Jump to content

Unable to remove redirect virus


Recommended Posts

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 6.0.2900.5512

Run by Reception at 15:27:13 on 2011-11-23

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.424 [GMT -5:00]

.

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Documents and Settings\All Users\Application Data\FileOpen\Services\FileOpenManagerSvc32.exe

C:\Program Files\FMAuditOnsite\fmaonsite.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2504091

uWindow Title = Windows Internet Explorer provided by MSN & Bing

mDefault_Search_URL = hxxp://www.google.com/ie

mSearchAssistant = hxxp://www.google.com/ie

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe

mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

StartupFolder: c:\docume~1\recept~1\startm~1\programs\startup\launch~1.lnk - c:\documents and settings\reception\application data\verizon\ua_ar\UtilityApplication.exe

StartupFolder: c:\docume~1\recept~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab

DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://games.king.com/ctl/kingcomie.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 184.168.39.1 68.105.28.16 68.10.16.245

TCP: Interfaces\{0854CCB4-BF41-4A0B-BFAA-0AB7758151E1} : DhcpNameServer = 184.168.39.1 68.105.28.16 68.10.16.245

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL

Notify: AtiExtEvent - Ati2evxx.dll

Notify: igfxcui - igfxdev.dll

Notify: TPSvc - TPSvc.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\reception\application data\mozilla\firefox\profiles\m1s1x1jp.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/

FF - prefs.js: network.proxy.type - 0

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll

FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll

.

============= SERVICES / DRIVERS ===============

.

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]

R2 FileOpenManagerSvc;FileOpenManagerSvc;c:\documents and settings\all users\application data\fileopen\services\FileOpenManagerSvc32.exe [2011-3-9 212352]

R2 FMAuditOnsite;FMAudit Onsite;c:\program files\fmauditonsite\fmaonsite.exe [2011-11-16 54864]

R2 MotoConnect Service;MotoConnect Service;c:\program files\motorola\motoconnectservice\MotoConnectService.exe [2011-7-5 91456]

S1 MpKsl4379156b;MpKsl4379156b;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b57ecadf-0654-4bc1-bd0a-53e78d8d2553}\mpksl4379156b.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b57ecadf-0654-4bc1-bd0a-53e78d8d2553}\MpKsl4379156b.sys [?]

S1 MpKsl59b9c265;MpKsl59b9c265;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b605622e-1df1-455e-9351-2e1880a224e0}\mpksl59b9c265.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b605622e-1df1-455e-9351-2e1880a224e0}\MpKsl59b9c265.sys [?]

S1 MpKsl7f95f8f5;MpKsl7f95f8f5;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ff8fa3bf-18a9-44a0-8c0c-99da5ab21a23}\mpksl7f95f8f5.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ff8fa3bf-18a9-44a0-8c0c-99da5ab21a23}\MpKsl7f95f8f5.sys [?]

S1 MpKsla16c7311;MpKsla16c7311;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7f4bef5a-c8b3-4a58-828d-ae3473a652c0}\mpksla16c7311.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7f4bef5a-c8b3-4a58-828d-ae3473a652c0}\MpKsla16c7311.sys [?]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-2-7 136176]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [2011-8-24 30312]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-2-7 136176]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2011-8-24 121192]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2011-8-24 12776]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2011-8-24 136680]

S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [2011-8-24 114152]

.

=============== File Associations ===============

.

.txt=

.

=============== Created Last 30 ================

.

2011-11-17 22:43:51 -------- d-----w- c:\program files\DivX

2011-11-17 22:43:36 -------- d-----w- c:\documents and settings\all users\application data\DivX

2011-11-11 19:33:45 -------- d-----w- c:\program files\common files\iS3

2011-11-11 19:33:45 -------- d-----w- c:\documents and settings\all users\application data\STOPzilla!

2011-11-11 16:53:16 -------- d-----w- c:\program files\Free Internet Window Washer

2011-11-11 13:07:41 81920 ----a-w- c:\windows\system32\ieencode.dll

2011-11-11 13:07:41 81920 ----a-w- c:\windows\system32\dllcache\ieencode.dll

2011-11-08 13:17:18 720896 ----a-w- c:\windows\iun6002.exe

2011-11-08 13:17:15 -------- d-----w- c:\program files\Starpoint Software

2011-11-01 18:26:15 852480 -c--a-w- c:\windows\system32\dllcache\vgx.dll

2011-10-31 22:07:04 -------- d-----w- c:\program files\Vuze

2011-10-31 20:53:49 -------- d-----w- c:\documents and settings\reception\.swt

2011-10-31 20:53:40 -------- d-----w- c:\documents and settings\reception\application data\Azureus

2011-10-31 20:52:05 -------- d-----w- c:\documents and settings\reception\local settings\application data\Conduit

.

==================== Find3M ====================

.

2011-10-20 23:26:22 94208 ----a-w- c:\windows\system32\dpl100.dll

2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-09-27 20:09:30 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-09-26 15:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 15:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-26 15:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll

2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys

2011-09-05 13:56:22 667136 ----a-w- c:\windows\system32\wininet.dll

2011-09-05 13:56:22 61952 ----a-w- c:\windows\system32\tdc.ocx

2011-09-05 12:35:09 369664 ----a-w- c:\windows\system32\html.iec

2011-08-31 21:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

.

============= FINISH: 15:27:25.71 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 10/28/2010 1:49:32 PM

System Uptime: 11/23/2011 2:46:30 PM (1 hours ago)

.

Motherboard: Dell Inc. | | 0F8098

Processor: Intel® Pentium® 4 CPU 3.20GHz | Microprocessor | 3192/800mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 74 GiB total, 43.929 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP279: 9/25/2011 6:15:18 PM - System Checkpoint

RP280: 9/26/2011 7:15:20 PM - System Checkpoint

RP281: 9/27/2011 4:12:30 PM - Installed Adobe Reader X (10.1.1).

RP282: 9/28/2011 4:16:08 PM - System Checkpoint

RP283: 9/29/2011 3:00:15 AM - Software Distribution Service 3.0

RP284: 9/29/2011 9:28:39 AM - Installed Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs

RP285: 9/30/2011 10:04:53 AM - System Checkpoint

RP286: 10/1/2011 10:16:07 AM - System Checkpoint

RP287: 10/2/2011 11:16:07 AM - System Checkpoint

RP288: 10/3/2011 8:45:41 AM - Printer Driver CutePDF Writer Installed

RP289: 10/4/2011 8:57:56 AM - System Checkpoint

RP290: 10/5/2011 5:27:08 PM - System Checkpoint

RP291: 10/6/2011 5:53:08 PM - System Checkpoint

RP292: 10/7/2011 6:53:09 PM - System Checkpoint

RP293: 10/8/2011 7:53:08 PM - System Checkpoint

RP294: 10/9/2011 8:53:08 PM - System Checkpoint

RP295: 10/10/2011 9:53:07 PM - System Checkpoint

RP296: 10/11/2011 10:53:07 PM - System Checkpoint

RP297: 10/12/2011 3:00:18 AM - Software Distribution Service 3.0

RP298: 10/13/2011 3:20:37 AM - System Checkpoint

RP299: 10/14/2011 3:26:12 AM - System Checkpoint

RP300: 10/15/2011 3:28:22 AM - System Checkpoint

RP301: 10/16/2011 4:28:21 AM - System Checkpoint

RP302: 10/17/2011 5:28:21 AM - System Checkpoint

RP303: 10/18/2011 6:28:23 AM - System Checkpoint

RP304: 10/19/2011 6:31:15 AM - System Checkpoint

RP305: 10/20/2011 7:23:35 AM - System Checkpoint

RP306: 10/21/2011 8:23:22 AM - System Checkpoint

RP307: 10/22/2011 9:23:22 AM - System Checkpoint

RP308: 10/23/2011 10:23:24 AM - System Checkpoint

RP309: 10/24/2011 2:32:09 PM - System Checkpoint

RP310: 10/25/2011 3:06:37 PM - System Checkpoint

RP311: 10/26/2011 4:06:37 PM - System Checkpoint

RP312: 10/27/2011 5:51:12 PM - System Checkpoint

RP313: 10/28/2011 5:57:30 PM - System Checkpoint

RP314: 10/29/2011 6:57:29 PM - System Checkpoint

RP315: 10/30/2011 7:57:29 PM - System Checkpoint

RP316: 10/31/2011 8:40:28 PM - System Checkpoint

RP317: 11/1/2011 9:11:33 PM - System Checkpoint

RP318: 11/2/2011 3:00:15 AM - Software Distribution Service 3.0

RP319: 11/3/2011 3:06:34 AM - System Checkpoint

RP320: 11/4/2011 4:06:34 AM - System Checkpoint

RP321: 11/5/2011 4:45:17 AM - System Checkpoint

RP322: 11/6/2011 4:45:16 AM - System Checkpoint

RP323: 11/7/2011 5:45:16 AM - System Checkpoint

RP324: 11/8/2011 6:45:16 AM - System Checkpoint

RP325: 11/9/2011 7:46:23 AM - System Checkpoint

RP326: 11/10/2011 3:00:15 AM - Software Distribution Service 3.0

RP327: 11/11/2011 3:00:16 AM - Software Distribution Service 3.0

RP328: 11/11/2011 8:03:41 AM - Software Distribution Service 3.0

RP329: 11/11/2011 2:33:34 PM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.

