Jump to content

MoneyPak Virus Removal...


Recommended Posts

Hello All! :)

I am struggling with trying to remove this evil virus about the FBI and whatnot. I am using the Windows XP and can't get into anything other than recovery mode. Please help

This is what I get from the Farbar scan:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-05-2013

Ran by Marty Mahler (administrator) on 09-05-2013 08:58:36

Running from E:\

Microsoft Windows XP Service Pack 2 (X86) OS Language: English(US)

Internet Explorer Version 8

Boot Mode:

==================== Processes (Whitelisted) ===================

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe [77824 2002-07-30] (Symantec Corporation)

HKLM\...\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot [273544 2011-06-02] (RealNetworks, Inc.)

HKLM\...\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [729178 2005-06-24] (Synaptics, Inc.)

HKLM\...\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)

HKLM\...\Run: [sigmatelSysTrayApp] stsystra.exe [x]

HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)

HKLM\...\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall [1117184 2005-07-12] (McAfee, Inc.)

HKLM\...\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start [81920 2005-06-10] (InstallShield Software Corporation)

HKLM\...\Run: [intelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless [385024 2004-10-30] (Intel Corporation)

HKLM\...\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe [114688 2005-10-14] (Intel Corporation)

HKLM\...\Run: [HPUsageTracking] "C:\Program Files\Hewlett-Packard\HP UT\bin\hppusg.exe" "C:\Program Files\Hewlett-Packard\HP UT" [36864 2007-11-02] ()

HKLM\...\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)

HKLM\...\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [53248 2005-02-23] (CyberLink Corp.)

HKLM\...\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)

HKLM\...\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [483328 2008-04-23] (Adobe Systems Inc.)

HKLM\...\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe [127035 2004-12-06] (Sonic Solutions)

HKLM\...\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto [169984 2005-09-26] (Microsoft Corporation)

HKLM\...\Winlogon: [system]

Winlogon\Notify\IntelWireless: C:\Program Files\Intel\Wireless\Bin\LgNotify.dll [X]

Winlogon\Notify\NavLogon: C:\WINDOWS\system32\NavLogon.dll ()

Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)

HKCU\...\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [204288 2009-01-30] (Microsoft Corporation)

HKCU\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [68856 2009-07-30] (Google Inc.)

HKCU\...\Run: [EPSON NX510 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIA.EXE /FU "C:\WINDOWS\TEMP\E_SB9.tmp" /EF "HKCU" [x]

HKCU\...\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup [460784 2007-03-15] (Gteko Ltd.)

HKCU\...\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -update activex [706776 2013-03-20] (Adobe Systems Incorporated)

MountPoints2: D - D:\Setup.exe

MountPoints2: {2c75d216-2fc7-11e0-88a0-0014229a486d} - E:\AutoRun.exe

MountPoints2: {353cc250-0881-11dc-87b7-0014229a486d} - E:\LaunchU3.exe -a

HKU\Administrator\...\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe [x]

HKU\Administrator\...\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup [ 2007-03-15] (Gteko Ltd.)

HKU\Default User\...\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe [x]

HKU\Default User\...\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup [ 2007-03-15] (Gteko Ltd.)

HKU\Guest\...\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe [x]

HKU\Guest\...\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup [ 2007-03-15] (Gteko Ltd.)

HKU\Guest\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [ 2012-10-25] (Apple Inc.)

HKU\His\...\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe [x]

HKU\His\...\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup [ 2007-03-15] (Gteko Ltd.)

HKU\Kids\...\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe [x]

HKU\Kids\...\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup [ 2007-03-15] (Gteko Ltd.)

HKU\Kids\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [ 2012-10-25] (Apple Inc.)

HKU\Kids\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]

HKU\Kids\...\Run: [Google Update] "C:\Documents and Settings\Kids\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c [ 2013-03-08] (Google Inc.)

Startup: C:\Documents and Settings\Marty Mahler\Start Menu\Programs\Startup\Adobe Gamma.lnk

ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

URLSearchHook: (No Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

URLSearchHook: (No Name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - No File

URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

BHO: No Name - {00B18FB7-3818-4369-AB67-FFF8499AE2E8} - C:\WINDOWS\system32\avifil3232.dll No File

BHO: No Name - {0149EB0E-6718-4F76-A0C4-923483176DB2} - C:\WINDOWS\system32\avifil3232.dll No File

BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)

BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)

BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)

BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)

BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll (Google)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU -&Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)

Toolbar: HKCU -&Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)

Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU -Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKCU -No Name - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File

PDF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)

Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)

Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)

Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [245248] (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

========================== Services (Whitelisted) =================

S4 DefWatch; C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe [32768 2002-07-30] (Symantec Corporation)

S4 DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [76848 2007-03-07] ()

S4 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

S4 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

S4 McAfee SiteAdvisor Service; c:\PROGRA~1\mcafee\SITEAD~1\McSACore.exe [95232 2012-06-15] (McAfee, Inc.)

S4 NICCONFIGSVC; C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe [356352 2005-06-09] (Dell Inc.)

S4 Norton AntiVirus Server; C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe [573440 2002-07-30] (Symantec Corporation)

S4 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [360521 2004-09-07] (Intel Corporation )

S4 WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [225353 2004-09-07] (Intel® Corporation)

S4 gusvc; "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" [x]

S4 IDriverT32; C:\WINDOWS\system32\msdelta32.exe [x]

S4 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x]

S4 McNASvc32; C:\WINDOWS\system32\avifil3232.exe [x]

==================== Drivers (Whitelisted) ====================

R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [17056 2006-02-01] (Meetinghouse Data Communications)

R1 APPDRV; C:\Windows\SYSTEM32\DRIVERS\APPDRV.SYS [16128 2005-08-03] (Dell Inc)

R2 drvnddm; C:\Windows\System32\drivers\drvnddm.sys [40480 2004-11-23] (Sonic Solutions)

S3 DSproct; C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [4736 2006-10-05] (Gteko Ltd.)

R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [137728 2004-08-12] (Windows ® Server 2003 DDK provider)

R3 HSFHWAZL; C:\Windows\System32\DRIVERS\HSFHWAZL.sys [201600 2005-07-22] (Conexant Systems, Inc.)

R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSF_DPV.sys [1035008 2005-07-22] (Conexant Systems, Inc.)

R3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [1302812 2005-10-14] (Intel Corporation)

R3 IWCA; C:\Windows\System32\DRIVERS\iwca.sys [234496 2004-08-12] (Intel Corporation)

S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)

S3 NAVAP; C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAP.sys [218112 2002-06-19] (Symantec Corporation)

R2 NAVAPEL; C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAPEL.SYS [29184 2002-06-19] (Symantec Corporation)

S3 NAVENG; C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20101018.002\NAVENG.sys [86064 2010-10-18] (Symantec Corporation)

S3 NAVEX15; C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20101018.002\NAVEX15.sys [1371184 2010-10-18] (Symantec Corporation)

S3 pnetmdm; C:\Windows\System32\DRIVERS\pnetmdm.sys [9472 2006-09-28] (June Fabrics Technology)

R2 s24trans; C:\Windows\System32\DRIVERS\s24trans.sys [11354 2004-08-31] (Intel Corporation)

R1 sscdbhk5; C:\Windows\System32\drivers\sscdbhk5.sys [5627 2004-07-14] (Sonic Solutions)

R1 ssrtln; C:\Windows\System32\drivers\ssrtln.sys [23545 2004-07-14] (Sonic Solutions)

R3 STHDA; C:\Windows\System32\drivers\sthda.sys [1032472 2005-09-10] (SigmaTel, Inc.)

