Jump to content

dusktilldawnll

Members
  • Posts

    33
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thanks a lot for your help. I appreciate it!!

  2. no symptoms.. I just saw the setup.exe pop up on bottom of screen.... Computer is still running fine. Here is security check info: Results of screen317's Security Check version 0.99.72 Windows XP Service Pack 3 x86 Internet Explorer 7 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` SUPERAntiSpyware Malwarebytes Anti-Malware version 1.75.0.1300 CCleaner Java 6 Update 20 Java 7 Update 25 Adobe Flash Player 11.6.602.171 Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox (3.6.28) Firefox out of Date! ````````Process Check: objlist.exe by Laurent```````` `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 16% Defragment your hard drive soon! (Do NOT defrag if SSD!)````````````````````End of Log``````````````````````
  3. Unfortunately, I dont think I got rid of it. When I got home a short time ago, I was on the internet and a "setup.exe" popped up in my download folder....Knowing it was nothing I did, I ran malware and this showed up.... Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.08.15.04 Windows XP Service Pack 3 x86 NTFSInternet Explorer 7.0.5730.13Heywang :: HAYWANG_LAPTOP [administrator] 8/15/2013 1:34:43 PMMBAM-log-2013-08-15 (15-43-46).txt Scan type: Full scan (C:\|D:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 330096Time elapsed: 1 hour(s), 6 minute(s), 30 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 1D:\My Documents\Downloads\Setup.exe (PUP.Optional.Solimba) -> No action taken. (end)
  4. # AdwCleaner v2.306 - Logfile created 08/15/2013 at 10:57:49 # Updated 19/07/2013 by Xplode# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)# User : Heywang - HAYWANG_LAPTOP# Boot Mode : Normal# Running from : D:\My Documents\Downloads\adwcleaner (1).exe# Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Deleted on reboot : C:\Documents and Settings\Heywang\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfdDeleted on reboot : C:\Documents and Settings\Heywang\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmddaDeleted on reboot : C:\Documents and Settings\Heywang\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmddaFile Deleted : C:\Documents and Settings\Heywang\Application Data\Mozilla\Firefox\Profiles\0hytz6j9.default\bProtector_extensions.rdfFile Deleted : C:\Documents and Settings\Heywang\Application Data\Mozilla\Firefox\Profiles\0hytz6j9.default\searchplugins\Babylon.xmlFile Deleted : C:\Documents and Settings\Heywang\Application Data\Mozilla\Firefox\Profiles\0hytz6j9.default\searchplugins\BrowserDefender.xmlFile Deleted : C:\Program Files\Mozilla Firefox\.autoregFile Deleted : C:\user.jsFolder Deleted : C:\DOCUME~1\Heywang\LOCALS~1\Temp\CT3220468Folder Deleted : C:\Documents and Settings\All Users\Application Data\BabylonFolder Deleted : C:\Documents and Settings\Heywang\Application Data\Mozilla\Firefox\Profiles\0hytz6j9.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}Folder Deleted : C:\Documents and Settings\Heywang\Application Data\Mozilla\Firefox\Profiles\0hytz6j9.default\extensions\ffxtlbr@babylon.comFolder Deleted : C:\Documents and Settings\Heywang\Application Data\Mozilla\Firefox\Profiles\0hytz6j9.default\extensions\ffxtlbr@delta.comFolder Deleted : C:\Documents and Settings\Heywang\Local Settings\Application Data\ConduitFolder Deleted : C:\Program Files\ConduitFolder Deleted : C:\Program Files\delta ***** [Registry] ***** Key Deleted : HKCU\Software\AppDataLow\Software\ConduitKey Deleted : HKCU\Software\BabSolutionKey Deleted : HKCU\Software\ConduitKey Deleted : HKCU\Software\CrossriderKey Deleted : HKCU\Software\DataMngrKey Deleted : HKCU\Software\DataMngr_ToolbarKey Deleted : HKCU\Software\DeltaKey Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmddaKey Deleted : HKCU\Software\IMKey Deleted : HKCU\Software\ImInstallerKey Deleted : HKCU\Software\InstallCoreKey Deleted : HKCU\Software\InstalledBrowserExtensionsKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}Key Deleted : HKCU\Software\SmartBarKey Deleted : HKCU\Software\Web AssistantKey Deleted : HKCU\Software\YahooPartnerToolbarKey Deleted : HKLM\Software\BabylonKey Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXEKey Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlprKey Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0033254.BHOKey Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0033254.SandboxKey Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0033254.Sandbox.1Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}Key Deleted : HKLM\SOFTWARE\Classes\Prod.capKey Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}Key Deleted : HKLM\Software\ConduitKey Deleted : HKLM\SOFTWARE\d2dc8fe06fb942Key Deleted : HKLM\Software\DataMngrKey Deleted : HKLM\Software\DeltaKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfdKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmddaKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmdeKey Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DeltaKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome ToolbarKey Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966Key Deleted : HKLM\Software\Tarma InstallerKey Deleted : HKLM\Software\Web AssistantValue Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}] ***** [internet Browsers] ***** -\\ Internet Explorer v7.0.6000.17055 [OK] Registry is clean. -\\ Mozilla Firefox v3.6.28 (en-US) File : C:\Documents and Settings\Heywang\Application Data\Mozilla\Firefox\Profiles\0hytz6j9.default\prefs.js C:\Documents and Settings\Heywang\Application Data\Mozilla\Firefox\Profiles\0hytz6j9.default\user.js ... Deleted ! Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");Deleted : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");Deleted : user_pref("extensions.BabylonToolbar.admin", false);Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");Deleted : user_pref("extensions.BabylonToolbar.babExt", "");Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=109935");Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 30);Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", true);Deleted : user_pref("extensions.BabylonToolbar.hmpg", true);Deleted : user_pref("extensions.BabylonToolbar.id", "f42fdce3000000000000001fe1d0618f");Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15463");Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");Deleted : user_pref("extensions.BabylonToolbar.lastDP", 30);Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1714:38:47");Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "3.6");Deleted : user_pref("extensions.BabylonToolbar.newTab", true);Deleted : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 85009168);Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 1);Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 1);Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true);Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "none");Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss");Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1714:38:47");Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109935");Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "f42fdce3000000000000001fe1d0618f");Deleted : user_pref("extensions.BabylonToolbar_i.id", "f42fdce3000000000000001fe1d0618f");Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15463");Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1714:38:47");Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]Deleted : user_pref("CT3220468.autoDisableScopes", 0);Deleted : user_pref("CT3220468.InstallDate", "30/1/2013 13:48:13"); File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zpzlwpd7.default\prefs.js [OK] File is clean. -\\ Google Chrome v28.0.1500.95 File : C:\Documents and Settings\Heywang\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences Deleted [l.46] : keyword = "babylon.com", ************************* AdwCleaner[R1].txt - [11659 octets] - [15/08/2013 10:41:41]AdwCleaner[R2].txt - [11720 octets] - [15/08/2013 10:42:35]AdwCleaner[R3].txt - [11781 octets] - [15/08/2013 10:57:14]AdwCleaner[s1].txt - [11898 octets] - [15/08/2013 10:57:49] ########## EOF - C:\AdwCleaner[s1].txt - [11959 octets] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 5.4.6 (08.15.2013:1)OS: Microsoft Windows XP x86Ran by Heywang on Thu 08/15/2013 at 11:03:24.81~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayNameSuccessfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322322254}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366326654}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366326654} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Documents and Settings\Heywang\Local Settings\Application Data\cre" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Thu 08/15/2013 at 11:06:14.75End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.08.15.04 Windows XP Service Pack 3 x86 NTFSInternet Explorer 7.0.5730.13Heywang :: HAYWANG_LAPTOP [administrator] 8/15/2013 11:12:04 AMmbam-log-2013-08-15 (11-12-04).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 244398Time elapsed: 9 minute(s), 52 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end) So far, computer runs great.... Thanks a lot for your help.
  5. Roguekiller Report..... RogueKiller V8.6.5 [Aug 5 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : Heywang [Admin rights] Mode : Scan -- Date : 08/15/2013 09:51:03 | ARK || FAK || MBR | ¤¤¤ Bad processes : 1 ¤¤¤ [sUSP PATH] SmileboxTray.exe -- C:\Documents and Settings\Heywang\Application Data\Smilebox\SmileboxTray.exe [7] -> KILLED [TermProc] ¤¤¤ Registry Entries : 11 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : Google Update ("C:\Documents and Settings\Heywang\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c [7]) -> FOUND [RUN][sUSP PATH] HKCU\[...]\Run : SmileboxTray ("C:\Documents and Settings\Heywang\Application Data\Smilebox\SmileboxTray.exe" [7]) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-1482476501-1284227242-839522115-1004\[...]\Run : Google Update ("C:\Documents and Settings\Heywang\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c [7]) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-1482476501-1284227242-839522115-1004\[...]\Run : SmileboxTray ("C:\Documents and Settings\Heywang\Application Data\Smilebox\SmileboxTray.exe" [7]) -> FOUND [PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (:0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 4 ¤¤¤ [V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-1482476501-1284227242-839522115-1004UA.job : C:\Documents and Settings\Heywang\Local Settings\Application Data\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND [V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-1482476501-1284227242-839522115-1004Core.job : C:\Documents and Settings\Heywang\Local Settings\Application Data\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND ¤¤¤ Startup Entries : 2 ¤¤¤ [Heywang][sUSP PATH] Shortcut to iTunesToAndroid.exe.lnk : C:\Documents and Settings\Heywang\Start Menu\Programs\Startup\Shortcut to iTunesToAndroid.exe.lnk @C:\Documents and Settings\Heywang\Application Data\Microsoft\Installer\{0B375BBC-9519-4E39-AF06-26F9B4BD1653}\_AF5A0734A3D9313FE34082.exe [-][-] -> FOUND [Heywang][sUSP PATH] Sprint media monitor.lnk : C:\Documents and Settings\Heywang\Start Menu\Programs\Startup\Sprint media monitor.lnk @C:\WINDOWS\RM.exe -m [-][7] -> FOUND ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: FUJITSU MHZ2160BH G2 +++++ --- User --- [MBR] f4fff58a289d8b3072ff95ce77e3e57d [bSP] 2459850cadfc3fbc117a6ce3be8bcf75 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 61545 Mo 1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 126045990 | Size: 91079 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_08152013_095103.txt >> adwcleaner report....... # AdwCleaner v2.306 - Logfile created 08/15/2013 at 10:42:35 # Updated 19/07/2013 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : Heywang - HAYWANG_LAPTOP # Boot Mode : Normal # Running from : D:\My Documents\Downloads\adwcleaner (1).exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\Documents and Settings\Heywang\Application Data\Mozilla\Firefox\Profiles\0hytz6j9.default\bProtector_extensions.rdf File Found : C:\Documents and Settings\Heywang\Application Data\Mozilla\Firefox\Profiles\0hytz6j9.default\searchplugins\Babylon.xml File Found : C:\Documents and Settings\Heywang\Application Data\Mozilla\Firefox\Profiles\0hytz6j9.default\searchplugins\BrowserDefender.xml File Found : C:\Program Files\Mozilla Firefox\.autoreg File Found : C:\user.js Folder Found : C:\DOCUME~1\Heywang\LOCALS~1\Temp\CT3220468 Folder Found : C:\Documents and Settings\All Users\Application Data\Babylon Folder Found : C:\Documents and Settings\Heywang\Application Data\Mozilla\Firefox\Profiles\0hytz6j9.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} Folder Found : C:\Documents and Settings\Heywang\Application Data\Mozilla\Firefox\Profiles\0hytz6j9.default\extensions\ffxtlbr@babylon.com Folder Found : C:\Documents and Settings\Heywang\Application Data\Mozilla\Firefox\Profiles\0hytz6j9.default\extensions\ffxtlbr@delta.com Folder Found : C:\Documents and Settings\Heywang\Local Settings\Application Data\Conduit Folder Found : C:\Documents and Settings\Heywang\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Folder Found : C:\Documents and Settings\Heywang\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda Folder Found : C:\Documents and Settings\Heywang\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda Folder Found : C:\Program Files\Conduit Folder Found : C:\Program Files\delta ***** [Registry] ***** Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\BabSolution Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\Crossrider Key Found : HKCU\Software\DataMngr Key Found : HKCU\Software\DataMngr_Toolbar Key Found : HKCU\Software\Delta Key Found : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda Key Found : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda Key Found : HKCU\Software\IM Key Found : HKCU\Software\ImInstaller Key Found : HKCU\Software\InstallCore Key Found : HKCU\Software\InstalledBrowserExtensions Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087} Key Found : HKCU\Software\SmartBar Key Found : HKCU\Software\Web Assistant Key Found : HKCU\Software\YahooPartnerToolbar Key Found : HKLM\Software\Babylon Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Found : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D} Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1 Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0033254.BHO Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0033254.Sandbox Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0033254.Sandbox.1 Key Found : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD} Key Found : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} Key Found : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} Key Found : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} Key Found : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} Key Found : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} Key Found : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} Key Found : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} Key Found : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} Key Found : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} Key Found : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} Key Found : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} Key Found : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Key Found : HKLM\SOFTWARE\Classes\Prod.cap Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3220468 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B} Key Found : HKLM\Software\Conduit Key Found : HKLM\SOFTWARE\d2dc8fe06fb942 Key Found : HKLM\Software\DataMngr Key Found : HKLM\Software\Delta Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Key Found : HKLM\Software\Tarma Installer Key Found : HKLM\Software\Web Assistant Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}] ***** [internet Browsers] ***** -\\ Internet Explorer v7.0.6000.17055 [OK] Registry is clean. -\\ Mozilla Firefox v3.6.28 (en-US) File : C:\Documents and Settings\Heywang\Application Data\Mozilla\Firefox\Profiles\0hytz6j9.default\prefs.js Found : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); Found : user_pref("browser.search.defaultenginename", "Search the web (Babylon)"); Found : user_pref("browser.search.order.1", "Search the web (Babylon)"); Found : user_pref("extensions.BabylonToolbar.admin", false); Found : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Found : user_pref("extensions.BabylonToolbar.babExt", ""); Found : user_pref("extensions.BabylonToolbar.babTrack", "affID=109935"); Found : user_pref("extensions.BabylonToolbar.bbDpng", 30); Found : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Found : user_pref("extensions.BabylonToolbar.dfltSrch", true); Found : user_pref("extensions.BabylonToolbar.hmpg", true); Found : user_pref("extensions.BabylonToolbar.id", "f42fdce3000000000000001fe1d0618f"); Found : user_pref("extensions.BabylonToolbar.instlDay", "15463"); Found : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Found : user_pref("extensions.BabylonToolbar.lastDP", 30); Found : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1714:38:47"); Found : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "3.6"); Found : user_pref("extensions.BabylonToolbar.newTab", true); Found : user_pref("extensions.BabylonToolbar.noFFXTlbr", false); Found : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Found : user_pref("extensions.BabylonToolbar.propectorlck", 85009168); Found : user_pref("extensions.BabylonToolbar.prtkDS", 1); Found : user_pref("extensions.BabylonToolbar.prtkHmpg", 1); Found : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Found : user_pref("extensions.BabylonToolbar.ptch_0717", true); Found : user_pref("extensions.BabylonToolbar.smplGrp", "none"); Found : user_pref("extensions.BabylonToolbar.srcExt", "ss"); Found : user_pref("extensions.BabylonToolbar.tlbrId", "tb9"); Found : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17"); Found : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1714:38:47"); Found : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17"); Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); Found : user_pref("extensions.BabylonToolbar_i.babExt", ""); Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109935"); Found : user_pref("extensions.BabylonToolbar_i.hardId", "f42fdce3000000000000001fe1d0618f"); Found : user_pref("extensions.BabylonToolbar_i.id", "f42fdce3000000000000001fe1d0618f"); Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15463"); Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); Found : user_pref("extensions.BabylonToolbar_i.newTab", false); Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9"); Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1714:38:47"); Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); Found : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...] Found : user_pref("CT3220468.autoDisableScopes", 0); Found : user_pref("CT3220468.InstallDate", "30/1/2013 13:48:13"); File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zpzlwpd7.default\prefs.js [OK] File is clean. -\\ Google Chrome v28.0.1500.95 File : C:\Documents and Settings\Heywang\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences Found [l.46] : keyword = "babylon.com", ************************* AdwCleaner[R1].txt - [11659 octets] - [15/08/2013 10:41:41] AdwCleaner[R2].txt - [11589 octets] - [15/08/2013 10:42:35] ########## EOF - C:\AdwCleaner[R2].txt - [11650 octets] ##########
  6. Good morning. See attached: DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 7.0.6000.17055 BrowserJavaVersion: 10.25.2Run by Heywang at 9:26:10 on 2013-08-15Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3062.1891 [GMT -4:00]..============== Running Processes ================.C:\WINDOWS\System32\WLTRYSVC.EXEC:\WINDOWS\System32\bcmwltry.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\SUPERAntiSpyware\SASCORE.EXEC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Fitbit Connect\FitbitConnectService.exeC:\Program Files\Java\jre7\bin\jqs.exeC:\WINDOWS\system32\DRIVERS\o2flash.exec:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\WINDOWS\system32\SearchIndexer.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\WINDOWS\System32\alg.exeC:\WINDOWS\system32\wscntfy.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\WINDOWS\RTHDCPL.EXEC:\Program Files\Synaptics\SynTP\SynToshiba.exeC:\WINDOWS\system32\WLTRAY.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\Program Files\Hp\HP Software Update\HPWuSchd2.exeC:\WINDOWS\system32\igfxsrvc.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\Fitbit Connect\Fitbit Connect.exeC:\WINDOWS\system32\ctfmon.exeC:\Documents and Settings\Heywang\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exeC:\Documents and Settings\Heywang\Application Data\Smilebox\SmileboxTray.exeC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exeC:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exeC:\Documents and Settings\Heywang\Application Data\Dropbox\bin\Dropbox.exeC:\WINDOWS\system32\RunDll32.exeC:\Program Files\iTunesToAndroid\iTunesToAndroid\iTunesToAndroid.exeC:\Program Files\Sprint Instinct Applications\MEMonitor.exeC:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicatorCom.exeC:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exeC:\Program Files\Microsoft Office\Office12\OUTLOOK.EXEC:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exeC:\Documents and Settings\Heywang\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Heywang\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Heywang\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Heywang\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Heywang\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Heywang\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Heywang\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Heywang\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Heywang\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\WINDOWS\system32\SearchProtocolHost.exeC:\WINDOWS\system32\SearchFilterHost.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\System32\svchost.exe -k HPZ12C:\WINDOWS\System32\svchost.exe -k HPZ12C:\WINDOWS\system32\svchost.exe -k imgsvc.============== Pseudo HJT Report ===============.uProxyServer = :0BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.0.318\McAfeeMSS_IE.dllBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - c:\program files\web assistant\Extension32.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dlluRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [Octoshape Streaming Services] "c:\documents and settings\heywang\application data\octoshape\octoshape streaming services\OctoshapeClient.exe" -inv:bootrunuRun: [Google Update] "c:\documents and settings\heywang\local settings\application data\google\update\GoogleUpdate.exe" /cuRun: [Download] "c:\documents and settings\heywang\local settings\application data\supportsoft\ddoctorv2\heywang\ssGet.exe" 120 "http://pcmctbc.cmc.motive.com/motivedocs/EasySolveInstaller.exe" "EasySolveInstaller.exe"uRun: [smileboxTray] "c:\documents and settings\heywang\application data\smilebox\SmileboxTray.exe"uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exeuRun: [HP Officejet 6600 (NET)] "c:\program files\hp\hp officejet 6600\bin\ScanToPCActivationApp.exe" -deviceID "CN35E6RHRG05RN:NW" -scfn "HP Officejet 6600 (NET)" -AutoStart 1uRun: [Fitbit Connect] "c:\program files\fitbit connect\Fitbit Connect.exe" /autorunmRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exemRun: [RTHDCPL] RTHDCPL.EXEmRun: [Alcmtr] ALCMTR.EXEmRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exemRun: [igfxTray] c:\windows\system32\igfxtray.exemRun: [HotKeysCmds] c:\windows\system32\hkcmd.exemRun: [Persistence] c:\windows\system32\igfxpers.exemRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottimemRun: [intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startupmRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exemRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [Fitbit Connect] "c:\program files\fitbit connect\Fitbit Connect.exe" /autorunStartupFolder: c:\docume~1\heywang\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\heywang\application data\dropbox\bin\Dropbox.exeStartupFolder: c:\docume~1\heywang\startm~1\programs\startup\monito~1.lnk - c:\windows\system32\RunDll32.exeStartupFolder: c:\docume~1\heywang\startm~1\programs\startup\shortc~1.lnk - c:\documents and settings\heywang\application data\microsoft\installer\{0b375bbc-9519-4e39-af06-26f9b4bd1653}\_AF5A0734A3D9313FE34082.exeStartupFolder: c:\docume~1\heywang\startm~1\programs\startup\sprint~1.lnk - c:\windows\RM.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.318\SSScheduler.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1mPolicies-Explorer: NoDriveTypeAutoRun = dword:145IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - c:\program files\hewlett-packard\smart print 2.0\smartprintsetup.exeIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeTCP: NameServer = 208.67.222.222 208.67.220.220 75.75.75.75TCP: Interfaces\{31ACF6F0-7766-489F-BB50-00A88C6FE895} : DHCPNameServer = 208.67.222.222 208.67.220.220 75.75.75.75Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\program files\intuit\quickbooks 2010\HelpAsyncPluggableProtocol.dllHandler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - Notify: igfxcui - igfxdev.dllNotify: LMIinit - LMIinit.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllSEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dllSEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL.================= FIREFOX ===================.FF - ProfilePath - c:\documents and settings\heywang\application data\mozilla\firefox\profiles\0hytz6j9.default\FF - prefs.js: browser.search.selectedEngine - FF - plugin: c:\documents and settings\heywang\application data\mozilla\plugins\npoctoshape.dllFF - plugin: c:\documents and settings\heywang\local settings\application data\google\update\1.3.21.115\npGoogleUpdate3.dllFF - plugin: c:\documents and settings\heywang\local settings\application data\unity\webplayer\loader\npUnity3D32.dllFF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dllFF - plugin: c:\program files\google\picasa3\npPicasa3.dllFF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dllFF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dllFF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dllFF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dllFF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dllFF - plugin: c:\program files\mozilla firefox\plugins\NPcol400.dllFF - plugin: c:\program files\mozilla firefox\plugins\NPcol500.dllFF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dllFF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dllFF - plugin: c:\program files\msn toolbar\platform\5.0.1449.0\npwinext.dllFF - plugin: c:\program files\virtools\3d life player\npvirtools.dll.---- FIREFOX POLICIES ----FF - user.js: extensions.BabylonToolbar_i.id - f42fdce3000000000000001fe1d0618fFF - user.js: extensions.BabylonToolbar_i.hardId - f42fdce3000000000000001fe1d0618fFF - user.js: extensions.BabylonToolbar_i.instlDay - 15463FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1714:38:47FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylonFF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbarFF - user.js: extensions.BabylonToolbar_i.aflt - babsstFF - user.js: extensions.BabylonToolbar_i.smplGrp - noneFF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9FF - user.js: extensions.BabylonToolbar_i.newTab - falseFF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109935FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ssFF - user.js: extensions.BabylonToolbar_i.instlRef - sstFF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - f42fdce3000000000000001fe1d061abFF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}FF - user.js: extensions.delta.instlDay - 15919FF - user.js: extensions.delta.vrsn - 1.8.22.0FF - user.js: extensions.delta.vrsni - 1.8.22.0FF - user.js: extensions.delta.vrsnTs - 1.8.22.023:38:33FF - user.js: extensions.delta.prtnrId - deltaFF - user.js: extensions.delta.prdct - deltaFF - user.js: extensions.delta.aflt - babsstFF - user.js: extensions.delta.smplGrp - noneFF - user.js: extensions.delta.tlbrId - baseFF - user.js: extensions.delta.instlRef - sstFF - user.js: extensions.delta.dfltLng - enFF - user.js: extensions.delta.excTlbr - falseFF - user.js: extensions.delta.ffxUnstlRst - trueFF - user.js: extensions.delta.admin - falseFF - user.js: extensions.delta_i.babTrack - affID=119360&tsp=4962FF - user.js: extensions.delta_i.babExt - FF - user.js: extensions.delta_i.srcExt - ssFF - user.js: extensions.delta.autoRvrt - falseFF - user.js: extensions.delta.rvrt - falseFF - user.js: extensions.delta.newTab - false.============= SERVICES / DRIVERS ===============.R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2010-6-29 155136]R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2010-6-29 5248]R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]R2 Fitbit Connect;Fitbit Connect Service;c:\program files\fitbit connect\FitbitConnectService.exe [2013-2-25 1239584]R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2010-1-27 12856]R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2010-6-29 47640]R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2010-6-29 51288]R3 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2010-6-29 43608]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 ltixo;Manager Monitor;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]S3 DraftSight API Service;DraftSight API Service;c:\program files\dassault systemes\draftsight\bin\dsHttpApiService.exe [2012-1-24 78336]S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2010-12-30 24576]S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.318\McCHSvc.exe [2013-2-5 235216]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]S4 LMIRfsClientNP;LMIRfsClientNP; [x].=============== Created Last 30 ================.2013-08-06 21:56:19 -------- d-----w- c:\documents and settings\heywang\local settings\application data\Identities2013-08-06 21:56:15 -------- d-----w- c:\documents and settings\heywang\application data\Windows Desktop Search2013-08-02 03:38:33 -------- d-----w- c:\program files\common files\Symantec Shared2013-08-02 03:38:28 -------- d-----w- c:\program files\Delta2013-08-02 03:38:17 -------- d-----w- c:\windows\system32\drivers\nss\0400010.0102013-08-02 03:38:17 -------- d-----w- c:\windows\system32\drivers\NSS2013-08-02 03:38:17 -------- d-----w- c:\program files\Norton Security Scan2013-08-02 03:38:16 -------- d-----w- c:\documents and settings\all users\application data\Norton2013-08-02 03:38:05 -------- d-----w- c:\program files\NortonInstaller2013-08-02 03:38:04 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller2013-08-02 03:37:59 -------- d-----w- c:\program files\Safe Saver2013-08-02 03:37:51 -------- d-----w- c:\documents and settings\all users\application data\FitbitConnect2013-08-02 03:37:50 -------- d-----w- c:\program files\Fitbit Connect2013-08-01 23:42:40 580712 ------w- c:\windows\system32\HPDiscoPM5D12.dll2013-08-01 23:42:38 496016 ----a-w- c:\windows\system32\HPWia1_OJ6600.dll2013-08-01 23:42:38 1979280 ----a-w- c:\windows\system32\HPScanTRDrv_OJ6600.dll2013-08-01 23:42:34 529296 ----a-w- c:\windows\system32\hpinksts5D12.dll2013-08-01 23:42:34 269200 ----a-w- c:\windows\system32\hpinksts5D12LM.dll2013-08-01 23:42:34 2216848 ----a-w- c:\windows\system32\hpinkins5D12.exe2013-08-01 23:42:34 221072 ----a-w- c:\windows\system32\hpinkcoi5D12.dll.