RP330: 11/12/2011 3:00:15 AM - Software Distribution Service 3.0

RP331: 11/13/2011 3:51:19 AM - System Checkpoint

RP332: 11/14/2011 3:52:42 AM - System Checkpoint

RP333: 11/15/2011 4:40:41 AM - System Checkpoint

RP334: 11/16/2011 6:04:42 AM - System Checkpoint

RP335: 11/16/2011 11:00:38 AM - Removed Motorola Driver Installation 4.6.0

RP336: 11/16/2011 11:01:29 AM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.

RP337: 11/17/2011 11:35:11 AM - System Checkpoint

RP338: 11/18/2011 4:11:56 PM - System Checkpoint

RP339: 11/19/2011 4:58:56 PM - System Checkpoint

RP340: 11/20/2011 5:58:56 PM - System Checkpoint

RP341: 11/21/2011 8:00:58 PM - System Checkpoint

RP342: 11/22/2011 8:58:56 PM - System Checkpoint

RP343: 11/23/2011 1:25:09 PM - Software Distribution Service 3.0

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Color Common Settings

Adobe ExtendScript Toolkit 2

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader X (10.1.1)

Adobe Setup

ATI Display Driver

Autodesk MapGuide® Viewer ActiveX Control Release 6.5

Broadcom Gigabit Integrated Controller

CutePDF Writer 2.8

DivX Setup

FileOpen Client

FMAudit Onsite

Google Earth Pro

Google Update Helper

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Intel® Graphics Media Accelerator Driver

Java 6 Update 16

Malwarebytes' Anti-Malware version 1.51.2.1300

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

Microsoft Office 2007 Primary Interop Assemblies

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Software Update for Web Folders (English) 12

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual Studio 2005 Tools for Office Runtime

MotoConnect

Mozilla Firefox 8.0 (x86 en-US)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

Myibay Auction bid sniper for eBay 1.0.43

SAMSUNG USB Driver for Mobile Phones

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2416400)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2510581)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544521)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2586448)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

SoundMAX

Speccy

Spybot - Search & Destroy

Starpoint Software Super Slug 3.1 ANSI Full Version

SUPERAntiSpyware

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Outlook 2007 Junk Email Filter (KB2596560)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676-v2)

Update for Windows XP (KB2641690)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

VC80CRTRedist - 8.0.50727.6195

Verizon Wireless Software Utility Application for Android - Samsung

Vuze

WebFldrs XP

Windows Genuine Advantage Notifications (KB905474)

Windows Media Format Runtime

Windows XP Service Pack 3

WinRAR archiver

.

==== End Of File ===========================

attach.txt

dds.txt

Link to post
Share on other sites

Hello erbishop! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/paste in your next reply.

Step 1

I see you are running Teatimer.

I suggest you to disable it because it can interfere with the changes you'll make on your system.

When everything is done and your log is clean again, you can enable it again.

If teatimer gives you a warning afterwards that some changes were made, allow this instead of blocking it.

How to disable TeaTimer <== click me for instructions.

After you disabled Teatimer, download ResetTeaTimer.exe to your desktop.

Then run ResetTeaTimer.exe.

This will only take a few seconds.

Step 2

You have p2p software installed on your system, which is very dangerous and illegal. Please check our rules for piracy and uninstall Vuze:

http://forums.malwarebytes.org/index.php?showtopic=97700

Step 3

  • Launch Malwarebytes' Anti-Malware
  • Go to Update" tab and select Check for Updates.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 4

Download the latest version of TDSSKiller from here and save it to your Desktop.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg
  7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

In your next reply, please post the following log files:

  • Malwarebytes' Anti-Malware log
  • TDSSKiller log
  • a new fresh DDS log with Attach.txt

Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8256

Windows 5.1.2600 Service Pack 3

Internet Explorer 6.0.2900.5512

11/28/2011 8:56:29 AM

mbam-log-2011-11-28 (08-56-29).txt

Scan type: Quick scan

Objects scanned: 220330

Time elapsed: 13 minute(s), 57 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

09:00:10.0312 2688 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44

09:00:10.0562 2688 ============================================================

09:00:10.0562 2688 Current date / time: 2011/11/28 09:00:10.0562

09:00:10.0562 2688 SystemInfo:

09:00:10.0562 2688

09:00:10.0562 2688 OS Version: 5.1.2600 ServicePack: 3.0

09:00:10.0562 2688 Product type: Workstation

09:00:10.0562 2688 ComputerName: FRONT-DESK-PC

09:00:10.0562 2688 UserName: Reception

09:00:10.0562 2688 Windows directory: C:\WINDOWS

09:00:10.0562 2688 System windows directory: C:\WINDOWS

09:00:10.0562 2688 Processor architecture: Intel x86

09:00:10.0562 2688 Number of processors: 2

09:00:10.0562 2688 Page size: 0x1000

09:00:10.0562 2688 Boot type: Normal boot

09:00:10.0562 2688 ============================================================

09:00:11.0171 2688 Initialize success

09:00:14.0406 2236 ============================================================

09:00:14.0406 2236 Scan started

09:00:14.0421 2236 Mode: Manual;

09:00:14.0421 2236 ============================================================

09:00:15.0765 2236 Abiosdsk - ok

09:00:15.0796 2236 abp480n5 - ok

09:00:15.0843 2236 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

09:00:15.0843 2236 ACPI - ok

09:00:15.0890 2236 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

09:00:15.0890 2236 ACPIEC - ok

09:00:15.0890 2236 adpu160m - ok

09:00:15.0921 2236 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

09:00:15.0921 2236 aec - ok

09:00:15.0968 2236 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

09:00:15.0968 2236 AFD - ok

09:00:15.0984 2236 Aha154x - ok

09:00:16.0015 2236 aic78u2 - ok

09:00:16.0328 2236 aic78xx - ok

09:00:16.0500 2236 AliIde - ok

09:00:16.0500 2236 amsint - ok

09:00:16.0546 2236 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\WINDOWS\system32\Drivers\ssadadb.sys

09:00:16.0546 2236 androidusb - ok

09:00:16.0562 2236 asc - ok

09:00:16.0562 2236 asc3350p - ok

09:00:16.0578 2236 asc3550 - ok

09:00:16.0593 2236 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

09:00:16.0593 2236 AsyncMac - ok

09:00:16.0625 2236 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

09:00:16.0625 2236 atapi - ok

09:00:16.0640 2236 Atdisk - ok

09:00:16.0734 2236 ati2mtag (e78b73eb84c257d0d940e041742d2699) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

09:00:16.0781 2236 ati2mtag - ok

09:00:16.0796 2236 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

09:00:16.0796 2236 Atmarpc - ok

09:00:16.0843 2236 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

09:00:16.0843 2236 audstub - ok

09:00:16.0890 2236 b57w2k (241474d01380e9ed41d4c07f4f5fd401) C:\WINDOWS\system32\DRIVERS\b57xp32.sys

09:00:16.0906 2236 b57w2k - ok

09:00:16.0953 2236 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

09:00:16.0953 2236 Beep - ok

09:00:17.0000 2236 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

09:00:17.0000 2236 cbidf2k - ok

09:00:17.0015 2236 cd20xrnt - ok

09:00:17.0031 2236 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

09:00:17.0031 2236 Cdaudio - ok

09:00:17.0078 2236 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

09:00:17.0078 2236 Cdfs - ok

09:00:17.0093 2236 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

09:00:17.0093 2236 Cdrom - ok

09:00:17.0125 2236 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys

09:00:17.0125 2236 cercsr6 - ok

09:00:17.0140 2236 Changer - ok

09:00:17.0156 2236 CmdIde - ok

09:00:17.0203 2236 Cpqarray - ok

09:00:17.0203 2236 dac2w2k - ok

09:00:17.0218 2236 dac960nt - ok

09:00:17.0234 2236 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

09:00:17.0234 2236 Disk - ok

09:00:17.0281 2236 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

09:00:17.0312 2236 dmboot - ok

09:00:17.0312 2236 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

09:00:17.0312 2236 dmio - ok

09:00:17.0343 2236 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

09:00:17.0343 2236 dmload - ok

09:00:17.0375 2236 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

09:00:17.0375 2236 DMusic - ok

09:00:17.0390 2236 dpti2o - ok

09:00:17.0406 2236 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

09:00:17.0406 2236 drmkaud - ok

09:00:17.0437 2236 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

09:00:17.0437 2236 Fastfat - ok

09:00:17.0453 2236 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

09:00:17.0453 2236 Fdc - ok

09:00:17.0468 2236 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

09:00:17.0468 2236 Fips - ok

09:00:17.0500 2236 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

09:00:17.0500 2236 Flpydisk - ok

09:00:17.0546 2236 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

09:00:17.0546 2236 FltMgr - ok

09:00:17.0593 2236 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

09:00:17.0593 2236 Fs_Rec - ok

09:00:17.0609 2236 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

09:00:17.0609 2236 Ftdisk - ok

09:00:17.0609 2236 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

09:00:17.0609 2236 Gpc - ok

09:00:17.0656 2236 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

09:00:17.0656 2236 hidusb - ok

09:00:17.0671 2236 hpn - ok

09:00:17.0718 2236 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

09:00:17.0734 2236 HTTP - ok

09:00:17.0734 2236 i2omgmt - ok

09:00:17.0750 2236 i2omp - ok

09:00:17.0781 2236 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

09:00:17.0781 2236 i8042prt - ok

09:00:17.0859 2236 ialm (0f0194c4b635c10c3f785e4fee52d641) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

