Jump to content

At my wits' end.

Kircheis

By Kircheis
in Resolved Malware Removal Logs

 Share

Recommended Posts

Kircheis

Kircheis

Posted
Posted

Hello,

I had two infected registry keys on 11/28 that appear to have been successfully cleaned. However, I'm still experiencing freezing, blue-screens and my computer running at a glacial pace in general.

Malwarebytes and avast! are both coming up clean.

Here is my DDS log:

.

DDS (Ver_2011-08-26.01) - NTFSx86 MINIMAL

Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_29

Run by Schiesty-ass m0f0 at 19:25:53 on 2011-12-05

Microsoft Windows XP Professional 5.1.2600.3.932.81.1033.18.1022.797 [GMT -5:00]

.

AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

FW: COMODO Firewall *Enabled*

.

============== Running Processes ===============

.

C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\conime.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.kanji-a-day.com/level3/index.php

uSearch Page = hxxp://www.google.com/hws/sb/dell-inc/en/side.html?channel=us

uSearch Bar = hxxp://www.google.com/hws/sb/dell-inc/en/side.html?channel=us

uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us

uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us

uInternet Settings,ProxyOverride = <local>

mSearchAssistant = hxxp://www.google.com/hws/sb/dell-inc/en/side.html?channel=us

uURLSearchHooks: AOL Messaging Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll

mURLSearchHooks: AOL Messaging Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll

BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar2.dll

BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: AOL Messaging Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - c:\program files\aim toolbar\aimtb.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar2.dll

TB: AOL Messaging Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe"

uRun: [Google Update] "c:\documents and settings\schiesty-ass m0f0\local settings\application data\google\update\GoogleUpdate.exe" /c

uRun: [F.lux] "c:\documents and settings\schiesty-ass m0f0\local settings\apps\f.lux\flux.exe" /noshow

mRun: [ehTray] c:\windows\ehome\ehtray.exe

mRun: [sigmatelSysTrayApp] stsystra.exe

mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"

mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe

mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [DAEMON Tools] "c:\program files\daemon tools\daemon.exe" -lang 1033

mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall

mRun: [AOLDialer] c:\program files\common files\aol\acs\AOLDial.exe

mRun: [HostManager] c:\program files\common files\aol\1175277761\ee\AOLSoftware.exe

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [igfxtray] c:\windows\system32\igfxtray.exe

mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui

mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

StartupFolder: c:\docume~1\schies~1\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe

IE: &Download by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/201

IE: &Google Search - c:\program files\google\GoogleToolbar2.dll/cmsearch.html

IE: &Grab video by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/204

IE: &Translate English Word - c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html

IE: Backward Links - c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar2.dll/cmcache.html

IE: Do&wnload selected by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/203

IE: Down&load all by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/202

IE: Similar Pages - c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

IE: Translate Page into English - c:\program files\google\GoogleToolbar2.dll/cmtrans.html

IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll

Trusted Zone: apple.com\www

Trusted Zone: musicmatch.com\online

DPF: {17492023-C23A-453E-A040-C7C580BBF700}

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{93968D85-DEF1-45EB-870D-451EE1528CB3} : NameServer = 8.26.56.26,156.154.70.22

TCP: Interfaces\{93968D85-DEF1-45EB-870D-451EE1528CB3} : DhcpNameServer = 192.168.1.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: igfxcui - igfxdev.dll

AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll, c:\progra~1\google\google~1\goec62~1.dll c:\progra~1\google\google~1\goec62~1.dll c:\windows\system32\guard32.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\schiesty-ass m0f0\application data\mozilla\firefox\profiles\gniumnok.default\

FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us&tb_uuid=20110325112914718&tb_oid=25-03-2011&tb_mrud=25-03-2011

FF - prefs.js: browser.search.selectedEngine - AIM Search

FF - prefs.js: browser.startup.homepage - hxxp://www.aol.com/?src=aim&ncid=snsusaimc00000001

FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?invocationType=bu10aiminstabie7&sredir=2706&query=

.

---- FIREFOX POLICIES ----

FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false

============= SERVICES / DRIVERS ===============

.

R2 aawservice;Ad-Aware 2007 Service;c:\program files\lavasoft\ad-aware 2007\aawservice.exe [2008-1-4 587096]

R2 CLPSLS;COMODO livePCsupport Service;c:\program files\comodo\comodo geekbuddy\CLPSLS.exe [2011-5-25 154424]

S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-11-28 435032]

S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-11-28 314456]

S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2011-10-7 492768]

S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2011-10-7 31704]

S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-11-28 20568]

S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-11-28 44768]

S2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2011-10-7 1883328]

S2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]

S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-9-24 24652]

S3 A5AGU;D-Link USB Wireless Network Adapter Service;c:\windows\system32\drivers\A5AGU.sys [2005-7-25 348352]

S3 ATHFMWDL;D-Link predator Bootloader driver;c:\windows\system32\drivers\Athfmwdl.sys [2005-7-25 43392]

S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys --> c:\windows\system32\drivers\wg111v2.sys [?]

S3 SjyPkt;SjyPkt;\??\c:\windows\system32\drivers\sjypkt.sys --> c:\windows\system32\drivers\SjyPkt.sys [?]

S3 XDva008;XDva008;\??\c:\windows\system32\xdva008.sys --> c:\windows\system32\XDva008.sys [?]

.

=============== Created Last 30 ================

.

2011-11-30 15:40:02 -------- d-----w- c:\documents and settings\schiesty-ass m0f0\application data\OpenOffice.org

2011-11-30 15:23:04 -------- d-----w- c:\program files\OpenOffice.org 3

2011-11-30 15:22:25 476904 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll

2011-11-30 15:22:25 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-11-29 13:51:19 -------- d-----w- c:\documents and settings\schiesty-ass m0f0\local settings\application data\Deployment

2011-11-28 20:54:08 -------- d-----w- c:\documents and settings\all users\application data\Comodo

2011-11-28 20:54:02 -------- d-----w- c:\program files\COMODO

2011-11-28 20:54:00 1700352 ----a-w- c:\windows\system32\gdiplus.dll

2011-11-28 20:53:05 -------- d-----w- c:\documents and settings\all users\application data\Comodo Downloader

2011-11-28 20:20:54 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-11-28 20:20:25 41184 ----a-w- c:\windows\avastSS.scr

2011-11-28 20:20:08 -------- d-----w- c:\program files\AVAST Software

2011-11-28 20:20:08 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software

2011-11-28 20:03:07 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys

2011-11-28 20:03:01 105472 ------w- c:\windows\system32\dllcache\mup.sys

2011-11-28 20:01:22 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys

.

==================== Find3M ====================

.

2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-10-07 23:48:02 492768 ----a-w- c:\windows\system32\drivers\cmdGuard.sys

2011-10-07 23:48:02 31704 ----a-w- c:\windows\system32\drivers\cmdhlp.sys

2011-10-07 23:48:00 18056 ----a-w- c:\windows\system32\drivers\cmderd.sys

2011-10-07 23:47:12 33984 ----a-w- c:\windows\system32\cmdcsr.dll

2011-10-07 23:47:12 300200 ----a-w- c:\windows\system32\guard32.dll

2011-10-03 07:37:52 73728 ----a-w- c:\windows\system32\javacpl.cpl

2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-09-26 16:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 16:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-26 16:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll

.

=================== ROOTKIT ====================

.

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

Windows 5.1.2600 Disk: ST3160812AS rev.3.ADH -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17

.

device: opened successfully

user: MBR read successfully

.

Disk trace:

called modules: ntoskrnl.exe >>UNKNOWN [0x87391EB0]<<

_asm { MOV EAX, 0x87391dd0; XCHG [ESP], EAX; PUSH EAX; PUSH 0x873c1eb4; RET ; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; }

1 nt!IofCallDriver[0x804E13B9] -> \Device\Harddisk0\DR0[0x87361AB8]

\Driver\Disk[0x8736FA08] -> IRP_MJ_CREATE -> 0x87391EB0

kernel: MBR read successfully

_asm { MOV AX, 0x0; MOV SS, AX; MOV SP, 0x7c00; MOV DS, AX; CLD ; MOV CX, 0x80; MOV SI, SP; MOV DI, 0x600; MOV ES, AX; REP MOVSD ; JMP FAR 0x0:0x62d; }

detected disk devices:

detected hooks:

\Driver\Disk -> 0x87391eb0

user & kernel MBR OK

Warning: possible MBR rootkit infection !

.

============= FINISH: 19:27:37.12 ===============

The original mbam log—as well as the current clean one—is attached. Any help in this matter would be greatly appreciated. Thank you.

mbam-log-2011-11-28 (17-37-25).txt

mbam-log-2011-12-05 (19-19-52).txt

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Hello Kircheis! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/paste in your next reply.

Download the latest version of TDSSKiller from here and save it to your Desktop.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg
  7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Link to post
Share on other sites
Kircheis

Kircheis

Posted
  • Author
Posted

Hello. Thanks for replying.

I've done as you asked; "cure" didn't seem to be an option for anything found.