==================== Find3M ====================.2013-06-23 17:28:23 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll2013-06-23 17:28:21 867240 ----a-w- c:\windows\system32\npDeployJava1.dll2013-06-23 17:28:21 789416 ----a-w- c:\windows\system32\deployJava1.dll2013-06-23 17:28:21 144896 ----a-w- c:\windows\system32\javacpl.cpl.============= FINISH: 9:26:43.46 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows XP ProfessionalBoot Device: \Device\HarddiskVolume1Install Date: 5/7/2005 11:24:05 AMSystem Uptime: 8/14/2013 10:13:09 AM (23 hours ago).Motherboard: Dell Inc. | | 0M277CProcessor: Intel® Core2 Duo CPU T5870 @ 2.00GHz | U2E1 | 1576/800mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 60 GiB total, 20.109 GiB free.D: is FIXED (NTFS) - 89 GiB total, 40.545 GiB free.E: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP1013: 5/17/2013 8:43:41 PM - System CheckpointRP1014: 5/18/2013 9:35:29 PM - System CheckpointRP1015: 5/19/2013 10:54:59 PM - System CheckpointRP1016: 5/20/2013 11:34:23 PM - System CheckpointRP1017: 5/21/2013 11:34:35 PM - System CheckpointRP1018: 5/23/2013 12:00:04 AM - System CheckpointRP1019: 5/24/2013 12:16:28 AM - System CheckpointRP1020: 5/25/2013 1:00:04 AM - System CheckpointRP1021: 5/26/2013 2:00:04 AM - System CheckpointRP1022: 5/27/2013 3:00:04 AM - System CheckpointRP1023: 5/28/2013 4:00:04 AM - System CheckpointRP1024: 5/29/2013 5:00:04 AM - System CheckpointRP1025: 5/30/2013 5:57:17 AM - System CheckpointRP1026: 5/31/2013 6:57:17 AM - System CheckpointRP1027: 6/1/2013 7:57:17 AM - System CheckpointRP1028: 6/2/2013 8:57:17 AM - System CheckpointRP1029: 6/3/2013 9:08:18 AM - System CheckpointRP1030: 6/4/2013 9:57:17 AM - System CheckpointRP1031: 6/5/2013 9:57:32 AM - System CheckpointRP1032: 6/6/2013 10:40:08 AM - System CheckpointRP1033: 6/7/2013 12:29:22 PM - System CheckpointRP1034: 6/8/2013 12:41:12 PM - System CheckpointRP1035: 6/10/2013 12:14:51 AM - System CheckpointRP1036: 6/11/2013 12:48:53 AM - System CheckpointRP1037: 6/12/2013 1:21:29 AM - System CheckpointRP1038: 6/13/2013 1:21:40 AM - System CheckpointRP1039: 6/14/2013 2:21:40 AM - System CheckpointRP1040: 6/15/2013 3:59:23 PM - System CheckpointRP1041: 6/16/2013 4:59:09 PM - System CheckpointRP1042: 6/17/2013 7:37:12 PM - System CheckpointRP1043: 6/18/2013 7:59:09 PM - System CheckpointRP1044: 6/19/2013 8:59:09 PM - System CheckpointRP1045: 6/20/2013 9:59:09 PM - System CheckpointRP1046: 6/21/2013 10:57:36 PM - System CheckpointRP1047: 6/22/2013 11:10:21 PM - System CheckpointRP1048: 6/23/2013 1:03:21 PM - Installed Catalina Savings Printer.RP1049: 6/23/2013 1:28:12 PM - Installed Java 7 Update 25RP1050: 6/24/2013 1:57:35 PM - System CheckpointRP1051: 6/25/2013 2:57:35 PM - System CheckpointRP1052: 6/26/2013 5:20:32 PM - System CheckpointRP1053: 6/27/2013 5:57:34 PM - System CheckpointRP1054: 6/28/2013 8:09:24 PM - System CheckpointRP1055: 6/29/2013 9:06:53 PM - System CheckpointRP1056: 6/30/2013 9:47:23 PM - System CheckpointRP1057: 7/1/2013 10:47:22 PM - System CheckpointRP1058: 7/2/2013 11:47:22 PM - System CheckpointRP1059: 7/4/2013 12:47:23 AM - System CheckpointRP1060: 7/5/2013 1:47:22 AM - System CheckpointRP1061: 7/6/2013 9:54:55 AM - System CheckpointRP1062: 7/7/2013 10:09:26 AM - System CheckpointRP1063: 7/8/2013 11:17:39 AM - System CheckpointRP1064: 7/9/2013 12:03:10 PM - System CheckpointRP1065: 7/10/2013 12:50:18 PM - System CheckpointRP1066: 7/11/2013 2:00:00 PM - System CheckpointRP1067: 7/12/2013 2:03:27 PM - System CheckpointRP1068: 7/13/2013 2:03:37 PM - System CheckpointRP1069: 7/14/2013 2:20:29 PM - System CheckpointRP1070: 7/15/2013 2:26:41 PM - System CheckpointRP1071: 7/16/2013 3:32:11 PM - System CheckpointRP1072: 7/17/2013 3:35:02 PM - System CheckpointRP1073: 7/18/2013 4:05:06 PM - System CheckpointRP1074: 7/19/2013 5:06:10 PM - System CheckpointRP1075: 7/20/2013 6:05:05 PM - System CheckpointRP1076: 7/21/2013 6:46:06 PM - System CheckpointRP1077: 7/22/2013 7:39:38 PM - System CheckpointRP1078: 7/23/2013 7:56:31 PM - System CheckpointRP1079: 7/24/2013 8:18:07 PM - System CheckpointRP1080: 7/25/2013 8:38:33 PM - System CheckpointRP1081: 7/26/2013 8:39:38 PM - System CheckpointRP1082: 7/27/2013 9:58:06 PM - System CheckpointRP1083: 7/28/2013 10:38:48 PM - System CheckpointRP1084: 7/29/2013 11:38:48 PM - System CheckpointRP1085: 7/31/2013 12:38:49 AM - System CheckpointRP1086: 8/1/2013 1:36:18 AM - System CheckpointRP1087: 8/1/2013 6:57:38 PM - Removed HP Update.RP1088: 8/2/2013 7:32:02 PM - System CheckpointRP1089: 8/2/2013 9:29:53 PM - Removed Desktop DoctorRP1090: 8/2/2013 9:31:26 PM - Removed FlipShareRP1091: 8/3/2013 9:39:56 PM - System CheckpointRP1092: 8/4/2013 10:08:33 PM - System CheckpointRP1093: 8/5/2013 11:08:34 PM - System CheckpointRP1094: 8/6/2013 11:48:15 PM - System CheckpointRP1095: 8/8/2013 12:44:16 AM - System CheckpointRP1096: 8/9/2013 12:58:30 AM - System CheckpointRP1097: 8/10/2013 1:35:12 AM - System CheckpointRP1098: 8/11/2013 2:35:11 AM - System CheckpointRP1099: 8/12/2013 3:35:10 AM - System CheckpointRP1100: 8/13/2013 4:13:04 AM - System CheckpointRP1101: 8/14/2013 5:13:03 AM - System CheckpointRP1102: 8/15/2013 5:17:14 AM - System Checkpoint.==== Installed Programs ======================.2007 Microsoft Office Suite Service Pack 2 (SP2)32 Bit HP CIO Components Installer3DVIA player 5.03ivx MPEG-4 5.0.3 (remove only)Adobe AIRAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader 9Apple Application SupportApple Mobile Device SupportApple Software UpdateAutodesk Inventor Plug-In 8.0Autodesk Volo View 3.0AutoDWG DWG to PDF ConverterBonjourbpd_scanCatalina Savings PrinterCCleanerDAEMON ToolsDell Wireless WLAN Card UtilityDeviceFunctionQFolderDraftSightDropboxFitbit ConnectGoogle ChromeGoogle EarthGoogle Update HelperHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Windows XP (KB915800-v4)Hotfix for Windows XP (KB952287)Hotfix for Windows XP (KB954550-v5)Hotfix for Windows XP (KB961118)Hotfix for Windows XP (KB981793)HP Officejet 6600 Basic Device SoftwareHP Officejet 6600 HelpHP Officejet 6600 Product Improvement StudyHP UpdateHPProductAssistantHTC Driver InstallerI.R.I.S. OCRInstantShareAlertIntel® Graphics Media Accelerator DriveriTunesToAndroidJava 7 Update 25Java Auto UpdaterJava 6 Update 20LogMeInMalwarebytes Anti-Malware version 1.75.0.1300McAfee Security Scan PlusMicrosoft .NET Framework 1.1Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft .NET Framework 4 Client ProfileMicrosoft Base Smart Card Cryptographic Service Provider PackageMicrosoft Internationalized Domain Names Mitigation APIsMicrosoft Kernel-Mode Driver Framework Feature Pack 1.7Microsoft National Language Support Downlevel APIsMicrosoft Office 2007 Primary Interop AssembliesMicrosoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Enterprise 2007Microsoft Office Excel MUI (English) 2007Microsoft Office Groove MUI (English) 2007Microsoft Office Groove Setup Metadata MUI (English) 2007Microsoft Office InfoPath MUI (English) 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Word MUI (English) 2007Microsoft SilverlightMicrosoft Software Update for Web Folders (English) 12Microsoft User-Mode Driver Framework Feature Pack 1.0Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual Studio 2005 Tools for Office RuntimeMozilla Firefox (3.6.28)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP2 Parser and SDKNero 7 DemoNorton Security ScanO2Micro Flash Memory Card Reader Driver (x86)Octoshape Streaming ServicesPicaboo XPicasa 3QuickBooksQuickBooks Premier: Accountant Edition 2010QuickTimeReading ReadinessREALTEK GbE & FE Ethernet PCI-E NIC DriverRealtek High Definition Audio DriverSafe SaverSecurity Update for 2007 Microsoft Office System (KB969559)Security Update for 2007 Microsoft Office System (KB976321)Security Update for 2007 Microsoft Office System (KB982312)Security Update for 2007 Microsoft Office System (KB982331)Security Update for Microsoft Office Excel 2007 (KB982308)Security Update for Microsoft Office InfoPath 2007 (KB979441)Security Update for Microsoft Office Outlook 2007 (KB972363)Security Update for Microsoft Office PowerPoint 2007 (KB982158)Security Update for Microsoft Office Publisher 2007 (KB982124)Security Update for Microsoft Office system 2007 (972581)Security Update for Microsoft Office system 2007 (KB969613)Security Update for Microsoft Office system 2007 (KB974234)Security Update for Microsoft Office Visio Viewer 2007 (KB973709)Security Update for Microsoft Office Word 2007 (KB982135)Security Update for Windows Internet Explorer 7 (KB938127-v2)Security Update for Windows Internet Explorer 7 (KB982381)Security Update for Windows Media Player (KB952069)Security Update for Windows Media Player (KB954155)Security Update for Windows Media Player (KB973540)Security Update for Windows Media Player (KB978695)Security Update for Windows Media Player (KB979402)Security Update for Windows Search 4 - KB963093Security Update for Windows XP (KB923561)Security Update for Windows XP (KB923789)Security Update for Windows XP (KB946648)Security Update for Windows XP (KB950760)Security Update for Windows XP (KB950762)Security Update for Windows XP (KB950974)Security Update for Windows XP (KB951376-v2)Security Update for Windows XP (KB951748)Security Update for Windows XP (KB952004)Security Update for Windows XP (KB952954)Security Update for Windows XP (KB954459)Security Update for Windows XP (KB955069)Security Update for Windows XP (KB956572)Security Update for Windows XP (KB956744)Security Update for Windows XP (KB956802)Security Update for Windows XP (KB956803)Security Update for Windows XP (KB956844)Security Update for Windows XP (KB958644)Security Update for Windows XP (KB958869)Security Update for Windows XP (KB959426)Security Update for Windows XP (KB960225)Security Update for Windows XP (KB960803)Security Update for Windows XP (KB960859)Security Update for Windows XP (KB961501)Security Update for Windows XP (KB969059)Security Update for Windows XP (KB970238)Security Update for Windows XP (KB970430)Security Update for Windows XP (KB971468)Security Update for Windows XP (KB971657)Security Update for Windows XP (KB971961)Security Update for Windows XP (KB972270)Security Update for Windows XP (KB973507)Security Update for Windows XP (KB973869)Security Update for Windows XP (KB973904)Security Update for Windows XP (KB974112)Security Update for Windows XP (KB974318)Security Update for Windows XP (KB974392)Security Update for Windows XP (KB974571)Security Update for Windows XP (KB975025)Security Update for Windows XP (KB975467)Security Update for Windows XP (KB975560)Security Update for Windows XP (KB975561)Security Update for Windows XP (KB975562)Security Update for Windows XP (KB975713)Security Update for Windows XP (KB977816)Security Update for Windows XP (KB977914)Security Update for Windows XP (KB978037)Security Update for Windows XP (KB978338)Security Update for Windows XP (KB978542)Security Update for Windows XP (KB978601)Security Update for Windows XP (KB978706)Security Update for Windows XP (KB979309)Security Update for Windows XP (KB979482)Security Update for Windows XP (KB979559)Security Update for Windows XP (KB979683)Security Update for Windows XP (KB980195)Security Update for Windows XP (KB980218)Security Update for Windows XP (KB980232)Security Update for Windows XP (KB981349)Security Update for Windows XP (KB982381)SmileboxSprint Desktop SyncSUPERAntiSpywareSynaptics Pointing Device DriverToolboxUnity Web PlayerUnloadUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office Access 2007 Help (KB963663)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Infopath 2007 Help (KB963662)Update for Microsoft Office OneNote 2007 (KB980729)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)Update for Microsoft Windows (KB971513)Update for Outlook 2007 Junk Email Filter (kb983486)Update for Windows XP (KB898461)Update for Windows XP (KB951978)Update for Windows XP (KB955759)Update for Windows XP (KB967715)Update for Windows XP (KB968389)Update for Windows XP (KB971737)Update for Windows XP (KB973687)Update for Windows XP (KB973815)Web Assistant version 2.0.0.612WebExWebFldrs XPWindows Feature Pack for Storage (32-bit) - IMAPI update for Blu-RayWindows Genuine Advantage Validation Tool (KB892130)Windows Internet Explorer 7Windows Live ID Sign-in AssistantWindows Media Format 11 runtimeWindows Media Player 10Windows Search 4.0Windows XP Service Pack 3.==== Event Viewer Messages From Past Week ========.8/8/2013 8:27:51 AM, error: Dhcp [1002] - The IP address lease 192.168.1.108 for the Network Card with network address 001FE1D061AB has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).8/8/2013 4:54:57 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.8/8/2013 11:44:37 PM, error: WPDMTPDriver [15300] - MTP WPD Driver has failed to start. Error 0x80070005.8/8/2013 10:38:27 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip8/8/2013 10:38:27 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.8/8/2013 10:38:27 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.8/8/2013 10:38:27 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.8/8/2013 10:38:27 AM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.8/8/2013 10:38:27 AM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.8/8/2013 1:02:26 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}8/8/2013 1:02:15 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}.==== End Of File =========================== The report from Roguekiller, where would I find it on my desktop. I found a folder labeled RK_Quarintine. Opened the folder and found a .dat file, but could not open it. Is this the file you are needing? Thanks a lot. Chris
  7. Hello. I routinely run Malwarebytes and I keep getting some kind of "PUP" virus... It removes the virus, but when I run malwarebytes again, it shows up again. Here is the log generated on my most recent scan: Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.08.14.01 Windows XP Service Pack 3 x86 NTFSInternet Explorer 7.0.5730.13Heywang :: HAYWANG_LAPTOP [administrator] 8/14/2013 8:32:46 AMmbam-log-2013-08-14 (08-32-46).txt Scan type: Full scan (C:\|D:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 330334Time elapsed: 1 hour(s), 15 minute(s), 45 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 5HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311321154} (PUP.Optional.CrossRider) -> Quarantined and deleted successfully.HKCR\CLSID\{11111111-1111-1111-1111-110311321154} (PUP.Optional.CrossRider) -> Quarantined and deleted successfully.HKCR\TypeLib\{44444444-4444-4444-4444-440344324454} (PUP.Optional.CrossRider) -> Quarantined and deleted successfully.HKCR\Interface\{55555555-5555-5555-5555-550355325554} (PUP.Optional.CrossRider) -> Quarantined and deleted successfully.HKCR\CrossriderApp0033254.BHO.1 (PUP.Optional.CrossRider) -> Quarantined and deleted successfully. Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 2D:\My Documents\Downloads\Setup.exe (PUP.Optional.Solimba) -> Quarantined and deleted successfully.C:\Program Files\Safe Saver\Safe Saver-bho.dll (PUP.Optional.CrossRider) -> Quarantined and deleted successfully. (end) Suggestion on how to properly remove this virus? Thanks in advance for your help. Chris.