09:00:17.0890 2236 ialm - ok

09:00:17.0953 2236 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

09:00:17.0953 2236 Imapi - ok

09:00:17.0968 2236 ini910u - ok

09:00:17.0984 2236 IntelIde - ok

09:00:18.0015 2236 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

09:00:18.0015 2236 intelppm - ok

09:00:18.0046 2236 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

09:00:18.0046 2236 Ip6Fw - ok

09:00:18.0062 2236 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

09:00:18.0062 2236 IpFilterDriver - ok

09:00:18.0078 2236 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

09:00:18.0078 2236 IpInIp - ok

09:00:18.0109 2236 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

09:00:18.0109 2236 IpNat - ok

09:00:18.0125 2236 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

09:00:18.0125 2236 IPSec - ok

09:00:18.0140 2236 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

09:00:18.0140 2236 IRENUM - ok

09:00:18.0171 2236 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

09:00:18.0171 2236 isapnp - ok

09:00:18.0187 2236 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

09:00:18.0187 2236 Kbdclass - ok

09:00:18.0203 2236 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

09:00:18.0203 2236 kbdhid - ok

09:00:18.0218 2236 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

09:00:18.0218 2236 kmixer - ok

09:00:18.0265 2236 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

09:00:18.0265 2236 KSecDD - ok

09:00:18.0281 2236 lbrtfdc - ok

09:00:18.0343 2236 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

09:00:18.0343 2236 mnmdd - ok

09:00:18.0390 2236 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

09:00:18.0390 2236 Modem - ok

09:00:18.0421 2236 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

09:00:18.0421 2236 Mouclass - ok

09:00:18.0437 2236 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

09:00:18.0437 2236 mouhid - ok

09:00:18.0453 2236 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

09:00:18.0453 2236 MountMgr - ok

09:00:18.0500 2236 MpKsl4379156b - ok

09:00:18.0500 2236 MpKsl59b9c265 - ok

09:00:18.0515 2236 MpKsl7f95f8f5 - ok

09:00:18.0515 2236 MpKsla16c7311 - ok

09:00:18.0531 2236 mraid35x - ok

09:00:18.0546 2236 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

09:00:18.0546 2236 MRxDAV - ok

09:00:18.0578 2236 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

09:00:18.0578 2236 MRxSmb - ok

09:00:18.0609 2236 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

09:00:18.0609 2236 Msfs - ok

09:00:18.0625 2236 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

09:00:18.0625 2236 MSKSSRV - ok

09:00:18.0625 2236 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

09:00:18.0625 2236 MSPCLOCK - ok

09:00:18.0640 2236 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

09:00:18.0640 2236 MSPQM - ok

09:00:18.0687 2236 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

09:00:18.0687 2236 mssmbios - ok

09:00:18.0718 2236 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

09:00:18.0718 2236 Mup - ok

09:00:18.0734 2236 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

09:00:18.0734 2236 NDIS - ok

09:00:18.0781 2236 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

09:00:18.0781 2236 NdisTapi - ok

09:00:18.0796 2236 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

09:00:18.0796 2236 Ndisuio - ok

09:00:18.0812 2236 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

09:00:18.0812 2236 NdisWan - ok

09:00:18.0859 2236 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

09:00:18.0859 2236 NDProxy - ok

09:00:18.0875 2236 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

09:00:18.0875 2236 NetBIOS - ok

09:00:18.0890 2236 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

09:00:18.0890 2236 NetBT - ok

09:00:18.0921 2236 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

09:00:18.0921 2236 Npfs - ok

09:00:18.0953 2236 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

09:00:18.0968 2236 Ntfs - ok

09:00:19.0015 2236 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

09:00:19.0015 2236 Null - ok

09:00:19.0062 2236 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

09:00:19.0062 2236 NwlnkFlt - ok

09:00:19.0062 2236 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

09:00:19.0062 2236 NwlnkFwd - ok

09:00:19.0109 2236 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

09:00:19.0109 2236 Parport - ok

09:00:19.0125 2236 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

09:00:19.0125 2236 PartMgr - ok

09:00:19.0140 2236 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

09:00:19.0140 2236 ParVdm - ok

09:00:19.0140 2236 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

09:00:19.0156 2236 PCI - ok

09:00:19.0156 2236 PCIDump - ok

09:00:19.0187 2236 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

09:00:19.0187 2236 PCIIde - ok

09:00:19.0218 2236 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

09:00:19.0218 2236 Pcmcia - ok

09:00:19.0234 2236 PDCOMP - ok

09:00:19.0234 2236 PDFRAME - ok

09:00:19.0250 2236 PDRELI - ok

09:00:19.0265 2236 PDRFRAME - ok

09:00:19.0265 2236 perc2 - ok

09:00:19.0281 2236 perc2hib - ok

09:00:19.0328 2236 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

09:00:19.0328 2236 PptpMiniport - ok

09:00:19.0343 2236 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

09:00:19.0343 2236 PSched - ok

09:00:19.0390 2236 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

09:00:19.0390 2236 Ptilink - ok

09:00:19.0421 2236 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys

09:00:19.0437 2236 PxHelp20 - ok

09:00:19.0437 2236 ql1080 - ok

09:00:19.0453 2236 Ql10wnt - ok

09:00:19.0453 2236 ql12160 - ok

09:00:19.0468 2236 ql1240 - ok

09:00:19.0484 2236 ql1280 - ok

09:00:19.0500 2236 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

09:00:19.0500 2236 RasAcd - ok

09:00:19.0531 2236 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

09:00:19.0531 2236 Rasl2tp - ok

09:00:19.0546 2236 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

09:00:19.0546 2236 RasPppoe - ok

09:00:19.0562 2236 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

09:00:19.0562 2236 Raspti - ok

09:00:19.0578 2236 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

09:00:19.0578 2236 Rdbss - ok

09:00:19.0593 2236 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

09:00:19.0593 2236 RDPCDD - ok

09:00:19.0609 2236 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

09:00:19.0609 2236 rdpdr - ok

09:00:19.0656 2236 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

09:00:19.0656 2236 RDPWD - ok

09:00:19.0671 2236 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

09:00:19.0671 2236 redbook - ok

09:00:19.0718 2236 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys

09:00:19.0718 2236 RimUsb - ok

09:00:19.0796 2236 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

09:00:19.0796 2236 SASDIFSV - ok

09:00:19.0812 2236 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

09:00:19.0812 2236 SASKUTIL - ok

09:00:19.0859 2236 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

09:00:19.0875 2236 Secdrv - ok

09:00:19.0953 2236 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys

09:00:19.0953 2236 senfilt - ok

09:00:19.0968 2236 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

09:00:19.0968 2236 serenum - ok

09:00:19.0984 2236 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

09:00:19.0984 2236 Serial - ok

09:00:20.0015 2236 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

09:00:20.0015 2236 Sfloppy - ok

09:00:20.0031 2236 Simbad - ok

09:00:20.0062 2236 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys

09:00:20.0062 2236 smwdm - ok

09:00:20.0062 2236 Sparrow - ok

09:00:20.0093 2236 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

09:00:20.0093 2236 splitter - ok

09:00:20.0109 2236 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

09:00:20.0109 2236 sr - ok

09:00:20.0156 2236 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

09:00:20.0156 2236 Srv - ok

09:00:20.0171 2236 ssadbus (48f44a1be434830b7c90fb730745f65a) C:\WINDOWS\system32\DRIVERS\ssadbus.sys

09:00:20.0187 2236 ssadbus - ok

09:00:20.0203 2236 ssadmdfl (9630b486b62cc0adb0a89152ed0218d7) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys

09:00:20.0203 2236 ssadmdfl - ok

09:00:20.0234 2236 ssadmdm (9afaa23421622c392b55508fa9613949) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys

09:00:20.0234 2236 ssadmdm - ok

09:00:20.0265 2236 ssadserd (1cac71d756ce00ae0681f9028dde874b) C:\WINDOWS\system32\DRIVERS\ssadserd.sys