Here's the log:

09:32:10.0281 1340 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44

09:32:10.0359 1340 ============================================================

09:32:10.0359 1340 Current date / time: 2011/12/06 09:32:10.0359

09:32:10.0359 1340 SystemInfo:

09:32:10.0359 1340

09:32:10.0359 1340 OS Version: 5.1.2600 ServicePack: 3.0

09:32:10.0359 1340 Product type: Workstation

09:32:10.0359 1340 ComputerName: CRACKFROG

09:32:10.0359 1340 UserName: Schiesty-ass m0f0

09:32:10.0359 1340 Windows directory: C:\WINDOWS

09:32:10.0359 1340 System windows directory: C:\WINDOWS

09:32:10.0359 1340 Processor architecture: Intel x86

09:32:10.0359 1340 Number of processors: 2

09:32:10.0359 1340 Page size: 0x1000

09:32:10.0359 1340 Boot type: Safe boot with network

09:32:10.0359 1340 ============================================================

09:32:12.0671 1340 Initialize success

09:32:24.0437 1308 ============================================================

09:32:24.0437 1308 Scan started

09:32:24.0437 1308 Mode: Manual; SigCheck; TDLFS;

09:32:24.0437 1308 ============================================================

09:32:25.0296 1308 A5AGU (b170143a9fbb293307ebea6b81359c89) C:\WINDOWS\system32\DRIVERS\A5AGU.sys

09:32:26.0250 1308 A5AGU ( UnsignedFile.Multi.Generic ) - warning

09:32:26.0250 1308 A5AGU - detected UnsignedFile.Multi.Generic (1)

09:32:26.0390 1308 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys

09:32:26.0953 1308 Aavmker4 - ok

09:32:27.0093 1308 Abiosdsk - ok

09:32:27.0156 1308 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

09:32:28.0984 1308 abp480n5 - ok

09:32:29.0171 1308 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

09:32:29.0484 1308 ACPI - ok

09:32:29.0578 1308 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

09:32:29.0781 1308 ACPIEC - ok

09:32:29.0859 1308 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

09:32:30.0078 1308 adpu160m - ok

09:32:30.0156 1308 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

09:32:30.0375 1308 aec - ok

09:32:30.0546 1308 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

09:32:30.0593 1308 AFD - ok

09:32:30.0937 1308 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

09:32:31.0171 1308 agp440 - ok

09:32:31.0265 1308 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

09:32:31.0484 1308 agpCPQ - ok

09:32:31.0562 1308 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

09:32:31.0671 1308 Aha154x - ok

09:32:31.0734 1308 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

09:32:31.0953 1308 aic78u2 - ok

09:32:32.0125 1308 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

09:32:32.0343 1308 aic78xx - ok

09:32:32.0421 1308 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

09:32:32.0640 1308 AliIde - ok

09:32:32.0781 1308 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

09:32:33.0000 1308 alim1541 - ok

09:32:33.0281 1308 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

09:32:33.0515 1308 amdagp - ok

09:32:33.0656 1308 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

09:32:33.0750 1308 amsint - ok

09:32:33.0843 1308 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

09:32:34.0046 1308 asc - ok

09:32:34.0140 1308 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

09:32:34.0250 1308 asc3350p - ok

09:32:34.0359 1308 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

09:32:34.0578 1308 asc3550 - ok

09:32:34.0671 1308 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys

09:32:34.0687 1308 ASCTRM ( UnsignedFile.Multi.Generic ) - warning

09:32:34.0687 1308 ASCTRM - detected UnsignedFile.Multi.Generic (1)

09:32:34.0796 1308 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys

09:32:34.0812 1308 aswFsBlk - ok

09:32:34.0859 1308 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys

09:32:34.0875 1308 aswMon2 - ok

09:32:34.0937 1308 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys

09:32:34.0953 1308 aswRdr - ok

09:32:35.0000 1308 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys

09:32:35.0031 1308 aswSnx - ok

09:32:35.0062 1308 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys

09:32:35.0093 1308 aswSP - ok

09:32:35.0125 1308 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys

09:32:35.0140 1308 aswTdi - ok

09:32:35.0171 1308 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

09:32:35.0390 1308 AsyncMac - ok

09:32:35.0468 1308 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

09:32:35.0703 1308 atapi - ok

09:32:35.0734 1308 Atdisk - ok

09:32:35.0765 1308 ATHFMWDL (8b56bac1af3a59d665d7a5d1bb5624f0) C:\WINDOWS\system32\Drivers\ATHFMWDL.sys

09:32:35.0765 1308 ATHFMWDL ( UnsignedFile.Multi.Generic ) - warning

09:32:35.0765 1308 ATHFMWDL - detected UnsignedFile.Multi.Generic (1)

09:32:35.0890 1308 ati2mtag (03621f7f968ff63713943405deb777f9) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

09:32:36.0015 1308 ati2mtag - ok

09:32:36.0062 1308 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

09:32:36.0281 1308 Atmarpc - ok

09:32:36.0406 1308 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

09:32:36.0609 1308 audstub - ok

09:32:36.0734 1308 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

09:32:36.0937 1308 Beep - ok

09:32:37.0000 1308 bvrp_pci - ok

09:32:37.0031 1308 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

09:32:37.0250 1308 cbidf - ok

09:32:37.0296 1308 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

09:32:37.0500 1308 cbidf2k - ok

09:32:37.0562 1308 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

09:32:37.0796 1308 CCDECODE - ok

09:32:37.0859 1308 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

09:32:37.0968 1308 cd20xrnt - ok

09:32:38.0015 1308 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

09:32:38.0234 1308 Cdaudio - ok

09:32:38.0515 1308 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

09:32:38.0750 1308 Cdfs - ok

09:32:38.0937 1308 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

09:32:39.0156 1308 Cdrom - ok

09:32:39.0250 1308 Changer - ok

09:32:39.0328 1308 cmdGuard (be1e51b694cadc4043e428a914ee544e) C:\WINDOWS\system32\DRIVERS\cmdguard.sys

09:32:39.0359 1308 cmdGuard - ok

09:32:39.0437 1308 cmdHlp (f0a78783a95b788856eec1c36d0a1e59) C:\WINDOWS\system32\DRIVERS\cmdhlp.sys

09:32:39.0453 1308 cmdHlp - ok

09:32:39.0531 1308 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys

09:32:39.0750 1308 CmdIde - ok

09:32:39.0875 1308 CO_Mon (6be1d6403727bdd8a2b2568dbe6bfb8b) C:\WINDOWS\system32\Drivers\CO_Mon.sys

09:32:39.0875 1308 CO_Mon ( UnsignedFile.Multi.Generic ) - warning

09:32:39.0875 1308 CO_Mon - detected UnsignedFile.Multi.Generic (1)

09:32:39.0937 1308 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

09:32:40.0171 1308 Cpqarray - ok

09:32:40.0312 1308 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

09:32:40.0546 1308 dac2w2k - ok

09:32:40.0578 1308 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

09:32:40.0796 1308 dac960nt - ok

09:32:40.0953 1308 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

09:32:41.0171 1308 Disk - ok

09:32:41.0281 1308 DLABOIOM (e2d0de31442390c35e3163c87cb6a9eb) C:\WINDOWS\system32\DLA\DLABOIOM.SYS

09:32:41.0296 1308 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning

09:32:41.0296 1308 DLABOIOM - detected UnsignedFile.Multi.Generic (1)

09:32:41.0328 1308 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS

09:32:41.0343 1308 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning

09:32:41.0343 1308 DLACDBHM - detected UnsignedFile.Multi.Generic (1)

09:32:41.0375 1308 DLADResN (83545593e297f50a8e2524b4c071a153) C:\WINDOWS\system32\DLA\DLADResN.SYS

09:32:41.0375 1308 DLADResN ( UnsignedFile.Multi.Generic ) - warning

09:32:41.0375 1308 DLADResN - detected UnsignedFile.Multi.Generic (1)

09:32:41.0406 1308 DLAIFS_M (96e01d901cdc98c7817155cc057001bf) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS

09:32:41.0421 1308 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning

09:32:41.0421 1308 DLAIFS_M - detected UnsignedFile.Multi.Generic (1)

09:32:41.0421 1308 DLAOPIOM (0a60a39cc5e767980a31ca5d7238dfa9) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS

09:32:41.0437 1308 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning

09:32:41.0437 1308 DLAOPIOM - detected UnsignedFile.Multi.Generic (1)

09:32:41.0468 1308 DLAPoolM (9fe2b72558fc808357f427fd83314375) C:\WINDOWS\system32\DLA\DLAPoolM.SYS

09:32:41.0468 1308 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning

09:32:41.0468 1308 DLAPoolM - detected UnsignedFile.Multi.Generic (1)

09:32:41.0484 1308 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS

09:32:41.0500 1308 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning

09:32:41.0500 1308 DLARTL_N - detected UnsignedFile.Multi.Generic (1)

09:32:41.0531 1308 DLAUDFAM (f08e1dafac457893399e03430a6a1397) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS

09:32:41.0531 1308 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning

09:32:41.0531 1308 DLAUDFAM - detected UnsignedFile.Multi.Generic (1)

09:32:41.0546 1308 DLAUDF_M (e7d105ed1e694449d444a9933df8e060) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS

09:32:41.0546 1308 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning

09:32:41.0546 1308 DLAUDF_M - detected UnsignedFile.Multi.Generic (1)

09:32:41.0640 1308 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

09:32:41.0921 1308 dmboot - ok

09:32:42.0000 1308 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

09:32:42.0218 1308 dmio - ok

09:32:42.0265 1308 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

09:32:42.0484 1308 dmload - ok

09:32:42.0562 1308 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

09:32:42.0781 1308 DMusic - ok

09:32:42.0859 1308 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

09:32:43.0078 1308 dpti2o - ok

09:32:43.0171 1308 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

09:32:43.0359 1308 drmkaud - ok

09:32:43.0640 1308 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS

09:32:43.0656 1308 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning

09:32:43.0656 1308 DRVMCDB - detected UnsignedFile.Multi.Generic (1)

09:32:43.0687 1308 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS

09:32:43.0703 1308 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning

09:32:43.0703 1308 DRVNDDM - detected UnsignedFile.Multi.Generic (1)

09:32:43.0750 1308 dtscsi (12aca694b50ea53563c1e7c99e7bb27d) C:\WINDOWS\System32\Drivers\dtscsi.sys

09:32:43.0750 1308 Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\dtscsi.sys. md5: 12aca694b50ea53563c1e7c99e7bb27d

09:32:43.0765 1308 dtscsi ( LockedFile.Multi.Generic ) - warning

09:32:43.0765 1308 dtscsi - detected LockedFile.Multi.Generic (1)

09:32:43.0796 1308 E100B (95974e66d3de4951d29e28e8bc0b644c) C:\WINDOWS\system32\DRIVERS\e100b325.sys