S3 SymEvent; C:\Program Files\Symantec\SYMEVENT.SYS [73224 2006-02-10] (Symantec Corporation)

R2 tfsnboio; C:\Windows\System32\dla\tfsnboio.sys [25883 2004-12-06] (Sonic Solutions)

R2 tfsncofs; C:\Windows\System32\dla\tfsncofs.sys [34843 2004-12-06] (Sonic Solutions)

R2 tfsndrct; C:\Windows\System32\dla\tfsndrct.sys [4123 2004-12-06] (Sonic Solutions)

R2 tfsndres; C:\Windows\System32\dla\tfsndres.sys [2239 2004-12-06] (Sonic Solutions)

R2 tfsnifs; C:\Windows\System32\dla\tfsnifs.sys [86586 2004-12-06] (Sonic Solutions)

R2 tfsnopio; C:\Windows\System32\dla\tfsnopio.sys [15227 2004-12-06] (Sonic Solutions)

R2 tfsnpool; C:\Windows\System32\dla\tfsnpool.sys [6363 2004-12-06] (Sonic Solutions)

R2 tfsnudf; C:\Windows\System32\dla\tfsnudf.sys [98714 2004-12-06] (Sonic Solutions)

R2 tfsnudfa; C:\Windows\System32\dla\tfsnudfa.sys [100603 2004-12-06] (Sonic Solutions)

R3 w29n51; C:\Windows\System32\DRIVERS\w29n51.sys [3210496 2004-10-21] (Intel® Corporation)

R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [10144 2004-04-14] (Logitech Inc.)

S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [21280 2004-04-14] (Logitech Inc.)

S3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [5600 2004-04-14] (Logitech Inc.)

R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [44064 2004-04-14] (Logitech Inc.)

S4 Abiosdsk; No ImagePath

S4 Atdisk; No ImagePath

S1 Changer; No ImagePath

S3 easytether; system32\DRIVERS\easytthr.sys [x]

S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x]

S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x]

S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x]

S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]

S1 lbrtfdc; No ImagePath

S1 PCIDump; No ImagePath

S3 PDCOMP; No ImagePath

S3 PDFRAME; No ImagePath

S3 PDRELI; No ImagePath

S3 PDRFRAME; No ImagePath

S4 Simbad; No ImagePath

S3 USBAAPL; System32\Drivers\usbaapl.sys [x]

S3 WDICA; No ImagePath

========================== Drivers MD5 =======================

C:\Windows\system32\DRIVERS\ABP480N5.SYS 6ABB91494FE6C59089B9336452AB2EA3

C:\Windows\System32\DRIVERS\ACPI.sys A10C7534F7223F4A73A948967D00E69B

C:\Windows\System32\Drivers\ACPIEC.sys 9859C0F6936E723E4892D7141B1327D5

C:\Windows\system32\DRIVERS\adpu160m.sys 9A11864873DA202C996558B2106B0BBC

C:\Windows\System32\drivers\aec.sys 1EE7B434BA961EF845DE136224C30FEC

C:\Windows\System32\DRIVERS\AegisP.sys 076394A345EE5E9E3911FC0F058F4F38

C:\Windows\System32\drivers\afd.sys 55E6E1C51B6D30E54335750955453702

C:\Windows\system32\DRIVERS\agp440.sys 2C428FA0C3E3A01ED93C9B2A27D8D4BB

C:\Windows\system32\DRIVERS\agpCPQ.sys 67288B07D6ABA6C1267B626E67BC56FD

C:\Windows\system32\DRIVERS\aha154x.sys C23EA9B5F46C7F7910DB3EAB648FF013

C:\Windows\system32\DRIVERS\aic78u2.sys 19DD0FB48B0C18892F70E2E7D61A1529

C:\Windows\system32\DRIVERS\aic78xx.sys B7FE594A7468AA0132DEB03FB8E34326

C:\Windows\system32\DRIVERS\aliide.sys 1140AB9938809700B46BB88E46D72A96

C:\Windows\system32\DRIVERS\alim1541.sys F312B7CEF21EFF52FA23056B9D815FAD

C:\Windows\system32\DRIVERS\amdagp.sys 675C16A3C1F8482F85EE4A97FC0DDE3D

C:\Windows\system32\DRIVERS\amsint.sys 79F5ADD8D24BD6893F2903A3E2F3FAD6

C:\Windows\SYSTEM32\DRIVERS\APPDRV.SYS EC94E05B76D033B74394E7B2175103CF

C:\Windows\System32\DRIVERS\arp1394.sys F0D692B0BFFB46E30EB3CEA168BBC49F

C:\Windows\system32\DRIVERS\asc.sys 62D318E9A0C8FC9B780008E724283707

C:\Windows\system32\DRIVERS\asc3350p.sys 69EB0CC7714B32896CCBFD5EDCBEA447

C:\Windows\system32\DRIVERS\asc3550.sys 5D8DE112AA0254B907861E9E9C31D597

C:\Windows\System32\DRIVERS\asyncmac.sys 02000ABF34AF4C218C35D257024807D6

C:\Windows\System32\DRIVERS\atapi.sys CDFE4411A69C224BD1D11B2DA92DAC51

C:\Windows\System32\DRIVERS\atmarpc.sys EC88DA854AB7D7752EC8BE11A741BB7F

C:\Windows\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68

C:\Windows\System32\DRIVERS\bcm4sbxp.sys C768C8A463D32C219CE291645A0621A4

C:\Windows\System32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9

C:\Windows\System32\DRIVERS\bridge.sys E4E6A0922E3D983728C9AD4E8D466954

C:\Windows\System32\DRIVERS\bridge.sys E4E6A0922E3D983728C9AD4E8D466954

C:\Windows\system32\DRIVERS\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9