09:00:20.0265 2236 ssadserd - ok

09:00:20.0312 2236 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

09:00:20.0312 2236 swenum - ok

09:00:20.0328 2236 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

09:00:20.0328 2236 swmidi - ok

09:00:20.0343 2236 symc810 - ok

09:00:20.0359 2236 symc8xx - ok

09:00:20.0359 2236 sym_hi - ok

09:00:20.0375 2236 sym_u3 - ok

09:00:20.0390 2236 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

09:00:20.0390 2236 sysaudio - ok

09:00:20.0453 2236 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

09:00:20.0453 2236 Tcpip - ok

09:00:20.0468 2236 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

09:00:20.0468 2236 TDPIPE - ok

09:00:20.0484 2236 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

09:00:20.0484 2236 TDTCP - ok

09:00:20.0500 2236 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

09:00:20.0515 2236 TermDD - ok

09:00:20.0531 2236 TosIde - ok

09:00:20.0546 2236 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

09:00:20.0546 2236 Udfs - ok

09:00:20.0562 2236 ultra - ok

09:00:20.0625 2236 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

09:00:20.0625 2236 Update - ok

09:00:20.0656 2236 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

09:00:20.0656 2236 usbccgp - ok

09:00:20.0687 2236 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

09:00:20.0687 2236 usbehci - ok

09:00:20.0703 2236 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

09:00:20.0703 2236 usbhub - ok

09:00:20.0734 2236 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

09:00:20.0734 2236 usbprint - ok

09:00:20.0765 2236 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

09:00:20.0765 2236 USBSTOR - ok

09:00:20.0781 2236 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

09:00:20.0781 2236 usbuhci - ok

09:00:20.0796 2236 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

09:00:20.0796 2236 VgaSave - ok

09:00:20.0812 2236 ViaIde - ok

09:00:20.0828 2236 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

09:00:20.0828 2236 VolSnap - ok

09:00:20.0859 2236 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

09:00:20.0859 2236 Wanarp - ok

09:00:20.0921 2236 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

09:00:20.0921 2236 Wdf01000 - ok

09:00:20.0937 2236 WDICA - ok

09:00:20.0953 2236 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

09:00:20.0968 2236 wdmaud - ok

09:00:21.0031 2236 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

09:00:21.0031 2236 WS2IFSL - ok

09:00:21.0078 2236 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

09:00:21.0203 2236 \Device\Harddisk0\DR0 - ok

09:00:21.0203 2236 Boot (0x1200) (2c5b67dae903c794fc8e4a70224f5b5c) \Device\Harddisk0\DR0\Partition0

09:00:21.0203 2236 \Device\Harddisk0\DR0\Partition0 - ok

09:00:21.0203 2236 ============================================================

09:00:21.0203 2236 Scan finished

09:00:21.0203 2236 ============================================================

09:00:21.0218 2616 Detected object count: 0

09:00:21.0218 2616 Actual detected object count: 0

09:01:17.0250 0380 ============================================================

09:01:17.0250 0380 Scan started

09:01:17.0250 0380 Mode: Manual; SigCheck; TDLFS;

09:01:17.0250 0380 ============================================================

09:01:17.0625 0380 Abiosdsk - ok

09:01:17.0640 0380 abp480n5 - ok

09:01:17.0687 0380 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

09:01:19.0125 0380 ACPI - ok

09:01:19.0250 0380 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

09:01:19.0390 0380 ACPIEC - ok

09:01:19.0421 0380 adpu160m - ok

09:01:19.0468 0380 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

09:01:19.0593 0380 aec - ok

09:01:19.0640 0380 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

09:01:19.0687 0380 AFD - ok

09:01:19.0703 0380 Aha154x - ok

09:01:19.0718 0380 aic78u2 - ok

09:01:19.0718 0380 aic78xx - ok

09:01:19.0734 0380 AliIde - ok

09:01:19.0750 0380 amsint - ok

09:01:19.0781 0380 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\WINDOWS\system32\Drivers\ssadadb.sys

09:01:20.0015 0380 androidusb - ok

09:01:20.0031 0380 asc - ok

09:01:20.0031 0380 asc3350p - ok

09:01:20.0046 0380 asc3550 - ok

09:01:20.0109 0380 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

09:01:20.0234 0380 AsyncMac - ok

09:01:20.0265 0380 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

09:01:20.0390 0380 atapi - ok

09:01:20.0406 0380 Atdisk - ok

09:01:20.0500 0380 ati2mtag (e78b73eb84c257d0d940e041742d2699) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

09:01:20.0593 0380 ati2mtag - ok

09:01:20.0671 0380 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

09:01:20.0796 0380 Atmarpc - ok

09:01:20.0843 0380 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

09:01:20.0968 0380 audstub - ok

09:01:21.0000 0380 b57w2k (241474d01380e9ed41d4c07f4f5fd401) C:\WINDOWS\system32\DRIVERS\b57xp32.sys

09:01:21.0046 0380 b57w2k - ok

09:01:21.0109 0380 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

09:01:21.0234 0380 Beep - ok

09:01:21.0281 0380 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

09:01:21.0421 0380 cbidf2k - ok

09:01:21.0421 0380 cd20xrnt - ok

09:01:21.0468 0380 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

09:01:21.0578 0380 Cdaudio - ok

09:01:21.0609 0380 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

09:01:21.0734 0380 Cdfs - ok

09:01:21.0765 0380 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

09:01:21.0890 0380 Cdrom - ok

09:01:21.0921 0380 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys

09:01:21.0953 0380 cercsr6 ( UnsignedFile.Multi.Generic ) - warning

09:01:21.0953 0380 cercsr6 - detected UnsignedFile.Multi.Generic (1)

09:01:21.0968 0380 Changer - ok

09:01:21.0984 0380 CmdIde - ok

09:01:22.0000 0380 Cpqarray - ok

09:01:22.0015 0380 dac2w2k - ok

09:01:22.0015 0380 dac960nt - ok

09:01:22.0062 0380 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

09:01:22.0187 0380 Disk - ok

09:01:22.0250 0380 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

09:01:22.0390 0380 dmboot - ok

09:01:22.0421 0380 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

09:01:22.0562 0380 dmio - ok

09:01:22.0578 0380 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

09:01:22.0687 0380 dmload - ok

09:01:22.0718 0380 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

09:01:22.0859 0380 DMusic - ok

09:01:22.0875 0380 dpti2o - ok

09:01:22.0906 0380 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

09:01:23.0031 0380 drmkaud - ok

09:01:23.0078 0380 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

09:01:23.0203 0380 Fastfat - ok

09:01:23.0218 0380 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

09:01:23.0359 0380 Fdc - ok

09:01:23.0390 0380 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

09:01:23.0515 0380 Fips - ok

09:01:23.0546 0380 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

09:01:23.0671 0380 Flpydisk - ok

09:01:23.0703 0380 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

09:01:23.0828 0380 FltMgr - ok

09:01:23.0875 0380 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

09:01:24.0000 0380 Fs_Rec - ok

09:01:24.0015 0380 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

09:01:24.0140 0380 Ftdisk - ok

09:01:24.0171 0380 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

09:01:24.0281 0380 Gpc - ok

09:01:24.0312 0380 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

09:01:24.0437 0380 hidusb - ok

09:01:24.0453 0380 hpn - ok

09:01:24.0500 0380 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

09:01:24.0546 0380 HTTP - ok

09:01:24.0562 0380 i2omgmt - ok

09:01:24.0562 0380 i2omp - ok

09:01:24.0593 0380 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

09:01:24.0718 0380 i8042prt - ok

09:01:24.0796 0380 ialm (0f0194c4b635c10c3f785e4fee52d641) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