09:32:43.0875 1308 E100B - ok

09:32:43.0875 1308 EagleNT - ok

09:32:44.0000 1308 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

09:32:44.0218 1308 Fastfat - ok

09:32:44.0296 1308 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

09:32:44.0500 1308 Fdc - ok

09:32:44.0609 1308 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

09:32:44.0828 1308 Fips - ok

09:32:44.0921 1308 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

09:32:45.0125 1308 Flpydisk - ok

09:32:45.0265 1308 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

09:32:45.0468 1308 FltMgr - ok

09:32:45.0593 1308 FsVga (455f778ee14368468560bd7cb8c854d0) C:\WINDOWS\system32\DRIVERS\fsvga.sys

09:32:45.0796 1308 FsVga - ok

09:32:45.0843 1308 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

09:32:46.0062 1308 Fs_Rec - ok

09:32:46.0156 1308 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

09:32:46.0375 1308 Ftdisk - ok

09:32:46.0609 1308 GEARAspiWDM (4ac51459805264affd5f6fdfb9d9235f) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys

09:32:46.0625 1308 GEARAspiWDM - ok

09:32:46.0656 1308 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

09:32:46.0859 1308 Gpc - ok

09:32:46.0937 1308 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

09:32:47.0156 1308 HDAudBus - ok

09:32:47.0234 1308 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

09:32:47.0453 1308 HidUsb - ok

09:32:47.0546 1308 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

09:32:47.0750 1308 hpn - ok

09:32:47.0781 1308 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys

09:32:47.0812 1308 HSFHWBS2 - ok

09:32:47.0890 1308 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

09:32:47.0937 1308 HSF_DP - ok

09:32:47.0984 1308 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

09:32:48.0031 1308 HTTP - ok

09:32:48.0078 1308 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

09:32:48.0281 1308 i2omgmt - ok

09:32:48.0296 1308 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

09:32:48.0531 1308 i2omp - ok

09:32:48.0578 1308 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

09:32:48.0796 1308 i8042prt - ok

09:32:49.0000 1308 ialm (5a8e05f1d5c36abd58cffa111eb325ea) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

09:32:49.0062 1308 ialm ( UnsignedFile.Multi.Generic ) - warning

09:32:49.0062 1308 ialm - detected UnsignedFile.Multi.Generic (1)

09:32:49.0218 1308 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

09:32:49.0421 1308 Imapi - ok

09:32:49.0515 1308 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

09:32:49.0734 1308 ini910u - ok

09:32:50.0015 1308 Inspect (d22ac37cbe6cf295416ef84245b804a8) C:\WINDOWS\system32\DRIVERS\inspect.sys

09:32:50.0031 1308 Inspect - ok

09:32:50.0078 1308 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

09:32:50.0312 1308 IntelIde - ok

09:32:50.0421 1308 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

09:32:50.0625 1308 intelppm - ok

09:32:50.0687 1308 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

09:32:50.0906 1308 Ip6Fw - ok

09:32:51.0062 1308 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

09:32:51.0265 1308 IpFilterDriver - ok

09:32:51.0531 1308 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

09:32:51.0750 1308 IpInIp - ok

09:32:51.0906 1308 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

09:32:52.0140 1308 IpNat - ok

09:32:52.0265 1308 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

09:32:52.0484 1308 IPSec - ok

09:32:52.0531 1308 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

09:32:52.0750 1308 IRENUM - ok

09:32:52.0890 1308 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

09:32:53.0093 1308 isapnp - ok

09:32:53.0234 1308 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

09:32:53.0453 1308 Kbdclass - ok

09:32:53.0515 1308 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

09:32:53.0718 1308 kbdhid - ok

09:32:53.0796 1308 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

09:32:54.0015 1308 kmixer - ok

09:32:54.0078 1308 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

09:32:54.0156 1308 KSecDD - ok

09:32:54.0281 1308 lbrtfdc - ok

09:32:54.0359 1308 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

09:32:54.0421 1308 mdmxsdk - ok

09:32:54.0484 1308 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys

09:32:54.0484 1308 MHNDRV ( UnsignedFile.Multi.Generic ) - warning

09:32:54.0484 1308 MHNDRV - detected UnsignedFile.Multi.Generic (1)

09:32:54.0531 1308 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

09:32:54.0734 1308 mnmdd - ok

09:32:54.0796 1308 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

09:32:55.0015 1308 Modem - ok

09:32:55.0093 1308 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys

09:32:55.0312 1308 MODEMCSA - ok

09:32:55.0375 1308 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

09:32:55.0593 1308 Mouclass - ok

09:32:55.0687 1308 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

09:32:55.0890 1308 mouhid - ok

09:32:56.0078 1308 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

09:32:56.0359 1308 MountMgr - ok

09:32:56.0484 1308 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

09:32:56.0968 1308 mraid35x - ok

09:32:57.0109 1308 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

09:32:57.0375 1308 MRxDAV - ok

09:32:57.0453 1308 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

09:32:57.0531 1308 MRxSmb - ok

09:32:57.0578 1308 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

09:32:57.0828 1308 Msfs - ok

09:32:57.0906 1308 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

09:32:58.0140 1308 MSKSSRV - ok

09:32:58.0218 1308 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

09:32:58.0453 1308 MSPCLOCK - ok

09:32:58.0593 1308 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

09:32:58.0812 1308 MSPQM - ok

09:32:58.0890 1308 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

09:32:59.0093 1308 mssmbios - ok

09:32:59.0140 1308 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

09:32:59.0359 1308 MSTEE - ok

09:32:59.0531 1308 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

09:32:59.0562 1308 Mup - ok

09:32:59.0625 1308 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

09:32:59.0859 1308 NABTSFEC - ok

09:32:59.0921 1308 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

09:33:00.0140 1308 NDIS - ok

09:33:00.0218 1308 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

09:33:00.0437 1308 NdisIP - ok

09:33:00.0515 1308 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

09:33:00.0562 1308 NdisTapi - ok

09:33:00.0687 1308 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

09:33:00.0890 1308 Ndisuio - ok

09:33:00.0937 1308 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

09:33:01.0140 1308 NdisWan - ok

09:33:01.0218 1308 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

09:33:01.0281 1308 NDProxy - ok

09:33:01.0343 1308 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

09:33:01.0546 1308 NetBIOS - ok

09:33:01.0609 1308 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

09:33:01.0828 1308 NetBT - ok

09:33:01.0921 1308 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

09:33:02.0140 1308 Npfs - ok

09:33:02.0171 1308 npkcrypt - ok

09:33:02.0171 1308 npkcusb - ok

09:33:02.0312 1308 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

09:33:02.0546 1308 Ntfs - ok

09:33:02.0578 1308 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

09:33:02.0781 1308 Null - ok

09:33:02.0968 1308 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

09:33:03.0140 1308 nv - ok

09:33:03.0296 1308 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

09:33:03.0500 1308 NwlnkFlt - ok

09:33:03.0515 1308 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

09:33:03.0734 1308 NwlnkFwd - ok

09:33:03.0765 1308 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

09:33:03.0984 1308 Parport - ok

09:33:04.0031 1308 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

09:33:04.0234 1308 PartMgr - ok

09:33:04.0328 1308 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

09:33:04.0531 1308 ParVdm - ok

09:33:04.0656 1308 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

09:33:04.0875 1308 PCI - ok

09:33:04.0875 1308 PCIDump - ok

09:33:04.0906 1308 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

09:33:05.0140 1308 PCIIde - ok

09:33:05.0187 1308 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

09:33:05.0421 1308 Pcmcia - ok

09:33:05.0437 1308 PDCOMP - ok

09:33:05.0453 1308 PDFRAME - ok

09:33:05.0515 1308 PDRELI - ok

09:33:05.0625 1308 PDRFRAME - ok

09:33:05.0765 1308 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

09:33:05.0968 1308 perc2 - ok

09:33:06.0031 1308 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

09:33:06.0234 1308 perc2hib - ok

09:33:06.0437 1308 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

09:33:06.0640 1308 PptpMiniport - ok

09:33:07.0000 1308 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

09:33:07.0218 1308 PSched - ok

09:33:07.0578 1308 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

09:33:07.0781 1308 Ptilink - ok

09:33:07.0875 1308 PxHelp20 (0c8da0a8b0d227319c285e0eae65defd) C:\WINDOWS\system32\Drivers\PxHelp20.sys

09:33:07.0890 1308 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning

09:33:07.0890 1308 PxHelp20 - detected UnsignedFile.Multi.Generic (1)

09:33:07.0937 1308 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

09:33:08.0140 1308 ql1080 - ok

09:33:08.0203 1308 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

09:33:08.0406 1308 Ql10wnt - ok

09:33:08.0484 1308 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

09:33:08.0671 1308 ql12160 - ok

09:33:08.0796 1308 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

09:33:09.0000 1308 ql1240 - ok

09:33:09.0312 1308 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

09:33:09.0546 1308 ql1280 - ok

09:33:09.0906 1308 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

09:33:10.0171 1308 RasAcd - ok

09:33:10.0578 1308 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

09:33:10.0906 1308 Rasl2tp - ok

09:33:11.0171 1308 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

09:33:11.0484 1308 RasPppoe - ok

09:33:11.0609 1308 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

09:33:11.0828 1308 Raspti - ok

09:33:11.0906 1308 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

09:33:12.0234 1308 Rdbss - ok

09:33:12.0343 1308 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

09:33:12.0578 1308 RDPCDD - ok

09:33:12.0671 1308 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

09:33:12.0937 1308 rdpdr - ok

09:33:13.0031 1308 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

09:33:13.0093 1308 RDPWD - ok

09:33:13.0140 1308 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

09:33:13.0359 1308 redbook - ok

09:33:13.0531 1308 RTLWUSB - ok

09:33:13.0593 1308 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

09:33:13.0796 1308 Secdrv - ok

09:33:13.0890 1308 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

09:33:14.0093 1308 serenum - ok

09:33:14.0359 1308 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

09:33:14.0578 1308 Serial - ok

09:33:14.0718 1308 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

09:33:14.0937 1308 Sfloppy - ok

09:33:15.0093 1308 Simbad - ok

09:33:15.0453 1308 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys

09:33:15.0671 1308 sisagp - ok

09:33:15.0718 1308 SjyPkt - ok

09:33:15.0828 1308 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

09:33:16.0046 1308 SLIP - ok

09:33:16.0125 1308 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

09:33:16.0234 1308 Sparrow - ok

09:33:16.0515 1308 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

09:33:16.0765 1308 splitter - ok

09:33:17.0109 1308 sptd (d20cd83c532269ca8cbeaafb188bf74f) C:\WINDOWS\system32\Drivers\sptd.sys