  8. Hello. I have some kind of PUP virus infected in my laptop. When I run AntiMalware, it clears it from my computer, but when I re-scan a day later, its back again. Here is the log of my most recent scan (this afternoon). Suggestion on how to remove it? Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.08.08.06 Windows XP Service Pack 3 x86 NTFSInternet Explorer 7.0.5730.13Heywang :: HAYWANG_LAPTOP [administrator] 8/8/2013 2:13:59 PMmbam-log-2013-08-08 (14-13-59).txt Scan type: Full scan (C:\|D:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 328408Time elapsed: 1 hour(s), 15 minute(s), 41 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 4HKCR\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} (PUP.Optional.Delta) -> Quarantined and deleted successfully.HKCR\esrv.deltaESrvc.1 (PUP.Optional.Delta) -> Quarantined and deleted successfully.HKCR\esrv.deltaESrvc (PUP.Optional.Delta) -> Quarantined and deleted successfully.HKCU\SOFTWARE\DELTA\DELTA (PUP.Optional.Delta) -> Quarantined and deleted successfully. Registry Values Detected: 1HKCU\SOFTWARE\Delta\Delta|tlbrSrchUrl (PUP.Optional.Delta) -> Data: -> Quarantined and deleted successfully. Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 1C:\Documents and Settings\Heywang\Application Data\Delta (PUP.Optional.Delta) -> Quarantined and deleted successfully. Files Detected: 2C:\Documents and Settings\Heywang\Local Settings\Temp\is1326335552\wajam_validate.exe (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.C:\Documents and Settings\Heywang\Application Data\Delta\sqlite3.dll (PUP.Optional.Delta) -> Quarantined and deleted successfully. (end) Thanks for your help. Chris
  9. 07:18:33.0625 3572 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44 07:18:34.0390 3572 ============================================================ 07:18:34.0390 3572 Current date / time: 2011/11/29 07:18:34.0390 07:18:34.0390 3572 SystemInfo: 07:18:34.0390 3572 07:18:34.0390 3572 OS Version: 5.1.2600 ServicePack: 3.0 07:18:34.0390 3572 Product type: Workstation 07:18:34.0390 3572 ComputerName: JESSICA_LAPTOP 07:18:34.0390 3572 UserName: Jessica 07:18:34.0390 3572 Windows directory: C:\WINDOWS 07:18:34.0390 3572 System windows directory: C:\WINDOWS 07:18:34.0390 3572 Processor architecture: Intel x86 07:18:34.0390 3572 Number of processors: 2 07:18:34.0390 3572 Page size: 0x1000 07:18:34.0390 3572 Boot type: Normal boot 07:18:34.0390 3572 ============================================================ 07:18:35.0906 3572 Initialize success 07:19:43.0828 1128 ============================================================ 07:19:43.0828 1128 Scan started 07:19:43.0828 1128 Mode: Manual; SigCheck; TDLFS; 07:19:43.0828 1128 ============================================================ 07:19:44.0234 1128 43838509 (186b54479d98e48aee0e9ada4b3c4d31) C:\WINDOWS\system32\DRIVERS\43838509.sys 07:19:44.0421 1128 43838509 - ok 07:19:44.0437 1128 Abiosdsk - ok 07:19:44.0437 1128 abp480n5 - ok 07:19:44.0484 1128 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 07:19:44.0984 1128 ACPI - ok 07:19:45.0093 1128 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 07:19:45.0234 1128 ACPIEC - ok 07:19:45.0234 1128 adpu160m - ok 07:19:45.0281 1128 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 07:19:45.0421 1128 aec - ok 07:19:45.0500 1128 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 07:19:45.0546 1128 AFD - ok 07:19:45.0562 1128 Aha154x - ok 07:19:45.0578 1128 aic78u2 - ok 07:19:45.0578 1128 aic78xx - ok 07:19:45.0593 1128 AliIde - ok 07:19:45.0593 1128 amsint - ok 07:19:45.0625 1128 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 07:19:45.0750 1128 Arp1394 - ok 07:19:45.0781 1128 asc - ok 07:19:45.0812 1128 asc3350p - ok 07:19:45.0828 1128 asc3550 - ok 07:19:45.0875 1128 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 07:19:45.0984 1128 AsyncMac - ok 07:19:46.0031 1128 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 07:19:46.0156 1128 atapi - ok 07:19:46.0187 1128 Atdisk - ok 07:19:46.0203 1128 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 07:19:46.0312 1128 Atmarpc - ok 07:19:46.0343 1128 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 07:19:46.0484 1128 audstub - ok 07:19:46.0593 1128 BCM43XX (37f385a93c620cbe0f89c17e45f697a1) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys 07:19:46.0718 1128 BCM43XX - ok 07:19:46.0781 1128 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 07:19:46.0906 1128 Beep - ok 07:19:47.0015 1128 catchme - ok 07:19:47.0078 1128 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 07:19:47.0203 1128 cbidf2k - ok 07:19:47.0265 1128 cd20xrnt - ok 07:19:47.0265 1128 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 07:19:47.0375 1128 Cdaudio - ok 07:19:47.0421 1128 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 07:19:47.0562 1128 Cdfs - ok 07:19:47.0609 1128 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 07:19:47.0734 1128 Cdrom - ok 07:19:47.0734 1128 Changer - ok 07:19:47.0812 1128 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 07:19:47.0921 1128 CmBatt - ok 07:19:47.0937 1128 CmdIde - ok 07:19:47.0953 1128 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 07:19:48.0078 1128 Compbatt - ok 07:19:48.0093 1128 Cpqarray - ok 07:19:48.0109 1128 dac2w2k - ok 07:19:48.0109 1128 dac960nt - ok 07:19:48.0140 1128 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 07:19:48.0250 1128 Disk - ok 07:19:48.0359 1128 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 07:19:48.0531 1128 dmboot - ok 07:19:48.0546 1128 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 07:19:48.0687 1128 dmio - ok 07:19:48.0718 1128 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 07:19:48.0828 1128 dmload - ok 07:19:48.0890 1128 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 07:19:49.0015 1128 DMusic - ok 07:19:49.0078 1128 dpti2o - ok 07:19:49.0093 1128 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 07:19:49.0203 1128 drmkaud - ok 07:19:49.0296 1128 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 07:19:49.0421 1128 Fastfat - ok 07:19:49.0453 1128 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 07:19:49.0578 1128 Fdc - ok 07:19:49.0609 1128 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 07:19:49.0734 1128 Fips - ok 07:19:49.0750 1128 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 07:19:49.0859 1128 Flpydisk - ok 07:19:49.0921 1128 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys 07:19:50.0031 1128 FltMgr - ok 07:19:50.0078 1128 FlyUsb (8efa9bfc940d9eb9348d9dafb839fe25) C:\WINDOWS\system32\DRIVERS\FlyUsb.sys 07:19:50.0125 1128 FlyUsb - ok 07:19:50.0156 1128 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 07:19:50.0281 1128 Fs_Rec - ok 07:19:50.0328 1128 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 07:19:50.0453 1128 Ftdisk - ok 07:19:50.0531 1128 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 07:19:50.0531 1128 GEARAspiWDM - ok 07:19:50.0609 1128 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 07:19:50.0718 1128 Gpc - ok 07:19:50.0781 1128 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 07:19:50.0890 1128 HDAudBus - ok 07:19:50.0953 1128 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 07:19:51.0062 1128 hidusb - ok 07:19:51.0078 1128 hpn - ok 07:19:51.0109 1128 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys 07:19:51.0171 1128 HPZid412 - ok 07:19:51.0234 1128 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 07:19:51.0281 1128 HPZipr12 - ok 07:19:51.0312 1128 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys 07:19:51.0359 1128 HPZius12 - ok 07:19:51.0406 1128 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys 07:19:51.0546 1128 HTTP - ok 07:19:51.0546 1128 i2omgmt - ok 07:19:51.0562 1128 i2omp - ok 07:19:51.0593 1128 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 07:19:51.0718 1128 i8042prt - ok 07:19:51.0937 1128 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 07:19:52.0250 1128 ialm - ok 07:19:52.0296 1128 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 07:19:52.0421 1128 Imapi - ok 07:19:52.0437 1128 ini910u - ok 07:19:52.0656 1128 IntcAzAudAddService (613a2b00da1d4a80de1ec8cfb52c0d89) C:\WINDOWS\system32\drivers\RtkHDAud.sys 07:19:52.0937 1128 IntcAzAudAddService - ok 07:19:53.0015 1128 IntelIde - ok 07:19:53.0078 1128 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys 07:19:53.0187 1128 intelppm - ok 07:19:53.0218 1128 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 07:19:53.0343 1128 Ip6Fw - ok 07:19:53.0375 1128 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 07:19:53.0484 1128 IpFilterDriver - ok 07:19:53.0515 1128 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 07:19:53.0640 1128 IpInIp - ok 07:19:53.0656 1128 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 07:19:53.0765 1128 IpNat - ok 07:19:53.0828 1128 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 07:19:53.0937 1128 IPSec - ok 07:19:54.0062 1128 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 07:19:54.0140 1128 IRENUM - ok 07:19:54.0187 1128 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 07:19:54.0296 1128 isapnp - ok 07:19:54.0359 1128 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 07:19:54.0468 1128 Kbdclass - ok 07:19:54.0531 1128 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 07:19:54.0656 1128 kmixer - ok 07:19:54.0734 1128 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys 07:19:54.0875 1128 KSecDD - ok 07:19:54.0890 1128 lbrtfdc - ok 07:19:54.0937 1128 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 07:19:55.0062 1128 mnmdd - ok 07:19:55.0093 1128 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 07:19:55.0203 1128 Modem - ok 07:19:55.0265 1128 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 07:19:55.0390 1128 Mouclass - ok 07:19:55.0421 1128 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys 07:19:55.0546 1128 mouhid - ok 07:19:55.0578 1128 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 07:19:55.0687 1128 MountMgr - ok 07:19:55.0750 1128 mraid35x - ok 07:19:55.0796 1128 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 07:19:55.0937 1128 MRxDAV - ok 07:19:55.0984 1128 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 07:19:56.0031 1128 MRxSmb - ok 07:19:56.0046 1128 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 07:19:56.0156 1128 Msfs - ok 07:19:56.0203 1128 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 07:19:56.0328 1128 MSKSSRV - ok 07:19:56.0359 1128 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 07:19:56.0468 1128 MSPCLOCK - ok 07:19:56.0578 1128 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 07:19:56.0703 1128 MSPQM - ok 07:19:56.0765 1128 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 07:19:56.0890 1128 mssmbios - ok 07:19:56.0937 1128 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 07:19:57.0046 1128 Mup - ok 07:19:57.0078 1128 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 07:19:57.0218 1128 NDIS - ok 07:19:57.0250 1128 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 07:19:57.0359 1128 NdisTapi - ok 07:19:57.0421 1128 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 07:19:57.0531 1128 Ndisuio - ok 07:19:57.0546 1128 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 07:19:57.0671 1128 NdisWan - ok 07:19:57.0703 1128 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys 07:19:57.0828 1128 NDProxy - ok 07:19:57.0875 1128 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 07:19:57.0984 1128 NetBIOS - ok 07:19:58.0015 1128 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 07:19:58.0140 1128 NetBT - ok 07:19:58.0203 1128 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 07:19:58.0312 1128 NIC1394 - ok 07:19:58.0359 1128 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 07:19:58.0484 1128 Npfs - ok 07:19:58.0515 1128 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 07:19:58.0671 1128 Ntfs - ok 07:19:58.0718 1128 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 07:19:58.0828 1128 Null - ok 07:19:58.0890 1128 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 07:19:59.0015 1128 NwlnkFlt - ok 07:19:59.0046 1128 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 07:19:59.0156 1128 NwlnkFwd - ok 07:19:59.0218 1128 O2MDRDR (948aefc4db1e6cc5a8d9fc5740aee392) C:\WINDOWS\system32\DRIVERS\o2media.sys 07:19:59.0218 1128 O2MDRDR - ok 07:19:59.0281 1128 O2SDRDR (5472c48f44b49f07b16b421899e550f8) C:\WINDOWS\system32\DRIVERS\o2sd.sys 07:19:59.0296 1128 O2SDRDR - ok 07:19:59.0343 1128 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 07:19:59.0468 1128 ohci1394 - ok 07:19:59.0531 1128 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys 07:19:59.0640 1128 Parport - ok 07:19:59.0671 1128 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 07:19:59.0781 1128 PartMgr - ok 07:19:59.0843 1128 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 07:20:00.0000 1128 ParVdm - ok 07:20:00.0062 1128 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 07:20:00.0187 1128 PCI - ok 07:20:00.0203 1128 PCIDump - ok 07:20:00.0234 1128 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys 07:20:00.0359 1128 PCIIde - ok 07:20:00.0390 1128 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys 07:20:00.0500 1128 Pcmcia - ok 07:20:00.0500 1128 PDCOMP - ok 07:20:00.0515 1128 PDFRAME - ok 07:20:00.0515 1128 PDRELI - ok 07:20:00.0531 1128 PDRFRAME - ok 07:20:00.0531 1128 perc2 - ok 07:20:00.0546 1128 perc2hib - ok 07:20:00.0609 1128 PLTurbh (7e32b692fcf44c3add10186b54111f29) C:\WINDOWS\system32\drivers\plturbh.sys 07:20:00.0609 1128 PLTurbh - ok 07:20:00.0625 1128 PLTurbo (8454c205ba53d22b5a34d9b2613859a9) C:\WINDOWS\system32\drivers\plturbo.sys 07:20:00.0625 1128 PLTurbo - ok 07:20:00.0671 1128 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 07:20:00.0812 1128 PptpMiniport - ok 07:20:00.0875 1128 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 07:20:01.0000 1128 PSched - ok 07:20:01.0046 1128 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 07:20:01.0171 1128 Ptilink - ok 07:20:01.0250 1128 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys 07:20:01.0265 1128 PxHelp20 - ok 07:20:01.0265 1128 ql1080 - ok 07:20:01.0281 1128 Ql10wnt - ok 07:20:01.0281 1128 ql12160 - ok 07:20:01.0296 1128 ql1240 - ok 07:20:01.0296 1128 ql1280 - ok 07:20:01.0328 1128 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 07:20:01.0453 1128 RasAcd - ok 07:20:01.0515 1128 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 07:20:01.0625 1128 Rasl2tp - ok 07:20:01.0671 1128 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 07:20:01.0781 1128 RasPppoe - ok 07:20:01.0812 1128 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 07:20:01.0921 1128 Raspti - ok 07:20:01.0953 1128 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 07:20:02.0078 1128 Rdbss - ok 07:20:02.0109 1128 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 07:20:02.0234 1128 RDPCDD - ok 07:20:02.0390 1128 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 07:20:02.0500 1128 rdpdr - ok 07:20:02.0562 1128 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 07:20:02.0687 1128 RDPWD - ok 07:20:02.0734 1128 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 07:20:02.0859 1128 redbook - ok 07:20:02.0921 1128 RTLE8023xp (89619ef503f949fae09252a8b883ee11) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys 07:20:02.0953 1128 RTLE8023xp - ok 07:20:03.0015 1128 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys 07:20:03.0140 1128 sdbus - ok 07:20:03.0156 1128 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 07:20:03.0234 1128 Secdrv - ok 07:20:03.0312 1128 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys 07:20:03.0437 1128 Serial - ok 07:20:03.0484 1128 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 07:20:03.0609 1128 Sfloppy - ok 07:20:03.0609 1128 Simbad - ok 07:20:03.0625 1128 Sparrow - ok 07:20:03.0671 1128 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 07:20:03.0781 1128 splitter - ok 07:20:03.0859 1128 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys 07:20:03.0859 1128 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b 07:20:03.0859 1128 sptd ( LockedFile.Multi.Generic ) - warning 07:20:03.0859 1128 sptd - detected LockedFile.Multi.Generic (1) 07:20:03.0890 1128 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 07:20:03.0968 1128 sr - ok 07:20:04.0015 1128 Srv (3bb03f2ba89d2be417206c373d2af17c) C:\WINDOWS\system32\DRIVERS\srv.sys 07:20:04.0078 1128 Srv - ok 07:20:04.0187 1128 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys 07:20:04.0296 1128 StillCam - ok 07:20:04.0375 1128 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 07:20:04.0500 1128 swenum - ok 07:20:04.0578 1128 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 07:20:04.0734 1128 swmidi - ok 07:20:04.0812 1128 swmsflt (ece0d311db07e0e8999133344876cc07) C:\WINDOWS\System32\drivers\swmsflt.sys 07:20:04.0859 1128 swmsflt - ok 07:20:05.0031 1128 SWMX00 (903a5e596a3910cebfa33f3bd7d9c174) C:\WINDOWS\system32\DRIVERS\swmx00.sys 07:20:05.0140 1128 SWMX00 - ok 07:20:05.0343 1128 SWNC5E00 (2f6f8b7f821c994de3d1caf399bf9cd3) C:\WINDOWS\system32\DRIVERS\SWNC5E00.sys 07:20:05.0406 1128 SWNC5E00 - ok 07:20:05.0453 1128 symc810 - ok 07:20:05.0546 1128 symc8xx - ok 07:20:05.0625 1128 sym_hi - ok 07:20:05.0625 1128 sym_u3 - ok 07:20:05.0703 1128 SynTP (f08667f79bbd339547f477c75c3ed0b9) C:\WINDOWS\system32\DRIVERS\SynTP.sys 07:20:05.0781 1128 SynTP - ok 07:20:05.0906 1128 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 07:20:06.0046 1128 sysaudio - ok 07:20:06.0265 1128 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 07:20:06.0375 1128 Tcpip - ok 07:20:06.0421 1128 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 07:20:06.0546 1128 TDPIPE - ok 07:20:06.0640 1128 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 07:20:06.0750 1128 TDTCP - ok 07:20:06.0781 1128 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 07:20:06.0890 1128 TermDD - ok 07:20:06.0890 1128 TosIde - ok 07:20:06.0953 1128 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 07:20:07.0062 1128 Udfs - ok 07:20:07.0078 1128 ultra - ok 07:20:07.0125 1128 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 07:20:07.0265 1128 Update - ok 07:20:07.0343 1128 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys 07:20:07.0375 1128 USBAAPL - ok 07:20:07.0500 1128 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 07:20:07.0609 1128 usbccgp - ok 07:20:07.0687 1128 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 07:20:07.0812 1128 usbehci - ok 07:20:07.0859 1128 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 07:20:07.0968 1128 usbhub - ok 07:20:08.0031 1128 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 07:20:08.0156 1128 usbprint - ok 07:20:08.0234 1128 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 07:20:08.0343 1128 usbscan - ok 07:20:08.0406 1128 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 07:20:08.0531 1128 USBSTOR - ok 07:20:08.0562 1128 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 07:20:08.0687 1128 usbuhci - ok 07:20:08.0734 1128 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 07:20:08.0843 1128 VgaSave - ok 07:20:08.0859 1128 ViaIde - ok 07:20:08.0921 1128 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 07:20:09.0046 1128 VolSnap - ok 07:20:09.0093 1128 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 07:20:09.0203 1128 Wanarp - ok 07:20:09.0218 1128 WDICA - ok 07:20:09.0265 1128 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 07:20:09.0390 1128 wdmaud - ok 07:20:09.0468 1128 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 07:20:09.0703 1128 WmiAcpi - ok 07:20:09.0750 1128 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 07:20:09.0984 1128 \Device\Harddisk0\DR0 - ok 07:20:09.0984 1128 Boot (0x1200) (8de8d046a37760cbb7ee6574b3f3d4dd) \Device\Harddisk0\DR0\Partition0 07:20:09.0984 1128 \Device\Harddisk0\DR0\Partition0 - ok 07:20:09.0984 1128 Boot (0x1200) (7a7d3f2b27226d4c33deafd1b52f96d1) \Device\Harddisk0\DR0\Partition1 07:20:09.0984 1128 \Device\Harddisk0\DR0\Partition1 - ok 07:20:09.0984 1128 ============================================================ 07:20:09.0984 1128 Scan finished 07:20:09.0984 1128 ============================================================ 07:20:10.0093 2144 Detected object count: 1 07:20:10.0093 2144 Actual detected object count: 1 07:20:26.0484 2144 sptd ( LockedFile.Multi.Generic ) - skipped by user 07:20:26.0500 2144 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 07:21:58.0125 3168 ============================================================ 07:21:58.0125 3168 Scan started 07:21:58.0125 3168 Mode: Manual; SigCheck; TDLFS; 07:21:58.0125 3168 ============================================================ 07:21:58.0484 3168 43838509 (186b54479d98e48aee0e9ada4b3c4d31) C:\WINDOWS\system32\DRIVERS\43838509.sys 07:21:58.0515 3168 43838509 - ok 07:21:58.0531 3168 Abiosdsk - ok 07:21:58.0531 3168 abp480n5 - ok 07:21:58.0593 3168 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 07:21:58.0796 3168 ACPI - ok 07:21:58.0812 3168 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 07:21:58.0953 3168 ACPIEC - ok 07:21:58.0968 3168 adpu160m - ok 07:21:59.0031 3168 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 07:21:59.0171 3168 aec - ok 07:21:59.0281 3168 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 07:21:59.0312 3168 AFD - ok 07:21:59.0343 3168 Aha154x - ok 07:21:59.0359 3168 aic78u2 - ok 07:21:59.0390 3168 aic78xx - ok 07:21:59.0406 3168 AliIde - ok 07:21:59.0437 3168 amsint - ok 07:21:59.0468 3168 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 07:21:59.0593 3168 Arp1394 - ok 07:21:59.0640 3168 asc - ok 07:21:59.0656 3168 asc3350p - ok 07:21:59.0671 3168 asc3550 - ok 07:21:59.0718 3168 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 07:21:59.0828 3168 AsyncMac - ok 07:21:59.0875 3168 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 07:21:59.0984 3168 atapi - ok 07:22:00.0000 3168 Atdisk - ok 07:22:00.0031 3168 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 07:22:00.0125 3168 Atmarpc - ok 07:22:00.0218 3168 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 07:22:00.0328 3168 audstub - ok 07:22:00.0453 3168 BCM43XX (37f385a93c620cbe0f89c17e45f697a1) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys 07:22:00.0531 3168 BCM43XX - ok 07:22:00.0609 3168 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 07:22:00.0718 3168 Beep - ok 07:22:00.0828 3168 catchme - ok 07:22:00.0890 3168 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 07:22:01.0015 3168 cbidf2k - ok 07:22:01.0078 3168 cd20xrnt - ok 07:22:01.0109 3168 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 07:22:01.0218 3168 Cdaudio - ok 07:22:01.0265 3168 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 07:22:01.0390 3168 Cdfs - ok 07:22:01.0437 3168 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 07:22:01.0578 3168 Cdrom - ok 07:22:01.0578 3168 Changer - ok 07:22:01.0640 3168 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 07:22:01.0750 3168 CmBatt - ok 07:22:01.0765 3168 CmdIde - ok 07:22:01.0765 3168 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 07:22:01.0890 3168 Compbatt - ok 07:22:01.0906 3168 Cpqarray - ok 07:22:01.0921 3168 dac2w2k - ok 07:22:01.0921 3168 dac960nt - ok 07:22:01.0953 3168 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 07:22:02.0078 3168 Disk - ok 07:22:02.0218 3168 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 07:22:02.0359 3168 dmboot - ok 07:22:02.0406 3168 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 07:22:02.0546 3168 dmio - ok 07:22:02.0578 3168 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 07:22:02.0671 3168 dmload - ok 07:22:02.0750 3168 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 07:22:02.0875 3168 DMusic - ok 07:22:02.0937 3168 dpti2o - ok 07:22:02.0968 3168 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 07:22:03.0062 3168 drmkaud - ok 07:22:03.0093 3168 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 07:22:03.0218 3168 Fastfat - ok 07:22:03.0281 3168 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 07:22:03.0406 3168 Fdc - ok 07:22:03.0453 3168 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 07:22:03.0562 3168 Fips - ok 07:22:03.0609 3168 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 07:22:03.0718 3168 Flpydisk - ok 07:22:03.0765 3168 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys 07:22:03.0859 3168 FltMgr - ok 07:22:03.0906 3168 FlyUsb (8efa9bfc940d9eb9348d9dafb839fe25) C:\WINDOWS\system32\DRIVERS\FlyUsb.sys 07:22:03.0937 3168 FlyUsb - ok 07:22:03.0953 3168 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 07:22:04.0046 3168 Fs_Rec - ok 07:22:04.0062 3168 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 07:22:04.0187 3168 Ftdisk - ok 07:22:04.0218 3168 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 07:22:04.0234 3168 GEARAspiWDM - ok 07:22:04.0281 3168 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 07:22:04.0406 3168 Gpc - ok 07:22:04.0468 3168 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 07:22:04.0578 3168 HDAudBus - ok 07:22:04.0703 3168 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 07:22:04.0828 3168 hidusb - ok 07:22:04.0859 3168 hpn - ok 07:22:04.0921 3168 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys 07:22:04.0953 3168 HPZid412 - ok 07:22:05.0000 3168 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 07:22:05.0031 3168 HPZipr12 - ok 07:22:05.0109 3168 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys 07:22:05.0125 3168 HPZius12 - ok 07:22:05.0171 3168 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys 07:22:05.0296 3168 HTTP - ok 07:22:05.0328 3168 i2omgmt - ok 07:22:05.0328 3168 i2omp - ok 07:22:05.0375 3168 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 