09:01:24.0890 0380 ialm - ok

09:01:24.0968 0380 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

09:01:25.0109 0380 Imapi - ok

09:01:25.0125 0380 ini910u - ok

09:01:25.0125 0380 IntelIde - ok

09:01:25.0156 0380 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

09:01:25.0281 0380 intelppm - ok

09:01:25.0296 0380 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

09:01:25.0421 0380 Ip6Fw - ok

09:01:25.0437 0380 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

09:01:25.0562 0380 IpFilterDriver - ok

09:01:25.0562 0380 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

09:01:25.0687 0380 IpInIp - ok

09:01:25.0718 0380 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

09:01:25.0843 0380 IpNat - ok

09:01:25.0875 0380 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

09:01:26.0000 0380 IPSec - ok

09:01:26.0015 0380 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

09:01:26.0125 0380 IRENUM - ok

09:01:26.0156 0380 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

09:01:26.0281 0380 isapnp - ok

09:01:26.0312 0380 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

09:01:26.0437 0380 Kbdclass - ok

09:01:26.0453 0380 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

09:01:26.0562 0380 kbdhid - ok

09:01:26.0593 0380 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

09:01:26.0718 0380 kmixer - ok

09:01:26.0750 0380 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

09:01:26.0828 0380 KSecDD - ok

09:01:26.0828 0380 lbrtfdc - ok

09:01:26.0890 0380 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

09:01:27.0015 0380 mnmdd - ok

09:01:27.0062 0380 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

09:01:27.0171 0380 Modem - ok

09:01:27.0187 0380 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

09:01:27.0328 0380 Mouclass - ok

09:01:27.0343 0380 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

09:01:27.0468 0380 mouhid - ok

09:01:27.0484 0380 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

09:01:27.0609 0380 MountMgr - ok

09:01:27.0656 0380 MpKsl4379156b - ok

09:01:27.0656 0380 MpKsl59b9c265 - ok

09:01:27.0671 0380 MpKsl7f95f8f5 - ok

09:01:27.0671 0380 MpKsla16c7311 - ok

09:01:27.0687 0380 mraid35x - ok

09:01:27.0703 0380 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

09:01:27.0828 0380 MRxDAV - ok

09:01:27.0843 0380 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

09:01:27.0890 0380 MRxSmb - ok

09:01:27.0937 0380 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

09:01:28.0078 0380 Msfs - ok

09:01:28.0109 0380 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

09:01:28.0218 0380 MSKSSRV - ok

09:01:28.0234 0380 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

09:01:28.0359 0380 MSPCLOCK - ok

09:01:28.0375 0380 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

09:01:28.0484 0380 MSPQM - ok

09:01:28.0515 0380 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

09:01:28.0640 0380 mssmbios - ok

09:01:28.0687 0380 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

09:01:28.0718 0380 Mup - ok

09:01:28.0781 0380 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

09:01:28.0906 0380 NDIS - ok

09:01:28.0953 0380 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

09:01:29.0015 0380 NdisTapi - ok

09:01:29.0031 0380 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

09:01:29.0156 0380 Ndisuio - ok

09:01:29.0187 0380 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

09:01:29.0312 0380 NdisWan - ok

09:01:29.0343 0380 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

09:01:29.0406 0380 NDProxy - ok

09:01:29.0421 0380 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

09:01:29.0546 0380 NetBIOS - ok

09:01:29.0578 0380 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

09:01:29.0703 0380 NetBT - ok

09:01:29.0734 0380 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

09:01:29.0859 0380 Npfs - ok

09:01:29.0906 0380 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

09:01:30.0031 0380 Ntfs - ok

09:01:30.0093 0380 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

09:01:30.0218 0380 Null - ok

09:01:30.0250 0380 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

09:01:30.0375 0380 NwlnkFlt - ok

09:01:30.0390 0380 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

09:01:30.0500 0380 NwlnkFwd - ok

09:01:30.0531 0380 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

09:01:30.0656 0380 Parport - ok

09:01:30.0687 0380 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

09:01:30.0796 0380 PartMgr - ok

09:01:30.0859 0380 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

09:01:30.0984 0380 ParVdm - ok

09:01:31.0000 0380 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

09:01:31.0125 0380 PCI - ok

09:01:31.0125 0380 PCIDump - ok

09:01:31.0156 0380 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

09:01:31.0265 0380 PCIIde - ok

09:01:31.0281 0380 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

09:01:31.0406 0380 Pcmcia - ok

09:01:31.0406 0380 PDCOMP - ok

09:01:31.0421 0380 PDFRAME - ok

09:01:31.0421 0380 PDRELI - ok

09:01:31.0437 0380 PDRFRAME - ok

09:01:31.0453 0380 perc2 - ok

09:01:31.0453 0380 perc2hib - ok

09:01:31.0500 0380 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

09:01:31.0625 0380 PptpMiniport - ok

09:01:31.0640 0380 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

09:01:31.0750 0380 PSched - ok

09:01:31.0796 0380 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

09:01:31.0921 0380 Ptilink - ok

09:01:31.0953 0380 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys

09:01:31.0968 0380 PxHelp20 - ok

09:01:31.0968 0380 ql1080 - ok

09:01:31.0984 0380 Ql10wnt - ok

09:01:32.0000 0380 ql12160 - ok

09:01:32.0000 0380 ql1240 - ok

09:01:32.0015 0380 ql1280 - ok

09:01:32.0046 0380 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

09:01:32.0171 0380 RasAcd - ok

09:01:32.0203 0380 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

09:01:32.0343 0380 Rasl2tp - ok

09:01:32.0343 0380 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

09:01:32.0468 0380 RasPppoe - ok

09:01:32.0500 0380 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

09:01:32.0640 0380 Raspti - ok

09:01:32.0656 0380 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

09:01:32.0796 0380 Rdbss - ok

09:01:32.0812 0380 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

09:01:32.0953 0380 RDPCDD - ok

09:01:32.0984 0380 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

09:01:33.0109 0380 rdpdr - ok

09:01:33.0156 0380 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

09:01:33.0171 0380 RDPWD - ok

09:01:33.0203 0380 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

09:01:33.0328 0380 redbook - ok

09:01:33.0359 0380 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys

09:01:33.0406 0380 RimUsb - ok

09:01:33.0500 0380 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

09:01:33.0515 0380 SASDIFSV - ok

09:01:33.0531 0380 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

09:01:33.0531 0380 SASKUTIL - ok

09:01:33.0593 0380 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

09:01:33.0718 0380 Secdrv - ok

09:01:33.0796 0380 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys

09:01:33.0859 0380 senfilt - ok

09:01:33.0906 0380 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

09:01:34.0031 0380 serenum - ok

09:01:34.0062 0380 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

09:01:34.0187 0380 Serial - ok

09:01:34.0218 0380 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

09:01:34.0328 0380 Sfloppy - ok

09:01:34.0343 0380 Simbad - ok

09:01:34.0406 0380 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys

09:01:34.0437 0380 smwdm - ok

09:01:34.0437 0380 Sparrow - ok

09:01:34.0468 0380 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

09:01:34.0609 0380 splitter - ok

09:01:34.0640 0380 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

09:01:34.0765 0380 sr - ok

09:01:34.0812 0380 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

09:01:34.0859 0380 Srv - ok

09:01:34.0906 0380 ssadbus (48f44a1be434830b7c90fb730745f65a) C:\WINDOWS\system32\DRIVERS\ssadbus.sys

09:01:34.0906 0380 ssadbus - ok

09:01:34.0937 0380 ssadmdfl (9630b486b62cc0adb0a89152ed0218d7) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys

09:01:34.0937 0380 ssadmdfl - ok

09:01:34.0968 0380 ssadmdm (9afaa23421622c392b55508fa9613949) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys

09:01:34.0984 0380 ssadmdm - ok

09:01:35.0015 0380 ssadserd (1cac71d756ce00ae0681f9028dde874b) C:\WINDOWS\system32\DRIVERS\ssadserd.sys

09:01:35.0031 0380 ssadserd - ok

09:01:35.0062 0380 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

09:01:35.0187 0380 swenum - ok

09:01:35.0218 0380 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

09:01:35.0343 0380 swmidi - ok

09:01:35.0359 0380 symc810 - ok

09:01:35.0359 0380 symc8xx - ok

09:01:35.0375 0380 sym_hi - ok

09:01:35.0390 0380 sym_u3 - ok

09:01:35.0406 0380 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

09:01:35.0546 0380 sysaudio - ok

09:01:35.0593 0380 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

09:01:35.0671 0380 Tcpip - ok

09:01:35.0718 0380 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

09:01:35.0843 0380 TDPIPE - ok

09:01:35.0859 0380 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

09:01:35.0984 0380 TDTCP - ok

09:01:36.0000 0380 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

09:01:36.0125 0380 TermDD - ok

09:01:36.0140 0380 TosIde - ok

09:01:36.0171 0380 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

09:01:36.0281 0380 Udfs - ok

09:01:36.0296 0380 ultra - ok

09:01:36.0359 0380 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

09:01:36.0500 0380 Update - ok

09:01:36.0531 0380 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

09:01:36.0640 0380 usbccgp - ok

09:01:36.0671 0380 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

09:01:36.0796 0380 usbehci - ok

09:01:36.0828 0380 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

09:01:36.0968 0380 usbhub - ok

09:01:36.0984 0380 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

09:01:37.0109 0380 usbprint - ok

09:01:37.0140 0380 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

09:01:37.0265 0380 USBSTOR - ok

09:01:37.0281 0380 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

09:01:37.0406 0380 usbuhci - ok

09:01:37.0437 0380 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

09:01:37.0546 0380 VgaSave - ok

09:01:37.0546 0380 ViaIde - ok

09:01:37.0578 0380 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

09:01:37.0687 0380 VolSnap - ok

09:01:37.0734 0380 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

09:01:37.0843 0380 Wanarp - ok

09:01:37.0906 0380 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

09:01:37.0921 0380 Wdf01000 - ok

09:01:37.0937 0380 WDICA - ok

09:01:37.0968 0380 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

09:01:38.0093 0380 wdmaud - ok

09:01:38.0171 0380 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

09:01:38.0312 0380 WS2IFSL - ok

09:01:38.0343 0380 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

09:01:38.0468 0380 \Device\Harddisk0\DR0 - ok

09:01:38.0484 0380 Boot (0x1200) (2c5b67dae903c794fc8e4a70224f5b5c) \Device\Harddisk0\DR0\Partition0

09:01:38.0484 0380 \Device\Harddisk0\DR0\Partition0 - ok

09:01:38.0484 0380 ============================================================

09:01:38.0484 0380 Scan finished

09:01:38.0484 0380 ============================================================

09:01:38.0593 3376 Detected object count: 1

09:01:38.0593 3376 Actual detected object count: 1

09:03:06.0734 3376 cercsr6 ( UnsignedFile.Multi.Generic ) - skipped by user

09:03:06.0734 3376 cercsr6 ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:03:13.0343 2656 Deinitialize success

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 6.0.2900.5512

Run by Reception at 9:04:19 on 2011-11-28

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.402 [GMT -5:00]

.