C:\Windows\System32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9

C:\Windows\system32\DRIVERS\cd20xrnt.sys F3EC03299634490E97BBCE94CD2954C7

C:\Windows\System32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B

C:\Windows\System32\Drivers\Cdfs.sys CD7D5152DF32B47F4E36F710B35AAE02

C:\Windows\System32\DRIVERS\cdrom.sys AF9C19B3100FE010496B1A27181FBF72

C:\Windows\System32\DRIVERS\CmBatt.sys 4266BE808F85826AEDF3C64C1E240203

C:\Windows\system32\DRIVERS\cmdide.sys E5DCB56C533014ECBC556A8357C929D5

C:\Windows\System32\DRIVERS\compbatt.sys DF1B1A24BF52D0EBC01ED4ECE8979F50

C:\Windows\system32\DRIVERS\cpqarray.sys 3EE529119EED34CD212A215E8C40D4B6

C:\Windows\system32\DRIVERS\dac2w2k.sys E550E7418984B65A78299D248F0A7F36

C:\Windows\system32\DRIVERS\dac960nt.sys 683789CAA3864EB46125AE86FF677D34

C:\Windows\System32\DRIVERS\disk.sys 00CA44E4534865F8A3B64F7C0984BFF0

C:\Windows\System32\drivers\dmboot.sys C0FBB516E06E243F0CF31F597E7EBF7D

C:\Windows\System32\drivers\dmio.sys F5E7B358A732D09F4BCF2824B88B9E28

C:\Windows\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F

C:\Windows\System32\drivers\DMusic.sys A6F881284AC1150E37D9AE47FF601267

C:\Windows\system32\DRIVERS\dpti2o.sys 40F3B93B4E5B0126F2F5C0A7A5E22660

C:\Windows\System32\drivers\drmkaud.sys 1ED4DBBAE9F5D558DBBA4CC450E3EB2E

C:\Windows\System32\drivers\drvmcdb.sys E814854E6B246CCF498874839AB64D77

C:\Windows\System32\drivers\drvnddm.sys EE83A4EBAE70BC93CF14879D062F548B

C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys 413F2D5F9D802688242C23B38F767ECB

C:\Windows\System32\DRIVERS\dsunidrv.sys DFEABB7CFFFADEA4A912AB95BDC3177A

C:\Windows\System32\DRIVERS\e100b325.sys 3FCA03CBCA11269F973B70FA483C88EF

C:\Windows\System32\Drivers\Fastfat.sys 3117F595E9615E04F05A54FC15A03B20

C:\Windows\System32\DRIVERS\fdc.sys CED2E8396A8838E59D8FD529C680E02C

C:\Windows\System32\Drivers\Fips.sys E153AB8A11DE5452BCF5AC7652DBF3ED

C:\Windows\System32\DRIVERS\flpydisk.sys 0DD1DE43115B93F4D85E889D7A86F548

C:\Windows\System32\DRIVERS\fltMgr.sys 3D234FB6D6EE875EB009864A299BEA29

C:\Windows\System32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A

C:\Windows\System32\DRIVERS\ftdisk.sys 6AC26732762483366C3969C9E4D2259D

C:\Windows\System32\Drivers\GEARAspiWDM.sys 185ADA973B5020655CEE342059A86CBB

C:\Windows\System32\DRIVERS\msgpc.sys C0F1D4A21DE5A415DF8170616703DEBF

C:\Windows\System32\DRIVERS\HDAudBus.sys E31363D186B3E1D7C4E9117884A6AEE5

C:\Windows\System32\DRIVERS\hidusb.sys 1DE6783B918F540149AA69943BDFEBA8

C:\Windows\system32\DRIVERS\hpn.sys B028377DEA0546A5FCFBA928A8AEFAE0

C:\Windows\System32\DRIVERS\HSFHWAZL.sys 1C8CAA80E91FB71864E9426F9EED048D

C:\Windows\System32\DRIVERS\HSF_DPV.sys 698204D9C2832E53633E53A30A53FC3D

C:\Windows\System32\Drivers\HTTP.sys 9F8B0F4276F618964FD118BE4289B7CD

C:\Windows\System32\Drivers\i2omgmt.sys 8F09F91B5C91363B77BCD15599570F2C

C:\Windows\system32\DRIVERS\i2omp.sys ED6BF9E441FDEA13292A6D30A64A24C3

C:\Windows\System32\DRIVERS\i8042prt.sys 5502B58EEF7486EE6F93F3F164DCB808

C:\Windows\System32\DRIVERS\ialmnt5.sys 5A8E05F1D5C36ABD58CFFA111EB325EA

C:\Windows\System32\DRIVERS\imapi.sys F8AA320C6A0409C0380E5D8A99D76EC6

C:\Windows\system32\DRIVERS\ini910u.sys 4A40E045FAEE58631FD8D91AFC620719

C:\Windows\System32\DRIVERS\intelide.sys 2D722B2B54AB55B2FA475EB58D7B2AAD

C:\Windows\System32\DRIVERS\intelppm.sys 279FB78702454DFF2BB445F238C048D2

C:\Windows\System32\DRIVERS\Ip6Fw.sys 4448006B6BC60E6C027932CFC38D6855

C:\Windows\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182

C:\Windows\System32\DRIVERS\ipinip.sys E1EC7F5DA720B640CD8FB8424F1B14BB

C:\Windows\System32\DRIVERS\ipnat.sys E2168CBC7098FFE963C6F23F472A3593

C:\Windows\System32\DRIVERS\ipsec.sys 64537AA5C003A6AFEEE1DF819062D0D1

C:\Windows\System32\DRIVERS\irenum.sys 50708DAA1B1CBB7D6AC1CF8F56A24410

C:\Windows\System32\DRIVERS\isapnp.sys E504F706CCB699C2596E9A3DA1596E87

C:\Windows\System32\DRIVERS\iwca.sys 872D090CA5C306F62D1982BCE6302376

C:\Windows\System32\DRIVERS\kbdclass.sys EBDEE8A2EE5393890A1ACEE971C4C246

C:\Windows\System32\DRIVERS\kbdhid.sys E182FA8E49E8EE41B4ADC53093F3C7E6

C:\Windows\System32\drivers\kmixer.sys BA5DEDA4D934E6288C2F66CAF58D2562

C:\Windows\System32\Drivers\KSecDD.sys 1BE7CC2535D760AE4D481576EB789F24

C:\WINDOWS\system32\drivers\mbam.sys 4470E3C1E0C3378E4CAB137893C12C3A

C:\Windows\System32\DRIVERS\mdmxsdk.sys 3C318B9CD391371BED62126581EE9961

C:\Windows\System32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6

C:\Windows\System32\Drivers\Modem.sys 6FC6F9D7ACC36DCA9B914565A3AEDA05

C:\Windows\System32\DRIVERS\mouclass.sys 34E1F0031153E491910E12551400192C

C:\Windows\System32\DRIVERS\mouhid.sys B1C303E17FB9D46E87A98E4BA6769685

C:\Windows\System32\Drivers\MountMgr.sys 65653F3B4477F3C63E68A9659F85EE2E

C:\Windows\system32\DRIVERS\mraid35x.sys 3F4BB95E5A44F3BE34824E8E7CAF0737

C:\Windows\System32\DRIVERS\mrxdav.sys 29414447EB5BDE2F8397DC965DBB3156

C:\Windows\System32\DRIVERS\mrxsmb.sys FB6C89BB3CE282B08BDB1E3C179E1C39

C:\Windows\System32\Drivers\Msfs.sys 561B3A4333CA2DBDBA28B5B956822519

C:\Windows\System32\drivers\MSKSSRV.sys AE431A8DD3C1D0D0610CDBAC16057AD0

C:\Windows\System32\drivers\MSPCLOCK.sys 13E75FEF9DFEB08EEDED9D0246E1F448

C:\Windows\System32\drivers\MSPQM.sys 1988A33FF19242576C3D0EF9CE785DA7

C:\Windows\System32\DRIVERS\mssmbios.sys 469541F8BFD2B32659D5D463A6714BCE

C:\Windows\System32\Drivers\Mup.sys 82035E0F41C2DD05AE41D27FE6CF7DE1

C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAP.sys 70C4D2474833B6EF16342E5D33359FF6