07:22:05.0500 3168 i8042prt - ok 07:22:05.0671 3168 ialm (48846b31be5a4fa662ccfde7a1ba86b9) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 07:22:05.0875 3168 ialm - ok 07:22:05.0968 3168 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 07:22:06.0078 3168 Imapi - ok 07:22:06.0093 3168 ini910u - ok 07:22:06.0265 3168 IntcAzAudAddService (613a2b00da1d4a80de1ec8cfb52c0d89) C:\WINDOWS\system32\drivers\RtkHDAud.sys 07:22:06.0437 3168 IntcAzAudAddService - ok 07:22:06.0437 3168 IntelIde - ok 07:22:06.0484 3168 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys 07:22:06.0609 3168 intelppm - ok 07:22:06.0625 3168 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 07:22:06.0734 3168 Ip6Fw - ok 07:22:06.0828 3168 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 07:22:06.0953 3168 IpFilterDriver - ok 07:22:06.0984 3168 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 07:22:07.0109 3168 IpInIp - ok 07:22:07.0125 3168 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 07:22:07.0234 3168 IpNat - ok 07:22:07.0296 3168 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 07:22:07.0406 3168 IPSec - ok 07:22:07.0437 3168 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 07:22:07.0515 3168 IRENUM - ok 07:22:07.0625 3168 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 07:22:07.0750 3168 isapnp - ok 07:22:07.0812 3168 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 07:22:07.0921 3168 Kbdclass - ok 07:22:07.0984 3168 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 07:22:08.0109 3168 kmixer - ok 07:22:08.0125 3168 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys 07:22:08.0250 3168 KSecDD - ok 07:22:08.0265 3168 lbrtfdc - ok 07:22:08.0359 3168 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 07:22:08.0468 3168 mnmdd - ok 07:22:08.0593 3168 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 07:22:08.0703 3168 Modem - ok 07:22:08.0796 3168 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 07:22:08.0921 3168 Mouclass - ok 07:22:08.0953 3168 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys 07:22:09.0093 3168 mouhid - ok 07:22:09.0265 3168 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 07:22:09.0390 3168 MountMgr - ok 07:22:09.0421 3168 mraid35x - ok 07:22:09.0453 3168 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 07:22:09.0562 3168 MRxDAV - ok 07:22:09.0796 3168 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 07:22:09.0828 3168 MRxSmb - ok 07:22:09.0906 3168 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 07:22:10.0046 3168 Msfs - ok 07:22:10.0234 3168 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 07:22:10.0375 3168 MSKSSRV - ok 07:22:10.0406 3168 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 07:22:10.0531 3168 MSPCLOCK - ok 07:22:10.0687 3168 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 07:22:10.0812 3168 MSPQM - ok 07:22:10.0890 3168 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 07:22:11.0000 3168 mssmbios - ok 07:22:11.0046 3168 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 07:22:11.0140 3168 Mup - ok 07:22:11.0218 3168 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 07:22:11.0328 3168 NDIS - ok 07:22:11.0390 3168 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 07:22:11.0500 3168 NdisTapi - ok 07:22:11.0562 3168 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 07:22:11.0687 3168 Ndisuio - ok 07:22:11.0734 3168 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 07:22:11.0859 3168 NdisWan - ok 07:22:11.0875 3168 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys 07:22:12.0000 3168 NDProxy - ok 07:22:12.0062 3168 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 07:22:12.0171 3168 NetBIOS - ok 07:22:12.0203 3168 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 07:22:12.0312 3168 NetBT - ok 07:22:12.0375 3168 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 07:22:12.0500 3168 NIC1394 - ok 07:22:12.0562 3168 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 07:22:12.0671 3168 Npfs - ok 07:22:12.0703 3168 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 07:22:12.0843 3168 Ntfs - ok 07:22:12.0906 3168 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 07:22:13.0031 3168 Null - ok 07:22:13.0062 3168 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 07:22:13.0187 3168 NwlnkFlt - ok 07:22:13.0203 3168 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 07:22:13.0312 3168 NwlnkFwd - ok 07:22:13.0359 3168 O2MDRDR (948aefc4db1e6cc5a8d9fc5740aee392) C:\WINDOWS\system32\DRIVERS\o2media.sys 07:22:13.0359 3168 O2MDRDR - ok 07:22:13.0390 3168 O2SDRDR (5472c48f44b49f07b16b421899e550f8) C:\WINDOWS\system32\DRIVERS\o2sd.sys 07:22:13.0406 3168 O2SDRDR - ok 07:22:13.0484 3168 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 07:22:13.0593 3168 ohci1394 - ok 07:22:13.0703 3168 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys 07:22:13.0812 3168 Parport - ok 07:22:13.0812 3168 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 07:22:13.0937 3168 PartMgr - ok 07:22:13.0968 3168 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 07:22:14.0078 3168 ParVdm - ok 07:22:14.0109 3168 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 07:22:14.0218 3168 PCI - ok 07:22:14.0250 3168 PCIDump - ok 07:22:14.0265 3168 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys 07:22:14.0375 3168 PCIIde - ok 07:22:14.0437 3168 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys 07:22:14.0531 3168 Pcmcia - ok 07:22:14.0546 3168 PDCOMP - ok 07:22:14.0546 3168 PDFRAME - ok 07:22:14.0562 3168 PDRELI - ok 07:22:14.0562 3168 PDRFRAME - ok 07:22:14.0578 3168 perc2 - ok 07:22:14.0578 3168 perc2hib - ok 07:22:14.0640 3168 PLTurbh (7e32b692fcf44c3add10186b54111f29) C:\WINDOWS\system32\drivers\plturbh.sys 07:22:14.0656 3168 PLTurbh - ok 07:22:14.0718 3168 PLTurbo (8454c205ba53d22b5a34d9b2613859a9) C:\WINDOWS\system32\drivers\plturbo.sys 07:22:14.0734 3168 PLTurbo - ok 07:22:14.0828 3168 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 07:22:14.0937 3168 PptpMiniport - ok 07:22:14.0937 3168 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 07:22:15.0062 3168 PSched - ok 07:22:15.0093 3168 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 07:22:15.0203 3168 Ptilink - ok 07:22:15.0265 3168 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys 07:22:15.0281 3168 PxHelp20 - ok 07:22:15.0281 3168 ql1080 - ok 07:22:15.0296 3168 Ql10wnt - ok 07:22:15.0312 3168 ql12160 - ok 07:22:15.0312 3168 ql1240 - ok 07:22:15.0328 3168 ql1280 - ok 07:22:15.0343 3168 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 07:22:15.0468 3168 RasAcd - ok 07:22:15.0468 3168 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 07:22:15.0578 3168 Rasl2tp - ok 07:22:15.0609 3168 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 07:22:15.0734 3168 RasPppoe - ok 07:22:15.0750 3168 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 07:22:15.0859 3168 Raspti - ok 07:22:15.0921 3168 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 07:22:16.0046 3168 Rdbss - ok 07:22:16.0078 3168 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 07:22:16.0203 3168 RDPCDD - ok 07:22:16.0296 3168 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 07:22:16.0406 3168 rdpdr - ok 07:22:16.0468 3168 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 07:22:16.0593 3168 RDPWD - ok 07:22:16.0609 3168 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 07:22:16.0734 3168 redbook - ok 07:22:16.0812 3168 RTLE8023xp (89619ef503f949fae09252a8b883ee11) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys 07:22:16.0843 3168 RTLE8023xp - ok 07:22:16.0906 3168 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys 07:22:17.0031 3168 sdbus - ok 07:22:17.0093 3168 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 07:22:17.0171 3168 Secdrv - ok 07:22:17.0234 3168 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys 07:22:17.0343 3168 Serial - ok 07:22:17.0390 3168 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 07:22:17.0515 3168 Sfloppy - ok 07:22:17.0546 3168 Simbad - ok 07:22:17.0578 3168 Sparrow - ok 07:22:17.0640 3168 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 07:22:17.0734 3168 splitter - ok 07:22:17.0812 3168 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys 07:22:17.0812 3168 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b 07:22:17.0812 3168 sptd ( LockedFile.Multi.Generic ) - warning 07:22:17.0812 3168 sptd - detected LockedFile.Multi.Generic (1) 07:22:17.0843 3168 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 07:22:17.0937 3168 sr - ok 07:22:17.0984 3168 Srv (3bb03f2ba89d2be417206c373d2af17c) C:\WINDOWS\system32\DRIVERS\srv.sys 07:22:18.0031 3168 Srv - ok 07:22:18.0109 3168 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys 07:22:18.0203 3168 StillCam - ok 07:22:18.0265 3168 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 07:22:18.0390 3168 swenum - ok 07:22:18.0468 3168 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 07:22:18.0578 3168 swmidi - ok 07:22:18.0625 3168 swmsflt (ece0d311db07e0e8999133344876cc07) C:\WINDOWS\System32\drivers\swmsflt.sys 07:22:18.0625 3168 swmsflt - ok 07:22:18.0656 3168 SWMX00 (903a5e596a3910cebfa33f3bd7d9c174) C:\WINDOWS\system32\DRIVERS\swmx00.sys 07:22:18.0687 3168 SWMX00 - ok 07:22:18.0750 3168 SWNC5E00 (2f6f8b7f821c994de3d1caf399bf9cd3) C:\WINDOWS\system32\DRIVERS\SWNC5E00.sys 07:22:18.0781 3168 SWNC5E00 - ok 07:22:18.0812 3168 symc810 - ok 07:22:18.0828 3168 symc8xx - ok 07:22:18.0843 3168 sym_hi - ok 07:22:18.0890 3168 sym_u3 - ok 07:22:18.0953 3168 SynTP (f08667f79bbd339547f477c75c3ed0b9) C:\WINDOWS\system32\DRIVERS\SynTP.sys 07:22:18.0968 3168 SynTP - ok 07:22:19.0015 3168 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 07:22:19.0140 3168 sysaudio - ok 07:22:19.0234 3168 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 07:22:19.0296 3168 Tcpip - ok 07:22:19.0375 3168 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 07:22:19.0484 3168 TDPIPE - ok 07:22:19.0546 3168 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 07:22:19.0671 3168 TDTCP - ok 07:22:19.0687 3168 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 07:22:19.0781 3168 TermDD - ok 07:22:19.0796 3168 TosIde - ok 07:22:19.0859 3168 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 07:22:19.0968 3168 Udfs - ok 07:22:20.0000 3168 ultra - ok 07:22:20.0062 3168 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 07:22:20.0203 3168 Update - ok 07:22:20.0281 3168 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys 07:22:20.0296 3168 USBAAPL - ok 07:22:20.0375 3168 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 07:22:20.0484 3168 usbccgp - ok 07:22:20.0546 3168 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 07:22:20.0671 3168 usbehci - ok 07:22:20.0718 3168 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 07:22:20.0828 3168 usbhub - ok 07:22:20.0890 3168 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 07:22:21.0015 3168 usbprint - ok 07:22:21.0093 3168 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 07:22:21.0203 3168 usbscan - ok 07:22:21.0281 3168 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 07:22:21.0390 3168 USBSTOR - ok 07:22:21.0421 3168 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 07:22:21.0546 3168 usbuhci - ok 07:22:21.0625 3168 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 07:22:21.0718 3168 VgaSave - ok 07:22:21.0734 3168 ViaIde - ok 07:22:21.0812 3168 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 07:22:21.0937 3168 VolSnap - ok 07:22:22.0000 3168 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 07:22:22.0109 3168 Wanarp - ok 07:22:22.0125 3168 WDICA - ok 07:22:22.0171 3168 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 07:22:22.0281 3168 wdmaud - ok 07:22:22.0406 3168 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 07:22:22.0531 3168 WmiAcpi - ok 07:22:22.0578 3168 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 07:22:22.0859 3168 \Device\Harddisk0\DR0 - ok 07:22:22.0859 3168 Boot (0x1200) (8de8d046a37760cbb7ee6574b3f3d4dd) \Device\Harddisk0\DR0\Partition0 07:22:22.0859 3168 \Device\Harddisk0\DR0\Partition0 - ok 07:22:22.0859 3168 Boot (0x1200) (7a7d3f2b27226d4c33deafd1b52f96d1) \Device\Harddisk0\DR0\Partition1 07:22:22.0859 3168 \Device\Harddisk0\DR0\Partition1 - ok 07:22:22.0859 3168 ============================================================ 07:22:22.0859 3168 Scan finished 07:22:22.0859 3168 ============================================================ 07:22:22.0875 3848 Detected object count: 1 07:22:22.0875 3848 Actual detected object count: 1 07:24:10.0687 3848 sptd ( LockedFile.Multi.Generic ) - skipped by user 07:24:10.0687 3848 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
  10. After 8 hours of scanning.......avz_sysinfo.htm avz_sysinfo.xml I attached the 2 files.( I think). Let me know if you do not see them. Thanks again for your help.