09:33:17.0109 1308 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: d20cd83c532269ca8cbeaafb188bf74f

09:33:17.0125 1308 sptd ( LockedFile.Multi.Generic ) - warning

09:33:17.0125 1308 sptd - detected LockedFile.Multi.Generic (1)

09:33:17.0203 1308 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

09:33:17.0421 1308 sr - ok

09:33:17.0562 1308 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

09:33:17.0640 1308 Srv - ok

09:33:17.0796 1308 STHDA (2a2dc39623adef8ab3703ab9fac4b440) C:\WINDOWS\system32\drivers\sthda.sys

09:33:17.0875 1308 STHDA - ok

09:33:18.0218 1308 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

09:33:18.0437 1308 streamip - ok

09:33:18.0609 1308 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

09:33:18.0812 1308 swenum - ok

09:33:18.0890 1308 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

09:33:19.0109 1308 swmidi - ok

09:33:19.0187 1308 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

09:33:19.0406 1308 symc810 - ok

09:33:19.0500 1308 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

09:33:19.0703 1308 symc8xx - ok

09:33:19.0906 1308 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

09:33:20.0109 1308 sym_hi - ok

09:33:20.0218 1308 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

09:33:20.0437 1308 sym_u3 - ok

09:33:20.0593 1308 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

09:33:20.0796 1308 sysaudio - ok

09:33:20.0890 1308 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

09:33:21.0000 1308 Tcpip - ok

09:33:21.0031 1308 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

09:33:21.0250 1308 TDPIPE - ok

09:33:21.0328 1308 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

09:33:21.0562 1308 TDTCP - ok

09:33:21.0609 1308 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

09:33:21.0828 1308 TermDD - ok

09:33:21.0906 1308 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys

09:33:22.0109 1308 TosIde - ok

09:33:22.0281 1308 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

09:33:22.0531 1308 Udfs - ok

09:33:22.0593 1308 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

09:33:22.0718 1308 ultra - ok

09:33:22.0812 1308 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

09:33:23.0062 1308 Update - ok

09:33:23.0187 1308 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

09:33:23.0421 1308 usbaudio - ok

09:33:23.0500 1308 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

09:33:23.0781 1308 usbccgp - ok

09:33:23.0843 1308 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

09:33:24.0078 1308 usbehci - ok

09:33:24.0125 1308 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

09:33:24.0343 1308 usbhub - ok

09:33:24.0406 1308 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

09:33:24.0671 1308 usbscan - ok

09:33:24.0859 1308 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

09:33:25.0093 1308 USBSTOR - ok

09:33:25.0156 1308 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

09:33:25.0375 1308 usbuhci - ok

09:33:25.0468 1308 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys

09:33:25.0687 1308 usbvideo - ok

09:33:25.0812 1308 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

09:33:26.0046 1308 VgaSave - ok

09:33:26.0187 1308 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

09:33:26.0421 1308 viaagp - ok

09:33:26.0500 1308 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

09:33:26.0718 1308 ViaIde - ok

09:33:26.0796 1308 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

09:33:27.0015 1308 VolSnap - ok

09:33:27.0187 1308 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

09:33:27.0421 1308 Wanarp - ok

09:33:27.0484 1308 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys

09:33:27.0546 1308 wanatw - ok

09:33:27.0593 1308 WDICA - ok

09:33:27.0656 1308 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

09:33:27.0890 1308 wdmaud - ok

09:33:27.0984 1308 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

09:33:28.0046 1308 winachsf - ok

09:33:28.0359 1308 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

09:33:28.0578 1308 WSTCODEC - ok

09:33:28.0640 1308 XDva008 - ok

09:33:28.0734 1308 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0

09:33:28.0859 1308 \Device\Harddisk0\DR0 - ok

09:33:28.0890 1308 Boot (0x1200) (40afa52f3285f52d15ae92510a02fa67) \Device\Harddisk0\DR0\Partition0

09:33:28.0890 1308 \Device\Harddisk0\DR0\Partition0 - ok

09:33:28.0906 1308 ============================================================

09:33:28.0906 1308 Scan finished

09:33:28.0906 1308 ============================================================

09:33:29.0062 1380 Detected object count: 20

09:33:29.0062 1380 Actual detected object count: 20

09:34:11.0671 1380 A5AGU ( UnsignedFile.Multi.Generic ) - skipped by user

09:34:11.0671 1380 A5AGU ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:34:11.0671 1380 ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user

09:34:11.0671 1380 ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:34:11.0687 1380 ATHFMWDL ( UnsignedFile.Multi.Generic ) - skipped by user

09:34:11.0687 1380 ATHFMWDL ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:34:11.0703 1380 CO_Mon ( UnsignedFile.Multi.Generic ) - skipped by user

09:34:11.0703 1380 CO_Mon ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:34:11.0718 1380 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user

09:34:11.0718 1380 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:34:11.0734 1380 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user

09:34:11.0734 1380 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:34:11.0750 1380 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user

09:34:11.0750 1380 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:34:11.0765 1380 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user

09:34:11.0765 1380 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:34:11.0765 1380 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user

09:34:11.0765 1380 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:34:11.0781 1380 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user

09:34:11.0781 1380 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:34:11.0796 1380 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user

09:34:11.0796 1380 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:34:11.0812 1380 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user

09:34:11.0812 1380 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:34:11.0828 1380 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user

09:34:11.0828 1380 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:34:11.0843 1380 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user

09:34:11.0843 1380 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:34:11.0859 1380 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user

09:34:11.0859 1380 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:34:11.0875 1380 dtscsi ( LockedFile.Multi.Generic ) - skipped by user

09:34:11.0875 1380 dtscsi ( LockedFile.Multi.Generic ) - User select action: Skip

09:34:11.0875 1380 ialm ( UnsignedFile.Multi.Generic ) - skipped by user

09:34:11.0875 1380 ialm ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:34:11.0890 1380 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user

09:34:11.0890 1380 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:34:11.0906 1380 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user

09:34:11.0906 1380 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:34:11.0906 1380 sptd ( LockedFile.Multi.Generic ) - skipped by user

09:34:11.0906 1380 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

09:34:15.0421 1672 ============================================================

09:34:15.0421 1672 Scan started

09:34:15.0421 1672 Mode: Manual; SigCheck; TDLFS;

09:34:15.0421 1672 ============================================================

09:34:15.0828 1672 A5AGU (b170143a9fbb293307ebea6b81359c89) C:\WINDOWS\system32\DRIVERS\A5AGU.sys

09:34:15.0843 1672 A5AGU ( UnsignedFile.Multi.Generic ) - warning

09:34:15.0843 1672 A5AGU - detected UnsignedFile.Multi.Generic (1)

09:34:15.0875 1672 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys

09:34:15.0921 1672 Aavmker4 - ok

09:34:15.0968 1672 Abiosdsk - ok

09:34:16.0015 1672 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

09:34:16.0125 1672 abp480n5 - ok

09:34:16.0234 1672 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

09:34:16.0468 1672 ACPI - ok

09:34:16.0546 1672 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

09:34:16.0765 1672 ACPIEC - ok

09:34:16.0859 1672 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

09:34:17.0078 1672 adpu160m - ok

09:34:17.0171 1672 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

09:34:17.0390 1672 aec - ok

09:34:17.0484 1672 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

09:34:17.0515 1672 AFD - ok

09:34:17.0578 1672 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

09:34:17.0796 1672 agp440 - ok

09:34:17.0843 1672 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

09:34:18.0062 1672 agpCPQ - ok

09:34:18.0171 1672 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

09:34:18.0265 1672 Aha154x - ok

09:34:18.0406 1672 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

09:34:18.0609 1672 aic78u2 - ok

09:34:18.0687 1672 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

09:34:18.0906 1672 aic78xx - ok

09:34:19.0046 1672 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

09:34:19.0265 1672 AliIde - ok

09:34:19.0359 1672 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

09:34:19.0593 1672 alim1541 - ok

09:34:19.0718 1672 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

09:34:19.0937 1672 amdagp - ok

09:34:20.0062 1672 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

09:34:20.0171 1672 amsint - ok

09:34:20.0468 1672 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

09:34:20.0671 1672 asc - ok

09:34:20.0687 1672 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

09:34:20.0781 1672 asc3350p - ok

09:34:20.0859 1672 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

09:34:21.0078 1672 asc3550 - ok

09:34:21.0171 1672 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys

09:34:21.0187 1672 ASCTRM ( UnsignedFile.Multi.Generic ) - warning

09:34:21.0187 1672 ASCTRM - detected UnsignedFile.Multi.Generic (1)

09:34:21.0218 1672 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys

09:34:21.0250 1672 aswFsBlk - ok

09:34:21.0296 1672 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys

09:34:21.0312 1672 aswMon2 - ok

09:34:21.0328 1672 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys

09:34:21.0343 1672 aswRdr - ok

09:34:21.0375 1672 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys

09:34:21.0406 1672 aswSnx - ok

09:34:21.0468 1672 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys

09:34:21.0500 1672 aswSP - ok

09:34:21.0562 1672 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys

09:34:21.0578 1672 aswTdi - ok

09:34:21.0625 1672 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

09:34:21.0843 1672 AsyncMac - ok

09:34:21.0890 1672 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

09:34:22.0093 1672 atapi - ok

09:34:22.0250 1672 Atdisk - ok

09:34:22.0296 1672 ATHFMWDL (8b56bac1af3a59d665d7a5d1bb5624f0) C:\WINDOWS\system32\Drivers\ATHFMWDL.sys