C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAPEL.SYS F81A56A1BE2C0EA8C2FF320CD5DC9AAD

C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20101018.002\NAVENG.sys 49D802531E5984CF1FE028C6C129B9D8

C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20101018.002\NAVEX15.sys 158676A5758C1FA519563B3E72FBF256

C:\Windows\System32\Drivers\NDIS.sys 558635D3AF1C7546D26067D5D9B6959E

C:\Windows\System32\DRIVERS\ndistapi.sys 08D43BBDACDF23F34D79E44ED35C1B4C

C:\Windows\System32\DRIVERS\ndisuio.sys 34D6CD56409DA9A7ED573E1C90A308BF

C:\Windows\System32\DRIVERS\ndiswan.sys 0B90E255A9490166AB368CD55A529893

C:\Windows\System32\Drivers\NDProxy.sys 59FC3FB44D2669BC144FD87826BB571F

C:\Windows\System32\DRIVERS\netbios.sys 3A2ACA8FC1D7786902CA434998D7CEB4

C:\Windows\System32\DRIVERS\netbt.sys 0C80E410CD2F47134407EE7DD19CC86B

C:\Windows\System32\DRIVERS\nic1394.sys 5C5C53DB4FEF16CF87B9911C7E8C6FBC

C:\Windows\System32\Drivers\Npfs.sys 4F601BCB8F64EA3AC0994F98FED03F8E

C:\Windows\System32\Drivers\Ntfs.sys 19A811EF5F1ED5C926A028CE107FF1AF

C:\Windows\System32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD

C:\Windows\System32\DRIVERS\nv4_mini.sys 2B298519EDBFCF451D43E0F1E8F1006D

C:\Windows\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57

C:\Windows\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9

C:\Windows\System32\DRIVERS\ohci1394.sys 0951DB8E5823EA366B0E408D71E1BA2A

C:\Windows\System32\DRIVERS\parport.sys 29744EB4CE659DFE3B4122DEB45BC478

C:\Windows\System32\Drivers\PartMgr.sys 3334430C29DC338092F79C38EF7B4CD0

C:\Windows\System32\Drivers\ParVdm.sys 70E98B3FD8E963A6A46A2E6247E0BEA1

C:\Windows\System32\DRIVERS\pci.sys 8086D9979234B603AD5BC2F5D890B234

C:\Windows\System32\DRIVERS\pciide.sys CCF5F451BB1A5A2A522A76E670000FF0

C:\Windows\System32\Drivers\Pcmcia.sys 82A087207DECEC8456FBE8537947D579

C:\Windows\system32\DRIVERS\perc2.sys 6C14B9C19BA84F73D3A86DBA11133101

C:\Windows\system32\DRIVERS\perc2hib.sys F50F7C27F131AFE7BEBA13E14A3B9416

C:\Windows\System32\DRIVERS\pnetmdm.sys DA19E3401F39C10DF193BE029C7E7BBA

C:\Windows\System32\DRIVERS\raspptp.sys 1C5CC65AAC0783C344F16353E60B72AC

C:\Windows\System32\DRIVERS\psched.sys 48671F327553DCF1D27F6197F622A668

C:\Windows\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD

C:\Windows\System32\Drivers\PxHelp20.sys E42E3433DBB4CFFE8FDD91EAB29AEA8E

C:\Windows\system32\DRIVERS\ql1080.sys 0A63FB54039EB5662433CABA3B26DBA7

C:\Windows\system32\DRIVERS\ql10wnt.sys 6503449E1D43A0FF0201AD5CB1B8C706

C:\Windows\system32\DRIVERS\ql12160.sys 156ED0EF20C15114CA097A34A30D8A01

C:\Windows\system32\DRIVERS\ql1240.sys 70F016BEBDE6D29E864C1230A07CC5E6

C:\Windows\system32\DRIVERS\ql1280.sys 907F0AEEA6BC451011611E732BD31FCF

C:\Windows\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C

C:\Windows\System32\DRIVERS\rasl2tp.sys 98FAEB4A4DCF812BA1C6FCA4AA3E115C

C:\Windows\System32\DRIVERS\raspppoe.sys 7306EEED8895454CBED4669BE9F79FAA

C:\Windows\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242

C:\Windows\System32\DRIVERS\rdbss.sys 03B965B1CA47F6EF60EB5E51CB50E0AF

C:\Windows\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332

C:\Windows\System32\DRIVERS\rdpdr.sys A2CAE2C60BC37E0751EF9DDA7CEAF4AD

C:\Windows\System32\Drivers\RDPWD.sys B54CD38A9EBFBF2B3561426E3FE26F62

C:\Windows\System32\DRIVERS\redbook.sys B31B4588E4086D8D84ADBF9845C2402B

C:\Windows\System32\DRIVERS\rimmptsk.sys 24ED7AF20651F9FA1F249482E7C1F165

C:\Windows\System32\DRIVERS\rimsptsk.sys 1BDBA2D2D402415A78A4BA766DFE0F7B

C:\Windows\System32\DRIVERS\rixdptsk.sys F774ECD11A064F0DEBB2D4395418153C

C:\Windows\System32\Drivers\RootMdm.sys D8B0B4ADE32574B2D9C5CC34DC0DBBE7

C:\Windows\System32\DRIVERS\s24trans.sys 81AA6F0D6A2BE1C550F814B036215888

C:\Windows\System32\DRIVERS\sdbus.sys 02FC71B020EC8700EE8A46C58BC6F276

C:\Windows\System32\DRIVERS\secdrv.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\serenum.sys A2D868AEEFF612E70E213C451A70CAFB