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Documents and Settings\All Users\Application Data\FileOpen\Services\FileOpenManagerSvc32.exe

C:\Program Files\FMAuditOnsite\fmaonsite.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe

C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe

C:\Program Files\WinRar\WinRAR.exe

C:\Program Files\WinRar\WinRAR.exe

C:\WINDOWS\system32\notepad.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2504091

uWindow Title = Windows Internet Explorer provided by MSN & Bing

mDefault_Search_URL = hxxp://www.google.com/ie

mSearchAssistant = hxxp://www.google.com/ie

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

StartupFolder: c:\docume~1\recept~1\startm~1\programs\startup\launch~1.lnk - c:\documents and settings\reception\application data\verizon\ua_ar\UtilityApplication.exe

StartupFolder: c:\docume~1\recept~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

Link to post
Share on other sites

ComboFix 11-11-28.02 - Reception 11/28/2011 15:12:44.1.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.512 [GMT -5:00]

Running from: c:\documents and settings\Reception\Desktop\ComboFix.exe

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\accounting\Application Data\alot

c:\documents and settings\All Users\Application Data\TEMP

c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\extensions\{944ae395-0a57-4ef4-828f-e615c034c589}

c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\extensions\{944ae395-0a57-4ef4-828f-e615c034c589}\chrome.manifest

c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\extensions\{944ae395-0a57-4ef4-828f-e615c034c589}\chrome\xulcache.jar

c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\extensions\{944ae395-0a57-4ef4-828f-e615c034c589}\defaults\preferences\xulcache.js

c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\extensions\{944ae395-0a57-4ef4-828f-e615c034c589}\install.rdf

c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\extensions\{f978a793-7fa2-4ad1-812e-d06b4202ca0a}

c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\extensions\{f978a793-7fa2-4ad1-812e-d06b4202ca0a}\chrome.manifest

c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\extensions\{f978a793-7fa2-4ad1-812e-d06b4202ca0a}\chrome\xulcache.jar

c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\extensions\{f978a793-7fa2-4ad1-812e-d06b4202ca0a}\defaults\preferences\xulcache.js

c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\extensions\{f978a793-7fa2-4ad1-812e-d06b4202ca0a}\install.rdf

c:\documents and settings\Reception\jiwyjmgobz.tmp

c:\windows\iun6002.exe

c:\windows\system32\spool\prtprocs\w32x86\xpdpp.dll

.

.

((((((((((((((((((((((((( Files Created from 2011-10-28 to 2011-11-28 )))))))))))))))))))))))))))))))

.

.

2011-11-17 22:45 . 2011-11-17 22:47 -------- d-----w- c:\documents and settings\Reception\Application Data\DivX

2011-11-17 22:43 . 2011-11-17 22:45 -------- d-----w- c:\program files\DivX

2011-11-17 22:43 . 2011-11-17 22:45 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX

2011-11-11 19:33 . 2011-11-16 16:01 -------- d-----w- c:\documents and settings\All Users\Application Data\STOPzilla!

2011-11-11 19:33 . 2011-11-11 19:33 -------- d-----w- c:\program files\Common Files\iS3

2011-11-11 16:53 . 2011-11-16 15:59 -------- d-----w- c:\program files\Free Internet Window Washer

2011-11-11 13:07 . 2011-09-05 13:56 81920 ----a-w- c:\windows\system32\ieencode.dll

2011-11-11 13:07 . 2011-09-05 13:56 81920 ----a-w- c:\windows\system32\dllcache\ieencode.dll

2011-11-08 13:17 . 2011-11-08 13:17 -------- d-----w- c:\program files\Starpoint Software

2011-11-01 18:26 . 2011-04-29 19:07 852480 -c--a-w- c:\windows\system32\dllcache\vgx.dll

2011-10-31 20:53 . 2011-10-31 20:53 -------- d-----w- c:\documents and settings\Reception\.swt

2011-10-31 20:53 . 2011-11-17 22:02 -------- d-----w- c:\documents and settings\Reception\Application Data\Azureus

2011-10-31 20:52 . 2011-10-31 21:31 -------- d-----w- c:\documents and settings\Reception\Local Settings\Application Data\Conduit

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-20 23:26 . 2011-10-20 23:26 94208 ----a-w- c:\windows\system32\dpl100.dll

2011-10-10 14:22 . 2007-07-30 19:32 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-09-28 07:06 . 2004-08-04 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-09-27 20:09 . 2011-09-01 13:35 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-09-26 15:41 . 2008-07-30 00:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 15:41 . 2004-08-04 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-26 15:41 . 2004-08-04 12:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll

2011-09-06 13:20 . 2004-08-04 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys

2011-09-05 13:56 . 2004-08-04 12:00 667136 ----a-w- c:\windows\system32\wininet.dll

2011-09-05 13:56 . 2004-08-04 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx

2011-09-05 12:35 . 2004-08-04 12:00 369664 ----a-w- c:\windows\system32\html.iec

2011-08-31 21:00 . 2011-03-12 15:40 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-11 13:03 . 2011-10-31 21:49 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-11-17 4617600]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-20 149280]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

.

c:\documents and settings\Reception\Start Menu\Programs\Startup\

Launch Utility Application.lnk - c:\documents and settings\Reception\Application Data\Verizon\UA_ar\UtilityApplication.exe [2011-3-22 547840]

OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]

2006-03-24 03:13 77824 ----a-w- c:\windows\system32\hkcmd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]

2006-03-24 03:17 118784 ----a-w- c:\windows\system32\igfxpers.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]

2006-03-24 03:17 94208 ----a-w- c:\windows\system32\igfxtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]

2004-10-14 21:42 1404928 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=

"c:\\Program Files\\Google\\Google Earth Pro\\googleearth.exe"=

.

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 11:27 AM 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 4:55 PM 67664]

R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/11/2011 6:38 PM 116608]

R2 FMAuditOnsite;FMAudit Onsite;c:\program files\FMAuditOnsite\fmaonsite.exe [11/16/2011 5:56 PM 54864]

R2 MotoConnect Service;MotoConnect Service;c:\program files\Motorola\MotoConnectService\MotoConnectService.exe [7/5/2011 7:21 AM 91456]

S1 MpKsl4379156b;MpKsl4379156b;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B57ECADF-0654-4BC1-BD0A-53E78D8D2553}\MpKsl4379156b.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B57ECADF-0654-4BC1-BD0A-53E78D8D2553}\MpKsl4379156b.sys [?]

S1 MpKsl59b9c265;MpKsl59b9c265;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B605622E-1DF1-455E-9351-2E1880A224E0}\MpKsl59b9c265.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B605622E-1DF1-455E-9351-2E1880A224E0}\MpKsl59b9c265.sys [?]

S1 MpKsl7f95f8f5;MpKsl7f95f8f5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FF8FA3BF-18A9-44A0-8C0C-99DA5AB21A23}\MpKsl7f95f8f5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FF8FA3BF-18A9-44A0-8C0C-99DA5AB21A23}\MpKsl7f95f8f5.sys [?]

S1 MpKsla16c7311;MpKsla16c7311;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7F4BEF5A-C8B3-4A58-828D-AE3473A652C0}\MpKsla16c7311.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7F4BEF5A-C8B3-4A58-828D-AE3473A652C0}\MpKsla16c7311.sys [?]

S2 FileOpenManagerSvc;FileOpenManagerSvc;c:\documents and settings\All Users\Application Data\FileOpen\Services\FileOpenManagerSvc32.exe [3/9/2011 5:02 PM 212352]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/7/2011 11:10 AM 136176]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [8/24/2011 10:17 AM 30312]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/7/2011 11:10 AM 136176]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [8/24/2011 10:17 AM 121192]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [8/24/2011 10:17 AM 12776]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [8/24/2011 10:17 AM 136680]

S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [8/24/2011 10:18 AM 114152]

.

--- Other Services/Drivers In Memory ---

.