09:34:22.0312 1672 ATHFMWDL ( UnsignedFile.Multi.Generic ) - warning

09:34:22.0312 1672 ATHFMWDL - detected UnsignedFile.Multi.Generic (1)

09:34:22.0375 1672 ati2mtag (03621f7f968ff63713943405deb777f9) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

09:34:22.0484 1672 ati2mtag - ok

09:34:22.0531 1672 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

09:34:22.0750 1672 Atmarpc - ok

09:34:22.0781 1672 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

09:34:22.0984 1672 audstub - ok

09:34:23.0046 1672 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

09:34:23.0250 1672 Beep - ok

09:34:23.0296 1672 bvrp_pci - ok

09:34:23.0328 1672 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

09:34:23.0515 1672 cbidf - ok

09:34:23.0578 1672 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

09:34:23.0781 1672 cbidf2k - ok

09:34:23.0859 1672 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

09:34:24.0078 1672 CCDECODE - ok

09:34:24.0156 1672 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

09:34:24.0250 1672 cd20xrnt - ok

09:34:24.0250 1672 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

09:34:24.0468 1672 Cdaudio - ok

09:34:24.0531 1672 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

09:34:24.0750 1672 Cdfs - ok

09:34:24.0796 1672 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

09:34:25.0015 1672 Cdrom - ok

09:34:25.0078 1672 Changer - ok

09:34:25.0171 1672 cmdGuard (be1e51b694cadc4043e428a914ee544e) C:\WINDOWS\system32\DRIVERS\cmdguard.sys

09:34:25.0203 1672 cmdGuard - ok

09:34:25.0234 1672 cmdHlp (f0a78783a95b788856eec1c36d0a1e59) C:\WINDOWS\system32\DRIVERS\cmdhlp.sys

09:34:25.0250 1672 cmdHlp - ok

09:34:25.0296 1672 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys

09:34:25.0515 1672 CmdIde - ok

09:34:25.0625 1672 CO_Mon (6be1d6403727bdd8a2b2568dbe6bfb8b) C:\WINDOWS\system32\Drivers\CO_Mon.sys

09:34:25.0656 1672 CO_Mon ( UnsignedFile.Multi.Generic ) - warning

09:34:25.0656 1672 CO_Mon - detected UnsignedFile.Multi.Generic (1)

09:34:25.0656 1672 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

09:34:25.0859 1672 Cpqarray - ok

09:34:25.0921 1672 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

09:34:26.0140 1672 dac2w2k - ok

09:34:26.0234 1672 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

09:34:26.0421 1672 dac960nt - ok

09:34:26.0484 1672 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

09:34:26.0687 1672 Disk - ok

09:34:26.0812 1672 DLABOIOM (e2d0de31442390c35e3163c87cb6a9eb) C:\WINDOWS\system32\DLA\DLABOIOM.SYS

09:34:26.0828 1672 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning

09:34:26.0828 1672 DLABOIOM - detected UnsignedFile.Multi.Generic (1)

09:34:26.0843 1672 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS

09:34:26.0859 1672 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning

09:34:26.0859 1672 DLACDBHM - detected UnsignedFile.Multi.Generic (1)

09:34:26.0875 1672 DLADResN (83545593e297f50a8e2524b4c071a153) C:\WINDOWS\system32\DLA\DLADResN.SYS

09:34:26.0890 1672 DLADResN ( UnsignedFile.Multi.Generic ) - warning

09:34:26.0890 1672 DLADResN - detected UnsignedFile.Multi.Generic (1)

09:34:26.0906 1672 DLAIFS_M (96e01d901cdc98c7817155cc057001bf) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS

09:34:26.0921 1672 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning

09:34:26.0921 1672 DLAIFS_M - detected UnsignedFile.Multi.Generic (1)

09:34:26.0937 1672 DLAOPIOM (0a60a39cc5e767980a31ca5d7238dfa9) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS

09:34:26.0953 1672 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning

09:34:26.0953 1672 DLAOPIOM - detected UnsignedFile.Multi.Generic (1)

09:34:26.0968 1672 DLAPoolM (9fe2b72558fc808357f427fd83314375) C:\WINDOWS\system32\DLA\DLAPoolM.SYS

09:34:26.0984 1672 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning

09:34:26.0984 1672 DLAPoolM - detected UnsignedFile.Multi.Generic (1)

09:34:27.0000 1672 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS

09:34:27.0015 1672 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning

09:34:27.0015 1672 DLARTL_N - detected UnsignedFile.Multi.Generic (1)

09:34:27.0031 1672 DLAUDFAM (f08e1dafac457893399e03430a6a1397) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS

09:34:27.0046 1672 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning

09:34:27.0046 1672 DLAUDFAM - detected UnsignedFile.Multi.Generic (1)

09:34:27.0062 1672 DLAUDF_M (e7d105ed1e694449d444a9933df8e060) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS

09:34:27.0062 1672 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning

09:34:27.0062 1672 DLAUDF_M - detected UnsignedFile.Multi.Generic (1)

09:34:27.0140 1672 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

09:34:27.0375 1672 dmboot - ok

09:34:27.0421 1672 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

09:34:27.0640 1672 dmio - ok

09:34:27.0687 1672 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

09:34:27.0906 1672 dmload - ok

09:34:27.0984 1672 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

09:34:28.0218 1672 DMusic - ok

09:34:28.0281 1672 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

09:34:28.0500 1672 dpti2o - ok

09:34:28.0593 1672 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

09:34:28.0796 1672 drmkaud - ok

09:34:28.0906 1672 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS

09:34:28.0921 1672 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning

09:34:28.0921 1672 DRVMCDB - detected UnsignedFile.Multi.Generic (1)

09:34:28.0937 1672 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS

09:34:28.0953 1672 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning

09:34:28.0953 1672 DRVNDDM - detected UnsignedFile.Multi.Generic (1)

09:34:29.0000 1672 dtscsi (12aca694b50ea53563c1e7c99e7bb27d) C:\WINDOWS\System32\Drivers\dtscsi.sys

09:34:29.0000 1672 Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\dtscsi.sys. md5: 12aca694b50ea53563c1e7c99e7bb27d

09:34:29.0000 1672 dtscsi ( LockedFile.Multi.Generic ) - warning

09:34:29.0000 1672 dtscsi - detected LockedFile.Multi.Generic (1)

09:34:29.0015 1672 E100B (95974e66d3de4951d29e28e8bc0b644c) C:\WINDOWS\system32\DRIVERS\e100b325.sys

09:34:29.0046 1672 E100B - ok

09:34:29.0046 1672 EagleNT - ok

09:34:29.0125 1672 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

09:34:29.0328 1672 Fastfat - ok

09:34:29.0703 1672 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

09:34:29.0906 1672 Fdc - ok

09:34:30.0000 1672 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

09:34:30.0203 1672 Fips - ok

09:34:30.0265 1672 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

09:34:30.0484 1672 Flpydisk - ok

09:34:30.0578 1672 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

09:34:30.0812 1672 FltMgr - ok

09:34:30.0921 1672 FsVga (455f778ee14368468560bd7cb8c854d0) C:\WINDOWS\system32\DRIVERS\fsvga.sys

09:34:31.0109 1672 FsVga - ok

09:34:31.0187 1672 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

09:34:31.0390 1672 Fs_Rec - ok

09:34:31.0468 1672 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

09:34:31.0671 1672 Ftdisk - ok

09:34:31.0765 1672 GEARAspiWDM (4ac51459805264affd5f6fdfb9d9235f) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys

09:34:31.0781 1672 GEARAspiWDM - ok

09:34:31.0812 1672 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

09:34:32.0015 1672 Gpc - ok

09:34:32.0109 1672 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

09:34:32.0328 1672 HDAudBus - ok

09:34:32.0390 1672 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

09:34:32.0609 1672 HidUsb - ok

09:34:32.0671 1672 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

09:34:32.0906 1672 hpn - ok

09:34:33.0156 1672 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys

09:34:33.0187 1672 HSFHWBS2 - ok

09:34:33.0531 1672 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

09:34:33.0687 1672 HSF_DP - ok

09:34:33.0937 1672 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

09:34:33.0984 1672 HTTP - ok

09:34:34.0250 1672 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

09:34:34.0468 1672 i2omgmt - ok

09:34:34.0531 1672 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

09:34:34.0734 1672 i2omp - ok

09:34:34.0796 1672 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

09:34:35.0000 1672 i8042prt - ok

09:34:35.0203 1672 ialm (5a8e05f1d5c36abd58cffa111eb325ea) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

09:34:35.0296 1672 ialm ( UnsignedFile.Multi.Generic ) - warning

09:34:35.0296 1672 ialm - detected UnsignedFile.Multi.Generic (1)

09:34:35.0390 1672 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

09:34:35.0609 1672 Imapi - ok

09:34:35.0828 1672 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

09:34:36.0046 1672 ini910u - ok

09:34:36.0125 1672 Inspect (d22ac37cbe6cf295416ef84245b804a8) C:\WINDOWS\system32\DRIVERS\inspect.sys

09:34:36.0156 1672 Inspect - ok

09:34:36.0187 1672 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

09:34:36.0406 1672 IntelIde - ok

09:34:36.0484 1672 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

09:34:36.0687 1672 intelppm - ok

09:34:36.0921 1672 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

09:34:37.0187 1672 Ip6Fw - ok

09:34:37.0343 1672 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

09:34:37.0531 1672 IpFilterDriver - ok

09:34:37.0609 1672 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

09:34:37.0812 1672 IpInIp - ok

09:34:37.0843 1672 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

09:34:38.0093 1672 IpNat - ok

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Thanks!