C:\Windows\System32\DRIVERS\serial.sys CD9404D115A00D249F70A371B46D5A26

C:\Windows\System32\DRIVERS\sffdisk.sys 1D9F1BEC651815741F088A8FB88E17EE

C:\Windows\System32\DRIVERS\sffp_sd.sys 586499FD312FFD7F78553F408E71682E

C:\Windows\System32\DRIVERS\sfloppy.sys 0D13B6DF6E9E101013A7AFB0CE629FE0

C:\Windows\system32\DRIVERS\sisagp.sys 732D859B286DA692119F286B21A2A114

C:\Windows\system32\DRIVERS\sparrow.sys 83C0F71F86D3BDAF915685F3D568B20E

C:\Windows\System32\drivers\splitter.sys 0CE218578FFF5F4F7E4201539C45C78F

C:\Windows\System32\DRIVERS\sr.sys E41B6D037D6CD08461470AF04500DC24

C:\Windows\System32\DRIVERS\srv.sys 7A4F147CC6B133F905F6E65E2F8669FB

C:\Windows\System32\drivers\sscdbhk5.sys D7968049BE0ADBB6A57CEE3960320911

C:\Windows\System32\drivers\ssrtln.sys C3FFD65ABFB6441E7606CF74F1155273

C:\Windows\System32\drivers\sthda.sys 0467A93B1E7FDA167E01FDEC79783154

C:\Windows\System32\DRIVERS\swenum.sys 03C1BAE4766E2450219D20B993D6E046

C:\Windows\System32\drivers\swmidi.sys 94ABC808FC4B6D7D2BBF42B85E25BB4D

C:\Windows\system32\DRIVERS\symc810.sys 1FF3217614018630D0A6758630FC698C

C:\Windows\system32\DRIVERS\symc8xx.sys 070E001D95CF725186EF8B20335F933C

C:\Program Files\Symantec\SYMEVENT.SYS 275263F78EA934B98C16EB5749FF250D

C:\Windows\system32\DRIVERS\sym_hi.sys 80AC1C4ABBE2DF3B738BF15517A51F2C

C:\Windows\system32\DRIVERS\sym_u3.sys BF4FAB949A382A8E105F46EBB4937058

C:\Windows\System32\DRIVERS\SynTP.sys 643B3E821A00B2B6A35CC099CB9653A1

C:\Windows\System32\drivers\sysaudio.sys 650AD082D46BAC0E64C9C0E0928492FD

C:\Windows\System32\DRIVERS\tcpip.sys 2A5554FC5B1E04E131230E3CE035C3F9

C:\Windows\System32\Drivers\TDPIPE.sys 38D437CF2D98965F239B0ABCD66DCB0F

C:\Windows\System32\Drivers\TDTCP.sys ED0580AF02502D00AD8C4C066B156BE9

C:\Windows\System32\DRIVERS\termdd.sys A540A99C281D933F3D69D55E48727F47

C:\Windows\System32\dla\tfsnboio.sys 30698355067D07DA5F9EB81132C9FDD6

C:\Windows\System32\dla\tfsncofs.sys FB9D825BB4A2ABDF24600F7505050E2B

C:\Windows\System32\dla\tfsndrct.sys CAFD8CCA11AA1E8B6D2EA1BA8F70EC33

C:\Windows\System32\dla\tfsndres.sys 8DB1E78FBF7C426D8EC3D8F1A33D6485

C:\Windows\System32\dla\tfsnifs.sys B92F67A71CC8176F331B8AA8D9F555AD

C:\Windows\System32\dla\tfsnopio.sys 85985FAA9A71E2358FCC2EDEFC2A3C5C

C:\Windows\System32\dla\tfsnpool.sys BBA22094F0F7C210567EFDAF11F64495

C:\Windows\System32\dla\tfsnudf.sys 81340BEF80B9811E98CE64611E67E3FF

C:\Windows\System32\dla\tfsnudfa.sys C035FD116224CCC8325F384776B6A8BB

C:\Windows\system32\DRIVERS\toside.sys F2790F6AF01321B172AA62F8E1E187D9

C:\Windows\System32\Drivers\Udfs.sys 12F70256F140CD7D52C58C7048FDE657

C:\Windows\system32\DRIVERS\ultra.sys 1B698A51CD528D8DA4FFAED66DFC51B9

C:\Windows\System32\DRIVERS\update.sys CED744117E91BDC0BEB810F7D8608183

C:\Windows\System32\DRIVERS\usbccgp.sys BFFD9F120CC63BCBAA3D840F3EEF9F79

C:\Windows\System32\DRIVERS\usbehci.sys 15E993BA2F6946B2BFBBFCD30398621E

C:\Windows\System32\DRIVERS\usbhub.sys C72F40947F92CEA56A8FB532EDF025F1

C:\Windows\System32\DRIVERS\usbprint.sys A42369B7CD8886CD7C70F33DA6FCBCF5

C:\Windows\System32\DRIVERS\usbscan.sys A6BC71402F4F7DD5B77FD7F4A8DDBA85

C:\Windows\System32\DRIVERS\USBSTOR.SYS 6CD7B22193718F1D17A47A1CD6D37E75

C:\Windows\System32\DRIVERS\usbuhci.sys F8FD1400092E23C8F2F31406EF06167B

C:\Windows\System32\drivers\vga.sys 8A60EDD72B4EA5AEA8202DAF0E427925

C:\Windows\system32\DRIVERS\viaagp.sys D92E7C8A30CFD14D8E15B5F7F032151B

C:\Windows\system32\DRIVERS\viaide.sys 59CB1338AD3654417BEA49636457F65D

C:\Windows\System32\Drivers\VolSnap.sys EE4660083DEBA849FF6C485D944B379B

C:\Windows\System32\DRIVERS\w29n51.sys F0F902220910C4FBE42A51964BD33599

C:\Windows\System32\DRIVERS\wanarp.sys 984EF0B9788ABF89974CFED4BFBAACBC

C:\Windows\System32\Drivers\wdf01000.sys D918617B46457B9AC28027722E30F647

C:\Windows\System32\drivers\wdmaud.sys EFD235CA22B57C81118C1AEB4798F1C1

C:\Windows\System32\DRIVERS\HSF_CNXT.sys 74CF3F2E4E40C4A2E18D39D6300A5C24

C:\Windows\System32\DRIVERS\WinUSB.sys 30FC6E5448D0CBAAA95280EEEF7FEDAE

C:\Windows\System32\drivers\WmBEnum.sys BC3ECBCB40147BDAE3AD2FD0B4B346D8

C:\Windows\System32\drivers\WmFilter.sys 19F9881D8B3484FEDB605D0216876898

C:\Windows\System32\drivers\WmVirHid.sys 7A51545A6409A25EEDBDBD97D019E8CC

C:\Windows\System32\drivers\WmXlCore.sys 1F083B3BC73017E60C3CA85CF4A70753

C:\Windows\System32\DRIVERS\wpdusb.sys C60DC16D4E406810FAD54B98DC92D5EC

C:\Windows\System32\drivers\ws2ifsl.sys 6ABE6E225ADB5A751622A9CC3BC19CE8

C:\Windows\System32\DRIVERS\WudfPf.sys F15FEAFFFBB3644CCC80C5DA584E6311

C:\Windows\System32\DRIVERS\wudfrd.sys 28B524262BCE6DE1F7EF9F510BA3985B

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-05-08 16:12 - 2013-05-08 16:12 - 00000340 ___AC C:\Documents and Settings\All Users\Application Data\SMRResults322.dat

2013-05-05 07:42 - 2013-05-05 07:42 - 00049598 ____A C:\Documents and Settings\Marty Mahler\Desktop\FRST.txt

2013-05-05 07:42 - 2013-05-05 07:42 - 00016057 ____A C:\Documents and Settings\Marty Mahler\Desktop\Addition.txt

2013-05-05 07:29 - 2013-05-05 07:29 - 00000000 ___DC C:\FRST

2013-05-01 10:47 - 2013-05-01 10:58 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Max Secure

2013-05-01 10:35 - 2013-05-01 10:35 - 00000000 ____D C:\Documents and Settings\Marty Mahler\Local Settings\Application Data\Max Secure Software

2013-05-01 08:35 - 2013-05-01 08:35 - 00090112 ____A C:\Windows\Minidump\Mini050113-02.dmp