  11. Status: Disinfected (events: 10) 11/28/2011 12:08:50 AM Disinfected Trojan program Exploit.Java.CVE-2010-0840.fb C:\Documents and Settings\NetworkService\Application Data\Sun\Java\Deployment\cache\6.0\33\3002e1-327540d2 High 11/28/2011 12:08:50 AM Disinfected Trojan program Exploit.Java.CVE-2010-0840.fb C:\Documents and Settings\NetworkService\Application Data\Sun\Java\Deployment\cache\6.0\33\3002e1-327540d2/photo/Zoom.class High 11/28/2011 12:08:50 AM Disinfected Trojan program Exploit.Java.CVE-2010-0840.fb C:\Documents and Settings\NetworkService\Application Data\Sun\Java\Deployment\cache\6.0\60\296df4bc-6c0c0003 High 11/28/2011 12:08:50 AM Disinfected Trojan program Exploit.Java.CVE-2010-0840.fb C:\Documents and Settings\NetworkService\Application Data\Sun\Java\Deployment\cache\6.0\60\296df4bc-6c0c0003/photo/Zoom.class High 11/28/2011 10:58:22 AM Disinfected Trojan program Rootkit.Win32.ZAccess.k c:\WINDOWS\system32\drivers\cdrom.sys High 11/28/2011 11:00:30 AM Disinfected Trojan program Rootkit.Boot.SST.a \Device\Harddisk0\DR0 High 11/28/2011 5:55:35 PM Disinfected Trojan program Exploit.Java.CVE-2010-0840.fb C:\Documents and Settings\NetworkService\Application Data\Sun\Java\Deployment\cache\6.0\12\25d8ad0c-4cda681b High 11/28/2011 5:55:35 PM Disinfected Trojan program Exploit.Java.CVE-2010-0840.fb C:\Documents and Settings\NetworkService\Application Data\Sun\Java\Deployment\cache\6.0\12\25d8ad0c-4cda681b/photo/Zoom.class High 11/28/2011 6:55:49 PM Disinfected Trojan program Exploit.Java.CVE-2010-0840.fb C:\WINDOWS\Temp\jar_cache1610670652460347927.tmp High 11/28/2011 6:55:49 PM Disinfected Trojan program Exploit.Java.CVE-2010-0840.fb C:\WINDOWS\Temp\jar_cache1610670652460347927.tmp/photo/Zoom.class High Status: Deleted (events: 33) 11/28/2011 12:09:17 AM Deleted Trojan program Trojan.Win32.Vilsel.bfdu C:\Documents and Settings\NetworkService\Application Data\Sun\Java\Deployment\cache\6.0\4\1468ac44-22a172f0 High 11/28/2011 6:13:59 AM Deleted unknown threat UDS:DangerousObject.Multi.Generic C:\Documents and Settings\NetworkService\Application Data\Sun\Java\Deployment\cache\6.0\49\25ceb71-193ae848 High 11/28/2011 6:14:01 AM Deleted Trojan program Rootkit.Win32.ZAccess.k C:\System Volume Information\_restore{D239F0A3-F2BC-40B4-B2EA-CDEA11CF067A}\RP732\A0174043.sys High 11/28/2011 6:14:04 AM Deleted Trojan program Rootkit.Win32.ZAccess.k C:\System Volume Information\_restore{D239F0A3-F2BC-40B4-B2EA-CDEA11CF067A}\RP732\A0174055.sys High 11/28/2011 6:14:02 AM Deleted Trojan program Rootkit.Win32.ZAccess.k C:\System Volume Information\_restore{D239F0A3-F2BC-40B4-B2EA-CDEA11CF067A}\RP732\A0174019.sys High 11/28/2011 6:14:24 AM Deleted Trojan program Rootkit.Win32.ZAccess.k C:\System Volume Information\_restore{D239F0A3-F2BC-40B4-B2EA-CDEA11CF067A}\RP732\A0174082.sys High 11/28/2011 6:14:26 AM Deleted Trojan program Rootkit.Win32.ZAccess.k C:\System Volume Information\_restore{D239F0A3-F2BC-40B4-B2EA-CDEA11CF067A}\RP732\A0174092.sys High 11/28/2011 6:27:51 AM Deleted Trojan program Trojan-Clicker.Win32.Cycler.alhu C:\WINDOWS\system32\1J66qGO.com High 11/28/2011 6:27:55 AM Deleted Trojan program Trojan.Win32.FakeAV.iveh C:\WINDOWS\system32\0.5640092118252633.exe High 11/28/2011 6:28:01 AM Deleted Trojan program Trojan.Win32.Vilsel.bfdu C:\WINDOWS\system32\0.8052617286846966.exe High 11/28/2011 6:31:49 AM Deleted Trojan program Rootkit.Win32.ZAccess.k C:\WINDOWS\system32\drivers\cdrom.sys High 11/28/2011 6:35:28 AM Deleted Trojan program Trojan.Win32.Jorik.Fraud.iuq C:\WINDOWS\Temp\0.014590600280802613.exe High 11/28/2011 6:35:37 AM Deleted Trojan program Trojan.Win32.Jorik.Fraud.iuq C:\WINDOWS\Temp\0.1043924533721654.exe High 11/28/2011 6:35:50 AM Deleted Trojan program Trojan.Win32.Jorik.Fraud.iuq C:\WINDOWS\Temp\0.1990795479555486.exe High 11/28/2011 6:36:02 AM Deleted Trojan program Trojan.Win32.Jorik.Fraud.iuq C:\WINDOWS\Temp\0.262727746829868.exe High 11/28/2011 6:36:07 AM Deleted Trojan program Trojan.Win32.Vilsel.bfdx C:\WINDOWS\Temp\0.3293378416507504.exe High 11/28/2011 6:36:13 AM Deleted Trojan program Trojan.Win32.FakeAV.iveh C:\WINDOWS\Temp\0.3399391257629971gtye.exe High 11/28/2011 6:36:21 AM Deleted Trojan program Trojan.Win32.Jorik.Fraud.iuq C:\WINDOWS\Temp\0.4965102963130289.exe High 11/28/2011 6:36:31 AM Deleted Trojan program Trojan.Win32.Jorik.Fraud.iuq C:\WINDOWS\Temp\0.5297967869467314.exe High 11/28/2011 6:36:34 AM Deleted Trojan program Trojan.Win32.Jorik.Fraud.iuq C:\WINDOWS\Temp\0.5445462504289295.exe High 11/28/2011 6:37:07 AM Deleted Trojan program Trojan.Win32.Jorik.Fraud.iuq C:\WINDOWS\Temp\0.639576072309589.exe High 11/28/2011 6:37:09 AM Deleted Trojan program Trojan.Win32.Vilsel.bfdx C:\WINDOWS\Temp\0.7971537893953975.exe High 11/28/2011 6:37:11 AM Deleted Trojan program Trojan.Win32.Jorik.Fraud.iuq C:\WINDOWS\Temp\0.6400940890022963.exe High 11/28/2011 6:37:14 AM Deleted Trojan program Trojan.Win32.Vilsel.bfdx C:\WINDOWS\Temp\0.8426835967540567.exe High 11/28/2011 6:37:17 AM Deleted Trojan program Trojan.Win32.Jorik.Fraud.iuq C:\WINDOWS\Temp\0.8880708777748493.exe High 11/28/2011 6:37:18 AM Deleted Trojan program Trojan.Win32.Jorik.Fraud.iuq C:\WINDOWS\Temp\0.9652831211118338.exe High 11/28/2011 6:37:21 AM Deleted Trojan program Trojan-Clicker.Win32.Cycler.alhu C:\WINDOWS\Temp\saihpr\setup.exe High 11/28/2011 6:38:01 AM Deleted unknown threat UDS:DangerousObject.Multi.Generic C:\WINDOWS\Temp\63.62841.exe High 11/28/2011 6:39:34 AM Deleted Trojan program Trojan-FakeAV.Win32.Agent.bnn C:\_OTL\MovedFiles\11252011_071654\D_My Documents\qkmz.exe High 11/28/2011 5:56:07 PM Deleted Trojan program Trojan-Clicker.Win32.Cycler.alhu C:\System Volume Information\_restore{D239F0A3-F2BC-40B4-B2EA-CDEA11CF067A}\RP732\A0174134.com High 11/28/2011 5:56:11 PM Deleted Trojan program Trojan.Win32.FakeAV.iveh C:\System Volume Information\_restore{D239F0A3-F2BC-40B4-B2EA-CDEA11CF067A}\RP732\A0174135.exe High 11/28/2011 6:56:09 PM Deleted Trojan program Trojan.Win32.Vilsel.bfdu C:\System Volume Information\_restore{D239F0A3-F2BC-40B4-B2EA-CDEA11CF067A}\RP732\A0174136.exe High 11/28/2011 6:56:49 PM Deleted Trojan program Trojan-FakeAV.Win32.Agent.bnn C:\System Volume Information\_restore{D239F0A3-F2BC-40B4-B2EA-CDEA11CF067A}\RP732\A0174139.exe High Status: Quarantined (events: 1) 11/28/2011 5:56:07 PM Quarantined virus HEUR:Trojan.Script.Iframer C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0ZMR2PY5\l10n[3].js High
  12. Junction v1.06 - Windows junction creator and reparse point viewer Copyright © 2000-2010 Mark Russinovich Sysinternals - www.sysinternals.com Failed to open \\?\c:\\pagefile.sys: The process cannot access the file because it is being used by another process. ... .\\?\c:\\Documents and Settings\All Users\Application Data\Leapfrog\LeapFrog Connect\Mnt\00000E0300A31316\0: MOUNT POINT Substitute Name: Volume{e1ad7d88-c8f7-11df-96ad-00217094c190}\ \\?\c:\\Documents and Settings\All Users\Application Data\Leapfrog\LeapFrog Connect\Mnt\00000E0300EE672F\0: MOUNT POINT Substitute Name: Volume{e1ad7d8a-c8f7-11df-96ad-00217094c190}\ \\?\c:\\Documents and Settings\All Users\Application Data\Leapfrog\LeapFrog Connect\Mnt\00000E0300EE672F\1: MOUNT POINT Substitute Name: Volume{e1ad7d8b-c8f7-11df-96ad-00217094c190}\ .. ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... .. Failed to open \\?\c:\\Qoobox\BackEnv: Access is denied. Failed to open \\?\c:\\WINDOWS\$NtUninstallKB41666$: Access is denied. . ..\\?\c:\\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a: JUNCTION Print Name : C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790 Substitute Name: C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790 \\?\c:\\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a: JUNCTION Print Name : C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e Substitute Name: C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e . ... ... ... ... ... ... ...
  13. All processes killed ========== OTL ========== Prefs.js: toolbar@shopathome.com:5.2.0.0 removed from extensions.enabledItems C:\Documents and Settings\Jessica\Application Data\Mozilla\Firefox\Profiles\hzs7kf7j.default\extensions\toolbar@shopathome.com\defaults\preferences folder moved successfully. C:\Documents and Settings\Jessica\Application Data\Mozilla\Firefox\Profiles\hzs7kf7j.default\extensions\toolbar@shopathome.com\defaults folder moved successfully. C:\Documents and Settings\Jessica\Application Data\Mozilla\Firefox\Profiles\hzs7kf7j.default\extensions\toolbar@shopathome.com\chrome folder moved successfully. C:\Documents and Settings\Jessica\Application Data\Mozilla\Firefox\Profiles\hzs7kf7j.default\extensions\toolbar@shopathome.com folder moved successfully. C:\Documents and Settings\Jessica\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe moved successfully. C:\Documents and Settings\All Users\Application Data\6DSS92c31Apgjk moved successfully. C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Billeo.lnk moved successfully. C:\Documents and Settings\All Users\Application Data\~6DSS92c31Apgjk moved successfully. C:\Documents and Settings\All Users\Application Data\~6DSS92c31Apgjkr moved successfully. C:\Documents and Settings\Jessica\Desktop\System Restore.lnk moved successfully. D:\My Documents\qkmz.exe moved successfully. Error: Unable to interpret <:file > in the current context! Error: Unable to interpret <C:\Documents and Settings\Jessica\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe > in the current context! Error: Unable to interpret < > in the current context! ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->FireFox cache emptied: 22538156 bytes ->Flash cache emptied: 36329 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: Jessica ->Temp folder emptied: 791681 bytes ->Temporary Internet Files folder emptied: 180343999 bytes ->Java cache emptied: 83514685 bytes ->FireFox cache emptied: 12801372 bytes ->Google Chrome cache emptied: 7626713 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 1963857 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 421168565 bytes ->Java cache emptied: 28 bytes ->Flash cache emptied: 12505 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 2402044 bytes %systemroot%\System32 .tmp files removed: 46121 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 6955546 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 58990 bytes RecycleBin emptied: 133316 bytes Total Files Cleaned = 706.00 mb Restore points cleared and new OTL Restore Point set! Error starting restore point: System Restore is disabled. Error closing restore point: System Restore is disabled. OTL by OldTimer - Version 3.2.31.0 log created on 11252011_071654 Files\Folders moved on Reboot... File\Folder C:\Documents and Settings\Jessica\Local Settings\Temporary Internet Files\Content.IE5\OLIFS167\CAW5IJS1.php not found! C:\Documents and Settings\Jessica\Local Settings\Temporary Internet Files\Content.IE5\OLIFS167\index[1].php moved successfully. C:\Documents and Settings\Jessica\Local Settings\Temporary Internet Files\Content.IE5\O5E78HMN\report[1].htm moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\YSHJFUX3\2352060[1].xml not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\YSHJFUX3\spinner-mp3players[1].jpg moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\W3CL2H4H\api[2].htm not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\W3CL2H4H\intel[1].gif moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\W3CL2H4H\mom2@Top1,Middle1,x07!Top1[1] not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\UAU5NZ0G\blank[1].htm moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3E1I5AD\3&u_java=1&u_h=800&u_w=1280&u_ah=772&u_aw=1280&u_cd=32&u_nplug=0&u_nmime=0&dff=times%20new%20roman&dfs=19&adx=111&ady=970&biw=1264&bih=753&fu=0&ifi=1&dtd=94 not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3E1I5AD\5c36d677-66a5-4d85-b136-fcbacfacaf83[1].flv not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3E1I5AD\=3&u_java=1&u_h=800&u_w=1280&u_ah=772&u_aw=1280&u_cd=32&u_nplug=0&u_nmime=0&dff=times%20new%20roman&dfs=19&adx=994&ady=92&biw=1264&bih=753&fu=0&ifi=2&dtd=16 not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3E1I5AD\api[1].htm not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3E1I5AD\brad-pitt[1].htm moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3E1I5AD\CAA3STUR.dXGQ0,;ord=1322223593 not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3E1I5AD\CAC3UHSX.htm not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3E1I5AD\CACZY549.htm not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3E1I5AD\CAKAG1ON.htm not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3E1I5AD\CANN1NML.htm not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3E1I5AD\CAWCTRZZ.htm not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3E1I5AD\CAWJQF6O.htm not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3E1I5AD\cms-2-frame[1].htm moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3E1I5AD\emily[1].htm moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3E1I5AD\freq[1].html not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3E1I5AD\login_status[1].php not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3E1I5AD\pixel[1] not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3E1I5AD\Pug[1].gif not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3E1I5AD\Pug[1].htm not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3E1I5AD\toshiba[1].gif moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Q3E1I5AD\xd_receiver[1].php not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\PH4AF7DH\brands-hp[1].gif moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\O1IFKPUN\ad[2].htm moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\O1IFKPUN\bPCCrjbai9b4yTR6tvLaeYx2YSxA[1].html not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\O1IFKPUN\CALKNYVV.J8qG691rTRGyYGWeQ=, not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\O1IFKPUN\login_status[1].php not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MPSDMJ8D\2312[1].htm moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MPSDMJ8D\afr[1].htm not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MPSDMJ8D\api[2].htm not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MPSDMJ8D\api[3].htm not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MPSDMJ8D\CA3T9S07.0CuSVkdg==,;ord=1322223592 not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MPSDMJ8D\CAPCYLT7 not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MPSDMJ8D\data_sync[1].htm not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MPSDMJ8D\data_sync[2].htm not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MPSDMJ8D\events[1].htm moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MPSDMJ8D\fried-beef-fillet-with-morel-mushrooms-and-venice-balsam[1].htm not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MPSDMJ8D\fw-nonplayer-banner[1].php not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MPSDMJ8D\fw-nonplayer-banner[2].php not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MPSDMJ8D\like[1].php not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MPSDMJ8D\microsoft[1].gif moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MBULA3OJ\ad[6].htm moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MBULA3OJ\ad[7].htm moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MBULA3OJ\ad[8].htm moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\MBULA3OJ\play[1].php not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KPI3KX6R\canon[1].gif moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KPI3KX6R\ddc[1].htm not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KPI3KX6R\dppix[1].htm moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KPI3KX6R\getcertifiedat.legalnurse[1].htm moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KPI3KX6R\language-en_v88_cim_9_4_6[1].js moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KPI3KX6R\likebox[1].php not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KPI3KX6R\like[1].php not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KPI3KX6R\nutritioncuisine[1].htm moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KPI3KX6R\right-scroll[1].png moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KPI3KX6R\syncuppixels[1].htm moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\JLPBI22D\css3pie[1].php not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\JLPBI22D\lgl[1].html not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\JLPBI22D\tcd008a22c[1] moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\CVCFKX6T\16[1].htm moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\CVCFKX6T\ad[2].htm moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\CVCFKX6T\api[3].htm not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\CVCFKX6T\api[5].htm not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\CVCFKX6T\apple[1].gif moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\CVCFKX6T\brands-samsung[1].jpg moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\CVCFKX6T\CAEVSDIZ.htm moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\CVCFKX6T\channels[1] moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\CVCFKX6T\ddc[1].htm moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\CVCFKX6T\development-chart-printable-baby-poop-diaper-changing-diapering-guide[1].htm moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\CVCFKX6T\iframe_ad[1].php not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\CVCFKX6T\smart3handler[1].ashx not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\CVCFKX6T\Stella%20Artois%20Logo[1].jpg moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\CVCFKX6T\tc30afdd24[1] moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\C5ER09E3\&u_java=1&u_h=800&u_w=1280&u_ah=772&u_aw=1280&u_cd=32&u_nplug=0&u_nmime=0&dff=times%20new%20roman&dfs=21&adx=386&ady=1961&biw=1264&bih=753&fu=0&ifi=3&dtd=16 not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\C5ER09E3\actionBar[1].png moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\C5ER09E3\api[1].htm moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\C5ER09E3\CAAORSPT.htm not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\C5ER09E3\data_sync[1].htm not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\C5ER09E3\ExtLibTabToolSkin2_176[1].swf moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\C5ER09E3\fw-nonplayer-banner[2].php not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\C5ER09E3\index[1].htm moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\C5ER09E3\likebox[1].php moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\C5ER09E3\logo-and-footer[1].jpg moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\C5ER09E3\pixel[2].gif moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\C5ER09E3\s[1].htm moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\BP7WHZ3O\CAIJ81EZ not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\BP7WHZ3O\index[1].htm moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\BP7WHZ3O\track-home[1].html not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8TYJGTAJ\&u_java=1&u_h=800&u_w=1280&u_ah=772&u_aw=1280&u_cd=32&u_nplug=0&u_nmime=0&dff=times%20new%20roman&dfs=21&adx=386&ady=2320&biw=1264&bih=753&fu=0&ifi=4&dtd=16 not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8TYJGTAJ\ctrl-vert-scroll[2].png moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8TYJGTAJ\helveticaneueltstd-mdcn-webfont[1].eot moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8TYJGTAJ\langoustine-rotie-aux-amandes-a-la-creme-de-pistache[1].htm moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8TYJGTAJ\mevio-m-neverback-24x24[1].gif moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8TYJGTAJ\ra=TIFVWBZCXNVD5Z54LNNFGM2ZO7F3BRDO&alia[1].com&cookie=6D15XS4TY13EE4EGG4UFCO10QKXJSFQ3&meta=&screen=1280x800&language=en-us&referer=&idle=0&vs=r&ce_name=x moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8TYJGTAJ\redirect[1].gif not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8TYJGTAJ\TidalTV_AS3_API_v1_0_4[1].swf moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8PM3G5Y7\20111125122030[1].here not found! C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8PM3G5Y7\api[1].htm moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8PM3G5Y7\api[2].htm moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8PM3G5Y7\CA6BGH2Z moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8PM3G5Y7\dppix[1].htm moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8PM3G5Y7\pixel[1].gif moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8PM3G5Y7\player-icons[1].png moved successfully. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8PM3G5Y7\syncuppixels[3].htm moved successfully. File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0XKXGTWT\btn-more[1].png not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0XKXGTWT\CAIBY1OD.htm not found! File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\0XKXGTWT\click[1].htm not found! C:\WINDOWS\temp\Perflib_Perfdata_dd0.dat moved successfully. Registry entries deleted on Reboot...