Step 1

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check. Check the Scan All Users too.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Once OTL has completed its first scan it will save notepad copies of the scans in the folder that OTL was started from. Unless set to produce an Extras log it will only produce OTL.txt in subsequent scans.

A copy of an OTL fix log is saved in a text file at

  • :\_OTL\MovedFiles
    • in most cases this will be C:\_OTL\MovedFiles

Step 2

Please download MBRCheck.exe to your Desktop. Run the application.

If no infection is found, it will produce a report on the desktop. Post that report in your next reply.

If an infection is found, you will be presented with the following dialog:

Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Type N and press Enter. A report will be produced on the desktop. Post that report in your next reply.

In your next reply, please post the following log files:

  • OTL log with Extras.txt
  • MBRCheck log

Link to post
Share on other sites
Kircheis

Kircheis

Posted
  • Author
Posted

Here you are:

OTL logfile created on: 12/7/2011 9:53:00 AM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Schiesty-ass m0f0\My Documents\Downloads

Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.11)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1022.07 Mb Total Physical Memory | 810.28 Mb Available Physical Memory | 79.28% Memory free

2.41 Gb Paging File | 2.32 Gb Available in Paging File | 96.25% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 144.31 Gb Total Space | 8.97 Gb Free Space | 6.22% Space Free | Partition Type: NTFS

Drive F: | 294.70 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: CRACKFROG | User Name: Schiesty-ass m0f0 | Logged in as Administrator.

Boot Mode: SafeMode | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Schiesty-ass m0f0\My Documents\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe (COMODO)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Lavasoft)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ffdshow.ax ()

MOD - C:\Program Files\Lavasoft\Ad-Aware 2007\Update.dll ()

MOD - C:\WINDOWS\system32\ff_acm.acm ()

MOD - C:\WINDOWS\system32\tsd32.dll ()

========== Win32 Services (SafeList) ==========

SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

SRV - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)

SRV - (CLPSLS) -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe (COMODO)

SRV - (aawservice) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Lavasoft)

SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)

SRV - (AOL ACS) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe (AOL LLC)

SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE (Symantec Corporation)

SRV - (WANMiniportService) WAN Miniport (ATW) -- C:\WINDOWS\wanmpsvc.exe (America Online, Inc.)

========== Driver Services (SafeList) ==========

DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)

DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)

DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)

DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)

DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)

DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)

DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)

DRV - (Inspect) -- C:\WINDOWS\System32\DRIVERS\inspect.sys (COMODO)

DRV - (cmdGuard) -- C:\WINDOWS\system32\drivers\cmdGuard.sys (COMODO)

DRV - (cmdHlp) -- C:\WINDOWS\system32\drivers\cmdhlp.sys (COMODO)

DRV - (CO_Mon) -- C:\WINDOWS\system32\drivers\CO_Mon.sys ()

DRV - (dtscsi) -- C:\WINDOWS\System32\Drivers\dtscsi.sys ()

DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()

DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows ® 2000 DDK provider)

DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)

DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Sonic Solutions)

DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Sonic Solutions)

DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Sonic Solutions)

DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Sonic Solutions)

DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Sonic Solutions)

DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Sonic Solutions)

DRV - (DLADResN) -- C:\WINDOWS\system32\DLA\DLADResN.SYS (Sonic Solutions)

DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Sonic Solutions)

DRV - (DLARTL_N) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS (Sonic Solutions)

DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)

DRV - (ATHFMWDL) -- C:\WINDOWS\system32\drivers\Athfmwdl.sys (Windows ® 2000 DDK provider)

DRV - (A5AGU) -- C:\WINDOWS\system32\drivers\A5AGU.sys (D-Link Corporation)

DRV - (FsVga) -- C:\WINDOWS\system32\drivers\fsvga.sys (Microsoft Corporation)

DRV - (HSFHWBS2) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems, Inc.)

DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)

DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.)

DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/hws/sb/dell-inc/en/side.html?channel=us

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us

IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://resnet.stonybrook.edu/wpad.dat

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://resnet.stonybrook.edu/wpad.dat

IE - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us

IE - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm

IE - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/hws/sb/dell-inc/en/side.html?channel=us

IE - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/hws/sb/dell-inc/en/side.html?channel=us

IE - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.kanji-a-day.com/level3/index.php

IE - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)

IE - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AOL Search"

FF - prefs.js..browser.search.defaulturl: "http://aim.search.aol.com/aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us&tb_uuid=20110325112914718&tb_oid=25-03-2011&tb_mrud=25-03-2011"

FF - prefs.js..browser.search.selectedEngine: "AIM Search"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.aol.com/?src=aim&ncid=snsusaimc00000001"

FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?invocationType=bu10aiminstabie7&sredir=2706&query="

FF - prefs.js..network.proxy.autoconfig_url: "http://resnet.stonybrook.edu/wpad.dat"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()

FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Schiesty-ass m0f0\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Schiesty-ass m0f0\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/18 23:31:26 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/12/04 12:11:14 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2011/11/30 10:22:04 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\PROGRA~1\Mozilla Firefox\components [2009/09/27 22:37:02 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\PROGRA~1\Mozilla Firefox\plugins [2011/11/30 10:22:25 | 000,000,000 | ---D | M]

[2011/11/28 17:54:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Mozilla\Firefox\Profiles\gniumnok.default\extensions

[2007/10/27 10:20:11 | 000,000,000 | ---D | M] (rikaichan) -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Mozilla\Firefox\Profiles\gniumnok.default\extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82}

[2009/08/22 20:50:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Mozilla\Firefox\Profiles\gniumnok.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2007/10/27 10:23:31 | 000,000,000 | ---D | M] (Japanese-English Dictionary for rikaichan) -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Mozilla\Firefox\Profiles\gniumnok.default\extensions\{6D898772-AD34-4c16-86BB-9DE787A5DEA0}

[2007/10/18 23:03:23 | 000,000,000 | ---D | M] ("CSSViewer") -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Mozilla\Firefox\Profiles\gniumnok.default\extensions\{8be51513-0433-45c1-9203-7b45019df871}

[2008/01/12 09:33:07 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Mozilla\Firefox\Profiles\gniumnok.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2011/03/25 06:29:35 | 000,000,000 | ---D | M] (AOL Messaging Toolbar) -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Mozilla\Firefox\Profiles\gniumnok.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}

[2008/02/17 20:17:34 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Mozilla\Firefox\Profiles\gniumnok.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

[2011/03/25 19:15:53 | 000,001,490 | ---- | M] () -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Mozilla\Firefox\Profiles\gniumnok.default\searchplugins\AIM Search.xml

[2011/03/25 06:47:59 | 000,002,342 | ---- | M] () -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Mozilla\Firefox\Profiles\gniumnok.default\searchplugins\aol-search.xml

[2011/11/30 16:47:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2009/01/04 00:14:09 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2008/01/27 00:04:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

[2011/11/30 10:22:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2011/11/30 16:47:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

[2007/06/12 23:53:59 | 000,000,000 | ---D | M] (VideoDownloader) -- C:\Program Files\Mozilla Firefox\extensions\videodowloader@videodownloader.net

[2008/01/27 00:04:44 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRA~1\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

[2007/06/12 23:53:59 | 000,000,000 | ---D | M] (VideoDownloader) -- C:\PROGRA~1\MOZILLA FIREFOX\EXTENSIONS\VIDEODOWLOADER@VIDEODOWNLOADER.NET

[2009/01/04 00:14:04 | 000,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jar50.dll

[2009/01/04 00:14:04 | 000,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\jsd3250.dll

[2009/01/04 00:14:04 | 000,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\myspell.dll

[2009/01/04 00:14:08 | 000,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\spellchk.dll

[2009/01/04 00:14:08 | 000,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\xpinstal.dll

[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2009/07/07 16:20:42 | 000,061,440 | ---- | M] (AOL LLC) -- C:\Program Files\mozilla firefox\plugins\npdnu.dll

[2009/07/07 16:20:42 | 000,065,536 | ---- | M] (AOL LLC) -- C:\Program Files\mozilla firefox\plugins\npdnupdater2.dll

[2009/01/04 00:14:16 | 000,022,656 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll

[2009/06/23 19:26:24 | 000,239,432 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll

[2004/12/14 01:19:18 | 000,057,344 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll

[2007/05/16 22:59:45 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll

[2007/05/16 22:59:45 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll

[2007/05/16 22:59:45 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll

[2007/05/16 22:59:45 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll

[2007/05/16 22:59:45 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll

[2007/05/16 22:59:45 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll

[2007/05/16 22:59:45 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll

[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll

[2009/01/04 00:14:18 | 000,001,514 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml

[2009/01/04 00:14:18 | 000,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml

[2009/01/04 00:14:18 | 000,001,038 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml

[2009/01/04 00:14:18 | 000,001,046 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml

[2009/01/04 00:14:18 | 000,002,351 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Schiesty-ass m0f0\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\PROGRA~1\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\PROGRA~1\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\PROGRA~1\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\PROGRA~1\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\PROGRA~1\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\PROGRA~1\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\PROGRA~1\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\PROGRA~1\Mozilla Firefox\plugins\nppdf32.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Schiesty-ass m0f0\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Schiesty-ass m0f0\Local Settings\Application Data\Google\Chrome\Application\15.0.874.121\pdf.dll

CHR - plugin: downloadUpdater (Enabled) = C:\PROGRA~1\Mozilla Firefox\plugins\npdnu.dll

CHR - plugin: downloadUpdater2 (Enabled) = C:\PROGRA~1\Mozilla Firefox\plugins\npdnupdater2.dll

CHR - plugin: Pando Web Installer (Enabled) = C:\PROGRA~1\Mozilla Firefox\plugins\npPandoWebInst.dll

CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\PROGRA~1\Mozilla Firefox\plugins\npViewpoint.dll

CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Schiesty-ass m0f0\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll

CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

CHR - plugin: DivX\u00AE Web Player (Enabled) = C:\Program Files\DivX\DivX Web Player\npdivx32.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: avast! WebRep = C:\Documents and Settings\Schiesty-ass m0f0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1367_0\

O1 HOSTS File: ([2004/08/10 04:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)

O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (AOL Messaging Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (AOL Messaging Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O3 - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O3 - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)

O3 - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005\..\Toolbar\WebBrowser: (AOL Messaging Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL Inc.)