2013-05-01 08:22 - 2013-05-08 16:13 - 00002206 ____A C:\Windows\System32\wpa.dbl

2013-05-01 01:30 - 2013-05-01 01:30 - 00090112 ____A C:\Windows\Minidump\Mini050113-01.dmp

2013-05-01 01:18 - 2013-05-01 01:18 - 00000000 ____D C:\Documents and Settings\His\Application Data\Malwarebytes

2013-04-30 23:41 - 2013-05-01 00:02 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\HitmanPro

2013-04-30 22:28 - 2013-04-30 22:28 - 00090112 ____A C:\Windows\Minidump\Mini043013-03.dmp

2013-04-30 22:10 - 2013-05-01 20:46 - 00109648 ____A C:\Documents and Settings\Marty Mahler\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2013-04-30 21:06 - 2013-04-30 21:06 - 00000261 ____A C:\Documents and Settings\Marty Mahler\Desktop\Shortcut to NPE.lnk

2013-04-30 20:41 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys

2013-04-30 20:31 - 2013-05-08 16:10 - 00000000 ____D C:\Documents and Settings\Marty Mahler\Local Settings\Application Data\NPE

2013-04-30 20:24 - 2013-04-30 20:24 - 00090112 ____A C:\Windows\Minidump\Mini043013-02.dmp

2013-04-30 20:21 - 2013-04-30 20:21 - 00090112 ____A C:\Windows\Minidump\Mini043013-01.dmp

2013-04-30 20:17 - 2013-04-30 22:21 - 00000000 ____D C:\Documents and Settings\His\Application Data\Epson

2013-04-30 13:39 - 2013-04-30 22:21 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Norton

2013-04-29 14:29 - 2013-04-29 14:29 - 00090112 ____A C:\Windows\Minidump\Mini042913-04.dmp

2013-04-29 13:02 - 2013-05-01 07:38 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware

2013-04-29 13:02 - 2013-04-29 13:02 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Malwarebytes

2013-04-29 13:02 - 2013-04-29 13:02 - 00000000 ____D C:\Documents and Settings\Marty Mahler\Application Data\Malwarebytes

2013-04-29 12:42 - 2013-04-29 12:42 - 00090112 ____A C:\Windows\Minidump\Mini042913-03.dmp

2013-04-29 12:37 - 2013-04-29 12:37 - 00090112 ____A C:\Windows\Minidump\Mini042913-02.dmp

2013-04-29 12:31 - 2013-04-29 12:31 - 00090112 ____A C:\Windows\Minidump\Mini042913-01.dmp

2013-04-27 00:12 - 2013-04-27 00:12 - 00090112 ____A C:\Windows\Minidump\Mini042713-02.dmp

2013-04-27 00:07 - 2013-04-27 00:07 - 00090112 ____A C:\Windows\Minidump\Mini042713-01.dmp

2013-04-21 00:37 - 2013-04-21 00:37 - 00000000 ____D C:\Program Files\Cricket Broadband EC1705

2013-04-21 00:08 - 2013-04-21 00:07 - 00106496 ____A C:\Windows\Minidump\Mini042113-01.dmp

2013-04-20 23:44 - 2013-04-20 23:43 - 00106496 ____A C:\Windows\Minidump\Mini042013-02.dmp

2013-04-20 23:37 - 2013-04-20 23:37 - 00106496 ____A C:\Windows\Minidump\Mini042013-01.dmp

2013-04-18 15:49 - 2013-04-18 15:49 - 00106496 ____A C:\Windows\Minidump\Mini041813-03.dmp

2013-04-18 15:40 - 2013-04-18 15:40 - 00106496 ____A C:\Windows\Minidump\Mini041813-02.dmp

2013-04-18 15:35 - 2013-04-18 15:35 - 00106496 ____A C:\Windows\Minidump\Mini041813-01.dmp

2013-04-17 21:47 - 2013-04-17 21:47 - 00106496 ____A C:\Windows\Minidump\Mini041713-04.dmp

2013-04-17 21:14 - 2013-04-17 21:13 - 00106496 ____A C:\Windows\Minidump\Mini041713-03.dmp

2013-04-17 21:08 - 2013-04-17 21:08 - 00106496 ____A C:\Windows\Minidump\Mini041713-02.dmp

2013-04-17 21:04 - 2013-04-17 21:04 - 00106496 ____A C:\Windows\Minidump\Mini041713-01.dmp

2013-04-15 19:16 - 2013-04-15 19:16 - 00106496 ____A C:\Windows\Minidump\Mini041513-03.dmp

2013-04-15 19:11 - 2013-04-15 19:11 - 00106496 ____A C:\Windows\Minidump\Mini041513-02.dmp

2013-04-15 18:57 - 2013-04-15 18:57 - 00106496 ____A C:\Windows\Minidump\Mini041513-01.dmp

2013-04-12 09:10 - 2013-05-01 20:31 - 00000292 ____A C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2780628802-1949477118-2847970443-1005.job

2013-04-11 10:52 - 2013-04-11 10:51 - 00106496 ____A C:\Windows\Minidump\Mini041113-03.dmp

2013-04-11 10:46 - 2013-04-11 10:46 - 00106496 ____A C:\Windows\Minidump\Mini041113-02.dmp

2013-04-11 09:43 - 2013-04-11 09:43 - 00106496 ____A C:\Windows\Minidump\Mini041113-01.dmp

==================== One Month Modified Files and Folders ========

2013-05-08 16:15 - 2004-08-11 18:12 - 00000000 ____D C:\Windows\System32\Restore

2013-05-08 16:13 - 2013-05-01 08:22 - 00002206 ____A C:\Windows\System32\wpa.dbl

2013-05-08 16:13 - 2006-02-08 09:04 - 00000062 __ASH C:\Documents and Settings\Marty Mahler\Local Settings\desktop.ini

2013-05-08 16:13 - 2004-08-11 18:20 - 00000062 __ASH C:\Documents and Settings\NetworkService\Local Settings\desktop.ini

2013-05-08 16:12 - 2013-05-08 16:12 - 00000340 ___AC C:\Documents and Settings\All Users\Application Data\SMRResults322.dat

2013-05-08 16:11 - 2006-02-08 09:04 - 00000278 ___SH C:\Documents and Settings\Marty Mahler\ntuser.ini

2013-05-08 16:11 - 2004-08-11 18:13 - 01946622 ____A C:\Windows\WindowsUpdate.log

2013-05-08 16:10 - 2013-04-30 20:31 - 00000000 ____D C:\Documents and Settings\Marty Mahler\Local Settings\Application Data\NPE

2013-05-08 16:02 - 2006-02-01 05:13 - 00000211 ____A C:\boot.ini

2013-05-08 15:41 - 2012-11-30 00:22 - 00000000 ____D C:\Documents and Settings\Marty Mahler\My Documents\Stephies Files

2013-05-05 08:41 - 2012-04-12 18:48 - 00000000 ____D C:\Program Files\DivX

2013-05-05 07:42 - 2013-05-05 07:42 - 00049598 ____A C:\Documents and Settings\Marty Mahler\Desktop\FRST.txt