*Deregistered* - FileOpenWebPublisherScreenHookDriver

.

Contents of the 'Scheduled Tasks' folder

.

2011-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc24512fa0e2d6.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-07 16:10]

.

2011-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cc24513002a340.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-07 16:10]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2504091

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 184.168.39.1 68.105.28.16 68.10.16.245

DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://games.king.com/ctl/kingcomie.cab

FF - ProfilePath - c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/

FF - prefs.js: network.proxy.type - 0

.

.

------- File Associations -------

.

.txt=

.

- - - - ORPHANS REMOVED - - - -

.

Notify-TPSvc - TPSvc.dll

AddRemove-Speccy - E:\uninst.exe

AddRemove-Starpoint Software Super Slug 3.1 ANSI Full Version - c:\windows\iun6002.exe

AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe

AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe

AddRemove-16_Shrewsbury - c:\program files\SAMSUNG\USB Drivers\16_Shrewsbury\Uninstall.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-11-28 15:16

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Microsoft\DbgagD\1*]

"value"="?\0a\01\1f\145\1bT"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(652)

c:\program files\SUPERAntiSpyware\SASWINLO.DLL

c:\windows\system32\Ati2evxx.dll

.

Completion time: 2011-11-28 15:18:19

ComboFix-quarantined-files.txt 2011-11-28 20:18

.

Pre-Run: 47,147,696,128 bytes free

Post-Run: 47,325,085,696 bytes free

.

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

.

- - End Of File - - BB81C7FBDA7D533B17FAA7AC4D820568

Link to post
Share on other sites

Open Notepad and copy and paste the text in the code box below into it:

Folder::
c:\documents and settings\Reception\Application Data\Azureus
c:\documents and settings\Reception\Local Settings\Application Data\Conduit

DDS::
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2504091

Save the file to your desktop and name it CFScript.txt

Then drag the CFScript.txt into the ComboFix.exe as shown in the screenshot below.

CFScriptB-4.gif

This will start ComboFix again. It may ask to reboot. Post the contents of Combofix.txt in your next reply.

Note: These instructions and script were created specifically for this user. If you are not this user, do NOT follow these instructions or use this script as it could damage the workings of your system.

In your next post here, please include ComboFix.txt and let me know how are things there.

Link to post
Share on other sites

ComboFix 11-11-29.04 - Reception 11/29/2011 16:13:40.2.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.582 [GMT -5:00]

Running from: c:\documents and settings\Reception\Desktop\ComboFix.exe

Command switches used :: c:\documents and settings\Reception\Desktop\CFScript.txt

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\Reception\Application Data\Azureus

c:\documents and settings\Reception\Application Data\Azureus\.certs

c:\documents and settings\Reception\Application Data\Azureus\.keystore

c:\documents and settings\Reception\Application Data\Azureus\.lock

c:\documents and settings\Reception\Application Data\Azureus\active\cache.dat

c:\documents and settings\Reception\Application Data\Azureus\azureus.config

c:\documents and settings\Reception\Application Data\Azureus\azureus.config.bak

c:\documents and settings\Reception\Application Data\Azureus\azureus.statistics

c:\documents and settings\Reception\Application Data\Azureus\azureus.statistics.bak

c:\documents and settings\Reception\Application Data\Azureus\devices.config

c:\documents and settings\Reception\Application Data\Azureus\devices.config.bak

c:\documents and settings\Reception\Application Data\Azureus\dht\addresses.dat

c:\documents and settings\Reception\Application Data\Azureus\dht\contacts.dat

c:\documents and settings\Reception\Application Data\Azureus\dht\diverse.dat

c:\documents and settings\Reception\Application Data\Azureus\dht\general.dat

c:\documents and settings\Reception\Application Data\Azureus\downloads.config

c:\documents and settings\Reception\Application Data\Azureus\downloads.config.bak

c:\documents and settings\Reception\Application Data\Azureus\ipfilter.cache

c:\documents and settings\Reception\Application Data\Azureus\logs\debug_1.log

c:\documents and settings\Reception\Application Data\Azureus\logs\Plugin Update_1.log

c:\documents and settings\Reception\Application Data\Azureus\logs\UPnP_1.log

c:\documents and settings\Reception\Application Data\Azureus\metasearch.config

c:\documents and settings\Reception\Application Data\Azureus\metasearch.config.bak

c:\documents and settings\Reception\Application Data\Azureus\net\pm_22773.dat

c:\documents and settings\Reception\Application Data\Azureus\net\pm_default.dat

c:\documents and settings\Reception\Application Data\Azureus\plugins\aefeatman_v\aefeatman_v_1.2.jar

c:\documents and settings\Reception\Application Data\Azureus\plugins\aefeatman_v\aefeatman_v_1.2.zip

c:\documents and settings\Reception\Application Data\Azureus\plugins\aefeatman_v\plugin.properties

c:\documents and settings\Reception\Application Data\Azureus\plugins\aefeatman_v\plugin.properties_1.2

c:\documents and settings\Reception\Application Data\Azureus\plugins\azupnpav\cd.dat

c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\azutp_0.2.8.jar

c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\azutp_0.2.8.zip

c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\azutp_0.2.9.jar

c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\azutp_0.2.9.zip

c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\plugin.properties

c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\plugin.properties_0.2.9

c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\plugin_install.properties

c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\plugin_install.properties_0.2.9

c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\win32\LICENSE

c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\win32\LICENSE.bak

c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\win32\msvcr100.dll

c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\win32\msvcr100.dll.bak

c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\win32\utp.dll

c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\win32\utp.dll.bak

c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\x64\LICENSE

c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\x64\LICENSE.bak

c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\x64\msvcr100.dll

c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\x64\msvcr100.dll.bak

c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\x64\utp.dll

c:\documents and settings\Reception\Application Data\Azureus\plugins\azutp\x64\utp.dll.bak

c:\documents and settings\Reception\Application Data\Azureus\sidebarauto.config

c:\documents and settings\Reception\Application Data\Azureus\sidebarauto.config.bak

c:\documents and settings\Reception\Application Data\Azureus\tables.config

c:\documents and settings\Reception\Application Data\Azureus\tables.config.bak

c:\documents and settings\Reception\Application Data\Azureus\tmp\AZU3267646735246781106.tmp

c:\documents and settings\Reception\Application Data\Azureus\tmp\AZU4518990992366965161.tmp

c:\documents and settings\Reception\Application Data\Azureus\tmp\AZU5247856705134621498.tmp

c:\documents and settings\Reception\Application Data\Azureus\tmp\AZU6821208663899404670.tmp

c:\documents and settings\Reception\Application Data\Azureus\tmp\AZU8263234504057347564.tmp

c:\documents and settings\Reception\Application Data\Azureus\tmp\AZU979599444215951439.tmp

c:\documents and settings\Reception\Application Data\Azureus\VuzeActivities.config

c:\documents and settings\Reception\Application Data\Azureus\VuzeActivities.config.bak

c:\documents and settings\Reception\Local Settings\Application Data\Conduit

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\AppNotification.js

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\close.png

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\like.png

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next.png

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next_hover.png

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\powered-by.png

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev.png

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev_hover.png

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\settings.png

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Thumbs.db

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\initialNotification.html

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\main.html

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyle.css

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyleIE9.css

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\sampleNotification.html

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\DialogsAPI.js

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\PIE.htc

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\settings.js

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\version.txt

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_897164_892962_US.xml

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_909619_905414_US.xml

c:\documents and settings\Reception\Local Settings\Application Data\Conduit\Community Alerts\LanguagePacks\en.xml

c:\windows\system32\usmt\migwiz_a.exe

.

.

((((((((((((((((((((((((( Files Created from 2011-10-28 to 2011-11-29 )))))))))))))))))))))))))))))))

.

.

2011-11-17 22:45 . 2011-11-17 22:47 -------- d-----w- c:\documents and settings\Reception\Application Data\DivX

2011-11-17 22:43 . 2011-11-17 22:45 -------- d-----w- c:\program files\DivX

2011-11-17 22:43 . 2011-11-17 22:45 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX

2011-11-11 19:33 . 2011-11-16 16:01 -------- d-----w- c:\documents and settings\All Users\Application Data\STOPzilla!