O4 - HKLM..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe (AOL LLC)

O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)

O4 - HKLM..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)

O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)

O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()

O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)

O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe ()

O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1175277761\ee\aolsoftware.exe (AOL LLC)

O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)

O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)

O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)

O4 - HKLM..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe (McAfee, Inc.)

O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)

O4 - HKLM..\Run: [sigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKU\.DEFAULT..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-18..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005..\Run: [F.lux] C:\Documents and Settings\Schiesty-ass m0f0\Local Settings\Apps\F.lux\flux.exe ()

O4 - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005..\Run: [Google Update] C:\Documents and Settings\Schiesty-ass m0f0\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)

O4 - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)

O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)

O4 - Startup: C:\Documents and Settings\Schiesty-ass m0f0\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: &Google Search - c:\program files\google\GoogleToolbar2.dll (Google Inc.)

O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: &Translate English Word - c:\program files\google\GoogleToolbar2.dll (Google Inc.)

O8 - Extra context menu item: Backward Links - c:\program files\google\GoogleToolbar2.dll (Google Inc.)

O8 - Extra context menu item: Cached Snapshot of Page - c:\program files\google\GoogleToolbar2.dll (Google Inc.)

O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Similar Pages - c:\program files\google\GoogleToolbar2.dll (Google Inc.)

O8 - Extra context menu item: Translate Page into English - c:\program files\google\GoogleToolbar2.dll (Google Inc.)

O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)

O9 - Extra Button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)

O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)

O15 - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)

O15 - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005\..Trusted Domains: apple.com ([www] http in Trusted sites)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} Reg Error: Key error. (Windows Genuine Advantage Validation Tool)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{93968D85-DEF1-45EB-870D-451EE1528CB3}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{93968D85-DEF1-45EB-870D-451EE1528CB3}: NameServer = 8.26.56.26,156.154.70.22

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ipp - No CLSID value found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll ()

O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL C:\WINDOWS\system32\guard32.dll) -C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll ()

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (logonui.exe) -C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)

O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)

O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)

O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)

O20 - Winlogon\Notify\NavLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found

O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)

O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)

O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

O24 - Desktop Components:0 (My Current Home Page) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Schiesty-ass m0f0\Application Data\IrfanView\IrfanView_Wallpaper.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Schiesty-ass m0f0\Application Data\IrfanView\IrfanView_Wallpaper.bmp

O29 - HKLM SecurityProviders - (msapsspc.dll) -C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (schannel.dll) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (digest.dll) -C:\WINDOWS\System32\digest.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (msnsspc.dll) -C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) -C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) -C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2005/08/16 03:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2001/12/19 00:14:24 | 000,000,123 | R--- | M] () - F:\autorun.inf -- [ CDFS ]

O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun

O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe

O33 - MountPoints2\F\Shell - "" = AutoRun

O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\.\KANAUST.exe -- [2002/04/04 23:50:00 | 000,360,448 | R--- | M] ()

O33 - MountPoints2\F\Shell\dxinst\command - "" = F:\.\dxsetup.exe -- [1999/09/09 03:56:36 | 000,322,320 | R--- | M] ()

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (lsdelete)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/06 09:29:09 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC

[2011/12/05 17:04:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Schiesty-ass m0f0\My Documents\My Videos

[2011/12/05 17:04:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Schiesty-ass m0f0\Start Menu\Programs\Administrative Tools

[2011/12/04 16:55:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Schiesty-ass m0f0\My Documents\USB Rescue 12-04-11 MOINK

[2011/11/30 17:32:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Schiesty-ass m0f0\Start Menu\Programs\Flux

[2011/11/30 16:47:06 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2011/11/30 16:47:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2011/11/30 16:47:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2011/11/30 10:40:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\OpenOffice.org

[2011/11/30 10:26:07 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3

[2011/11/30 10:23:04 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3

[2011/11/30 10:22:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun

[2011/11/30 10:22:25 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll

[2011/11/30 10:17:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Schiesty-ass m0f0\Desktop\OpenOffice.org 3.3 (en-US) Installation Files

[2011/11/29 11:03:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Schiesty-ass m0f0\My Documents\Downloads

[2011/11/29 08:52:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Schiesty-ass m0f0\Start Menu\Programs\Google Chrome

[2011/11/29 08:51:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Schiesty-ass m0f0\Local Settings\Application Data\Deployment

[2011/11/28 16:23:16 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Schiesty-ass m0f0\My Documents\mbam-setup-1.51.2.1300.exe

[2011/11/28 16:15:37 | 018,570,816 | ---- | C] (COMODO) -- C:\Documents and Settings\Schiesty-ass m0f0\My Documents\CCS_Setup_2.0.162151.21_xp_vista_server2003_win7.exe

[2011/11/28 16:08:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\COMODO

[2011/11/28 15:54:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Comodo

[2011/11/28 15:54:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\COMODO

[2011/11/28 15:54:02 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO

[2011/11/28 15:54:00 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gdiplus.dll

[2011/11/28 15:53:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Comodo Downloader

[2011/11/28 15:50:24 | 061,671,696 | ---- | C] (COMODO) -- C:\Documents and Settings\Schiesty-ass m0f0\My Documents\cfw_installer.exe

[2011/11/28 15:20:56 | 000,314,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2011/11/28 15:20:56 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2011/11/28 15:20:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus

[2011/11/28 15:20:54 | 000,435,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys

[2011/11/28 15:20:54 | 000,052,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2011/11/28 15:20:54 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2011/11/28 15:20:53 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2011/11/28 15:20:53 | 000,105,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2011/11/28 15:20:52 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2011/11/28 15:20:25 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2011/11/28 15:20:24 | 000,199,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2011/11/28 15:20:08 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software

[2011/11/28 15:20:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software

[2011/11/28 15:03:07 | 000,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys

[2011/11/28 15:03:01 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys

[2011/11/28 15:01:22 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/07 09:51:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/12/06 11:17:36 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/12/05 20:56:00 | 000,001,026 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1512592993-3724546266-2497526458-1005UA.job

[2011/12/05 17:12:32 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Microsoft\Internet Explorer\Quick Launch\COMODO GeekBuddy.lnk

[2011/12/05 17:12:32 | 000,000,899 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\COMODO GeekBuddy.lnk

[2011/12/04 12:11:15 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2011/12/02 08:56:01 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1512592993-3724546266-2497526458-1005Core.job

[2011/12/01 12:10:32 | 000,134,656 | ---- | M] () -- C:\Documents and Settings\Schiesty-ass m0f0\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/11/30 16:35:53 | 000,249,496 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011/11/30 10:41:11 | 000,000,864 | ---- | M] () -- C:\Documents and Settings\Schiesty-ass m0f0\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk

[2011/11/29 11:07:40 | 000,247,552 | ---- | M] () -- C:\Documents and Settings\Schiesty-ass m0f0\My Documents\gin.jpg

[2011/11/29 11:03:11 | 000,247,552 | ---- | M] () -- C:\Documents and Settings\Schiesty-ass m0f0\My Documents\gin1.jpg.crdownload

[2011/11/29 08:52:24 | 000,002,372 | ---- | M] () -- C:\Documents and Settings\Schiesty-ass m0f0\Desktop\Google Chrome.lnk

[2011/11/29 08:52:24 | 000,002,350 | ---- | M] () -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2011/11/28 16:23:18 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Schiesty-ass m0f0\My Documents\mbam-setup-1.51.2.1300.exe

[2011/11/28 16:15:49 | 018,570,816 | ---- | M] (COMODO) -- C:\Documents and Settings\Schiesty-ass m0f0\My Documents\CCS_Setup_2.0.162151.21_xp_vista_server2003_win7.exe

[2011/11/28 15:55:17 | 000,001,653 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\COMODO Firewall.lnk

[2011/11/28 15:54:01 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\gdiplus.dll

[2011/11/28 15:51:14 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn

[2011/11/28 15:50:51 | 061,671,696 | ---- | M] (COMODO) -- C:\Documents and Settings\Schiesty-ass m0f0\My Documents\cfw_installer.exe

[2011/11/28 15:39:16 | 000,442,894 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011/11/28 15:39:16 | 000,072,160 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011/11/28 15:32:05 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2011/11/28 15:20:56 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk

[2011/11/28 15:19:29 | 061,657,064 | ---- | M] () -- C:\Documents and Settings\Schiesty-ass m0f0\My Documents\setup_av_free_cnet.exe

[2011/11/28 13:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

[2011/11/28 13:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe

[2011/11/28 12:53:53 | 000,435,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys

[2011/11/28 12:53:35 | 000,314,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2011/11/28 12:52:19 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2011/11/28 12:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2011/11/28 12:52:02 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2011/11/28 12:51:59 | 000,105,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2011/11/28 12:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2011/11/28 12:48:49 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/30 10:41:11 | 000,000,864 | ---- | C] () -- C:\Documents and Settings\Schiesty-ass m0f0\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk

[2011/11/29 11:07:46 | 000,247,552 | ---- | C] () -- C:\Documents and Settings\Schiesty-ass m0f0\My Documents\gin.jpg

[2011/11/29 11:03:10 | 000,247,552 | ---- | C] () -- C:\Documents and Settings\Schiesty-ass m0f0\My Documents\gin1.jpg.crdownload

[2011/11/29 08:52:24 | 000,002,372 | ---- | C] () -- C:\Documents and Settings\Schiesty-ass m0f0\Desktop\Google Chrome.lnk