2013-05-05 07:42 - 2013-05-05 07:42 - 00016057 ____A C:\Documents and Settings\Marty Mahler\Desktop\Addition.txt

2013-05-05 07:29 - 2013-05-05 07:29 - 00000000 ___DC C:\FRST

2013-05-05 07:05 - 2007-10-17 16:15 - 01099527 ____A C:\Windows\setupapi.log

2013-05-01 21:47 - 2004-08-11 18:00 - 00000633 ____A C:\Windows\win.ini

2013-05-01 21:47 - 2004-08-11 18:00 - 00000246 ____A C:\Windows\system.ini

2013-05-01 20:46 - 2013-04-30 22:10 - 00109648 ____A C:\Documents and Settings\Marty Mahler\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2013-05-01 20:31 - 2013-04-12 09:10 - 00000292 ____A C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2780628802-1949477118-2847970443-1005.job

2013-05-01 20:31 - 2010-12-27 22:00 - 00000300 ____A C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2780628802-1949477118-2847970443-1005.job

2013-05-01 11:36 - 2004-08-11 18:06 - 00400424 ____A C:\Windows\System32\FNTCACHE.DAT

2013-05-01 11:12 - 2011-11-29 00:06 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software

2013-05-01 10:58 - 2013-05-01 10:47 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Max Secure

2013-05-01 10:35 - 2013-05-01 10:35 - 00000000 ____D C:\Documents and Settings\Marty Mahler\Local Settings\Application Data\Max Secure Software

2013-05-01 10:35 - 2010-12-05 18:35 - 00000000 ____D C:\Documents and Settings\Marty Mahler\Application Data\GetRightToGo

2013-05-01 08:35 - 2013-05-01 08:35 - 00090112 ____A C:\Windows\Minidump\Mini050113-02.dmp

2013-05-01 08:35 - 2012-12-24 02:12 - 00000000 ____D C:\Windows\Minidump

2013-05-01 08:33 - 2004-08-11 18:09 - 00000159 ____A C:\Windows\wiadebug.log

2013-05-01 08:33 - 2004-08-11 18:09 - 00000048 ____A C:\Windows\wiaservc.log

2013-05-01 08:33 - 2004-08-11 18:02 - 00000000 ____D C:\Windows\System32\ias

2013-05-01 08:32 - 2013-03-08 23:35 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-05-01 08:32 - 2013-02-21 21:24 - 00000276 ____A C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2780628802-1949477118-2847970443-1008.job

2013-05-01 08:32 - 2011-06-24 21:36 - 00000274 ____A C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2780628802-1949477118-2847970443-1007.job

2013-05-01 08:32 - 2011-01-23 10:23 - 00000278 ____A C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2780628802-1949477118-2847970443-1006.job

2013-05-01 08:32 - 2011-01-09 00:15 - 00000278 ____A C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2780628802-1949477118-2847970443-501.job

2013-05-01 08:32 - 2004-08-11 18:20 - 00031776 ____A C:\Windows\SchedLgU.Txt

2013-05-01 08:32 - 2004-08-11 18:20 - 00000062 __ASH C:\Documents and Settings\LocalService\Local Settings\desktop.ini

2013-05-01 08:32 - 2004-08-11 18:20 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2013-05-01 07:38 - 2013-04-29 13:02 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware

2013-05-01 01:54 - 2011-07-28 23:46 - 00000000 ____D C:\Windows\pss

2013-05-01 01:32 - 2004-08-11 18:11 - 00094754 ____A C:\Windows\wmsetup.log

2013-05-01 01:30 - 2013-05-01 01:30 - 00090112 ____A C:\Windows\Minidump\Mini050113-01.dmp

2013-05-01 01:23 - 2011-06-24 01:03 - 00000178 __ASH C:\Documents and Settings\His\ntuser.ini

2013-05-01 01:18 - 2013-05-01 01:18 - 00000000 ____D C:\Documents and Settings\His\Application Data\Malwarebytes

2013-05-01 01:17 - 2011-06-24 01:04 - 00000062 __ASH C:\Documents and Settings\His\Local Settings\desktop.ini

2013-05-01 01:09 - 2013-01-27 18:20 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-05-01 00:32 - 2007-04-18 11:58 - 00000000 __HDC C:\Windows\$NtUninstallKB930178$

2013-05-01 00:02 - 2013-04-30 23:41 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\HitmanPro

2013-04-30 22:28 - 2013-04-30 22:28 - 00090112 ____A C:\Windows\Minidump\Mini043013-03.dmp

2013-04-30 22:21 - 2013-04-30 20:17 - 00000000 ____D C:\Documents and Settings\His\Application Data\Epson

2013-04-30 22:21 - 2013-04-30 13:39 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Norton

2013-04-30 22:21 - 2011-06-24 01:03 - 00000000 ____D C:\Documents and Settings\His\Local Settings\Application Data\Google

2013-04-30 21:33 - 2011-01-23 10:44 - 00000000 __HDC C:\Windows\$NtUninstallKB974571$

2013-04-30 21:06 - 2013-04-30 21:06 - 00000261 ____A C:\Documents and Settings\Marty Mahler\Desktop\Shortcut to NPE.lnk

2013-04-30 20:24 - 2013-04-30 20:24 - 00090112 ____A C:\Windows\Minidump\Mini043013-02.dmp

2013-04-30 20:21 - 2013-04-30 20:21 - 00090112 ____A C:\Windows\Minidump\Mini043013-01.dmp

2013-04-30 16:20 - 2006-02-01 05:14 - 00013752 ____A C:\Windows\setupact.log

2013-04-30 14:54 - 2006-02-01 05:32 - 00000004 ___AC C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare

2013-04-29 14:29 - 2013-04-29 14:29 - 00090112 ____A C:\Windows\Minidump\Mini042913-04.dmp

2013-04-29 14:18 - 2012-12-08 10:25 - 00000062 __ASH C:\Documents and Settings\Kids\Local Settings\desktop.ini

2013-04-29 13:02 - 2013-04-29 13:02 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Malwarebytes

2013-04-29 13:02 - 2013-04-29 13:02 - 00000000 ____D C:\Documents and Settings\Marty Mahler\Application Data\Malwarebytes

2013-04-29 12:42 - 2013-04-29 12:42 - 00090112 ____A C:\Windows\Minidump\Mini042913-03.dmp

2013-04-29 12:37 - 2013-04-29 12:37 - 00090112 ____A C:\Windows\Minidump\Mini042913-02.dmp

2013-04-29 12:31 - 2013-04-29 12:31 - 00090112 ____A C:\Windows\Minidump\Mini042913-01.dmp

2013-04-29 09:31 - 2013-03-09 10:26 - 00000922 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2780628802-1949477118-2847970443-1008Core.job

2013-04-27 00:12 - 2013-04-27 00:12 - 00090112 ____A C:\Windows\Minidump\Mini042713-02.dmp

2013-04-27 00:07 - 2013-04-27 00:07 - 00090112 ____A C:\Windows\Minidump\Mini042713-01.dmp

