16:42:42 149504 ----a-w- c:\windows\system32\wextract.exe 2010-08-31 16:42:20 33280 ----a-w- c:\windows\system32\imgutil.dll 2010-08-31 16:42:16 48640 ----a-w- c:\windows\system32\mshtmler.dll 2010-08-31 16:42:12 11264 ----a-w- c:\windows\system32\mshta.exe 2010-08-31 16:42:10 2381824 ----a-w- c:\windows\system32\mshtml.tlb 2010-08-31 16:42:04 63488 ----a-w- c:\windows\system32\tdc.ocx 2010-08-31 16:41:46 160768 ----a-w- c:\windows\system32\msls31.dll 2010-08-31 04:32:30 954752 ----a-w- c:\windows\system32\mfc40.dll 2010-08-31 04:32:30 954288 ----a-w- c:\windows\system32\mfc40u.dll 2010-08-27 05:46:48 168448 ----a-w- c:\windows\system32\srvsvc.dll 2010-08-26 04:39:58 109056 ----a-w- c:\windows\system32\t2embed.dll ============= FINISH: 0:52:35.11 ===============
  9. which is the best free antivirus with MBAM?hope all of you can give your opinions. Thanks a lot.
  10. which is the best free antivirus with MBAM?hope all of you can give your opinions. Thanks a lot.
  11. when I scan my computer with malwarebytes free version, I found that it was no responding, and it said an error occur which was MBAM_ERROR_ADD_TO_RESULTS(0,6). I hope you can fix my problem quickly.thanks. hope experienced experts can fix this tough problem. This link http://forums.malwarebytes.org/index.php?s...mp;#entry346588 , is my previous post, but so far anyone cant fix it. Hope this problem can be solved by experienced expert. Thank you...
  12. when I scan my computer with malwarebytes free version, I found that it was no responding, and it said an error occur which was MBAM_ERROR_ADD_TO_RESULTS(0,6). I hope you can fix my problem quickly.thanks. hope experienced experts can fix this tough problem. This link http://forums.malwarebytes.org/index.php?s...mp;#entry346588 , is my previous post, but so far anyone cant fix it. Hope this problem can be solved by experienced expert. Thank you...
  13. when I scan my computer with malwarebytes free version, I found that it was no responding, and it said an error occur which was MBAM_ERROR_ADD_TO_RESULTS(0,6). I hope you can fix my problem quickly.thanks. hope experienced experts can fix this tough problem.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.