2011-11-11 19:33 . 2011-11-11 19:33 -------- d-----w- c:\program files\Common Files\iS3

2011-11-11 16:53 . 2011-11-16 15:59 -------- d-----w- c:\program files\Free Internet Window Washer

2011-11-11 13:07 . 2011-09-05 13:56 81920 ----a-w- c:\windows\system32\ieencode.dll

2011-11-11 13:07 . 2011-09-05 13:56 81920 ----a-w- c:\windows\system32\dllcache\ieencode.dll

2011-11-08 13:17 . 2011-11-08 13:17 -------- d-----w- c:\program files\Starpoint Software

2011-11-01 18:26 . 2011-04-29 19:07 852480 -c--a-w- c:\windows\system32\dllcache\vgx.dll

2011-10-31 20:53 . 2011-10-31 20:53 -------- d-----w- c:\documents and settings\Reception\.swt

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-20 23:26 . 2011-10-20 23:26 94208 ----a-w- c:\windows\system32\dpl100.dll

2011-10-10 14:22 . 2007-07-30 19:32 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-09-28 07:06 . 2004-08-04 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-09-27 20:09 . 2011-09-01 13:35 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-09-26 15:41 . 2008-07-30 00:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 15:41 . 2004-08-04 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-26 15:41 . 2004-08-04 12:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll

2011-09-06 13:20 . 2004-08-04 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys

2011-09-05 13:56 . 2004-08-04 12:00 667136 ----a-w- c:\windows\system32\wininet.dll

2011-09-05 13:56 . 2004-08-04 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx

2011-09-05 12:35 . 2004-08-04 12:00 369664 ----a-w- c:\windows\system32\html.iec

2011-11-11 13:03 . 2011-10-31 21:49 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-11-17 4617600]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-20 149280]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

.

c:\documents and settings\Reception\Start Menu\Programs\Startup\

Launch Utility Application.lnk - c:\documents and settings\Reception\Application Data\Verizon\UA_ar\UtilityApplication.exe [2011-3-22 547840]

OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]

2006-03-24 03:13 77824 ----a-w- c:\windows\system32\hkcmd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]

2006-03-24 03:17 118784 ----a-w- c:\windows\system32\igfxpers.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]

2006-03-24 03:17 94208 ----a-w- c:\windows\system32\igfxtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]

2004-10-14 21:42 1404928 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=

"c:\\Program Files\\Google\\Google Earth Pro\\googleearth.exe"=

.

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 11:27 AM 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 4:55 PM 67664]

R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [8/11/2011 6:38 PM 116608]

R2 FMAuditOnsite;FMAudit Onsite;c:\program files\FMAuditOnsite\fmaonsite.exe [11/16/2011 5:56 PM 54864]

R2 MotoConnect Service;MotoConnect Service;c:\program files\Motorola\MotoConnectService\MotoConnectService.exe [7/5/2011 7:21 AM 91456]

S1 MpKsl4379156b;MpKsl4379156b;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B57ECADF-0654-4BC1-BD0A-53E78D8D2553}\MpKsl4379156b.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B57ECADF-0654-4BC1-BD0A-53E78D8D2553}\MpKsl4379156b.sys [?]

S1 MpKsl59b9c265;MpKsl59b9c265;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B605622E-1DF1-455E-9351-2E1880A224E0}\MpKsl59b9c265.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B605622E-1DF1-455E-9351-2E1880A224E0}\MpKsl59b9c265.sys [?]

S1 MpKsl7f95f8f5;MpKsl7f95f8f5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FF8FA3BF-18A9-44A0-8C0C-99DA5AB21A23}\MpKsl7f95f8f5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FF8FA3BF-18A9-44A0-8C0C-99DA5AB21A23}\MpKsl7f95f8f5.sys [?]

S1 MpKsla16c7311;MpKsla16c7311;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7F4BEF5A-C8B3-4A58-828D-AE3473A652C0}\MpKsla16c7311.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7F4BEF5A-C8B3-4A58-828D-AE3473A652C0}\MpKsla16c7311.sys [?]

S2 FileOpenManagerSvc;FileOpenManagerSvc;c:\documents and settings\All Users\Application Data\FileOpen\Services\FileOpenManagerSvc32.exe [3/9/2011 5:02 PM 212352]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/7/2011 11:10 AM 136176]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [8/24/2011 10:17 AM 30312]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/7/2011 11:10 AM 136176]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [8/24/2011 10:17 AM 121192]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [8/24/2011 10:17 AM 12776]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [8/24/2011 10:17 AM 136680]

S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [8/24/2011 10:18 AM 114152]

.

--- Other Services/Drivers In Memory ---

.

*Deregistered* - FileOpenWebPublisherScreenHookDriver

.

Contents of the 'Scheduled Tasks' folder

.

2011-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc24512fa0e2d6.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-07 16:10]

.

2011-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cc24513002a340.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-07 16:10]

.

.

------- Supplementary Scan -------

.

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 184.168.39.1 68.105.28.16 68.10.16.245

DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://games.king.com/ctl/kingcomie.cab

FF - ProfilePath - c:\documents and settings\Reception\Application Data\Mozilla\Firefox\Profiles\m1s1x1jp.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/

FF - prefs.js: network.proxy.type - 0

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-11-29 16:19

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Microsoft\DbgagD\1*]

"value"="?\0a\01\1f\145\1bT"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(652)

c:\program files\SUPERAntiSpyware\SASWINLO.DLL

c:\windows\system32\Ati2evxx.dll

.

Completion time: 2011-11-29 16:20:34

ComboFix-quarantined-files.txt 2011-11-29 21:20

ComboFix2.txt 2011-11-28 20:18

.

Pre-Run: 47,273,504,768 bytes free

Post-Run: 47,258,046,464 bytes free

.

- - End Of File - - 655829EE6978CDE66586CCD1EE8E86B4

Link to post
Share on other sites

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software

Run date: 2011-11-29 16:30:10

-----------------------------

16:30:10.625 OS Version: Windows 5.1.2600 Service Pack 3

16:30:10.625 Number of processors: 2 586 0x403

16:30:10.625 ComputerName: FRONT-DESK-PC UserName: Reception

16:30:11.781 Initialize success

16:30:15.453 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e

16:30:15.468 Disk 0 Vendor: ST380819AS 8.03 Size: 76293MB BusType: 3

16:30:17.500 Disk 0 MBR read successfully

16:30:17.500 Disk 0 MBR scan

16:30:17.500 Disk 0 Windows XP default MBR code

16:30:17.500 Disk 0 scanning sectors +156232125

16:30:17.578 Disk 0 scanning C:\WINDOWS\system32\drivers

16:30:22.000 Service scanning

16:30:23.000 Modules scanning

16:30:25.718 Disk 0 trace - called modules:

16:30:25.734 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS

16:30:25.734 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86560ab8]

16:30:25.750 3 CLASSPNP.SYS[f75fefd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-e[0x865e7590]

16:30:25.750 Scan finished successfully

16:30:43.484 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Reception\Desktop\MBR.dat"

16:30:43.484 The log file has been saved successfully to "C:\Documents and Settings\Reception\Desktop\aswMBR.txt"

Link to post
Share on other sites

Sounds good. :)

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right

AVPfront.gif

Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan

avpsettings.gif

Allow AVP to delete all infections found

Once it has finished select report tab (last tab)

Select Detected threads report from the left and press Save button

Save it to your desktop and post it in your next reply.

Link to post
Share on other sites

Status: Deleted (events: 2)

11/30/2011 4:18:26 PM Deleted Trojan program Trojan.Win32.Searches.adj C:\System Volume Information\_restore{796C785C-9BA7-4A7A-9E47-006AAD54BD0A}\RP316\A0042053.dll High

11/30/2011 4:18:26 PM Deleted Trojan program Trojan.Win32.Searches.adj C:\System Volume Information\_restore{796C785C-9BA7-4A7A-9E47-006AAD54BD0A}\RP316\A0042053.dll//DoomPack High

Link to post
Share on other sites

Here you go:

  1. Please run a free online scan with the ESET Online Scanner
    Note: You will need to use Internet Explorer for this scan
  2. Tick the box next to YES, I accept the Terms of Use
  3. Click Start
  4. When asked, allow the ActiveX control to install
  5. Click Start
  6. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  7. Click Scan (This scan can take several hours, so please be patient)
  8. Once the scan is completed, you may close the window
  9. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  10. Copy and paste that log as a reply to this topic

Link to post
Share on other sites

i would prefer not to use internet explorer. Seems like something bad happens every time its open. I had deleted it, but during the course of some of these repairs it appears to be back (an old version). I would rather delete the program then use it again. Anything else we can do instead.

Have a good weekend

Link to post
Share on other sites

Download Dr.Web CureIt to the desktop.

  • Doubleclick the drweb-cureit.exe file, then on Start and allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, chose the Complete Scan.
  • Select all drives. A red dot shows which drives have been chosen.
  • Click the green arrow drweb_green_arrow.jpg at the right, and the scan will start.
  • Click 'Yes to all' if it asks if you want to cure/move the file.
  • When the scan has finished, look and see if you can click the following icon next to the files found:
    drweb_check.gif
  • If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
    drweb_move.gif
  • This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)
  • After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.
  • Reboot your computer to allow files that were in use to be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web you saved previously in your next reply along with a new OTL log.

NOTE: During the scan, a pop-up window will open asking for full version purchase. Simply close the window by clicking on X in upper right corner.

Link to post
Share on other sites

I don't see my post about not wanting to use ie. Anyway, i posted earlier about being hesitant to use ie for anything. I actually had deleted it, but it reappeared at some point during our fixes; i would prefer to just delete it again.

Anything else besides a program that users ie?

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.