2013-04-22 20:12 - 2011-06-24 21:36 - 00000282 ____A C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2780628802-1949477118-2847970443-1007.job

2013-04-21 08:22 - 2013-04-03 21:44 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1

2013-04-21 08:22 - 2011-11-04 23:12 - 00000000 ____D C:\Program Files\iTunes

2013-04-21 08:22 - 2010-12-03 20:50 - 00000000 ____D C:\Program Files\Common Files\Apple

2013-04-21 07:47 - 2012-12-11 21:48 - 00000000 ____D C:\Program Files\Hewlett-Packard

2013-04-21 00:37 - 2013-04-21 00:37 - 00000000 ____D C:\Program Files\Cricket Broadband EC1705

2013-04-21 00:29 - 2011-02-03 13:55 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\DatacardService

2013-04-21 00:27 - 2012-12-11 21:50 - 00063938 ____A C:\Windows\DPINST.LOG

2013-04-21 00:25 - 2012-12-16 20:26 - 00000000 ____D C:\Program Files\Common Files\AVSMedia

2013-04-21 00:07 - 2013-04-21 00:08 - 00106496 ____A C:\Windows\Minidump\Mini042113-01.dmp

2013-04-20 23:43 - 2013-04-20 23:44 - 00106496 ____A C:\Windows\Minidump\Mini042013-02.dmp

2013-04-20 23:37 - 2013-04-20 23:37 - 00106496 ____A C:\Windows\Minidump\Mini042013-01.dmp

2013-04-18 16:12 - 2006-02-01 05:28 - 00000000 ___HD C:\Program Files\InstallShield Installation Information

2013-04-18 16:11 - 2006-02-01 05:34 - 00000000 ____D C:\Program Files\Sonic

2013-04-18 16:11 - 2004-08-11 18:02 - 00000000 ____D C:\Windows\twain_32

2013-04-18 15:59 - 2004-08-11 18:11 - 00000000 ____D C:\Windows\Registration

2013-04-18 15:49 - 2013-04-18 15:49 - 00106496 ____A C:\Windows\Minidump\Mini041813-03.dmp

2013-04-18 15:40 - 2013-04-18 15:40 - 00106496 ____A C:\Windows\Minidump\Mini041813-02.dmp

2013-04-18 15:35 - 2013-04-18 15:35 - 00106496 ____A C:\Windows\Minidump\Mini041813-01.dmp

2013-04-17 21:47 - 2013-04-17 21:47 - 00106496 ____A C:\Windows\Minidump\Mini041713-04.dmp

2013-04-17 21:13 - 2013-04-17 21:14 - 00106496 ____A C:\Windows\Minidump\Mini041713-03.dmp

2013-04-17 21:08 - 2013-04-17 21:08 - 00106496 ____A C:\Windows\Minidump\Mini041713-02.dmp

2013-04-17 21:04 - 2013-04-17 21:04 - 00106496 ____A C:\Windows\Minidump\Mini041713-01.dmp

2013-04-17 20:28 - 2011-01-23 10:23 - 00000286 ____A C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2780628802-1949477118-2847970443-1006.job

2013-04-17 20:02 - 2011-08-09 09:51 - 00000284 ____A C:\Windows\Tasks\AppleSoftwareUpdate.job

2013-04-15 19:16 - 2013-04-15 19:16 - 00106496 ____A C:\Windows\Minidump\Mini041513-03.dmp

2013-04-15 19:11 - 2013-04-15 19:11 - 00106496 ____A C:\Windows\Minidump\Mini041513-02.dmp

2013-04-15 18:57 - 2013-04-15 18:57 - 00106496 ____A C:\Windows\Minidump\Mini041513-01.dmp

2013-04-11 11:50 - 2006-02-01 05:35 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\GTek

2013-04-11 11:40 - 2004-08-11 18:14 - 00002577 ___AC C:\Windows\System32\CONFIG.NT

2013-04-11 11:25 - 2006-02-01 05:32 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Adobe

2013-04-11 10:51 - 2013-04-11 10:52 - 00106496 ____A C:\Windows\Minidump\Mini041113-03.dmp

2013-04-11 10:46 - 2013-04-11 10:46 - 00106496 ____A C:\Windows\Minidump\Mini041113-02.dmp

2013-04-11 09:43 - 2013-04-11 09:43 - 00106496 ____A C:\Windows\Minidump\Mini041113-01.dmp

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe

[2004-08-11 18:00] - [2007-06-13 05:23] - 1033216 ____A (Microsoft Corporation) 97bd6515465659ff8f3b7be375b2ea87

C:\Windows\System32\winlogon.exe

[2004-08-11 18:00] - [2004-08-04 06:00] - 0502272 ____A (Microsoft Corporation) 01c3346c241652f43aed8e2149881bfe

C:\Windows\System32\svchost.exe

[2004-08-11 18:00] - [2004-08-04 06:00] - 0014336 ____A (Microsoft Corporation) 8f078ae4ed187aaabc0a305146de6716

C:\Windows\System32\services.exe

[2004-08-11 18:00] - [2009-02-06 05:22] - 0110592 ____A (Microsoft Corporation) 4712531ab7a01b7ee059853ca17d39bd

C:\Windows\System32\User32.dll

[2004-08-11 18:00] - [2007-03-08 10:36] - 0577536 ____A (Microsoft Corporation) b409909f6e2e8a7067076ed748abf1e7

C:\Windows\System32\userinit.exe

[2004-08-11 18:00] - [2004-08-04 06:00] - 0024576 ____A (Microsoft Corporation) 39b1ffb03c2296323832acbae50d2aff

C:\Windows\System32\Drivers\volsnap.sys

[2004-08-11 18:00] - [2004-08-04 06:00] - 0052352 ____A (Microsoft Corporation) ee4660083deba849ff6c485d944b379b

==================== End Of Log ============================

Thanks in Advance!

Link to post
Share on other sites

OK, I see you tried running Hitman pro, did you succeed in running it?

Sometimes that program will prevent windows from booting.

---------------

Here's what I would like you to do, you'll be scanning with FRST and OTLPE:

You'll need a usb flash drive and be able to burn a cd.

The cd I would like you to create is OTLPE:

Download OTLPE from HERE

Now put a blank cd-r in your burner and double click on OTLPEStd.exe, it will automatically burn the cd. (burn it at a slow speed to avoid errors)

You will also need to download Farbar Recovery Scan Tool, or FRST and copy it to your flash drive.

Once you have the cd created, boot the computer up using it.

Note : If you do not know how to set your computer to boot from CD follow the steps here

Plug in the flash drive and navigate to it.

Run FRST and click on Scan

When the scan completes.....

It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Don't quite OTLPE yet....

-------------------------

Now OTLPE also has a built in scanner called OTL which I also want you to run:

It's going to go something like this when OTLPE loads:

  • Your system should now display a REATOGO-X-PE desktop.
  • Double-click on the OTLPE icon.
  • Select the Windows folder of the infected drive if it asks for a location
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start.
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive if you do not have internet connection on this system
  • Please post the contents of the C:\OTL.txt file in your reply.

MrC

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.