  14. Could not see the link, (the box where I enter the websites/links is not visible---dont know why) So,I copied and pasted.... VT Community Sign in ▼ My account ▼ Sign out Signing out... Languages ▼ VirusTotal's website has changed, we need new translations, do you feel like helping the community? info@virustotal.comSign in to VT Community Safety ratings and user comments (disinfection, in-the-wild locations, reverse engineering reports, etc.) on malware and URLs, free and easy. email password Keep me logged in Sign in Signing in, please wait... Login failed, please try again Forgot your password? Create an account Edit my profile View my profile Inbox Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information... 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware. File name: qkmz.exe Submission date: 2011-11-25 00:32:51 (UTC) Current status: queued queued analysing finished Result: 20/ 43 (46.5%) VT Community not reviewed Safety score: - Compact Print results Antivirus Version Last Update Result AhnLab-V3 2011.11.24.00 2011.11.24 Trojan/Win32.FakeAV AntiVir 7.11.18.63 2011.11.24 TR/Obfuscate.OW.124 Antiy-AVL 2.0.3.7 2011.11.24 - Avast 6.0.1289.0 2011.11.25 Win32:Crypt-KYM [Trj] AVG 10.0.0.1190 2011.11.24 - BitDefender 7.2 2011.11.24 Trojan.Generic.6961583 ByteHero 1.0.0.1 2011.11.14 Trojan.Win32.Heur.Gen CAT-QuickHeal 12.00 2011.11.22 - ClamAV 0.97.3.0 2011.11.24 - Commtouch 5.3.2.6 2011.11.24 - Comodo 10787 2011.11.24 - DrWeb 5.0.2.03300 2011.11.25 Trojan.FakeAV.10512 Emsisoft 5.1.0.11 2011.11.24 Trojan.Win32.FakeAV!IK eSafe 7.0.17.0 2011.11.24 Win32.Trojan eTrust-Vet 37.0.9586 2011.11.24 - F-Prot 4.6.5.141 2011.11.24 - F-Secure 9.0.16440.0 2011.11.24 Trojan.Generic.6961583 Fortinet 4.3.370.0 2011.11.24 - GData 22 2011.11.25 Trojan.Generic.6961583 Ikarus T3.1.1.109.0 2011.11.24 Trojan.Win32.FakeAV Jiangmin 13.0.900 2011.11.24 - K7AntiVirus 9.119.5534 2011.11.24 - Kaspersky 9.0.0.837 2011.11.24 Trojan-FakeAV.Win32.Agent.bnn McAfee 5.400.0.1158 2011.11.25 FakeAlert-AV2011 McAfee-GW-Edition 2010.1D 2011.11.24 Artemis!76BC33D065FD Microsoft 1.7801 2011.11.24 VirTool:Win32/Obfuscator.OW NOD32 6657 2011.11.24 a variant of Win32/Kryptik.VZH Norman 6.07.13 2011.11.24 - nProtect 2011-11-24.02 2011.11.24 - Panda 10.0.3.5 2011.11.24 Trj/CI.A PCTools 8.0.0.5 2011.11.25 - Prevx 3.0 2011.11.25 - Rising 23.85.03.02 2011.11.24 - Sophos 4.71.0 2011.11.25 Mal/FakeAV-MQ SUPERAntiSpyware 4.40.0.1006 2011.11.24 Rogue.AVProtection2011 Symantec 20111.2.0.82 2011.11.25 - TheHacker 6.7.0.1.347 2011.11.24 - TrendMicro 9.500.0.1008 2011.11.24 - TrendMicro-HouseCall 9.500.0.1008 2011.11.25 - VBA32 3.12.16.4 2011.11.24 - VIPRE 11139 2011.11.25 Trojan.Win32.Generic.pak!cobra ViRobot 2011.11.24.4791 2011.11.24 - VirusBuster 14.1.83.1 2011.11.24 - Additional informationShow all MD5 : 76bc33d065fdf4dec0e6d5e7656d6759 SHA1 : 90d7b00c35be96f8065468f4aaa8c4295329adc4 SHA256: 04356df2a1426a4b21de9db4bfecac11425e27a72554d1734aa3f2d003cd54ac ssdeep: 49152:Cvt6TK0xPLsH8wHmvh1NZff8KjlNQAIOUQ4goGjZjJDUtU+EbC4:6t620xPL/6mLHftjl 5Wgo4Zdm File size : 2939392 bytes First seen: 2011-11-25 00:32:51 Last seen : 2011-11-25 00:32:51 TrID: Generic Win/DOS Executable (49.9%) DOS Executable Generic (49.8%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%) sigcheck: publisher....: n/a copyright....: n/a product......: n/a description..: n/a original name: n/a internal name: n/a file version.: n/a comments.....: n/a signers......: - signing date.: - verified.....: Unsigned PEInfo: PE structure information [[ basic data ]] entrypointaddress: 0x7058 timedatestamp....: 0x0 (Thu Jan 01 00:00:00 1970) machinetype......: 0x14c (I386) [[ 5 section(s) ]] name, viradd, virsiz, rawdsiz, ntropy, md5 .text, 0x1000, 0x2BD000, 0x2BCA00, 6.41, 024e87ede6eabdc93ba2702e8ae4595e .rdata, 0x2BE000, 0xA000, 0x9800, 5.84, 234e68b0aff78d42a17d19b5cc5a51ba .data, 0x2C8000, 0x24F000, 0x3E00, 2.52, 6cb54dc660dbd3d5a682f4b6e23a242c .idata, 0x517000, 0x1000, 0x1000, 5.10, d9ed3c8e7ef97c3f248994f4baad7199 .rsrc, 0x518000, 0x2000, 0x1A00, 6.20, 1d2ac46572e22209ba8bed7c1f54155e [[ 7 import(s) ]] ADVAPI32.dll: DeregisterEventSource, GetTokenInformation, OpenProcessToken, RegCloseKey, RegCreateKeyExW, RegDeleteKeyW, RegDeleteValueW, RegEnumKeyExW, RegEnumValueW, RegOpenKeyExW, RegQueryInfoKeyW, RegQueryValueExA, RegQueryValueExW, RegSetValueExW, RegisterEventSourceW, ReportEventW GDI32.dll: DeleteObject KERNEL32.dll: CloseHandle, CompareStringW, CreateEventW, CreateFileMappingW, CreateFileW, CreateThread, DeleteCriticalSection, DeleteFileW, DisableThreadLibraryCalls, EnterCriticalSection, FileTimeToLocalFileTime, FileTimeToSystemTime, FindClose, FindNextFileW, FindResourceW, FlushFileBuffers, FormatMessageW, FreeLibrary, GetFileAttributesW, GetFileSize, GetLastError, GetLocaleInfoW, GetModuleFileNameW, GetModuleHandleA, GetModuleHandleW, GetPriorityClass, GetProcAddress, GetProcessHeap, GetSystemDefaultUILanguage, GetSystemTimeAsFileTime, GetTickCount, GetUserDefaultLCID, GetUserDefaultUILanguage, GetVersion, GetVersionExW, GlobalAlloc, GlobalFree, HeapAlloc, HeapDestroy, HeapFree, HeapReAlloc, HeapSize, InitializeCriticalSection, InterlockedCompareExchange, InterlockedExchange, IsDebuggerPresent, IsValidCodePage, LeaveCriticalSection, LoadLibraryA, LoadLibraryExW, LoadLibraryW, LoadResource, LocalAlloc, LocalFree, LockResource, MapViewOfFile, MoveFileW, MultiByteToWideChar, OpenMutexW, OpenProcess, OutputDebugStringA, QueryPerformanceCounter, RaiseException, ReleaseMutex, ReleaseSemaphore, SearchPathW, SetEvent, SetLastError, SetPriorityClass, SetUnhandledExceptionFilter, SizeofResource, Sleep, TerminateProcess, UnhandledExceptionFilter, UnmapViewOfFile, VirtualProtect, WaitForSingleObject, WideCharToMultiByte, WriteFile, lstrcmpiW, lstrlenA, lstrlenW msi.dll: - ole32.dll: StgOpenStorageOnILockBytes, PropVariantCopy, PropVariantClear, CreateStreamOnHGlobal, CoWaitForMultipleHandles, StringFromGUID2, CoTaskMemRealloc, CoTaskMemFree, CoTaskMemAlloc, CoInitializeEx, CoCreateInstance, CLSIDFromString, CoUninitialize OLEAUT32.dll: -, -, -, -, -, -, -, -, - USER32.dll: LoadStringW, MsgWaitForMultipleObjects, PeekMessageW, TranslateMessage, DispatchMessageW, CharNextW [[ 4 export(s) ]] FreeGlobalObjects, GetContextSpellingSession, GetNextToken, RunCssWordBreaker ExifTool: file metadata CodeSize: 2871296 EntryPoint: 0x7058 FileSize: 2.8 MB FileType: Win32 EXE ImageVersion: 0.0 InitializedDataSize: 2473984 LinkerVersion: 8.0 MIMEType: application/octet-stream MachineType: Intel 386 or later, and compatibles OSVersion: 4.0 PEType: PE32 Subsystem: Windows GUI SubsystemVersion: 4.0 TimeStamp: 0000:00:00 00:00:00 UninitializedDataSize: 0 Symantec reputation:Suspicious.Insight VT Community 0 This file has never been reviewed by any VT Community member. Be the first one to comment on it! VirusTotal Team Add your comment... Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so. How to markup your comments? You can add basic styles to your comments using the following accepted bbcode tags: text -- bold text -- italics text -- underline text -- strikethrough text -- preformatted text You can also address comments to particular users using the "@" twitter-like mode. By prepending a "#" symbol to a word you can add custom tags to your comment, tags that can then be searched for. Goodware Malware Spam attachment/link P2P download Propagating via IM Network worm Drive-by-download Anonymous limit exceeded: anonymous users can only make one comment per file or URL, either sign in or register in order to continue making reviews on this item. Note that anonymous user discrimination is based on IP addresses, hence, it may be possible that another user behind your same proxy or NAT connection already made a review. Preview commentEdit comment Post comment Posting comment... Comment successfully posted ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware. VirusTotal © Hispasec Sistemas - Blog - Twitter - Contact: info@virustotal.com- TOS & Privacy Policy
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.