[2011/11/29 08:52:24 | 000,002,350 | ---- | C] () -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2011/11/29 08:51:46 | 000,001,026 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1512592993-3724546266-2497526458-1005UA.job

[2011/11/29 08:51:46 | 000,000,974 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1512592993-3724546266-2497526458-1005Core.job

[2011/11/28 15:55:17 | 000,001,653 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\COMODO Firewall.lnk

[2011/11/28 15:54:07 | 000,000,917 | ---- | C] () -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Microsoft\Internet Explorer\Quick Launch\COMODO GeekBuddy.lnk

[2011/11/28 15:54:07 | 000,000,899 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\COMODO GeekBuddy.lnk

[2011/11/28 15:20:56 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk

[2011/11/28 15:19:11 | 061,657,064 | ---- | C] () -- C:\Documents and Settings\Schiesty-ass m0f0\My Documents\setup_av_free_cnet.exe

[2011/01/30 19:26:14 | 000,007,856 | ---- | C] () -- C:\WINDOWS\extend.dat

[2010/06/26 08:53:25 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat

[2010/01/25 12:58:06 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll

[2009/01/19 21:11:11 | 000,000,038 | ---- | C] () -- C:\WINDOWS\scmate.ini

[2008/02/16 21:14:51 | 000,050,548 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2008/02/15 19:13:09 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat

[2007/12/14 11:32:52 | 000,012,632 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe

[2007/07/08 18:37:56 | 000,000,565 | ---- | C] () -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\AutoGK.ini

[2007/07/08 18:32:52 | 000,043,602 | ---- | C] () -- C:\WINDOWS\System32\xvid-uninstall.exe

[2007/06/12 23:56:56 | 000,001,421 | ---- | C] () -- C:\WINDOWS\mozver.dat

[2007/03/15 13:29:57 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\dvd.bmk

[2006/12/08 07:50:14 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2006/12/08 07:47:54 | 001,159,168 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2006/11/13 19:52:13 | 000,000,022 | ---- | C] () -- C:\WINDOWS\exchng.ini

[2006/11/13 19:52:12 | 000,000,723 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2006/10/16 19:14:03 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\CO_Mon.sys

[2006/10/13 11:30:10 | 000,668,976 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL

[2006/09/05 16:19:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI

[2006/07/31 05:28:32 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\PFP120JPR.{PB

[2006/07/31 05:28:32 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\PFP120JCM.{PB

[2006/07/13 11:03:36 | 000,134,656 | ---- | C] () -- C:\Documents and Settings\Schiesty-ass m0f0\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2006/07/10 14:24:13 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll

[2006/07/10 14:15:58 | 000,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys

[2006/07/10 14:12:48 | 000,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd3965.sys

[2006/07/04 12:41:00 | 000,000,900 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys

[2006/06/29 06:55:55 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\Schiesty-ass m0f0\Local Settings\Application Data\fusioncache.dat

[2006/06/21 08:28:29 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2006/06/21 08:21:33 | 000,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2006/06/21 08:17:28 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE

[2006/06/21 08:13:22 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2006/06/21 07:49:30 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe

[2006/06/21 07:49:26 | 000,095,617 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat

[2006/06/21 07:48:56 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2006/06/21 05:43:08 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe

[2006/06/21 05:43:05 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll

[2006/06/21 05:33:40 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll

[2005/11/29 15:17:16 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2005/11/10 07:56:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

[2005/08/16 03:48:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2005/08/16 03:38:45 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2005/08/16 03:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini

[2005/08/16 03:33:38 | 000,004,346 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2005/08/16 03:27:59 | 000,249,496 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2005/08/16 03:18:35 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2005/08/16 03:18:33 | 000,442,894 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2005/08/16 03:18:33 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2005/08/16 03:18:33 | 000,072,160 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2005/08/16 03:18:33 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2005/08/16 03:18:32 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2005/08/16 03:18:30 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2005/08/16 03:18:28 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2005/08/16 03:18:23 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2005/08/16 03:18:23 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2005/08/16 03:18:15 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2005/08/16 03:18:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2005/08/05 13:01:54 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2005/07/25 21:35:28 | 000,147,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\ar5523.bin

[2002/10/15 17:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll

[1996/11/17 00:00:00 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\WRKGADM.EXE

[1996/11/17 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\ODBCSTF.DLL

[1996/11/17 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL

[1996/11/17 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

========== LOP Check ==========

[2009/09/24 23:22:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore

[2011/03/25 06:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM

[2011/03/25 06:29:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM Toolbar

[2011/11/28 15:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software

[2011/11/28 15:42:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10

[2010/12/15 08:01:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files

[2005/08/16 19:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream

[2010/12/15 07:58:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData

[2009/06/23 19:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files

[2009/09/24 23:22:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint

[2006/06/29 19:13:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\.BitTornado

[2009/09/24 23:23:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\acccore

[2009/01/13 20:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Aegisub

[2006/06/29 19:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Aim

[2010/12/15 08:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\AVG10

[2011/11/28 15:05:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Azureus

[2007/07/26 18:01:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\IrfanView

[2006/07/27 19:03:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Leadertech

[2008/03/09 14:36:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\MP3Rocket

[2007/08/01 13:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Nexon

[2011/11/30 10:40:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\OpenOffice.org

[2007/06/18 22:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Opera

[2011/02/17 23:57:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Orbit

[2010/10/12 19:33:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Schiesty-ass m0f0\Application Data\Viewpoint

========== Purity Check ==========

========== Files - Unicode (All) ==========

[2007/09/23 18:26:54 | 000,000,426 | ---- | M] ()(C:\Documents and Settings\Schiesty-ass m0f0\My Documents\a??a?‡a??a??.txt) -- C:\Documents and Settings\Schiesty-ass m0f0\My Documents\作文ã¾ãŸ.txt

[2007/09/23 18:26:53 | 000,000,426 | ---- | C] ()(C:\Documents and Settings\Schiesty-ass m0f0\My Documents\a??a?‡a??a??.txt) -- C:\Documents and Settings\Schiesty-ass m0f0\My Documents\作文ã¾ãŸ.txt

(C:\Documents and Settings\All Users\Start Menu\Programs\?l?N?) -- C:\Documents and Settings\All Users\Start Menu\Programs\ƒlƒNƒ

< End of report >

MBRCheck ran, but would not produce a log. The results were as thus:nzgdoo.jpg

I notice that I'm starting to get fatal system errors within five minutes or so of booting up. :(

Extras.Txt

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Step 1

You have several installed and active antivirus programs on your system: AVG 2011, COMODO Internet Security, Ad-Aware 2007 and avast! Free Antivirus.

Several antivirus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having several anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash. Please remove three of them. I suggest you to leave avast! Free Antivirus only.

Step 2

I also see you have Viewpoint installed...

Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This will change from what we know in 2006 read this article: -http://www.clickz.com/news/article.php/3561546

I suggest you remove the program now. Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present.


  • Viewpoint
  • Viewpoint Manager
  • Viewpoint Media Player

Step 3

You have p2p software installed on your system, which is very dangerous and illegal. Please check our rules for piracy and uninstall Azureus and DC++:

http://forums.malwarebytes.org/index.php?showtopic=97700

Step 4

  • Run OTL.exe
  • Under Custom Scans/Fixes post the following script:

:OTL
:O4 - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005..\Run: [F.lux] C:\Documents and Settings\Schiesty-ass m0f0\Local Settings\Apps\F.lux\flux.exe ()

:Files
C:\Documents and Settings\Schiesty-ass m0f0\Local Settings\Apps\F.lux\flux.exe

:Commands
[purity]
[emptytemp]
[clearallrestorepoints]

  • Then click the Run Fix button at the top
  • Let the program run unhindered,when it is done it will say "Fix Complete press ok to open log".
  • Please post that log in your next reply.

Link to post
Share on other sites
Kircheis

Kircheis

Posted
  • Author
Posted

Step 1: Done! ...I hope. I've encountered difficulties trying to completely remove Ad-Aware and AVG in the past. I'd rather keep COMODO, if only for the extra firewall.

Step 2: Done!

Step 3: Done!

Step 4: Done! Here is the log:

All processes killed

========== OTL ==========

Error: Unable to interpret <:O4 - HKU\S-1-5-21-1512592993-3724546266-2497526458-1005..\Run: [F.lux] C:\Documents and Settings\Schiesty-ass m0f0\Local Settings\Apps\F.lux\flux.exe ()> in the current context!

========== FILES ==========

C:\Documents and Settings\Schiesty-ass m0f0\Local Settings\Apps\F.lux\flux.exe moved successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: AshLynx

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService

->Temp folder emptied: 66016 bytes

->Temporary Internet Files folder emptied: 197223 bytes

->Flash cache emptied: 476 bytes

User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33383 bytes

User: Schiesty-ass m0f0

->Temp folder emptied: 571374696 bytes

->Temporary Internet Files folder emptied: 10490248 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 7943132 bytes

->Google Chrome cache emptied: 7941571 bytes

->Flash cache emptied: 5522088 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 19569 bytes

%systemroot%\System32 .tmp files removed: 2577 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 12081558 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 39503155 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 9525803 bytes

RecycleBin emptied: 1561156 bytes

Total Files Cleaned = 635.00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.31.0 log created on 12082011_184440

Files\Folders moved on Reboot...

File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

However, the computer froze almost immediately after rebooting. I remain unable to run the system for more than ten minutes' time without a fatal system error.

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right

AVPfront.gif

Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan

avpsettings.gif

Allow AVP to delete all infections found

Once it has finished select report tab (last tab)

Select Detected threads report from the left and press Save button

Save it to your desktop and post to your next reply.

Link to post
Share on other sites
  • 2 weeks later...
  • Staff
screen317

screen317

Posted
  • Staff
Posted

Hi,

My apologies for the delay.

Maniac is away and I will be helping you instead.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Describe what issues you are currently experiencing.

-screen317

Link to post
Share on other sites
  • 1 month later...
  • Staff
screen317

screen317

Posted
  • Staff
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.